Support non-VGA framebuffers for Xen dom0. This is mandatory for graphic
console on EFI-only hardware.
Add a xen_genfb_getbtinfo() function which will return a btinfo_framebuffer
structure, filled in with parameters provided by Xen
when runing as a Xen dom0, call xen_genfb_getbtinfo() instead of
lookup_bootinfo(BTINFO_FRAMEBUFFER) when adding properties to the
PCI graphic device (when genfb is attached) and in x86_genfb_init()
when genfb is used as console.
x86/x86/consinit.c: If running as a Xen dom0, use xen_genfb_getbtinfo()
to check if we have a genfb console
xen/x86/consinit.c: support genfb as possible console
xen/x86/consinit.c: use the hypervior IO as console until a better one
is found. If the hypervisor is using a serial port for boot messages,
we'll get NetBSD's boot message on the serial port too until
the real console takes over.
xen/x86/autoconf.c: rework device_register() to be closer to the x86 version.
Especially make sure that device_pci_register() is called.

branches: 1.25.20;
Introduce Xen PVH support in GENERIC.
This is compiled in with
options XENPVHVM
x86 changes:
- add Xen section and xen pvh entry points to locore.S. Set vm_guest
to VM_GUEST_XENPVH in this entry point.
Most of the boot procedure (especially page table setup and switch to
paged mode) is shared with native.
- change some x86_delay() to delay_func(), which points to x86_delay() for
native/HVM, and xen_delay() for PVH

Xen changes:
- remove Xen bits from init_x86_64_ksyms() and init386_ksyms()
and move to xen_init_ksyms(), used for both PV and PVH
- set ISA no-legacy-devices property for PVH
- factor out code from Xen's cpu_bootconf() to xen_bootconf()
in xen_machdep.c
- set up a specific pvh_consinit() which starts with printk()
(which uses a simple hypercall that is available early) and switch to
xencons when we can use pmap_kenter_pa().

Merge the bouyer-xenpvh branch, bringing in Xen PV drivers support under HVM
guests in GENERIC.
Xen support can be disabled at runtime with
boot -c
disable hypervisor

branches: 1.23.8;
Added drivers for Hyper-V Synthetic Keyboard and Video device.

Sprinkle DPRINTF #ifdef DEBUG_GEOM and set booted_method like arch/x86/x86/x86_autoconf.c

As discussed 1 week ago on port-xen.

This change modifies the mainbus(4) entry point for all x86 sub-archs
in the following way:

i) It provides a unified entry point in
x86/x86/mainbus.c:mainbus_attach()
ii) It carves out the preliminary bus attachment sequence that is
common to all sub-archs into
x86/x86/mainbus.c: x86_cpubus_attach()
iii) It consolidates the remaining pathways as internal callee
functions so that these may be called piecemeal if required. A
special usecase of this is XEN PVHVM which may need to call the
native configure path, the xen configure path, or both.
iv) It moves the driver private data structures from
i386/i386_mainbus.c to an x86/ level one. This allows for other
sub-arch's to do similar, if needed. (They do not at the moment).
v) For dom0 kernels, it enables 'acpi0 at mainbus?' and
'acpi0 at hypervisorbus'. This serves two purposes:
a) To demonstrate the possibility of dynamic configuration tree
traversal ordering changes.
b) To allow for the common acpi_check(self, "acpibus") call in
x86/mainbus.c to not barf when it is called from the dom0 attach
path. We allow for the acpi0 device to be a child of mainbus with
the changes to amd64/conf/XEN3_DOM0 and i386/conf/XEN3PAE_DOM0
without actually probing further in the code. This path will later
be pursued in a PVHVM boot codepath.

There should be no operative changes with this change. If there are,
please complain loudly.

Support bootspec.

branches: 1.19.2; 1.19.4;
Remove the remaining parts of compat_oldboot.

branches: 1.18.2;
x86: hypervisor detection from FreeBSD for x2APIC support.

branches: 1.17.6;
Change findroot() to cpu_bootconf() since this is what it does. Remove bogus
comment.

branches: 1.16.2;
Remove all references to KVM86.
It was only ever used by APMBIOS - and then only if an option was selected.
Probably didn't work well at all!

branches: 1.15.2;
Do not call setroot() from MD code and from MI code, which has
unwanted sideeffects in the RB_ASKNAME case. This fixes PR/46732.

No longer wrap MD cpu_rootconf(), as hp300 port stores reboot information
as a side effect. Instead call MI rootconf() from MD code which makes
rootconf() now a wrapper to setroot().

Adjust several MD routines to set the global booted_device,booted_partition
variables instead of passing partial information to setroot().

Make cpu_rootconf(9) describe the calling order.

Make detection of root on wedges (dk(4)) machine independent. Remove
MD code for x86, xen, sparc64.

branches: 1.13.12; 1.13.18;
- Use uvm_lwp_setuarea() instead of directly setting address to lwp_t::l_addr.
- Replace most remaining uses of l_addr with uvm_lwp_getuarea() or lwp_getpcb().
- Amend assembly in ports where it accesses PCB via struct user.
- Rename L_ADDR to L_PCB in few places. Reduce sys/user.h inclusions.

Catch-up Xen and usermode with lwp_getpcb() and unbreak Xen build.

Use deviter(9) instead of accessing alldevs directly.

remove Xen2 support.
ok bouyer@

Make Dom0/DomU boot with root-on-nfs when 'bootdev' parameter is missing or wrong.
In this case, we get prompted for the root device.
Make sure that nfs_bootstatic_callback is initialized or we will miss the nfsroot bootparameter,
causing a boot failure even when root device is correct.

branches: 1.8.2;
remove unused malloc.h

branches: 1.7.2;
change nfs boot behaviour to automatically try next boot method if boot information are incomplete to succeed.
That way, it is possible combine static and dhcp boot:
For example, to boot diskless you can specify the nfs-server and the rootpath statically. All other information will be taken via dhcp.

Patch has been presented on port-xen, tech-kern and tech-net:
http://mail-index.netbsd.org/port-xen/2008/10/24/msg004488.html
http://mail-index.netbsd.org/tech-kern/2008/10/24/msg003255.html
http://mail-index.netbsd.org/tech-net/2008/10/24/msg000864.html

No comments, no objections.

branches: 1.6.2;
findroot(): set booted_device also when specifying a network device to bootdev.
Useful for booting with root on nfs.

struct device * -> device_t

introduce two macros: xendomain_is_dom0() and xendomain_is_privileged(). Use them.

branches: 1.3.4; 1.3.10;
use aprint_*_dev and device_xname

branches: 1.2.2; 1.2.4; 1.2.8; 1.2.16; 1.2.22;
Pull up the bouyer-xenamd64 branch to HEAD. This brings in amd64 support
to NetBSD/Xen, both Dom0 and DomU.

branches: 1.1.2; 1.1.4;
file autoconf.c was initially added on branch bouyer-xenamd64.

tweak x86 bus_dma code so that it can be used by xen port.

- distinguish paddr_t and bus_addr_t.
for xen, use bus_addr_t in the sense of machine address.
- move _X86_BUS_DMA_PRIVATE part of bus.h into bus_private.h.
- remove special handling of xen_shm. we can always grab
machine address from pte.

branches: 1.4.2;
merge yamt-km branch.
- don't use managed mappings/backing objects for wired memory allocations.
save some resources like pv_entry. also fix (most of) PR/27030.
- simplify kernel memory management API.
- simplify pmap bootstrap of some ports.
- some related cleanups.

branches: 1.3.2;
Update to new bus_dma semantics.

Merge the bouyer-xen2 branch. This add supports for the Xen 2.0 virtual
machine kernel (both privileged and non-privileged domains), and remove support
for the old xen 1.2.

branches: 1.1.2; 1.1.4;
file bus_dma.c was initially added on branch bouyer-xen2.

x86 changes for pcc and LKMs.

- Replace most inline assembly with proper functions. As a side effect
this reduces the size of amd64 GENERIC by about 120kB, and i386 by a
smaller amount. Nearly all of the inlines did something slow, or something
that does not need to be fast.
- Make curcpu() and curlwp functions proper, unless __GNUC__ && _KERNEL.
In that case make them inlines. Makes curlwp LKM and preemption safe.
- Make bus_space and bus_dma more LKM friendly.
- Share a few more files between the ports.
- Other minor changes.

branches: 1.8.2; 1.8.10; 1.8.18; 1.8.20; 1.8.22;
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.

TRUE -> true, FALSE -> false

branches: 1.6.24;
Snapshot of work in progress on NetBSD port to Xen3:
- kernel (both dom0 and domU) boot, console is functionnal and it can starts
software from a ramdisk
- there is no driver front-end expect console for domU yet.
- dom0 can probe devices and ex(4) work when Xen3 is booted without acpi
and apic support. But the on-board IDE doens't get interrupts.
The PCI code still needs work (it's hardcoded to mode 1). Some of this
code should be shared with ../x86
The physical insterrupt code needs to get MPBIOS and ACPI support, and
do interrupt routing to properly interract with Xen.
To enable Xen-3.0 support, add
options XEN3
to your kernel config file (this will disable Xen2 support)
Changes affecting Xen-2.0 support (no functionnal changes intended):
- get more constants from genassym for assembly code
- remove some unneeded registers move from start()
- map the shared info page from start(), and remove the pte = 0xffffffff hack
- vector.S: in hypervisor_callback() make sure %esi points to
HYPERVISOR_shared_info before accessing the info page. Remplace some
hand-written assembly with the equivalent macro defined in frameasm.h
- more debug code, dissabled by default.

while here added my copyright on some files I worked on in 2005.

branches: 1.5.2;
bus_dmamem_map: honour BUS_DMA_NOWAIT. noted by Manuel Bouyer.
bus_space_map: always do NOWAIT allocation as it used to be before yamt-km.

we have too many copies!

branches: 1.4.2; 1.4.8;
merge yamt-km branch.
- don't use managed mappings/backing objects for wired memory allocations.
save some resources like pv_entry. also fix (most of) PR/27030.
- simplify kernel memory management API.
- simplify pmap bootstrap of some ports.
- some related cleanups.

Merge the bouyer-xen2 branch. This add supports for the Xen 2.0 virtual
machine kernel (both privileged and non-privileged domains), and remove support
for the old xen 1.2.

branches: 1.2.2; 1.2.4; 1.2.8; 1.2.10; 1.2.12;
Rework the physical<->machine memory mapping: offset physical addresses
by 0x100000 (above the I/O Memory "hole") leaving all physical addresses
below unused, don't perform phys<->mach mapping for addresses below 0x100000
or beyond the real hardware's physical memory.

-> /dev/mem works now as expected and X works in domain0.

Make bus_space map machine addresses instead of physical addresses.

Support non-VGA framebuffers for Xen dom0. This is mandatory for graphic
console on EFI-only hardware.
Add a xen_genfb_getbtinfo() function which will return a btinfo_framebuffer
structure, filled in with parameters provided by Xen
when runing as a Xen dom0, call xen_genfb_getbtinfo() instead of
lookup_bootinfo(BTINFO_FRAMEBUFFER) when adding properties to the
PCI graphic device (when genfb is attached) and in x86_genfb_init()
when genfb is used as console.
x86/x86/consinit.c: If running as a Xen dom0, use xen_genfb_getbtinfo()
to check if we have a genfb console
xen/x86/consinit.c: support genfb as possible console
xen/x86/consinit.c: use the hypervior IO as console until a better one
is found. If the hypervisor is using a serial port for boot messages,
we'll get NetBSD's boot message on the serial port too until
the real console takes over.
xen/x86/autoconf.c: rework device_register() to be closer to the x86 version.
Especially make sure that device_pci_register() is called.

xen: declare 'default_consinfo' as extern in a header

this makes pvh_consinit.c actually compile with CONS_OVERRIDE set.
i didn't see any good header to add to (bootinfo.h and cpu.h both
seem to be poor choices but were considered), hence the new one
with just this definition.

branches: 1.16.68;
Adapt to the changed signature of pckbc_cnattach().

branches: 1.15.2; 1.15.12;
#include <sys/bus.h> instead of <machine/bus.h>.

On x86, change the bus_space_tag_t to a pointer to a struct
bus_space_tag. For now, bus_space_tag's only member is
bst_type, the type of space, which is either X86_BUS_SPACE_IO
or X86_BUS_SPACE_MEM. In the future, new bus_space_tag members
will refer to override-functions installed by a new function,
bus_space_tag_create(9).

Add pointers to constant struct bus_space_tag, x86_bus_space_io and
x86_bus_space_mem. Use them to replace most uses of X86_BUS_SPACE_IO
and X86_BUS_SPACE_MEM.

Add an x86-specific bus_space_is_equal(9) implementation that compares
the two tags' bst_type.

branches: 1.13.2; 1.13.4;
Ansify function definitions w/o arguments. Generated with sed.

ansify function definitions

branches: 1.11.2; 1.11.8;
introduce two macros: xendomain_is_dom0() and xendomain_is_privileged(). Use them.

branches: 1.10.14; 1.10.18; 1.10.24;
Pull up the bouyer-xenamd64 branch to HEAD. This brings in amd64 support
to NetBSD/Xen, both Dom0 and DomU.

Remove pccons.

branches: 1.8.6; 1.8.22; 1.8.24; 1.8.28; 1.8.30;
Remove more duplicate headers.
Patch by Slava Semushin <slava.semushin@gmail.com>

Again, this was tested by comparing obj files from a pristine and a patched
source tree against an i386/ALL kernel, and also for src/sbin/fsck_ffs,
src/sbin/fsdb and src/usr.sbin/makefs. Only changes in assert() line numbers
were detected in 'objdump -d' output.

Remove extra ) causing compile failure when CONS_OVERRIDE is defined.
From Hideo Masuda in PR port-xen/35217.

branches: 1.6.20; 1.6.22; 1.6.24;
merge ktrace-lwp.

branches: 1.5.2;
Allow compiling a domain0 kernel with vga but without pckbc, and add
console support for USB keyboard. Problem pointed out by Karl Janmar on
port-xen.

branches: 1.4.2;
Merge the bouyer-xen2 branch. This add supports for the Xen 2.0 virtual
machine kernel (both privileged and non-privileged domains), and remove support
for the old xen 1.2.

branches: 1.3.2; 1.3.6; 1.3.8; 1.3.10;
Enable keyboard and vga display as console when running as domain-0.

Consistently use xencons for eveything reffering to Xen's virtual console.

rename arch/xen/xen/console.c -> arch/xen/xen/xencons.c

branches: 1.1.2;
Add port to the Xen virtual machine monitor.
(see http://www.cl.cam.ac.uk/Research/SRG/netos/xen/)

xen/x86/cpu.c: Nix trailing whitespace.

No functional change intended.

xen/x86/cpu.c: Membar audit.

I see no reason for store-before-load ordering here; as far as I'm
aware, evtchn_upcall_mask is only shared between a (v)CPU and its
(hypervisor) interrupts, not other (v)CPUs.

x86: Assert kpreempt_disabled() in cpu_load_pmap.

No functional change intended. Just makes it easier to audit
curcpu() usage.

branches: 1.142.4;
x86: Split most of pmap.h into pmap_private.h or vmparam.h.

This way pmap.h only contains the MD definition of the MI pmap(9)
API, which loads of things in the kernel rely on, so changing x86
pmap internals no longer requires recompiling the entire kernel every
time.

Callers needing these internals must now use machine/pmap_private.h.
Note: This is not x86/pmap_private.h because it contains three parts:

1. CPU-specific (different for i386/amd64) definitions used by...

2. common definitions, including Xenisms like xpmap_ptetomach,
further used by...

3. more CPU-specific inlines for pmap_pte_* operations

So {amd64,i386}/pmap_private.h defines 1, includes x86/pmap_private.h
for 2, and then defines 3. Maybe we should split that out into a new
pmap_pte.h to reduce this trouble.

No functional change intended, other than that some .c files must
include machine/pmap_private.h when previously uvm/uvm_pmap.h
polluted the namespace with pmap internals.

Note: This migrates part of i386/pmap.h into i386/vmparam.h --
specifically the parts that are needed for several constants defined
in vmparam.h:

VM_MAXUSER_ADDRESS
VM_MAX_ADDRESS
VM_MAX_KERNEL_ADDRESS
VM_MIN_KERNEL_ADDRESS

Since i386 needs PDP_SIZE in vmparam.h, I added it there on amd64
too, just to keep things parallel.

Merge thorpej-cfargs2.

branches: 1.140.8;
Merge thorpej-cfargs branch:

Simplify and make extensible the config_search() / config_found() /
config_attach() interfaces: rather than having different variants for
which arguments you want pass along, just have a single call that
takes a variadic list of tag-value arguments.

Adjust all call sites:
- Simplify wherever possible; don't pass along arguments that aren't
actually needed.
- Don't be explicit about what interface attribute is attaching if
the device only has one. (More simplification.)
- Add a config_probe() function to be used in indirect configuiration
situations, making is visibly easier to see when indirect config is
in play, and allowing for future change in semantics. (As of now,
this is just a wrapper around config_match(), but that is an
implementation detail.)

Remove unnecessary or redundant interface attributes where they're not
needed.

There are currently 5 "cfargs" defined:
- CFARG_SUBMATCH (submatch function for direct config)
- CFARG_SEARCH (search function for indirect config)
- CFARG_IATTR (interface attribte)
- CFARG_LOCATORS (locators array)
- CFARG_DEVHANDLE (devhandle_t - wraps OFW, ACPI, etc. handles)

...and a sentinel value CFARG_EOL.

Add some extra sanity checking to ensure that interface attributes
aren't ambiguous.

Use CFARG_DEVHANDLE in MI FDT, OFW, and ACPI code, and macppc and shark
ports to associate those device handles with device_t instance. This
will trickle trough to more places over time (need back-end for pre-OFW
Sun OBP; any others?).

branches: 1.139.4;
Introduce per-cpu IDTs

This is realized by following modifications:
- Add IDT pages and its allocation maps for each cpu in "struct cpu_info"
- Load per-cpu IDTs at cpu_init_idt(struct cpu_info*)
- Copy the IDT entries for cpu0 to other CPUs at attach
- These are, for example, exceptions, db, system calls, etc.

And, added a kernel option named PCPU_IDT to enable the feature.

initalize ci_kfpu_spl, to avoid triggering KASSERT() in fpu_kern_enter()

Follows revision 1.177 of sys/arch/x86/x86/cpu.c:
"""
Add a small API for in-kernel FPU operations.

fpu_kern_enter();
/* do FPU stuff */
fpu_kern_leave();
"""

With this DomU kernel boots with:
[ 2.0000571] aes: Intel AES-NI

avoid excessive stack usage in mp_cpu_start(), this is called after VM
init so kmem(9) can be used

- Recalibrate the APIC timer using the TSC, once the TSC has in turn been
recalibrated using the HPET. This gets the clock interrupt firing more
closely to HZ.

- Undo change with recent Xen merge and go back to starting the clocks in
initclocks() on the boot CPU, and in cpu_hatch() on secondary CPUs.

- On reflection don't use HPET delay any more, it works very well but means
going over the bus. It's enough to use HPET to calibrate the TSC and
APIC.

Tested on amd64 native, xen and xen PVH.

Merge the bouyer-xenpvh branch, bringing in Xen PV drivers support under HVM
guests in GENERIC.
Xen support can be disabled at runtime with
boot -c
disable hypervisor

Follow convention and put entire predicate inside __predict_false()

branches: 1.133.4;
0x%p --> %p for non-external codes.

Don't call cpu_switchto() before idle_loop(), it should not be needed any more.
While there, assume (and KASSERT) that curlwp == ci->ci_data.cpu_idlelwp,
this saves a lwp_getpcb() call.

branches: 1.131.2;
cpu_need_resched():

- Remove all code that should be MI, leaving the bare minimum under arch/.
- Make the required actions very explicit.
- Pass in LWP pointer for convenience.
- When a trap is required on another CPU, have the IPI set it locally.
- Expunge cpu_did_resched().

Rewrite the FPU code on x86. This greatly simplifies the logic and removes
the dependency on IPL_HIGH. NVMM is updated accordingly. Posted on
port-amd64 a week ago.

Bump the kernel version to 9.99.16.

Start replacing the x86 PTE bits.

Switch NetBSD/xen to use XEN api tag RELEASE-4.11.1

The headers for this api are in sys/external/mit/xen-include-public/dist/

Rename min/max -> uimin/uimax for better honesty.

These functions are defined on unsigned int. The generic name
min/max should not silently truncate to 32 bits on 64-bit systems.
This is purely a name change -- no functional change intended.

HOWEVER! Some subsystems have

#define min(a, b) ((a) < (b) ? (a) : (b))
#define max(a, b) ((a) > (b) ? (a) : (b))

even though our standard name for that is MIN/MAX. Although these
may invite multiple evaluation bugs, these do _not_ cause integer
truncation.

To avoid `fixing' these cases, I first changed the name in libkern,
and then compile-tested every file where min/max occurred in order to
confirm that it failed -- and thus confirm that nothing shadowed
min/max -- before changing it.

I have left a handful of bootloaders that are too annoying to
compile-test, and some dead code:

cobalt ews4800mips hp300 hppa ia64 luna68k vax
acorn32/if_ie.c (not included in any kernels)
macppc/if_gm.c (superseded by gem(4))

It should be easy to fix the fallout once identified -- this way of
doing things fails safe, and the goal here, after all, is to _avoid_
silent integer truncations, not introduce them.

Maybe one day we can reintroduce min/max as type-generic things that
never silently truncate. But we should avoid doing that for a while,
so that existing code has a chance to be detected by the compiler for
conversion to uimin/uimax without changing the semantics until we can
properly audit it all. (Who knows, maybe in some cases integer
truncation is actually intended!)

Introduce PDIR_SLOT_USERLIM, which indicates the limit of the user slots.
Use it instead of PDIR_SLOT_PTE when we just want to iterate over the
user slots. Also use it in SVS, I had hardcoded 255 because there was no
proper define (which there now is).

Reduce the size of the blocks. No functional change.

Remove the non-PAE-i386 code of Xen. The branches are reordered so that
__x86_64__ comes first, eg:

#if defined(PAE)
/* i386+PAE */
#elif defined(__x86_64__)
/* amd64 */
#else
/* i386 */
#endif

becomes

#ifdef __x86_64__
/* amd64 */
#else
/* i386+PAE */
#endif

Tested on i386pae-domU and amd64-dom0.

Sync cpu_boot_secondary_processors() with x86/x86/cpu.c:
explicitely wait for all CPUs to be registered in kcpuset_running.

branches: 1.122.2;
re-do the XEN XSAVE support, this time to leave all probe code in
cpu_probe_fpu(), and have XEN cpu_init() just act

the xen probe is now guarded by XEN_USE_XSAVE option and XSAVE
support is thus still disabled by default (same as before), so it
wouldn't interfere with maxv's eager fpu rototil, while still
allowing testing for others

PR kern/50332

Revert the rest of jdolecek's changes. This puts us back in a clean,
sensical state.

Revert jdolecek's changes related to FXSAVE. They just didn't make any
sense and were trying to hide a real bug, which is, that there is for some
reason a wrong stack alignment that causes FXSAVE to fault in
fpuinit_mxcsr_mask. As seen in current-users@ yesterday, rdi % 16 = 8. And
as seen several months ago, as well.

The rest of the changes in XSAVE are wrong too, but I'll let him fix these
ones.

as a stop-gap, make fpuinit_mxcsr_mask() for native independant of
XSAVE as it should be, only xen case checks the flag now; need to
investigate further why exactly the fault happens for the xen
no-xsave case

pointed out by maxv

fix FPU initialization on Xen to allow e.g. AVX when supported by hardware;
only use XSAVE when the the CPUID OSXSAVE bit is set, as this seems to be
reliable indication

tested with Xen 4.2.6 DOM0/DOMU on Intel CPU, without and with no-xsave flag,
so should work also on those AMD CPUs, which have XSAVE disabled by default;
also tested with Xen DOM0 4.8.3

fixes PR kern/50332 by Torbjorn Granlund; sorry it took three years to address

XXX pullup netbsd-8

branches: 1.117.2;
Needs cpu_init_tss() for application processor too.

Recommit

http://mail-index.netbsd.org/source-changes/2017/11/08/msg089525.html

but use __INITIAL_MXCSR_MASK__ on Xen until someone figures out what's
wrong with the Xen fpu.

Revert http://mail-index.netbsd.org/source-changes/2017/11/08/msg089525.html,
it breaks Xen:
http://www-soc.lip6.fr/~bouyer/NetBSD-tests/xen/HEAD/amd64/201711082340Z_anita.txt

No externs in .c files!

Call fpuinit_mxcsr_mask in cpu_init, after cr4 is initialized, but before
touching xcr0. Then use clts/stts instead of modifying cr0, and enable the
mxcsr_mask detection on Xen.

Remove TRAPLOG from i386. Nowadays there are better instrumentation tools,
in both software and hardware.

gdt_prepframes() is called with a number of pages, don't convert to a number
of pages again. This didn't fail because we're called with only one page, and
the conversion from '1' to pages resulted in 1 again.

branches: 1.110.6;
Remove PG_k completely.

Instead of using a global array with per-cpu indexes, embed the tmp VAs
into cpu_info directly. This concerns only {i386, Xen-i386, Xen-amd64},
because amd64 already has a direct map that is way faster than that.

There are two major issues with the global array: maxcpus entries are
allocated while it is unlikely that common i386 machines have so many
cpus, and the base VA of these entries is not cache-line-aligned, which
mostly guarantees cache-line-thrashing each time the VAs are entered.

Now the number of tmp VAs allocated is proportionate to the number of CPUs
attached (which therefore reduces memory consumption), and the base is
properly aligned.

On my 3-core AMD, the number of DC_refills_L2 events triggered when
performing 5x10^6 calls to pmap_zero_page on two dedicated cores is on
average divided by two with this patch.

Discussed on tech-kern a little.

Rename ldt->ldtstore and gdt->gdtstore on i386. It reduces the diff with
amd64, and makes it easier to track down these variables on nxr - 'ldt'
and 'gdt' being common keywords.

Use __read_mostly on these variables, to reduce the probability of false
sharing.

Import xpmap_pg_nx, and put it in the per-cpu recursive slot on amd64.

branches: 1.105.2;
KNF a little

branches: 1.104.2;
KNF. Remove extra spaces. No functional change.

need definition

fix the build.

Modify around cpu_identify() to not to break the dmesg of cpus with AB_VERBOSE
or AB_DEBUG.

branches: 1.100.2;
Revert sys/arch/x86/x86/pmap.c 1.185; a CPU needs to get pmap updates,
especially for pmap_kernel(), as soon as it is up.
Instead move all pmap-related cpu_info initialisations, including
initializing ci_kpm_mtx, in cpu_attach_common() from cpu_init()
(ci_pmap and ci_tlbstate as already initialized in cpu_attach_common()).

src is too big these days to tolerate superfluous apostrophes. It's
"its", people!

branches: 1.98.4;
Change i386 to use x86/fpu.c instead of i386/isa/npx.c
This changes the trap10 and trap13 code to call directly into fpu.c,
removing all the code for T_ARITHTRAP, T_XMM and T_FPUNDA from i386/trap.c
Not all of the code thate appeared to handle fpu traps was ever called!
Most of the changes just replace the include of machine/npx.h with x86/fpu.h
(or remove it entirely).

Move sys/arch/amd64/amd64/fpu.c and sys/arch/amd64/include/fpu.h
into sys/arch/x86 in preparation for using the same code for i386.

Remove support for 'external' floating point units and the MS-DOS
compatible method of handling floating point exceptions.
Make kernel support for teh fpu non-optional (486SX should still work).
Only 386 cpus support external fpu, and i386 support was removed years ago.
This means that the npx code no longer uses port 0xf0 or interupt 13.
All the "npx at isa" lines go from the configs, arch/i386/isa/npx.c
is now mandatory for all i386 kernels.
I've renamed npxinit() to fpuinit() and npxinit_cpu() to fpuinit_cpu()
to match the very similar amd64 functions.
The fpu of the boot cpu is now initialised by a direct call from
cpu_configure(), this enables FP emulation for a 486SX.
(for amd64 the cr0 values are set in locore.S and similar).
This fixes a long-standing bug in linux_setregs() - which did not
save the fpu regsiters if they were active.
I've test booted a single cpu i386 kernel (using anita).
amd64 builds - none of teh changes should affect it.
The i386 XEN kernels build, but I'm not sure where they set cr0, and
it might have got lost!

revert fpu/pcu changes until we figure out what's wrong; they cause random
freezes

Use the MI "pcu" framework for bookkeeping of npx/fpu states on x86.
This reduces the amount of MD code enormously, and makes it easier
to implement support for newer CPU features which require more fpu
state, or for fpu usage by the kernel.
For access to FPU state across CPUs, an xcall kthread is used now
rather than a dedicated IPI.
No user visible changes intended.

branches: 1.93.2; 1.93.4;
Update comment: we stopped using xcall to sync PTP between CPUs.
pmap_kpm_sync_xcall => xen_kpm_sync

Few fixes for Xen:
- cpu_load_pmap: use atomic kcpuset(9) operations; fixes rare crashes.
- Add kcpuset_copybits(9) and replace xen_kcpuset2bits(). Avoids incorrect
ncpu problem in early boot. Also, micro-optimises xen_mcast_invlpg() and
xen_mcast_tlbflush() routines.

Tested by chs@.

- Convert x86 MD code, mainly pmap(9) e.g. TLB shootdown code, to use
kcpuset(9) and thus replace hardcoded CPU bitmasks. This removes the
limitation of maximum CPUs.

- Support up to 256 CPUs on amd64 architecture by default.

Bug fixes, improvements, completion of Xen part and testing on 64-core
AMD Opteron(tm) Processor 6282 SE (also, as Xen HVM domU with 128 CPUs)
by Manuel Bouyer.

Typo fix.

The code assumes that ci_index is also the Xen's cpunum, and that
cpunum is less than XEN_LEGACY_MAX_VCPUS. KASSERT both.

Don't maintain ci_cpumask for physical CPUs, it's not used.

Get rid of phycpus_attached bitmask; it's maintained but not used and
will limit the number of physical CPUs to 32 without good reasons.

(xen) - remove the (*xpq_cpu)() shim.We hasten the %fs/%gs setup process during boot.Although this is hacky, it lets us use the non-xen specificpmap_pte_xxx() functions in pmap code (and others).

Cleanup.

- Remove cruft from native x86 origin.
- Remove access to privileged MSRs.
- Cleanup stale comments.

cpu_load_pmap() should not be used to load pmap_kernel(), since in the
x86 model, its mappings are shared across pmaps. KASSERT() for this
and remove unused codepaths.

use pmap_protect() instead of pmap_kenter_pa() to remap R/O an exiting
page. This gets rid of the last "mapping already present" warnings.

Avoid early use of xen_kpm_sync(); locks are not available at this time.
Don't call cpu_init() twice.

Makes LOCKDEBUG kernels boot again

Apply patch proposed in PR port-xen/45975 (this does not solve the exact
problem reported here but is part of the solution):
xen_kpm_sync() is not working as expected,
leading to races between CPUs.
1 the check (xpq_cpu != &x86_curcpu) is always false because we
have different x86_curcpu symbols with different addresses in the kernel.
Fortunably, all addresses dissaemble to the same code.
Because of this we always use the code intended for bootstrap, which doesn't
use cross-calls or lock.

2 once 1 above is fixed, xen_kpm_sync() will use xcalls to sync other CPUs,
which cause it to sleep and pmap.c doesn't like that. It triggers this
KASSERT() in pmap_unmap_ptes():
KASSERT(pmap->pm_ncsw == curlwp->l_ncsw);
3 pmap->pm_cpus is not safe for the purpose of xen_kpm_sync(), which
needs to know on which CPU a pmap is loaded *now*:
pmap->pm_cpus is cleared before cpu_load_pmap() is called to switch
to a new pmap, leaving a window where a pmap is still in a CPU's
ci_kpm_pdir but not in pm_cpus. As a virtual CPU may be preempted
by the hypervisor at any time, it can be large enough to let another
CPU free the PTP and reuse it as a normal page.

To fix 2), avoid cross-calls and IPIs completely, and instead
use a mutex to update all CPU's ci_kpm_pdir from the local CPU.
It's safe because we just need to update the table page, a tlbflush IPI will
happen later. As a side effect, we don't need a different code for bootstrap,
fixing 1). The mutex added to struct cpu needs a small headers reorganisation.

to fix 3), introduce a pm_xen_ptp_cpus which is updated from
cpu_pmap_load(), whith the ci_kpm_mtx mutex held. Checking it with
ci_kpm_mtx held will avoid overwriting the wrong pmap's ci_kpm_pdir.

While there I removed the unused pmap_is_active() function;
and added some more details to DIAGNOSTIC panics.

branches: 1.80.2;
PAT flags are not under control of Xen domains currently, so there is no
point in enabling them.

Avoids:
- a warning logged by hypervisor when a domain attempts to modify the PAT
MSR.
- an error during domain resuming, where a PAT flag has been set on a page
while the hypervisor does not allow it.

ok releng@.

Update comments to remove references to alternate pte space.

stop using alternate pde mapping in xen pmap

revert previous commit. DIAGNOSTIC should only do strict checks, not muffle current ones

Address those pesky DIAGNOSTIC messages. \n
Take a performance hit at fork() for not DTRT. \n
Note: Only applicable for kernels built with "options DIAGNOSTIC" \n

Use macro PDP_SIZE instead of numeric constant, for unshared PAE L3 entries.
Thanks jym@

Never cut-paste code from email!
Use the right count (0 -> 2) of l3 unshared userland entries for per-cpu initialisation.

Force pae l3 page allocation for new vcpus to be < 4G, so they fit in 32bits

per-cpu shadow directory pages should be updated locally via cross-calls. Do this.

switch from xen3-public to xen-public.

branches: 1.70.4;
[merging from cherry-xenmp] make pmap_kernel() shadow PMD per-cpu and MP aware.

[merging from cherry-xenmp] Make the xen MMU op queue locking api private. Implement per-cpu queues.

branches: 1.68.2;
Remove code that is commented out and out-of-sync with x86. If Xen needs to
use cpu_resume(), cpu_suspend(), or cpu_shutdown() in the future, it is
better to expose these from x86 rather than duplicate code.

remove a check against uvmexp.ncolors that is done inside uvm_page_recolor()
already anyway.

Call cpufreq_suspend(9) and cpufreq_resume(9) during suspend/resume.

Merge jym-xensuspend branch in -current. ok bouyer@.

Goal: save/restore support in NetBSD domUs, for i386, i386 PAE and amd64.

Executive summary:
- split all Xen drivers (xenbus(4), grant tables, xbd(4), xennet(4))
in two parts: suspend and resume, and hook them to pmf(9).
- modify pmap so that Xen hypervisor does not cry out loud in case
it finds "unexpected" recursive memory mappings
- provide a sysctl(7), machdep.xen.suspend, to command suspend from
userland via powerd(8). Note: a suspend can only be handled correctly
when dom0 requested it, so provide a mechanism that will prevent
kernel to blindly validate user's commands

The code is still in experimental state, use at your own risk: restore
can corrupt backend communications rings; this can completely thrash
dom0 as it will loop at a high interrupt level trying to honor
all domU requests.

XXX PAE suspend does not work in amd64 currently, due to (yet again!)
page validation issues with hypervisor. Will fix.

XXX secondary CPUs are not suspended, I will write the handlers
in sync with cherry's Xen MP work.

Tested under i386 and amd64, bear in mind ring corruption though.

No build break expected, GENERICs and XEN* kernels should be fine.
./build.sh distribution still running. In any case: sorry if it does
break for you, contact me directly for reports.

Fix broken build.

Do not panic() on xen_send_ipi() sent to a cpu not yet running.
x86 MP boot depends on this strange behaviour.

MP probing and startup code

Hide the MD details of specific IPIs behind semantically pleasing functions. This cleans up a couple of #ifdef XEN/#endif pairs

Initialise cpus_running to 1 on Xen, as it was done on x86.

Problem analysed by hannken@. Fixes PR/45062.

Few XEN fixes:
- cpu_load_pmap: perform tlbflush() after xen_set_user_pgd().
- xen_pmap_bootstrap: perform xpq_queue_tlb_flush() in the end.
- pmap_tlb_shootdown: do not check PG_G for Xen.

- cpu_hatch: call tlbflushg(), just to make sure that TLB is clean.
- xen_bootstrap_tables: call xpq_queue_tlb_flush() for safety.
- Initialise cpus_attached and ci_cpumask for primary CPU.

Welcome to 5.99.53! Merge rmind-uvmplock branch:

- Reorganize locking in UVM and provide extra serialisation for pmap(9).
New lock order: [vmpage-owner-lock] -> pmap-lock.

- Simplify locking in some pmap(9) modules by removing P->V locking.

- Use lock object on vmobjlock (and thus vnode_t::v_interlock) to share
the locks amongst UVM objects where necessary (tmpfs, layerfs, unionfs).

- Rewrite and optimise x86 TLB shootdown code, make it simpler and cleaner.
Add TLBSTATS option for x86 to collect statistics about TLB shootdowns.

- Unify /dev/mem et al in MI code and provide required locking (removes
kernel-lock on some ports). Also, avoid cache-aliasing issues.

Thanks to Andrew Doran and Joerg Sonnenberger, as their initial patches
formed the core changes of this branch.

branches: 1.56.2;
Use config_defer(9) for cpu_rescan() in cpu_attach().
Also mark few local functions as static.

Catch up with x86 on cpufeaturebus.

Move PowerNow! to the cpufeaturebus.

Add cpufeaturebus and est(4) for Xen.

branches: 1.52.2; 1.52.4;
Boot vs AP processors don't make sense for physical CPUs, these are
handled by the hypervisor and all CPUs are running when the dom0 is started.
In addition, we don't have a reliable way to determine the boot CPU as
- we may not be running on the boot CPU
- we don't have access to the lapic id
So simplify by ignoring the information and assign phycpu_info_primary to the
first attached CPU.

Machine dependent code is considered as part of UVM. Include
internal API header.

Fill cpu_info::ci_acpiid also on Xen.

Revert all previous changes that were made naively believing that the
existing CPU power management implementations could peacefully coexist with
the acpicpu(4) driver. The following options can not be used with acpicpu(4):
ENHANCED_SPEEDSTEP, INTEL_ONDEMAND_CLOCKMOD, POWERNOW_K7, and POWERNOW_K8.

Revert the previous changes to EST. The used hack had an obvious flaw:
the acpicpu(4) driver should attach even if the existing frequency management
code fails to attach, mainly because ACPI is the only proper way to deal
with EST on new Intel system.

Use a more drastic hack to deal with this: when acpicpu(4) attachs, it tears
down any existing sysctl(8) controls and installs identical ones in place.
Upon detachment, the initialization function of the existing EST is called.

Welcome PAE inside i386 current.

This patch is inspired by work previously done by Jeremy Morse, ported by me
to -current, merged with the work previously done for port-xen, together with
additionals fixes and improvements.

PAE option is disabled by default in GENERIC (but will be enabled in ALL in
the next few days).

In quick, PAE switches the CPU to a mode where physical addresses become
36 bits (64 GiB). Virtual address space remains at 32 bits (4 GiB). To cope
with the increased size of the physical address, they are manipulated as
64 bits variables by kernel and MMU.

When supported by the CPU, it also allows the use of the NX/XD bit that
provides no-execution right enforcement on a per physical page basis.

Notes:

- reworked locore.S

- introduce cpu_load_pmap(), used to switch pmap for the curcpu. Due to the
different handling of pmap mappings with PAE vs !PAE, Xen vs native, details
are hidden within this function. This helps calling it from assembly,
as some features, like BIOS calls, switch to pmap_kernel before mapping
trampoline code in low memory.

- some changes in bioscall and kvm86_call, to reflect the above.

- the L3 is "pinned" per-CPU, and is only manipulated by a
reduced set of functions within pmap. To track the L3, I added two
elements to struct cpu_info, namely ci_l3_pdirpa (PA of the L3), and
ci_l3_pdir (the L3 VA). Rest of the code considers that it runs "just
like" a normal i386, except that the L2 is 4 pages long (PTP_LEVELS is
still 2).

- similar to the ci_pae_l3_pdir{,pa} variables, amd64's xen_current_user_pgd
becomes an element of cpu_info (slowly paving the way for MP world).

- bootinfo_source struct declaration is modified, to cope with paddr_t size
change with PAE (it is not correct to assume that bs_addr is a paddr_t when
compiled with PAE - it should remain 32 bits). bs_addrs is now a
void * array (in bootloader's code under i386/stand/, the bs_addrs
is a physaddr_t, which is an unsigned long).

- fixes in multiboot code (same reason as bootinfo): paddr_t size
change. I used Elf32_* types, use RELOC() where necessary, and move the
memcpy() functions out of the if/else if (I do not expect sym and str tables
to overlap with ELF).

- 64 bits atomic functions for pmap

- all pmap_pdirpa access are now done through the pmap_pdirpa macro. It
hides the L3/L2 stuff from PAE, as well as the pm_pdirpa change in
struct pmap (it now becomes a PDP_SIZE array, with or without PAE).

- manipulation of recursive mappings ( PDIR_SLOT_{,A}PTEs ) is done via
loops on PDP_SIZE.

See also http://mail-index.netbsd.org/port-i386/2010/07/17/msg002062.html

No objection raised on port-i386@ and port-xen@R for about a week.

XXX kvm(3) will be fixed in another patch to properly handle both PAE and !PAE
kernel dumps (VA => PA macros are slightly different, and need proper 64 bits
PA support in kvm_i386).

XXX Mixing PAE and !PAE modules may lead to unwanted/unexpected results. This
cannot be solved easily, and needs lots of thinking before being declared
safe (paddr_t/bus_addr_t size handling, PD/PT macros abstractions).

Turn PMAP_NOCACHE into MI flag.
Add MI flags PMAP_WRITE_COMBINE, PMAP_WRITE_BACK, PMAP_NOCACHE_OVR.
Update pmap(9) manpage.

hppa: Remove MD PMAP_NOCACHE flag as it exists as MI flag
mips: Rename MD PMAP_NOCACHE to PGC_NOCACHE.

x86: Implement new MI flags using Page-Attribute Tables.
x86: Implement BUS_SPACE_MAP_PREFETCHABLE.

Patch presented on tech-kern@:
http://mail-index.netbsd.org/tech-kern/2010/06/30/msg008458.html

No comments on this last version.

mp_cpu_start: although fragment is commented out, add pmap_update(), just
in case somebody would come up with a clever idea to copy-paste that.

Enable the NX bit feature for Xen i386pae and amd64 kernels.

Tested with Xen 3.1 and Xen 3.3, dom0 and domU, by bouyer@ and jym@.

Ok bouyer@.

This patch fixes the NX regression issue observed on amd64 kernels, where
per-page execution right was disabled (therefore leading to the inability
of the kernel to detect fraudulent use of memory mappings marked as not
being executable).

- replace cpu_feature and ci_feature_flags variables by cpu_feature and
ci_feat_val arrays. This makes it cleaner and brings kernel code closer
to the design of cpuctl(8). A warning will be raised for each CPU that
does not expose the same features as the Boot Processor (BP).

- the blacklist of CPU features is now a macro defined in the
specialreg.h header, instead of hardcoding it inside MD initialization
code; fix comments.

- replace checks against CPUID_TSC with the cpu_hascounter() function.

- clean up the code in init_x86_64(), as cpu_feature variables are set
inside cpu_probe().

- use cpu_init_msrs() for i386. It will be eventually used later for NX
feature under i386 PAE kernels.

- remove code that checks for CPUID_NOX in amd64 mptramp.S, this is already
performed by cpu_hatch() through cpu_init_msrs().

- remove cpu_signature and feature_flags members from struct mpbios_proc
(they were never used).

This patch was tested with i386 MONOLITHIC, XEN3PAE_DOM0 and XEN3_DOM0 under
a native i386 host, and amd64 GENERIC, XEN3_DOM0 via QEMU virtual machines.

XXX Should kernel rev be bumped?

XXX A similar patch should be pulled-up for NetBSD-5, hopefully tomorrow.

branches: 1.42.2;
Use roundup2() instead of hardcoding the CACHE_LINE_SIZE rounding
operation.

A pointer typedef entails trading too much flexibility to declare const
and non-const types, and the kernel uses both const and non-const
PMF qualifiers and device suspensors, so change the pmf_qual_t and
device_suspensor_t typedefs from "pointers to const" to non-pointer,
non-const types.

branches: 1.40.2;
Expand PMF_FN_* macros.

- Use uvm_lwp_setuarea() instead of directly setting address to lwp_t::l_addr.
- Replace most remaining uses of l_addr with uvm_lwp_getuarea() or lwp_getpcb().
- Amend assembly in ports where it accesses PCB via struct user.
- Rename L_ADDR to L_PCB in few places. Reduce sys/user.h inclusions.

Remove X86_MAXPROCS. This fixes PR port-xen/41755.
This also reduces diff to x86/x86/cpu.c as a nice side effect.
'looks good' bouyer@

Catch-up Xen and usermode with lwp_getpcb() and unbreak Xen build.

Add a flags argument to pmap_kenter_pa(9).
Patch showed on tech-kern@ http://mail-index.netbsd.org/tech-kern/2009/11/04/msg006434.html
No objections.

fix botch with merging in changes from x86/x86/cpu.c:

don't use wbinvd(). Xen flushes the cache for us.
This makes DomU boot again.
Spotted by bouyer@.

from x86/x86/cpu.c:
- use atomic operations to set flags
- Align struct cpu_info to 64b.

remove Xen2 support.
ok bouyer@

from sys/arch/x86/x86/cpu.c:

Implement -1 (RB_MD1) for physical CPUs in the Dom0.

branches: 1.31.2;
catch up with x86/x86/cpu.c: move from malloc to kmem

Link cpus in the order they are attaching and not in inverse order.

- Avoid the race with CPU online/offline state changes, when setting the
affinity (cpu_lock protects these operations now).
- Disallow setting of state of CPU to to offline, if there are bound LWPs,
which have no CPU to migrate.
- Disallow setting of affinity for the LWP(s), if all CPUs in the dynamic
CPU-set are offline.
- sched_setaffinity: fix invalid check of kcpuset_isset().
- Rename cpu_setonline() to cpu_setstate().

Should fix PR/39349.

branches: 1.28.2; 1.28.4;
printf()->aprint_debug_dev() to match x86/cpu.c

branches: 1.27.4;
Give it a private X86_MAXPROCS def. XXX

call x86_cpu_idle_init(), avoid null function pointer call (cpu_idle()) when
scheduling starts.
cleanup printfs of vcpu

Fix typo.

Don't reload LDTR unless a new value, which only happens for USER_LDT.

Stop using APIC IDs to identify CPUs for software purposes. Allows for
APIC IDs beyond 31, which has been possible for some time now.

Share cpu.h between the x86 ports.

Update xen for identcpu changes.

Make xen build after tsc changes.

Make cpu_idle a macro calling a function pointer on x86.
Select the Xen idle routine for Xen, mwait if supported by the CPU and
it is not AMD and halt otherwise. As reported by Christoph Egger,
AMD Barcelona keeps the CPU in C0 state with MWAIT, contrary to HLT,
which uses C1 and therefore much less power.

branches: 1.18.2;
Remove clause 3 and 4 from TNF licenses

branches: 1.17.2;
keep up with x86/x86/cpu.c, rev. 1.33:
Gracefully handle a condition where apic id >= X86_MAXPROCS rather than panicing.

Access Xen's vcpu info structure per-CPU.
Tested on i386 and amd64 (both dom0 and domU) by me.
Xen2 tested (both dom0 and domU) by bouyer.
OK bouyer

branches: 1.15.2;
g/c unused ioapic_bsp_id.
Per discussion with bouyer.

Do not set ioapic_bsp_id in cpu_attach_common(). It's already initialized
in cpu_attach(), and doing it here will overwrite the cpu_number of the
physical CPU with the one from the virtual CPU (which is always 0).
XXX is ioapic_bsp_id read somewhere ?

cpu_debug_dump: s/curproc/curlwp/ in a message.

reduce diff to x86/x86/cpu.c

reduce diff to x86/x86/cpu.c

- device_t/softc split
- ansify

use aprint_*_dev and device_xname

branches: 1.8.6;
cargo-cult copy cpu_offline_md; fixes compile on i386/x86_64

Merge the bouyer-xeni386 branch to head, at tag bouyer-xeni386-merge1 (the
branch is still active and will see i386PAE support developement).
Sumary of changes:
- switch xeni386 to the x86/x86/pmap.c, and the xen/x86/x86_xpmap.c
pmap bootstrap.
- merge back most of xen/i386/ to i386/i386
- change the build to reduce diffs between i386 and amd64 in file locations
- remove include files that were identical to the i386/amd64 counterparts,
the build will find them via the xen-ma/machine link.

branches: 1.6.2;
i386:
- make tss per-cpu. this considerably speeds up context switch for,
at least, pentium4, where ltr instruction seems very slow.
i386, xen:
- kill cpu_maxproc.
kvm86:
- adapt to per-cpu tss.
- cleanup and simplify.
- move kvm86_mp_lock to more meaningful place.
- disable preemption during a call.

Add new IPI for saving CPU state explicitly, share high-level part of
ACPI wakeup code and teach it how to start the APs again. As a side
effect the CPU_START interface allows choosing between different
bootstrap codes more easily now.

Initialize ci_idepth in cpu_info_primary, makes LOCKDEBUG kernels boot.

branches: 1.3.2;
Make Xen kernels build again.

branches: 1.2.2; 1.2.4; 1.2.6; 1.2.8; 1.2.10;
Pull up the bouyer-xenamd64 branch to HEAD. This brings in amd64 support
to NetBSD/Xen, both Dom0 and DomU.

branches: 1.1.2; 1.1.4;
file cpu.c was initially added on branch bouyer-xenamd64.

xen/x86: Need kpreempt_disable/enable around curcpu() access.

This is called with `hardware' interrupts enabled (between sti and
cli), so presumably preemption is possible here.

XXX pullup-8
XXX pullup-9
XXX pullup-10

branches: 1.45.4;
NetBSD/x86: Raise the number of interrupt sources per CPU from 32 to 56.

There has been no objection for three years.
https://mail-index.netbsd.org/port-amd64/2019/09/22/msg003012.html
Implemented by nonaka@n.o, updated by me.

x86: Split most of pmap.h into pmap_private.h or vmparam.h.

This way pmap.h only contains the MD definition of the MI pmap(9)
API, which loads of things in the kernel rely on, so changing x86
pmap internals no longer requires recompiling the entire kernel every
time.

Callers needing these internals must now use machine/pmap_private.h.
Note: This is not x86/pmap_private.h because it contains three parts:

1. CPU-specific (different for i386/amd64) definitions used by...

2. common definitions, including Xenisms like xpmap_ptetomach,
further used by...

3. more CPU-specific inlines for pmap_pte_* operations

So {amd64,i386}/pmap_private.h defines 1, includes x86/pmap_private.h
for 2, and then defines 3. Maybe we should split that out into a new
pmap_pte.h to reduce this trouble.

No functional change intended, other than that some .c files must
include machine/pmap_private.h when previously uvm/uvm_pmap.h
polluted the namespace with pmap internals.

Note: This migrates part of i386/pmap.h into i386/vmparam.h --
specifically the parts that are needed for several constants defined
in vmparam.h:

VM_MAXUSER_ADDRESS
VM_MAX_ADDRESS
VM_MAX_KERNEL_ADDRESS
VM_MIN_KERNEL_ADDRESS

Since i386 needs PDP_SIZE in vmparam.h, I added it there on amd64
too, just to keep things parallel.

When we have pending events in stipending(), evt_set_pending() has to set
the ih_pending flag for each handler too. Xen/i386 should be stable again.

Revert previous; evt_set_pending() will set ret to 1 if needed to this was
not our bug.

stipending(): if we're going to process some interrupts don't return 0.
Hopefully fixes random hang seen in i386 Xen PV.

The bug has been there ~forever but was masked by the fact that spllower()
did call event handlers much more often.

Restore de EOI mechanism for pirq, using the newer hypervisor interface.
It is needed.
Hopefully fixes kern/56291, kern/56793, kern/55667

Introduce Xen PVH support in GENERIC.
This is compiled in with
options XENPVHVM
x86 changes:
- add Xen section and xen pvh entry points to locore.S. Set vm_guest
to VM_GUEST_XENPVH in this entry point.
Most of the boot procedure (especially page table setup and switch to
paged mode) is shared with native.
- change some x86_delay() to delay_func(), which points to x86_delay() for
native/HVM, and xen_delay() for PVH

Xen changes:
- remove Xen bits from init_x86_64_ksyms() and init386_ksyms()
and move to xen_init_ksyms(), used for both PV and PVH
- set ISA no-legacy-devices property for PVH
- factor out code from Xen's cpu_bootconf() to xen_bootconf()
in xen_machdep.c
- set up a specific pvh_consinit() which starts with printk()
(which uses a simple hypercall that is available early) and switch to
xencons when we can use pmap_kenter_pa().

Merge the bouyer-xenpvh branch, bringing in Xen PV drivers support under HVM
guests in GENERIC.
Xen support can be disabled at runtime with
boot -c
disable hypervisor

convert to newer HYPERVISOR_physdev_op() interface, now command and the
arg are separate arguments - this is needed for newer physdev_op commands

remove code for PHYSDEVOP_IRQ_UNMASK_NOTIFY, it is obsolete since
interface version 0x00030202 and is unsupported by newer versions of Xen

confirmed working on amd64 Dom0, i386 compile-tested only

branches: 1.36.2; 1.36.8;
sti/cli are not allowed on Xen, we have to clear/set a bit in the
shared page. Revert x86_disable_intr/x86_enable_intr to plain function
calls on XENPV.
While there, clean up unused functions and macros, and change cli()/sti()
macros to x86_disable_intr/x86_enable_intr.
Makes Xen domU boot again
(http://www-soc.lip6.fr/~bouyer/NetBSD-tests/xen/HEAD/)

conditionally include XENPV specific code.

This explicitly excludes PV only functionality that would be wrong to
attempt to use in other modes, for eg: p2m table management.

Excise XEN specific code out of x86/x86/intr.c into xen/x86/xen_intr.c

While at it, separate the source function tracking so that the interrupt
paths are truly independant.

Use weak symbol exporting to provision for future PVHVM co-existence
of both files, but with independant paths. Introduce assembler code
such that in a unified scenario, native interrupts get first priority
in spllower(), followed by XEN event callbacks. IPL management and
semantics are unchanged - native handlers and xen callbacks are
expected to maintain their ipl related semantics.

In summary, after this commit, native and XEN now have completely
unrelated interrupt handling mechanisms, including
intr_establish_xname() and assembler stubs and intr handler
management.

Happy Christmas!

Hide differences between i386 and amd64 interrupt frames so XEN does
not need to know there is one. Hopefully unbreak i386 build.

On Xen, copy just the bits we need from the trapframe for hardclock(9)
and statclock(9).

Current, the macros that use the trapframe are:
CLKF_USERMODE()
CLKF_PC()
CLKF_INTR()

Of these, CLKF_INTR() already ignores the frame and uses the ci_idepth
variable to do its job.

Convert the two remaining ones to do this, but only for XEN.

Save the interrupt trap/clockframe to a per-cpu copy.

We can use this copy to pass on the trapframe to hardclock(9) from
within the xen timer handler. This delinks the current dependency
between MD code and the handler, which is specially prototyped to take
the clockframe unlike any other handler.

This change has performance implications, as each interrupt entry will
copy the entire trapframe over to the per-cpu cached copy. This can be
mitigated by selectively copying just the parts of the clockframe that
are used by hardclock() et. al.

Tested on amd64 XEN domU

Use hypervisor provided interface to unmask specific ports.

Although at first glance this looks suboptimal, the unmask operation
fast path does not use hypervisor_unmask_event(). Instead, it directly
operates on the mask and pending bit arrays to provide what would
effectively be an "auto mask/eoi" semantic.

This change is thus not in the fast path, and has the advantage of
performance improvements since cross CPU state updates etc. is handled
within the hypervisor instead of domU IPIs.

Decompose hypervisor_enable_event() into functional steps.

The hypervisor_unmask_event() step is relevant for any event.

The pirq related step is only relevant for pirq bound events.

Prune blanket usage of this, so that usage is semantically appropriate.

branches: 1.28.12; 1.28.18; 1.28.20;
Make Xen kernels compile without DIAGNOSTIC

branches: 1.27.12;
Re-apply
http://mail-index.netbsd.org/source-changes/2012/11/25/msg039125.html
http://mail-index.netbsd.org/source-changes/2012/11/25/msg039126.html
they're not involved in i386 domU hang shown by ATF.

Revert these commits from november 2012:
http://mail-index.netbsd.org/source-changes/2012/11/25/msg039125.html
http://mail-index.netbsd.org/source-changes/2012/11/25/msg039126.html
http://mail-index.netbsd.org/source-changes/2012/11/25/msg039142.html

they cause a i386PAE domU to hang while running ATF tests, as shown in
http://www-soc.lip6.fr/~bouyer/NetBSD-tests/xen/HEAD/

(we should pay more attention to test results, myself first).

Back out this commit:
http://mail-index.netbsd.org/source-changes/2012/12/28/msg039950.html
which cause a panic when running tests on amd64, as shown on:
http://www-soc.lip6.fr/~bouyer/NetBSD-tests/xen/HEAD/
(i386 hangs for unrelated reasons).

Simplify the xen event handler callback by:
- moving the interrupt handler callback traversal into a separate
function.
- using evt_iterate_bits() to scan through the pending bitfield
- removing cross-cpu pending actions - events recieved on the wrong
vcpu are re-routed via hypervisor_send_event().
- simplifying nested while() loops by encapsulating them in
equivalent functions.

Many thanks for multiple reviews by bouyer@ and jym@

Make hypervisor_set_ipending() and its consumers cpu unaware. This syncs syntax with semantics

Remove e a redundant layer of function calling in the event handling path

branches: 1.21.6;
Optimise branch predict hint for the intended use-case (cross cpu event notification)

Do not touch pending flags across vcpus

Do not fiddle with the event masks of non-local vcpus when unmasking events across vcpus

branches: 1.18.2;
hypervisor_unmask_event(): don't check/update evtchn_pending_sel for the
current CPU, but for any CPU which may accept this event.
xen/xenevt.c: more use of atomic ops and locks where appropriate, and some
other SMP fixes. Handle all events on the primary CPU (may be revisited
later). Set/clear ci_evtmask[] for watched events.

This should fix the problems on dom0 kernels reported by jym@

[merging from cherry-xenmp] bring in bouyer@'s changes via:
http://mail-index.netbsd.org/source-changes/2011/10/22/msg028271.html
From the Log:
Log Message:
Various interrupt fixes, mainly:
keep a per-cpu mask of enabled events, and use it to get pending events.
A cpu-specific event (all of them at this time) should not be ever masked
by another CPU, because it may prevent the target CPU from seeing it
(the clock events all fires at once for example).

branches: 1.16.2;
Merge jym-xensuspend branch in -current. ok bouyer@.

Goal: save/restore support in NetBSD domUs, for i386, i386 PAE and amd64.

Executive summary:
- split all Xen drivers (xenbus(4), grant tables, xbd(4), xennet(4))
in two parts: suspend and resume, and hook them to pmf(9).
- modify pmap so that Xen hypervisor does not cry out loud in case
it finds "unexpected" recursive memory mappings
- provide a sysctl(7), machdep.xen.suspend, to command suspend from
userland via powerd(8). Note: a suspend can only be handled correctly
when dom0 requested it, so provide a mechanism that will prevent
kernel to blindly validate user's commands

The code is still in experimental state, use at your own risk: restore
can corrupt backend communications rings; this can completely thrash
dom0 as it will loop at a high interrupt level trying to honor
all domU requests.

XXX PAE suspend does not work in amd64 currently, due to (yet again!)
page validation issues with hypervisor. Will fix.

XXX secondary CPUs are not suspended, I will write the handlers
in sync with cherry's Xen MP work.

Tested under i386 and amd64, bear in mind ring corruption though.

No build break expected, GENERICs and XEN* kernels should be fine.
./build.sh distribution still running. In any case: sorry if it does
break for you, contact me directly for reports.

refactor the bitstring/mask operations to be behind an API. Make pending interrupt marking cpu aware.

branches: 1.14.2;
Fix a year old bug that was only fixed in jym-xensuspend branch, but
not in HEAD:
- use uvm_km_alloc() instead of kmem_alloc() to enforce alignement when
allocating p2m_frame pages (xentools can only deal with page-aligned
addresses)
- do not use paddr_t for p2m_frame_list_list with PAE, xentools expect
32 bits PFNs even with 64 bits PTE.

Required to make ``xm dump-core'' work as expected.

branches: 1.13.4; 1.13.6;
Remove 3rd and 4th clauses. OK cl@ (copyright holder).

remove Xen2 support.
ok bouyer@

branches: 1.11.8;
introduce two macros: xendomain_is_dom0() and xendomain_is_privileged(). Use them.

Implement the arch-dependent p2m frame lists list. This adds support for
'xm dump-core' for NetBSD domUs.
From Jean-Yves Migeon (jean-yves dot migeon at espci dot fr)

branches: 1.9.2;
Raise ci_idepth (and switch to interrupt stack on i386) becore calling
xenevt_event().

branches: 1.8.2; 1.8.4; 1.8.6;
Access Xen's vcpu info structure per-CPU.
Tested on i386 and amd64 (both dom0 and domU) by me.
Xen2 tested (both dom0 and domU) by bouyer.
OK bouyer

branches: 1.7.2;
- use POSIX integer types
- ansify functions

branches: 1.6.6;
The event bitmasks provided by the hypervisor are unsigned long (so 64bits
on amd64). Make sure to use the right type to store and manipulate them.
This fixes amd64, where basically any event channel > 31 was not working
(and you get there after starting/stopping a domU a few times). Things
would occasionally unwedge though the spllower() callbacks.

Fix xenevt to not call softint_schedule() above IPL_HIGH:
Register a ipl callback for IPL_HIGH.
if the current ipl level is too high, just record the event in a bitmap,
and record IPL_HIGH as pending. The callback will process the pending events.

branches: 1.4.2;
- Make __cpu_simple_lock and similar real functions and patch at runtime.
- Remove old x86 atomic ops.
- Drop text alignment back to 16 on i386 (really, this time).
- Minor cleanup.

cleanup the debug event handler to not use the IPL system at all. Fix
debug event storm on XEN2.

branches: 1.2.2; 1.2.4; 1.2.6; 1.2.8; 1.2.10; 1.2.12;
Pull up the bouyer-xenamd64 branch to HEAD. This brings in amd64 support
to NetBSD/Xen, both Dom0 and DomU.

branches: 1.1.2; 1.1.4;
file hypervisor_machdep.c was initially added on branch bouyer-xenamd64.

Make cpu_idle a macro calling a function pointer on x86.
Select the Xen idle routine for Xen, mwait if supported by the CPU and
it is not AMD and halt otherwise. As reported by Christoph Egger,
AMD Barcelona keeps the CPU in C0 state with MWAIT, contrary to HLT,
which uses C1 and therefore much less power.

branches: 1.3.2; 1.3.6; 1.3.14; 1.3.20; 1.3.22; 1.3.24; 1.3.26;
Don't clear ci_want_resched in MD code; it's done in mi_switch().

branches: 1.2.2;
Pull up the bouyer-xenamd64 branch to HEAD. This brings in amd64 support
to NetBSD/Xen, both Dom0 and DomU.

branches: 1.1.2; 1.1.4;
file idle_machdep.c was initially added on branch bouyer-xenamd64.

Retire xen/x86/intr.c and use the new xen specific glue in x86/x86/intr.c

The purpose of this change is to expose the x86/include/intr.h API
to drivers. Specifically the following functions:

void *intr_establish_xname(...);
void *intr_establish(...);
void intr_disestablish(...);

while maintaining the old API from xen/include/evtchn.h, specifically
the following functions:

int event_set_handler(...);
int event_remove_handler(...);

This is so that if things break, we can keep using the old API until
everything stabilises. This is a stepping stone towards getting the
actual XEN event callback path rework code in place - which can be
done opaquely behind the intr.h API - NetBSD/XEN specific drivers that
have been ported to the intr.h API should then work without
significant further modifications.

On XEN dom0, the function xen/x86/intr.c:xen_intr_map() is used to map
hardware interrupts to XEN callbacks called 'events'. This function
combines both the allocation and the binding.

This change is the first part of breaking up that combination into
xen_pirq_alloc() and the binding will happen as part of the
pic_addroute() callback of a new pseudo PIC_XEN

This code will be added later on.

branches: 1.32.2;
Remove the xen specific interrupt type for the x86 intr_handle_t
For this to work, we use the evtchn.c:get_pirq_to_evtchn() glue
function to make things easier.

x86: Add preliminary x2APIC support.

x2APIC is used only when x2APIC is enabled in BIOS/UEFI.
LAPIC ID is not supported above 256.

provide stub intr xname establish for xen

branches: 1.29.12; 1.29.30; 1.29.34;
Remove spurious header.
Thanks rmind@

Make event/interrupt handling MP aware

branches: 1.27.6;
Cosmetic: abbreviate: use `pc' instead of `pci_chipset_tag'.

branches: 1.26.2; 1.26.4;
Switch to ACPICA 20090730, and update for API changes.

remove Xen2 support.
ok bouyer@

Interrupt handling in Xen 3.5 changed. There's no longer
a hardcoded upper limit. So *our* upper limit of 200 may be different from machine to machine now.
So just retry if the hypercall failed.

Make xen kernels build again.

When ioapic is used, for ISA interrupts, reuse the legacy ISA interrupt
number instead of allocating a new one. Force allocating a new interrupt number
for PCI devices, as the number stored in the PCI interrupt register
may be wrong.
This should help using a pciide controller in compat mode or ISA devices
in a non-0 domain.

branches: 1.21.2; 1.21.4; 1.21.8; 1.21.12;
Compile NetBSD/amd64 kernels with "-Wextra". Patches contributed by
Juan RP in PR port-amd64/39266.

branches: 1.20.2;
Remove "struct device" from "struct pic", where it was only real
for ioapics and faked up for others. Add it to "struct ioapic_softc"
for now, until device/softc get split.
This required all typecasts between "struct pic" and "struct ioapic_softc"
to be replaced, I hope I got them all.
functionally tested on i386, compile-tested on xen, untested on amd64

branches: 1.19.2;
Add a 'known_mpsafe' argument to intr_establish().

Stop using APIC IDs to identify CPUs for software purposes. Allows for
APIC IDs beyond 31, which has been possible for some time now.

branches: 1.17.6; 1.17.8; 1.17.10; 1.17.12;
Merge the bouyer-xeni386 branch to head, at tag bouyer-xeni386-merge1 (the
branch is still active and will see i386PAE support developement).
Sumary of changes:
- switch xeni386 to the x86/x86/pmap.c, and the xen/x86/x86_xpmap.c
pmap bootstrap.
- merge back most of xen/i386/ to i386/i386
- change the build to reduce diffs between i386 and amd64 in file locations
- remove include files that were identical to the i386/amd64 counterparts,
the build will find them via the xen-ma/machine link.

- Make __cpu_simple_lock and similar real functions and patch at runtime.
- Remove old x86 atomic ops.
- Drop text alignment back to 16 on i386 (really, this time).
- Minor cleanup.

branches: 1.15.2; 1.15.6;
Interrupt handling changes, in discussion since February:

- Reduce available SPL levels for hardware devices to none, vm, sched, high.
- Acquire kernel_lock only for interrupts at IPL_VM.
- Implement threaded soft interrupts.

Pull up the bouyer-xenamd64 branch to HEAD. This brings in amd64 support
to NetBSD/Xen, both Dom0 and DomU.

branches: 1.13.6; 1.13.12; 1.13.22; 1.13.24; 1.13.28; 1.13.30;
Remove more duplicate headers.
Patch by Slava Semushin <slava.semushin@gmail.com>

Again, this was tested by comparing obj files from a pristine and a patched
source tree against an i386/ALL kernel, and also for src/sbin/fsck_ffs,
src/sbin/fsdb and src/usr.sbin/makefs. Only changes in assert() line numbers
were detected in 'objdump -d' output.

- pass intrframe by-pointer, not by-value.
- make i386 and xen use per-cpu interrupt stack.

xen part is reviewed by Manuel Bouyer.

include machine/mpconfig.h so that these files can be compiled
with ACPI but without MPBIOS.

intr_establish: add a missing ";" in the case of NIOAPIC==0.

Add Xen3 support for ACPI and/or MPBIOS + IOAPIC. To help with this, physical
CPUs are now configured on mainbus only in dom0, and only to know about
their APIC id. virtual CPUs are attached to hypervisor as:
vcpu* at hypervisor?
and this is what's used as curcpu(). The kernel config files needs to be
updated for this, see XEN3_DOM0 or XEN3_DOMU for examples.
XEN3_DOM0 now has acpi, MPBIOS and ioapic by default.
Note that a Xen dom0 kernel doens't have access to the lapic.

branches: 1.8.8; 1.8.10;
Add support for ACPI in xen-3 dom0 support. We can now boot a xen-3 dom0
kernel with a default xen comamnd line.

branches: 1.7.4; 1.7.6; 1.7.8; 1.7.10; 1.7.12;
merge ktrace-lwp.

branches: 1.6.2;
Get rid of the event to pseudo-irq mapping. We are limited to 32 pseudo-irq,
including soft interrupt, and this is way too low in some use (lots of domains,
or domains with lots of xennet, or even hardware with lots of devices at
different interrupts).
Based on idea from YAMAMOTO Takashi, keep one list of handler per-event and
one per-IPL (so the same handler is now in 2 lists). In the common case were
an event is received at low IPL, we can call the handlers quickly (there
is usually only one handler per event, unless the event is mapped to a
physical interrupt and this interrupt is shared by different devices).
Deffered events and software interrupts are handled by a bitmask (as before)
with one bit per IPL. When one IPL has an event pending all handlers for
this IPL will be called.
With this change, it is now possible to have all the 1024 events active.

While here, handle debug event in a special way: the handler is always called,
regardless of the current IPL. Make the handler print usefull informations
about events and IPL states.
Also remove code not used on Xen in files inherited from the x86 port.

fix a bug which corrupts runqueue.
when dealing with events, which are handed to xenevt pseudo device,
don't call wakeup(9)/selnotify(9) at too high IPL. PR/29792.

branches: 1.4.2;
Merge the bouyer-xen2 branch. This add supports for the Xen 2.0 virtual
machine kernel (both privileged and non-privileged domains), and remove support
for the old xen 1.2.

branches: 1.3.4; 1.3.6; 1.3.8;
don't reference kernel_lock directly.

branches: 1.2.2;
catch up with arch/x86/x86/intr.c
1.15/kochi
use designated initializer for struct pic initializers.
just for readability.

update the xenev_pic initializer as well

branches: 1.1.2;
Add port to the Xen virtual machine monitor.
(see http://www.cl.cam.ac.uk/Research/SRG/netos/xen/)

Move mainbus(4) driver files in various x86 sub-archs to name prefixed
versions. This allows us to further modularise them by unifying common
bus probe code in x86/x86/mainbus.c to be introduced next.

This commit has no functional changes. It is done for ease of
visibility of newer diffs in the queue.

branches: 1.19.8; 1.19.10;
x86: Add preliminary x2APIC support.

x2APIC is used only when x2APIC is enabled in BIOS/UEFI.
LAPIC ID is not supported above 256.

branches: 1.18.6;
Use the global pci_mode to avoid 'set but not used' warnings from gcc 4.8.3.

Move back call to pci_mode_detect() outside of #ifdef PCI_BUS_FIXUP.
Even if mode is not used, the call to pci_mode_detect() is mandatory to
initialize the PCI subsystem.
Fix "panic booting -current DOM0" reported by Patrick Welche on port-xen.

- move variables inside their #ifdef use
- remove unused and set-but-unused variables
- use __USE() in a particularly ugly case

with these, and a couple of other changes, amd64 gcc 4.8.1 world
is able to complete build.sh release.

branches: 1.15.2; 1.15.12; 1.15.16;
Merge jym-xensuspend branch in -current. ok bouyer@.

Goal: save/restore support in NetBSD domUs, for i386, i386 PAE and amd64.

Executive summary:
- split all Xen drivers (xenbus(4), grant tables, xbd(4), xennet(4))
in two parts: suspend and resume, and hook them to pmf(9).
- modify pmap so that Xen hypervisor does not cry out loud in case
it finds "unexpected" recursive memory mappings
- provide a sysctl(7), machdep.xen.suspend, to command suspend from
userland via powerd(8). Note: a suspend can only be handled correctly
when dom0 requested it, so provide a mechanism that will prevent
kernel to blindly validate user's commands

The code is still in experimental state, use at your own risk: restore
can corrupt backend communications rings; this can completely thrash
dom0 as it will loop at a high interrupt level trying to honor
all domU requests.

XXX PAE suspend does not work in amd64 currently, due to (yet again!)
page validation issues with hypervisor. Will fix.

XXX secondary CPUs are not suspended, I will write the handlers
in sync with cherry's Xen MP work.

Tested under i386 and amd64, bear in mind ring corruption though.

No build break expected, GENERICs and XEN* kernels should be fine.
./build.sh distribution still running. In any case: sorry if it does
break for you, contact me directly for reports.

#include <sys/bus.h> instead of <machine/bus.h>.

Build fix for xen domu + PCI, from Juho Salminen in PR 44083.

acpi_madt.h is gone

On x86, change the bus_space_tag_t to a pointer to a struct
bus_space_tag. For now, bus_space_tag's only member is
bst_type, the type of space, which is either X86_BUS_SPACE_IO
or X86_BUS_SPACE_MEM. In the future, new bus_space_tag members
will refer to override-functions installed by a new function,
bus_space_tag_create(9).

Add pointers to constant struct bus_space_tag, x86_bus_space_io and
x86_bus_space_mem. Use them to replace most uses of X86_BUS_SPACE_IO
and X86_BUS_SPACE_MEM.

Add an x86-specific bus_space_is_equal(9) implementation that compares
the two tags' bst_type.

branches: 1.10.2;
Don't use the global variable pci_mode, but use a local copy of
the return value of pci_mode_detect(), instead.

branches: 1.9.2;
Switch to ACPICA 20090730, and update for API changes.

remove Xen2 support.
ok bouyer@

branches: 1.7.2;
The Xen PCI_BUS_FIXUP/PCI_ADDR_FIXUP has rotted, catch up with x86 changes
in this area. Patch provided by FUKAUMI Naoki in PR#40356.

Nuke last parameter from mpaci_scan_apics() and mpbios_scan().
It is unused.

branches: 1.5.2; 1.5.4;
introduce two macros: xendomain_is_dom0() and xendomain_is_privileged(). Use them.

branches: 1.4.4; 1.4.10;
device_t / softc split
reviewed, tested and approved by bouyer

branches: 1.3.6;
Merge the bouyer-xeni386 branch to head, at tag bouyer-xeni386-merge1 (the
branch is still active and will see i386PAE support developement).
Sumary of changes:
- switch xeni386 to the x86/x86/pmap.c, and the xen/x86/x86_xpmap.c
pmap bootstrap.
- merge back most of xen/i386/ to i386/i386
- change the build to reduce diffs between i386 and amd64 in file locations
- remove include files that were identical to the i386/amd64 counterparts,
the build will find them via the xen-ma/machine link.

branches: 1.2.2; 1.2.4; 1.2.8; 1.2.12; 1.2.16;
Pull up the bouyer-xenamd64 branch to HEAD. This brings in amd64 support
to NetBSD/Xen, both Dom0 and DomU.

branches: 1.1.2; 1.1.4;
file mainbus.c was initially added on branch bouyer-xenamd64.

Fix various typos, mainly in comments:
s/invaid/invalid/
s/instad/instead/
s/wich/with/
s/tranform/transform/
s/tranmist/transmit/
s/tranceiver/transceiver/
s/Tranparent/Transparent/
s/tranlated/translated/
s/tranfer/transfer/
s/tranmissions/transmissions/
s/condtions/conditions/
s/Recient/Recent/

aprint_debug(): if a hypercall fail, print the return code.

Remove useless info from debug printf, fix format warning on i386

- msipic_construct_msix_pic(): set mp_table_base to memaddr (without
table_offset), this is what Xen wants
while there use pci_conf_write16() in msi_set_msictl_enablebit() too,
for consistency (it seems that Xen accepts the 32bit write at this point,
but this may change).

- xen_map_msix_pirq(): don't forget to set map_irq.table_base in the
MSI-X case, otherwise Xen maps it as MSI
- call pic_hwunmask() after pirq_establish() in msi/msix case, to make sure
the msi-x vector is unmasked.

Now MSI-X works with Xen so stop disabling it in pci_attach_hook().

Work in progress on MSI/MSI-X on Xen (MSI works on my hardware, more work
needed for MSI-X):
- Xen silently rejects 32 bits writes to MSI configuration registers
(especially when setting PCI_MSI_CTL_MSI_ENABLE/PCI_MSIX_CTL_ENABLE),
it expects 16 bits writes. So introduce a pci_conf_write16(),
only available on XENPV (and working only for mode 1 without
PCI_OVERRIDE_CONF_WRITE) and use it to enable MSI or MSI-X on XENPV.
- for multi-MSI vectors, Xen allocates all of them in a single hypercall,
so it's not convenient to do it at intr_establish() time.
So do it at alloc() time and register the pirqs in the msipic structure.
xen_pic_to_gsi() now just returns the values cached in the msipic.
As a bonus, if the PHYSDEVOP_map_pirq hypercall fails we can fail
the alloc() and we don't need the xen_pci_msi*_probe() hacks.

options NO_PCI_MSI_MSIX still on by default for XEN3_DOM0.

adjust includes to pull __HAVE_PCI_MSI_MSIX properly

add #ifdef __HAVE_PCI_MSI_MSIX so this still compiles with NO_PCI_MSI_MSIX

for Xen MSI, fallback to INTx when PHYSDEVOP_map_pirq fails for the device

apparently Xen requires VT-d to be enabled in BIOS for PHYSDEVOP_map_pirq
to work, this change makes it work on systems with VT-d disabled or missing

adresses the panic part of PR port-xen/55285 by Patrick Welche

switch back to PHYSDEVOP_alloc_irq_vector for non-MSI interrupts - on my
computer it works the same as PHYSDEVOP_map_pirq, but seems it doesn't
on other systems

fixes PR port-xen/55285 for Patrick Welche, but not yet for another system
by Frank Kardel

use short for irq2port[] to save memory (4KB), it only needs to store
numbers <= NR_EVENT_CHANNELS (2048)

only call PHYSDEVOP_map_pirq for a shared interrupt once, same as previous code

fixes boot problem reported privately by Frank Kardel and Patrick Welche

add support for using MSI for XenPV Dom0

use PHYSDEVOP_map_pirq to get the pirq/gsi for MSI/MSI-X, switch also INTx
to use it instead of PHYSDEVOP_alloc_irq_vector

MSI confirmed working with single-vector MSI for wm(4), ahcisata(4), bge(4)

XXX added some provision for MSI-X, but it doesn't actually work (no interrupts
delivered), needs some further investigation; disable MSI-X for XENPV
via flag in x86/pci/pci_machdep.c

Merge the bouyer-xenpvh branch, bringing in Xen PV drivers support under HVM
guests in GENERIC.
Xen support can be disabled at runtime with
boot -c
disable hypervisor

convert to newer HYPERVISOR_physdev_op() interface, now command and the
arg are separate arguments - this is needed for newer physdev_op commands

remove code for PHYSDEVOP_IRQ_UNMASK_NOTIFY, it is obsolete since
interface version 0x00030202 and is unsupported by newer versions of Xen

confirmed working on amd64 Dom0, i386 compile-tested only

branches: 1.11.2;
remove <sys/malloc.h> include, not used here

Catchup with struct intrstub; unification.

This should fix dom0 build breakage.

Do not export the 'irq<->vector' abstraction outside of pintr.c
anymore. We now think of them as a unified thing called 'gsi',
which is generated by mpacpi/mpbios

Since GSIs are invented by the mpbios/mpacpi interrupt routing probe code,
it's possible for shared GSIs to popup even outside the original
legacy_irq range.

Relax this latter, older assumption.

Thanks to Brad Spencer for extensive trialing on interesting hardware.

Switch over to a "GSI" concept for guest irqs.

On XEN there is a namespace called GSI which includes:

i) legacy_irq (0 - 16)
ii) "gsi" (16-nr_irqs_gsi)
iii) msi

We try to mirror this in guest space, but are mindful that legacy_irq
is 1:1 bound to actual hardware legacy_irq. Apart from this, XEN doesn't
really care what number scheme we use, as long as it doesn't encroach
on the MSI space, which is TBD for us.

Thus we trust the mpbios.c/mpacpi.c code to correctly map the pic,pin
tuples into the correct global gsi space, which we then register with
xen. As we now do, we allow for duplicate gsi registrations, in case
any hardware shares the same (pic,pin);

This enables us to now use the (pic,pin) tuple as the canonical reference
for device interrupt addresses, and leave any global mappings to specific
code. Thus xen_pic_to_gsi().

Note that this requires separate support for MSI, which I will get around to
once things stabilise - however the API change facilitates this nicely.

I note that the msi addroute() function does not use the "pin" parameter.
This can be made use of, to encode the gsi number, for XEN. This is however
TBD.

We further tweak the xen_vec_alloc() code to be uniform for the NIOAPICS
and other cases, and ensure that i8259.c DTRT wrt to route().

This will allow us to use pic->pic_addroute() without needing to worry about
pic specific issues.

The next step is to consolidate the pic_addroute() XEN related #ifdefs into
a -DXEN specific file, so that we don't clutter x86/ code with #ifdef XENs.

This change has functional implications, and there is likely breakage coming
especially on bespoke platforms that I haven't been able to test yet.

I am especially interested in bug reports from platforms with legacy (esp. i386)
and with multiple ioapics.

Change the name of xen_pirq_alloc() to xen_vec_alloc() to reflect
its actual job.

The idea is that we will strip this down until it is as close to
idt_vec_alloc() as possible.

Move the pic->pic_addroute() call from within pintr.c:xen_pirq_alloc() to
intr.c:intr_establish_xname()

xen_pirq_alloc() now returns a vector value, as is intended by
the semantics of the call to the hypervisor, PHYSDEVOP_ASSIGN_VECTOR.

This also brings our usage closer to native.

Teach intr_establish_xname() for XEN to tolerate shared legacy_irq
registrations.

The current XEN code has not been able to tolerate shared legacy_irq
requests in xen_pirq_alloc(). This was never a problem because:

i) The only potential callpath with shared legacy_irq was
isa_intr_establish_xname().
ii) The other callpath, namely pci_intr_establish_xname() passed
legacy_irq to intr_establish_xname(). However, this was ignored,
and a value of zero was passed to xen_pirq_alloc() which in
turn, allocated a new irq value, thus effectively demultiplexing
any shared legacy_irq value intended across randomly allocated
new irq values.
iii) Presumably on all platforms that XEN runs on, the isa callpath
mentioned in i) never had shared irqs, and thus this was never
a problem.

Except:
We now use a unified path for both isa_intr_establish_xname() and
pci_intr_establish_xname(). This means that now, intr_establish_xname()
which is a callee of both, needs to have a way to discern who the caller
was, and decide to pass on or discard the legacy_irq value, to preserve
the old semantics. However, this is impossible to do so, because the
callpath doesn't explicitly provide a mechanism for this discernment.

This is however not a problem, because from XEN's point of view, a
repeat registration of an irq is only a warning. legacy_irq is the only
case in which this repeat should occur, per the current implementation of
xen_pirq_alloc(). We thus tweak the KASSERT()s to tolerate a repeat value
in the legacy_irq, while maintaining the original intent of the KASSERT()
which was to ensure that existing unrelated irq registrations should never
be overwritten.

Once we re-organise XEN specific code and unify with the native
intr_establish_xname() path, we will not run into this problem, because
legacy_irq will be treated as the pin number of the i8259 pic
exactly as it is now treated in native.

In short, this commit should fix some of the panics being seen on
-current for certain configurations of hardware on which dom0 runs.

branches: 1.3.2; 1.3.4;
Rename i8259_stubs -> legacy_stubs. We will want the entries to have the
same name, eg:

legacy_stubs
-> Xintr_legacy0, Xrecurse_legacy0, Xresume_legacy0
-> Xintr_legacy1, Xrecurse_legacy1, Xresume_legacy1
...

Fixes for physical interrupts on Xen:
- do not cast int * to intr_handle_t *, they're not the same size
- legacy_irq is not always -1 for ioapic interrupts, test pic_type instead
- change irq2port[] to hold (port + 1) so that 0 is an invalid value
- add KASSERTs to make sure vect, port or irq values extracted from arrays are
valid (or that they are invalid before write)
- for the !ioapic case, we still need to do PHYSDEVOP_ASSIGN_VECTOR and
bind_pirq_to_evtch().

now XEN3_DOM0 boots again

branches: 1.1.2;
On XEN dom0, the function xen/x86/intr.c:xen_intr_map() is used to map
hardware interrupts to XEN callbacks called 'events'. This function
combines both the allocation and the binding.

This change is the first part of breaking up that combination into
xen_pirq_alloc() and the binding will happen as part of the
pic_addroute() callback of a new pseudo PIC_XEN

This code will be added later on.

Make sure to always fall back to xen_early_console, even for dom0

Move the pvh_xencons so xen_machdep.c as early_xencons, so it can be
used in the future as early ouput for plain PV guests too.

xen: declare 'default_consinfo' as extern in a header

this makes pvh_consinit.c actually compile with CONS_OVERRIDE set.
i didn't see any good header to add to (bootinfo.h and cpu.h both
seem to be poor choices but were considered), hence the new one
with just this definition.

Allow a PVH dom0 to use VGA as console: make xen_pvh_consinit() return 1 if
it handles the console and 0 otherwise (especially when console=tty0 or
console=pc is present on the command line).
In consinit() fallback to native console selection if xen_pvh_consinit()
returns 0.

branches: 1.2.20;
Hanble dom0 console. This one doesn't need a ring to be mapped, and
can be used earlier.

Introduce Xen PVH support in GENERIC.
This is compiled in with
options XENPVHVM
x86 changes:
- add Xen section and xen pvh entry points to locore.S. Set vm_guest
to VM_GUEST_XENPVH in this entry point.
Most of the boot procedure (especially page table setup and switch to
paged mode) is shared with native.
- change some x86_delay() to delay_func(), which points to x86_delay() for
native/HVM, and xen_delay() for PVH

Xen changes:
- remove Xen bits from init_x86_64_ksyms() and init386_ksyms()
and move to xen_init_ksyms(), used for both PV and PVH
- set ISA no-legacy-devices property for PVH
- factor out code from Xen's cpu_bootconf() to xen_bootconf()
in xen_machdep.c
- set up a specific pvh_consinit() which starts with printk()
(which uses a simple hypercall that is available early) and switch to
xencons when we can use pmap_kenter_pa().

s/boostrap/bootstrap/ in comment, warning message and documentation.

x86: Split most of pmap.h into pmap_private.h or vmparam.h.

This way pmap.h only contains the MD definition of the MI pmap(9)
API, which loads of things in the kernel rely on, so changing x86
pmap internals no longer requires recompiling the entire kernel every
time.

Callers needing these internals must now use machine/pmap_private.h.
Note: This is not x86/pmap_private.h because it contains three parts:

1. CPU-specific (different for i386/amd64) definitions used by...

2. common definitions, including Xenisms like xpmap_ptetomach,
further used by...

3. more CPU-specific inlines for pmap_pte_* operations

So {amd64,i386}/pmap_private.h defines 1, includes x86/pmap_private.h
for 2, and then defines 3. Maybe we should split that out into a new
pmap_pte.h to reduce this trouble.

No functional change intended, other than that some .c files must
include machine/pmap_private.h when previously uvm/uvm_pmap.h
polluted the namespace with pmap internals.

Note: This migrates part of i386/pmap.h into i386/vmparam.h --
specifically the parts that are needed for several constants defined
in vmparam.h:

VM_MAXUSER_ADDRESS
VM_MAX_ADDRESS
VM_MAX_KERNEL_ADDRESS
VM_MIN_KERNEL_ADDRESS

Since i386 needs PDP_SIZE in vmparam.h, I added it there on amd64
too, just to keep things parallel.

In bootstrap, after switching to a new page table make sure that
now-unused memory is unmapped.

Fix fallout from previous uvm.h cleanup.

- pmap(9) needs uvm/uvm_extern.h.

- x86/pmap.h is not usable on its own; it is only usable if included
via uvm/uvm_extern.h (-> uvm/uvm_pmap.h -> machine/pmap.h).

- Make nvmm.h and nvmm_internal.h standalone.

Ajust pmap_enter_ma() for upcoming new Xen privcmd ioctl:
pass flags to xpq_update_foreign()
Introduce a pmap MD flag: PMAP_MD_XEN_NOTR, which cause xpq_update_foreign()
to use the MMU_PT_UPDATE_NO_TRANSLATE flag.
make xpq_update_foreign() return the raw Xen error. This will cause
pmap_enter_ma() to return a negative error number in this case, but the
only user of this code path is privcmd.c and it can deal with it.

Add pmap_enter_gnt()m which maps a set of Xen grant entries at the
specified va in the specified pmap. Use the hooks implemented for EPT to
keep track of mapped grand entries in the pmap, and unmap them
when pmap_remove() is called. This requires pmap_remove() to be split
into a pmap_remove_locked(), to be called from pmap_remove_gnt().

xpq_queue_* use per-cpu queue; splvm() is enough to protect them.
remove the XXX SMP comments.

KASSERT() that the per-cpu queues are run at IPL_VM after boot.

Introduce Xen PVH support in GENERIC.
This is compiled in with
options XENPVHVM
x86 changes:
- add Xen section and xen pvh entry points to locore.S. Set vm_guest
to VM_GUEST_XENPVH in this entry point.
Most of the boot procedure (especially page table setup and switch to
paged mode) is shared with native.
- change some x86_delay() to delay_func(), which points to x86_delay() for
native/HVM, and xen_delay() for PVH

Xen changes:
- remove Xen bits from init_x86_64_ksyms() and init386_ksyms()
and move to xen_init_ksyms(), used for both PV and PVH
- set ISA no-legacy-devices property for PVH
- factor out code from Xen's cpu_bootconf() to xen_bootconf()
in xen_machdep.c
- set up a specific pvh_consinit() which starts with printk()
(which uses a simple hypercall that is available early) and switch to
xencons when we can use pmap_kenter_pa().

Switch to new PTE bits.

branches: 1.84.4;
Start replacing the x86 PTE bits.

Drop PG_RO, PG_KR and PG_PROT, they are useless and create confusion.

Bump up XEN source API compatibility to 0x00030208 from 0x00030201,

but maintain backwards source API compilation compatibility.

ie; sources with config(5)
options __XEN_INTERFACE_VERSION__=0x00030201 # Xen 3.1 interface

should compile and run without problems.

Not that API version 0x00030201 is the lowest version we support now.

Reduce the confusion, rename a bunch of variables and reorg a little.
Tested on i386PAE-domU and amd64-dom0.

Try to reduce the confusion, rename:

l2_4_count -> PDIRSZ
count -> nL2
bootstrap_tables -> our_tables
init_tables -> xen_tables

No functional change.

Remove the non-PAE-i386 code of Xen. The branches are reordered so that
__x86_64__ comes first, eg:

#if defined(PAE)
/* i386+PAE */
#elif defined(__x86_64__)
/* amd64 */
#else
/* i386 */
#endif

becomes

#ifdef __x86_64__
/* amd64 */
#else
/* i386+PAE */
#endif

Tested on i386pae-domU and amd64-dom0.

Retire XENDEBUG_LOW, and switch its only user to XENDEBUG.

Merge the blocks. No functional change.

Simplify the conditions; (PTP_LEVELS > 3) and (PTP_LEVELS > 2) are for
amd64, so use ifdef __x86_64__. No functional change.

branches: 1.75.2;
mark with XXXSMP all remaining spl*() and tsleep() calls

branches: 1.74.2;
Move xpq_idx into cpu_info, to prevent false sharing between CPUs. Saves
10s when doing a './build.sh -j 3 kernel=GENERIC' on xen-amd64-domU.

Style, and remove debug code that does not work anyway.

A few changes:
* Use markers to reduce false sharing.
* Remove XENDEBUG_SYNC and several debug messages, they are just useless.
* Remove xen_vcpu_*. They are unused and not optimized: if we really
wanted to flush ranges we should pack the VAs in a mmuext_op array
instead of performing several hypercalls in a loop.
* Start removing PG_k.
* KNF, reorder, simplify and remove stupid comments.

Use __read_mostly on these variables, to reduce the probability of false
sharing.

Export xpmap_pg_nx, and put it in the page table pages. It does not change
anything, since Xen removes the X bit on these; but it is better for
consistency.

branches: 1.69.2;
Remove a few #if 0s, and explain what we are doing on PAE: the last two PAs
are entered in reversed order.

The way the xen dummy page is taken care of makes absolutely no sense at
all, with magic offsets here and there in different layers of the system.
It is just blind luck that everything has always worked as expected so
far.

Due to this wrong design we have a problem now: we allocate one physical
page for lapic, and it happens to overlap with the dummy page, which
causes the system to crash.

Fix this by keeping the dummy va directly in a variable instead of magic
offsets. The asm locore now increments the first pa to hide the dummy page
to machdep and pmap.

Mmh, apparently I didn't properly test my previous change since it does not
compile anymore

Keep simplifying that stuff. Also, replace plX_pi(KERNTEXTOFF) by
LX_SLOT_KERNBASE: the base address is KERNBASE, and we just start mapping
from KERNTEXTOFF. For symmetry with the normal amd64, does not change
anything.

Rename xen_pmap_bootstrap to xen_locore, it really has nothing to do with
pmap and is just a C version of what amd64 and i386 do in asm.

Start simplifying the Xen locore: rename and reorder several things, remove
awful debug messages, use unsigned counters, fix typos and KNF.

Map the PTE space as non-executable on PAE. The same is already done on
amd64.

Map the remaining pages as non-executable. Only text should have X.

Revert to 1.59 (adding back the W^X kernel mapings), and move the data+bss
mapping late so that mappings that should be RO (such as page tables) won't
be made RW by accident.

Stopgap measure: revert to rev 1.56. starting with 1.57 an i386PAE Xen
kernel doesn't boot:
(XEN) mm.c:2394:d139v0 Bad type (saw 5400000000000001 != exp 7000000000000000) for mfn 1136f5 (pfn 621)
(XEN) mm.c:887:d139v0 Could not get page type PGT_writable_page
(XEN) mm.c:939:d139v0 Error getting mfn 1136f5 (pfn 621) from L1 entry 00000001136f5003 for l1e_owner=139, pg_owner=139
(XEN) mm.c:1254:d139v0 Failure in alloc_l1_table: entry 33
(XEN) mm.c:2141:d139v0 Error while validating mfn 112f57 (pfn dbf) for type 1000000000000000: caf=8000000000000003 taf=1000000000000001
(XEN) mm.c:947:d139v0 Attempt to create linear p.t. with write perms
(XEN) mm.c:1330:d139v0 Failure in alloc_l2_table: entry 3
(XEN) mm.c:2141:d139v0 Error while validating mfn 112f5b (pfn dbb) for type 2200000000000000: caf=8000000000000003 taf=2200000000000001
(XEN) mm.c:1412:d139v0 Failure in alloc_l3_table: entry 3
(XEN) mm.c:2141:d139v0 Error while validating mfn 112f60 (pfn db6) for type 3000000000000000: caf=8000000000000003 taf=3000000000000001
(XEN) mm.c:3044:d139v0 Error while pinning mfn 112f60
(XEN) traps.c:459:d139v0 Unhandled bkpt fault/trap [#3] on VCPU 0 [ec=0000]
(XEN) domain_crash_sync called from entry.S: fault at ffff82d080231894 compat_create_bounce_frame+0xda/0xf2

Make the I/O area non-executable on Xen.

Map the recursive slot and page table pages as non-executable on Xen. Same
as normal x86.

Map the kernel text, rodata and data+bss independently on Xen, with
respectively RX, R and RW.

Use PG_RO instead of a magic zero.

KNF, and use PAGE_SIZE instead of NBPG.

branches: 1.54.2;
Switch to elf notes for amd64 instead of the old key=value list to describe the
guest requirements and support.
Add infrastructure to query the hypervisor about features support.
For verbose boot, print the features suppoted by the hypervisor for this
guest.

branches: 1.53.4;
Use the hypervisor to copy/zero pages. This saves us the extra overheads
of setting up temporary kernel mapping/unmapping.

riz@ reports savings of about 2s on a 120s kernel build.

branches: 1.52.2;
Change xpq_flush_cache to just do WBINVD letting the hypervisor trap and
handle it as MMUEXT_FLUSH_CACHE is a privileged hypervisor operation.

fix unused variable warnings

- move variables inside their #ifdef use
- remove unused and set-but-unused variables
- use __USE() in a particularly ugly case

with these, and a couple of other changes, amd64 gcc 4.8.1 world
is able to complete build.sh release.

branches: 1.49.2;
Rename kcpuset_copybits() to kcpuset_export_u32() and thus be more specific
about the interface.

branches: 1.48.2;
Redo previous the correct way: Xen expects a u_long * for vcpumask,
so use 2 uint32_t on LP64.

Fix Xen build. Make xcpumask uint32_t, fits 32 CPUs (can increase).

Extend the xpmap API, as described in [1]. This change is mechanical and
avoids exposing the MD phys_to_machine/machine_to_phys tables directly.
Added:

- xpmap_ptom handles PFN (pseudo physical) to MFN (machine frame number)
translations, and is under control of the domain.
- xpmap_mtop is its counterpart (MFN to PFN), and is under control of
hypervisor.

xpmap_ptom_map() map a pseudo-phys address to a machine address
xpmap_ptom_unmap() unmap a pseudo-phys address (invalidation)
xpmap_ptom_isvalid() check for pseudo-phys address validity

The parameters are physical/machine addresses, like bus_dma/bus_space(9).
As x86 MFNs are tracked by u_long (Xen's choice) while machine addresses
can be 64 bits entities (PAE), use ptoa() to avoid truncation when bit
shifting by PAGE_SHIFT.

I kept the same namespace (xpmap_) to avoid code churn.

[1] http://mail-index.netbsd.org/port-xen/2009/05/09/msg004951.html

XXX will document ptoa/atop/trunc_page separately.

Retire XEN_COMPAT_030001 as detailed on port-xen@:

http://mail-index.netbsd.org/port-xen/2012/06/25/msg007431.html

The xen_p2m API comes next.

ok bouyer@.
Tested on i386 PAE and amd64 (Xen 3.3 on private test bed, and
Xen 3.4 for Amazon EC2).

FWIW, Amazon always reported:

hypervisor0 at mainbus0: Xen version 3.4.3-kaos_t1micro

multiple times for Europe and US West-1, so I guess they are now at
3.4 (32 and 64 bits).

Few fixes for Xen:
- cpu_load_pmap: use atomic kcpuset(9) operations; fixes rare crashes.
- Add kcpuset_copybits(9) and replace xen_kcpuset2bits(). Avoids incorrect
ncpu problem in early boot. Also, micro-optimises xen_mcast_invlpg() and
xen_mcast_tlbflush() routines.

Tested by chs@.

- Convert x86 MD code, mainly pmap(9) e.g. TLB shootdown code, to use
kcpuset(9) and thus replace hardcoded CPU bitmasks. This removes the
limitation of maximum CPUs.

- Support up to 256 CPUs on amd64 architecture by default.

Bug fixes, improvements, completion of Xen part and testing on 64-core
AMD Opteron(tm) Processor 6282 SE (also, as Xen HVM domU with 128 CPUs)
by Manuel Bouyer.

MMUEXT_INVLPG_MULTI and MMUEXT_TLB_FLUSH_MULTI use a long as cpu mask,
not uint32_t, so pass a pointer of the right type.
While there, cleanup includes and delete local, redundant define of PG_k.

(xen) - remove the (*xpq_cpu)() shim.We hasten the %fs/%gs setup process during boot.Although this is hacky, it lets us use the non-xen specificpmap_pte_xxx() functions in pmap code (and others).

On Xen, there is variable-sized Xen data after the kernel's text+data+bss
(this include the physical->machine table).
(vaddr_t)(KERNBASE + NKL2_KIMG_ENTRIES * NBPD_L2) is after text+data+bss but,
on a domU with lots of RAM (more than 4GB) (so large
xpmap_phys_to_machine_mapping table) this can point to some of Xen's data
setup at bootstrap (either the xpmap_phys_to_machine_mapping table,
some page shared with the hypervisor, or our kernel page table). Using it for
early_zerop will cause of these pages to be unmapped after bootstrap.
This will cause a kernel page fault for the domU, either immediatly or
eventually much later, depending on where early_zerop points to.
To fix this, account for early_zerop when building the bootstrap pages,
and its VA from here.

May fix PR port-xen/38699

Apply patch proposed in PR port-xen/45975 (this does not solve the exact
problem reported here but is part of the solution):
xen_kpm_sync() is not working as expected,
leading to races between CPUs.
1 the check (xpq_cpu != &x86_curcpu) is always false because we
have different x86_curcpu symbols with different addresses in the kernel.
Fortunably, all addresses dissaemble to the same code.
Because of this we always use the code intended for bootstrap, which doesn't
use cross-calls or lock.

2 once 1 above is fixed, xen_kpm_sync() will use xcalls to sync other CPUs,
which cause it to sleep and pmap.c doesn't like that. It triggers this
KASSERT() in pmap_unmap_ptes():
KASSERT(pmap->pm_ncsw == curlwp->l_ncsw);
3 pmap->pm_cpus is not safe for the purpose of xen_kpm_sync(), which
needs to know on which CPU a pmap is loaded *now*:
pmap->pm_cpus is cleared before cpu_load_pmap() is called to switch
to a new pmap, leaving a window where a pmap is still in a CPU's
ci_kpm_pdir but not in pm_cpus. As a virtual CPU may be preempted
by the hypervisor at any time, it can be large enough to let another
CPU free the PTP and reuse it as a normal page.

To fix 2), avoid cross-calls and IPIs completely, and instead
use a mutex to update all CPU's ci_kpm_pdir from the local CPU.
It's safe because we just need to update the table page, a tlbflush IPI will
happen later. As a side effect, we don't need a different code for bootstrap,
fixing 1). The mutex added to struct cpu needs a small headers reorganisation.

to fix 3), introduce a pm_xen_ptp_cpus which is updated from
cpu_pmap_load(), whith the ci_kpm_mtx mutex held. Checking it with
ci_kpm_mtx held will avoid overwriting the wrong pmap's ci_kpm_pdir.

While there I removed the unused pmap_is_active() function;
and added some more details to DIAGNOSTIC panics.

branches: 1.38.2;
relocate pte_lock initialisation to the earliest points after %fs is first usable in the XEN bootpath

Make cross-cpu pte access MP safe.
XXX: review cases of use of pmap_set_pte() vs direct use of xpq_queue_pte_update()

branches: 1.36.4;
[merging from cherry-xenmp] make pmap_kernel() shadow PMD per-cpu and MP aware.

[merging from cherry-xenmp] Make the xen MMU op queue locking api private. Implement per-cpu queues.

branches: 1.34.2;
Merge jym-xensuspend branch in -current. ok bouyer@.

Goal: save/restore support in NetBSD domUs, for i386, i386 PAE and amd64.

Executive summary:
- split all Xen drivers (xenbus(4), grant tables, xbd(4), xennet(4))
in two parts: suspend and resume, and hook them to pmf(9).
- modify pmap so that Xen hypervisor does not cry out loud in case
it finds "unexpected" recursive memory mappings
- provide a sysctl(7), machdep.xen.suspend, to command suspend from
userland via powerd(8). Note: a suspend can only be handled correctly
when dom0 requested it, so provide a mechanism that will prevent
kernel to blindly validate user's commands

The code is still in experimental state, use at your own risk: restore
can corrupt backend communications rings; this can completely thrash
dom0 as it will loop at a high interrupt level trying to honor
all domU requests.

XXX PAE suspend does not work in amd64 currently, due to (yet again!)
page validation issues with hypervisor. Will fix.

XXX secondary CPUs are not suspended, I will write the handlers
in sync with cherry's Xen MP work.

Tested under i386 and amd64, bear in mind ring corruption though.

No build break expected, GENERICs and XEN* kernels should be fine.
./build.sh distribution still running. In any case: sorry if it does
break for you, contact me directly for reports.

Merge err printf with the panic(9) message.

Also fix the if () {...} statement with braces, to avoid calling panic()
every time. Hi cherry!

Call the right function
(fix for an egregious error)

Add locking around ops to the hypervisor MMU "queue".

remove unnecessary locking overhead for UP

Introduce locking primitives for Xen pte operations, and xen helper calls for MP related MMU ops

Few XEN fixes:
- cpu_load_pmap: perform tlbflush() after xen_set_user_pgd().
- xen_pmap_bootstrap: perform xpq_queue_tlb_flush() in the end.
- pmap_tlb_shootdown: do not check PG_G for Xen.

- cpu_hatch: call tlbflushg(), just to make sure that TLB is clean.
- xen_bootstrap_tables: call xpq_queue_tlb_flush() for safety.
- Initialise cpus_attached and ci_cpumask for primary CPU.

branches: 1.26.2;
Print the PGD address in the debug message.

Typo fix.

Use only one function to pin pages with Xen, and provide macros to
call it for different levels (L1 => L4).

Replace all calls to xpq_queue_pin_table(...) in MD code with these new
functions, with proper #ifdef'ing depending on $MACHINE.

Rationale:
- only one function to modify for logging
- pushes responsibility to caller for chosing the proper pin level, rather
than Xen internal functions; this makes the pin level explicit rather than
implicit.

Boot tested for dom0 i386/amd64, PAE included. No functional change intended.

branches: 1.23.2; 1.23.4;
Now, get the return error too, in case that could help with EC2
troubleshooting...

Need the successful count (for AMI debugging)

Welcome PAE inside i386 current.

This patch is inspired by work previously done by Jeremy Morse, ported by me
to -current, merged with the work previously done for port-xen, together with
additionals fixes and improvements.

PAE option is disabled by default in GENERIC (but will be enabled in ALL in
the next few days).

In quick, PAE switches the CPU to a mode where physical addresses become
36 bits (64 GiB). Virtual address space remains at 32 bits (4 GiB). To cope
with the increased size of the physical address, they are manipulated as
64 bits variables by kernel and MMU.

When supported by the CPU, it also allows the use of the NX/XD bit that
provides no-execution right enforcement on a per physical page basis.

Notes:

- reworked locore.S

- introduce cpu_load_pmap(), used to switch pmap for the curcpu. Due to the
different handling of pmap mappings with PAE vs !PAE, Xen vs native, details
are hidden within this function. This helps calling it from assembly,
as some features, like BIOS calls, switch to pmap_kernel before mapping
trampoline code in low memory.

- some changes in bioscall and kvm86_call, to reflect the above.

- the L3 is "pinned" per-CPU, and is only manipulated by a
reduced set of functions within pmap. To track the L3, I added two
elements to struct cpu_info, namely ci_l3_pdirpa (PA of the L3), and
ci_l3_pdir (the L3 VA). Rest of the code considers that it runs "just
like" a normal i386, except that the L2 is 4 pages long (PTP_LEVELS is
still 2).

- similar to the ci_pae_l3_pdir{,pa} variables, amd64's xen_current_user_pgd
becomes an element of cpu_info (slowly paving the way for MP world).

- bootinfo_source struct declaration is modified, to cope with paddr_t size
change with PAE (it is not correct to assume that bs_addr is a paddr_t when
compiled with PAE - it should remain 32 bits). bs_addrs is now a
void * array (in bootloader's code under i386/stand/, the bs_addrs
is a physaddr_t, which is an unsigned long).

- fixes in multiboot code (same reason as bootinfo): paddr_t size
change. I used Elf32_* types, use RELOC() where necessary, and move the
memcpy() functions out of the if/else if (I do not expect sym and str tables
to overlap with ELF).

- 64 bits atomic functions for pmap

- all pmap_pdirpa access are now done through the pmap_pdirpa macro. It
hides the L3/L2 stuff from PAE, as well as the pm_pdirpa change in
struct pmap (it now becomes a PDP_SIZE array, with or without PAE).

- manipulation of recursive mappings ( PDIR_SLOT_{,A}PTEs ) is done via
loops on PDP_SIZE.

See also http://mail-index.netbsd.org/port-i386/2010/07/17/msg002062.html

No objection raised on port-i386@ and port-xen@R for about a week.

XXX kvm(3) will be fixed in another patch to properly handle both PAE and !PAE
kernel dumps (VA => PA macros are slightly different, and need proper 64 bits
PA support in kvm_i386).

XXX Mixing PAE and !PAE modules may lead to unwanted/unexpected results. This
cannot be solved easily, and needs lots of thinking before being declared
safe (paddr_t/bus_addr_t size handling, PD/PT macros abstractions).

With Xen, PDPpaddr should contain a guest physical address (== PFN).

branches: 1.19.2;
Fixes regarding paddr_t/pd_entry_t types in MD x86 code, exposed by PAE:

- NBPD_* macros are set to the types that better match their architecture
(UL for i386 and amd64, ULL for i386 PAE) - will revisit when paddr_t is
set to 64 bits for i386 non-PAE.

- type fixes in printf/printk messages (Use PRIxPADDR when printing paddr_t
values, instead of %lx - paddr_t/pd_entry_t being 64 bits with PAE)

- remove casts that are no more needed now that Xen2 support has been dropped

Some fixes are from jmorse@ patches for PAE.

Compile + tested for i386 GENERIC and XEN3 kernels. Only compile tested for
amd64.

Reviewed by bouyer@.

See also http://mail-index.netbsd.org/tech-kern/2010/02/22/msg007373.html

Starting with Xen 3 API, MMU_EXTENDED_COMMAND (tlb flush, cache flush, page
pinning/unpinning, set_ldt, invlpg) operations cannot be queued in the
xpq_queue[] any more, as they use their own specific hypercall, mmuext_op().

Their associated xpq_queue_*() functions already call xpq_flush_queue()
before issuing the mmuext_op() hypercall, which makes these xpq_flush_queue()
calls not necessary.

Rapidly discussed with bouyer@ in private mail. XEN3_DOM0/XEN3PAE_DOM0 tested
through a build.sh release, amd64 was only compile tested. No regression
expected.

branches: 1.17.2;
Remove 3rd and 4th clauses. OK cl@ (copyright holder).

Remove closes 3 & 4 from my licence. Lots of thanks to Soren Jacobsen
for the booring work !

remove Xen2 support.
ok bouyer@

Fix typos in comments and __PRINTKs.

sprintf -> snprintf. Wrap long lines.

branches: 1.12.4;
Finish preparation to new interface.
New interface not yet used by default. It needs some testing first.

branches: 1.11.2; 1.11.4;
- rename init_events() to events_init(), to better reflect netbsd semantics

- change unbind_[pv]irq_from_evtch() so that they now return the event
channel the [PV]IRQ was bound to. It reflects the opposite behaviour of the
bind_[pv]irq_to_evtch() functions.

- remove xenbus_suspend() and xenbus_resume() prototypes, as they are not
used anywhere else, and will conflict with the xenbus pmf(9) handlers.

- make start_info aligned on a page boundary, as Xen expects it to be so.

- mask event channel during xbd detach before removing its handler (can
avoid spurious events).

- add the "protocol" entry in xenstore during xbd initialization. Normally
created during domU's boot by xentools, it is under domU's responsibility
in all other cases (save/restore, hot plugging, etc.).

- modifications to xs_init(), so that it can properly return an error.

Reviewed by Christoph (cegger@).

introduce two macros: xendomain_is_dom0() and xendomain_is_privileged(). Use them.

Compile NetBSD/amd64 kernels with "-Wextra". Patches contributed by
Juan RP in PR port-amd64/39266.

branches: 1.8.4; 1.8.6; 1.8.10;
- use POSIX integer types
- ansify functions

branches: 1.7.6;
The informations about console and store page number are long, so avoid
overflow on i386PAE when converting to machine address. Fix booting
XEN3PAE kernels when xen maps it above 4Gb.

Merge the bouyer-xeni386 branch. This brings in PAE support to NetBSD xeni386
(domU only). PAE support is enabled by 'options PAE', see the new XEN3PAE_DOMU
and INSTALL_XEN3PAE_DOMU kernel config files.

See the comments in arch/i386/include/{pte.h,pmap.h} to see how it works.
In short, we still handle it as a 2-level MMU, with the second level page
directory being 4 pages in size. pmap switching is done by switching the
L2 pages in the L3 entries, instead of loading %cr3. This is almost required
by Xen, which handle the last L2 page (the one mapping 0xc0000000 - 0xffffffff)
in a very special way. But this approach should also work for native PAE
support if ever supported (in fact, the pmap should almost suport native
PAE, what's missing is bootstrap code in locore.S).

Allocate one more L2 slot in xen_pmap_bootstrap() for i386.
pmap_bootstrap()/init386() wants to map a few additionnal things after
first_avail that we didn't account for, before pmap_growkernel() is
used/functionnal, and if the loaded kernel is close to the end of
the last L2 slot we loose. Should fix port-xen/37761 by YAMAMOTO Takashi.

Fix a XENPRINTF() so that low debug builds again.

Merge the bouyer-xeni386 branch to head, at tag bouyer-xeni386-merge1 (the
branch is still active and will see i386PAE support developement).
Sumary of changes:
- switch xeni386 to the x86/x86/pmap.c, and the xen/x86/x86_xpmap.c
pmap bootstrap.
- merge back most of xen/i386/ to i386/i386
- change the build to reduce diffs between i386 and amd64 in file locations
- remove include files that were identical to the i386/amd64 counterparts,
the build will find them via the xen-ma/machine link.

branches: 1.3.2; 1.3.4; 1.3.8; 1.3.12; 1.3.16;
xpq_flush_queue(): cast values to u_int64_t and use PRIx64 in printf().
Fix build of i386 Xen kernels, reported by Hisashi T Fujinaka.

Pull up the bouyer-xenamd64 branch to HEAD. This brings in amd64 support
to NetBSD/Xen, both Dom0 and DomU.

branches: 1.1.2; 1.1.4;
file x86_xpmap.c was initially added on branch bouyer-xenamd64.

fix recently committed typos by msaitoh in few more places, as well as few more.
mainly s/contigous/contiguous/ and s/miliseconds/milliseconds/ in comments.

x86: Split most of pmap.h into pmap_private.h or vmparam.h.

This way pmap.h only contains the MD definition of the MI pmap(9)
API, which loads of things in the kernel rely on, so changing x86
pmap internals no longer requires recompiling the entire kernel every
time.

Callers needing these internals must now use machine/pmap_private.h.
Note: This is not x86/pmap_private.h because it contains three parts:

1. CPU-specific (different for i386/amd64) definitions used by...

2. common definitions, including Xenisms like xpmap_ptetomach,
further used by...

3. more CPU-specific inlines for pmap_pte_* operations

So {amd64,i386}/pmap_private.h defines 1, includes x86/pmap_private.h
for 2, and then defines 3. Maybe we should split that out into a new
pmap_pte.h to reduce this trouble.

No functional change intended, other than that some .c files must
include machine/pmap_private.h when previously uvm/uvm_pmap.h
polluted the namespace with pmap internals.

Note: This migrates part of i386/pmap.h into i386/vmparam.h --
specifically the parts that are needed for several constants defined
in vmparam.h:

VM_MAXUSER_ADDRESS
VM_MAX_ADDRESS
VM_MAX_KERNEL_ADDRESS
VM_MIN_KERNEL_ADDRESS

Since i386 needs PDP_SIZE in vmparam.h, I added it there on amd64
too, just to keep things parallel.

Make MP-safe: make sure the xpq_queue* are flushed before making the
pages visible to UVM.

Merge the bouyer-xenpvh branch, bringing in Xen PV drivers support under HVM
guests in GENERIC.
Xen support can be disabled at runtime with
boot -c
disable hypervisor

add and pass dma tag to PV drivers attached to xenbus, so thay can
use bus_dmamap_load_mbuf() et.al.

due to XENPV override, _BUS_BUS_TO_PHYS() dmamap segment ds_addr
gets filled with ma, so value can be directly used for e.g. grant calls

update to __XEN_INTERFACE_VERSION__ 0x0003020a aka Xen 3.2.10

this brings grant memory v2 support:
- status separated from flags - revoking access needs just memory barrier,
no need for expensive cmpxchg16 any more
- sub-page hypervisor copy-only grants, to be used by xennet(4)
- 64-bit frame, i.e. support for DomU RAM >16TB

the grant table is now always allocated on boot to maximum size, it's now
never grown in runtime; switch back to regular kmem_alloc()/kmem_free()

code now requires v2 support, no compatibility for grant version 1 retained -
Xen v2 support predates all currently supported Xen versions

also interface for baloon changed slightly, code updated

branches: 1.28.10;
Rename min/max -> uimin/uimax for better honesty.

These functions are defined on unsigned int. The generic name
min/max should not silently truncate to 32 bits on 64-bit systems.
This is purely a name change -- no functional change intended.

HOWEVER! Some subsystems have

#define min(a, b) ((a) < (b) ? (a) : (b))
#define max(a, b) ((a) > (b) ? (a) : (b))

even though our standard name for that is MIN/MAX. Although these
may invite multiple evaluation bugs, these do _not_ cause integer
truncation.

To avoid `fixing' these cases, I first changed the name in libkern,
and then compile-tested every file where min/max occurred in order to
confirm that it failed -- and thus confirm that nothing shadowed
min/max -- before changing it.

I have left a handful of bootloaders that are too annoying to
compile-test, and some dead code:

cobalt ews4800mips hp300 hppa ia64 luna68k vax
acorn32/if_ie.c (not included in any kernels)
macppc/if_gm.c (superseded by gem(4))

It should be easy to fix the fallout once identified -- this way of
doing things fails safe, and the goal here, after all, is to _avoid_
silent integer truncations, not introduce them.

Maybe one day we can reintroduce min/max as type-generic things that
never silently truncate. But we should avoid doing that for a while,
so that existing code has a chance to be detected by the compiler for
conversion to uimin/uimax without changing the semantics until we can
properly audit it all. (Who knows, maybe in some cases integer
truncation is actually intended!)

branches: 1.27.2;
mark with XXXSMP all remaining spl*() and tsleep() calls

branches: 1.26.38;
Use setter to set xenguest_handles.

Extend the xpmap API, as described in [1]. This change is mechanical and
avoids exposing the MD phys_to_machine/machine_to_phys tables directly.
Added:

- xpmap_ptom handles PFN (pseudo physical) to MFN (machine frame number)
translations, and is under control of the domain.
- xpmap_mtop is its counterpart (MFN to PFN), and is under control of
hypervisor.

xpmap_ptom_map() map a pseudo-phys address to a machine address
xpmap_ptom_unmap() unmap a pseudo-phys address (invalidation)
xpmap_ptom_isvalid() check for pseudo-phys address validity

The parameters are physical/machine addresses, like bus_dma/bus_space(9).
As x86 MFNs are tracked by u_long (Xen's choice) while machine addresses
can be 64 bits entities (PAE), use ptoa() to avoid truncation when bit
shifting by PAGE_SHIFT.

I kept the same namespace (xpmap_) to avoid code churn.

[1] http://mail-index.netbsd.org/port-xen/2009/05/09/msg004951.html

XXX will document ptoa/atop/trunc_page separately.

Retire XEN_COMPAT_030001 as detailed on port-xen@:

http://mail-index.netbsd.org/port-xen/2012/06/25/msg007431.html

The xen_p2m API comes next.

ok bouyer@.
Tested on i386 PAE and amd64 (Xen 3.3 on private test bed, and
Xen 3.4 for Amazon EC2).

FWIW, Amazon always reported:

hypervisor0 at mainbus0: Xen version 3.4.3-kaos_t1micro

multiple times for Europe and US West-1, so I guess they are now at
3.4 (32 and 64 bits).

branches: 1.23.2;
#include <sys/bus.h> instead of <machine/bus.h>.

branches: 1.22.6;
Include uvm.h not uvm_extern.h following recent changes.

bus_dmamem_alloc() may not get a boundary smaller than size, but
it's perfectly valid for bus_dmamap_create() to do so (a contigous
transfers will then split in multiple segment).
Fix _xen_bus_dmamem_alloc_range() and _bus_dmamem_alloc_range() to
allow a boundary limit smaller than size:
- compute appropriate boundary for uvm_pglistalloc(), wich doesn't
accept boundary < size
- also take care of boundary when deciding to start a new segment.
While there, remove useless boundary argument to _xen_alloc_contig().
Fix the boundary-related issue of PR port-amd64/42980

branches: 1.20.2;
Although Xen's documentation states that the address_bits field is not used
by XENMEM_decrease_reservation, it is checked by the hypervisor. In certain
circumstances (stack leak), the field could have an improper value, leading
to a fail of the hypercall.

Set it to 0 ("no addressing restriction") to avoid that.

Patch tested by Sam Fourman and haad@.

This should fix the rare "failed allocating DMA memory" encountered
under NetBSD dom0. Will ask for a pull-up.

Catch the return value from the XENMEM_decrease_reservation hypercall,
and not some error value stored earlier.

While here, fix a typo in a comment.

Make a XENMEM_decrease_reservation DEBUG printf() more meaningful.

Starting with Xen 3 API, MMU_EXTENDED_COMMAND (tlb flush, cache flush, page
pinning/unpinning, set_ldt, invlpg) operations cannot be queued in the
xpq_queue[] any more, as they use their own specific hypercall, mmuext_op().

Their associated xpq_queue_*() functions already call xpq_flush_queue()
before issuing the mmuext_op() hypercall, which makes these xpq_flush_queue()
calls not necessary.

Rapidly discussed with bouyer@ in private mail. XEN3_DOM0/XEN3PAE_DOM0 tested
through a build.sh release, amd64 was only compile tested. No regression
expected.

branches: 1.16.2;
fix address overflow with 32bit PAE.
Reported and tested by Mark Davies on port-xen@.

remove Xen2 support.
ok bouyer@

branches: 1.14.2;
Properly check the return value of HYPERVISOR_memory_op(): it returns
the number of successfull operations, so a return value of 0 is also
a failure.

remove unused malloc.h

Finish preparation to new interface.
New interface not yet used by default. It needs some testing first.

branches: 1.11.4; 1.11.6; 1.11.8; 1.11.12;
vm_page: put TAILQ_ENTRY into a union with LIST_ENTRY, so we can use both.

branches: 1.10.2;
Remove clause 3 and 4 from TNF licenses

branches: 1.9.42; 1.9.44; 1.9.46;
Properly honnor bus_dma bus address range restriction for Xen3 (the Xen2
interface doesn't allow it), so that .e.g bus_dma_subregion() has a chance
to work. Unfortunably a stock Xen hypervisor won't allow a upper bound less
than 2^31 (2GB) so devices like bce(4) will need a hacked hypervisor to
work properly.

branches: 1.8.6; 1.8.8;
Wrap some printfs in #ifdef DEBUG, as we should not leak memory any more when
bus_dma memory allocation fails.

Some bus_dma(9) fixes for Xen:
- Attempt to gracefully recover from a failed decrease_reservation or
increase_reservation, by avoiding physical memory loss.
- always store a machine address in ds_addr; this avoids some mistakes
where machine address would in some case be freed at physical address, or
mapped as physical address.

branches: 1.6.2; 1.6.6; 1.6.16; 1.6.18;
Snapshot of work in progress on NetBSD port to Xen3:
- kernel (both dom0 and domU) boot, console is functionnal and it can starts
software from a ramdisk
- there is no driver front-end expect console for domU yet.
- dom0 can probe devices and ex(4) work when Xen3 is booted without acpi
and apic support. But the on-board IDE doens't get interrupts.
The PCI code still needs work (it's hardcoded to mode 1). Some of this
code should be shared with ../x86
The physical insterrupt code needs to get MPBIOS and ACPI support, and
do interrupt routing to properly interract with Xen.
To enable Xen-3.0 support, add
options XEN3
to your kernel config file (this will disable Xen2 support)
Changes affecting Xen-2.0 support (no functionnal changes intended):
- get more constants from genassym for assembly code
- remove some unneeded registers move from start()
- map the shared info page from start(), and remove the pte = 0xffffffff hack
- vector.S: in hypervisor_callback() make sure %esi points to
HYPERVISOR_shared_info before accessing the info page. Remplace some
hand-written assembly with the equivalent macro defined in frameasm.h
- more debug code, dissabled by default.

while here added my copyright on some files I worked on in 2005.