1 files changed, 678 insertions, 157 deletions
diff --git a/arch/x86/xen/enlighten.c b/arch/x86/xen/enlighten.c
index f09c1c69c37..194bbd6e324 100644
--- a/arch/x86/xen/enlighten.c
+++ b/arch/x86/xen/enlighten.c
@@ -33,6 +33,7 @@
 #include <xen/interface/sched.h>
 #include <xen/features.h>
 #include <xen/page.h>
+#include <xen/hvc-console.h>
 #include <asm/paravirt.h>
 #include <asm/page.h>
@@ -40,6 +41,7 @@
 #include <asm/xen/hypervisor.h>
 #include <asm/fixmap.h>
 #include <asm/processor.h>
+#include <asm/msr-index.h>
 #include <asm/setup.h>
 #include <asm/desc.h>
 #include <asm/pgtable.h>
@@ -56,6 +58,18 @@ DEFINE_PER_CPU(struct vcpu_info *, xen_vcpu);
 DEFINE_PER_CPU(struct vcpu_info, xen_vcpu_info);
 /*
+ * Identity map, in addition to plain kernel map.  This needs to be
+ * large enough to allocate page table pages to allocate the rest.
+ * Each page can map 2MB.
+ */
+static pte_t level1_ident_pgt[PTRS_PER_PTE * 4] __page_aligned_bss;
+#ifdef CONFIG_X86_64
+/* l3 pud for userspace vsyscall mapping */
+static pud_t level3_user_vsyscall[PTRS_PER_PUD] __page_aligned_bss;
+#endif /* CONFIG_X86_64 */
+/*
 * Note about cr3 (pagetable base) values:
 *
 * xen_cr3 contains the current logical cr3 value; it contains the
@@ -75,13 +89,13 @@ DEFINE_PER_CPU(unsigned long, xen_current_cr3);	 /* actual vcpu cr3 */
 struct start_info *xen_start_info;
 EXPORT_SYMBOL_GPL(xen_start_info);
-static /* __initdata */ struct shared_info dummy_shared_info;
+struct shared_info xen_dummy_shared_info;
 /*
 * Point at some empty memory to start with. We map the real shared_info
 * page as soon as fixmap is up and running.
 */
-struct shared_info *HYPERVISOR_shared_info = (void *)&dummy_shared_info;
+struct shared_info *HYPERVISOR_shared_info = (void *)&xen_dummy_shared_info;
 /*
 * Flag to determine whether vcpu info placement is available on all
@@ -98,13 +112,13 @@ struct shared_info *HYPERVISOR_shared_info = (void *)&dummy_shared_info;
 */
 static int have_vcpu_info_placement = 1;
-static void __init xen_vcpu_setup(int cpu)
+static void xen_vcpu_setup(int cpu)
 {
        struct vcpu_register_vcpu_info info;
        int err;
        struct vcpu_info *vcpup;
-        BUG_ON(HYPERVISOR_shared_info == &dummy_shared_info);
+        BUG_ON(HYPERVISOR_shared_info == &xen_dummy_shared_info);
        per_cpu(xen_vcpu, cpu) = &HYPERVISOR_shared_info->vcpu_info[cpu];
        if (!have_vcpu_info_placement)
@@ -136,11 +150,45 @@ static void __init xen_vcpu_setup(int cpu)
        }
 }
+/*
+ * On restore, set the vcpu placement up again.
+ * If it fails, then we're in a bad state, since
+ * we can't back out from using it...
+ */
+void xen_vcpu_restore(void)
+{
+        if (have_vcpu_info_placement) {
+                int cpu;
+                for_each_online_cpu(cpu) {
+                        bool other_cpu = (cpu != smp_processor_id());
+                        if (other_cpu &&
+                            HYPERVISOR_vcpu_op(VCPUOP_down, cpu, NULL))
+                                BUG();
+                        xen_vcpu_setup(cpu);
+                        if (other_cpu &&
+                            HYPERVISOR_vcpu_op(VCPUOP_up, cpu, NULL))
+                                BUG();
+                }
+                BUG_ON(!have_vcpu_info_placement);
+        }
+}
 static void __init xen_banner(void)
 {
+        unsigned version = HYPERVISOR_xen_version(XENVER_version, NULL);
+        struct xen_extraversion extra;
+        HYPERVISOR_xen_version(XENVER_extraversion, &extra);
        printk(KERN_INFO "Booting paravirtualized kernel on %s\n",
               pv_info.name);
-        printk(KERN_INFO "Hypervisor signature: %s\n", xen_start_info->magic);
+        printk(KERN_INFO "Xen version: %d.%d%s%s\n",
+               version >> 16, version & 0xffff, extra.extraversion,
+               xen_feature(XENFEAT_mmu_pt_update_preserve_ad) ? " (preserve-AD)" : "");
 }
 static void xen_cpuid(unsigned int *ax, unsigned int *bx,
@@ -235,13 +283,13 @@ static void xen_irq_enable(void)
 {
        struct vcpu_info *vcpu;
-        /* There's a one instruction preempt window here.  We need to
+        /* We don't need to worry about being preempted here, since
-           make sure we're don't switch CPUs between getting the vcpu
+           either a) interrupts are disabled, so no preemption, or b)
-           pointer and updating the mask. */
+           the caller is confused and is trying to re-enable interrupts
-        preempt_disable();
+           on an indeterminate processor. */
        vcpu = x86_read_percpu(xen_vcpu);
        vcpu->evtchn_upcall_mask = 0;
-        preempt_enable_no_resched();
        /* Doesn't matter if we get preempted here, because any
           pending event will get dealt with anyway. */
@@ -254,7 +302,7 @@ static void xen_irq_enable(void)
 static void xen_safe_halt(void)
 {
        /* Blocking includes an implicit local_irq_enable(). */
-        if (HYPERVISOR_sched_op(SCHEDOP_block, 0) != 0)
+        if (HYPERVISOR_sched_op(SCHEDOP_block, NULL) != 0)
                BUG();
 }
@@ -332,14 +380,6 @@ static void load_TLS_descriptor(struct thread_struct *t,
 static void xen_load_tls(struct thread_struct *t, unsigned int cpu)
 {
-        xen_mc_batch();
-        load_TLS_descriptor(t, cpu, 0);
-        load_TLS_descriptor(t, cpu, 1);
-        load_TLS_descriptor(t, cpu, 2);
-        xen_mc_issue(PARAVIRT_LAZY_CPU);
        /*
         * XXX sleazy hack: If we're being called in a lazy-cpu zone,
         * it means we're in a context switch, and %gs has just been
@@ -348,10 +388,39 @@ static void xen_load_tls(struct thread_struct *t, unsigned int cpu)
         * Either way, it has been saved, and the new value will get
         * loaded properly.  This will go away as soon as Xen has been
         * modified to not save/restore %gs for normal hypercalls.
+         *
+         * On x86_64, this hack is not used for %gs, because gs points
+         * to KERNEL_GS_BASE (and uses it for PDA references), so we
+         * must not zero %gs on x86_64
+         *
+         * For x86_64, we need to zero %fs, otherwise we may get an
+         * exception between the new %fs descriptor being loaded and
+         * %fs being effectively cleared at __switch_to().
         */
-        if (paravirt_get_lazy_mode() == PARAVIRT_LAZY_CPU)
+        if (paravirt_get_lazy_mode() == PARAVIRT_LAZY_CPU) {
+#ifdef CONFIG_X86_32
                loadsegment(gs, 0);
+#else
+                loadsegment(fs, 0);
+#endif
+        }
+        xen_mc_batch();
+        load_TLS_descriptor(t, cpu, 0);
+        load_TLS_descriptor(t, cpu, 1);
+        load_TLS_descriptor(t, cpu, 2);
+        xen_mc_issue(PARAVIRT_LAZY_CPU);
+}
+#ifdef CONFIG_X86_64
+static void xen_load_gs_index(unsigned int idx)
+{
+        if (HYPERVISOR_set_segment_base(SEGBASE_GS_USER_SEL, idx))
+                BUG();
 }
+#endif
 static void xen_write_ldt_entry(struct desc_struct *dt, int entrynum,
                                const void *ptr)
@@ -369,23 +438,18 @@ static void xen_write_ldt_entry(struct desc_struct *dt, int entrynum,
        preempt_enable();
 }
-static int cvt_gate_to_trap(int vector, u32 low, u32 high,
+static int cvt_gate_to_trap(int vector, const gate_desc *val,
                            struct trap_info *info)
 {
-        u8 type, dpl;
+        if (val->type != 0xf && val->type != 0xe)
-        type = (high >> 8) & 0x1f;
-        dpl = (high >> 13) & 3;
-        if (type != 0xf && type != 0xe)
                return 0;
        info->vector = vector;
-        info->address = (high & 0xffff0000) | (low & 0x0000ffff);
+        info->address = gate_offset(*val);
-        info->cs = low >> 16;
+        info->cs = gate_segment(*val);
-        info->flags = dpl;
+        info->flags = val->dpl;
        /* interrupt gates clear IF */
-        if (type == 0xe)
+        if (val->type == 0xe)
                info->flags |= 4;
        return 1;
@@ -412,11 +476,10 @@ static void xen_write_idt_entry(gate_desc *dt, int entrynum, const gate_desc *g)
        if (p >= start && (p + 8) <= end) {
                struct trap_info info[2];
-                u32 *desc = (u32 *)g;
                info[1].address = 0;
-                if (cvt_gate_to_trap(entrynum, desc[0], desc[1], &info[0]))
+                if (cvt_gate_to_trap(entrynum, g, &info[0]))
                        if (HYPERVISOR_set_trap_table(info))
                                BUG();
        }
@@ -429,13 +492,13 @@ static void xen_convert_trap_info(const struct desc_ptr *desc,
 {
        unsigned in, out, count;
-        count = (desc->size+1) / 8;
+        count = (desc->size+1) / sizeof(gate_desc);
        BUG_ON(count > 256);
        for (in = out = 0; in < count; in++) {
-                const u32 *entry = (u32 *)(desc->address + in * 8);
+                gate_desc *entry = (gate_desc*)(desc->address) + in;
-                if (cvt_gate_to_trap(in, entry[0], entry[1], &traps[out]))
+                if (cvt_gate_to_trap(in, entry, &traps[out]))
                        out++;
        }
        traps[out].address = 0;
@@ -607,6 +670,30 @@ static void xen_flush_tlb_others(const cpumask_t *cpus, struct mm_struct *mm,
        xen_mc_issue(PARAVIRT_LAZY_MMU);
 }
+static void xen_clts(void)
+{
+        struct multicall_space mcs;
+        mcs = xen_mc_entry(0);
+        MULTI_fpu_taskswitch(mcs.mc, 0);
+        xen_mc_issue(PARAVIRT_LAZY_CPU);
+}
+static void xen_write_cr0(unsigned long cr0)
+{
+        struct multicall_space mcs;
+        /* Only pay attention to cr0.TS; everything else is
+           ignored. */
+        mcs = xen_mc_entry(0);
+        MULTI_fpu_taskswitch(mcs.mc, (cr0 & X86_CR0_TS) != 0);
+        xen_mc_issue(PARAVIRT_LAZY_CPU);
+}
 static void xen_write_cr2(unsigned long cr2)
 {
        x86_read_percpu(xen_vcpu)->arch.cr2 = cr2;
@@ -624,8 +711,10 @@ static unsigned long xen_read_cr2_direct(void)
 static void xen_write_cr4(unsigned long cr4)
 {
-        /* Just ignore cr4 changes; Xen doesn't allow us to do
+        cr4 &= ~X86_CR4_PGE;
-           anything anyway. */
+        cr4 &= ~X86_CR4_PSE;
+        native_write_cr4(cr4);
 }
 static unsigned long xen_read_cr3(void)
@@ -638,33 +727,89 @@ static void set_current_cr3(void *v)
        x86_write_percpu(xen_current_cr3, (unsigned long)v);
 }
-static void xen_write_cr3(unsigned long cr3)
+static void __xen_write_cr3(bool kernel, unsigned long cr3)
 {
        struct mmuext_op *op;
        struct multicall_space mcs;
-        unsigned long mfn = pfn_to_mfn(PFN_DOWN(cr3));
+        unsigned long mfn;
-        BUG_ON(preemptible());
+        if (cr3)
+                mfn = pfn_to_mfn(PFN_DOWN(cr3));
+        else
+                mfn = 0;
-        mcs = xen_mc_entry(sizeof(*op));  /* disables interrupts */
+        WARN_ON(mfn == 0 && kernel);
-        /* Update while interrupts are disabled, so its atomic with
+        mcs = __xen_mc_entry(sizeof(*op));
-           respect to ipis */
-        x86_write_percpu(xen_cr3, cr3);
        op = mcs.args;
-        op->cmd = MMUEXT_NEW_BASEPTR;
+        op->cmd = kernel ? MMUEXT_NEW_BASEPTR : MMUEXT_NEW_USER_BASEPTR;
        op->arg1.mfn = mfn;
        MULTI_mmuext_op(mcs.mc, op, 1, NULL, DOMID_SELF);
-        /* Update xen_update_cr3 once the batch has actually
+        if (kernel) {
-           been submitted. */
+                x86_write_percpu(xen_cr3, cr3);
-        xen_mc_callback(set_current_cr3, (void *)cr3);
+                /* Update xen_current_cr3 once the batch has actually
+                   been submitted. */
+                xen_mc_callback(set_current_cr3, (void *)cr3);
+        }
+}
+static void xen_write_cr3(unsigned long cr3)
+{
+        BUG_ON(preemptible());
+        xen_mc_batch();  /* disables interrupts */
+        /* Update while interrupts are disabled, so its atomic with
+           respect to ipis */
+        x86_write_percpu(xen_cr3, cr3);
+        __xen_write_cr3(true, cr3);
+#ifdef CONFIG_X86_64
+        {
+                pgd_t *user_pgd = xen_get_user_pgd(__va(cr3));
+                if (user_pgd)
+                        __xen_write_cr3(false, __pa(user_pgd));
+                else
+                        __xen_write_cr3(false, 0);
+        }
+#endif
        xen_mc_issue(PARAVIRT_LAZY_CPU);  /* interrupts restored */
 }
+static int xen_write_msr_safe(unsigned int msr, unsigned low, unsigned high)
+{
+        int ret;
+        ret = 0;
+        switch(msr) {
+#ifdef CONFIG_X86_64
+                unsigned which;
+                u64 base;
+        case MSR_FS_BASE:               which = SEGBASE_FS; goto set;
+        case MSR_KERNEL_GS_BASE:        which = SEGBASE_GS_USER; goto set;
+        case MSR_GS_BASE:               which = SEGBASE_GS_KERNEL; goto set;
+        set:
+                base = ((u64)high << 32) | low;
+                if (HYPERVISOR_set_segment_base(which, base) != 0)
+                        ret = -EFAULT;
+                break;
+#endif
+        default:
+                ret = native_write_msr_safe(msr, low, high);
+        }
+        return ret;
+}
 /* Early in boot, while setting up the initial pagetable, assume
   everything is pinned. */
 static __init void xen_alloc_pte_init(struct mm_struct *mm, u32 pfn)
@@ -721,6 +866,48 @@ static void xen_alloc_pmd(struct mm_struct *mm, u32 pfn)
        xen_alloc_ptpage(mm, pfn, PT_PMD);
 }
+static int xen_pgd_alloc(struct mm_struct *mm)
+{
+        pgd_t *pgd = mm->pgd;
+        int ret = 0;
+        BUG_ON(PagePinned(virt_to_page(pgd)));
+#ifdef CONFIG_X86_64
+        {
+                struct page *page = virt_to_page(pgd);
+                pgd_t *user_pgd;
+                BUG_ON(page->private != 0);
+                ret = -ENOMEM;
+                user_pgd = (pgd_t *)__get_free_page(GFP_KERNEL | __GFP_ZERO);
+                page->private = (unsigned long)user_pgd;
+                if (user_pgd != NULL) {
+                        user_pgd[pgd_index(VSYSCALL_START)] =
+                                __pgd(__pa(level3_user_vsyscall) | _PAGE_TABLE);
+                        ret = 0;
+                }
+                BUG_ON(PagePinned(virt_to_page(xen_get_user_pgd(pgd))));
+        }
+#endif
+        return ret;
+}
+static void xen_pgd_free(struct mm_struct *mm, pgd_t *pgd)
+{
+#ifdef CONFIG_X86_64
+        pgd_t *user_pgd = xen_get_user_pgd(pgd);
+        if (user_pgd)
+                free_page((unsigned long)user_pgd);
+#endif
+}
 /* This should never happen until we're OK to use struct page */
 static void xen_release_ptpage(u32 pfn, unsigned level)
 {
@@ -746,6 +933,18 @@ static void xen_release_pmd(u32 pfn)
        xen_release_ptpage(pfn, PT_PMD);
 }
+#if PAGETABLE_LEVELS == 4
+static void xen_alloc_pud(struct mm_struct *mm, u32 pfn)
+{
+        xen_alloc_ptpage(mm, pfn, PT_PUD);
+}
+static void xen_release_pud(u32 pfn)
+{
+        xen_release_ptpage(pfn, PT_PUD);
+}
+#endif
 #ifdef CONFIG_HIGHPTE
 static void *xen_kmap_atomic_pte(struct page *page, enum km_type type)
 {
@@ -784,68 +983,16 @@ static __init void xen_set_pte_init(pte_t *ptep, pte_t pte)
 static __init void xen_pagetable_setup_start(pgd_t *base)
 {
-        pgd_t *xen_pgd = (pgd_t *)xen_start_info->pt_base;
-        int i;
-        /* special set_pte for pagetable initialization */
-        pv_mmu_ops.set_pte = xen_set_pte_init;
-        init_mm.pgd = base;
-        /*
-         * copy top-level of Xen-supplied pagetable into place.  This
-         * is a stand-in while we copy the pmd pages.
-         */
-        memcpy(base, xen_pgd, PTRS_PER_PGD * sizeof(pgd_t));
-        /*
-         * For PAE, need to allocate new pmds, rather than
-         * share Xen's, since Xen doesn't like pmd's being
-         * shared between address spaces.
-         */
-        for (i = 0; i < PTRS_PER_PGD; i++) {
-                if (pgd_val_ma(xen_pgd[i]) & _PAGE_PRESENT) {
-                        pmd_t *pmd = (pmd_t *)alloc_bootmem_low_pages(PAGE_SIZE);
-                        memcpy(pmd, (void *)pgd_page_vaddr(xen_pgd[i]),
-                               PAGE_SIZE);
-                        make_lowmem_page_readonly(pmd);
-                        set_pgd(&base[i], __pgd(1 + __pa(pmd)));
-                } else
-                        pgd_clear(&base[i]);
-        }
-        /* make sure zero_page is mapped RO so we can use it in pagetables */
-        make_lowmem_page_readonly(empty_zero_page);
-        make_lowmem_page_readonly(base);
-        /*
-         * Switch to new pagetable.  This is done before
-         * pagetable_init has done anything so that the new pages
-         * added to the table can be prepared properly for Xen.
-         */
-        xen_write_cr3(__pa(base));
-        /* Unpin initial Xen pagetable */
-        pin_pagetable_pfn(MMUEXT_UNPIN_TABLE,
-                          PFN_DOWN(__pa(xen_start_info->pt_base)));
 }
-static __init void setup_shared_info(void)
+void xen_setup_shared_info(void)
 {
        if (!xen_feature(XENFEAT_auto_translated_physmap)) {
-                unsigned long addr = fix_to_virt(FIX_PARAVIRT_BOOTMAP);
+                set_fixmap(FIX_PARAVIRT_BOOTMAP,
+                           xen_start_info->shared_info);
-                /*
-                 * Create a mapping for the shared info page.
+                HYPERVISOR_shared_info =
-                 * Should be set_fixmap(), but shared_info is a machine
+                        (struct shared_info *)fix_to_virt(FIX_PARAVIRT_BOOTMAP);
-                 * address with no corresponding pseudo-phys address.
-                 */
-                set_pte_mfn(addr,
-                            PFN_DOWN(xen_start_info->shared_info),
-                            PAGE_KERNEL);
-                HYPERVISOR_shared_info = (struct shared_info *)addr;
        } else
                HYPERVISOR_shared_info =
                        (struct shared_info *)__va(xen_start_info->shared_info);
@@ -854,27 +1001,43 @@ static __init void setup_shared_info(void)
        /* In UP this is as good a place as any to set up shared info */
        xen_setup_vcpu_info_placement();
 #endif
+        xen_setup_mfn_list_list();
 }
 static __init void xen_pagetable_setup_done(pgd_t *base)
 {
+        xen_setup_shared_info();
+}
+static __init void xen_post_allocator_init(void)
+{
+        pv_mmu_ops.set_pte = xen_set_pte;
+        pv_mmu_ops.set_pmd = xen_set_pmd;
+        pv_mmu_ops.set_pud = xen_set_pud;
+#if PAGETABLE_LEVELS == 4
+        pv_mmu_ops.set_pgd = xen_set_pgd;
+#endif
        /* This will work as long as patching hasn't happened yet
           (which it hasn't) */
        pv_mmu_ops.alloc_pte = xen_alloc_pte;
        pv_mmu_ops.alloc_pmd = xen_alloc_pmd;
        pv_mmu_ops.release_pte = xen_release_pte;
        pv_mmu_ops.release_pmd = xen_release_pmd;
-        pv_mmu_ops.set_pte = xen_set_pte;
+#if PAGETABLE_LEVELS == 4
+        pv_mmu_ops.alloc_pud = xen_alloc_pud;
-        setup_shared_info();
+        pv_mmu_ops.release_pud = xen_release_pud;
+#endif
-        /* Actually pin the pagetable down, but we can't set PG_pinned
+#ifdef CONFIG_X86_64
-           yet because the page structures don't exist yet. */
+        SetPagePinned(virt_to_page(level3_user_vsyscall));
-        pin_pagetable_pfn(MMUEXT_PIN_L3_TABLE, PFN_DOWN(__pa(base)));
+#endif
+        xen_mark_init_mm_pinned();
 }
 /* This is called once we have the cpu_possible_map */
-void __init xen_setup_vcpu_info_placement(void)
+void xen_setup_vcpu_info_placement(void)
 {
        int cpu;
@@ -883,6 +1046,7 @@ void __init xen_setup_vcpu_info_placement(void)
        /* xen_vcpu_setup managed to place the vcpu_info within the
           percpu area for all cpus, so make use of it */
+#ifdef CONFIG_X86_32
        if (have_vcpu_info_placement) {
                printk(KERN_INFO "Xen: using vcpu_info placement\n");
@@ -892,6 +1056,7 @@ void __init xen_setup_vcpu_info_placement(void)
                pv_irq_ops.irq_enable = xen_irq_enable_direct;
                pv_mmu_ops.read_cr2 = xen_read_cr2_direct;
        }
+#endif
 }
 static unsigned xen_patch(u8 type, u16 clobbers, void *insnbuf,
@@ -912,10 +1077,12 @@ static unsigned xen_patch(u8 type, u16 clobbers, void *insnbuf,
        goto patch_site
        switch (type) {
+#ifdef CONFIG_X86_32
                SITE(pv_irq_ops, irq_enable);
                SITE(pv_irq_ops, irq_disable);
                SITE(pv_irq_ops, save_fl);
                SITE(pv_irq_ops, restore_fl);
+#endif /* CONFIG_X86_32 */
 #undef SITE
        patch_site:
@@ -947,6 +1114,49 @@ static unsigned xen_patch(u8 type, u16 clobbers, void *insnbuf,
        return ret;
 }
+static void xen_set_fixmap(unsigned idx, unsigned long phys, pgprot_t prot)
+{
+        pte_t pte;
+        phys >>= PAGE_SHIFT;
+        switch (idx) {
+        case FIX_BTMAP_END ... FIX_BTMAP_BEGIN:
+#ifdef CONFIG_X86_F00F_BUG
+        case FIX_F00F_IDT:
+#endif
+#ifdef CONFIG_X86_32
+        case FIX_WP_TEST:
+        case FIX_VDSO:
+# ifdef CONFIG_HIGHMEM
+        case FIX_KMAP_BEGIN ... FIX_KMAP_END:
+# endif
+#else
+        case VSYSCALL_LAST_PAGE ... VSYSCALL_FIRST_PAGE:
+#endif
+#ifdef CONFIG_X86_LOCAL_APIC
+        case FIX_APIC_BASE:     /* maps dummy local APIC */
+#endif
+                pte = pfn_pte(phys, prot);
+                break;
+        default:
+                pte = mfn_pte(phys, prot);
+                break;
+        }
+        __native_set_fixmap(idx, pte);
+#ifdef CONFIG_X86_64
+        /* Replicate changes to map the vsyscall page into the user
+           pagetable vsyscall mapping. */
+        if (idx >= VSYSCALL_LAST_PAGE && idx <= VSYSCALL_FIRST_PAGE) {
+                unsigned long vaddr = __fix_to_virt(idx);
+                set_pte_vaddr_pud(level3_user_vsyscall, vaddr, pte);
+        }
+#endif
+}
 static const struct pv_info xen_info __initdata = {
        .paravirt_enabled = 1,
        .shared_kernel_pmd = 0,
@@ -960,7 +1170,7 @@ static const struct pv_init_ops xen_init_ops __initdata = {
        .banner = xen_banner,
        .memory_setup = xen_memory_setup,
        .arch_setup = xen_arch_setup,
-        .post_allocator_init = xen_mark_init_mm_pinned,
+        .post_allocator_init = xen_post_allocator_init,
 };
 static const struct pv_time_ops xen_time_ops __initdata = {
@@ -968,7 +1178,7 @@ static const struct pv_time_ops xen_time_ops __initdata = {
        .set_wallclock = xen_set_wallclock,
        .get_wallclock = xen_get_wallclock,
-        .get_cpu_khz = xen_cpu_khz,
+        .get_tsc_khz = xen_tsc_khz,
        .sched_clock = xen_sched_clock,
 };
@@ -978,10 +1188,10 @@ static const struct pv_cpu_ops xen_cpu_ops __initdata = {
        .set_debugreg = xen_set_debugreg,
        .get_debugreg = xen_get_debugreg,
-        .clts = native_clts,
+        .clts = xen_clts,
        .read_cr0 = native_read_cr0,
-        .write_cr0 = native_write_cr0,
+        .write_cr0 = xen_write_cr0,
        .read_cr4 = native_read_cr4,
        .read_cr4_safe = native_read_cr4_safe,
@@ -990,18 +1200,25 @@ static const struct pv_cpu_ops xen_cpu_ops __initdata = {
        .wbinvd = native_wbinvd,
        .read_msr = native_read_msr_safe,
-        .write_msr = native_write_msr_safe,
+        .write_msr = xen_write_msr_safe,
        .read_tsc = native_read_tsc,
        .read_pmc = native_read_pmc,
        .iret = xen_iret,
-        .irq_enable_syscall_ret = xen_sysexit,
+        .irq_enable_sysexit = xen_sysexit,
+#ifdef CONFIG_X86_64
+        .usergs_sysret32 = xen_sysret32,
+        .usergs_sysret64 = xen_sysret64,
+#endif
        .load_tr_desc = paravirt_nop,
        .set_ldt = xen_set_ldt,
        .load_gdt = xen_load_gdt,
        .load_idt = xen_load_idt,
        .load_tls = xen_load_tls,
+#ifdef CONFIG_X86_64
+        .load_gs_index = xen_load_gs_index,
+#endif
        .store_gdt = native_store_gdt,
        .store_idt = native_store_idt,
@@ -1015,26 +1232,48 @@ static const struct pv_cpu_ops xen_cpu_ops __initdata = {
        .set_iopl_mask = xen_set_iopl_mask,
        .io_delay = xen_io_delay,
+        /* Xen takes care of %gs when switching to usermode for us */
+        .swapgs = paravirt_nop,
        .lazy_mode = {
                .enter = paravirt_enter_lazy_cpu,
                .leave = xen_leave_lazy,
        },
 };
+static void __init __xen_init_IRQ(void)
+{
+#ifdef CONFIG_X86_64
+        int i;
+        /* Create identity vector->irq map */
+        for(i = 0; i < NR_VECTORS; i++) {
+                int cpu;
+                for_each_possible_cpu(cpu)
+                        per_cpu(vector_irq, cpu)[i] = i;
+        }
+#endif  /* CONFIG_X86_64 */
+        xen_init_IRQ();
+}
 static const struct pv_irq_ops xen_irq_ops __initdata = {
-        .init_IRQ = xen_init_IRQ,
+        .init_IRQ = __xen_init_IRQ,
        .save_fl = xen_save_fl,
        .restore_fl = xen_restore_fl,
        .irq_disable = xen_irq_disable,
        .irq_enable = xen_irq_enable,
        .safe_halt = xen_safe_halt,
        .halt = xen_halt,
+#ifdef CONFIG_X86_64
+        .adjust_exception_frame = xen_adjust_exception_frame,
+#endif
 };
 static const struct pv_apic_ops xen_apic_ops __initdata = {
 #ifdef CONFIG_X86_LOCAL_APIC
        .apic_write = xen_apic_write,
-        .apic_write_atomic = xen_apic_write,
        .apic_read = xen_apic_read,
        .setup_boot_clock = paravirt_nop,
        .setup_secondary_clock = paravirt_nop,
@@ -1060,6 +1299,9 @@ static const struct pv_mmu_ops xen_mmu_ops __initdata = {
        .pte_update = paravirt_nop,
        .pte_update_defer = paravirt_nop,
+        .pgd_alloc = xen_pgd_alloc,
+        .pgd_free = xen_pgd_free,
        .alloc_pte = xen_alloc_pte_init,
        .release_pte = xen_release_pte_init,
        .alloc_pmd = xen_alloc_pte_init,
@@ -1070,25 +1312,44 @@ static const struct pv_mmu_ops xen_mmu_ops __initdata = {
        .kmap_atomic_pte = xen_kmap_atomic_pte,
 #endif
-        .set_pte = NULL,        /* see xen_pagetable_setup_* */
+#ifdef CONFIG_X86_64
+        .set_pte = xen_set_pte,
+#else
+        .set_pte = xen_set_pte_init,
+#endif
        .set_pte_at = xen_set_pte_at,
-        .set_pmd = xen_set_pmd,
+        .set_pmd = xen_set_pmd_hyper,
+        .ptep_modify_prot_start = __ptep_modify_prot_start,
+        .ptep_modify_prot_commit = __ptep_modify_prot_commit,
        .pte_val = xen_pte_val,
+        .pte_flags = native_pte_val,
        .pgd_val = xen_pgd_val,
        .make_pte = xen_make_pte,
        .make_pgd = xen_make_pgd,
+#ifdef CONFIG_X86_PAE
        .set_pte_atomic = xen_set_pte_atomic,
        .set_pte_present = xen_set_pte_at,
-        .set_pud = xen_set_pud,
        .pte_clear = xen_pte_clear,
        .pmd_clear = xen_pmd_clear,
+#endif  /* CONFIG_X86_PAE */
+        .set_pud = xen_set_pud_hyper,
        .make_pmd = xen_make_pmd,
        .pmd_val = xen_pmd_val,
+#if PAGETABLE_LEVELS == 4
+        .pud_val = xen_pud_val,
+        .make_pud = xen_make_pud,
+        .set_pgd = xen_set_pgd_hyper,
+        .alloc_pud = xen_alloc_pte_init,
+        .release_pud = xen_release_pte_init,
+#endif  /* PAGETABLE_LEVELS == 4 */
        .activate_mm = xen_activate_mm,
        .dup_mmap = xen_dup_mmap,
        .exit_mmap = xen_exit_mmap,
@@ -1097,28 +1358,19 @@ static const struct pv_mmu_ops xen_mmu_ops __initdata = {
                .enter = paravirt_enter_lazy_mmu,
                .leave = xen_leave_lazy,
        },
-};
-#ifdef CONFIG_SMP
+        .set_fixmap = xen_set_fixmap,
-static const struct smp_ops xen_smp_ops __initdata = {
-        .smp_prepare_boot_cpu = xen_smp_prepare_boot_cpu,
-        .smp_prepare_cpus = xen_smp_prepare_cpus,
-        .cpu_up = xen_cpu_up,
-        .smp_cpus_done = xen_smp_cpus_done,
-        .smp_send_stop = xen_smp_send_stop,
-        .smp_send_reschedule = xen_smp_send_reschedule,
-        .smp_call_function_mask = xen_smp_call_function_mask,
 };
-#endif  /* CONFIG_SMP */
 static void xen_reboot(int reason)
 {
+        struct sched_shutdown r = { .reason = reason };
 #ifdef CONFIG_SMP
        smp_send_stop();
 #endif
-        if (HYPERVISOR_sched_op(SCHEDOP_shutdown, reason))
+        if (HYPERVISOR_sched_op(SCHEDOP_shutdown, &r))
                BUG();
 }
@@ -1154,6 +1406,7 @@ static const struct machine_ops __initdata xen_machine_ops = {
 static void __init xen_reserve_top(void)
 {
+#ifdef CONFIG_X86_32
        unsigned long top = HYPERVISOR_VIRT_START;
        struct xen_platform_parameters pp;
@@ -1161,8 +1414,248 @@ static void __init xen_reserve_top(void)
                top = pp.virt_start;
        reserve_top_address(-top + 2 * PAGE_SIZE);
+#endif  /* CONFIG_X86_32 */
+}
+/*
+ * Like __va(), but returns address in the kernel mapping (which is
+ * all we have until the physical memory mapping has been set up.
+ */
+static void *__ka(phys_addr_t paddr)
+{
+#ifdef CONFIG_X86_64
+        return (void *)(paddr + __START_KERNEL_map);
+#else
+        return __va(paddr);
+#endif
+}
+/* Convert a machine address to physical address */
+static unsigned long m2p(phys_addr_t maddr)
+{
+        phys_addr_t paddr;
+        maddr &= PTE_MASK;
+        paddr = mfn_to_pfn(maddr >> PAGE_SHIFT) << PAGE_SHIFT;
+        return paddr;
 }
+/* Convert a machine address to kernel virtual */
+static void *m2v(phys_addr_t maddr)
+{
+        return __ka(m2p(maddr));
+}
+#ifdef CONFIG_X86_64
+static void walk(pgd_t *pgd, unsigned long addr)
+{
+        unsigned l4idx = pgd_index(addr);
+        unsigned l3idx = pud_index(addr);
+        unsigned l2idx = pmd_index(addr);
+        unsigned l1idx = pte_index(addr);
+        pgd_t l4;
+        pud_t l3;
+        pmd_t l2;
+        pte_t l1;
+        xen_raw_printk("walk %p, %lx -> %d %d %d %d\n",
+                       pgd, addr, l4idx, l3idx, l2idx, l1idx);
+        l4 = pgd[l4idx];
+        xen_raw_printk("  l4: %016lx\n", l4.pgd);
+        xen_raw_printk("      %016lx\n", pgd_val(l4));
+        l3 = ((pud_t *)(m2v(l4.pgd)))[l3idx];
+        xen_raw_printk("  l3: %016lx\n", l3.pud);
+        xen_raw_printk("      %016lx\n", pud_val(l3));
+        l2 = ((pmd_t *)(m2v(l3.pud)))[l2idx];
+        xen_raw_printk("  l2: %016lx\n", l2.pmd);
+        xen_raw_printk("      %016lx\n", pmd_val(l2));
+        l1 = ((pte_t *)(m2v(l2.pmd)))[l1idx];
+        xen_raw_printk("  l1: %016lx\n", l1.pte);
+        xen_raw_printk("      %016lx\n", pte_val(l1));
+}
+#endif
+static void set_page_prot(void *addr, pgprot_t prot)
+{
+        unsigned long pfn = __pa(addr) >> PAGE_SHIFT;
+        pte_t pte = pfn_pte(pfn, prot);
+        xen_raw_printk("addr=%p pfn=%lx mfn=%lx prot=%016llx pte=%016llx\n",
+                       addr, pfn, get_phys_to_machine(pfn),
+                       pgprot_val(prot), pte.pte);
+        if (HYPERVISOR_update_va_mapping((unsigned long)addr, pte, 0))
+                BUG();
+}
+static __init void xen_map_identity_early(pmd_t *pmd, unsigned long max_pfn)
+{
+        unsigned pmdidx, pteidx;
+        unsigned ident_pte;
+        unsigned long pfn;
+        ident_pte = 0;
+        pfn = 0;
+        for(pmdidx = 0; pmdidx < PTRS_PER_PMD && pfn < max_pfn; pmdidx++) {
+                pte_t *pte_page;
+                /* Reuse or allocate a page of ptes */
+                if (pmd_present(pmd[pmdidx]))
+                        pte_page = m2v(pmd[pmdidx].pmd);
+                else {
+                        /* Check for free pte pages */
+                        if (ident_pte == ARRAY_SIZE(level1_ident_pgt))
+                                break;
+                        pte_page = &level1_ident_pgt[ident_pte];
+                        ident_pte += PTRS_PER_PTE;
+                        pmd[pmdidx] = __pmd(__pa(pte_page) | _PAGE_TABLE);
+                }
+                /* Install mappings */
+                for(pteidx = 0; pteidx < PTRS_PER_PTE; pteidx++, pfn++) {
+                        pte_t pte;
+                        if (pfn > max_pfn_mapped)
+                                max_pfn_mapped = pfn;
+                        if (!pte_none(pte_page[pteidx]))
+                                continue;
+                        pte = pfn_pte(pfn, PAGE_KERNEL_EXEC);
+                        pte_page[pteidx] = pte;
+                }
+        }
+        for(pteidx = 0; pteidx < ident_pte; pteidx += PTRS_PER_PTE)
+                set_page_prot(&level1_ident_pgt[pteidx], PAGE_KERNEL_RO);
+        set_page_prot(pmd, PAGE_KERNEL_RO);
+}
+#ifdef CONFIG_X86_64
+static void convert_pfn_mfn(void *v)
+{
+        pte_t *pte = v;
+        int i;
+        /* All levels are converted the same way, so just treat them
+           as ptes. */
+        for(i = 0; i < PTRS_PER_PTE; i++)
+                pte[i] = xen_make_pte(pte[i].pte);
+}
+/*
+ * Set up the inital kernel pagetable.
+ *
+ * We can construct this by grafting the Xen provided pagetable into
+ * head_64.S's preconstructed pagetables.  We copy the Xen L2's into
+ * level2_ident_pgt, level2_kernel_pgt and level2_fixmap_pgt.  This
+ * means that only the kernel has a physical mapping to start with -
+ * but that's enough to get __va working.  We need to fill in the rest
+ * of the physical mapping once some sort of allocator has been set
+ * up.
+ */
+static __init pgd_t *xen_setup_kernel_pagetable(pgd_t *pgd, unsigned long max_pfn)
+{
+        pud_t *l3;
+        pmd_t *l2;
+        /* Zap identity mapping */
+        init_level4_pgt[0] = __pgd(0);
+        /* Pre-constructed entries are in pfn, so convert to mfn */
+        convert_pfn_mfn(init_level4_pgt);
+        convert_pfn_mfn(level3_ident_pgt);
+        convert_pfn_mfn(level3_kernel_pgt);
+        l3 = m2v(pgd[pgd_index(__START_KERNEL_map)].pgd);
+        l2 = m2v(l3[pud_index(__START_KERNEL_map)].pud);
+        memcpy(level2_ident_pgt, l2, sizeof(pmd_t) * PTRS_PER_PMD);
+        memcpy(level2_kernel_pgt, l2, sizeof(pmd_t) * PTRS_PER_PMD);
+        l3 = m2v(pgd[pgd_index(__START_KERNEL_map + PMD_SIZE)].pgd);
+        l2 = m2v(l3[pud_index(__START_KERNEL_map + PMD_SIZE)].pud);
+        memcpy(level2_fixmap_pgt, l2, sizeof(pmd_t) * PTRS_PER_PMD);
+        /* Set up identity map */
+        xen_map_identity_early(level2_ident_pgt, max_pfn);
+        /* Make pagetable pieces RO */
+        set_page_prot(init_level4_pgt, PAGE_KERNEL_RO);
+        set_page_prot(level3_ident_pgt, PAGE_KERNEL_RO);
+        set_page_prot(level3_kernel_pgt, PAGE_KERNEL_RO);
+        set_page_prot(level3_user_vsyscall, PAGE_KERNEL_RO);
+        set_page_prot(level2_kernel_pgt, PAGE_KERNEL_RO);
+        set_page_prot(level2_fixmap_pgt, PAGE_KERNEL_RO);
+        /* Pin down new L4 */
+        pin_pagetable_pfn(MMUEXT_PIN_L4_TABLE,
+                          PFN_DOWN(__pa_symbol(init_level4_pgt)));
+        /* Unpin Xen-provided one */
+        pin_pagetable_pfn(MMUEXT_UNPIN_TABLE, PFN_DOWN(__pa(pgd)));
+        /* Switch over */
+        pgd = init_level4_pgt;
+        /*
+         * At this stage there can be no user pgd, and no page
+         * structure to attach it to, so make sure we just set kernel
+         * pgd.
+         */
+        xen_mc_batch();
+        __xen_write_cr3(true, __pa(pgd));
+        xen_mc_issue(PARAVIRT_LAZY_CPU);
+        reserve_early(__pa(xen_start_info->pt_base),
+                      __pa(xen_start_info->pt_base +
+                           xen_start_info->nr_pt_frames * PAGE_SIZE),
+                      "XEN PAGETABLES");
+        return pgd;
+}
+#else   /* !CONFIG_X86_64 */
+static pmd_t level2_kernel_pgt[PTRS_PER_PMD] __page_aligned_bss;
+static __init pgd_t *xen_setup_kernel_pagetable(pgd_t *pgd, unsigned long max_pfn)
+{
+        pmd_t *kernel_pmd;
+        init_pg_tables_start = __pa(pgd);
+        init_pg_tables_end = __pa(pgd) + xen_start_info->nr_pt_frames*PAGE_SIZE;
+        max_pfn_mapped = PFN_DOWN(init_pg_tables_end + 512*1024);
+        kernel_pmd = m2v(pgd[KERNEL_PGD_BOUNDARY].pgd);
+        memcpy(level2_kernel_pgt, kernel_pmd, sizeof(pmd_t) * PTRS_PER_PMD);
+        xen_map_identity_early(level2_kernel_pgt, max_pfn);
+        memcpy(swapper_pg_dir, pgd, sizeof(pgd_t) * PTRS_PER_PGD);
+        set_pgd(&swapper_pg_dir[KERNEL_PGD_BOUNDARY],
+                        __pgd(__pa(level2_kernel_pgt) | _PAGE_PRESENT));
+        set_page_prot(level2_kernel_pgt, PAGE_KERNEL_RO);
+        set_page_prot(swapper_pg_dir, PAGE_KERNEL_RO);
+        set_page_prot(empty_zero_page, PAGE_KERNEL_RO);
+        pin_pagetable_pfn(MMUEXT_UNPIN_TABLE, PFN_DOWN(__pa(pgd)));
+        xen_write_cr3(__pa(swapper_pg_dir));
+        pin_pagetable_pfn(MMUEXT_PIN_L3_TABLE, PFN_DOWN(__pa(swapper_pg_dir)));
+        return swapper_pg_dir;
+}
+#endif  /* CONFIG_X86_64 */
 /* First C function to be called on Xen boot */
 asmlinkage void __init xen_start_kernel(void)
 {
@@ -1173,6 +1666,8 @@ asmlinkage void __init xen_start_kernel(void)
        BUG_ON(memcmp(xen_start_info->magic, "xen-3", 5) != 0);
+        xen_setup_features();
        /* Install Xen paravirt ops */
        pv_info = xen_info;
        pv_init_ops = xen_init_ops;
@@ -1182,59 +1677,85 @@ asmlinkage void __init xen_start_kernel(void)
        pv_apic_ops = xen_apic_ops;
        pv_mmu_ops = xen_mmu_ops;
+        if (xen_feature(XENFEAT_mmu_pt_update_preserve_ad)) {
+                pv_mmu_ops.ptep_modify_prot_start = xen_ptep_modify_prot_start;
+                pv_mmu_ops.ptep_modify_prot_commit = xen_ptep_modify_prot_commit;
+        }
        machine_ops = xen_machine_ops;
-#ifdef CONFIG_SMP
+#ifdef CONFIG_X86_64
-        smp_ops = xen_smp_ops;
+        /* Disable until direct per-cpu data access. */
+        have_vcpu_info_placement = 0;
+        x86_64_init_pda();
 #endif
-        xen_setup_features();
+        xen_smp_init();
        /* Get mfn list */
        if (!xen_feature(XENFEAT_auto_translated_physmap))
-                phys_to_machine_mapping = (unsigned long *)xen_start_info->mfn_list;
+                xen_build_dynamic_phys_to_machine();
        pgd = (pgd_t *)xen_start_info->pt_base;
-        init_pg_tables_end = __pa(pgd) + xen_start_info->nr_pt_frames*PAGE_SIZE;
+        /* Prevent unwanted bits from being set in PTEs. */
+        __supported_pte_mask &= ~_PAGE_GLOBAL;
-        init_mm.pgd = pgd; /* use the Xen pagetables to start */
+        if (!is_initial_xendomain())
+                __supported_pte_mask &= ~(_PAGE_PWT | _PAGE_PCD);
-        /* keep using Xen gdt for now; no urgent need to change it */
-        x86_write_percpu(xen_cr3, __pa(pgd));
-        x86_write_percpu(xen_current_cr3, __pa(pgd));
        /* Don't do the full vcpu_info placement stuff until we have a
           possible map and a non-dummy shared_info. */
        per_cpu(xen_vcpu, 0) = &HYPERVISOR_shared_info->vcpu_info[0];
+        xen_raw_console_write("mapping kernel into physical memory\n");
+        pgd = xen_setup_kernel_pagetable(pgd, xen_start_info->nr_pages);
+        init_mm.pgd = pgd;
+        /* keep using Xen gdt for now; no urgent need to change it */
        pv_info.kernel_rpl = 1;
        if (xen_feature(XENFEAT_supervisor_mode_kernel))
                pv_info.kernel_rpl = 0;
-        /* Prevent unwanted bits from being set in PTEs. */
-        __supported_pte_mask &= ~_PAGE_GLOBAL;
-        if (!is_initial_xendomain())
-                __supported_pte_mask &= ~(_PAGE_PWT | _PAGE_PCD);
        /* set the limit of our address space */
        xen_reserve_top();
+#ifdef CONFIG_X86_32
        /* set up basic CPUID stuff */
        cpu_detect(&new_cpu_data);
        new_cpu_data.hard_math = 1;
        new_cpu_data.x86_capability[0] = cpuid_edx(1);
+#endif
        /* Poke various useful things into boot_params */
        boot_params.hdr.type_of_loader = (9 << 4) | 0;
        boot_params.hdr.ramdisk_image = xen_start_info->mod_start
                ? __pa(xen_start_info->mod_start) : 0;
        boot_params.hdr.ramdisk_size = xen_start_info->mod_len;
+        boot_params.hdr.cmd_line_ptr = __pa(xen_start_info->cmd_line);
-        if (!is_initial_xendomain())
+        if (!is_initial_xendomain()) {
+                add_preferred_console("xenboot", 0, NULL);
+                add_preferred_console("tty", 0, NULL);
                add_preferred_console("hvc", 0, NULL);
+        }
+        xen_raw_console_write("about to get started...\n");
+#if 0
+        xen_raw_printk("&boot_params=%p __pa(&boot_params)=%lx __va(__pa(&boot_params))=%lx\n",
+                       &boot_params, __pa_symbol(&boot_params),
+                       __va(__pa_symbol(&boot_params)));
+        walk(pgd, &boot_params);
+        walk(pgd, __va(__pa(&boot_params)));
+#endif
        /* Start the world */
-        start_kernel();
+#ifdef CONFIG_X86_32
+        i386_start_kernel();
+#else
+        x86_64_start_reservations((char *)__pa_symbol(&boot_params));
+#endif
 }