20 files changed, 248 insertions, 155 deletions

diff --git a/arch/x86/include/asm/paravirt.h b/arch/x86/include/asm/paravirt.h
index 7727aa8b7dda..bc384be6aa44 100644
--- a/arch/x86/include/asm/paravirt.h
+++ b/arch/x86/include/asm/paravirt.h
@@ -56,6 +56,7 @@ struct desc_ptr;
 struct tss_struct;
 struct mm_struct;
 struct desc_struct;
+struct task_struct;
 
 /*
  * Wrapper type for pointers to code which uses the non-standard
@@ -203,7 +204,8 @@ struct pv_cpu_ops {
 
         void (*swapgs)(void);
 
-        struct pv_lazy_ops lazy_mode;
+        void (*start_context_switch)(struct task_struct *prev);
+        void (*end_context_switch)(struct task_struct *next);
 };
 
 struct pv_irq_ops {
@@ -1399,25 +1401,23 @@ enum paravirt_lazy_mode {
 };
 
 enum paravirt_lazy_mode paravirt_get_lazy_mode(void);
-void paravirt_enter_lazy_cpu(void);
-void paravirt_leave_lazy_cpu(void);
+void paravirt_start_context_switch(struct task_struct *prev);
+void paravirt_end_context_switch(struct task_struct *next);
+
 void paravirt_enter_lazy_mmu(void);
 void paravirt_leave_lazy_mmu(void);
-void paravirt_leave_lazy(enum paravirt_lazy_mode mode);
 
-#define  __HAVE_ARCH_ENTER_LAZY_CPU_MODE
-static inline void arch_enter_lazy_cpu_mode(void)
+#define  __HAVE_ARCH_START_CONTEXT_SWITCH
+static inline void arch_start_context_switch(struct task_struct *prev)
 {
-        PVOP_VCALL0(pv_cpu_ops.lazy_mode.enter);
+        PVOP_VCALL1(pv_cpu_ops.start_context_switch, prev);
 }
 
-static inline void arch_leave_lazy_cpu_mode(void)
+static inline void arch_end_context_switch(struct task_struct *next)
 {
-        PVOP_VCALL0(pv_cpu_ops.lazy_mode.leave);
+        PVOP_VCALL1(pv_cpu_ops.end_context_switch, next);
 }
 
-void arch_flush_lazy_cpu_mode(void);
-
 #define  __HAVE_ARCH_ENTER_LAZY_MMU_MODE
 static inline void arch_enter_lazy_mmu_mode(void)
 {
diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h
index 29d96d168bc0..b27c4f29b5e0 100644
--- a/arch/x86/include/asm/pgtable.h
+++ b/arch/x86/include/asm/pgtable.h
@@ -81,6 +81,8 @@ static inline void __init paravirt_pagetable_setup_done(pgd_t *base)
 #define pte_val(x)      native_pte_val(x)
 #define __pte(x)        native_make_pte(x)
 
+#define arch_end_context_switch(prev)   do {} while(0)
+
 #endif  /* CONFIG_PARAVIRT */
 
 /*
diff --git a/arch/x86/include/asm/required-features.h b/arch/x86/include/asm/required-features.h
index d5cd6c586881..64cf2d24fad1 100644
--- a/arch/x86/include/asm/required-features.h
+++ b/arch/x86/include/asm/required-features.h
@@ -48,9 +48,15 @@
 #endif
 
 #ifdef CONFIG_X86_64
+#ifdef CONFIG_PARAVIRT
+/* Paravirtualized systems may not have PSE or PGE available */
 #define NEED_PSE        0
+#define NEED_PGE        0
+#else
+#define NEED_PSE        (1<<(X86_FEATURE_PSE) & 31)
+#define NEED_PGE        (1<<(X86_FEATURE_PGE) & 31)
+#endif
 #define NEED_MSR        (1<<(X86_FEATURE_MSR & 31))
-#define NEED_PGE        (1<<(X86_FEATURE_PGE & 31))
 #define NEED_FXSR       (1<<(X86_FEATURE_FXSR & 31))
 #define NEED_XMM        (1<<(X86_FEATURE_XMM & 31))
 #define NEED_XMM2       (1<<(X86_FEATURE_XMM2 & 31))
diff --git a/arch/x86/include/asm/thread_info.h b/arch/x86/include/asm/thread_info.h
index 8820a73ae090..602c769fc98c 100644
--- a/arch/x86/include/asm/thread_info.h
+++ b/arch/x86/include/asm/thread_info.h
@@ -94,7 +94,8 @@ struct thread_info {
 #define TIF_FORCED_TF           24      /* true if TF in eflags artificially */
 #define TIF_DEBUGCTLMSR         25      /* uses thread_struct.debugctlmsr */
 #define TIF_DS_AREA_MSR         26      /* uses thread_struct.ds_area_msr */
-#define TIF_SYSCALL_FTRACE      27      /* for ftrace syscall instrumentation */
+#define TIF_LAZY_MMU_UPDATES    27      /* task is updating the mmu lazily */
+#define TIF_SYSCALL_FTRACE      28      /* for ftrace syscall instrumentation */
 
 #define _TIF_SYSCALL_TRACE      (1 << TIF_SYSCALL_TRACE)
 #define _TIF_NOTIFY_RESUME      (1 << TIF_NOTIFY_RESUME)
@@ -116,6 +117,7 @@ struct thread_info {
 #define _TIF_FORCED_TF          (1 << TIF_FORCED_TF)
 #define _TIF_DEBUGCTLMSR        (1 << TIF_DEBUGCTLMSR)
 #define _TIF_DS_AREA_MSR        (1 << TIF_DS_AREA_MSR)
+#define _TIF_LAZY_MMU_UPDATES   (1 << TIF_LAZY_MMU_UPDATES)
 #define _TIF_SYSCALL_FTRACE     (1 << TIF_SYSCALL_FTRACE)
 
 /* work to do in syscall_trace_enter() */
diff --git a/arch/x86/include/asm/xen/page.h b/arch/x86/include/asm/xen/page.h
index 1a918dde46b5..018a0a400799 100644
--- a/arch/x86/include/asm/xen/page.h
+++ b/arch/x86/include/asm/xen/page.h
@@ -124,7 +124,8 @@ static inline unsigned long mfn_to_local_pfn(unsigned long mfn)
 
 /* VIRT <-> MACHINE conversion */
 #define virt_to_machine(v)      (phys_to_machine(XPADDR(__pa(v))))
-#define virt_to_mfn(v)          (pfn_to_mfn(PFN_DOWN(__pa(v))))
+#define virt_to_pfn(v)          (PFN_DOWN(__pa(v)))
+#define virt_to_mfn(v)          (pfn_to_mfn(virt_to_pfn(v)))
 #define mfn_to_virt(m)          (__va(mfn_to_pfn(m) << PAGE_SHIFT))
 
 static inline unsigned long pte_mfn(pte_t pte)
diff --git a/arch/x86/kernel/kvm.c b/arch/x86/kernel/kvm.c
index 33019ddb56b4..6551dedee20c 100644
--- a/arch/x86/kernel/kvm.c
+++ b/arch/x86/kernel/kvm.c
@@ -195,7 +195,7 @@ static void kvm_leave_lazy_mmu(void)
         struct kvm_para_state *state = kvm_para_state();
 
         mmu_queue_flush(state);
-        paravirt_leave_lazy(paravirt_get_lazy_mode());
+        paravirt_leave_lazy_mmu();
         state->mode = paravirt_get_lazy_mode();
 }
 
diff --git a/arch/x86/kernel/paravirt.c b/arch/x86/kernel/paravirt.c
index 8e45f4464880..aa3442340705 100644
--- a/arch/x86/kernel/paravirt.c
+++ b/arch/x86/kernel/paravirt.c
@@ -246,18 +246,16 @@ static DEFINE_PER_CPU(enum paravirt_lazy_mode, paravirt_lazy_mode) = PARAVIRT_LA
 
 static inline void enter_lazy(enum paravirt_lazy_mode mode)
 {
-        BUG_ON(__get_cpu_var(paravirt_lazy_mode) != PARAVIRT_LAZY_NONE);
-        BUG_ON(preemptible());
+        BUG_ON(percpu_read(paravirt_lazy_mode) != PARAVIRT_LAZY_NONE);
 
-        __get_cpu_var(paravirt_lazy_mode) = mode;
+        percpu_write(paravirt_lazy_mode, mode);
 }
 
-void paravirt_leave_lazy(enum paravirt_lazy_mode mode)
+static void leave_lazy(enum paravirt_lazy_mode mode)
 {
-        BUG_ON(__get_cpu_var(paravirt_lazy_mode) != mode);
-        BUG_ON(preemptible());
+        BUG_ON(percpu_read(paravirt_lazy_mode) != mode);
 
-        __get_cpu_var(paravirt_lazy_mode) = PARAVIRT_LAZY_NONE;
+        percpu_write(paravirt_lazy_mode, PARAVIRT_LAZY_NONE);
 }
 
 void paravirt_enter_lazy_mmu(void)
@@ -267,22 +265,36 @@ void paravirt_enter_lazy_mmu(void)
 
 void paravirt_leave_lazy_mmu(void)
 {
-        paravirt_leave_lazy(PARAVIRT_LAZY_MMU);
+        leave_lazy(PARAVIRT_LAZY_MMU);
 }
 
-void paravirt_enter_lazy_cpu(void)
+void paravirt_start_context_switch(struct task_struct *prev)
 {
+        BUG_ON(preemptible());
+
+        if (percpu_read(paravirt_lazy_mode) == PARAVIRT_LAZY_MMU) {
+                arch_leave_lazy_mmu_mode();
+                set_ti_thread_flag(task_thread_info(prev), TIF_LAZY_MMU_UPDATES);
+        }
         enter_lazy(PARAVIRT_LAZY_CPU);
 }
 
-void paravirt_leave_lazy_cpu(void)
+void paravirt_end_context_switch(struct task_struct *next)
 {
-        paravirt_leave_lazy(PARAVIRT_LAZY_CPU);
+        BUG_ON(preemptible());
+
+        leave_lazy(PARAVIRT_LAZY_CPU);
+
+        if (test_and_clear_ti_thread_flag(task_thread_info(next), TIF_LAZY_MMU_UPDATES))
+                arch_enter_lazy_mmu_mode();
 }
 
 enum paravirt_lazy_mode paravirt_get_lazy_mode(void)
 {
-        return __get_cpu_var(paravirt_lazy_mode);
+        if (in_interrupt())
+                return PARAVIRT_LAZY_NONE;
+
+        return percpu_read(paravirt_lazy_mode);
 }
 
 void arch_flush_lazy_mmu_mode(void)
@@ -290,7 +302,6 @@ void arch_flush_lazy_mmu_mode(void)
         preempt_disable();
 
         if (paravirt_get_lazy_mode() == PARAVIRT_LAZY_MMU) {
-                WARN_ON(preempt_count() == 1);
                 arch_leave_lazy_mmu_mode();
                 arch_enter_lazy_mmu_mode();
         }
@@ -298,19 +309,6 @@ void arch_flush_lazy_mmu_mode(void)
         preempt_enable();
 }
 
-void arch_flush_lazy_cpu_mode(void)
-{
-        preempt_disable();
-
-        if (paravirt_get_lazy_mode() == PARAVIRT_LAZY_CPU) {
-                WARN_ON(preempt_count() == 1);
-                arch_leave_lazy_cpu_mode();
-                arch_enter_lazy_cpu_mode();
-        }
-
-        preempt_enable();
-}
-
 struct pv_info pv_info = {
         .name = "bare hardware",
         .paravirt_enabled = 0,
@@ -402,10 +400,8 @@ struct pv_cpu_ops pv_cpu_ops = {
         .set_iopl_mask = native_set_iopl_mask,
         .io_delay = native_io_delay,
 
-        .lazy_mode = {
-                .enter = paravirt_nop,
-                .leave = paravirt_nop,
-        },
+        .start_context_switch = paravirt_nop,
+        .end_context_switch = paravirt_nop,
 };
 
 struct pv_apic_ops pv_apic_ops = {
diff --git a/arch/x86/kernel/process_32.c b/arch/x86/kernel/process_32.c
index 76f8f84043a2..5de30f0960fb 100644
--- a/arch/x86/kernel/process_32.c
+++ b/arch/x86/kernel/process_32.c
@@ -407,7 +407,7 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
          * done before math_state_restore, so the TS bit is up
          * to date.
          */
-        arch_leave_lazy_cpu_mode();
+        arch_end_context_switch(next_p);
 
         /* If the task has used fpu the last 5 timeslices, just do a full
          * restore of the math state immediately to avoid the trap; the
diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c
index b751a41392b1..66ad06791d6f 100644
--- a/arch/x86/kernel/process_64.c
+++ b/arch/x86/kernel/process_64.c
@@ -428,7 +428,7 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
          * done before math_state_restore, so the TS bit is up
          * to date.
          */
-        arch_leave_lazy_cpu_mode();
+        arch_end_context_switch(next_p);
 
         /*
          * Switch FS and GS.
diff --git a/arch/x86/kernel/vmi_32.c b/arch/x86/kernel/vmi_32.c
index 95deb9f2211e..b263423fbe2a 100644
--- a/arch/x86/kernel/vmi_32.c
+++ b/arch/x86/kernel/vmi_32.c
@@ -462,22 +462,28 @@ vmi_startup_ipi_hook(int phys_apicid, unsigned long start_eip,
 }
 #endif
 
-static void vmi_enter_lazy_cpu(void)
+static void vmi_start_context_switch(struct task_struct *prev)
 {
-        paravirt_enter_lazy_cpu();
+        paravirt_start_context_switch(prev);
         vmi_ops.set_lazy_mode(2);
 }
 
+static void vmi_end_context_switch(struct task_struct *next)
+{
+        vmi_ops.set_lazy_mode(0);
+        paravirt_end_context_switch(next);
+}
+
 static void vmi_enter_lazy_mmu(void)
 {
         paravirt_enter_lazy_mmu();
         vmi_ops.set_lazy_mode(1);
 }
 
-static void vmi_leave_lazy(void)
+static void vmi_leave_lazy_mmu(void)
 {
-        paravirt_leave_lazy(paravirt_get_lazy_mode());
         vmi_ops.set_lazy_mode(0);
+        paravirt_leave_lazy_mmu();
 }
 
 static inline int __init check_vmi_rom(struct vrom_header *rom)
@@ -711,14 +717,14 @@ static inline int __init activate_vmi(void)
         para_fill(pv_cpu_ops.set_iopl_mask, SetIOPLMask);
         para_fill(pv_cpu_ops.io_delay, IODelay);
 
-        para_wrap(pv_cpu_ops.lazy_mode.enter, vmi_enter_lazy_cpu,
+        para_wrap(pv_cpu_ops.start_context_switch, vmi_start_context_switch,
                   set_lazy_mode, SetLazyMode);
-        para_wrap(pv_cpu_ops.lazy_mode.leave, vmi_leave_lazy,
+        para_wrap(pv_cpu_ops.end_context_switch, vmi_end_context_switch,
                   set_lazy_mode, SetLazyMode);
 
         para_wrap(pv_mmu_ops.lazy_mode.enter, vmi_enter_lazy_mmu,
                   set_lazy_mode, SetLazyMode);
-        para_wrap(pv_mmu_ops.lazy_mode.leave, vmi_leave_lazy,
+        para_wrap(pv_mmu_ops.lazy_mode.leave, vmi_leave_lazy_mmu,
                   set_lazy_mode, SetLazyMode);
 
         /* user and kernel flush are just handled with different flags to FlushTLB */
diff --git a/arch/x86/lguest/boot.c b/arch/x86/lguest/boot.c
index e94a11e42f98..5ab239711cc2 100644
--- a/arch/x86/lguest/boot.c
+++ b/arch/x86/lguest/boot.c
@@ -166,10 +166,16 @@ static void lazy_hcall3(unsigned long call,
 
 /* When lazy mode is turned off reset the per-cpu lazy mode variable and then
  * issue the do-nothing hypercall to flush any stored calls. */
-static void lguest_leave_lazy_mode(void)
+static void lguest_leave_lazy_mmu_mode(void)
+{
+        hcall(LHCALL_FLUSH_ASYNC, 0, 0, 0);
+        paravirt_leave_lazy_mmu();
+}
+
+static void lguest_end_context_switch(struct task_struct *next)
 {
-        paravirt_leave_lazy(paravirt_get_lazy_mode());
         kvm_hypercall0(LHCALL_FLUSH_ASYNC);
+        paravirt_end_context_switch(next);
 }
 
 /*G:033
@@ -1051,8 +1057,8 @@ __init void lguest_init(void)
         pv_cpu_ops.write_gdt_entry = lguest_write_gdt_entry;
         pv_cpu_ops.write_idt_entry = lguest_write_idt_entry;
         pv_cpu_ops.wbinvd = lguest_wbinvd;
-        pv_cpu_ops.lazy_mode.enter = paravirt_enter_lazy_cpu;
-        pv_cpu_ops.lazy_mode.leave = lguest_leave_lazy_mode;
+        pv_cpu_ops.start_context_switch = paravirt_start_context_switch;
+        pv_cpu_ops.end_context_switch = lguest_end_context_switch;
 
         /* pagetable management */
         pv_mmu_ops.write_cr3 = lguest_write_cr3;
@@ -1065,7 +1071,7 @@ __init void lguest_init(void)
         pv_mmu_ops.read_cr2 = lguest_read_cr2;
         pv_mmu_ops.read_cr3 = lguest_read_cr3;
         pv_mmu_ops.lazy_mode.enter = paravirt_enter_lazy_mmu;
-        pv_mmu_ops.lazy_mode.leave = lguest_leave_lazy_mode;
+        pv_mmu_ops.lazy_mode.leave = lguest_leave_lazy_mmu_mode;
         pv_mmu_ops.pte_update = lguest_pte_update;
         pv_mmu_ops.pte_update_defer = lguest_pte_update;
 
diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c
index a03b7279efa0..cfbb4a738011 100644
--- a/arch/x86/mm/fault.c
+++ b/arch/x86/mm/fault.c
@@ -225,12 +225,10 @@ static inline pmd_t *vmalloc_sync_one(pgd_t *pgd, unsigned long address)
         if (!pmd_present(*pmd_k))
                 return NULL;
 
-        if (!pmd_present(*pmd)) {
+        if (!pmd_present(*pmd))
                 set_pmd(pmd, *pmd_k);
-                arch_flush_lazy_mmu_mode();
-        } else {
+        else
                 BUG_ON(pmd_page(*pmd) != pmd_page(*pmd_k));
-        }
 
         return pmd_k;
 }
diff --git a/arch/x86/mm/highmem_32.c b/arch/x86/mm/highmem_32.c
index 8126e8d1a2a4..58f621e81919 100644
--- a/arch/x86/mm/highmem_32.c
+++ b/arch/x86/mm/highmem_32.c
@@ -44,7 +44,6 @@ void *kmap_atomic_prot(struct page *page, enum km_type type, pgprot_t prot)
         vaddr = __fix_to_virt(FIX_KMAP_BEGIN + idx);
         BUG_ON(!pte_none(*(kmap_pte-idx)));
         set_pte(kmap_pte-idx, mk_pte(page, prot));
-        arch_flush_lazy_mmu_mode();
 
         return (void *)vaddr;
 }
@@ -74,7 +73,6 @@ void kunmap_atomic(void *kvaddr, enum km_type type)
 #endif
         }
 
-        arch_flush_lazy_mmu_mode();
         pagefault_enable();
 }
 
diff --git a/arch/x86/mm/iomap_32.c b/arch/x86/mm/iomap_32.c
index 8056545e2d39..fe6f84ca121e 100644
--- a/arch/x86/mm/iomap_32.c
+++ b/arch/x86/mm/iomap_32.c
@@ -82,7 +82,6 @@ iounmap_atomic(void *kvaddr, enum km_type type)
         if (vaddr == __fix_to_virt(FIX_KMAP_BEGIN+idx))
                 kpte_clear_flush(kmap_pte-idx, vaddr);
 
-        arch_flush_lazy_mmu_mode();
         pagefault_enable();
 }
 EXPORT_SYMBOL_GPL(iounmap_atomic);
diff --git a/arch/x86/mm/pageattr.c b/arch/x86/mm/pageattr.c
index d71e1b636ce6..660cac75ae11 100644
--- a/arch/x86/mm/pageattr.c
+++ b/arch/x86/mm/pageattr.c
@@ -844,13 +844,6 @@ static int change_page_attr_set_clr(unsigned long *addr, int numpages,
 
         vm_unmap_aliases();
 
-        /*
-         * If we're called with lazy mmu updates enabled, the
-         * in-memory pte state may be stale.  Flush pending updates to
-         * bring them up to date.
-         */
-        arch_flush_lazy_mmu_mode();
-
         cpa.vaddr = addr;
         cpa.pages = pages;
         cpa.numpages = numpages;
@@ -895,13 +888,6 @@ static int change_page_attr_set_clr(unsigned long *addr, int numpages,
         } else
                 cpa_flush_all(cache);
 
-        /*
-         * If we've been called with lazy mmu updates enabled, then
-         * make sure that everything gets flushed out before we
-         * return.
-         */
-        arch_flush_lazy_mmu_mode();
-
 out:
         return ret;
 }
diff --git a/arch/x86/xen/enlighten.c b/arch/x86/xen/enlighten.c
index 82cd39a6cbd3..12a3159333bc 100644
--- a/arch/x86/xen/enlighten.c
+++ b/arch/x86/xen/enlighten.c
@@ -42,6 +42,7 @@
 #include <asm/xen/hypervisor.h>
 #include <asm/fixmap.h>
 #include <asm/processor.h>
+#include <asm/proto.h>
 #include <asm/msr-index.h>
 #include <asm/setup.h>
 #include <asm/desc.h>
@@ -168,21 +169,23 @@ static void __init xen_banner(void)
                xen_feature(XENFEAT_mmu_pt_update_preserve_ad) ? " (preserve-AD)" : "");
 }
 
+static __read_mostly unsigned int cpuid_leaf1_edx_mask = ~0;
+static __read_mostly unsigned int cpuid_leaf1_ecx_mask = ~0;
+
 static void xen_cpuid(unsigned int *ax, unsigned int *bx,
                       unsigned int *cx, unsigned int *dx)
 {
+        unsigned maskecx = ~0;
         unsigned maskedx = ~0;
 
         /*
          * Mask out inconvenient features, to try and disable as many
          * unsupported kernel subsystems as possible.
          */
-        if (*ax == 1)
-                maskedx = ~((1 << X86_FEATURE_APIC) |  /* disable APIC */
-                            (1 << X86_FEATURE_ACPI) |  /* disable ACPI */
-                            (1 << X86_FEATURE_MCE)  |  /* disable MCE */
-                            (1 << X86_FEATURE_MCA)  |  /* disable MCA */
-                            (1 << X86_FEATURE_ACC));   /* thermal monitoring */
+        if (*ax == 1) {
+                maskecx = cpuid_leaf1_ecx_mask;
+                maskedx = cpuid_leaf1_edx_mask;
+        }
 
         asm(XEN_EMULATE_PREFIX "cpuid"
                 : "=a" (*ax),
@@ -190,9 +193,43 @@ static void xen_cpuid(unsigned int *ax, unsigned int *bx,
                   "=c" (*cx),
                   "=d" (*dx)
                 : "0" (*ax), "2" (*cx));
+
+        *cx &= maskecx;
         *dx &= maskedx;
 }
 
+static __init void xen_init_cpuid_mask(void)
+{
+        unsigned int ax, bx, cx, dx;
+
+        cpuid_leaf1_edx_mask =
+                ~((1 << X86_FEATURE_MCE)  |  /* disable MCE */
+                  (1 << X86_FEATURE_MCA)  |  /* disable MCA */
+                  (1 << X86_FEATURE_ACC));   /* thermal monitoring */
+
+        if (!xen_initial_domain())
+                cpuid_leaf1_edx_mask &=
+                        ~((1 << X86_FEATURE_APIC) |  /* disable local APIC */
+                          (1 << X86_FEATURE_ACPI));  /* disable ACPI */
+
+        ax = 1;
+        xen_cpuid(&ax, &bx, &cx, &dx);
+
+        /* cpuid claims we support xsave; try enabling it to see what happens */
+        if (cx & (1 << (X86_FEATURE_XSAVE % 32))) {
+                unsigned long cr4;
+
+                set_in_cr4(X86_CR4_OSXSAVE);
+                
+                cr4 = read_cr4();
+
+                if ((cr4 & X86_CR4_OSXSAVE) == 0)
+                        cpuid_leaf1_ecx_mask &= ~(1 << (X86_FEATURE_XSAVE % 32));
+
+                clear_in_cr4(X86_CR4_OSXSAVE);
+        }
+}
+
 static void xen_set_debugreg(int reg, unsigned long val)
 {
         HYPERVISOR_set_debugreg(reg, val);
@@ -203,10 +240,10 @@ static unsigned long xen_get_debugreg(int reg)
         return HYPERVISOR_get_debugreg(reg);
 }
 
-void xen_leave_lazy(void)
+static void xen_end_context_switch(struct task_struct *next)
 {
-        paravirt_leave_lazy(paravirt_get_lazy_mode());
         xen_mc_flush();
+        paravirt_end_context_switch(next);
 }
 
 static unsigned long xen_store_tr(void)
@@ -284,12 +321,11 @@ static void xen_set_ldt(const void *addr, unsigned entries)
 
 static void xen_load_gdt(const struct desc_ptr *dtr)
 {
-        unsigned long *frames;
         unsigned long va = dtr->address;
         unsigned int size = dtr->size + 1;
         unsigned pages = (size + PAGE_SIZE - 1) / PAGE_SIZE;
+        unsigned long frames[pages];
         int f;
-        struct multicall_space mcs;
 
         /* A GDT can be up to 64k in size, which corresponds to 8192
            8-byte entries, or 16 4k pages.. */
@@ -297,19 +333,26 @@ static void xen_load_gdt(const struct desc_ptr *dtr)
         BUG_ON(size > 65536);
         BUG_ON(va & ~PAGE_MASK);
 
-        mcs = xen_mc_entry(sizeof(*frames) * pages);
-        frames = mcs.args;
-
         for (f = 0; va < dtr->address + size; va += PAGE_SIZE, f++) {
-                frames[f] = arbitrary_virt_to_mfn((void *)va);
+                int level;
+                pte_t *ptep = lookup_address(va, &level);
+                unsigned long pfn, mfn;
+                void *virt;
+
+                BUG_ON(ptep == NULL);
+
+                pfn = pte_pfn(*ptep);
+                mfn = pfn_to_mfn(pfn);
+                virt = __va(PFN_PHYS(pfn));
+
+                frames[f] = mfn;
 
                 make_lowmem_page_readonly((void *)va);
-                make_lowmem_page_readonly(mfn_to_virt(frames[f]));
+                make_lowmem_page_readonly(virt);
         }
 
-        MULTI_set_gdt(mcs.mc, frames, size / sizeof(struct desc_struct));
-
-        xen_mc_issue(PARAVIRT_LAZY_CPU);
+        if (HYPERVISOR_set_gdt(frames, size / sizeof(struct desc_struct)))
+                BUG();
 }
 
 static void load_TLS_descriptor(struct thread_struct *t,
@@ -385,7 +428,7 @@ static void xen_write_ldt_entry(struct desc_struct *dt, int entrynum,
 static int cvt_gate_to_trap(int vector, const gate_desc *val,
                             struct trap_info *info)
 {
-        if (val->type != 0xf && val->type != 0xe)
+        if (val->type != GATE_TRAP && val->type != GATE_INTERRUPT)
                 return 0;
 
         info->vector = vector;
@@ -393,8 +436,8 @@ static int cvt_gate_to_trap(int vector, const gate_desc *val,
         info->cs = gate_segment(*val);
         info->flags = val->dpl;
         /* interrupt gates clear IF */
-        if (val->type == 0xe)
-                info->flags |= 4;
+        if (val->type == GATE_INTERRUPT)
+                info->flags |= 1 << 2;
 
         return 1;
 }
@@ -817,10 +860,8 @@ static const struct pv_cpu_ops xen_cpu_ops __initdata = {
         /* Xen takes care of %gs when switching to usermode for us */
         .swapgs = paravirt_nop,
 
-        .lazy_mode = {
-                .enter = paravirt_enter_lazy_cpu,
-                .leave = xen_leave_lazy,
-        },
+        .start_context_switch = paravirt_start_context_switch,
+        .end_context_switch = xen_end_context_switch,
 };
 
 static const struct pv_apic_ops xen_apic_ops __initdata = {
@@ -872,7 +913,6 @@ static const struct machine_ops __initdata xen_machine_ops = {
         .emergency_restart = xen_emergency_restart,
 };
 
-
 /* First C function to be called on Xen boot */
 asmlinkage void __init xen_start_kernel(void)
 {
@@ -897,6 +937,8 @@ asmlinkage void __init xen_start_kernel(void)
 
         xen_init_irq_ops();
 
+        xen_init_cpuid_mask();
+
 #ifdef CONFIG_X86_LOCAL_APIC
         /*
          * set up the basic apic ops.
@@ -938,6 +980,11 @@ asmlinkage void __init xen_start_kernel(void)
         if (!xen_initial_domain())
                 __supported_pte_mask &= ~(_PAGE_PWT | _PAGE_PCD);
 
+#ifdef CONFIG_X86_64
+        /* Work out if we support NX */
+        check_efer();
+#endif
+
         /* Don't do the full vcpu_info placement stuff until we have a
            possible map and a non-dummy shared_info. */
         per_cpu(xen_vcpu, 0) = &HYPERVISOR_shared_info->vcpu_info[0];
diff --git a/arch/x86/xen/mmu.c b/arch/x86/xen/mmu.c
index db3802fb7b84..77b242c9a11e 100644
--- a/arch/x86/xen/mmu.c
+++ b/arch/x86/xen/mmu.c
@@ -184,7 +184,7 @@ static inline unsigned p2m_index(unsigned long pfn)
 }
 
 /* Build the parallel p2m_top_mfn structures */
-void xen_setup_mfn_list_list(void)
+static void __init xen_build_mfn_list_list(void)
 {
         unsigned pfn, idx;
 
@@ -198,7 +198,10 @@ void xen_setup_mfn_list_list(void)
                 unsigned topidx = idx * P2M_ENTRIES_PER_PAGE;
                 p2m_top_mfn_list[idx] = virt_to_mfn(&p2m_top_mfn[topidx]);
         }
+}
 
+void xen_setup_mfn_list_list(void)
+{
         BUG_ON(HYPERVISOR_shared_info == &xen_dummy_shared_info);
 
         HYPERVISOR_shared_info->arch.pfn_to_mfn_frame_list_list =
@@ -218,6 +221,8 @@ void __init xen_build_dynamic_phys_to_machine(void)
 
                 p2m_top[topidx] = &mfn_list[pfn];
         }
+
+        xen_build_mfn_list_list();
 }
 
 unsigned long get_phys_to_machine(unsigned long pfn)
@@ -233,47 +238,74 @@ unsigned long get_phys_to_machine(unsigned long pfn)
 }
 EXPORT_SYMBOL_GPL(get_phys_to_machine);
 
-static void alloc_p2m(unsigned long **pp, unsigned long *mfnp)
+/* install a  new p2m_top page */
+bool install_p2mtop_page(unsigned long pfn, unsigned long *p)
 {
-        unsigned long *p;
+        unsigned topidx = p2m_top_index(pfn);
+        unsigned long **pfnp, *mfnp;
         unsigned i;
 
-        p = (void *)__get_free_page(GFP_KERNEL | __GFP_NOFAIL);
-        BUG_ON(p == NULL);
+        pfnp = &p2m_top[topidx];
+        mfnp = &p2m_top_mfn[topidx];
 
         for (i = 0; i < P2M_ENTRIES_PER_PAGE; i++)
                 p[i] = INVALID_P2M_ENTRY;
 
-        if (cmpxchg(pp, p2m_missing, p) != p2m_missing)
-                free_page((unsigned long)p);
-        else
+        if (cmpxchg(pfnp, p2m_missing, p) == p2m_missing) {
                 *mfnp = virt_to_mfn(p);
+                return true;
+        }
+
+        return false;
 }
 
-void set_phys_to_machine(unsigned long pfn, unsigned long mfn)
+static void alloc_p2m(unsigned long pfn)
 {
-        unsigned topidx, idx;
+        unsigned long *p;
 
-        if (unlikely(xen_feature(XENFEAT_auto_translated_physmap))) {
-                BUG_ON(pfn != mfn && mfn != INVALID_P2M_ENTRY);
-                return;
-        }
+        p = (void *)__get_free_page(GFP_KERNEL | __GFP_NOFAIL);
+        BUG_ON(p == NULL);
+
+        if (!install_p2mtop_page(pfn, p))
+                free_page((unsigned long)p);
+}
+
+/* Try to install p2m mapping; fail if intermediate bits missing */
+bool __set_phys_to_machine(unsigned long pfn, unsigned long mfn)
+{
+        unsigned topidx, idx;
 
         if (unlikely(pfn >= MAX_DOMAIN_PAGES)) {
                 BUG_ON(mfn != INVALID_P2M_ENTRY);
-                return;
+                return true;
         }
 
         topidx = p2m_top_index(pfn);
         if (p2m_top[topidx] == p2m_missing) {
-                /* no need to allocate a page to store an invalid entry */
                 if (mfn == INVALID_P2M_ENTRY)
-                        return;
-                alloc_p2m(&p2m_top[topidx], &p2m_top_mfn[topidx]);
+                        return true;
+                return false;
         }
 
         idx = p2m_index(pfn);
         p2m_top[topidx][idx] = mfn;
+
+        return true;
+}
+
+void set_phys_to_machine(unsigned long pfn, unsigned long mfn)
+{
+        if (unlikely(xen_feature(XENFEAT_auto_translated_physmap))) {
+                BUG_ON(pfn != mfn && mfn != INVALID_P2M_ENTRY);
+                return;
+        }
+
+        if (unlikely(!__set_phys_to_machine(pfn, mfn)))  {
+                alloc_p2m(pfn);
+
+                if (!__set_phys_to_machine(pfn, mfn))
+                        BUG();
+        }
 }
 
 unsigned long arbitrary_virt_to_mfn(void *vaddr)
@@ -419,10 +451,6 @@ void set_pte_mfn(unsigned long vaddr, unsigned long mfn, pgprot_t flags)
 void xen_set_pte_at(struct mm_struct *mm, unsigned long addr,
                     pte_t *ptep, pte_t pteval)
 {
-        /* updates to init_mm may be done without lock */
-        if (mm == &init_mm)
-                preempt_disable();
-
         ADD_STATS(set_pte_at, 1);
 //      ADD_STATS(set_pte_at_pinned, xen_page_pinned(ptep));
         ADD_STATS(set_pte_at_current, mm == current->mm);
@@ -443,9 +471,7 @@ void xen_set_pte_at(struct mm_struct *mm, unsigned long addr,
         }
         xen_set_pte(ptep, pteval);
 
-out:
-        if (mm == &init_mm)
-                preempt_enable();
+out:    return;
 }
 
 pte_t xen_ptep_modify_prot_start(struct mm_struct *mm,
@@ -987,7 +1013,7 @@ static __init int xen_mark_pinned(struct mm_struct *mm, struct page *page,
         return 0;
 }
 
-void __init xen_mark_init_mm_pinned(void)
+static void __init xen_mark_init_mm_pinned(void)
 {
         xen_pgd_walk(&init_mm, xen_mark_pinned, FIXADDR_TOP);
 }
@@ -1119,10 +1145,8 @@ static void drop_other_mm_ref(void *info)
 
         /* If this cpu still has a stale cr3 reference, then make sure
            it has been flushed. */
-        if (percpu_read(xen_current_cr3) == __pa(mm->pgd)) {
+        if (percpu_read(xen_current_cr3) == __pa(mm->pgd))
                 load_cr3(swapper_pg_dir);
-                arch_flush_lazy_cpu_mode();
-        }
 }
 
 static void xen_drop_mm_ref(struct mm_struct *mm)
@@ -1135,7 +1159,6 @@ static void xen_drop_mm_ref(struct mm_struct *mm)
                         load_cr3(swapper_pg_dir);
                 else
                         leave_mm(smp_processor_id());
-                arch_flush_lazy_cpu_mode();
         }
 
         /* Get the "official" set of cpus referring to our pagetable. */
@@ -1270,8 +1293,8 @@ static void xen_flush_tlb_others(const struct cpumask *cpus,
         } *args;
         struct multicall_space mcs;
 
-        BUG_ON(cpumask_empty(cpus));
-        BUG_ON(!mm);
+        if (cpumask_empty(cpus))
+                return;         /* nothing to do */
 
         mcs = xen_mc_entry(sizeof(*args));
         args = mcs.args;
@@ -1438,6 +1461,15 @@ static __init void xen_set_pte_init(pte_t *ptep, pte_t pte)
 }
 #endif
 
+static void pin_pagetable_pfn(unsigned cmd, unsigned long pfn)
+{
+        struct mmuext_op op;
+        op.cmd = cmd;
+        op.arg1.mfn = pfn_to_mfn(pfn);
+        if (HYPERVISOR_mmuext_op(&op, 1, NULL, DOMID_SELF))
+                BUG();
+}
+
 /* Early in boot, while setting up the initial pagetable, assume
    everything is pinned. */
 static __init void xen_alloc_pte_init(struct mm_struct *mm, unsigned long pfn)
@@ -1446,22 +1478,29 @@ static __init void xen_alloc_pte_init(struct mm_struct *mm, unsigned long pfn)
         BUG_ON(mem_map);        /* should only be used early */
 #endif
         make_lowmem_page_readonly(__va(PFN_PHYS(pfn)));
+        pin_pagetable_pfn(MMUEXT_PIN_L1_TABLE, pfn);
+}
+
+/* Used for pmd and pud */
+static __init void xen_alloc_pmd_init(struct mm_struct *mm, unsigned long pfn)
+{
+#ifdef CONFIG_FLATMEM
+        BUG_ON(mem_map);        /* should only be used early */
+#endif
+        make_lowmem_page_readonly(__va(PFN_PHYS(pfn)));
 }
 
 /* Early release_pte assumes that all pts are pinned, since there's
    only init_mm and anything attached to that is pinned. */
-static void xen_release_pte_init(unsigned long pfn)
+static __init void xen_release_pte_init(unsigned long pfn)
 {
+        pin_pagetable_pfn(MMUEXT_UNPIN_TABLE, pfn);
         make_lowmem_page_readwrite(__va(PFN_PHYS(pfn)));
 }
 
-static void pin_pagetable_pfn(unsigned cmd, unsigned long pfn)
+static __init void xen_release_pmd_init(unsigned long pfn)
 {
-        struct mmuext_op op;
-        op.cmd = cmd;
-        op.arg1.mfn = pfn_to_mfn(pfn);
-        if (HYPERVISOR_mmuext_op(&op, 1, NULL, DOMID_SELF))
-                BUG();
+        make_lowmem_page_readwrite(__va(PFN_PHYS(pfn)));
 }
 
 /* This needs to make sure the new pte page is pinned iff its being
@@ -1819,6 +1858,13 @@ __init void xen_post_allocator_init(void)
         xen_mark_init_mm_pinned();
 }
 
+static void xen_leave_lazy_mmu(void)
+{
+        preempt_disable();
+        xen_mc_flush();
+        paravirt_leave_lazy_mmu();
+        preempt_enable();
+}
 
 const struct pv_mmu_ops xen_mmu_ops __initdata = {
         .pagetable_setup_start = xen_pagetable_setup_start,
@@ -1843,9 +1889,9 @@ const struct pv_mmu_ops xen_mmu_ops __initdata = {
 
         .alloc_pte = xen_alloc_pte_init,
         .release_pte = xen_release_pte_init,
-        .alloc_pmd = xen_alloc_pte_init,
+        .alloc_pmd = xen_alloc_pmd_init,
         .alloc_pmd_clone = paravirt_nop,
-        .release_pmd = xen_release_pte_init,
+        .release_pmd = xen_release_pmd_init,
 
 #ifdef CONFIG_HIGHPTE
         .kmap_atomic_pte = xen_kmap_atomic_pte,
@@ -1883,8 +1929,8 @@ const struct pv_mmu_ops xen_mmu_ops __initdata = {
         .make_pud = PV_CALLEE_SAVE(xen_make_pud),
         .set_pgd = xen_set_pgd_hyper,
 
-        .alloc_pud = xen_alloc_pte_init,
-        .release_pud = xen_release_pte_init,
+        .alloc_pud = xen_alloc_pmd_init,
+        .release_pud = xen_release_pmd_init,
 #endif  /* PAGETABLE_LEVELS == 4 */
 
         .activate_mm = xen_activate_mm,
@@ -1893,7 +1939,7 @@ const struct pv_mmu_ops xen_mmu_ops __initdata = {
 
         .lazy_mode = {
                 .enter = paravirt_enter_lazy_mmu,
-                .leave = xen_leave_lazy,
+                .leave = xen_leave_lazy_mmu,
         },
 
         .set_fixmap = xen_set_fixmap,
diff --git a/arch/x86/xen/mmu.h b/arch/x86/xen/mmu.h
index 24d1b44a337d..da7302624897 100644
--- a/arch/x86/xen/mmu.h
+++ b/arch/x86/xen/mmu.h
@@ -11,6 +11,9 @@ enum pt_level {
 };
 
 
+bool __set_phys_to_machine(unsigned long pfn, unsigned long mfn);
+bool install_p2mtop_page(unsigned long pfn, unsigned long *p);
+
 void set_pte_mfn(unsigned long vaddr, unsigned long pfn, pgprot_t flags);
 
 
diff --git a/arch/x86/xen/smp.c b/arch/x86/xen/smp.c
index 585a6e330837..429834ec1687 100644
--- a/arch/x86/xen/smp.c
+++ b/arch/x86/xen/smp.c
@@ -317,7 +317,7 @@ static int __cpuinit xen_cpu_up(unsigned int cpu)
         BUG_ON(rc);
 
         while(per_cpu(cpu_state, cpu) != CPU_ONLINE) {
-                HYPERVISOR_sched_op(SCHEDOP_yield, 0);
+                HYPERVISOR_sched_op(SCHEDOP_yield, NULL);
                 barrier();
         }
 
@@ -422,7 +422,7 @@ static void xen_smp_send_call_function_ipi(const struct cpumask *mask)
         /* Make sure other vcpus get a chance to run if they need to. */
         for_each_cpu(cpu, mask) {
                 if (xen_vcpu_stolen(cpu)) {
-                        HYPERVISOR_sched_op(SCHEDOP_yield, 0);
+                        HYPERVISOR_sched_op(SCHEDOP_yield, NULL);
                         break;
                 }
         }
diff --git a/arch/x86/xen/xen-ops.h b/arch/x86/xen/xen-ops.h
index 2f5ef2632ea2..5c50a1017a37 100644
--- a/arch/x86/xen/xen-ops.h
+++ b/arch/x86/xen/xen-ops.h
@@ -30,7 +30,6 @@ pgd_t *xen_setup_kernel_pagetable(pgd_t *pgd, unsigned long max_pfn);
 void xen_ident_map_ISA(void);
 void xen_reserve_top(void);
 
-void xen_leave_lazy(void);
 void xen_post_allocator_init(void);
 
 char * __init xen_memory_setup(void);
@@ -57,8 +56,6 @@ irqreturn_t xen_debug_interrupt(int irq, void *dev_id);
 
 bool xen_vcpu_stolen(int vcpu);
 
-void xen_mark_init_mm_pinned(void);
-
 void xen_setup_vcpu_info_placement(void);
 
 #ifdef CONFIG_SMP