[BitVisor-devel-en:125] BitVisor 3.0 released
Hideki EIRAKU
hdk at igel.co.jp
Tue Aug 20 18:29:23 JST 2024
Hello,
We are happy to announce that BitVisor 3.0 has been released:
https://sourceforge.net/projects/bitvisor/files/bitvisor/3.0/
The differences between BitVisor 3.0 and BitVisor 2.0 are:
============================================================
Big changes
- AArch64 support
- Switch to Kconfig
- Refactoring for AArch64 support
- VT-d DMA remapping pass-through support
- Improve UEFI code
------------------------------------------------------------
AArch64 support
AArch64 is now supported. See docs/getting_started.md for how to use.
See docs/aarch64/overview.md for implementation details.
------------------------------------------------------------
Switch to Kconfig
make config is now switched to Kconfig. To use previous .config file
which uses foo=0 and foo=1 format, it needs to be replaced with foo=n
and foo=y.
Unlike previous make config, Kconfig can have dependency information.
For example, CONFIG_DISABLE_SLEEP depends on CONFIG_ACPI_DSDT. The
information can avoid incorrect selection.
------------------------------------------------------------
Refactoring for AArch64 support
Architecture dependent parts are now separated.
------------------------------------------------------------
VT-d DMA remapping pass-through support
VT-d DMA remapping pass-through is now supported. Selecting
CONFIG_DMAR_PASS_THROUGH=y in make config enables the feature. If it
is enabled, a guest operating system can use VT-d. Adding VMM address
range to RMRR makes DMA usable for VMM address. When para
pass-through drivers access DMA address in the guest operating system,
the address is converted from virtual address.
Address space "as" has been introduced for the feature. The following
shows changes related to "as":
- Instead of previous mapmem_gphys which is now removed, mapmem_as has
been introduced.
- Global variable as_passvm is added for address space of a
pass-through virtual machine.
- "as" for address space of a virtual machine is added to the struct
vcpu. However, it is same as "as_passvm" since currently there is
only one virtual machine which is pass-through.
- as_dma for DMA address space is added to the struct pci_device.
as_dma is same as as_passvm in case of the feature is disabled.
Otherwise, it shows address space for the device.
Note that as_dma is for DMA. To access device registers, use
as_passvm.
------------------------------------------------------------
Improve UEFI code
- Previously EDK was used for UEFI support. Now EDK2 is used.
- Previously MinGW was used for building UEFI applications. Now Clang
is used.
- Makefile.uefi.common is added for building UEFI applications.
============================================================
New device support
- NVMe
- Marvell (Aquantia) AQC107
- Realtek RTL8168
------------------------------------------------------------
NVMe
NVMe is now supported. Specifying driver=nvme to vmm.driver.pci
enables the driver. The driver is more extendable than ata and ahci
driver. Parameters are:
- storage_io: 1 enables storage_io.
- ext: encrypt enables storage encryption. Other extension can be
implemented.
- filter_msi: 1 enables MSI filter. It discards interrupts while
interrupt mask is set, while a guest operating system enables MSI.
It is used when the guest operating system repeats controller reset
and does not boot properly.
In addition, ANS2 is also supported. Specifying driver=nvme_apple to
vmm.driver.pci enables the driver. In addition to the above
parameters, ans2_wrapper parameter exists. Setting it to 1 conceals
ANS2 hardware encryption.
------------------------------------------------------------
Marvell (Aquantia) AQC107
Marvell (Aquantia) AQC107 is now supported. Selecting CONFIG_NET_AQ=y
in make config and specifying driver=aq,virtio=1 to vmm.driver.pci
enables the driver. The driver only supports virtio-net.
------------------------------------------------------------
Realtek RTL8168
Realtek GbE NIC is now supported. FreeBSD code has been imported.
Selecting CONFIG_NET_RE=y in make config and specifying driver=re to
vmm.driver.pci enables the driver. The driver only supports
concealing mode (like net=ip) or virtio-net.
============================================================
Virtual device support
- Virtual virtio-net
------------------------------------------------------------
Virtual virtio-net
Virtual virtio-net device is now supported. Specifying as below
connects a virtual virtio-net device to a TCP/IP stack in VMM:
vmm.driver.pci_virtual="driver=virtio-net, net=ip"
While existing net interface is used, virtual device side of net
interface is not used. Physical device side is connected to a virtual
machine. Therefore, specifying tty=1 is to send VMM logs to the
virtual machine.
============================================================
Network improvement and new features
- Add WireGuard
- Add WireGuard Guest OS
- Add TLS
- Update lwIP
- Virtio 1.1 support (virtio-net) / VT-d pass-through support
- Improve TCP/IP performance
- bnx: add hotplugpass option
------------------------------------------------------------
Add WireGuard
WireGuard is now supported. wireguard-lwip has been imported to
ip/wireguard/wireguard-lwip/ directory. Selecting CONFIG_WIREGUARD=y
in make config enables the feature. When using TCP/IP stack in the
VMM, WireGuard VPN tunnel is usable. See docs/wireguard.md for
details.
------------------------------------------------------------
Add WireGuard Guest OS
A feature that routes traffic of guest operating system to WireGuard
VPN tunnel is added. It uses TCP/IP stack unlike existing IPsec VPN.
Therefore VMM can communicate through the tunnel too. See
docs/wireguard_guest_os.md for details.
------------------------------------------------------------
Add TLS
TLS is now supported. Mbed TLS has been imported to
ip/mbedtls/mbedtls-2.28.6/ directory. Selecting CONFIG_TLS=y in make
config enables the feature. See docs/Mbed-TLS.md for details.
------------------------------------------------------------
Update lwIP
lwIP is updated to 2.1.3.
------------------------------------------------------------
Virtio 1.1 support (virtio-net) / VT-d pass-through support
virtio-net now supports virtio 1.1. VIRTIO_F_ACCESS_PLATFORM which is
defined in the virtio 1.1 spec is now supported for VT-d DMA remapping
pass-through.
------------------------------------------------------------
Improve TCP/IP performance
For net=ippass, which uses TCP/IP stack in VMM and pass-through
communication for guest operating system, net=ippassfilter and
net=ippassfilter2 which filters unnecessary received packets have been
added. They reduce load of each TCP/IP stack in VMM and guest
operating system by dropping packets considered as unnecessary just
after receving. net=ippassfilter filters fully, while
net=ippassfilter2 makes the guest operating system receive at least 1
of 100 packets. net=ippassfilter2 is added for avoiding nobody cared
errors in Linux.
Other improvements:
- virtio-net: try to submit packets in a batch to the device driver
- ip: avoid using ntohs() in ip_main_input()
- ip: reduce lwip_htons and lwip_htonl overhead
- ip: reduce number of alloc/free/memcpy when a packet has been received
------------------------------------------------------------
bnx: add hotplugpass option
bnx driver now has hotplugpass option. If hotplugpass=1 is specified,
bnx devices which hot-plugged after VMM started are pass-through to
the guest operating system.
============================================================
Core improvement and new features
- dres_reg
- VT-x unsafe nested virtualization
- Improve nested virtualization
- Improve VT-x performance
- Large memory and many CPU cores support
- Improve heap allocation
- Improve process features
- New CPU support
- New machines support
- QEMU+Linux KVM support
- Improve handling INIT
- Improve debug features
- Improve panic routine
- Improve string routines
- Introduce MAPMEM_CANFAIL and MAPMEM_UC flag
- PKRU state pass-through
- Conceal SMX
------------------------------------------------------------
dres_reg
New dres_reg provides an abstraction to access device registers and to
trap access device registers from the guest.
------------------------------------------------------------
VT-x unsafe nested virtualization
VT-x unsafe nested virtualization is now supported.
------------------------------------------------------------
Improve nested virtualization
Partially safe mode is now supported. Partially safe mode prevents
attacking by using a virtual machine which has pass-through RAM. On
VT-x, shadow EPT is created. On SVM, RVI is concealed and RVI of the
VMM is applied to the nested virtual machine.
See docs/nested_virtualization.md for details.
------------------------------------------------------------
Improve VT-x performance
- INVEPT instruction is now used only when it is necessary.
- In case of unrestricted guest is enabled, VM exit is now avoided for
modifying PE bit of CR0 and PGE bit of CR4.
- PCID is now supported.
------------------------------------------------------------
Large memory and many CPU cores support
The following changes are applied to avoid out of memory issue in the
VMM because of increased RAM capacity and number of CPU cores in
recent years:
- 1GiB pages are now used if available for EPT and RVI.
- Number of pages allocated for EPT and RVI is now reduced
drastically. Previously 1024 pages were allocated for each logical
processor. Now 16 pages are allocated first, and maximum 256 pages
are allocated on demand.
In addition, the following heap allocation also supports increased
number of CPU cores.
------------------------------------------------------------
Improve heap allocation
Heap allocation is now improved. Unused area is reduced. For
example, when VMM allocates struct vcpu, 0x80630 bytes for x86 64-bit,
previously 0x100000 bytes were internally allocated, but now 0x81000
bytes is allocated. Since the struct vcpu is allocated for each
logical processor, the 0x7f000-byte difference will be bigger if
number of CPU cores is more.
In addition, in allocating smaller than page size, performance is now
improved by avoiding linear search. "small" allocation between
128-byte and 2048-byte is maintained by using maximum 32-bit bitmap
added to struct page and lists. 16, 32 and 64-byte "tiny" allocation
is maintained by using additional 32-bit bitmap in 32x size "small"
allocation.
------------------------------------------------------------
Improve process features
- Read-only segments of processes are now shared-mapped. When
executing a process containing large text section, heap usage is
reduced since the text section is not copied to heap.
- Unnamed msgregister and unnamed msgsenddesc are now supported.
Unnamed function pointer can be registered by specifying NULL name
to msgregister(). It can be transferred to other processes by
calling msgsenddesc() with returned descriptor with
MSGSENDDESC_MYFUNC flag ORed. Previously any process could
msgopen() by using name, now unnamed function pointer can be used
for callbacks called by specific processes since unnamed function
pointer cannot msgopen().
------------------------------------------------------------
New CPU support
- LA57 (5-level paging) is now concealed.
- WAITPKG (TPAUSE, UMONITOR and UMWAIT instruction) is now supported.
- AVX512 is now supported.
- Memory Protection Extension (MPX) pass-through is now supported.
- Hardware Feedback Interface is now supported.
- Processor Trace is now supported. vmm.allow_pt selects pass-through
or concealing as follows:
- 0: Processor Trace is concealed.
- 1: Processor Trace is pass-through with address translation or
concealed in case of CPU does not support address translation.
- 2: Processor Trace is pass-through without address translation.
------------------------------------------------------------
New machines support
Issues on new machines are now fixed.
- Issues on new Mac firmware and macOS are now fixed.
- NVMe disconnection failure workaround is added.
- Firmware can now use privilege level 3.
- CR4.SMEP=1 and EFER.NXE=1 are supported for firmware call.
- VIRTIO_NET_F_CTRL_VQ and VIRTIO_NET_F_CTRL_RX are supported in
virtio-net.
- An issue on new Fujitsu PC firmware is now fixed.
- ACPI table changes are now applied properly even if
InstallConfigurationTable is used.
------------------------------------------------------------
QEMU+Linux KVM support
Fixes for running BitVisor on QEMU+Linux KVM:
- CPUID between 0x40000000 and 0x4FFFFFFF is now concealed. The range
is used by VMMs like Linux KVM. Previously error occurred since
they were pass-through but BitVisor did not support such features.
- External interrupt VM exit while blocking by STI bit is set is now
handled properly instead of panic.
- First 1MiB RAM is mapped first to avoid data corruption because of
VM exit while writing to memory by INS instruction in BIOS which
reads ATA storage without using DMA.
- Local APIC pass-through may cause an issue in case of APICV in Linux
KVM is enabled. vmm.localapic_intercept=1 can avoid the issue.
CONFIG_TCG_BIOS=y may cause unexpected QEMU termination in case of
BIOS environment on QEMU+Linux KVM.
------------------------------------------------------------
Improve handling INIT
- Wait-for-SIPI emulation support for VT-x environment: It is enabled
in case of running on processors that do not support wait-for-SIPI
state, or vmm.localapic_intercept=1.
- Workaround for lost of SIPI sent by a guest operating system: VMM
transits to wait-for-SIPI as soon as possible after VM exit caused
by INIT.
- Fix panic of wait-for-SIPI with pending interrupts: A panic when
transitting to wait-for-SIPI state while there are pending
interrupts is fixed.
- Fix an issue of wait-for-SIPI and NMI: An issue that NMIs while
wait-for-SIPI emulation were previously not discarded is fixed.
- Fix INIT handling just before VMRUN instruction: INIT is now checked
as same as NMI just before executing VMRUN instruction.
------------------------------------------------------------
Improve debug features
- Length option is added to dump memory command.
- CONFIG_DEBUG_SERIAL is added. On x86 build, setting it to y adds a
virtual serial device on I/O port 0x400. Linux early console output
can be gotten as VMM log by specifying
"earlyprintk=serial,0x400,keep" Linux parameter.
- Telnet server for debugging is added. dbgsh can be accessed through
telnet using TCP/IP stack with vmm.telnet_dbgsh=1. When panic
occurs, it is accessible only if the TCP/IP stack and a network
device driver are properly working. In case of vmm.telnet_dbgsh=1,
shell access from keyboard and serial port is disabled.
------------------------------------------------------------
Improve panic routine
- Register dump now works on every processor even if number of
processors is more than 6.
- The panic routine prints information while avoiding infinite loop as
possible when panic occurs while handling panic.
------------------------------------------------------------
Improve string routines
- Performance is improved.
- Unnecessary code now does not exist in objects.
------------------------------------------------------------
Introduce MAPMEM_CANFAIL and MAPMEM_UC flag
MAPMEM_CANFAIL and MAPMEM_UC flag are added as flags for mapmem_hphys
and mapmem_as function.
If MAPMEM_CANFAIL flag is set, they return NULL when failure. Without
the flag, they panic when failure. The flag has been introduced since
many drivers do not check NULL and only few cases in core can
continue after failure.
MAPMEM_UC flag means uncacheable. While MAPMEM_PCD, MAPMEM_PWT and
MAPMEM_PAT are x86 only, MAPMEM_UC can be used on both x86 and
AArch64.
------------------------------------------------------------
PKRU state pass-through
PKRU state is now pass-through. This is a workaround of an issue that
VMware Workstation does not work on BitVisor using nested
virtualization.
------------------------------------------------------------
Conceal SMX
SMX is now concealed. This is a workaround of panic caused by GETSEC
VM exit on Windows 10 Fall Creators Update.
============================================================
Other new features
- SQLite
- Add UEFI Graphics Output Protocol VGA driver
- Simple new features (other than code)
- Simple new features (code)
------------------------------------------------------------
SQLite
SQLite RDBMS is added. An amalgamation version of SQLite has been
imported to process/sqlite/sqlite3.c. Selecting CONFIG_SQLITE=y in
make config enables it. SQLite can be used in protection domain in
process/sqlite/ directory. There is an example named sqliteexample in
the directory. If it is enabled, sqliteexample can be executed from
dbgsh to test. Currently it is only for 64-bit environment.
------------------------------------------------------------
Add UEFI Graphics Output Protocol VGA driver
UEFI Graphics Output Protocol VGA driver is added. Selecting
CONFIG_VGA_UEFI=y in make config enables the driver. It can be used
for log output to a screen with CONFIG_TTY_VGA. Code using it for
other screen output can be added. However, it works only if Graphics
Output Protocol in UEFI firmware provides frame buffer information.
In addition, the output may not work after guest operating system
loads a graphics device driver.
------------------------------------------------------------
Simple new features (other than code)
Useful files and features for development and use are added:
- .clang-format file is added. It can be used with clang-format
version 15 or later. It is expected as applied to added part only
instead of whole code, and editing code manually after applied if
necessary.
- Makefile rule generating compile_commands.json file is added.
- docs/ directory is added for documentation. Some documents are
already added.
------------------------------------------------------------
Simple new features (code)
The following functions and macros are added:
- MAX and MIN macro are added. min function in storage implementation
is removed.
- random_num_hw function and random_num_sw function are added for
getting random number.
- qsort function is added for quick sort.
- get_epoch_time function is added for getting Unix epoch time. The
time is not accurate since it calculates from start-up time and
return value of get_time function.
============================================================
Miscellaneous fixes
Miscellaneous issues in virtio-net are fixed:
- virtio_net: fix buffer overflow in case of sending too large packet
- virtio_net: add MAPMEM_WRITE to mapmem_as() in do_net_ctrl() for correctness
- virtio_net: restore unconditional vnet->intr_clear() behavior
- virtio_net: make virtio_net_msix() fill data properly for read-only address
- virtio_net: avoid hardcoding queue size
- virtio_net: expose PCI_COMMAND_MEMENABLE
- virtio_net: use MAPMEM_WRITE when mapping buffer in do_net_send()
- virtio_net: do not clear legacy interrupt when triggering MSI
- virtio_net: suppress interrupts while receive ring buffer is full
Miscellaneous issues in bnx driver are fixed:
- bnx: rework on bnx_reset()
- bnx: clean up bnx_intr_disable()/bnx_intr_enable()
- bnx: use MAC address provided by firmware if available
- bnx: clear status word before proceeding to read producer/consumer index
- bnx: refer producer/consumer indexes directly instead of copying them
- bnx: receive all packets in the buffer at once
- bnx: fix unexpected delay of received packets
- bnx: ignore firmware's MAC address for Thunderbolt to Ethernet devices
- bnx: replace 0x0204 offset with BNXREG_HMBOX_INTR_CLR
Miscellaneous issues in pro1000 driver are fixed:
- pro1000: improve TX initialization for QEMU e1000e
- pro1000: set ITR to improve RX throughput on old models
- pro1000: add 8086:15e3 I219-LM
- pro1000: add 8086:156f I219-LM
- pro1000: add 8086:15be I219-V
- pro1000: add 8086:15bd I219-LM
- pro1000: map registers with MAPMEM_UC as well
- pro1000: send only if the link is up
- pro1000: ICS register is write-only
- pro1000: take care of 64-bit address in write_mydesc()
- pro1000: clean up magic numbers
- pro1000: generate virtio interrupts properly on recent Linux guest
Miscellaneous issues in xhci driver are fixed:
- drivers/usb/xhci: force the compiler to access registers with the correct size
- drivers/usb/xhci: fix "ERDP out of bounds" error when running on QEMU
- xhci: always write host value to the controller when guest writes to ERDP
- xhci: introduce host controller states and check them
- xhci: read capability registers using 32-bit aligned access
- xhci: trigger a panic on data inconsistency in the driver
- xhci: update VMM state upon detecting a controller error
- xhci: optimize struct xhci_guest_data
- xhci: release guest's ERST data just before changing the controller state to RUNNING
- xhci: reallocate the VMM's event ring if the size of the ring changes
- xhci: initialize the event ring and related data just before ERSTBA writing
- xhci: process the current state of the event ring properly
- xhci: allow variable size access to the capability registers
- xhci: switch to a big lock during xHCI register access
- xhci: remove "state_saved" member and panic when CRS bit is set
- xhci: rename "xhci_hc_reset()" and call it at the proper time
- xhci: support UEFI xHCI driver
- xhci: xHCI Local Memory Capability reports size in 1KB block
- xhci: rename 'offset' to 'field_offset' for naming consistency
- xhci: support USB_HOOK_DISCARD
Miscellaneous issues in process are fixed:
- process: msgsenddesc is only allowed with desc returned by newprocess
- process: add some sanity checks of system call arguments
- msg, process: copy strings until NUL
- process: check array index limit
- Makefile: strip process elf files
- process: clear TF on syscall
- process: disable syscall/sysret by default
Echo client issues in TCP/IP stack are fixed:
- ip/echoctl: move the assignment of 'echo_client_pcb' into connected
- ip/echoctl: fix the memory leaking issue in echo-client
- ip/echoctl: add an optional parameter for client connect to assign netif
- ip/echoctl: recycle the pcb after disconnected from remote server
Issues in boot/uefi-loader-login are fixed:
- boot/uefi-loader-login: extend maximum module2.bin size to 1MiB
- boot/uefi-loader-login: print error when module2.bin is too large
Miscellaneous issues in core are fixed:
- vmmcall_boot, thread: make vmmcall_boot_thread run on CPU0 to avoid errors
- main: fix panic when booting with minios
- entry: clear %rbp before calling vmm_main
- cpuid_pass: apply correct value to OSXSAVE and PKE
- svm: conceal SVM-Lock feature
- svm: check unsafe_nested_virtualization in svm_msr.c
- sync all processors when resume from suspend-to-RAM
- cpu_interpreter: fix rep string behavior in case of exception or IOACT_RERUN
- cpu_interpreter: fix movabs instruction with 64bit offset support
- xsetbv_pass: fix panic if an exception occurs during xsetbv
- spt: remove incorrect fast path
- vt, svm: fix task switch updating instruction pointer properly
- vt: clear XSS-exiting bitmap properly
- msr_pass: workaround for processor stall during microcode update
- msr_pass: workaround for operating system panic during microcode update
- nmi: set %gs in the #NMI handler
- nmi: refactor NMI handler
- vt_main: use NMI-window exiting instead of skipping NMI check if other event injection exists
- vt, nmi: handle NMI around vmlaunch/vmresume properly
- vt_main: handle multiple NMIs properly
- svm_main: handle NMI better if other event injection exists when NMI comes
- svm: handle NMI around vmrun properly
- svm_main: handle multiple NMIs properly
- vt_main: do not clear first flag in NMI case
- vt, svm, cpu_interpreter: handle unblocking NMIs by IRET instruction properly
- vt, svm: initialize debug registers in vmctl.reset()
- vt: clear states in vt_reset()
- svm, vt: reset LDTR, TR, GDTR and IDTR properly
- msr_pass: handle IA32_TSC_ADJUST MSR properly
- mm: unlock mapmem_lock when mapmem fails
- mm: increase mapmem space to avoid panic in pci_init.c on 32bit environment
- mm: flush TLBs properly in the unmap_user_area() function
- ap: add eoi function
- ap: print AP message after loading segment and interrupt descriptor tables
- ap: map local APIC registers on start instead of on every use
- acpi: look at another RSDT if UEFI firmware provides ACPIv1 table at different address from ACPIv2 table
- acpi: disable VT-d by default
- acpi: check RESET_REG_SUP bit before reading RESET_REG
- acpi: check whether DSDT address is available before using
- calluefi: CR4.VMXE=0 for a VM
- uefi: check NULL pointer at the end of boot_options array
- time: initialize timediff properly for APs on UEFI environment
- time: update timediff properly on wakeup
- time: use clock information in CPUID if available
Trivial issues and descriptions are fixed:
- cpu_interpreter: fix default segment
- uefi: fix trivial sizeof incorrect variable name
- bnx: fix some trivial log mistakes in bnx_rx_ring_set() and bnx_tx_ring_set()
- constants: add comment "32-Bit Read-Only Data Fields" for VMCS definitions
- access EFER with 64bit width
- entry: minor fixes in uefi64_entry
- vt: check whether 2MiB page is supported for EPT
- cache: use proper constant name instead of + 1
- ieee1394: remove -DIEEE1394_CONCEALER and compile the driver if necessary
- move size_t definition from share/vmm_types.h to core/types.h
- boot: update login-simple to use config.h and vmm_types.h in include/share
- bitvisor.lds: replace spaces with tabs for indentation
- mm: use mapmem_hphys/mapmem_gphys instead of mapmem function
- crypto: fix LONG_MIN, LONG_MAX and ULONG_MAX
- ipchecksum: treat zero as described in RFC 1071
Warnings when compiling or linking are reduced:
- Makefile: add -Wno-address-of-packed-member
- boot/login-simple: add -static option to suppress warnings
- tty: fix unused variable warnings when building with CONFIG_TTY_SERIAL=1
pci routines are improved:
- pci_core: introduce pci_enable_device()
- pci: improve initialization loop to avoid unexpected result
- pci: introduce pci_find_cap_offset()
- pci: PCI PMIO is only relevant to x86
- pci: rename pci_save_config_addr() to pci_pmio_save_config_addr()
- pci: initial support for multiple PCI segments
- pci: avoid hard-coding maximum number of virtual devices
- pci: don't use memcpy() for accessing registers
Unnecessary code is removed:
- x86: remove unused code related to the legacy PIC
- Makefile.config: remove SELECT_AES_GLADMAN
- Makefile.config: remove SPINLOCK_DEBUG
- vt_ept, svm_np, mm, gmm_pass, Makefile: remove MAP_UEFI_MMIO and related funcs
- gmm_pass: make some functions static and remove unnecessary header
- uhci, ehci: remove unused variables
- core: remove vpn_ve code
- driver/core: remove unneeded header
New version of compiler and linker is now supported:
- fix "cannot represent relocation type BFD_RELOC_X86_64_32S" error when compiling 32bit
- cpu_interpreter: 32bit compilation error workaround
- Makefile: add -Wa,--noexecstack option
Other things are improved:
- LICENSE: remove unnecessary running number
- uhci, ehci, xhci: disconnection process to avoid bitvisor and firmware conflicts
- timer: clean up timer_thread()
- tools/log: newer Linux support
- storage: reorganize storage-related files
- drivers: ensure drivers can access devices by calling pci_enable_device()
Have fun,
--
Hideki EIRAKU <hdk at igel.co.jp>
More information about the BitVisor-devel-en
mailing list