diff --git a/654370e2-x86-x2APIC-remove-ACPI_FADT_APIC_CLUSTER-use.patch b/654370e2-x86-x2APIC-remove-ACPI_FADT_APIC_CLUSTER-use.patch deleted file mode 100644 index e6f42d4..0000000 --- a/654370e2-x86-x2APIC-remove-ACPI_FADT_APIC_CLUSTER-use.patch +++ /dev/null @@ -1,31 +0,0 @@ -# Commit 26a449ce32cef33f2cb50602be19fcc0c4223ba9 -# Date 2023-11-02 10:50:26 +0100 -# Author Roger Pau Monné -# Committer Jan Beulich -x86/x2apic: remove usage of ACPI_FADT_APIC_CLUSTER - -The ACPI FADT APIC_CLUSTER flag mandates that when the interrupt delivery is -Logical mode APIC must be configured for Cluster destination model. However in -apic_x2apic_probe() such flag is incorrectly used to gate whether Physical mode -can be used. - -Since Xen when in x2APIC mode only uses Logical mode together with Cluster -model completely remove checking for ACPI_FADT_APIC_CLUSTER, as Xen always -fulfills the requirement signaled by the flag. - -Fixes: eb40ae41b658 ('x86/Kconfig: add option for default x2APIC destination mode') -Signed-off-by: Roger Pau Monné -Reviewed-by: Jan Beulich - ---- a/xen/arch/x86/genapic/x2apic.c -+++ b/xen/arch/x86/genapic/x2apic.c -@@ -231,8 +231,7 @@ const struct genapic *__init apic_x2apic - */ - x2apic_phys = iommu_intremap != iommu_intremap_full || - (acpi_gbl_FADT.flags & ACPI_FADT_APIC_PHYSICAL) || -- (IS_ENABLED(CONFIG_X2APIC_PHYSICAL) && -- !(acpi_gbl_FADT.flags & ACPI_FADT_APIC_CLUSTER)); -+ IS_ENABLED(CONFIG_X2APIC_PHYSICAL); - } - else if ( !x2apic_phys ) - switch ( iommu_intremap ) diff --git a/65437103-x86-i8259-dont-assume-IRQs-always-target-CPU0.patch b/65437103-x86-i8259-dont-assume-IRQs-always-target-CPU0.patch deleted file mode 100644 index 6fad1a0..0000000 --- a/65437103-x86-i8259-dont-assume-IRQs-always-target-CPU0.patch +++ /dev/null @@ -1,103 +0,0 @@ -# Commit 87f37449d586b4d407b75235bb0a171e018e25ec -# Date 2023-11-02 10:50:59 +0100 -# Author Roger Pau Monné -# Committer Jan Beulich -x86/i8259: do not assume interrupts always target CPU0 - -Sporadically we have seen the following during AP bringup on AMD platforms -only: - -microcode: CPU59 updated from revision 0x830107a to 0x830107a, date = 2023-05-17 -microcode: CPU60 updated from revision 0x830104d to 0x830107a, date = 2023-05-17 -CPU60: No irq handler for vector 27 (IRQ -2147483648) -microcode: CPU61 updated from revision 0x830107a to 0x830107a, date = 2023-05-17 - -This is similar to the issue raised on Linux commit 36e9e1eab777e, where they -observed i8259 (active) vectors getting delivered to CPUs different than 0. - -On AMD or Hygon platforms adjust the target CPU mask of i8259 interrupt -descriptors to contain all possible CPUs, so that APs will reserve the vector -at startup if any legacy IRQ is still delivered through the i8259. Note that -if the IO-APIC takes over those interrupt descriptors the CPU mask will be -reset. - -Spurious i8259 interrupt vectors however (IRQ7 and IRQ15) can be injected even -when all i8259 pins are masked, and hence would need to be handled on all CPUs. - -Continue to reserve PIC vectors on CPU0 only, but do check for such spurious -interrupts on all CPUs if the vendor is AMD or Hygon. Note that once the -vectors get used by devices detecting PIC spurious interrupts will no longer be -possible, however the device driver should be able to cope with spurious -interrupts. Such PIC spurious interrupts occurring when the vector is in use -by a local APIC routed source will lead to an extra EOI, which might -unintentionally clear a different vector from ISR. Note this is already the -current behavior, so assume it's infrequent enough to not cause real issues. - -Finally, adjust the printed message to display the CPU where the spurious -interrupt has been received, so it looks like: - -microcode: CPU1 updated from revision 0x830107a to 0x830107a, date = 2023-05-17 -cpu1: spurious 8259A interrupt: IRQ7 -microcode: CPU2 updated from revision 0x830104d to 0x830107a, date = 2023-05-17 - -Amends: 3fba06ba9f8b ('x86/IRQ: re-use legacy vector ranges on APs') -Signed-off-by: Roger Pau Monné -Reviewed-by: Jan Beulich - ---- a/xen/arch/x86/i8259.c -+++ b/xen/arch/x86/i8259.c -@@ -222,7 +222,8 @@ static bool _mask_and_ack_8259A_irq(unsi - is_real_irq = false; - /* Report spurious IRQ, once per IRQ line. */ - if (!(spurious_irq_mask & irqmask)) { -- printk("spurious 8259A interrupt: IRQ%d.\n", irq); -+ printk("cpu%u: spurious 8259A interrupt: IRQ%u\n", -+ smp_processor_id(), irq); - spurious_irq_mask |= irqmask; - } - /* -@@ -349,7 +350,23 @@ void __init init_IRQ(void) - continue; - desc->handler = &i8259A_irq_type; - per_cpu(vector_irq, cpu)[LEGACY_VECTOR(irq)] = irq; -- cpumask_copy(desc->arch.cpu_mask, cpumask_of(cpu)); -+ -+ /* -+ * The interrupt affinity logic never targets interrupts to offline -+ * CPUs, hence it's safe to use cpumask_all here. -+ * -+ * Legacy PIC interrupts are only targeted to CPU0, but depending on -+ * the platform they can be distributed to any online CPU in hardware. -+ * Note this behavior has only been observed on AMD hardware. In order -+ * to cope install all active legacy vectors on all CPUs. -+ * -+ * IO-APIC will change the destination mask if/when taking ownership of -+ * the interrupt. -+ */ -+ cpumask_copy(desc->arch.cpu_mask, -+ (boot_cpu_data.x86_vendor & -+ (X86_VENDOR_AMD | X86_VENDOR_HYGON) ? &cpumask_all -+ : cpumask_of(cpu))); - desc->arch.vector = LEGACY_VECTOR(irq); - } - ---- a/xen/arch/x86/irq.c -+++ b/xen/arch/x86/irq.c -@@ -1920,7 +1920,16 @@ void do_IRQ(struct cpu_user_regs *regs) - kind = ""; - if ( !(vector >= FIRST_LEGACY_VECTOR && - vector <= LAST_LEGACY_VECTOR && -- !smp_processor_id() && -+ (!smp_processor_id() || -+ /* -+ * For AMD/Hygon do spurious PIC interrupt -+ * detection on all CPUs, as it has been observed -+ * that during unknown circumstances spurious PIC -+ * interrupts have been delivered to CPUs -+ * different than the BSP. -+ */ -+ (boot_cpu_data.x86_vendor & (X86_VENDOR_AMD | -+ X86_VENDOR_HYGON))) && - bogus_8259A_irq(vector - FIRST_LEGACY_VECTOR)) ) - { - printk("CPU%u: No irq handler for vector %02x (IRQ %d%s)\n", diff --git a/655b2ba9-fix-sched_move_domain.patch b/655b2ba9-fix-sched_move_domain.patch deleted file mode 100644 index 8bdfe2c..0000000 --- a/655b2ba9-fix-sched_move_domain.patch +++ /dev/null @@ -1,70 +0,0 @@ -# Commit 4709ec82917668c2df958ef91b4f21c049c76bee -# Date 2023-11-20 10:49:29 +0100 -# Author Juergen Gross -# Committer Jan Beulich -xen/sched: fix sched_move_domain() - -When moving a domain out of a cpupool running with the credit2 -scheduler and having multiple run-queues, the following ASSERT() can -be observed: - -(XEN) Xen call trace: -(XEN) [] R credit2.c#csched2_unit_remove+0xe3/0xe7 -(XEN) [] S sched_move_domain+0x2f3/0x5b1 -(XEN) [] S cpupool.c#cpupool_move_domain_locked+0x1d/0x3b -(XEN) [] S cpupool_move_domain+0x24/0x35 -(XEN) [] S domain_kill+0xa5/0x116 -(XEN) [] S do_domctl+0xe5f/0x1951 -(XEN) [] S timer.c#timer_lock+0x69/0x143 -(XEN) [] S pv_hypercall+0x44e/0x4a9 -(XEN) [] S lstar_enter+0x137/0x140 -(XEN) -(XEN) -(XEN) **************************************** -(XEN) Panic on CPU 1: -(XEN) Assertion 'svc->rqd == c2rqd(sched_unit_master(unit))' failed at common/sched/credit2.c:1159 -(XEN) **************************************** - -This is happening as sched_move_domain() is setting a different cpu -for a scheduling unit without telling the scheduler. When this unit is -removed from the scheduler, the ASSERT() will trigger. - -In non-debug builds the result is usually a clobbered pointer, leading -to another crash a short time later. - -Fix that by swapping the two involved actions (setting another cpu and -removing the unit from the scheduler). - -Link: https://github.com/Dasharo/dasharo-issues/issues/488 -Fixes: 70fadc41635b ("xen/cpupool: support moving domain between cpupools with different granularity") -Signed-off-by: Juergen Gross -Reviewed-by: George Dunlap - ---- a/xen/common/sched/core.c -+++ b/xen/common/sched/core.c -@@ -732,18 +732,20 @@ int sched_move_domain(struct domain *d, - old_domdata = d->sched_priv; - - /* -- * Temporarily move all units to same processor to make locking -- * easier when moving the new units to the new processors. -+ * Remove all units from the old scheduler, and temporarily move them to -+ * the same processor to make locking easier when moving the new units to -+ * new processors. - */ - new_p = cpumask_first(d->cpupool->cpu_valid); - for_each_sched_unit ( d, unit ) - { -- spinlock_t *lock = unit_schedule_lock_irq(unit); -+ spinlock_t *lock; - -+ sched_remove_unit(old_ops, unit); -+ -+ lock = unit_schedule_lock_irq(unit); - sched_set_res(unit, get_sched_res(new_p)); - spin_unlock_irq(lock); -- -- sched_remove_unit(old_ops, unit); - } - - old_units = d->sched_unit_list; diff --git a/6617d62c-x86-hvm-Misra-Rule-19-1-regression.patch b/6617d62c-x86-hvm-Misra-Rule-19-1-regression.patch new file mode 100644 index 0000000..be8f94c --- /dev/null +++ b/6617d62c-x86-hvm-Misra-Rule-19-1-regression.patch @@ -0,0 +1,45 @@ +# Commit d0a718a45f14b86471d8eb3083acd72760963470 +# Date 2024-04-11 13:23:08 +0100 +# Author Andrew Cooper +# Committer Andrew Cooper +x86/hvm: Fix Misra Rule 19.1 regression + +Despite noticing an impending Rule 19.1 violation, the adjustment made (the +uint32_t cast) wasn't sufficient to avoid it. Try again. + +Subsequently noticed by Coverity too. + +Fixes: 6a98383b0877 ("x86/HVM: clear upper halves of GPRs upon entry from 32-bit code") +Coverity-IDs: 1596289 thru 1596298 +Signed-off-by: Andrew Cooper +Reviewed-by: Stefano Stabellini + +--- a/xen/arch/x86/include/asm/hvm/hvm.h ++++ b/xen/arch/x86/include/asm/hvm/hvm.h +@@ -585,16 +585,16 @@ static inline void hvm_sanitize_regs_fie + if ( compat ) + { + /* Clear GPR upper halves, to counteract guests playing games. */ +- regs->rbp = (uint32_t)regs->ebp; +- regs->rbx = (uint32_t)regs->ebx; +- regs->rax = (uint32_t)regs->eax; +- regs->rcx = (uint32_t)regs->ecx; +- regs->rdx = (uint32_t)regs->edx; +- regs->rsi = (uint32_t)regs->esi; +- regs->rdi = (uint32_t)regs->edi; +- regs->rip = (uint32_t)regs->eip; +- regs->rflags = (uint32_t)regs->eflags; +- regs->rsp = (uint32_t)regs->esp; ++ regs->rbp = (uint32_t)regs->rbp; ++ regs->rbx = (uint32_t)regs->rbx; ++ regs->rax = (uint32_t)regs->rax; ++ regs->rcx = (uint32_t)regs->rcx; ++ regs->rdx = (uint32_t)regs->rdx; ++ regs->rsi = (uint32_t)regs->rsi; ++ regs->rdi = (uint32_t)regs->rdi; ++ regs->rip = (uint32_t)regs->rip; ++ regs->rflags = (uint32_t)regs->rflags; ++ regs->rsp = (uint32_t)regs->rsp; + } + + #ifndef NDEBUG diff --git a/build-python3-conversion.patch b/build-python3-conversion.patch index 2945311..5bbb085 100644 --- a/build-python3-conversion.patch +++ b/build-python3-conversion.patch @@ -1,7 +1,7 @@ -Index: xen-4.18.0-testing/Config.mk +Index: xen-4.18.3-testing/Config.mk =================================================================== ---- xen-4.18.0-testing.orig/Config.mk -+++ xen-4.18.0-testing/Config.mk +--- xen-4.18.3-testing.orig/Config.mk ++++ xen-4.18.3-testing/Config.mk @@ -77,7 +77,7 @@ EXTRA_INCLUDES += $(EXTRA_PREFIX)/includ EXTRA_LIB += $(EXTRA_PREFIX)/lib endif @@ -11,11 +11,11 @@ Index: xen-4.18.0-testing/Config.mk PYTHON_PREFIX_ARG ?= --prefix="$(prefix)" # The above requires that prefix contains *no spaces*. This variable is here # to permit the user to set PYTHON_PREFIX_ARG to '' to workaround this bug: -Index: xen-4.18.0-testing/tools/configure +Index: xen-4.18.3-testing/tools/configure =================================================================== ---- xen-4.18.0-testing.orig/tools/configure -+++ xen-4.18.0-testing/tools/configure -@@ -7392,15 +7392,15 @@ if test x"${PYTHONPATH}" = x"no" +--- xen-4.18.3-testing.orig/tools/configure ++++ xen-4.18.3-testing/tools/configure +@@ -7382,15 +7382,15 @@ if test x"${PYTHONPATH}" = x"no" then as_fn_error $? "Unable to find $PYTHON, please install $PYTHON" "$LINENO" 5 fi @@ -35,10 +35,10 @@ Index: xen-4.18.0-testing/tools/configure else { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } -Index: xen-4.18.0-testing/tools/configure.ac +Index: xen-4.18.3-testing/tools/configure.ac =================================================================== ---- xen-4.18.0-testing.orig/tools/configure.ac -+++ xen-4.18.0-testing/tools/configure.ac +--- xen-4.18.3-testing.orig/tools/configure.ac ++++ xen-4.18.3-testing/tools/configure.ac @@ -385,7 +385,7 @@ PYTHONPATH=$PYTHON PYTHON=`basename $PYTHONPATH` @@ -48,10 +48,10 @@ Index: xen-4.18.0-testing/tools/configure.ac AS_IF([test "$cross_compiling" != yes], [ AX_CHECK_PYTHON_DEVEL() -Index: xen-4.18.0-testing/tools/libs/light/idl.py +Index: xen-4.18.3-testing/tools/libs/light/idl.py =================================================================== ---- xen-4.18.0-testing.orig/tools/libs/light/idl.py -+++ xen-4.18.0-testing/tools/libs/light/idl.py +--- xen-4.18.3-testing.orig/tools/libs/light/idl.py ++++ xen-4.18.3-testing/tools/libs/light/idl.py @@ -271,7 +271,7 @@ class KeyedUnion(Aggregate): if not isinstance(keyvar_type, Enumeration): raise ValueError @@ -79,80 +79,80 @@ Index: xen-4.18.0-testing/tools/libs/light/idl.py if isinstance(t, Type): globs[n] = t elif isinstance(t,type(object)) and issubclass(t, Type): -Index: xen-4.18.0-testing/tools/libs/light/gentest.py +Index: xen-4.18.3-testing/tools/libs/light/gentest.py =================================================================== ---- xen-4.18.0-testing.orig/tools/libs/light/gentest.py -+++ xen-4.18.0-testing/tools/libs/light/gentest.py +--- xen-4.18.3-testing.orig/tools/libs/light/gentest.py ++++ xen-4.18.3-testing/tools/libs/light/gentest.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 from __future__ import print_function -Index: xen-4.18.0-testing/tools/libs/light/gentypes.py +Index: xen-4.18.3-testing/tools/libs/light/gentypes.py =================================================================== ---- xen-4.18.0-testing.orig/tools/libs/light/gentypes.py -+++ xen-4.18.0-testing/tools/libs/light/gentypes.py +--- xen-4.18.3-testing.orig/tools/libs/light/gentypes.py ++++ xen-4.18.3-testing/tools/libs/light/gentypes.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 from __future__ import print_function -Index: xen-4.18.0-testing/tools/include/xen-foreign/mkheader.py +Index: xen-4.18.3-testing/tools/include/xen-foreign/mkheader.py =================================================================== ---- xen-4.18.0-testing.orig/tools/include/xen-foreign/mkheader.py -+++ xen-4.18.0-testing/tools/include/xen-foreign/mkheader.py +--- xen-4.18.3-testing.orig/tools/include/xen-foreign/mkheader.py ++++ xen-4.18.3-testing/tools/include/xen-foreign/mkheader.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 from __future__ import print_function -Index: xen-4.18.0-testing/tools/include/xen-foreign/mkchecker.py +Index: xen-4.18.3-testing/tools/include/xen-foreign/mkchecker.py =================================================================== ---- xen-4.18.0-testing.orig/tools/include/xen-foreign/mkchecker.py -+++ xen-4.18.0-testing/tools/include/xen-foreign/mkchecker.py +--- xen-4.18.3-testing.orig/tools/include/xen-foreign/mkchecker.py ++++ xen-4.18.3-testing/tools/include/xen-foreign/mkchecker.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 import sys; from structs import structs, compat_arches; -Index: xen-4.18.0-testing/xen/tools/gen-cpuid.py +Index: xen-4.18.3-testing/xen/tools/gen-cpuid.py =================================================================== ---- xen-4.18.0-testing.orig/xen/tools/gen-cpuid.py -+++ xen-4.18.0-testing/xen/tools/gen-cpuid.py +--- xen-4.18.3-testing.orig/xen/tools/gen-cpuid.py ++++ xen-4.18.3-testing/xen/tools/gen-cpuid.py @@ -1,4 +1,4 @@ -#!/usr/bin/env python +#!/usr/bin/python3 # -*- coding: utf-8 -*- import sys, os, re -Index: xen-4.18.0-testing/xen/tools/compat-build-source.py +Index: xen-4.18.3-testing/xen/tools/compat-build-source.py =================================================================== ---- xen-4.18.0-testing.orig/xen/tools/compat-build-source.py -+++ xen-4.18.0-testing/xen/tools/compat-build-source.py +--- xen-4.18.3-testing.orig/xen/tools/compat-build-source.py ++++ xen-4.18.3-testing/xen/tools/compat-build-source.py @@ -1,4 +1,4 @@ -#!/usr/bin/env python +#!/usr/bin/python3 import re,sys -Index: xen-4.18.0-testing/xen/tools/compat-build-header.py +Index: xen-4.18.3-testing/xen/tools/compat-build-header.py =================================================================== ---- xen-4.18.0-testing.orig/xen/tools/compat-build-header.py -+++ xen-4.18.0-testing/xen/tools/compat-build-header.py +--- xen-4.18.3-testing.orig/xen/tools/compat-build-header.py ++++ xen-4.18.3-testing/xen/tools/compat-build-header.py @@ -1,4 +1,4 @@ -#!/usr/bin/env python +#!/usr/bin/python3 import re,sys -Index: xen-4.18.0-testing/tools/misc/xensymoops +Index: xen-4.18.3-testing/tools/misc/xensymoops =================================================================== ---- xen-4.18.0-testing.orig/tools/misc/xensymoops -+++ xen-4.18.0-testing/tools/misc/xensymoops +--- xen-4.18.3-testing.orig/tools/misc/xensymoops ++++ xen-4.18.3-testing/tools/misc/xensymoops @@ -1,4 +1,4 @@ -#!/usr/bin/env python +#!/usr/bin/python3 diff --git a/gcc14-fixes.patch b/gcc14-fixes.patch new file mode 100644 index 0000000..2142c9c --- /dev/null +++ b/gcc14-fixes.patch @@ -0,0 +1,81 @@ +References: bsc#1225953 + +Compiling against gcc14. + ../../../../../newlib-1.16.0/newlib/libc/stdlib/wcstoull.c: In function ‘wcstoull’: + ../../../../../newlib-1.16.0/newlib/libc/stdlib/wcstoull.c:136:16: error: implicit declaration of function ‘_wcstoull_r’; did you mean ‘wcstoull’? [-Wimplicit-function-declaration] + 136 | return _wcstoull_r (_REENT, s, ptr, base); + | ^~~~~~~~~~~ + | wcstoull + + In file included from ../../../../../newlib-1.16.0/newlib/libc/reent/signalr.c:7: + ../../../../../newlib-1.16.0/newlib/libc/reent/signalr.c: In function ‘_kill_r’: + ../../../../../newlib-1.16.0/newlib/libc/reent/signalr.c:61:14: error: implicit declaration of function ‘kill’; did you mean ‘_kill’? [-Wimplicit-function-declaration] + 61 | if ((ret = _kill (pid, sig)) == -1 && errno != 0) + | ^~~~~ + + +Index: xen-4.18.2-testing/stubdom/Makefile +=================================================================== +--- xen-4.18.2-testing.orig/stubdom/Makefile ++++ xen-4.18.2-testing/stubdom/Makefile +@@ -97,6 +97,7 @@ newlib-$(NEWLIB_VERSION): newlib-$(NEWLI + patch -d $@ -p1 < newlib-disable-texinfo.patch + patch -d $@ -p1 < newlib-cygmon-gmon.patch + patch -d $@ -p1 < newlib-makedoc.patch ++ patch -d $@ -p1 < newlib-gcc14-pragmas.patch + find $@ -type f | xargs perl -i.bak \ + -pe 's/\b_(tzname|daylight|timezone)\b/$$1/g' + touch $@ +Index: xen-4.18.2-testing/stubdom/newlib-gcc14-pragmas.patch +=================================================================== +--- /dev/null ++++ xen-4.18.2-testing/stubdom/newlib-gcc14-pragmas.patch +@@ -0,0 +1,36 @@ ++--- newlib-1.16.0/newlib/libc/stdlib/wcstoull.c.orig 2024-06-04 15:32:01.495146632 -0600 +++++ newlib-1.16.0/newlib/libc/stdlib/wcstoull.c 2024-06-04 15:38:56.627156524 -0600 ++@@ -127,6 +127,10 @@ PORTABILITY ++ ++ #ifndef _REENT_ONLY ++ +++#if __GNUC__ >= 14 +++#pragma GCC diagnostic ignored "-Wimplicit-function-declaration" +++#endif +++ ++ unsigned long long ++ _DEFUN (wcstoull, (s, ptr, base), ++ _CONST wchar_t *s _AND ++--- newlib-1.16.0/newlib/libc/reent/signalr.c.orig 2024-06-04 15:39:15.139156966 -0600 +++++ newlib-1.16.0/newlib/libc/reent/signalr.c 2024-06-04 15:40:24.899158628 -0600 ++@@ -49,6 +49,10 @@ DESCRIPTION ++ <>. ++ */ ++ +++#if __GNUC__ >= 14 +++#pragma GCC diagnostic ignored "-Wimplicit-function-declaration" +++#endif +++ ++ int ++ _DEFUN (_kill_r, (ptr, pid, sig), ++ struct _reent *ptr _AND ++--- newlib-1.16.0/newlib/doc/makedoc.c.orig 2024-06-04 16:07:54.423197934 -0600 +++++ newlib-1.16.0/newlib/doc/makedoc.c 2024-06-04 16:15:15.395208441 -0600 ++@@ -798,6 +798,7 @@ DEFUN( iscommand,(ptr, idx), ++ } ++ ++ +++static unsigned int ++ DEFUN(copy_past_newline,(ptr, idx, dst), ++ string_type *ptr AND ++ unsigned int idx AND +--- xen-4.18.2-testing/extras/mini-os-remote/include/posix/sys/mman.h.orig 2024-06-04 16:27:35.155226069 -0600 ++++ xen-4.18.2-testing/extras/mini-os-remote/include/posix/sys/mman.h 2024-06-04 16:31:46.591232060 -0600 +@@ -16,7 +16,7 @@ + + void *mmap(void *start, size_t length, int prot, int flags, int fd, off_t offset) asm("mmap64"); + int munmap(void *start, size_t length); +-static inline mlock(const void *addr, size_t len) { return 0; } +-static inline munlock(const void *addr, size_t len) { return 0; } ++static inline int mlock(const void *addr, size_t len) { return 0; } ++static inline int munlock(const void *addr, size_t len) { return 0; } + + #endif /* _POSIX_SYS_MMAN_H */ diff --git a/libxl.LIBXL_HOTPLUG_TIMEOUT.patch b/libxl.LIBXL_HOTPLUG_TIMEOUT.patch index 318831f..f95e00c 100644 --- a/libxl.LIBXL_HOTPLUG_TIMEOUT.patch +++ b/libxl.LIBXL_HOTPLUG_TIMEOUT.patch @@ -52,10 +52,8 @@ In this example the per-device value will be set to 5 seconds. The change for libxl which handles this xenstore value will enable additional logging if the key is found. That extra logging will show how the execution time of each script. -Index: xen-4.18.0-testing/tools/libs/light/libxl_aoutils.c -=================================================================== ---- xen-4.18.0-testing.orig/tools/libs/light/libxl_aoutils.c -+++ xen-4.18.0-testing/tools/libs/light/libxl_aoutils.c +--- a/tools/libs/light/libxl_aoutils.c ++++ b/tools/libs/light/libxl_aoutils.c @@ -529,6 +529,8 @@ static void async_exec_timeout(libxl__eg { libxl__async_exec_state *aes = CONTAINER_OF(ev, *aes, time); @@ -85,10 +83,8 @@ Index: xen-4.18.0-testing/tools/libs/light/libxl_aoutils.c libxl__ev_time_deregister(gc, &aes->time); -Index: xen-4.18.0-testing/tools/libs/light/libxl_create.c -=================================================================== ---- xen-4.18.0-testing.orig/tools/libs/light/libxl_create.c -+++ xen-4.18.0-testing/tools/libs/light/libxl_create.c +--- a/tools/libs/light/libxl_create.c ++++ b/tools/libs/light/libxl_create.c @@ -1323,6 +1323,7 @@ static void initiate_domain_create(libxl * build info around just to know if the domain has a device model or not. */ @@ -97,11 +93,9 @@ Index: xen-4.18.0-testing/tools/libs/light/libxl_create.c for (i = 0; i < d_config->num_disks; i++) { ret = libxl__disk_devtype.set_default(gc, domid, &d_config->disks[i], -Index: xen-4.18.0-testing/tools/libs/light/libxl_device.c -=================================================================== ---- xen-4.18.0-testing.orig/tools/libs/light/libxl_device.c -+++ xen-4.18.0-testing/tools/libs/light/libxl_device.c -@@ -1278,7 +1278,7 @@ static void device_hotplug(libxl__egc *e +--- a/tools/libs/light/libxl_device.c ++++ b/tools/libs/light/libxl_device.c +@@ -1296,7 +1296,7 @@ static void device_hotplug(libxl__egc *e } aes->ao = ao; @@ -110,7 +104,7 @@ Index: xen-4.18.0-testing/tools/libs/light/libxl_device.c aes->env = env; aes->args = args; aes->callback = device_hotplug_child_death_cb; -@@ -1287,6 +1287,15 @@ static void device_hotplug(libxl__egc *e +@@ -1305,6 +1305,15 @@ static void device_hotplug(libxl__egc *e aes->stdfds[1] = 2; aes->stdfds[2] = -1; @@ -126,10 +120,8 @@ Index: xen-4.18.0-testing/tools/libs/light/libxl_device.c rc = libxl__async_exec_start(aes); if (rc) goto out; -Index: xen-4.18.0-testing/tools/libs/light/libxl_event.c -=================================================================== ---- xen-4.18.0-testing.orig/tools/libs/light/libxl_event.c -+++ xen-4.18.0-testing/tools/libs/light/libxl_event.c +--- a/tools/libs/light/libxl_event.c ++++ b/tools/libs/light/libxl_event.c @@ -1032,27 +1032,29 @@ static void devstate_callback(libxl__egc { EGC_GC; @@ -176,10 +168,8 @@ Index: xen-4.18.0-testing/tools/libs/light/libxl_event.c rc = libxl__xswait_start(gc, &ds->w); if (rc) goto out; -Index: xen-4.18.0-testing/tools/libs/light/libxl_internal.c -=================================================================== ---- xen-4.18.0-testing.orig/tools/libs/light/libxl_internal.c -+++ xen-4.18.0-testing/tools/libs/light/libxl_internal.c +--- a/tools/libs/light/libxl_internal.c ++++ b/tools/libs/light/libxl_internal.c @@ -18,6 +18,97 @@ #include "libxl_internal.h" #include "libxl_arch.h" @@ -278,10 +268,8 @@ Index: xen-4.18.0-testing/tools/libs/light/libxl_internal.c void libxl__alloc_failed(libxl_ctx *ctx, const char *func, size_t nmemb, size_t size) { #define M "libxl: FATAL ERROR: memory allocation failure" -Index: xen-4.18.0-testing/tools/libs/light/libxl_internal.h -=================================================================== ---- xen-4.18.0-testing.orig/tools/libs/light/libxl_internal.h -+++ xen-4.18.0-testing/tools/libs/light/libxl_internal.h +--- a/tools/libs/light/libxl_internal.h ++++ b/tools/libs/light/libxl_internal.h @@ -50,6 +50,7 @@ #include #include diff --git a/x86-ioapic-ack-default.patch b/x86-ioapic-ack-default.patch index c16f195..7caefa7 100644 --- a/x86-ioapic-ack-default.patch +++ b/x86-ioapic-ack-default.patch @@ -2,7 +2,7 @@ Change default IO-APIC ack mode for single IO-APIC systems to old-style. --- a/xen/arch/x86/io_apic.c +++ b/xen/arch/x86/io_apic.c -@@ -2074,7 +2074,10 @@ void __init setup_IO_APIC(void) +@@ -2076,7 +2076,10 @@ void __init setup_IO_APIC(void) io_apic_irqs = ~PIC_IRQS; printk("ENABLING IO-APIC IRQs\n"); diff --git a/xen-4.18.0-testing-src.tar.bz2 b/xen-4.18.0-testing-src.tar.bz2 deleted file mode 100644 index 32e1116..0000000 --- a/xen-4.18.0-testing-src.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:438eb9fc6df87cc4f87ce69001de6900c17471abcfeabad71d0e367a5a0438e8 -size 5572970 diff --git a/xen-4.18.3-testing-src.tar.bz2 b/xen-4.18.3-testing-src.tar.bz2 new file mode 100644 index 0000000..0bef4c1 --- /dev/null +++ b/xen-4.18.3-testing-src.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:2916701c02d3ee12dc7a11d81e93dd052d292ac75a8e57c332b4d8e9aeaf3320 +size 5589023 diff --git a/xen-destdir.patch b/xen-destdir.patch index 6616c51..3dafc62 100644 --- a/xen-destdir.patch +++ b/xen-destdir.patch @@ -1,5 +1,7 @@ ---- xen-4.18.0-testing/tools/xs-clients/Makefile.orig 2023-10-02 12:51:09.364766336 -0600 -+++ xen-4.18.0-testing/tools/xs-clients/Makefile 2023-10-02 12:53:09.360769196 -0600 +Index: xen-4.18.3-testing/tools/xs-clients/Makefile +=================================================================== +--- xen-4.18.3-testing.orig/tools/xs-clients/Makefile ++++ xen-4.18.3-testing/tools/xs-clients/Makefile @@ -29,7 +29,7 @@ all: $(TARGETS) clients: xenstore $(CLIENTS) xenstore-control @@ -18,9 +20,11 @@ done .PHONY: uninstall ---- xen-4.18.0-testing/tools/xenstored/Makefile.orig 2023-10-02 12:51:03.364766193 -0600 -+++ xen-4.18.0-testing/tools/xenstored/Makefile 2023-10-02 12:54:09.472770628 -0600 -@@ -37,6 +37,7 @@ TAGS: +Index: xen-4.18.3-testing/tools/xenstored/Makefile +=================================================================== +--- xen-4.18.3-testing.orig/tools/xenstored/Makefile ++++ xen-4.18.3-testing/tools/xenstored/Makefile +@@ -32,6 +32,7 @@ TAGS: install: all $(INSTALL_DIR) $(DESTDIR)$(sbindir) $(INSTALL_PROG) xenstored $(DESTDIR)$(sbindir) diff --git a/xen.changes b/xen.changes index 2b58edc..9b16744 100644 --- a/xen.changes +++ b/xen.changes @@ -1,3 +1,192 @@ +------------------------------------------------------------------- +Wed Aug 14 11:33:39 MDT 2024 - carnold@suse.com + +- Update to Xen 4.18.3 security bug fix release (bsc#1027519) + xen-4.18.3-testing-src.tar.bz2 + * No upstream changelog found in sources or webpage +- bsc#1228574 - VUL-0: CVE-2024-31145: xen: error handling in x86 + IOMMU identity mapping (XSA-460) +- bsc#1228575 - VUL-0: CVE-2024-31146: xen: PCI device pass-through + with shared resources (XSA-461) +- Dropped patches contained in new tarball + 6627a4ee-vRTC-UIP-set-for-longer-than-expected.patch + 6627a5fc-x86-MTRR-inverted-WC-check.patch + 662a6a4c-x86-spec-reporting-of-BHB-clearing.patch + 662a6a8d-x86-spec-adjust-logic-to-elide-LFENCE.patch + 663090fd-x86-gen-cpuid-syntax.patch + 663a383c-libxs-open-xenbus-fds-as-O_CLOEXEC.patch + 663a4f3e-x86-cpu-policy-migration-IceLake-to-CascadeLake.patch + 663d05b5-x86-ucode-distinguish-up-to-date.patch + 663eaa27-libxl-XenStore-error-handling-in-device-creation.patch + 66450626-sched-set-all-sched_resource-data-inside-locked.patch + 66450627-x86-respect-mapcache_domain_init-failing.patch + 6646031f-x86-ucode-further-identify-already-up-to-date.patch + 6666ba52-x86-irq-remove-offline-CPUs-from-old-CPU-mask-when.patch + 666994ab-x86-SMP-no-shorthand-IPI-in-hotplug.patch + 666994f0-x86-IRQ-limit-interrupt-movement-in-fixup_irqs.patch + 666b07ee-x86-EPT-special-page-in-epte_get_entry_emt.patch + 666b0819-x86-EPT-avoid-marking-np-ents-for-reconfig.patch + 666b085a-x86-EPT-drop-questionable-mfn_valid-from-.patch + 667187cc-x86-Intel-unlock-CPUID-earlier.patch + 66718849-x86-IRQ-old_cpu_mask-in-fixup_irqs.patch + 6671885e-x86-IRQ-handle-moving-in-_assign_irq_vector.patch + 6672c846-x86-xstate-initialisation-of-XSS-cache.patch + 6672c847-x86-CPUID-XSAVE-dynamic-leaves.patch + 6673ffdc-x86-IRQ-forward-pending-to-new-dest-in-fixup_irqs.patch + xsa458.patch + +------------------------------------------------------------------- +Wed Jul 3 12:41:39 MDT 2024 - carnold@suse.com + +- bsc#1227355 - VUL-0: CVE-2024-31143: xen: double unlock in x86 + guest IRQ handling (XSA-458) + xsa458.patch + +------------------------------------------------------------------- +Mon Jun 24 16:20:00 CEST 2024 - jbeulich@suse.com + +- bsc#1214718 - The system hangs intermittently when Power Control + Mode is set to Minimum Power on SLES15SP5 Xen + 6666ba52-x86-irq-remove-offline-CPUs-from-old-CPU-mask-when.patch + 666994ab-x86-SMP-no-shorthand-IPI-in-hotplug.patch + 666994f0-x86-IRQ-limit-interrupt-movement-in-fixup_irqs.patch + 66718849-x86-IRQ-old_cpu_mask-in-fixup_irqs.patch + 6671885e-x86-IRQ-handle-moving-in-_assign_irq_vector.patch + 6673ffdc-x86-IRQ-forward-pending-to-new-dest-in-fixup_irqs.patch +- Upstream bug fixes (bsc#1027519) + 66450626-sched-set-all-sched_resource-data-inside-locked.patch + 66450627-x86-respect-mapcache_domain_init-failing.patch + 6646031f-x86-ucode-further-identify-already-up-to-date.patch + 666b07ee-x86-EPT-special-page-in-epte_get_entry_emt.patch + 666b0819-x86-EPT-avoid-marking-np-ents-for-reconfig.patch + 666b085a-x86-EPT-drop-questionable-mfn_valid-from-.patch + 667187cc-x86-Intel-unlock-CPUID-earlier.patch + 6672c846-x86-xstate-initialisation-of-XSS-cache.patch + 6672c847-x86-CPUID-XSAVE-dynamic-leaves.patch + +------------------------------------------------------------------- +Tue Jun 4 18:09:00 MDT 2024 - carnold@suse.com + +- bsc#1225953 - Package xen does not build with gcc14 because of + new errors + gcc14-fixes.patch + +------------------------------------------------------------------- +Wed May 15 11:15:00 CEST 2024 - jbeulich@suse.com + +- bsc#1221984 - VUL-0: CVE-2023-46842: xen: x86 HVM hypercalls may + trigger Xen bug check (XSA-454) + 6617d62c-x86-hvm-Misra-Rule-19-1-regression.patch +- Upstream bug fixes (bsc#1027519) + 6627a4ee-vRTC-UIP-set-for-longer-than-expected.patch + 6627a5fc-x86-MTRR-inverted-WC-check.patch + 662a6a4c-x86-spec-reporting-of-BHB-clearing.patch + 662a6a8d-x86-spec-adjust-logic-to-elide-LFENCE.patch + 663090fd-x86-gen-cpuid-syntax.patch + 663a383c-libxs-open-xenbus-fds-as-O_CLOEXEC.patch + 663a4f3e-x86-cpu-policy-migration-IceLake-to-CascadeLake.patch + 663d05b5-x86-ucode-distinguish-up-to-date.patch + 663eaa27-libxl-XenStore-error-handling-in-device-creation.patch + +------------------------------------------------------------------- +Tue Apr 9 14:11:15 MDT 2024 - carnold@suse.com + +- Update to Xen 4.18.2 security bug fix release (bsc#1027519) + xen-4.18.2-testing-src.tar.bz2 + * No upstream changelog found in sources or webpage +- bsc#1221984 - VUL-0: CVE-2023-46842: xen: x86 HVM hypercalls may + trigger Xen bug check (XSA-454) +- bsc#1222302 - VUL-0: CVE-2024-31142: xen: x86: Incorrect logic + for BTC/SRSO mitigations (XSA-455) +- bsc#1222453 - VUL-0: CVE-2024-2201: xen: x86: Native Branch + History Injection (XSA-456) +- Dropped patch contained in new tarball + 65f83951-x86-mm-use-block_lock_speculation-in.patch + +------------------------------------------------------------------- +Mon Mar 25 15:30:00 CET 2024 - jbeulich@suse.com + +- bsc#1221334 - VUL-0: CVE-2024-2193: xen: GhostRace: Speculative + Race Conditions (XSA-453) + 65f83951-x86-mm-use-block_lock_speculation-in.patch + +------------------------------------------------------------------- +Fri Mar 15 10:11:56 MDT 2024 - carnold@suse.com + +- Update to Xen 4.18.1 bug fix release (bsc#1027519) + xen-4.18.1-testing-src.tar.bz2 + * No upstream changelog found in sources or webpage +- bsc#1221332 - VUL-0: CVE-2023-28746: xen: x86: Register File Data + Sampling (XSA-452) +- bsc#1221334 - VUL-0: CVE-2024-2193: xen: GhostRace: Speculative + Race Conditions (XSA-453) +- Dropped patches included in new tarball + 654370e2-x86-x2APIC-remove-ACPI_FADT_APIC_CLUSTER-use.patch + 65437103-x86-i8259-dont-assume-IRQs-always-target-CPU0.patch + 655b2ba9-fix-sched_move_domain.patch + 6566fef3-x86-vLAPIC-x2APIC-derive-LDR-from-APIC-ID.patch + 6569ad03-libxg-mem-leak-in-cpu-policy-get-set.patch + 656ee5e1-x86emul-avoid-triggering-event-assertions.patch + 656ee602-cpupool-adding-offline-CPU.patch + 656ee6c3-domain_create-error-path.patch + 6571ca95-fix-sched_move_domain.patch + 6578598c-Arm-avoid-pointer-overflow-on-invalidate.patch + 65842d5c-x86-AMD-extend-CPU-erratum-1474-fix.patch + 65a7a0a4-x86-Intel-GPCC-setup.patch + 65a9911a-VMX-IRQ-handling-for-EXIT_REASON_INIT.patch + 65b27990-x86-p2m-pt-off-by-1-in-entry-check.patch + 65b29e91-x86-ucode-stability-of-raw-policy-rescan.patch + 65b8f961-PCI-fail-dev-assign-if-phantom-functions.patch + 65b8f9ab-VT-d-else-vs-endif-misplacement.patch + xsa451.patch + +------------------------------------------------------------------- +Tue Feb 13 09:35:57 MST 2024 - carnold@suse.com + +- bsc#1219885 - VUL-0: CVE-2023-46841: xen: x86: shadow stack vs + exceptions from emulation stubs (XSA-451) + xsa451.patch + +------------------------------------------------------------------- +Wed Jan 31 13:40:00 CET 2024 - jbeulich@suse.com + +- Upstream bug fixes (bsc#1027519) + 6566fef3-x86-vLAPIC-x2APIC-derive-LDR-from-APIC-ID.patch + 6569ad03-libxg-mem-leak-in-cpu-policy-get-set.patch + 656ee5e1-x86emul-avoid-triggering-event-assertions.patch + 656ee602-cpupool-adding-offline-CPU.patch + 656ee6c3-domain_create-error-path.patch + 6571ca95-fix-sched_move_domain.patch + 6578598c-Arm-avoid-pointer-overflow-on-invalidate.patch + 65842d5c-x86-AMD-extend-CPU-erratum-1474-fix.patch + 65a7a0a4-x86-Intel-GPCC-setup.patch + 65a9911a-VMX-IRQ-handling-for-EXIT_REASON_INIT.patch + 65b27990-x86-p2m-pt-off-by-1-in-entry-check.patch + 65b29e91-x86-ucode-stability-of-raw-policy-rescan.patch +- bsc#1218851 - VUL-0: CVE-2023-46839: xen: phantom functions + assigned to incorrect contexts (XSA-449) + 65b8f961-PCI-fail-dev-assign-if-phantom-functions.patch +- bsc#1219080 - VUL-0: CVE-2023-46840: xen: VT-d: Failure to + quarantine devices in !HVM builds (XSA-450) + 65b8f9ab-VT-d-else-vs-endif-misplacement.patch +- Patches dropped / replaced by newer upstream versions + xsa449.patch + xsa450.patch + +------------------------------------------------------------------- +Tue Jan 23 08:52:25 MST 2024 - carnold@suse.com + +- bsc#1219080 - VUL-0: CVE-2023-46840: xen: VT-d: Failure to + quarantine devices in !HVM builds (XSA-450) + xsa450.patch + +------------------------------------------------------------------- +Tue Jan 16 09:32:55 MST 2024 - carnold@suse.com + +- bsc#1218851 - VUL-0: CVE-2023-46839: xen: phantom functions + assigned to incorrect contexts (XSA-449) + xsa449.patch + ------------------------------------------------------------------- Tue Nov 21 13:22:23 MST 2023 - carnold@suse.com diff --git a/xen.libxl.dmmd.patch b/xen.libxl.dmmd.patch index 1624f99..680c817 100644 --- a/xen.libxl.dmmd.patch +++ b/xen.libxl.dmmd.patch @@ -7,10 +7,8 @@ References: bsc#954872 tools/libxl/libxlu_disk_l.l | 2 ++ 4 files changed, 37 insertions(+), 6 deletions(-) -Index: xen-4.18.0-testing/tools/libs/light/libxl_disk.c -=================================================================== ---- xen-4.18.0-testing.orig/tools/libs/light/libxl_disk.c -+++ xen-4.18.0-testing/tools/libs/light/libxl_disk.c +--- a/tools/libs/light/libxl_disk.c ++++ b/tools/libs/light/libxl_disk.c @@ -203,7 +203,7 @@ static int libxl__device_disk_setdefault return rc; } @@ -31,11 +29,9 @@ Index: xen-4.18.0-testing/tools/libs/light/libxl_disk.c flexarray_append(back, "params"); flexarray_append(back, GCSPRINTF("%s:%s", libxl__device_disk_string_of_format(disk->format), -Index: xen-4.18.0-testing/tools/libs/light/libxl_device.c -=================================================================== ---- xen-4.18.0-testing.orig/tools/libs/light/libxl_device.c -+++ xen-4.18.0-testing/tools/libs/light/libxl_device.c -@@ -333,7 +333,8 @@ static int disk_try_backend(disk_try_bac +--- a/tools/libs/light/libxl_device.c ++++ b/tools/libs/light/libxl_device.c +@@ -351,7 +351,8 @@ static int disk_try_backend(disk_try_bac return 0; case LIBXL_DISK_BACKEND_QDISK: @@ -45,10 +41,8 @@ Index: xen-4.18.0-testing/tools/libs/light/libxl_device.c return backend; case LIBXL_DISK_BACKEND_STANDALONE: -Index: xen-4.18.0-testing/tools/libs/light/libxl_dm.c -=================================================================== ---- xen-4.18.0-testing.orig/tools/libs/light/libxl_dm.c -+++ xen-4.18.0-testing/tools/libs/light/libxl_dm.c +--- a/tools/libs/light/libxl_dm.c ++++ b/tools/libs/light/libxl_dm.c @@ -1197,6 +1197,30 @@ out: return rc; } @@ -93,10 +87,8 @@ Index: xen-4.18.0-testing/tools/libs/light/libxl_dm.c if (dev_number == -1) { LOGD(WARN, guest_domid, "unable to determine"" disk number for %s", disks[i].vdev); -Index: xen-4.18.0-testing/tools/libs/util/libxlu_disk_l.l -=================================================================== ---- xen-4.18.0-testing.orig/tools/libs/util/libxlu_disk_l.l -+++ xen-4.18.0-testing/tools/libs/util/libxlu_disk_l.l +--- a/tools/libs/util/libxlu_disk_l.l ++++ b/tools/libs/util/libxlu_disk_l.l @@ -253,6 +253,8 @@ target=.* { STRIP(','); SAVESTRING("targ free(newscript); } @@ -106,10 +98,8 @@ Index: xen-4.18.0-testing/tools/libs/util/libxlu_disk_l.l tapdisk:/.* { DPC->had_depr_prefix=1; DEPRECATE(0); } tap2?:/.* { DPC->had_depr_prefix=1; DEPRECATE(0); } aio:/.* { DPC->had_depr_prefix=1; DEPRECATE(0); } -Index: xen-4.18.0-testing/tools/libs/light/libxl_internal.h -=================================================================== ---- xen-4.18.0-testing.orig/tools/libs/light/libxl_internal.h -+++ xen-4.18.0-testing/tools/libs/light/libxl_internal.h +--- a/tools/libs/light/libxl_internal.h ++++ b/tools/libs/light/libxl_internal.h @@ -2073,6 +2073,10 @@ _hidden char *libxl__object_to_json(libx _hidden int libxl__cpuid_legacy(libxl_ctx *ctx, uint32_t domid, bool retore, libxl_domain_build_info *info); diff --git a/xen.spec b/xen.spec index 6aa0ddc..ce2ed70 100644 --- a/xen.spec +++ b/xen.spec @@ -1,7 +1,7 @@ # # spec file for package xen # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -28,7 +28,7 @@ Name: xen ExclusiveArch: %ix86 x86_64 aarch64 -%define xen_build_dir xen-4.18.0-testing +%define xen_build_dir xen-4.18.3-testing # %define with_gdbsx 0 %define with_dom0_support 0 @@ -119,12 +119,12 @@ BuildRequires: pesign-obs-integration %endif Provides: installhint(reboot-needed) -Version: 4.18.0_04 +Version: 4.18.3_02 Release: 0 Summary: Xen Virtualization: Hypervisor (aka VMM aka Microkernel) License: GPL-2.0-only Group: System/Kernel -Source0: xen-4.18.0-testing-src.tar.bz2 +Source0: xen-4.18.3-testing-src.tar.bz2 Source1: stubdom.tar.bz2 Source2: mini-os.tar.bz2 Source9: xen.changes @@ -154,9 +154,7 @@ Source10183: xen_maskcalc.py # For xen-libs Source99: baselibs.conf # Upstream patches -Patch1: 654370e2-x86-x2APIC-remove-ACPI_FADT_APIC_CLUSTER-use.patch -Patch2: 65437103-x86-i8259-dont-assume-IRQs-always-target-CPU0.patch -Patch3: 655b2ba9-fix-sched_move_domain.patch +Patch1: 6617d62c-x86-hvm-Misra-Rule-19-1-regression.patch # EMBARGOED security fixes # libxc Patch301: libxc-bitmap-long.patch @@ -202,6 +200,7 @@ Patch408: ignore-ip-command-script-errors.patch # Needs to go upstream Patch420: suspend_evtchn_lock.patch Patch421: vif-route.patch +Patch422: gcc14-fixes.patch # Other bug fixes or features Patch450: xen.sysconfig-fillup.patch Patch451: xenconsole-no-multiple-connections.patch diff --git a/xl-save-pc.patch b/xl-save-pc.patch index 076489a..28b9449 100644 --- a/xl-save-pc.patch +++ b/xl-save-pc.patch @@ -21,7 +21,7 @@ Keep going if the event type and shutdown reason remains the same. --- a/tools/xl/Makefile +++ b/tools/xl/Makefile -@@ -26,6 +26,7 @@ XL_OBJS += xl_vmcontrol.o xl_saverestore +@@ -25,6 +25,7 @@ XL_OBJS += xl_vmcontrol.o xl_saverestore XL_OBJS += xl_vdispl.o xl_vsnd.o xl_vkb.o $(XL_OBJS): CFLAGS += $(CFLAGS_libxentoollog) @@ -29,7 +29,7 @@ Keep going if the event type and shutdown reason remains the same. $(XL_OBJS): CFLAGS += $(CFLAGS_XL) $(XL_OBJS): CFLAGS += -include $(XEN_ROOT)/tools/config.h # libxl_json.h needs it. -@@ -33,7 +34,7 @@ $(XL_OBJS): CFLAGS += -include $(XEN_ROO +@@ -32,7 +33,7 @@ $(XL_OBJS): CFLAGS += -include $(XEN_ROO all: xl xl: $(XL_OBJS)