diff --git a/6617d62c-x86-hvm-Misra-Rule-19-1-regression.patch b/6617d62c-x86-hvm-Misra-Rule-19-1-regression.patch deleted file mode 100644 index a506255..0000000 --- a/6617d62c-x86-hvm-Misra-Rule-19-1-regression.patch +++ /dev/null @@ -1,45 +0,0 @@ -# Commit d0a718a45f14b86471d8eb3083acd72760963470 -# Date 2024-04-11 13:23:08 +0100 -# Author Andrew Cooper -# Committer Andrew Cooper -x86/hvm: Fix Misra Rule 19.1 regression - -Despite noticing an impending Rule 19.1 violation, the adjustment made (the -uint32_t cast) wasn't sufficient to avoid it. Try again. - -Subsequently noticed by Coverity too. - -Fixes: 6a98383b0877 ("x86/HVM: clear upper halves of GPRs upon entry from 32-bit code") -Coverity-IDs: 1596289 thru 1596298 -Signed-off-by: Andrew Cooper -Reviewed-by: Stefano Stabellini - ---- a/xen/arch/x86/include/asm/hvm/hvm.h -+++ b/xen/arch/x86/include/asm/hvm/hvm.h -@@ -585,16 +585,16 @@ static inline void hvm_sanitize_regs_fie - if ( compat ) - { - /* Clear GPR upper halves, to counteract guests playing games. */ -- regs->rbp = (uint32_t)regs->ebp; -- regs->rbx = (uint32_t)regs->ebx; -- regs->rax = (uint32_t)regs->eax; -- regs->rcx = (uint32_t)regs->ecx; -- regs->rdx = (uint32_t)regs->edx; -- regs->rsi = (uint32_t)regs->esi; -- regs->rdi = (uint32_t)regs->edi; -- regs->rip = (uint32_t)regs->eip; -- regs->rflags = (uint32_t)regs->eflags; -- regs->rsp = (uint32_t)regs->esp; -+ regs->rbp = (uint32_t)regs->rbp; -+ regs->rbx = (uint32_t)regs->rbx; -+ regs->rax = (uint32_t)regs->rax; -+ regs->rcx = (uint32_t)regs->rcx; -+ regs->rdx = (uint32_t)regs->rdx; -+ regs->rsi = (uint32_t)regs->rsi; -+ regs->rdi = (uint32_t)regs->rdi; -+ regs->rip = (uint32_t)regs->rip; -+ regs->rflags = (uint32_t)regs->rflags; -+ regs->rsp = (uint32_t)regs->rsp; - } - - #ifndef NDEBUG diff --git a/66a8b8ac-bunzip2-rare-failure.patch b/66a8b8ac-bunzip2-rare-failure.patch new file mode 100644 index 0000000..ecad994 --- /dev/null +++ b/66a8b8ac-bunzip2-rare-failure.patch @@ -0,0 +1,30 @@ +# Commit 303d3ff85c90ee4af4bad4e3b1d4932fa2634d64 +# Date 2024-07-30 11:55:56 +0200 +# Author Ross Lagerwall +# Committer Jan Beulich +bunzip2: fix rare decompression failure + +The decompression code parses a huffman tree and counts the number of +symbols for a given bit length. In rare cases, there may be >= 256 +symbols with a given bit length, causing the unsigned char to overflow. +This causes a decompression failure later when the code tries and fails to +find the bit length for a given symbol. + +Since the maximum number of symbols is 258, use unsigned short instead. + +Fixes: ab77e81f6521 ("x86/dom0: support bzip2 and lzma compressed bzImage payloads") +Signed-off-by: Ross Lagerwall +Acked-by: Jan Beulich + +--- a/xen/common/bunzip2.c ++++ b/xen/common/bunzip2.c +@@ -221,7 +221,8 @@ static int __init get_next_block(struct + RUNB) */ + symCount = symTotal+2; + for (j = 0; j < groupCount; j++) { +- unsigned char length[MAX_SYMBOLS], temp[MAX_HUFCODE_BITS+1]; ++ unsigned char length[MAX_SYMBOLS]; ++ unsigned short temp[MAX_HUFCODE_BITS+1]; + int minLen, maxLen, pp; + /* Read Huffman code lengths for each symbol. They're + stored in a way similar to mtf; record a starting diff --git a/66bb6f78-x86-IOMMU-move-tracking-in-iommu_identity_mapping.patch b/66bb6f78-x86-IOMMU-move-tracking-in-iommu_identity_mapping.patch new file mode 100644 index 0000000..490e176 --- /dev/null +++ b/66bb6f78-x86-IOMMU-move-tracking-in-iommu_identity_mapping.patch @@ -0,0 +1,99 @@ +Subject: x86/IOMMU: move tracking in iommu_identity_mapping() +From: Teddy Astie teddy.astie@vates.tech Tue Aug 13 16:36:40 2024 +0200 +Date: Tue Aug 13 16:36:40 2024 +0200: +Git: beadd68b5490ada053d72f8a9ce6fd696d626596 + +If for some reason xmalloc() fails after having mapped the reserved +regions, an error is reported, but the regions remain mapped in the P2M. + +Similarly if an error occurs during set_identity_p2m_entry() (except on +the first call), the partial mappings of the region would be retained +without being tracked anywhere, and hence without there being a way to +remove them again from the domain's P2M. + +Move the setting up of the list entry ahead of trying to map the region. +In cases other than the first mapping failing, keep record of the full +region, such that a subsequent unmapping request can be properly torn +down. + +To compensate for the potentially excess unmapping requests, don't log a +warning from p2m_remove_identity_entry() when there really was nothing +mapped at a given GFN. + +This is XSA-460 / CVE-2024-31145. + +Fixes: 2201b67b9128 ("VT-d: improve RMRR region handling") +Fixes: c0e19d7c6c42 ("IOMMU: generalize VT-d's tracking of mapped RMRR regions") +Signed-off-by: Teddy Astie +Signed-off-by: Jan Beulich +Reviewed-by: Roger Pau Monné + +diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c +index e7e327d6a6..1739133fc2 100644 +--- a/xen/arch/x86/mm/p2m.c ++++ b/xen/arch/x86/mm/p2m.c +@@ -1267,9 +1267,11 @@ int p2m_remove_identity_entry(struct domain *d, unsigned long gfn_l) + else + { + gfn_unlock(p2m, gfn, 0); +- printk(XENLOG_G_WARNING +- "non-identity map d%d:%lx not cleared (mapped to %lx)\n", +- d->domain_id, gfn_l, mfn_x(mfn)); ++ if ( (p2mt != p2m_invalid && p2mt != p2m_mmio_dm) || ++ a != p2m_access_n || !mfn_eq(mfn, INVALID_MFN) ) ++ printk(XENLOG_G_WARNING ++ "non-identity map %pd:%lx not cleared (mapped to %lx)\n", ++ d, gfn_l, mfn_x(mfn)); + ret = 0; + } + +diff --git a/xen/drivers/passthrough/x86/iommu.c b/xen/drivers/passthrough/x86/iommu.c +index cc0062b027..8b1e0596b8 100644 +--- a/xen/drivers/passthrough/x86/iommu.c ++++ b/xen/drivers/passthrough/x86/iommu.c +@@ -267,24 +267,36 @@ int iommu_identity_mapping(struct domain *d, p2m_access_t p2ma, + if ( p2ma == p2m_access_x ) + return -ENOENT; + +- while ( base_pfn < end_pfn ) +- { +- int err = set_identity_p2m_entry(d, base_pfn, p2ma, flag); +- +- if ( err ) +- return err; +- base_pfn++; +- } +- + map = xmalloc(struct identity_map); + if ( !map ) + return -ENOMEM; ++ + map->base = base; + map->end = end; + map->access = p2ma; + map->count = 1; ++ ++ /* ++ * Insert into list ahead of mapping, so the range can be found when ++ * trying to clean up. ++ */ + list_add_tail(&map->list, &hd->arch.identity_maps); + ++ for ( ; base_pfn < end_pfn; ++base_pfn ) ++ { ++ int err = set_identity_p2m_entry(d, base_pfn, p2ma, flag); ++ ++ if ( !err ) ++ continue; ++ ++ if ( (map->base >> PAGE_SHIFT_4K) == base_pfn ) ++ { ++ list_del(&map->list); ++ xfree(map); ++ } ++ return err; ++ } ++ + return 0; + } + diff --git a/66bb6fa5-x86-pass-through-document-as-security-unsupported.patch b/66bb6fa5-x86-pass-through-document-as-security-unsupported.patch new file mode 100644 index 0000000..b4431c9 --- /dev/null +++ b/66bb6fa5-x86-pass-through-document-as-security-unsupported.patch @@ -0,0 +1,31 @@ +Subject: x86/pass-through: documents as security-unsupported when sharing resources +From: Jan Beulich jbeulich@suse.com Tue Aug 13 16:37:25 2024 +0200 +Date: Tue Aug 13 16:37:25 2024 +0200: +Git: 9c94eda1e3790820699a6de3f6a7c959ecf30600 + +When multiple devices share resources and one of them is to be passed +through to a guest, security of the entire system and of respective +guests individually cannot really be guaranteed without knowing +internals of any of the involved guests. Therefore such a configuration +cannot really be security-supported, yet making that explicit was so far +missing. + +This is XSA-461 / CVE-2024-31146. + +Signed-off-by: Jan Beulich +Reviewed-by: Juergen Gross + +--- a/SUPPORT.md ++++ b/SUPPORT.md +@@ -841,6 +841,11 @@ This feature is not security supported: + + Only systems using IOMMUs are supported. + ++Passing through of devices sharing resources with another device is not ++security supported. Such sharing could e.g. be the same line interrupt being ++used by multiple devices, one of which is to be passed through, or two such ++devices having memory BARs within the same 4k page. ++ + Not compatible with migration, populate-on-demand, altp2m, + introspection, memory sharing, or memory paging. + diff --git a/66cf737b-x86-Dom0-disable-SMAP-for-PV-only.patch b/66cf737b-x86-Dom0-disable-SMAP-for-PV-only.patch new file mode 100644 index 0000000..486cc88 --- /dev/null +++ b/66cf737b-x86-Dom0-disable-SMAP-for-PV-only.patch @@ -0,0 +1,127 @@ +# Commit fb1658221a31ec1db33253a80001191391e73b17 +# Date 2024-08-28 19:59:07 +0100 +# Author Roger Pau Monne +# Committer Andrew Cooper +x86/dom0: disable SMAP for PV domain building only + +Move the logic that disables SMAP so it's only performed when building a PV +dom0, PVH dom0 builder doesn't require disabling SMAP. + +The fixes tag is to account for the wrong usage of cpu_has_smap in +create_dom0(), it should instead have used +boot_cpu_has(X86_FEATURE_XEN_SMAP). Fix while moving the logic to apply to PV +only. + +While there also make cr4_pv32_mask __ro_after_init. + +Fixes: 493ab190e5b1 ('xen/sm{e, a}p: allow disabling sm{e, a}p for Xen itself') +Signed-off-by: Roger Pau Monné +Reviewed-by: Jan Beulich +Reviewed-by: Andrew Cooper + +--- a/xen/arch/x86/include/asm/setup.h ++++ b/xen/arch/x86/include/asm/setup.h +@@ -64,6 +64,8 @@ extern bool opt_dom0_verbose; + extern bool opt_dom0_cpuid_faulting; + extern bool opt_dom0_msr_relaxed; + ++extern unsigned long cr4_pv32_mask; ++ + #define max_init_domid (0) + + #endif +--- a/xen/arch/x86/pv/dom0_build.c ++++ b/xen/arch/x86/pv/dom0_build.c +@@ -354,11 +354,11 @@ static struct page_info * __init alloc_c + return page; + } + +-int __init dom0_construct_pv(struct domain *d, +- const module_t *image, +- unsigned long image_headroom, +- module_t *initrd, +- const char *cmdline) ++static int __init dom0_construct(struct domain *d, ++ const module_t *image, ++ unsigned long image_headroom, ++ module_t *initrd, ++ const char *cmdline) + { + int i, rc, order, machine; + bool compatible, compat; +@@ -1048,6 +1048,36 @@ out: + + return rc; + } ++ ++int __init dom0_construct_pv(struct domain *d, ++ const module_t *image, ++ unsigned long image_headroom, ++ module_t *initrd, ++ const char *cmdline) ++{ ++ int rc; ++ ++ /* ++ * Clear SMAP in CR4 to allow user-accesses in construct_dom0(). This ++ * prevents us needing to rewrite construct_dom0() in terms of ++ * copy_{to,from}_user(). ++ */ ++ if ( boot_cpu_has(X86_FEATURE_XEN_SMAP) ) ++ { ++ cr4_pv32_mask &= ~X86_CR4_SMAP; ++ write_cr4(read_cr4() & ~X86_CR4_SMAP); ++ } ++ ++ rc = dom0_construct(d, image, image_headroom, initrd, cmdline); ++ ++ if ( boot_cpu_has(X86_FEATURE_XEN_SMAP) ) ++ { ++ write_cr4(read_cr4() | X86_CR4_SMAP); ++ cr4_pv32_mask |= X86_CR4_SMAP; ++ } ++ ++ return rc; ++} + + /* + * Local variables: +--- a/xen/arch/x86/setup.c ++++ b/xen/arch/x86/setup.c +@@ -79,8 +79,7 @@ bool __read_mostly use_invpcid; + int8_t __initdata opt_probe_port_aliases = -1; + boolean_param("probe-port-aliases", opt_probe_port_aliases); + +-/* Only used in asm code and within this source file */ +-unsigned long asmlinkage __read_mostly cr4_pv32_mask; ++unsigned long __ro_after_init cr4_pv32_mask; + + /* **** Linux config option: propagated to domain0. */ + /* "acpi=off": Sisables both ACPI table parsing and interpreter. */ +@@ -955,26 +954,9 @@ static struct domain *__init create_dom0 + } + } + +- /* +- * Temporarily clear SMAP in CR4 to allow user-accesses in construct_dom0(). +- * This saves a large number of corner cases interactions with +- * copy_from_user(). +- */ +- if ( cpu_has_smap ) +- { +- cr4_pv32_mask &= ~X86_CR4_SMAP; +- write_cr4(read_cr4() & ~X86_CR4_SMAP); +- } +- + if ( construct_dom0(d, image, headroom, initrd, cmdline) != 0 ) + panic("Could not construct domain 0\n"); + +- if ( cpu_has_smap ) +- { +- write_cr4(read_cr4() | X86_CR4_SMAP); +- cr4_pv32_mask |= X86_CR4_SMAP; +- } +- + return d; + } + diff --git a/66d02b69-Arm64-adjust-irq_to_desc-to-fix-build-with-gcc14.patch b/66d02b69-Arm64-adjust-irq_to_desc-to-fix-build-with-gcc14.patch new file mode 100644 index 0000000..3e83c37 --- /dev/null +++ b/66d02b69-Arm64-adjust-irq_to_desc-to-fix-build-with-gcc14.patch @@ -0,0 +1,49 @@ +Subject: Arm64: adjust __irq_to_desc() to fix build with gcc14 +From: Jan Beulich jbeulich@suse.com Thu Aug 29 10:03:53 2024 +0200 +Date: Thu Aug 29 10:03:53 2024 +0200: +Git: 99f942f3d410059dc223ee0a908827e928ef3592 + +With the original code I observe + +In function ‘__irq_to_desc’, + inlined from ‘route_irq_to_guest’ at arch/arm/irq.c:465:12: +arch/arm/irq.c:54:16: error: array subscript -2 is below array bounds of ‘irq_desc_t[32]’ {aka ‘struct irq_desc[32]’} [-Werror=array-bounds=] + 54 | return &this_cpu(local_irq_desc)[irq]; + | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +which looks pretty bogus: How in the world does the compiler arrive at +-2 when compiling route_irq_to_guest()? Yet independent of that the +function's parameter wants to be of unsigned type anyway, as shown by +a vast majority of callers (others use plain int when they really mean +non-negative quantities). With that adjustment the code compiles fine +again. + +Signed-off-by: Jan Beulich +Acked-by: Michal Orzel + +diff --git a/xen/arch/arm/include/asm/irq.h b/xen/arch/arm/include/asm/irq.h +index ec437add09..88e060bf29 100644 +--- a/xen/arch/arm/include/asm/irq.h ++++ b/xen/arch/arm/include/asm/irq.h +@@ -56,7 +56,7 @@ extern const unsigned int nr_irqs; + struct irq_desc; + struct irqaction; + +-struct irq_desc *__irq_to_desc(int irq); ++struct irq_desc *__irq_to_desc(unsigned int irq); + + #define irq_to_desc(irq) __irq_to_desc(irq) + +diff --git a/xen/arch/arm/irq.c b/xen/arch/arm/irq.c +index 6b89f64fd1..b9757d7ad3 100644 +--- a/xen/arch/arm/irq.c ++++ b/xen/arch/arm/irq.c +@@ -48,7 +48,7 @@ void irq_end_none(struct irq_desc *irq) + static irq_desc_t irq_desc[NR_IRQS]; + static DEFINE_PER_CPU(irq_desc_t[NR_LOCAL_IRQS], local_irq_desc); + +-struct irq_desc *__irq_to_desc(int irq) ++struct irq_desc *__irq_to_desc(unsigned int irq) + { + if ( irq < NR_LOCAL_IRQS ) + return &this_cpu(local_irq_desc)[irq]; diff --git a/66d6dca8-libxl-nul-termination-in-xen_console_read_line.patch b/66d6dca8-libxl-nul-termination-in-xen_console_read_line.patch new file mode 100644 index 0000000..9596297 --- /dev/null +++ b/66d6dca8-libxl-nul-termination-in-xen_console_read_line.patch @@ -0,0 +1,84 @@ +# Commit bb03169bcb6ecccf372de1f6b9285cd519a26bb8 +# Date 2024-09-03 10:53:44 +0100 +# Author Javi Merino +# Committer Andrew Cooper +libxl: Fix nul-termination of the return value of libxl_xen_console_read_line() + +When built with ASAN, "xl dmesg" crashes in the "printf("%s", line)" +call in main_dmesg(). ASAN reports a heap buffer overflow: an +off-by-one access to cr->buffer. + +The readconsole sysctl copies up to count characters into the buffer, +but it does not add a null character at the end. Despite the +documentation of libxl_xen_console_read_line(), line_r is not +nul-terminated if 16384 characters were copied to the buffer. + +Fix this by asking xc_readconsolering() to fill the buffer up to size +- 1. As the number of characters in the buffer is only needed in +libxl_xen_console_read_line(), make it a local variable there instead +of part of the libxl__xen_console_reader struct. + +Fixes: 4024bae739cc ("xl: Add subcommand 'xl dmesg'") +Reported-by: Edwin Török +Signed-off-by: Javi Merino +Reviewed-by: Anthony PERARD + +--- a/tools/libs/light/libxl_console.c ++++ b/tools/libs/light/libxl_console.c +@@ -774,12 +774,17 @@ libxl_xen_console_reader * + { + GC_INIT(ctx); + libxl_xen_console_reader *cr; +- unsigned int size = 16384; ++ /* ++ * We want xen to fill the buffer in as few hypercalls as ++ * possible, but xen will not nul-terminate it. The default size ++ * of Xen's console buffer is 16384. Leave one byte at the end ++ * for the null character. ++ */ ++ unsigned int size = 16384 + 1; + + cr = libxl__zalloc(NOGC, sizeof(libxl_xen_console_reader)); + cr->buffer = libxl__zalloc(NOGC, size); + cr->size = size; +- cr->count = size; + cr->clear = clear; + cr->incremental = 1; + +@@ -800,10 +805,16 @@ int libxl_xen_console_read_line(libxl_ct + char **line_r) + { + int ret; ++ /* ++ * Number of chars to copy into the buffer. xc_readconsolering() ++ * does not add a null character at the end, so leave a space for ++ * us to add it. ++ */ ++ unsigned int nr_chars = cr->size - 1; + GC_INIT(ctx); + + memset(cr->buffer, 0, cr->size); +- ret = xc_readconsolering(ctx->xch, cr->buffer, &cr->count, ++ ret = xc_readconsolering(ctx->xch, cr->buffer, &nr_chars, + cr->clear, cr->incremental, &cr->index); + if (ret < 0) { + LOGE(ERROR, "reading console ring buffer"); +@@ -811,7 +822,7 @@ int libxl_xen_console_read_line(libxl_ct + return ERROR_FAIL; + } + if (!ret) { +- if (cr->count) { ++ if (nr_chars) { + *line_r = cr->buffer; + ret = 1; + } else { +--- a/tools/libs/light/libxl_internal.h ++++ b/tools/libs/light/libxl_internal.h +@@ -2077,7 +2077,6 @@ _hidden char *libxl__uuid2string(libxl__ + struct libxl__xen_console_reader { + char *buffer; + unsigned int size; +- unsigned int count; + unsigned int clear; + unsigned int incremental; + unsigned int index; diff --git a/66d8690f-SUPPORT-split-XSM-from-Flask.patch b/66d8690f-SUPPORT-split-XSM-from-Flask.patch new file mode 100644 index 0000000..f214ba7 --- /dev/null +++ b/66d8690f-SUPPORT-split-XSM-from-Flask.patch @@ -0,0 +1,54 @@ +# Commit d7c18b8720824d7efc39ffa7296751e1812865a9 +# Date 2024-09-04 16:05:03 +0200 +# Author Jan Beulich +# Committer Jan Beulich +SUPPORT.md: split XSM from Flask + +XSM is a generic framework, which in particular is also used by SILO. +With this it can't really be experimental: Arm mandates SILO for having +a security supported configuration. + +Signed-off-by: Jan Beulich +Reviewed-by: Roger Pau Monné +Reviewed-by: Daniel P. Smith + +--- a/SUPPORT.md ++++ b/SUPPORT.md +@@ -768,13 +768,21 @@ Compile time disabled for ARM by default + + Status, x86: Supported, not security supported + +-### XSM & FLASK ++### XSM (Xen Security Module) Framework ++ ++XSM is a security policy framework. The dummy implementation is covered by this ++statement, and implements a policy whereby dom0 is all powerful. See below for ++alternative modules (FLASK, SILO). ++ ++ Status: Supported ++ ++### FLASK XSM Module + + Status: Experimental + + Compile time disabled by default. + +-Also note that using XSM ++Also note that using FLASK + to delegate various domain control hypercalls + to particular other domains, rather than only permitting use by dom0, + is also specifically excluded from security support for many hypercalls. +@@ -787,6 +795,13 @@ Please see XSA-77 for more details. + The default policy includes FLASK labels and roles for a "typical" Xen-based system + with dom0, driver domains, stub domains, domUs, and so on. + ++### SILO XSM Module ++ ++SILO extends the dummy policy by enforcing that DomU-s can only communicate ++with Dom0, yet not with each other. ++ ++ Status: Supported ++ + ## Virtual Hardware, Hypervisor + + ### x86/Nested PV diff --git a/66e29480-x86-HVM-properly-reject-indirect-VRAM-writes.patch b/66e29480-x86-HVM-properly-reject-indirect-VRAM-writes.patch new file mode 100644 index 0000000..aa68111 --- /dev/null +++ b/66e29480-x86-HVM-properly-reject-indirect-VRAM-writes.patch @@ -0,0 +1,36 @@ +# Commit eb7cd0593d88c4b967a24bca8bd30591966676cd +# Date 2024-09-12 09:13:04 +0200 +# Author Jan Beulich +# Committer Jan Beulich +x86/HVM: properly reject "indirect" VRAM writes + +While ->count will only be different from 1 for "indirect" (data in +guest memory) accesses, it being 1 does not exclude the request being an +"indirect" one. Check both to be on the safe side, and bring the ->count +part also in line with what ioreq_send_buffered() actually refuses to +handle. + +Fixes: 3bbaaec09b1b ("x86/hvm: unify stdvga mmio intercept with standard mmio intercept") +Signed-off-by: Jan Beulich +Reviewed-by: Andrew Cooper + +--- a/xen/arch/x86/hvm/stdvga.c ++++ b/xen/arch/x86/hvm/stdvga.c +@@ -530,14 +530,14 @@ static bool cf_check stdvga_mem_accept( + + spin_lock(&s->lock); + +- if ( p->dir == IOREQ_WRITE && p->count > 1 ) ++ if ( p->dir == IOREQ_WRITE && (p->data_is_ptr || p->count != 1) ) + { + /* + * We cannot return X86EMUL_UNHANDLEABLE on anything other then the + * first cycle of an I/O. So, since we cannot guarantee to always be + * able to send buffered writes, we have to reject any multi-cycle +- * I/O and, since we are rejecting an I/O, we must invalidate the +- * cache. ++ * or "indirect" I/O and, since we are rejecting an I/O, we must ++ * invalidate the cache. + * Single-cycle write transactions are accepted even if the cache is + * not active since we can assert, when in stdvga mode, that writes + * to VRAM have no side effect and thus we can try to buffer them. diff --git a/66e44ae2-x86-ucode-AMD-buffer-underrun.patch b/66e44ae2-x86-ucode-AMD-buffer-underrun.patch new file mode 100644 index 0000000..58343b0 --- /dev/null +++ b/66e44ae2-x86-ucode-AMD-buffer-underrun.patch @@ -0,0 +1,52 @@ +# Commit a8bf14f6f331d4f428010b4277b67c33f561ed19 +# Date 2024-09-13 15:23:30 +0100 +# Author Demi Marie Obenour +# Committer Andrew Cooper +xen/ucode: Fix buffer under-run when parsing AMD containers + +The AMD container format has no formal spec. It is, at best, precision +guesswork based on AMD's prior contributions to open source projects. The +Equivalence Table has both an explicit length, and an expectation of having a +NULL entry at the end. + +Xen was sanity checking the NULL entry, but without confirming that an entry +was present, resulting in a read off the front of the buffer. With some +manual debugging/annotations this manifests as: + + (XEN) *** Buf ffff83204c00b19c, eq ffff83204c00b194 + (XEN) *** eq: 0c 00 00 00 44 4d 41 00 00 00 00 00 00 00 00 00 aa aa aa aa + ^-Actual buffer-------------------^ + (XEN) *** installed_cpu: 000c + (XEN) microcode: Bad equivalent cpu table + (XEN) Parsing microcode blob error -22 + +When loaded by hypercall, the 4 bytes interpreted as installed_cpu happen to +be the containing struct ucode_buf's len field, and luckily will be nonzero. + +When loaded at boot, it's possible for the access to #PF if the module happens +to have been placed on a 2M boundary by the bootloader. Under Linux, it will +commonly be the end of the CPIO header. + +Drop the probe of the NULL entry; Nothing else cares. A container without one +is well formed, insofar that we can still parse it correctly. With this +dropped, the same container results in: + + (XEN) microcode: couldn't find any matching ucode in the provided blob! + +Fixes: 4de936a38aa9 ("x86/ucode/amd: Rework parsing logic in cpu_request_microcode()") +Signed-off-by: Demi Marie Obenour +Signed-off-by: Andrew Cooper +Reviewed-by: Jan Beulich + +--- a/xen/arch/x86/cpu/microcode/amd.c ++++ b/xen/arch/x86/cpu/microcode/amd.c +@@ -336,8 +336,7 @@ static struct microcode_patch *cf_check + if ( size < sizeof(*et) || + (et = buf)->type != UCODE_EQUIV_CPU_TABLE_TYPE || + size - sizeof(*et) < et->len || +- et->len % sizeof(et->eq[0]) || +- et->eq[(et->len / sizeof(et->eq[0])) - 1].installed_cpu ) ++ et->len % sizeof(et->eq[0]) ) + { + printk(XENLOG_ERR "microcode: Bad equivalent cpu table\n"); + error = -EINVAL; diff --git a/xsa462.patch b/66f2af41-x86-vLAPIC-undue-recursion-of-vlapic_error.patch similarity index 82% rename from xsa462.patch rename to 66f2af41-x86-vLAPIC-undue-recursion-of-vlapic_error.patch index 99f6618..d942d71 100644 --- a/xsa462.patch +++ b/66f2af41-x86-vLAPIC-undue-recursion-of-vlapic_error.patch @@ -1,12 +1,15 @@ -From: Jan Beulich -Subject: x86/vLAPIC: prevent undue recursion of vlapic_error() +# Commit c42d9ec61f6d11e25fa77bd44dd11dad1edda268 +# Date 2024-09-24 14:23:29 +0200 +# Author Jan Beulich +# Committer Jan Beulich +x86/vLAPIC: prevent undue recursion of vlapic_error() With the error vector set to an illegal value, the function invoking vlapic_set_irq() would bring execution back here, with the non-recursive lock already held. Avoid the call in this case, merely further updating ESR (if necessary). -This is XSA-462. +This is XSA-462 / CVE-2024-45817. Fixes: 5f32d186a8b1 ("x86/vlapic: don't silently accept bad vectors") Reported-by: Federico Serafini @@ -17,7 +20,7 @@ Reviewed-by: Andrew Cooper --- a/xen/arch/x86/hvm/vlapic.c +++ b/xen/arch/x86/hvm/vlapic.c -@@ -113,9 +113,24 @@ static void vlapic_error(struct vlapic * +@@ -112,9 +112,24 @@ static void vlapic_error(struct vlapic * if ( (esr & errmask) != errmask ) { uint32_t lvterr = vlapic_get_reg(vlapic, APIC_LVTERR); diff --git a/66f2fd92-x86-ucode-Intel-stricter-sanity-check.patch b/66f2fd92-x86-ucode-Intel-stricter-sanity-check.patch new file mode 100644 index 0000000..5bfed16 --- /dev/null +++ b/66f2fd92-x86-ucode-Intel-stricter-sanity-check.patch @@ -0,0 +1,33 @@ +# Commit 8752ad83e79754f8109457cff796e5f86f644348 +# Date 2024-09-24 18:57:38 +0100 +# Author Demi Marie Obenour +# Committer Andrew Cooper +xen/ucode: Make Intel's microcode_sanity_check() stricter + +The SDM states that data size must be a multiple of 4, but Xen doesn't check +this propery. + +This is liable to cause a later failures, but should be checked explicitly. + +Signed-off-by: Demi Marie Obenour +Signed-off-by: Andrew Cooper +Reviewed-by: Jan Beulich + +--- a/xen/arch/x86/cpu/microcode/intel.c ++++ b/xen/arch/x86/cpu/microcode/intel.c +@@ -155,10 +155,13 @@ static int microcode_sanity_check(const + uint32_t sum; + + /* +- * Total size must be a multiple of 1024 bytes. Data size and the header +- * must fit within it. ++ * The SDM states: ++ * - Data size must be a multiple of 4. ++ * - Total size must be a multiple of 1024 bytes. Data size and the ++ * header must fit within it. + */ + if ( (total_size & 1023) || ++ (data_size & 3) || + data_size > (total_size - MC_HEADER_SIZE) ) + { + printk(XENLOG_WARNING "microcode: Bad size\n"); diff --git a/bin-python3-conversion.patch b/bin-python3-conversion.patch deleted file mode 100644 index a86d6e8..0000000 --- a/bin-python3-conversion.patch +++ /dev/null @@ -1,50 +0,0 @@ -Index: xen-4.18.0-testing/tools/misc/xencov_split -=================================================================== ---- xen-4.18.0-testing.orig/tools/misc/xencov_split -+++ xen-4.18.0-testing/tools/misc/xencov_split -@@ -1,4 +1,4 @@ --#!/usr/bin/env python -+#!/usr/bin/python3 - - from __future__ import print_function - from builtins import str -Index: xen-4.18.0-testing/tools/python/scripts/convert-legacy-stream -=================================================================== ---- xen-4.18.0-testing.orig/tools/python/scripts/convert-legacy-stream -+++ xen-4.18.0-testing/tools/python/scripts/convert-legacy-stream -@@ -1,4 +1,4 @@ --#!/usr/bin/env python -+#!/usr/bin/python3 - # -*- coding: utf-8 -*- - - """ -Index: xen-4.18.0-testing/tools/python/scripts/verify-stream-v2 -=================================================================== ---- xen-4.18.0-testing.orig/tools/python/scripts/verify-stream-v2 -+++ xen-4.18.0-testing/tools/python/scripts/verify-stream-v2 -@@ -1,4 +1,4 @@ --#!/usr/bin/env python -+#!/usr/bin/python3 - # -*- coding: utf-8 -*- - - """ Verify a v2 format migration stream """ -Index: xen-4.18.0-testing/tools/xenmon/xenmon.py -=================================================================== ---- xen-4.18.0-testing.orig/tools/xenmon/xenmon.py -+++ xen-4.18.0-testing/tools/xenmon/xenmon.py -@@ -1,4 +1,4 @@ --#!/usr/bin/env python -+#!/usr/bin/python3 - - ##################################################################### - # xenmon is a front-end for xenbaked. -Index: xen-4.18.0-testing/tools/xentrace/xentrace_format -=================================================================== ---- xen-4.18.0-testing.orig/tools/xentrace/xentrace_format -+++ xen-4.18.0-testing/tools/xentrace/xentrace_format -@@ -1,4 +1,4 @@ --#!/usr/bin/env python -+#!/usr/bin/python3 - - # by Mark Williamson, (C) 2004 Intel Research Cambridge - diff --git a/build-python3-conversion.patch b/build-python3-conversion.patch index e1258f1..daa3bb9 100644 --- a/build-python3-conversion.patch +++ b/build-python3-conversion.patch @@ -1,7 +1,7 @@ -Index: xen-4.18.3-testing/Config.mk +Index: xen-4.19.0-testing/Config.mk =================================================================== ---- xen-4.18.3-testing.orig/Config.mk -+++ xen-4.18.3-testing/Config.mk +--- xen-4.19.0-testing.orig/Config.mk ++++ xen-4.19.0-testing/Config.mk @@ -77,7 +77,7 @@ EXTRA_INCLUDES += $(EXTRA_PREFIX)/includ EXTRA_LIB += $(EXTRA_PREFIX)/lib endif @@ -11,47 +11,34 @@ Index: xen-4.18.3-testing/Config.mk PYTHON_PREFIX_ARG ?= --prefix="$(prefix)" # The above requires that prefix contains *no spaces*. This variable is here # to permit the user to set PYTHON_PREFIX_ARG to '' to workaround this bug: -Index: xen-4.18.3-testing/tools/configure +Index: xen-4.19.0-testing/tools/configure =================================================================== ---- xen-4.18.3-testing.orig/tools/configure -+++ xen-4.18.3-testing/tools/configure -@@ -7382,15 +7382,15 @@ if test x"${PYTHONPATH}" = x"no" +--- xen-4.19.0-testing.orig/tools/configure ++++ xen-4.19.0-testing/tools/configure +@@ -8297,15 +8297,15 @@ if test x"${PYTHONPATH}" = x"no" then as_fn_error $? "Unable to find $PYTHON, please install $PYTHON" "$LINENO" 5 fi --{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for python version >= 2.6 " >&5 --$as_echo_n "checking for python version >= 2.6 ... " >&6; } --`$PYTHON -c 'import sys; sys.exit(eval("sys.version_info < (2, 6)"))'` -+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for python3 version >= 3.0 " >&5 -+$as_echo_n "checking for python3 version >= 3.0 ... " >&6; } +-{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for python version >= 2.7 " >&5 +-printf %s "checking for python version >= 2.7 ... " >&6; } +-`$PYTHON -c 'import sys; sys.exit(eval("sys.version_info < (2, 7)"))'` ++{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for python version >= 3.0 " >&5 ++printf %s "checking for python version >= 3.0 ... " >&6; } +`$PYTHON -c 'import sys; sys.exit(eval("sys.version_info < (3, 0)"))'` if test "$?" != "0" then python_version=`$PYTHON -V 2>&1` - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 - $as_echo "no" >&6; } -- as_fn_error $? "$python_version is too old, minimum required version is 2.6" "$LINENO" 5 + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 + printf "%s\n" "no" >&6; } +- as_fn_error $? "$python_version is too old, minimum required version is 2.7" "$LINENO" 5 + as_fn_error $? "$python_version is too old, minimum required version is 3.0" "$LINENO" 5 else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 - $as_echo "yes" >&6; } -Index: xen-4.18.3-testing/tools/configure.ac + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 + printf "%s\n" "yes" >&6; } +Index: xen-4.19.0-testing/tools/libs/light/idl.py =================================================================== ---- xen-4.18.3-testing.orig/tools/configure.ac -+++ xen-4.18.3-testing/tools/configure.ac -@@ -385,7 +385,7 @@ PYTHONPATH=$PYTHON - PYTHON=`basename $PYTHONPATH` - - AX_PATH_PROG_OR_FAIL([PYTHONPATH], [$PYTHON]) --AX_CHECK_PYTHON_VERSION([2], [6]) -+AX_CHECK_PYTHON_VERSION([3], [0]) - - AS_IF([test "$cross_compiling" != yes], [ - AX_CHECK_PYTHON_DEVEL() -Index: xen-4.18.3-testing/tools/libs/light/idl.py -=================================================================== ---- xen-4.18.3-testing.orig/tools/libs/light/idl.py -+++ xen-4.18.3-testing/tools/libs/light/idl.py +--- xen-4.19.0-testing.orig/tools/libs/light/idl.py ++++ xen-4.19.0-testing/tools/libs/light/idl.py @@ -271,7 +271,7 @@ class KeyedUnion(Aggregate): if not isinstance(keyvar_type, Enumeration): raise ValueError @@ -79,80 +66,80 @@ Index: xen-4.18.3-testing/tools/libs/light/idl.py if isinstance(t, Type): globs[n] = t elif isinstance(t,type(object)) and issubclass(t, Type): -Index: xen-4.18.3-testing/tools/libs/light/gentest.py +Index: xen-4.19.0-testing/tools/libs/light/gentest.py =================================================================== ---- xen-4.18.3-testing.orig/tools/libs/light/gentest.py -+++ xen-4.18.3-testing/tools/libs/light/gentest.py +--- xen-4.19.0-testing.orig/tools/libs/light/gentest.py ++++ xen-4.19.0-testing/tools/libs/light/gentest.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 from __future__ import print_function -Index: xen-4.18.3-testing/tools/libs/light/gentypes.py +Index: xen-4.19.0-testing/tools/libs/light/gentypes.py =================================================================== ---- xen-4.18.3-testing.orig/tools/libs/light/gentypes.py -+++ xen-4.18.3-testing/tools/libs/light/gentypes.py +--- xen-4.19.0-testing.orig/tools/libs/light/gentypes.py ++++ xen-4.19.0-testing/tools/libs/light/gentypes.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 from __future__ import print_function -Index: xen-4.18.3-testing/tools/include/xen-foreign/mkheader.py +Index: xen-4.19.0-testing/tools/include/xen-foreign/mkheader.py =================================================================== ---- xen-4.18.3-testing.orig/tools/include/xen-foreign/mkheader.py -+++ xen-4.18.3-testing/tools/include/xen-foreign/mkheader.py +--- xen-4.19.0-testing.orig/tools/include/xen-foreign/mkheader.py ++++ xen-4.19.0-testing/tools/include/xen-foreign/mkheader.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 from __future__ import print_function -Index: xen-4.18.3-testing/tools/include/xen-foreign/mkchecker.py +Index: xen-4.19.0-testing/tools/include/xen-foreign/mkchecker.py =================================================================== ---- xen-4.18.3-testing.orig/tools/include/xen-foreign/mkchecker.py -+++ xen-4.18.3-testing/tools/include/xen-foreign/mkchecker.py +--- xen-4.19.0-testing.orig/tools/include/xen-foreign/mkchecker.py ++++ xen-4.19.0-testing/tools/include/xen-foreign/mkchecker.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 import sys; from structs import structs, compat_arches; -Index: xen-4.18.3-testing/xen/tools/gen-cpuid.py +Index: xen-4.19.0-testing/xen/tools/gen-cpuid.py =================================================================== ---- xen-4.18.3-testing.orig/xen/tools/gen-cpuid.py -+++ xen-4.18.3-testing/xen/tools/gen-cpuid.py +--- xen-4.19.0-testing.orig/xen/tools/gen-cpuid.py ++++ xen-4.19.0-testing/xen/tools/gen-cpuid.py @@ -1,4 +1,4 @@ -#!/usr/bin/env python +#!/usr/bin/python3 # -*- coding: utf-8 -*- import sys, os, re -Index: xen-4.18.3-testing/xen/tools/compat-build-source.py +Index: xen-4.19.0-testing/xen/tools/compat-build-source.py =================================================================== ---- xen-4.18.3-testing.orig/xen/tools/compat-build-source.py -+++ xen-4.18.3-testing/xen/tools/compat-build-source.py +--- xen-4.19.0-testing.orig/xen/tools/compat-build-source.py ++++ xen-4.19.0-testing/xen/tools/compat-build-source.py @@ -1,4 +1,4 @@ -#!/usr/bin/env python +#!/usr/bin/python3 import re,sys -Index: xen-4.18.3-testing/xen/tools/compat-build-header.py +Index: xen-4.19.0-testing/xen/tools/compat-build-header.py =================================================================== ---- xen-4.18.3-testing.orig/xen/tools/compat-build-header.py -+++ xen-4.18.3-testing/xen/tools/compat-build-header.py +--- xen-4.19.0-testing.orig/xen/tools/compat-build-header.py ++++ xen-4.19.0-testing/xen/tools/compat-build-header.py @@ -1,4 +1,4 @@ -#!/usr/bin/env python +#!/usr/bin/python3 import re,sys -Index: xen-4.18.3-testing/tools/misc/xensymoops +Index: xen-4.19.0-testing/tools/misc/xensymoops =================================================================== ---- xen-4.18.3-testing.orig/tools/misc/xensymoops -+++ xen-4.18.3-testing/tools/misc/xensymoops +--- xen-4.19.0-testing.orig/tools/misc/xensymoops ++++ xen-4.19.0-testing/tools/misc/xensymoops @@ -1,4 +1,4 @@ -#!/usr/bin/env python +#!/usr/bin/python3 diff --git a/gcc14-fixes.patch b/gcc14-fixes.patch index 4803331..b245902 100644 --- a/gcc14-fixes.patch +++ b/gcc14-fixes.patch @@ -14,10 +14,10 @@ Compiling against gcc14. | ^~~~~ -Index: xen-4.18.2-testing/stubdom/Makefile +Index: xen-4.19.0-testing/stubdom/Makefile =================================================================== ---- xen-4.18.2-testing.orig/stubdom/Makefile -+++ xen-4.18.2-testing/stubdom/Makefile +--- xen-4.19.0-testing.orig/stubdom/Makefile ++++ xen-4.19.0-testing/stubdom/Makefile @@ -97,6 +97,7 @@ newlib-$(NEWLIB_VERSION): newlib-$(NEWLI patch -d $@ -p1 < newlib-disable-texinfo.patch patch -d $@ -p1 < newlib-cygmon-gmon.patch @@ -26,10 +26,10 @@ Index: xen-4.18.2-testing/stubdom/Makefile find $@ -type f | xargs perl -i.bak \ -pe 's/\b_(tzname|daylight|timezone)\b/$$1/g' touch $@ -Index: xen-4.18.2-testing/stubdom/newlib-gcc14-pragmas.patch +Index: xen-4.19.0-testing/stubdom/newlib-gcc14-pragmas.patch =================================================================== --- /dev/null -+++ xen-4.18.2-testing/stubdom/newlib-gcc14-pragmas.patch ++++ xen-4.19.0-testing/stubdom/newlib-gcc14-pragmas.patch @@ -0,0 +1,36 @@ +--- newlib-1.16.0/newlib/libc/stdlib/wcstoull.c.orig 2024-06-04 15:32:01.495146632 -0600 ++++ newlib-1.16.0/newlib/libc/stdlib/wcstoull.c 2024-06-04 15:38:56.627156524 -0600 @@ -67,15 +67,3 @@ Index: xen-4.18.2-testing/stubdom/newlib-gcc14-pragmas.patch + DEFUN(copy_past_newline,(ptr, idx, dst), + string_type *ptr AND + unsigned int idx AND ---- xen-4.18.2-testing/extras/mini-os-remote/include/posix/sys/mman.h.orig 2024-06-04 16:27:35.155226069 -0600 -+++ xen-4.18.2-testing/extras/mini-os-remote/include/posix/sys/mman.h 2024-06-04 16:31:46.591232060 -0600 -@@ -16,7 +16,7 @@ - - void *mmap(void *start, size_t length, int prot, int flags, int fd, off_t offset) asm("mmap64"); - int munmap(void *start, size_t length); --static inline mlock(const void *addr, size_t len) { return 0; } --static inline munlock(const void *addr, size_t len) { return 0; } -+static inline int mlock(const void *addr, size_t len) { return 0; } -+static inline int munlock(const void *addr, size_t len) { return 0; } - - #endif /* _POSIX_SYS_MMAN_H */ diff --git a/libxc-sr-LIBXL_HAVE_DOMAIN_SUSPEND_PROPS.patch b/libxc-sr-LIBXL_HAVE_DOMAIN_SUSPEND_PROPS.patch index af3c9e8..5ae5034 100644 --- a/libxc-sr-LIBXL_HAVE_DOMAIN_SUSPEND_PROPS.patch +++ b/libxc-sr-LIBXL_HAVE_DOMAIN_SUSPEND_PROPS.patch @@ -20,7 +20,7 @@ Acked-by: Christian Lindig --- a/tools/include/libxl.h +++ b/tools/include/libxl.h -@@ -1811,13 +1811,28 @@ static inline int libxl_retrieve_domain_ +@@ -1850,13 +1850,28 @@ static inline int libxl_retrieve_domain_ libxl_retrieve_domain_configuration_0x041200 #endif diff --git a/libxc-sr-abort_if_busy.patch b/libxc-sr-abort_if_busy.patch index 4867eab..4542824 100644 --- a/libxc-sr-abort_if_busy.patch +++ b/libxc-sr-abort_if_busy.patch @@ -53,7 +53,7 @@ Signed-off-by: Olaf Hering =item B [I] I I --- a/tools/include/libxl.h +++ b/tools/include/libxl.h -@@ -1824,6 +1824,7 @@ typedef struct { +@@ -1863,6 +1863,7 @@ typedef struct { } libxl_domain_suspend_suse_properties; #define LIBXL_SUSPEND_DEBUG 1 #define LIBXL_SUSPEND_LIVE 2 @@ -93,7 +93,7 @@ Signed-off-by: Olaf Hering dss->checkpointed_stream = LIBXL_CHECKPOINTED_STREAM_NONE; --- a/tools/libs/light/libxl_internal.h +++ b/tools/libs/light/libxl_internal.h -@@ -3655,9 +3655,11 @@ struct libxl__domain_save_state { +@@ -3652,9 +3652,11 @@ struct libxl__domain_save_state { libxl_domain_type type; int live; int debug; diff --git a/libxc-sr-max_iters.patch b/libxc-sr-max_iters.patch index bd6441f..ae1160c 100644 --- a/libxc-sr-max_iters.patch +++ b/libxc-sr-max_iters.patch @@ -46,7 +46,7 @@ Signed-off-by: Olaf Hering =item B [I] I I --- a/tools/include/libxl.h +++ b/tools/include/libxl.h -@@ -1819,6 +1819,7 @@ static inline int libxl_retrieve_domain_ +@@ -1858,6 +1858,7 @@ static inline int libxl_retrieve_domain_ typedef struct { uint32_t flags; /* LIBXL_SUSPEND_* */ @@ -77,7 +77,7 @@ Signed-off-by: Olaf Hering dss->checkpointed_stream = LIBXL_CHECKPOINTED_STREAM_NONE; --- a/tools/libs/light/libxl_internal.h +++ b/tools/libs/light/libxl_internal.h -@@ -3656,6 +3656,7 @@ struct libxl__domain_save_state { +@@ -3653,6 +3653,7 @@ struct libxl__domain_save_state { int live; int debug; int checkpointed_stream; diff --git a/libxc-sr-min_remaining.patch b/libxc-sr-min_remaining.patch index 3eddda3..855a03a 100644 --- a/libxc-sr-min_remaining.patch +++ b/libxc-sr-min_remaining.patch @@ -51,7 +51,7 @@ Signed-off-by: Olaf Hering =item B [I] I I --- a/tools/include/libxl.h +++ b/tools/include/libxl.h -@@ -1820,6 +1820,7 @@ static inline int libxl_retrieve_domain_ +@@ -1859,6 +1859,7 @@ static inline int libxl_retrieve_domain_ typedef struct { uint32_t flags; /* LIBXL_SUSPEND_* */ uint32_t max_iters; @@ -82,7 +82,7 @@ Signed-off-by: Olaf Hering dss->checkpointed_stream = LIBXL_CHECKPOINTED_STREAM_NONE; --- a/tools/libs/light/libxl_internal.h +++ b/tools/libs/light/libxl_internal.h -@@ -3657,6 +3657,7 @@ struct libxl__domain_save_state { +@@ -3654,6 +3654,7 @@ struct libxl__domain_save_state { int debug; int checkpointed_stream; uint32_t max_iters; diff --git a/libxc-sr-number-of-iterations.patch b/libxc-sr-number-of-iterations.patch index b1be9db..4f11558 100644 --- a/libxc-sr-number-of-iterations.patch +++ b/libxc-sr-number-of-iterations.patch @@ -13,7 +13,7 @@ iterations for dirty memory, and a final copy iteration prior move. --- a/tools/libs/light/libxl_internal.h +++ b/tools/libs/light/libxl_internal.h -@@ -124,7 +124,7 @@ +@@ -125,7 +125,7 @@ #define DOMID_XS_PATH "domid" #define PVSHIM_BASENAME "xen-shim" #define PVSHIM_CMDLINE "pv-shim console=xen,pv" @@ -21,4 +21,4 @@ iterations for dirty memory, and a final copy iteration prior move. +#define LIBXL_XGS_POLICY_MAX_ITERATIONS 1 #define LIBXL_XGS_POLICY_TARGET_DIRTY_COUNT 50 - /* Size macros. */ + #define DIV_ROUNDUP(n, d) (((n) + (d) - 1) / (d)) diff --git a/libxc-sr-precopy_policy.patch b/libxc-sr-precopy_policy.patch index 13bd116..5fc286e 100644 --- a/libxc-sr-precopy_policy.patch +++ b/libxc-sr-precopy_policy.patch @@ -60,15 +60,15 @@ v02: dss->sws.dss = dss; --- a/tools/libs/light/libxl_internal.h +++ b/tools/libs/light/libxl_internal.h -@@ -124,6 +124,8 @@ +@@ -125,6 +125,8 @@ #define DOMID_XS_PATH "domid" #define PVSHIM_BASENAME "xen-shim" #define PVSHIM_CMDLINE "pv-shim console=xen,pv" +#define LIBXL_XGS_POLICY_MAX_ITERATIONS 5 +#define LIBXL_XGS_POLICY_TARGET_DIRTY_COUNT 50 - /* Size macros. */ - #define MB(_mb) (_AC(_mb, ULL) << 20) + #define DIV_ROUNDUP(n, d) (((n) + (d) - 1) / (d)) + --- a/tools/libs/light/libxl_save_msgs_gen.pl +++ b/tools/libs/light/libxl_save_msgs_gen.pl @@ -23,6 +23,7 @@ our @msgs = ( diff --git a/libxc-sr-readv_exact.patch b/libxc-sr-readv_exact.patch index ecb6e9b..ec865da 100644 --- a/libxc-sr-readv_exact.patch +++ b/libxc-sr-readv_exact.patch @@ -93,7 +93,7 @@ v2: struct iovec *local_iov = NULL; --- a/tools/libs/ctrl/xc_private.h +++ b/tools/libs/ctrl/xc_private.h -@@ -395,6 +395,7 @@ int xc_flush_mmu_updates(xc_interface *x +@@ -389,6 +389,7 @@ int xc_flush_mmu_updates(xc_interface *x /* Return 0 on success; -1 on error setting errno. */ int read_exact(int fd, void *data, size_t size); /* EOF => -1, errno=0 */ diff --git a/libxc-sr-track-migration-time.patch b/libxc-sr-track-migration-time.patch index 087ff90..80680a0 100644 --- a/libxc-sr-track-migration-time.patch +++ b/libxc-sr-track-migration-time.patch @@ -34,7 +34,7 @@ Signed-off-by: Olaf Hering uint32_t domid) { + int ret; - DECLARE_DOMCTL; + struct xen_domctl domctl = {}; domctl.cmd = XEN_DOMCTL_pausedomain; domctl.domain = domid; - return do_domctl(xch, &domctl); @@ -49,7 +49,7 @@ Signed-off-by: Olaf Hering uint32_t domid) { + int ret; - DECLARE_DOMCTL; + struct xen_domctl domctl = {}; domctl.cmd = XEN_DOMCTL_unpausedomain; domctl.domain = domid; - return do_domctl(xch, &domctl); diff --git a/libxl.LIBXL_HOTPLUG_TIMEOUT.patch b/libxl.LIBXL_HOTPLUG_TIMEOUT.patch index 0786765..7e72a28 100644 --- a/libxl.LIBXL_HOTPLUG_TIMEOUT.patch +++ b/libxl.LIBXL_HOTPLUG_TIMEOUT.patch @@ -85,7 +85,7 @@ the execution time of each script. --- a/tools/libs/light/libxl_create.c +++ b/tools/libs/light/libxl_create.c -@@ -1323,6 +1323,7 @@ static void initiate_domain_create(libxl +@@ -1345,6 +1345,7 @@ static void initiate_domain_create(libxl * build info around just to know if the domain has a device model or not. */ store_libxl_entry(gc, domid, &d_config->b_info); @@ -95,7 +95,7 @@ the execution time of each script. ret = libxl__disk_devtype.set_default(gc, domid, &d_config->disks[i], --- a/tools/libs/light/libxl_device.c +++ b/tools/libs/light/libxl_device.c -@@ -1296,7 +1296,7 @@ static void device_hotplug(libxl__egc *e +@@ -1309,7 +1309,7 @@ static void device_hotplug(libxl__egc *e } aes->ao = ao; @@ -104,7 +104,7 @@ the execution time of each script. aes->env = env; aes->args = args; aes->callback = device_hotplug_child_death_cb; -@@ -1305,6 +1305,15 @@ static void device_hotplug(libxl__egc *e +@@ -1318,6 +1318,15 @@ static void device_hotplug(libxl__egc *e aes->stdfds[1] = 2; aes->stdfds[2] = -1; @@ -278,7 +278,7 @@ the execution time of each script. #include #include -@@ -1629,6 +1630,7 @@ struct libxl__xswait_state { +@@ -1626,6 +1627,7 @@ struct libxl__xswait_state { const char *what; /* for error msgs: noun phrase, what we're waiting for */ const char *path; int timeout_ms; /* as for poll(2) */ @@ -286,7 +286,7 @@ the execution time of each script. libxl__xswait_callback *callback; /* remaining fields are private to xswait */ libxl__ev_time time_ev; -@@ -2707,6 +2709,7 @@ struct libxl__async_exec_state { +@@ -2704,6 +2706,7 @@ struct libxl__async_exec_state { char **args; /* execution arguments */ char **env; /* execution environment */ @@ -294,7 +294,7 @@ the execution time of each script. /* private */ libxl__ev_time time; libxl__ev_child child; -@@ -4896,6 +4899,9 @@ _hidden int userlookup_helper_getpwuid(l +@@ -4893,6 +4896,9 @@ _hidden int userlookup_helper_getpwuid(l #endif diff --git a/libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch b/libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch index 456d3d8..0ef730c 100644 --- a/libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch +++ b/libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch @@ -7,11 +7,11 @@ https://bugzilla.novell.com/show_bug.cgi?id=879425 tools/libxl/libxlu_disk_l.l | 1 + 5 files changed, 18 insertions(+), 1 deletion(-) -Index: xen-4.18.0-testing/docs/man/xl-disk-configuration.5.pod.in +Index: xen-4.19.0-testing/docs/man/xl-disk-configuration.5.pod.in =================================================================== ---- xen-4.18.0-testing.orig/docs/man/xl-disk-configuration.5.pod.in -+++ xen-4.18.0-testing/docs/man/xl-disk-configuration.5.pod.in -@@ -337,6 +337,32 @@ No +--- xen-4.19.0-testing.orig/docs/man/xl-disk-configuration.5.pod.in ++++ xen-4.19.0-testing/docs/man/xl-disk-configuration.5.pod.in +@@ -339,6 +339,32 @@ No discard @@ -44,13 +44,13 @@ Index: xen-4.18.0-testing/docs/man/xl-disk-configuration.5.pod.in =back An advisory setting for the backend driver, specifying whether to -Index: xen-4.18.0-testing/tools/include/libxl.h +Index: xen-4.19.0-testing/tools/include/libxl.h =================================================================== ---- xen-4.18.0-testing.orig/tools/include/libxl.h -+++ xen-4.18.0-testing/tools/include/libxl.h -@@ -584,6 +584,21 @@ - */ - #define LIBXL_HAVE_CONSOLE_ADD_XENSTORE 1 +--- xen-4.19.0-testing.orig/tools/include/libxl.h ++++ xen-4.19.0-testing/tools/include/libxl.h +@@ -603,6 +603,21 @@ + #define LIBXL_HAVE_P9_ADD 1 + /* + * The libxl_device_disk has no way to indicate that cache=unsafe is + * supposed to be used. Provide this knob without breaking the ABI. @@ -70,11 +70,11 @@ Index: xen-4.18.0-testing/tools/include/libxl.h * libxl ABI compatibility * * The only guarantee which libxl makes regarding ABI compatibility -Index: xen-4.18.0-testing/tools/libs/light/libxl_disk.c +Index: xen-4.19.0-testing/tools/libs/light/libxl_disk.c =================================================================== ---- xen-4.18.0-testing.orig/tools/libs/light/libxl_disk.c -+++ xen-4.18.0-testing/tools/libs/light/libxl_disk.c -@@ -422,6 +422,8 @@ static void device_disk_add(libxl__egc * +--- xen-4.19.0-testing.orig/tools/libs/light/libxl_disk.c ++++ xen-4.19.0-testing/tools/libs/light/libxl_disk.c +@@ -464,6 +464,8 @@ static void device_disk_add(libxl__egc * flexarray_append_pair(back, "discard-enable", libxl_defbool_val(disk->discard_enable) ? "1" : "0"); @@ -83,10 +83,10 @@ Index: xen-4.18.0-testing/tools/libs/light/libxl_disk.c flexarray_append(back, "specification"); flexarray_append(back, libxl__device_disk_string_of_specification(disk->specification)); if (disk->specification == LIBXL_DISK_SPECIFICATION_VIRTIO) { -Index: xen-4.18.0-testing/tools/libs/light/libxl_dm.c +Index: xen-4.19.0-testing/tools/libs/light/libxl_dm.c =================================================================== ---- xen-4.18.0-testing.orig/tools/libs/light/libxl_dm.c -+++ xen-4.18.0-testing/tools/libs/light/libxl_dm.c +--- xen-4.19.0-testing.orig/tools/libs/light/libxl_dm.c ++++ xen-4.19.0-testing/tools/libs/light/libxl_dm.c @@ -1019,14 +1019,27 @@ enum { LIBXL__COLO_SECONDARY, }; @@ -164,7 +164,7 @@ Index: xen-4.18.0-testing/tools/libs/light/libxl_dm.c break; default: abort(); -@@ -1998,8 +2013,8 @@ static int libxl__build_device_model_arg +@@ -1997,8 +2012,8 @@ static int libxl__build_device_model_arg return ERROR_INVAL; } flexarray_vappend(dm_args, "-drive", @@ -175,10 +175,10 @@ Index: xen-4.18.0-testing/tools/libs/light/libxl_dm.c "-device", GCSPRINTF("ide-hd,bus=ahci0.%d,unit=0,drive=ahcidisk-%d", disk, disk), NULL); continue; -Index: xen-4.18.0-testing/tools/libs/util/libxlu_disk.c +Index: xen-4.19.0-testing/tools/libs/util/libxlu_disk.c =================================================================== ---- xen-4.18.0-testing.orig/tools/libs/util/libxlu_disk.c -+++ xen-4.18.0-testing/tools/libs/util/libxlu_disk.c +--- xen-4.19.0-testing.orig/tools/libs/util/libxlu_disk.c ++++ xen-4.19.0-testing/tools/libs/util/libxlu_disk.c @@ -78,6 +78,8 @@ int xlu_disk_parse(XLU_Config *cfg, if (!disk->pdev_path || !strcmp(disk->pdev_path, "")) disk->format = LIBXL_DISK_FORMAT_EMPTY; @@ -188,10 +188,10 @@ Index: xen-4.18.0-testing/tools/libs/util/libxlu_disk.c if (!disk->vdev) { xlu__disk_err(&dpc,0, "no vdev specified"); -Index: xen-4.18.0-testing/tools/libs/util/libxlu_disk_i.h +Index: xen-4.19.0-testing/tools/libs/util/libxlu_disk_i.h =================================================================== ---- xen-4.18.0-testing.orig/tools/libs/util/libxlu_disk_i.h -+++ xen-4.18.0-testing/tools/libs/util/libxlu_disk_i.h +--- xen-4.19.0-testing.orig/tools/libs/util/libxlu_disk_i.h ++++ xen-4.19.0-testing/tools/libs/util/libxlu_disk_i.h @@ -10,7 +10,7 @@ typedef struct { void *scanner; YY_BUFFER_STATE buf; @@ -201,10 +201,10 @@ Index: xen-4.18.0-testing/tools/libs/util/libxlu_disk_i.h const char *spec; } DiskParseContext; -Index: xen-4.18.0-testing/tools/libs/util/libxlu_disk_l.l +Index: xen-4.19.0-testing/tools/libs/util/libxlu_disk_l.l =================================================================== ---- xen-4.18.0-testing.orig/tools/libs/util/libxlu_disk_l.l -+++ xen-4.18.0-testing/tools/libs/util/libxlu_disk_l.l +--- xen-4.19.0-testing.orig/tools/libs/util/libxlu_disk_l.l ++++ xen-4.19.0-testing/tools/libs/util/libxlu_disk_l.l @@ -216,6 +216,7 @@ colo-port=[^,]*,? { STRIP(','); setcolop colo-export=[^,]*,? { STRIP(','); SAVESTRING("colo-export", colo_export, FROMEQUALS); } active-disk=[^,]*,? { STRIP(','); SAVESTRING("active-disk", active_disk, FROMEQUALS); } diff --git a/migration-python3-conversion.patch b/migration-python3-conversion.patch deleted file mode 100644 index 5381616..0000000 --- a/migration-python3-conversion.patch +++ /dev/null @@ -1,63 +0,0 @@ -Index: xen-4.18.0-testing/tools/python/xen/migration/legacy.py -=================================================================== ---- xen-4.18.0-testing.orig/tools/python/xen/migration/legacy.py -+++ xen-4.18.0-testing/tools/python/xen/migration/legacy.py -@@ -1,3 +1,4 @@ -+#!/usr/bin/python3 - # -*- coding: utf-8 -*- - - """ -Index: xen-4.18.0-testing/tools/python/xen/migration/libxc.py -=================================================================== ---- xen-4.18.0-testing.orig/tools/python/xen/migration/libxc.py -+++ xen-4.18.0-testing/tools/python/xen/migration/libxc.py -@@ -1,3 +1,4 @@ -+#!/usr/bin/python3 - # -*- coding: utf-8 -*- - - """ -Index: xen-4.18.0-testing/tools/python/xen/migration/libxl.py -=================================================================== ---- xen-4.18.0-testing.orig/tools/python/xen/migration/libxl.py -+++ xen-4.18.0-testing/tools/python/xen/migration/libxl.py -@@ -1,3 +1,4 @@ -+#!/usr/bin/python3 - # -*- coding: utf-8 -*- - - """ -Index: xen-4.18.0-testing/tools/python/xen/migration/public.py -=================================================================== ---- xen-4.18.0-testing.orig/tools/python/xen/migration/public.py -+++ xen-4.18.0-testing/tools/python/xen/migration/public.py -@@ -1,3 +1,4 @@ -+#!/usr/bin/python3 - # -*- coding: utf-8 -*- - - """ -Index: xen-4.18.0-testing/tools/python/xen/migration/tests.py -=================================================================== ---- xen-4.18.0-testing.orig/tools/python/xen/migration/tests.py -+++ xen-4.18.0-testing/tools/python/xen/migration/tests.py -@@ -1,3 +1,4 @@ -+#!/usr/bin/python3 - # -*- coding: utf-8 -*- - - """ -Index: xen-4.18.0-testing/tools/python/xen/migration/verify.py -=================================================================== ---- xen-4.18.0-testing.orig/tools/python/xen/migration/verify.py -+++ xen-4.18.0-testing/tools/python/xen/migration/verify.py -@@ -1,3 +1,4 @@ -+#!/usr/bin/python3 - # -*- coding: utf-8 -*- - - """ -Index: xen-4.18.0-testing/tools/python/xen/migration/xl.py -=================================================================== ---- xen-4.18.0-testing.orig/tools/python/xen/migration/xl.py -+++ xen-4.18.0-testing/tools/python/xen/migration/xl.py -@@ -1,3 +1,4 @@ -+#!/usr/bin/python3 - # -*- coding: utf-8 -*- - - """ diff --git a/mini-os.tar.bz2 b/mini-os.tar.bz2 index 3eed099..65b94da 100644 --- a/mini-os.tar.bz2 +++ b/mini-os.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:48c0d8f1909a0345243dc529047eb2bf7881139f8fdfb5bbf32b2a83b14a44ac -size 312038 +oid sha256:f06e0a7df8e90621815c9119c11adfd31b3240387b2eb1d9da37e73b98b35ee8 +size 320089 diff --git a/pygrub-boot-legacy-sles.patch b/pygrub-boot-legacy-sles.patch index 4327538..344aa77 100644 --- a/pygrub-boot-legacy-sles.patch +++ b/pygrub-boot-legacy-sles.patch @@ -1,8 +1,8 @@ -Index: xen-4.17.2-testing/tools/pygrub/src/pygrub +Index: xen-4.19.0-testing/tools/pygrub/src/pygrub =================================================================== ---- xen-4.17.2-testing.orig/tools/pygrub/src/pygrub -+++ xen-4.17.2-testing/tools/pygrub/src/pygrub -@@ -579,7 +579,7 @@ class Grub: +--- xen-4.19.0-testing.orig/tools/pygrub/src/pygrub ++++ xen-4.19.0-testing/tools/pygrub/src/pygrub +@@ -593,7 +593,7 @@ class Grub: self.cf.filename = f break if self.__dict__.get('cf', None) is None: @@ -11,7 +11,7 @@ Index: xen-4.17.2-testing/tools/pygrub/src/pygrub f = fs.open_file(self.cf.filename) # limit read size to avoid pathological cases buf = f.read(FS_READ_MAX) -@@ -754,6 +754,20 @@ def run_grub(file, entry, fs, cfg_args): +@@ -768,6 +768,20 @@ def run_grub(file, entry, fs, cfg_args): g = Grub(file, fs) @@ -32,7 +32,7 @@ Index: xen-4.17.2-testing/tools/pygrub/src/pygrub if list_entries: for i in range(len(g.cf.images)): img = g.cf.images[i] -@@ -840,6 +854,19 @@ def sniff_netware(fs, cfg): +@@ -854,6 +868,19 @@ def sniff_netware(fs, cfg): return cfg @@ -52,7 +52,7 @@ Index: xen-4.17.2-testing/tools/pygrub/src/pygrub def format_sxp(kernel, ramdisk, args): s = "linux (kernel %s)" % repr(kernel) if ramdisk: -@@ -918,7 +945,7 @@ if __name__ == "__main__": +@@ -932,7 +959,7 @@ if __name__ == "__main__": debug = False not_really = False output_format = "sxp" diff --git a/replace-obsolete-network-configuration-commands-in-s.patch b/replace-obsolete-network-configuration-commands-in-s.patch index 0d7a3eb..eb5f74b 100644 --- a/replace-obsolete-network-configuration-commands-in-s.patch +++ b/replace-obsolete-network-configuration-commands-in-s.patch @@ -16,11 +16,11 @@ brctl. Replace them by commands from iproute2 package. .../i386-dm/qemu-ifup-Linux | 5 +++-- 9 files changed, 26 insertions(+), 26 deletions(-) -Index: xen-4.17.0-testing/README +Index: xen-4.19.0-testing/README =================================================================== ---- xen-4.17.0-testing.orig/README -+++ xen-4.17.0-testing/README -@@ -61,8 +61,7 @@ provided by your OS distributor: +--- xen-4.19.0-testing.orig/README ++++ xen-4.19.0-testing/README +@@ -59,8 +59,7 @@ provided by your OS distributor: * Development install of GLib v2.0 (e.g. libglib2.0-dev) * Development install of Pixman (e.g. libpixman-1-dev) * pkg-config @@ -30,10 +30,10 @@ Index: xen-4.17.0-testing/README * GNU bison and GNU flex * ACPI ASL compiler (iasl) -Index: xen-4.17.0-testing/tools/hotplug/Linux/remus-netbuf-setup +Index: xen-4.19.0-testing/tools/hotplug/Linux/remus-netbuf-setup =================================================================== ---- xen-4.17.0-testing.orig/tools/hotplug/Linux/remus-netbuf-setup -+++ xen-4.17.0-testing/tools/hotplug/Linux/remus-netbuf-setup +--- xen-4.19.0-testing.orig/tools/hotplug/Linux/remus-netbuf-setup ++++ xen-4.19.0-testing/tools/hotplug/Linux/remus-netbuf-setup @@ -76,6 +76,7 @@ #specific setup code such as renaming. dir=$(dirname "$0") @@ -60,10 +60,10 @@ Index: xen-4.17.0-testing/tools/hotplug/Linux/remus-netbuf-setup check_ifb "$ifb" || continue REMUS_IFB="$ifb" break -Index: xen-4.17.0-testing/tools/hotplug/Linux/vif-bridge +Index: xen-4.19.0-testing/tools/hotplug/Linux/vif-bridge =================================================================== ---- xen-4.17.0-testing.orig/tools/hotplug/Linux/vif-bridge -+++ xen-4.17.0-testing/tools/hotplug/Linux/vif-bridge +--- xen-4.19.0-testing.orig/tools/hotplug/Linux/vif-bridge ++++ xen-4.19.0-testing/tools/hotplug/Linux/vif-bridge @@ -42,7 +42,8 @@ if [ -z "$bridge" ]; then if which brctl >&/dev/null; then bridge=$(brctl show | awk 'NR==2{print$1}') @@ -74,10 +74,10 @@ Index: xen-4.17.0-testing/tools/hotplug/Linux/vif-bridge fi if [ -z "$bridge" ] then -Index: xen-4.17.0-testing/tools/hotplug/Linux/vif-nat +Index: xen-4.19.0-testing/tools/hotplug/Linux/vif-nat =================================================================== ---- xen-4.17.0-testing.orig/tools/hotplug/Linux/vif-nat -+++ xen-4.17.0-testing/tools/hotplug/Linux/vif-nat +--- xen-4.19.0-testing.orig/tools/hotplug/Linux/vif-nat ++++ xen-4.19.0-testing/tools/hotplug/Linux/vif-nat @@ -172,7 +172,11 @@ case "$command" in ;; offline) @@ -91,10 +91,10 @@ Index: xen-4.17.0-testing/tools/hotplug/Linux/vif-nat ;; esac -Index: xen-4.17.0-testing/tools/hotplug/Linux/vif-route +Index: xen-4.19.0-testing/tools/hotplug/Linux/vif-route =================================================================== ---- xen-4.17.0-testing.orig/tools/hotplug/Linux/vif-route -+++ xen-4.17.0-testing/tools/hotplug/Linux/vif-route +--- xen-4.19.0-testing.orig/tools/hotplug/Linux/vif-route ++++ xen-4.19.0-testing/tools/hotplug/Linux/vif-route @@ -23,13 +23,23 @@ main_ip=$(dom0_ip) case "${command}" in @@ -121,10 +121,10 @@ Index: xen-4.17.0-testing/tools/hotplug/Linux/vif-route ipcmd='del' cmdprefix='do_without_error' ;; -Index: xen-4.17.0-testing/tools/hotplug/Linux/xen-network-common.sh +Index: xen-4.19.0-testing/tools/hotplug/Linux/xen-network-common.sh =================================================================== ---- xen-4.17.0-testing.orig/tools/hotplug/Linux/xen-network-common.sh -+++ xen-4.17.0-testing/tools/hotplug/Linux/xen-network-common.sh +--- xen-4.19.0-testing.orig/tools/hotplug/Linux/xen-network-common.sh ++++ xen-4.19.0-testing/tools/hotplug/Linux/xen-network-common.sh @@ -15,6 +15,12 @@ # diff --git a/stubdom.tar.bz2 b/stubdom.tar.bz2 index 1419de9..63afb0e 100644 --- a/stubdom.tar.bz2 +++ b/stubdom.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:e60d1310164c2ec47222381d45a609def533435f0dd08bf9935401f15dfa07ef -size 19767945 +oid sha256:7bbf10959de4f319861633267ea33f378051ede9ec2881862a54257b3447d4c9 +size 19767990 diff --git a/x86-ioapic-ack-default.patch b/x86-ioapic-ack-default.patch index 73f3db7..acdde0d 100644 --- a/x86-ioapic-ack-default.patch +++ b/x86-ioapic-ack-default.patch @@ -2,7 +2,7 @@ Change default IO-APIC ack mode for single IO-APIC systems to old-style. --- a/xen/arch/x86/io_apic.c +++ b/xen/arch/x86/io_apic.c -@@ -2076,7 +2076,10 @@ void __init setup_IO_APIC(void) +@@ -2071,7 +2071,10 @@ void __init setup_IO_APIC(void) io_apic_irqs = ~PIC_IRQS; printk("ENABLING IO-APIC IRQs\n"); diff --git a/xen-4.18.3-testing-src.tar.bz2 b/xen-4.18.3-testing-src.tar.bz2 deleted file mode 100644 index 3902a74..0000000 --- a/xen-4.18.3-testing-src.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:2916701c02d3ee12dc7a11d81e93dd052d292ac75a8e57c332b4d8e9aeaf3320 -size 5589023 diff --git a/xen-4.19.0-testing-src.tar.bz2 b/xen-4.19.0-testing-src.tar.bz2 new file mode 100644 index 0000000..978b286 --- /dev/null +++ b/xen-4.19.0-testing-src.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:6435f03f315fa9f47501779aaca9ed8db7fd95328df91393023e2c765e206d29 +size 5646136 diff --git a/xen-arch-kconfig-nr_cpus.patch b/xen-arch-kconfig-nr_cpus.patch index eff902d..52aaeee 100644 --- a/xen-arch-kconfig-nr_cpus.patch +++ b/xen-arch-kconfig-nr_cpus.patch @@ -1,11 +1,11 @@ -Index: xen-4.18.0-testing/xen/arch/Kconfig +Index: xen-4.19.0-testing/xen/arch/Kconfig =================================================================== ---- xen-4.18.0-testing.orig/xen/arch/Kconfig -+++ xen-4.18.0-testing/xen/arch/Kconfig +--- xen-4.19.0-testing.orig/xen/arch/Kconfig ++++ xen-4.19.0-testing/xen/arch/Kconfig @@ -7,7 +7,7 @@ config PHYS_ADDR_T_32 config NR_CPUS int "Maximum number of CPUs" - range 1 4095 + range 1 16383 - default "256" if X86 + default "1024" if X86 default "8" if ARM && RCAR3 diff --git a/xen-destdir.patch b/xen-destdir.patch index 893fdf0..73edaeb 100644 --- a/xen-destdir.patch +++ b/xen-destdir.patch @@ -1,7 +1,5 @@ -Index: xen-4.18.3-testing/tools/xs-clients/Makefile -=================================================================== ---- xen-4.18.3-testing.orig/tools/xs-clients/Makefile -+++ xen-4.18.3-testing/tools/xs-clients/Makefile +--- a/tools/xs-clients/Makefile ++++ b/tools/xs-clients/Makefile @@ -29,7 +29,7 @@ all: $(TARGETS) clients: xenstore $(CLIENTS) xenstore-control @@ -20,10 +18,8 @@ Index: xen-4.18.3-testing/tools/xs-clients/Makefile done .PHONY: uninstall -Index: xen-4.18.3-testing/tools/xenstored/Makefile -=================================================================== ---- xen-4.18.3-testing.orig/tools/xenstored/Makefile -+++ xen-4.18.3-testing/tools/xenstored/Makefile +--- a/tools/xenstored/Makefile ++++ b/tools/xenstored/Makefile @@ -32,6 +32,7 @@ TAGS: install: all $(INSTALL_DIR) $(DESTDIR)$(sbindir) diff --git a/xen.bug1026236.suse_vtsc_tolerance.patch b/xen.bug1026236.suse_vtsc_tolerance.patch index 148cdb2..482d6f1 100644 --- a/xen.bug1026236.suse_vtsc_tolerance.patch +++ b/xen.bug1026236.suse_vtsc_tolerance.patch @@ -20,7 +20,7 @@ actually handle. The default is zero tolerance. unsigned long __read_mostly cpu_khz; /* CPU clock frequency in kHz. */ DEFINE_SPINLOCK(rtc_lock); unsigned long pit0_ticks; -@@ -2720,6 +2723,8 @@ int tsc_set_info(struct domain *d, +@@ -2797,6 +2800,8 @@ int tsc_set_info(struct domain *d, switch ( tsc_mode ) { @@ -29,7 +29,7 @@ actually handle. The default is zero tolerance. case XEN_CPUID_TSC_MODE_DEFAULT: case XEN_CPUID_TSC_MODE_ALWAYS_EMULATE: d->arch.vtsc_offset = get_s_time() - elapsed_nsec; -@@ -2733,8 +2738,25 @@ int tsc_set_info(struct domain *d, +@@ -2810,8 +2815,25 @@ int tsc_set_info(struct domain *d, * When a guest is created, gtsc_khz is passed in as zero, making * d->arch.tsc_khz == cpu_khz. Thus no need to check incarnation. */ diff --git a/xen.changes b/xen.changes index 0455625..7962988 100644 --- a/xen.changes +++ b/xen.changes @@ -1,10 +1,113 @@ +------------------------------------------------------------------- +Thu Sep 26 11:30:00 CEST 2024 - jbeulich@suse.com + +- bsc#1230366 - VUL-0: CVE-2024-45817: xen: x86: Deadlock in + vlapic_error() (XSA-462) + 66f2af41-x86-vLAPIC-undue-recursion-of-vlapic_error.patch + Drop xsa462.patch +- Upstream bug fixes (bsc#1027519) + 66cf737b-x86-Dom0-disable-SMAP-for-PV-only.patch + 66d6dca8-libxl-nul-termination-in-xen_console_read_line.patch + 66d8690f-SUPPORT-split-XSM-from-Flask.patch + 66e29480-x86-HVM-properly-reject-indirect-VRAM-writes.patch + 66e44ae2-x86-ucode-AMD-buffer-underrun.patch + 66f2fd92-x86-ucode-Intel-stricter-sanity-check.patch + ------------------------------------------------------------------- Tue Sep 10 09:54:34 MDT 2024 - carnold@suse.com - bsc#1230366 - VUL-0: CVE-2024-45817: xen: x86: Deadlock in - vlapic_error() (XSA-462) + vlapic_error() (XSA-462) xsa462.patch +------------------------------------------------------------------- +Fri Aug 30 07:32:58 UTC 2024 - Guillaume GARDET + +- Fix build on aarch64 with gcc14 (bsc#1225953) + 66d02b69-Arm64-adjust-irq_to_desc-to-fix-build-with-gcc14.patch + +------------------------------------------------------------------- +Thu Aug 15 15:13:42 MDT 2024 - carnold@suse.com + +- Update to Xen 4.19.0 FCS release (jsc#PED-8907) + xen-4.19.0-testing-src.tar.bz2 +- New Features + * On x86: + - Introduce a new x2APIC driver that uses Cluster Logical addressing mode + for IPIs and Physical addressing mode for external interrupts. + * On Arm: + - FF-A notification support. + - Introduction of dynamic node programming using overlay dtbo. + * Add a new 9pfs backend running as a daemon in dom0. First user is + Xenstore-stubdom now being able to support full Xenstore trace capability. + * libxl support for backendtype=tap with tapback. +- Changed Features + * Changed flexible array definitions in public I/O interface headers to not + use "1" as the number of array elements. + * The minimum supported OCaml toolchain version is now 4.05 + * On x86: + - HVM PIRQs are disabled by default. + - Reduce IOMMU setup time for hardware domain. + - Allow HVM/PVH domains to map foreign pages. + - Declare PVH dom0 supported with caveats. + * xl/libxl configures vkb=[] for HVM domains with priority over vkb_device. + * Increase the maximum number of CPUs Xen can be built for from 4095 to + 16383. + * When building with Systemd support (./configure --enable-systemd), remove + libsystemd as a build dependency. Systemd Notify support is retained, now + using a standalone library implementation. + * xenalyze no longer requires `--svm-mode` when analyzing traces + generated on AMD CPUs + * Code symbol annotations and MISRA compliance improvements. +- Removed Features + * caml-stubdom. It hasn't built since 2014, was pinned to Ocaml 4.02, and has + been superseded by the MirageOS/SOLO5 projects. + * /usr/bin/pygrub symlink. This was deprecated in Xen 4.2 (2012) but left for + compatibility reasons. VMs configured with bootloader="/usr/bin/pygrub" + should be updated to just bootloader="pygrub". + * The Xen gdbstub on x86. + * xentrace_format has been removed; use xenalyze instead. +- Dropped patches contained in new tarball + 6617d62c-x86-hvm-Misra-Rule-19-1-regression.patch + 6627a4ee-vRTC-UIP-set-for-longer-than-expected.patch + 6627a5fc-x86-MTRR-inverted-WC-check.patch + 662a6a4c-x86-spec-reporting-of-BHB-clearing.patch + 662a6a8d-x86-spec-adjust-logic-to-elide-LFENCE.patch + 663090fd-x86-gen-cpuid-syntax.patch + 663a383c-libxs-open-xenbus-fds-as-O_CLOEXEC.patch + 663a4f3e-x86-cpu-policy-migration-IceLake-to-CascadeLake.patch + 663d05b5-x86-ucode-distinguish-up-to-date.patch + 663eaa27-libxl-XenStore-error-handling-in-device-creation.patch + 66450626-sched-set-all-sched_resource-data-inside-locked.patch + 66450627-x86-respect-mapcache_domain_init-failing.patch + 6646031f-x86-ucode-further-identify-already-up-to-date.patch + 6666ba52-x86-irq-remove-offline-CPUs-from-old-CPU-mask-when.patch + 666994ab-x86-SMP-no-shorthand-IPI-in-hotplug.patch + 666994f0-x86-IRQ-limit-interrupt-movement-in-fixup_irqs.patch + 666b07ee-x86-EPT-special-page-in-epte_get_entry_emt.patch + 666b0819-x86-EPT-avoid-marking-np-ents-for-reconfig.patch + 666b085a-x86-EPT-drop-questionable-mfn_valid-from-.patch + 667187cc-x86-Intel-unlock-CPUID-earlier.patch + 66718849-x86-IRQ-old_cpu_mask-in-fixup_irqs.patch + 6671885e-x86-IRQ-handle-moving-in-_assign_irq_vector.patch + 6672c846-x86-xstate-initialisation-of-XSS-cache.patch + 6672c847-x86-CPUID-XSAVE-dynamic-leaves.patch + 6673ffdc-x86-IRQ-forward-pending-to-new-dest-in-fixup_irqs.patch + xsa458.patch +- Dropped patches no longer necessary + bin-python3-conversion.patch + migration-python3-conversion.patch + +------------------------------------------------------------------- +Wed Aug 14 14:10:47 MDT 2024 - carnold@suse.com + +- bsc#1228574 - VUL-0: CVE-2024-31145: xen: error handling in x86 + IOMMU identity mapping (XSA-460) + 66bb6f78-x86-IOMMU-move-tracking-in-iommu_identity_mapping.patch +- bsc#1228575 - VUL-0: CVE-2024-31146: xen: PCI device pass-through + with shared resources (XSA-461) + 66bb6fa5-x86-pass-through-document-as-security-unsupported.patch + ------------------------------------------------------------------- Wed Aug 14 11:33:39 MDT 2024 - carnold@suse.com @@ -42,6 +145,17 @@ Wed Aug 14 11:33:39 MDT 2024 - carnold@suse.com 6673ffdc-x86-IRQ-forward-pending-to-new-dest-in-fixup_irqs.patch xsa458.patch +------------------------------------------------------------------- +Wed Aug 7 08:06:00 CEST 2024 - jbeulich@suse.com + +- Upstream bug fixes (bsc#1027519) + 66a8b8ac-bunzip2-rare-failure.patch + +------------------------------------------------------------------- +Tue Jul 23 09:43:13 UTC 2024 - Franz Sirl + +- Enable support for ZSTD and LZO compression formats + ------------------------------------------------------------------- Wed Jul 3 12:41:39 MDT 2024 - carnold@suse.com diff --git a/xen.libxl.dmmd.patch b/xen.libxl.dmmd.patch index 096d920..4732eb0 100644 --- a/xen.libxl.dmmd.patch +++ b/xen.libxl.dmmd.patch @@ -9,7 +9,7 @@ References: bsc#954872 --- a/tools/libs/light/libxl_disk.c +++ b/tools/libs/light/libxl_disk.c -@@ -203,7 +203,7 @@ static int libxl__device_disk_setdefault +@@ -237,7 +237,7 @@ static int libxl__device_disk_setdefault return rc; } @@ -18,9 +18,9 @@ References: bsc#954872 const libxl_device_disk *disk, libxl__device *device) { -@@ -372,6 +372,10 @@ static void device_disk_add(libxl__egc * - rc = ERROR_FAIL; - goto out; +@@ -414,6 +414,10 @@ static void device_disk_add(libxl__egc * + assert(device->backend_kind == LIBXL__DEVICE_KIND_VBD3); + break; case LIBXL_DISK_BACKEND_QDISK: + if (disk->script) { + script = libxl__abs_path(gc, disk->script, libxl__xen_script_dir_path()); @@ -31,8 +31,8 @@ References: bsc#954872 libxl__device_disk_string_of_format(disk->format), --- a/tools/libs/light/libxl_device.c +++ b/tools/libs/light/libxl_device.c -@@ -351,7 +351,8 @@ static int disk_try_backend(disk_try_bac - return 0; +@@ -361,7 +361,8 @@ static int disk_try_backend(disk_try_bac + return backend; case LIBXL_DISK_BACKEND_QDISK: - if (a->disk->script) goto bad_script; @@ -89,7 +89,7 @@ References: bsc#954872 disks[i].vdev); --- a/tools/libs/util/libxlu_disk_l.l +++ b/tools/libs/util/libxlu_disk_l.l -@@ -253,6 +253,8 @@ target=.* { STRIP(','); SAVESTRING("targ +@@ -256,6 +256,8 @@ target=.* { STRIP(','); SAVESTRING("targ free(newscript); } @@ -100,7 +100,7 @@ References: bsc#954872 aio:/.* { DPC->had_depr_prefix=1; DEPRECATE(0); } --- a/tools/libs/light/libxl_internal.h +++ b/tools/libs/light/libxl_internal.h -@@ -2073,6 +2073,10 @@ _hidden char *libxl__object_to_json(libx +@@ -2070,6 +2070,10 @@ _hidden char *libxl__object_to_json(libx _hidden int libxl__cpuid_legacy(libxl_ctx *ctx, uint32_t domid, bool retore, libxl_domain_build_info *info); diff --git a/xen.spec b/xen.spec index 5b8ae1f..be8c0d9 100644 --- a/xen.spec +++ b/xen.spec @@ -26,9 +26,11 @@ # Keep it at the original location (/usr/lib) for backward compatibility %define _libexecdir /usr/lib +%{?!primary_python:%define primary_python python3} + Name: xen ExclusiveArch: %ix86 x86_64 aarch64 -%define xen_build_dir xen-4.18.3-testing +%define xen_build_dir xen-4.19.0-testing # %define with_gdbsx 0 %define with_dom0_support 0 @@ -96,6 +98,8 @@ BuildRequires: makeinfo %endif %endif BuildRequires: acpica +BuildRequires: libzstd-devel +BuildRequires: lzo-devel BuildRequires: ncurses-devel BuildRequires: openssl-devel BuildRequires: python3-devel @@ -117,14 +121,15 @@ BuildRequires: makeinfo %ifarch x86_64 BuildRequires: pesign-obs-integration %endif +BuildRequires: python-rpm-macros Provides: installhint(reboot-needed) -Version: 4.18.3_04 +Version: 4.19.0_04 Release: 0 Summary: Xen Virtualization: Hypervisor (aka VMM aka Microkernel) License: GPL-2.0-only Group: System/Kernel -Source0: xen-4.18.3-testing-src.tar.bz2 +Source0: xen-4.19.0-testing-src.tar.bz2 Source1: stubdom.tar.bz2 Source2: mini-os.tar.bz2 Source9: xen.changes @@ -154,9 +159,18 @@ Source10183: xen_maskcalc.py # For xen-libs Source99: baselibs.conf # Upstream patches -Patch1: 6617d62c-x86-hvm-Misra-Rule-19-1-regression.patch +Patch1: 66a8b8ac-bunzip2-rare-failure.patch +Patch2: 66bb6f78-x86-IOMMU-move-tracking-in-iommu_identity_mapping.patch +Patch3: 66bb6fa5-x86-pass-through-document-as-security-unsupported.patch +Patch4: 66cf737b-x86-Dom0-disable-SMAP-for-PV-only.patch +Patch5: 66d02b69-Arm64-adjust-irq_to_desc-to-fix-build-with-gcc14.patch +Patch6: 66d6dca8-libxl-nul-termination-in-xen_console_read_line.patch +Patch7: 66d8690f-SUPPORT-split-XSM-from-Flask.patch +Patch8: 66e29480-x86-HVM-properly-reject-indirect-VRAM-writes.patch +Patch9: 66e44ae2-x86-ucode-AMD-buffer-underrun.patch +Patch10: 66f2af41-x86-vLAPIC-undue-recursion-of-vlapic_error.patch +Patch11: 66f2fd92-x86-ucode-Intel-stricter-sanity-check.patch # EMBARGOED security fixes -Patch100: xsa462.patch # libxc Patch301: libxc-bitmap-long.patch Patch302: libxc-sr-xl-migration-debug.patch @@ -218,8 +232,6 @@ Patch466: libxl.helper_done-crash.patch Patch467: libxl.LIBXL_HOTPLUG_TIMEOUT.patch # python3 conversion patches Patch500: build-python3-conversion.patch -Patch501: migration-python3-conversion.patch -Patch502: bin-python3-conversion.patch # Hypervisor and PV driver Patches Patch600: xen.bug1026236.suse_vtsc_tolerance.patch Patch601: x86-ioapic-ack-default.patch @@ -283,8 +295,8 @@ Requires: qemu-arm Requires: %{name} = %{version}-%{release} Requires: %{name}-libs = %{version}-%{release} Recommends: multipath-tools -Requires: python3 -Requires: python3-curses +Requires: %{primary_python} +Requires: %{primary_python}-curses %ifarch %{ix86} x86_64 Requires: qemu-seabios %endif @@ -476,7 +488,7 @@ configure_flags="${configure_flags} --enable-stubdom" sed -i~ 's/ XENSTORETYPE=domain$/ XENSTORETYPE=daemon/' tools/hotplug/Linux/launch-xenstore.in configure_flags="${configure_flags} --disable-stubdom" %endif -export PYTHON="/usr/bin/python3" +export PYTHON=$(realpath /usr/bin/python3) configure_flags="${configure_flags} --disable-qemu-traditional" ./configure \ --disable-xen \ @@ -810,17 +822,18 @@ done # Xen utilities install -m755 %SOURCE36 %{buildroot}/usr/sbin/xen2libvirt install -m755 %SOURCE10183 %{buildroot}/usr/sbin/xen_maskcalc +%python3_fix_shebang rm -f %{buildroot}/etc/xen/README* # Example config mkdir -p %{buildroot}/etc/xen/{vm,examples,scripts} mv %{buildroot}/etc/xen/xlexample* %{buildroot}/etc/xen/examples rm -f %{buildroot}/etc/xen/examples/*nbd -install -m644 tools/xentrace/formats %{buildroot}/etc/xen/examples/xentrace_formats.txt # Scripts rm -f %{buildroot}/etc/xen/scripts/block-*nbd install -m755 %SOURCE21 %SOURCE22 %SOURCE23 %SOURCE24 %{buildroot}/etc/xen/scripts/ +install -m755 tools/pygrub/src/pygrub %{buildroot}/usr/bin/pygrub mkdir -p %{buildroot}/usr/lib/supportconfig/plugins install -m 755 %SOURCE13 %{buildroot}/usr/lib/supportconfig/plugins/xen @@ -977,7 +990,6 @@ rm -f %{buildroot}/usr/libexec/qemu-bridge-helper /usr/bin/pygrub /usr/bin/vchan-socket-proxy /usr/bin/xencov_split -/usr/bin/xentrace_format %ifarch x86_64 /usr/bin/xen-cpuid %endif diff --git a/xen.sysconfig-fillup.patch b/xen.sysconfig-fillup.patch index 64904ad..d1ba7af 100644 --- a/xen.sysconfig-fillup.patch +++ b/xen.sysconfig-fillup.patch @@ -18,10 +18,10 @@ Basically fillup removed all comments, and also the two added key=value lines. Prevent this by defining all keys, with empty values, so that consumers of the values will continue to use the built-in defaults. -Index: xen-4.16.0-testing/tools/hotplug/Linux/init.d/sysconfig.xencommons.in +Index: xen-4.19.0-testing/tools/hotplug/Linux/init.d/sysconfig.xencommons.in =================================================================== ---- xen-4.16.0-testing.orig/tools/hotplug/Linux/init.d/sysconfig.xencommons.in -+++ xen-4.16.0-testing/tools/hotplug/Linux/init.d/sysconfig.xencommons.in +--- xen-4.19.0-testing.orig/tools/hotplug/Linux/init.d/sysconfig.xencommons.in ++++ xen-4.19.0-testing/tools/hotplug/Linux/init.d/sysconfig.xencommons.in @@ -3,7 +3,9 @@ ## Default: "none" # @@ -55,20 +55,19 @@ Index: xen-4.16.0-testing/tools/hotplug/Linux/init.d/sysconfig.xencommons.in ## Type: string ## Default: unlimited -@@ -57,9 +59,10 @@ XENSTORED_ARGS= +@@ -57,8 +59,9 @@ XENSTORED_ARGS= ## Type: string ## Default: Not defined, tracing off # -# Log xenstored messages -+# Log xenstored messages if a non-empty value is assigned. - # Only evaluated if XENSTORETYPE is "daemon". -#XENSTORED_TRACE=[yes|on|1] ++# Log xenstored messages if a non-empty value is assigned. +# +XENSTORED_TRACE= ## Type: integer ## Default: 50 -@@ -75,14 +78,14 @@ XENSTORED_ARGS= +@@ -74,14 +77,14 @@ XENSTORED_ARGS= # # xenstore domain kernel. # Only evaluated if XENSTORETYPE is "domain". @@ -85,7 +84,7 @@ Index: xen-4.16.0-testing/tools/hotplug/Linux/init.d/sysconfig.xencommons.in ## Type: string ## Default: not set, no autoballooning of xenstore domain -@@ -93,7 +96,7 @@ XENSTORED_ARGS= +@@ -92,7 +95,7 @@ XENSTORED_ARGS= # - combination of both in form of : (e.g. 8:1/100), resulting # value will be the higher of both specifications # Only evaluated if XENSTORETYPE is "domain". @@ -94,7 +93,7 @@ Index: xen-4.16.0-testing/tools/hotplug/Linux/init.d/sysconfig.xencommons.in ## Type: string ## Default: "" -@@ -106,4 +109,4 @@ XENSTORE_DOMAIN_ARGS= +@@ -105,4 +108,4 @@ XENSTORE_DOMAIN_ARGS= #QEMU_XEN=@qemu_xen_path@ # Dom0 UUID diff --git a/xenstore-run-in-studomain.patch b/xenstore-run-in-studomain.patch index ab701f9..44f1865 100644 --- a/xenstore-run-in-studomain.patch +++ b/xenstore-run-in-studomain.patch @@ -11,7 +11,7 @@ References: fate#323663 - Run Xenstore in stubdomain # # Select type of xentore service. # -@@ -81,14 +81,14 @@ XENSTORED_TRACE= +@@ -80,14 +80,14 @@ XENSTORED_TRACE= XENSTORE_DOMAIN_KERNEL= ## Type: integer @@ -49,6 +49,6 @@ References: fate#323663 - Run Xenstore in stubdomain - [ -z "$XENSTORE_MAX_DOMAIN_SIZE" ] || XENSTORE_DOMAIN_ARGS="$XENSTORE_DOMAIN_ARGS --maxmem $XENSTORE_MAX_DOMAIN_SIZE" + [ -z "$XENSTORE_MAX_DOMAIN_SIZE" ] && XENSTORE_MAX_DOMAIN_SIZE="1/100" + XENSTORE_DOMAIN_ARGS="$XENSTORE_DOMAIN_ARGS --maxmem $XENSTORE_MAX_DOMAIN_SIZE" + [ -z "$XENSTORED_TRACE" ] || XENSTORE_DOMAIN_ARGS="$XENSTORE_DOMAIN_ARGS -T xenstored-trace.log" echo -n Starting $XENSTORE_DOMAIN_KERNEL... - ${LIBEXEC_BIN}/init-xenstore-domain $XENSTORE_DOMAIN_ARGS || exit 1 diff --git a/xenwatchdogd-restart.patch b/xenwatchdogd-restart.patch index f019cc0..2fb20dc 100644 --- a/xenwatchdogd-restart.patch +++ b/xenwatchdogd-restart.patch @@ -1,93 +1,104 @@ References: bsc#1178736 Allow restart of xenwatchdogd in case it terminated unexpectetly. -Index: xen-4.14.0-testing/tools/misc/xenwatchdogd.c +Index: xen-4.19.0-testing/tools/misc/xenwatchdogd.c =================================================================== ---- xen-4.14.0-testing.orig/tools/misc/xenwatchdogd.c -+++ xen-4.14.0-testing/tools/misc/xenwatchdogd.c -@@ -9,12 +9,16 @@ - #include - #include +--- xen-4.19.0-testing.orig/tools/misc/xenwatchdogd.c ++++ xen-4.19.0-testing/tools/misc/xenwatchdogd.c +@@ -21,6 +21,8 @@ #include + #include + #include +#include +#include - xc_interface *h; - int id = 0; + #define WDOG_MIN_TIMEOUT 2 + #define WDOG_MIN_SLEEP 1 +@@ -29,9 +31,11 @@ + static xc_interface *h; + static volatile bool safeexit = false; + static volatile bool done = false; +static const char id_file[] = "/run/xenwatchdog_id.txt"; --void daemonize(void) +-static void daemonize(void) +static void daemonize(const char *str) { + const char *err_str = ""; switch (fork()) { case -1: - err(1, "fork"); -@@ -23,7 +27,9 @@ void daemonize(void) + err(EXIT_FAILURE, "fork"); +@@ -40,7 +44,9 @@ static void daemonize(void) default: - exit(0); + exit(EXIT_SUCCESS); } - umask(0); +#define err(x,s) do { err_str = (s); goto out; } while (0) + openlog(str, LOG_CONS, LOG_DAEMON); + umask(~(S_IRUSR|S_IWUSR)); if (setsid() < 0) - err(1, "setsid"); + err(EXIT_FAILURE, "setsid"); if (chdir("/") < 0) -@@ -34,6 +40,10 @@ void daemonize(void) - err(1, "reopen stdout"); +@@ -51,6 +57,10 @@ static void daemonize(void) + err(EXIT_FAILURE, "reopen stdout"); if(freopen("/dev/null", "w", stderr) == NULL) - err(1, "reopen stderr"); + err(EXIT_FAILURE, "reopen stderr"); + return; +out: + syslog(LOG_ERR, "%s: %m", err_str); + exit(1); } - void catch_exit(int sig) -@@ -47,18 +57,21 @@ void catch_usr1(int sig) + static void catch_exit(int sig) +@@ -62,6 +72,7 @@ static void catch_usr1(int sig) { - if (id) - xc_watchdog(h, id, 0); + safeexit = true; + done = true; + unlink(id_file); - exit(0); } + static void __attribute__((noreturn)) usage(int exit_code) +@@ -98,10 +109,12 @@ static int parse_secs(const char *arg, c + int main(int argc, char **argv) { + FILE *f; + int id; int t, s; int ret; + bool daemon = true; + const char *err_str = ""; - if (argc < 2) - errx(1, "usage: %s ", argv[0]); + for ( ;; ) + { +@@ -160,7 +173,7 @@ int main(int argc, char **argv) + s = t / 2; -- daemonize(); -+ daemonize(basename(argv[0])); + if (daemon) +- daemonize(); ++ daemonize(basename(argv[0])); h = xc_interface_open(NULL, NULL, 0); if (h == NULL) -@@ -86,9 +99,25 @@ int main(int argc, char **argv) +@@ -177,9 +190,25 @@ int main(int argc, char **argv) if (signal(SIGUSR1, &catch_usr1) == SIG_ERR) - err(1, "signal"); + err(EXIT_FAILURE, "signal"); - id = xc_watchdog(h, 0, t); - if (id <= 0) -- err(1, "xc_watchdog setup"); +- err(EXIT_FAILURE, "xc_watchdog setup"); + f = fopen(id_file, "r"); + if (f) { + if (fscanf(f, "%d", &id) != 1) + id = -1; + if (id <= 0) -+ err(1, "xc_watchdog setup"); ++ err(EXIT_FAILURE, "xc_watchdog setup"); + syslog(LOG_INFO, "reusing id %d", id); + fclose(f); + } else { + id = xc_watchdog(h, 0, t); + syslog(LOG_INFO, "obtained id %d", id); + if (id <= 0) -+ err(1, "xc_watchdog setup"); ++ err(EXIT_FAILURE, "xc_watchdog setup"); + f = fopen(id_file, "w"); + if (f) { + fprintf(f, "%d\n", id); @@ -95,14 +106,14 @@ Index: xen-4.14.0-testing/tools/misc/xenwatchdogd.c + } + } - for (;;) { + while (!done) { sleep(s); -@@ -96,4 +125,8 @@ int main(int argc, char **argv) - if (ret != 0) - err(1, "xc_watchdog"); - } +@@ -191,4 +220,8 @@ int main(int argc, char **argv) + // Zero seconds timeout will disarm the watchdog timer + xc_watchdog(h, id, safeexit ? 0 : WDOG_EXIT_TIMEOUT); + return 0; + +out: + syslog(LOG_ERR, "%s: %m", err_str); -+ exit(1); ++ exit(EXIT_FAILURE); }