From e0da5782bff2156a36428e60e4c293cad6d130448aea12e79fc2faa1e45f18ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= Date: Sat, 4 May 2024 02:04:11 +0200 Subject: [PATCH] Sync from SUSE:SLFO:Main xen revision 2e30689375849799569c0a388d847125 --- .gitattributes | 23 + ...IC-remove-ACPI_FADT_APIC_CLUSTER-use.patch | 31 + ...-dont-assume-IRQs-always-target-CPU0.patch | 103 + 655b2ba9-fix-sched_move_domain.patch | 70 + README.SUSE | 704 + baselibs.conf | 1 + bin-python3-conversion.patch | 50 + block-dmmd | 384 + block-npiv | 129 + block-npiv-common.sh | 277 + block-npiv-vport | 79 + boot.local.xenU | 79 + boot.xen | 101 + build-python3-conversion.patch | 201 + etc_pam.d_xen-api | 7 + hibernate.patch | 44 + ignore-ip-command-script-errors.patch | 54 + init.pciback | 119 + libxc-bitmap-long.patch | 64 + ...c-sr-LIBXL_HAVE_DOMAIN_SUSPEND_PROPS.patch | 144 + libxc-sr-abort_if_busy.patch | 238 + libxc-sr-max_iters.patch | 148 + libxc-sr-min_remaining.patch | 173 + libxc-sr-number-of-iterations.patch | 24 + libxc-sr-precopy_policy.patch | 90 + libxc-sr-readv_exact.patch | 103 + ...sr-restore-handle_buffered_page_data.patch | 435 + ...sr-restore-handle_incoming_page_data.patch | 230 + libxc-sr-restore-hvm-legacy-superpage.patch | 701 + libxc-sr-restore-map_errs.patch | 101 + libxc-sr-restore-mfns.patch | 103 + libxc-sr-restore-pfns.patch | 108 + libxc-sr-restore-populate_pfns-mfns.patch | 111 + libxc-sr-restore-populate_pfns-pfns.patch | 89 + libxc-sr-restore-read_record.patch | 272 + libxc-sr-restore-types.patch | 93 + libxc-sr-save-errors.patch | 109 + libxc-sr-save-guest_data.patch | 123 + libxc-sr-save-iov.patch | 124 + libxc-sr-save-local_pages.patch | 218 + libxc-sr-save-mfns.patch | 132 + libxc-sr-save-rec_pfns.patch | 110 + libxc-sr-save-show_transfer_rate.patch | 116 + libxc-sr-save-types.patch | 154 + libxc-sr-track-migration-time.patch | 263 + libxc-sr-xg_sr_bitmap-populated_pfns.patch | 197 + libxc-sr-xg_sr_bitmap.patch | 141 + libxc-sr-xl-migration-debug.patch | 46 + libxl.LIBXL_HOTPLUG_TIMEOUT.patch | 318 + ...-disable-disk-cache-flushes-in-qdisk.patch | 215 + libxl.helper_done-crash.patch | 51 + libxl.max_event_channels.patch | 23 + logrotate.conf | 19 + migration-python3-conversion.patch | 63 + mini-os.tar.bz2 | 3 + pygrub-boot-legacy-sles.patch | 63 + pygrub-handle-one-line-menu-entries.patch | 59 + ...-network-configuration-commands-in-s.patch | 151 + stdvga-cache.patch | 16 + stubdom.tar.bz2 | 3 + suse-xendomains-service.patch | 20 + suspend_evtchn_lock.patch | 78 + sysconfig.pciback | 9 + vif-bridge-no-iptables.patch | 13 + vif-bridge-tap-fix.patch | 30 + vif-route.patch | 25 + x86-ioapic-ack-default.patch | 16 + xen-4.18.0-testing-src.tar.bz2 | 3 + xen-arch-kconfig-nr_cpus.patch | 13 + xen-destdir.patch | 30 + xen-dom0-modules.service | 16 + xen-supportconfig | 81 + xen.bug1026236.suse_vtsc_tolerance.patch | 58 + xen.build-compare.doc_html.patch | 31 + xen.changes | 14579 ++++++++++++++++ xen.libxl.dmmd.patch | 123 + xen.spec | 1245 ++ xen.sysconfig-fillup.patch | 102 + xen2libvirt.py | 137 + xen_maskcalc.py | 395 + xenapiusers | 1 + xencommons.service | 36 + xenconsole-no-multiple-connections.patch | 27 + xendomains-wait-disks.LICENSE | 674 + xendomains-wait-disks.README.md | 28 + xendomains-wait-disks.sh | 199 + xenstore-run-in-studomain.patch | 54 + xenwatchdogd-restart.patch | 108 + xl-conf-default-bridge.patch | 13 + xl-conf-disable-autoballoon.patch | 13 + xl-save-pc.patch | 180 + 91 files changed, 26737 insertions(+) create mode 100644 .gitattributes create mode 100644 654370e2-x86-x2APIC-remove-ACPI_FADT_APIC_CLUSTER-use.patch create mode 100644 65437103-x86-i8259-dont-assume-IRQs-always-target-CPU0.patch create mode 100644 655b2ba9-fix-sched_move_domain.patch create mode 100644 README.SUSE create mode 100644 baselibs.conf create mode 100644 bin-python3-conversion.patch create mode 100644 block-dmmd create mode 100644 block-npiv create mode 100644 block-npiv-common.sh create mode 100644 block-npiv-vport create mode 100644 boot.local.xenU create mode 100644 boot.xen create mode 100644 build-python3-conversion.patch create mode 100644 etc_pam.d_xen-api create mode 100644 hibernate.patch create mode 100644 ignore-ip-command-script-errors.patch create mode 100644 init.pciback create mode 100644 libxc-bitmap-long.patch create mode 100644 libxc-sr-LIBXL_HAVE_DOMAIN_SUSPEND_PROPS.patch create mode 100644 libxc-sr-abort_if_busy.patch create mode 100644 libxc-sr-max_iters.patch create mode 100644 libxc-sr-min_remaining.patch create mode 100644 libxc-sr-number-of-iterations.patch create mode 100644 libxc-sr-precopy_policy.patch create mode 100644 libxc-sr-readv_exact.patch create mode 100644 libxc-sr-restore-handle_buffered_page_data.patch create mode 100644 libxc-sr-restore-handle_incoming_page_data.patch create mode 100644 libxc-sr-restore-hvm-legacy-superpage.patch create mode 100644 libxc-sr-restore-map_errs.patch create mode 100644 libxc-sr-restore-mfns.patch create mode 100644 libxc-sr-restore-pfns.patch create mode 100644 libxc-sr-restore-populate_pfns-mfns.patch create mode 100644 libxc-sr-restore-populate_pfns-pfns.patch create mode 100644 libxc-sr-restore-read_record.patch create mode 100644 libxc-sr-restore-types.patch create mode 100644 libxc-sr-save-errors.patch create mode 100644 libxc-sr-save-guest_data.patch create mode 100644 libxc-sr-save-iov.patch create mode 100644 libxc-sr-save-local_pages.patch create mode 100644 libxc-sr-save-mfns.patch create mode 100644 libxc-sr-save-rec_pfns.patch create mode 100644 libxc-sr-save-show_transfer_rate.patch create mode 100644 libxc-sr-save-types.patch create mode 100644 libxc-sr-track-migration-time.patch create mode 100644 libxc-sr-xg_sr_bitmap-populated_pfns.patch create mode 100644 libxc-sr-xg_sr_bitmap.patch create mode 100644 libxc-sr-xl-migration-debug.patch create mode 100644 libxl.LIBXL_HOTPLUG_TIMEOUT.patch create mode 100644 libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch create mode 100644 libxl.helper_done-crash.patch create mode 100644 libxl.max_event_channels.patch create mode 100644 logrotate.conf create mode 100644 migration-python3-conversion.patch create mode 100644 mini-os.tar.bz2 create mode 100644 pygrub-boot-legacy-sles.patch create mode 100644 pygrub-handle-one-line-menu-entries.patch create mode 100644 replace-obsolete-network-configuration-commands-in-s.patch create mode 100644 stdvga-cache.patch create mode 100644 stubdom.tar.bz2 create mode 100644 suse-xendomains-service.patch create mode 100644 suspend_evtchn_lock.patch create mode 100644 sysconfig.pciback create mode 100644 vif-bridge-no-iptables.patch create mode 100644 vif-bridge-tap-fix.patch create mode 100644 vif-route.patch create mode 100644 x86-ioapic-ack-default.patch create mode 100644 xen-4.18.0-testing-src.tar.bz2 create mode 100644 xen-arch-kconfig-nr_cpus.patch create mode 100644 xen-destdir.patch create mode 100644 xen-dom0-modules.service create mode 100644 xen-supportconfig create mode 100644 xen.bug1026236.suse_vtsc_tolerance.patch create mode 100644 xen.build-compare.doc_html.patch create mode 100644 xen.changes create mode 100644 xen.libxl.dmmd.patch create mode 100644 xen.spec create mode 100644 xen.sysconfig-fillup.patch create mode 100644 xen2libvirt.py create mode 100644 xen_maskcalc.py create mode 100644 xenapiusers create mode 100644 xencommons.service create mode 100644 xenconsole-no-multiple-connections.patch create mode 100644 xendomains-wait-disks.LICENSE create mode 100644 xendomains-wait-disks.README.md create mode 100644 xendomains-wait-disks.sh create mode 100644 xenstore-run-in-studomain.patch create mode 100644 xenwatchdogd-restart.patch create mode 100644 xl-conf-default-bridge.patch create mode 100644 xl-conf-disable-autoballoon.patch create mode 100644 xl-save-pc.patch diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/654370e2-x86-x2APIC-remove-ACPI_FADT_APIC_CLUSTER-use.patch b/654370e2-x86-x2APIC-remove-ACPI_FADT_APIC_CLUSTER-use.patch new file mode 100644 index 0000000..f5d12a9 --- /dev/null +++ b/654370e2-x86-x2APIC-remove-ACPI_FADT_APIC_CLUSTER-use.patch @@ -0,0 +1,31 @@ +# Commit 26a449ce32cef33f2cb50602be19fcc0c4223ba9 +# Date 2023-11-02 10:50:26 +0100 +# Author Roger Pau Monné +# Committer Jan Beulich +x86/x2apic: remove usage of ACPI_FADT_APIC_CLUSTER + +The ACPI FADT APIC_CLUSTER flag mandates that when the interrupt delivery is +Logical mode APIC must be configured for Cluster destination model. However in +apic_x2apic_probe() such flag is incorrectly used to gate whether Physical mode +can be used. + +Since Xen when in x2APIC mode only uses Logical mode together with Cluster +model completely remove checking for ACPI_FADT_APIC_CLUSTER, as Xen always +fulfills the requirement signaled by the flag. + +Fixes: eb40ae41b658 ('x86/Kconfig: add option for default x2APIC destination mode') +Signed-off-by: Roger Pau Monné +Reviewed-by: Jan Beulich + +--- a/xen/arch/x86/genapic/x2apic.c ++++ b/xen/arch/x86/genapic/x2apic.c +@@ -231,8 +231,7 @@ const struct genapic *__init apic_x2apic + */ + x2apic_phys = iommu_intremap != iommu_intremap_full || + (acpi_gbl_FADT.flags & ACPI_FADT_APIC_PHYSICAL) || +- (IS_ENABLED(CONFIG_X2APIC_PHYSICAL) && +- !(acpi_gbl_FADT.flags & ACPI_FADT_APIC_CLUSTER)); ++ IS_ENABLED(CONFIG_X2APIC_PHYSICAL); + } + else if ( !x2apic_phys ) + switch ( iommu_intremap ) diff --git a/65437103-x86-i8259-dont-assume-IRQs-always-target-CPU0.patch b/65437103-x86-i8259-dont-assume-IRQs-always-target-CPU0.patch new file mode 100644 index 0000000..338d8f7 --- /dev/null +++ b/65437103-x86-i8259-dont-assume-IRQs-always-target-CPU0.patch @@ -0,0 +1,103 @@ +# Commit 87f37449d586b4d407b75235bb0a171e018e25ec +# Date 2023-11-02 10:50:59 +0100 +# Author Roger Pau Monné +# Committer Jan Beulich +x86/i8259: do not assume interrupts always target CPU0 + +Sporadically we have seen the following during AP bringup on AMD platforms +only: + +microcode: CPU59 updated from revision 0x830107a to 0x830107a, date = 2023-05-17 +microcode: CPU60 updated from revision 0x830104d to 0x830107a, date = 2023-05-17 +CPU60: No irq handler for vector 27 (IRQ -2147483648) +microcode: CPU61 updated from revision 0x830107a to 0x830107a, date = 2023-05-17 + +This is similar to the issue raised on Linux commit 36e9e1eab777e, where they +observed i8259 (active) vectors getting delivered to CPUs different than 0. + +On AMD or Hygon platforms adjust the target CPU mask of i8259 interrupt +descriptors to contain all possible CPUs, so that APs will reserve the vector +at startup if any legacy IRQ is still delivered through the i8259. Note that +if the IO-APIC takes over those interrupt descriptors the CPU mask will be +reset. + +Spurious i8259 interrupt vectors however (IRQ7 and IRQ15) can be injected even +when all i8259 pins are masked, and hence would need to be handled on all CPUs. + +Continue to reserve PIC vectors on CPU0 only, but do check for such spurious +interrupts on all CPUs if the vendor is AMD or Hygon. Note that once the +vectors get used by devices detecting PIC spurious interrupts will no longer be +possible, however the device driver should be able to cope with spurious +interrupts. Such PIC spurious interrupts occurring when the vector is in use +by a local APIC routed source will lead to an extra EOI, which might +unintentionally clear a different vector from ISR. Note this is already the +current behavior, so assume it's infrequent enough to not cause real issues. + +Finally, adjust the printed message to display the CPU where the spurious +interrupt has been received, so it looks like: + +microcode: CPU1 updated from revision 0x830107a to 0x830107a, date = 2023-05-17 +cpu1: spurious 8259A interrupt: IRQ7 +microcode: CPU2 updated from revision 0x830104d to 0x830107a, date = 2023-05-17 + +Amends: 3fba06ba9f8b ('x86/IRQ: re-use legacy vector ranges on APs') +Signed-off-by: Roger Pau Monné +Reviewed-by: Jan Beulich + +--- a/xen/arch/x86/i8259.c ++++ b/xen/arch/x86/i8259.c +@@ -222,7 +222,8 @@ static bool _mask_and_ack_8259A_irq(unsi + is_real_irq = false; + /* Report spurious IRQ, once per IRQ line. */ + if (!(spurious_irq_mask & irqmask)) { +- printk("spurious 8259A interrupt: IRQ%d.\n", irq); ++ printk("cpu%u: spurious 8259A interrupt: IRQ%u\n", ++ smp_processor_id(), irq); + spurious_irq_mask |= irqmask; + } + /* +@@ -349,7 +350,23 @@ void __init init_IRQ(void) + continue; + desc->handler = &i8259A_irq_type; + per_cpu(vector_irq, cpu)[LEGACY_VECTOR(irq)] = irq; +- cpumask_copy(desc->arch.cpu_mask, cpumask_of(cpu)); ++ ++ /* ++ * The interrupt affinity logic never targets interrupts to offline ++ * CPUs, hence it's safe to use cpumask_all here. ++ * ++ * Legacy PIC interrupts are only targeted to CPU0, but depending on ++ * the platform they can be distributed to any online CPU in hardware. ++ * Note this behavior has only been observed on AMD hardware. In order ++ * to cope install all active legacy vectors on all CPUs. ++ * ++ * IO-APIC will change the destination mask if/when taking ownership of ++ * the interrupt. ++ */ ++ cpumask_copy(desc->arch.cpu_mask, ++ (boot_cpu_data.x86_vendor & ++ (X86_VENDOR_AMD | X86_VENDOR_HYGON) ? &cpumask_all ++ : cpumask_of(cpu))); + desc->arch.vector = LEGACY_VECTOR(irq); + } + +--- a/xen/arch/x86/irq.c ++++ b/xen/arch/x86/irq.c +@@ -1920,7 +1920,16 @@ void do_IRQ(struct cpu_user_regs *regs) + kind = ""; + if ( !(vector >= FIRST_LEGACY_VECTOR && + vector <= LAST_LEGACY_VECTOR && +- !smp_processor_id() && ++ (!smp_processor_id() || ++ /* ++ * For AMD/Hygon do spurious PIC interrupt ++ * detection on all CPUs, as it has been observed ++ * that during unknown circumstances spurious PIC ++ * interrupts have been delivered to CPUs ++ * different than the BSP. ++ */ ++ (boot_cpu_data.x86_vendor & (X86_VENDOR_AMD | ++ X86_VENDOR_HYGON))) && + bogus_8259A_irq(vector - FIRST_LEGACY_VECTOR)) ) + { + printk("CPU%u: No irq handler for vector %02x (IRQ %d%s)\n", diff --git a/655b2ba9-fix-sched_move_domain.patch b/655b2ba9-fix-sched_move_domain.patch new file mode 100644 index 0000000..6223d48 --- /dev/null +++ b/655b2ba9-fix-sched_move_domain.patch @@ -0,0 +1,70 @@ +# Commit 4709ec82917668c2df958ef91b4f21c049c76bee +# Date 2023-11-20 10:49:29 +0100 +# Author Juergen Gross +# Committer Jan Beulich +xen/sched: fix sched_move_domain() + +When moving a domain out of a cpupool running with the credit2 +scheduler and having multiple run-queues, the following ASSERT() can +be observed: + +(XEN) Xen call trace: +(XEN) [] R credit2.c#csched2_unit_remove+0xe3/0xe7 +(XEN) [] S sched_move_domain+0x2f3/0x5b1 +(XEN) [] S cpupool.c#cpupool_move_domain_locked+0x1d/0x3b +(XEN) [] S cpupool_move_domain+0x24/0x35 +(XEN) [] S domain_kill+0xa5/0x116 +(XEN) [] S do_domctl+0xe5f/0x1951 +(XEN) [] S timer.c#timer_lock+0x69/0x143 +(XEN) [] S pv_hypercall+0x44e/0x4a9 +(XEN) [] S lstar_enter+0x137/0x140 +(XEN) +(XEN) +(XEN) **************************************** +(XEN) Panic on CPU 1: +(XEN) Assertion 'svc->rqd == c2rqd(sched_unit_master(unit))' failed at common/sched/credit2.c:1159 +(XEN) **************************************** + +This is happening as sched_move_domain() is setting a different cpu +for a scheduling unit without telling the scheduler. When this unit is +removed from the scheduler, the ASSERT() will trigger. + +In non-debug builds the result is usually a clobbered pointer, leading +to another crash a short time later. + +Fix that by swapping the two involved actions (setting another cpu and +removing the unit from the scheduler). + +Link: https://github.com/Dasharo/dasharo-issues/issues/488 +Fixes: 70fadc41635b ("xen/cpupool: support moving domain between cpupools with different granularity") +Signed-off-by: Juergen Gross +Reviewed-by: George Dunlap + +--- a/xen/common/sched/core.c ++++ b/xen/common/sched/core.c +@@ -732,18 +732,20 @@ int sched_move_domain(struct domain *d, + old_domdata = d->sched_priv; + + /* +- * Temporarily move all units to same processor to make locking +- * easier when moving the new units to the new processors. ++ * Remove all units from the old scheduler, and temporarily move them to ++ * the same processor to make locking easier when moving the new units to ++ * new processors. + */ + new_p = cpumask_first(d->cpupool->cpu_valid); + for_each_sched_unit ( d, unit ) + { +- spinlock_t *lock = unit_schedule_lock_irq(unit); ++ spinlock_t *lock; + ++ sched_remove_unit(old_ops, unit); ++ ++ lock = unit_schedule_lock_irq(unit); + sched_set_res(unit, get_sched_res(new_p)); + spin_unlock_irq(lock); +- +- sched_remove_unit(old_ops, unit); + } + + old_units = d->sched_unit_list; diff --git a/README.SUSE b/README.SUSE new file mode 100644 index 0000000..06b30b6 --- /dev/null +++ b/README.SUSE @@ -0,0 +1,704 @@ +README for the Xen packages +=========================== + +This file contains SUSE-specific instructions and suggestions for using Xen. + +For more in-depth documentation of using Xen on SUSE, consult the +virtualization chapter in the SLES or SUSE Linux manual, or read up-to-date +virtualization information, at +https://www.suse.com/documentation/sles11/singlehtml/book_xen/book_xen.html + +For more complete documentation on Xen itself, please install the xen-doc-html +package and read the documentation installed into /usr/share/doc/packages/xen/. + + +About +----- +Xen allows you to run multiple virtual machines on a single physical machine. + +See the Xen homepage for more information: + http://www.xenproject.org/ + +If you want to use Xen, you need to install the Xen hypervisor and a number of +supporting packages. During the initial SUSE installation (or when installing +from YaST) check-mark the "Xen Virtual Machine Host Server" pattern. If, +instead, you wish to install Xen manually later, click on the "Install +Hypervisor and Tools" icon in YaST. + +If you want to install and manage VMs graphically, be sure to install a +graphical desktop environment like KDE or GNOME. The following optional +packages are needed to manage VMs graphically. Note that "Install Hypervisor +and Tools" installs all the packages below: + virt-install (Optional, to install VMs) + virt-manager (Optional, to manage VMs graphically) + virt-viewer (Optional, to view VMs outside virt-manager) + vm-install (Optional, to install VMs with xl only) + +You then need to reboot your machine. Instead of booting a normal Linux +kernel, you will boot the Xen hypervisor and a slightly changed Linux kernel. +This Linux kernel runs in the first virtual machine and will drive most of +your hardware. + +This approach is called paravirtualization, since it is a partial +virtualization (the Linux kernel needs to be changed slightly, to make the +virtualization easier). It results in very good performance (consult +http://www.cl.cam.ac.uk/research/srg/netos/xen/performance.html) but has the +downside of unchanged operating systems not being supported. However, new +hardware features (e.g., Intel VT and AMD-V) are overcoming this limitation. + + +Terminology +----------- +The Xen open-source community has a number of terms that you should be +familiar with. + +A "domain" is Xen's term for a virtual machine. + +"Domain 0" is the first virtual machine. It can control all other virtual +machines. It also (usually) controls the physical hardware. A kernel used in +domain 0 may sometimes be referred to as a dom0 kernel. + +"Domain U" is any virtual machine other than domain 0. The "U" indicates it +is unprivileged (that is, it cannot control other domains). A kernel used in +an unprivileged domain may be referred to as a domU kernel. + +SUSE documentation will use the more industry-standard term "virtual +machine", or "VM", rather than "domain" where possible. And to that end, +domain 0 will be called the "virtual machine server", since it essentially the +server on which the other VMs run. All other domains are simply "virtual +machines". + +The acronym "HVM" refers to a hardware-assisted virtual machine. These are +VMs that have not been modified (e.g., Windows) and therefore need hardware +support such as Intel VT or AMD-V to run on Xen. + + +Kernels +------- +Xen supports two kinds of kernels: A privileged kernel (which boots the +machine, controls other VMs, and usually controls all your physical hardware) +and unprivileged kernels (which can't control other VMs, and usually don't need +drivers for physical hardware). The privileged kernel boots first (as the VM +server); an unprivileged kernel is used in all subsequent VMs. + +The VM server takes control of the boot process after Xen has initialized the +CPU and the memory. This VM contains a privileged kernel and all the hardware +drivers. + +For the other virtual machines, you usually don't need the hardware drivers. +(It is possible to hide a PCI device from the VM server and re-assign it to +another VM for direct access, but that is a more advanced topic.) Instead you +use virtual network and block device drivers in the unprivileged VMs to access +the physical network and block drivers in the VM server. + +For simplicity, SUSE ships a single Xen-enabled Linux kernel, rather than +separate privileged and unprivileged kernels. As most of the hardware drivers +are modules anyway, using this kernel as an unprivileged kernel has very +little extra overhead. + +The kernel is contained in the kernel-xen package, which you need to install to +use Xen. + + +Booting +------- +If you installed Xen during the initial SUSE installation, or installed one +of the kernel-xen* packages later, a "XEN" option should exist in your Grub +bootloader. Select that to boot SUSE on top of Xen. + +If you want to add additional entries, or modify the existing ones, you may +run the YaST2 Boot Loader program. + +Once you have booted this configuration successfully, you are running Xen with +a privileged kernel on top of it. + + +Xen Boot Parameters +------------------- +Normally, xen.gz requires no parameters. However, in special cases (such as +debugging or a dedicated VM server) you may wish to pass it parameters. + +Adding parameters to xen.gz can be done by editing the /etc/default/grub file. +Add the following line to this file; GRUB_CMDLINE_XEN_DEFAULT="". The +parameters may be valid options passed to xen.gz (the hypervisor). After +editing this file, you must first run 'grub2-mkconfig -o /boot/grub2/grub.cfg' +and then reboot for the changes to take effect. + +For more information on how to add options to the hypervisor, see the sections +below called; "Dom0 Memory Ballooning" and "Troubleshooting". + +For a more complete discussion of possible parameters, see the user +documentation in the xen-doc-html package. + + +Creating a VM with virt-install +------------------------------- +The virt-install program (part of the virt-install package, and accessible +through YaST's Control Center) is the recommended method to create VMs. This +program handles creating both the VM's libvirt XML definition and disk(s). +It can help install any operating system, not just SUSE. virt-install has both +a command line only mode and a graphical wizard mode that may be used to define +and start VM installations. + +virt-install may be launched from the virt-manager VM management tool. Start +virt-manager either from the YaST Control Center or from the command line. +The installation icon from the main virt-manager screen may be selected to +begin the virt-install installation wizard. + +The use of virt-install or virt-manager requires the installation of the +libvirt packages and the libvirt daemon must be running on the host unless +you are managing a remote host. + +Each VM needs to have its own root filesystem. The root filesystem can live +on a block device (e.g., a hard disk partition, or an LVM2 or EVMS volume) or +in a file that holds the filesystem image. + +VMs can share filesystems, such as /usr or /opt, that are mounted read-only +from _all_ VMs. Never try to share a filesystem that is mounted read-write; +filesystem corruption will result. For sharing writable data between VMs, use +NFS or other networked or cluster filesystems. + +When defining the virtual network adapter(s), we recommend using a static MAC +for the VM rather than allowing Xen to randomly select one each time the VM +boots. (See "Network Troubleshooting" below.) The Xen Project has been +allocated a range of MAC addresses with the OUI of 00-16-3E. By using MACs +from this range you can be sure they will not conflict with any physical +adapters. + +When the VM shuts down (because the installation -- or at least the first +stage of it -- is done), the wizard finalizes the VM's configuration and +restarts the VM. + +The creation of VMs can be automated; read the virt-install man page for more +details. The installation of an OS within the VM can be automated if the OS +supports it. + + +Creating a VM with vm-install +----------------------------- +The vm-install program is also provided to create VMs. Like virt-install, +this optional program handles creating both the VM's libvirt XML definition +and disk(s). It also creates a legacy configuration file for use with 'xl'. +It can help install any operating system, not just SUSE. + +From the command line, run "vm-install". If the DISPLAY environment variable +is set and the supporting packages (python-gtk) are installed, a graphical +wizard will start. Otherwise, a text wizard will start. If vm-install is +started with the '--use-xl' flag, it will not require libvirt nor attempt +to communicate with libvirt when creating a VM and instead will only use the +'xl' toolstack to start VM installations. + +Once you have the VM configured, click "OK". The wizard will now create a +configuration file for the VM, and create a disk image. The disk image will +exist in /var/lib/xen/images, and a corresponding configuration file will exist +in /etc/xen/vm. The operating system's installation program will then run +within the VM. + +When the VM shuts down (because the installation -- or at least the first +stage of it -- is done), the wizard finalizes the VM's configuration and +restarts the VM. + +The creation of VMs can be automated; read the vm-install man page for more +details. The installation of an OS within the VM can be automated if the OS +supports it. + + +Creating a VM Manually +---------------------- +If you create a VM manually (as opposed to using virt-install, which is the +recommended way), you will need to create a disk (or reuse an existing one) +and a configuration file. + +If you are using a disk or disk image that is already installed with an +operating system and you want the VM to run in paravirtual mode, you'll +probably need to replace its kernel with a Xen-enabled kernel. + +The kernel and ramdisk used to bootstrap the VM must match any kernel modules +that might be present in the VM's disk. It is possible to manually copy the +kernel and ramdisk from the VM's disk (for example, after updating the kernel +within that VM) to the VM server's filesystem. However, an easier (and less +error-prone) method is to use /usr/lib/grub2/x86_64-xen/grub.xen as the VM +kernel. When the new VM is started, it runs grub.xen to read the grub +configuration from the VM disk, selecting the configured kernel and ramdisk +so that it can be used to bootstrap the new VM. + +Next, make a copy of one of the /etc/xen/examples/* files, and modify it to +suit your needs. You'll need to change (at very least) the "name" and "disk" +parameters. See /etc/xen/examples/ for example configuration files. + + +Managing Virtual Machines +------------------------- +VMs can be managed from the command line using 'virsh' or from virt-manager. + +VMs created by virt-install or vm-install (without vm-install's --use-xl flag) +will automatically be defined in libvirt. VMs defined in libvirt may be managed +by virt-manager or from the command line using the 'virsh' command. However, +if you copy a VM from another machine and manually create a VM XML configuration +file, you will need to import it into libvirt with a command like: + virsh define /my-vm.xml +This imports the configuration into libvirt (and therefore virt-manager becomes +aware of it, also). + +Now to start the VM: + virsh start my-vm +or start it from virt-manager's graphical menu. + +Have a look at running VMs with "virsh list". Attach to the VM's text console +with "virsh console ". Attaching to multiple VM consoles is most +conveniently done with the terminal multiplexer "screen". + +Have a look at the other virsh commands by typing "virsh help". Note that most +virsh commands must be done as root. + + +Changes in the Xen VM Management Toolstack +------------------------------------------ +With SUSE Linux Enterprise Server 12, the way VMs are managed has changed +when compared with older SLES versions. Users familiar with the 'xm' command +and the xend management daemon will notice that these are absent. The xm/xend +toolstack has been replaced with the xl toolstack. The xl toolstack is +intended to remain backwards compatible with existing xm domain configuration +files. Most 'xm' commands can simply be replaced with 'xl'. One significant +difference is that xl does not support the concept of Managed Domains. The xl +command can only modify running VMs. Once the VM is shutdown, there is no +preserved state information other than what is saved in the configuration +file used to start the VM. In order to provide Managed Domains, users are +encouraged to use libvirt and it's tools to create and modify VMs. These +tools include the command line tool 'virsh' and the graphical tools +virt-manager and virt-install. + +Warning: Using xl commands to modify libvirt managed domains will result in +errors when virsh or virt-manager is used. Please use only virsh or +virt-manager to manage libvirt managed domains. If you are not using libvirt +managed domains then using xl commands is the correct way to modify running +domains. + + +Using the Mouse via VNC in Fully Virtual Mode +--------------------------------------------- +In a fully virtualized VM, the mouse may be emulated as a PS/2 mouse, USB +mouse, or USB tablet. The virt-install tool selects the best emulation that is +known to be automatically detected and supported by the operating system. + +However, when accessing some fully virtualized operating systems via VNC, the +mouse may be difficult to control if the VM is emulating a PS/2 mouse. PS/2 +provides mouse deltas, but VNC only provides absolute coordinates. In such +cases, you may want to manually switch the operating system and VM to use a +USB tablet. + +Emulation of a SummaSketch graphics tablet is provided for this reason. To +use the Summa emulation, you will need to configure your fully virtualized OS. +Note that the virtual tablet is connected to the second virtual serial port +(/dev/ttyS1 or COM2). + +Most Linux distributions ship with appropriate drivers, and only need to be +configured. To configure gpm, edit /etc/sysconfig/mouse and add these lines: +MOUSETYPE="summa" +XMOUSETYPE="SUMMA" +DEVICE=/dev/ttyS1 +The format and location of your configuration file could vary depending upon +your Linux distribution. The goal is to run the gpm daemon as follows: + gpm -t summa -m /dev/ttyS1 +X also needs to be configured to use the Summa emulation. Add the following +stanza to /etc/X11/xorg.conf, or use your distribution's tools to add these +settings: +Section "InputDevice" + Identifier "Mouse0" + Driver "summa" + Option "Device" "/dev/ttyS1" + Option "InputFashion" "Tablet" + Option "Mode" "Absolute" + Option "Name" "EasyPen" + Option "Compatible" "True" + Option "Protocol" "Auto" + Option "SendCoreEvents" "on" + Option "Vendor" "GENIUS" +EndSection +After making these changes, restart gpm and X. + + +HVM Console in Fully Virtual Mode +--------------------------------- +When running a VM in fully virtual mode, a special console is available that +provides some additional ways to control the VM. Press Ctrl-Alt-2 to access +the console; press Ctrl-Alt-1 to return to the VM. While at the console, +type "help" for help. + +The two most important commands are "send-key" and "change". The "send-key" +command allows you to send any key sequence to the VM, which might otherwise +be intercepted by your local window manager. + +The "change" command allows the target of a block device to be changed; for +example, use it to change from one CD ISO to another. Some versions of Xen +have this command disabled for security reasons. Consult the online +documentation for workarounds. + + +Networking +---------- +Your virtual machines become much more useful if you can reach them via the +network. Starting with openSUSE11.1 and SLE11, networking in domain 0 is +configured and managed via YaST. The yast2-networking module can be used +to create and manage bridged networks. During initial installation, a bridged +networking proposal will be presented if the "Xen Virtual Machine Host Server" +pattern is selected. The proposal will also be presented if you install Xen +after initial installation using the "Install Hypervisor and Tools" module in +YaST. + +The default proposal creates a virtual bridge in domain 0 for each active +ethernet device, enslaving the device to the bridge. Consider a machine +containing two ethernet devices (eth0 and eth1), both with active carriers. +YaST will create br0 and br1, enslaving the eth0 and eth1 devices repectively. + +VMs get a virtual network interface (e.g. eth0), which is visible in domain 0 +as vifN.0 and connected to the bridge. This means that if you set up an IP +address in the VMs belonging to the same subnet as br0 from your domain 0, +you'll be able to communicate not only with the other slave VMs, but also with +domain 0 and with the external network. If you have a DHCP server running in +your network, your VMs should succeed in getting an IP address. + +Be aware that this may have unwanted security implications. You may want to +opt for routing instead of bridging, so you can set up firewalling rules in +domain 0. + +Please read about the network configuration in the Xen manual. You can set up +bridging or routing for other interfaces also. + +For debugging, here's what happens on bootup of a domU: +- xenstored saves the device setup in xenstore +- domU is created +- vifN.0 shows up in domain 0 and a hotplug event is triggered +- hotplug is /sbin/udev; udev looks at /etc/udev/rules.d/40-xen.rules and + calls /etc/xen/scripts/vif-bridge online +- vif-bridge set the vifN.0 device up and enslaves it to the bridge +- eth0 shows up in domU (hotplug event triggered) +Similar things happen for block devices, except that /etc/xen/scripts/block is +called. + +It's not recommended to use ifplugd nor NetworkManager for managing the +interfaces if you use bridging mode. Use routing with nat or proxy-arp +in that case. You also need to do that in case you want to send out packets +on wireless; you can't bridge Xen "ethernet" packets into 802.11 packets. + + +Network Troubleshooting +----------------------- +First ensure the VM server is configured correctly and can access the network. + +Do not use ifplugd or NetworkManager, neither are bridge aware. + +Specify a static virtual MAC in the VM's configuration file. Random MACs can +be problematic, since with each boot of the VM it appears that some hardware +has been removed (the previous random MAC) and new hardware is present (the +new random MAC). This can cause network configuration files (which were +intended for the old MAC) to not be matched up with the new virtual hardware. + +In the VM's filesystem, ensure the ifcfg-eth* files are named appropriately. +For example, if you do decide to use a randomly-selected MAC for the VM, the +ifcfg-eth* file must not include the MAC in its name; name it generically +("ifcfg-eth0") instead. If you use a static virtual MAC for the VM, be sure +that is reflected in the file's name. + + +Thread-Local Storage +-------------------- +For some time now, the glibc thread library (NPTL) has used a shortcut to +access thread-local variables at a negative segment offset from the segment +selector GS instead of reading the linear address from the TDB (offset 0). +Unfortunately, this optimization has been made the default by the glibc and +gcc maintainers, as it saves one indirection. For Xen this is bad: The access +to these variables will trap, and Xen will need to use some tricks to make the +access work. It does work, but it's very slow. + +SUSE Linux 9.1 and SLES 9 were prior to this change, and thus are not +affected. SUSE Linux 9.2 and 9.3 are affected. For SUSE Linux 10.x and SLES +10, we have disabled negative segment references in gcc and glibc, and so +these are not affected. Other non-SUSE Linux distributions may be affected. + +For affected distributions, one way to work around the problem is to rename +the /lib/tls directory, so the pre-i686 version gets used, where no such +tricks are done. An example LSB-compliant init script which automates these +steps is installed at /usr/share/doc/packages/xen/boot.xen. This script +renames /lib/tls when running on Xen, and restores it when not running on Xen. +Modify this script to work with your specific distribution. + +Mono has a similar problem, but this has been fixed in SUSE Linux 10.1 and +SLES 10. Older or non-SUSE versions of Mono may have a performance impact. + + +Security +-------- +Domain 0 has control over all domains. This means that care should be taken to +keep domain 0 safe; ideally you strip it down to only do as little there as +possible, preferably with no local users except for the system administrator. +Most commands in domain 0 can only be performed as root, but this protection +scheme only has moderate security and might be defeated. In case domain 0 is +compromised, all other domains are compromised as well. + +To allow relocation of VMs (migration), the receiving machine listens on TCP +port 8002. You might want to put firewall rules in place in domain 0 to +restrict this to machines which you trust. Relocating VMs with sensitive data +is not a good idea in untrusted networks, since the data is not sent encrypted. + +The memory protections for the domUs are effective; so far no way to break out +of a virtual machine is known. A VM is an effective jail. + + +Limitations +----------- +When booting, Linux reserves data structures matching the amount of RAM found. +This has the side-effect that you can't dynamically grow the memory beyond +what the kernel has been booted with. But you can trick domU Linux to prepare +for a larger amount of RAM by passing the mem= boot parameter. + +The export of virtual hard disks from files in Xen can be handled via the +loopback driver (although in Xen >= 3.0.4, this is can be replaced by the +"blktap" user-space driver.) If you are still using loopback, it may be +possible to run out of loopback devices, as by default only 64 are supported. +You can change this by inserting: +options loop max_loop=128 +into /etc/modprobe.conf.local in domain 0. + + +Upgrading the Host Operating System +----------------------------------- +When upgrading the host operating system from one major release to another +(for example, SLES 11 to SLES 12 or openSUSE 12.3 to openSUSE 13.1) or when +applying a service pack like SLES 11 SP3 to SLES 11 SP2 all running VMs must +be shut down before the upgrade process is begun. + +On versions of SLES 11 and openSUSE 12 you are using the xm/xend toolstack. +After upgrading to SLES 12 and newer openSUSE versions this toolstack will be +replaced with the xl toolstack. The xl toolstack does not support Managed +Domains. If you wish to continue using Managed Domains you must switch to +using libvirt and its command line interface 'virsh'. You may also use +virt-manager as a GUI interface to libvirt. After upgrading the host but +before you can begin using libvirt on VMs that were previously managed by +xm/xend, you must run a conversion tool called /usr/sbin/xen2libvirt for all +VMs. + +For example, to convert all domains previously managed by xend: + xen2libvirt -r /var/lib/xend/domains/ + +Now typing 'virsh list --all' will show your previously xend managed domains +being managed by libvirt. Run 'xen2libvirt -h' to see additional options for +using this tool. + + +Memory Ballooning in VMs +------------------------ +Setting a VMs maximum memory value greater than the initial memory value +requires support for memory ballooning in the VMs operating system. Modern SLES +and openSUSE guests have this capability built-in. Windows installation media +does not support memory ballooning so you must first install the VM without +memory ballooning (maxmem equal to initial memory). After the installation, the +Virtual Machine Driver Pack (vmdp) must be installed. After this, the VMs +maxmem value may be increased. A reboot of the VM is required for this action +to take effect. + + +Dom0 Memory Ballooning +---------------------- +It is strongly recommended that you dedicate a fixed amount of RAM to dom0 +rather than relying on dom0 auto ballooning. Doing so will ensure your dom0 +has enough resources to operate well and will improve startup times for your +VMs. The amount of RAM dedicated to dom0 should never be less than the +recommended minimum amount for running your SUSE distribution in native mode. +The actual amount of RAM needed for dom0 depends on several factors including +how much physical RAM is on the host, the number of physical CPUs, and the +number of VMs running simultaneously where each VM has a specific requirement +for RAM. The following example shows the syntax for doing this. This would be +added to your grub1 or grub2 configuration; + +Grub2 Example: + Edit /etc/default/grub and add, + GRUB_CMDLINE_XEN_DEFAULT="dom0_mem=1024M,max:1024M" + and then run + grub2-mkconfig -o /boot/grub2/grub.cfg + +Grub1 Example: + Edit /boot/grub/menu.lst and edit the line containing xen.gz + kernel /boot/xen.gz dom0_mem=1024M,max:1024M + +After modifying your grub configuration, you will need to edit /etc/xen/xl.conf +and set autoballoon="off". This will prevent xl from automatically adjusting +the amount of memory assigned to dom0. Reboot the host for these changes to +take effect. + + +Adjusting LIBXL_HOTPLUG_TIMEOUT at runtime +------------------------------------------ +A domU with a large amount of disks may run into the hardcoded +LIBXL_HOTPLUG_TIMEOUT limit, which is 40 seconds. This happens if the +preparation for each disk takes an unexpected large amount of time. Then +the sum of all configured disks and the individual preparation time will +be larger than 40 seconds. The hotplug script which does the preparation +takes a lock before doing the actual preparation. Since the hotplug +scripts for each disk are spawned at nearly the same time, each one has +to wait for the lock. Due to this contention, the total execution time +of a script can easily exceed the timeout. In this case libxl will +terminate the script because it has to assume an error condition. + +Example: +10 configured disks, each one takes 3 seconds within the critital +section. The total execution time will be 30 seconds, which is still +within the limit. With 5 additional configured disks, the total +execution time will be 45 seconds, which would trigger the timeout. + +To handle such setup without a recompile of libxl, a special key/value +has to be created in xenstore prior domain creation. This can be done +either manually, or at system startup. A dedicated systemd service file +exists to set the required value. To enable it, run these commands: + +/etc/systemd/system # systemctl enable xen-LIBXL_HOTPLUG_TIMEOUT.service +/etc/systemd/system # systemctl start xen-LIBXL_HOTPLUG_TIMEOUT.service + + +In case the value in this service file needs to be changed, a copy with +the exact same name must be created in the /etc/systemd/system directory: + +/etc/systemd/system # cat xen-LIBXL_HOTPLUG_TIMEOUT.service +[Unit] +Description=set global LIBXL_HOTPLUG_TIMEOUT +ConditionPathExists=/proc/xen/capabilities + +Requires=xenstored.service +After=xenstored.service +Requires=xen-init-dom0.service +After=xen-init-dom0.service +Before=xencommons.service + +[Service] +Type=oneshot +RemainAfterExit=true +ExecStartPre=/bin/grep -q control_d /proc/xen/capabilities +ExecStart=/usr/bin/xenstore-write /libxl/suse/per-device-LIBXL_HOTPLUG_TIMEOUT 10 + +[Install] +WantedBy=multi-user.target + +In this example the per-device value will be set to 10 seconds. + +The change for libxl which handles this xenstore value will enable +additional logging if the key is found. That extra logging will show how +the execution time of each script. + + +Troubleshooting +--------------- +First try to get Linux running on bare metal before trying with Xen. + +Be sure your Xen hypervisor (xen) and VM kernels (kernel-xen) are compatible. +The hypervisor and domain 0 kernel are a matched set, and usually must be +upgraded together. Consult the online documentation for a matrix of supported +32- and 64-bit combinations + +If you have trouble early in the boot, try passing pnpacpi=off to the Linux +kernel. If you have trouble with interrupts or timers, passing lapic to Xen +may help. Xen and Linux understand similar ACPI boot parameters. Try the +options acpi=off,force,ht,noirq or acpi_skip_timer_override. + +Other useful debugging options to Xen may be nosmp, noreboot, mem=4096M, +sync_console, noirqbalance (Dell). For a complete list of Xen boot options, +consult the "Xen Hypervisor Command Line Options" documentation. + +If domain 0 Linux crashes on X11 startup, please try to boot into runlevel 3. + +1) As a first step in debugging Xen you should add the following hypervisor +options to the xen.gz line in your grub configuration file. After rebooting, +the 'xl dmesg' command will produce more output to better analyze problems. + +Grub2 Example: + Edit /etc/default/grub and add, + GRUB_CMDLINE_XEN_DEFAULT="loglvl=all guest_loglvl=all" + and then run, + grub2-mkconfig -o /boot/grub2/grub.cfg + +Grub1 Example: + Edit /boot/grub/menu.lst and edit the line containing xen.gz + kernel /boot/xen.gz loglvl=all guest_loglvl=all + +2) With the log levels specified above and the host rebooted, more useful +information about domain 0 and running VMs can be obtained using the +'xl dmesg' and 'xl debug-keys' commands. For example, from the command line +run: + xl debug-keys h +and then run: + xl dmesg +Note that at the end of the output from 'xl dmesg' it includes help on a +series of commands that may be passed to 'xl debug-keys'. For example, by +passing the letter 'q' to 'xl debug-keys' it will "dump domain (and guest +debug) info". + xl debug-keys q +Now you can again run 'xl dmesg' to see the domain and guest debug info. + +3) Sometimes it is useful to attach a serial terminal and direct Xen to send +its output not only to the screen, but also to that terminal. First you need +to attach a serial cable from the serial port on the server to a second +machine's serial port. That second machine could be running minicom (or some +other program that can be setup to read from the serial port). Do the +following to prepare Xen to send its output over this serial line. + +Grub2 Example: + Edit /etc/default/grub and add, + GRUB_CMDLINE_XEN_DEFAULT="loglvl=all guest_loglvl=all console=com1 com1=115200,8n1" + Also append additional serial flags to the option below such that it appears as, + GRUB_CMDLINE_LINUX_DEFAULT=" console=ttyS0, 115200" + where pre-existing flags are those options already present and then run, + grub2-mkconfig -o /boot/grub2/grub.cfg + +Grub1 Example: + Edit the /etc/grub/menu.lst file and add the following to the Xen entry, + kernel /boot/xen.gz loglvl=all guest_loglvl=all console=com1 com1=115200,8n1 + module /boot/vmlinuz-xen console=ttyS0, 115200 + +Once the hardware and software are configured correctly the server is rebooted +and its output should appear on the other terminal as the server boots up. + +4) To further debug Xen or domain 0 Linux crashes or hangs, it may be useful to +use the debug-enabled hypervisor, and/or to prevent automatic rebooting. + +Grub2 Example: + Edit /etc/default/grub and add, + GRUB_CMDLINE_XEN_DEFAULT="noreboot loglvl=all guest_loglvl=all" + Edit /boot/grub2/grub.cfg and look for these lines: + multiboot /boot/xen-.gz ... + and replace them with: + multiboot /boot/xen-dbg-.gz' ... Replace with the + appropriate version string contained in the filename. Note that running + grub2-mkconfig -o /boot/grub2/grub.cfg will overwrite all manual changes + made to grub.cfg. + +Grub1 Example: + Edit your menu.lst configuration from something like this: + kernel (hd0,5)/xen.gz + To something like this: + kernel (hd0,5)/xen-dbg.gz noreboot loglvl=all guest_loglvl=all + +All hypervisor options require a reboot to take effect. After rebooting, the +Xen hypervisor will write any error messages to the log file (viewable with +the "xl dmesg" command). + +If problems persist, check if a newer version is available. Well-tested +versions will be shipped with SUSE and via YaST Online Update. + + +Resources +--------- +https://www.suse.com/documentation/sles11/singlehtml/book_xen/book_xen.html +http://doc.opensuse.org/products/draft/SLES/SLES-xen_sd_draft/cha.xen.basics.html + + +Feedback +-------- +In case you have remarks about, problems with, ideas for, or praise for Xen, +please report it back to the xen-devel list: + xen-devel@lists.xen.org +If you find issues with the packaging or setup done by SUSE, please report +it through bugzilla: + https://bugzilla.suse.com + + + ENJOY! + Your SUSE Team. diff --git a/baselibs.conf b/baselibs.conf new file mode 100644 index 0000000..4211d9f --- /dev/null +++ b/baselibs.conf @@ -0,0 +1 @@ +xen-libs diff --git a/bin-python3-conversion.patch b/bin-python3-conversion.patch new file mode 100644 index 0000000..a86d6e8 --- /dev/null +++ b/bin-python3-conversion.patch @@ -0,0 +1,50 @@ +Index: xen-4.18.0-testing/tools/misc/xencov_split +=================================================================== +--- xen-4.18.0-testing.orig/tools/misc/xencov_split ++++ xen-4.18.0-testing/tools/misc/xencov_split +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/python3 + + from __future__ import print_function + from builtins import str +Index: xen-4.18.0-testing/tools/python/scripts/convert-legacy-stream +=================================================================== +--- xen-4.18.0-testing.orig/tools/python/scripts/convert-legacy-stream ++++ xen-4.18.0-testing/tools/python/scripts/convert-legacy-stream +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/python3 + # -*- coding: utf-8 -*- + + """ +Index: xen-4.18.0-testing/tools/python/scripts/verify-stream-v2 +=================================================================== +--- xen-4.18.0-testing.orig/tools/python/scripts/verify-stream-v2 ++++ xen-4.18.0-testing/tools/python/scripts/verify-stream-v2 +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/python3 + # -*- coding: utf-8 -*- + + """ Verify a v2 format migration stream """ +Index: xen-4.18.0-testing/tools/xenmon/xenmon.py +=================================================================== +--- xen-4.18.0-testing.orig/tools/xenmon/xenmon.py ++++ xen-4.18.0-testing/tools/xenmon/xenmon.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/python3 + + ##################################################################### + # xenmon is a front-end for xenbaked. +Index: xen-4.18.0-testing/tools/xentrace/xentrace_format +=================================================================== +--- xen-4.18.0-testing.orig/tools/xentrace/xentrace_format ++++ xen-4.18.0-testing/tools/xentrace/xentrace_format +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/python3 + + # by Mark Williamson, (C) 2004 Intel Research Cambridge + diff --git a/block-dmmd b/block-dmmd new file mode 100644 index 0000000..7694778 --- /dev/null +++ b/block-dmmd @@ -0,0 +1,384 @@ +#! /bin/bash + +# Usage: block-dmmd [add args | remove args] +# +# the dmmd device syntax (in xl commands/configs) is something like: +# script=block-dmmd,md;/dev/md0;md;/dev/md1;lvm;/dev/vg1/lv1 +# or +# script=block-dmmd,lvm;/dev/vg1/lv1;lvm;/dev/vg1/lv2;md;/dev/md0 +# device pairs (type;dev) are processed in order, with the last device +# assigned to the VM +# +# Note - When using the libxl stack, the "script=block-dmmd" option +# is required. See man xl-disk-configuration(5) for more information. +# +# md devices can optionally: +# specify a config file through: +# md;/dev/md100(/var/xen/config/mdadm.conf) +# use an array name (mdadm -N option): +# md;My-MD-name;lvm;/dev/vg1/lv1 +# +# Completely expressive syntax should be similar to: +# "format=raw, vdev=xvdb, access=rw, script=block-dmmd, \ +# target=md;/dev/md0(/etc/mdadm.conf);lvm;/dev/vg1/lv1" +# +## +# History: +# 2017-07-10, mlatimer@suse.com: +# Modification to use syslog for progress messages by ldevulder@suse.com +# 2017-06-12, mlatimer@suse.com: +# Merge LVM improvements by loic.devulder@mpsa.com +# Document libxl "script=block-dmmd" syntax in examples +# Remove xm/xend references (e.g. parsed_timeout from xend-config.sxp) +# 2016-05-27, mlatimer@suse.com: +# Merge improvements by loic.devulder@mpsa.com. Highlights include: +# - Re-write and simplification to speed up the script! +# - Add some (useful) logging messages and comments +# Minor tweaks and logging improvements +# 2016-05-26, mlatimer@suse.com: +# Verify MD activation if mdadm returns 2 +# 2016-05-20, mlatimer@suse.com: +# Strip leading "dmmd:" if present in xenstore params value +# 2013-07-03, loic.devulder@mpsa.com: +# Partial rewrite of the script for supporting MD activation by name +# 2009-06-09, mh@novell.com: +# Emit debugging messages into a temporary file; if no longer needed, +# just comment the exec I/O redirection below +# Make variables used in functions local to avoid global overridings +# Use vgscan and vgchange where required +# Use the C locale to avoid dealing with localized messages +# Assign output from assembling an MD device to a variable to aid +# debugging + +# We do not want to deal with localized messages +# We use LC_ALL because LC_ALL superse LANG +# But we also use LANG because some applications may still use LANG... +export LC_ALL=C +export LANG=${LC_ALL} + +# Loading common libraries +. $(dirname $0)/block-common.sh + +# Constants +typeset -rx MDADM_BIN=/sbin/mdadm +typeset -rx LVCHANGE_BIN=/sbin/lvchange +typeset -rx PVSCAN_BIN=/sbin/pvscan +typeset -rx VGSCAN_BIN=/sbin/vgscan +typeset -rx VGCHANGE_BIN=/sbin/vgchange +typeset -rx CLVMD_BIN=/usr/sbin/clvmd +typeset -rx DATE_SEC="date +%s" + +# We check for errors ourselves +set +e + +function reload_clvm() +{ + # If we are in cluster mode + if ps -e | grep -q [c]lvmd 2>/dev/null; then + # Logging message + log info "Synchronizing cLVM..." + + # Synchronize cLVM + ${CLVMD_BIN} -R > /dev/null 2>&1 \ + || return 1 + fi + + return 0 +} + +function run_mdadm() +{ + local mdadm_cmd=$1 + local msg + local rc + + msg="$(${MDADM_BIN} ${mdadm_cmd} 2>&1)" + rc=$? + case "${msg}" in + *"has been started"* | *"already active"*) + return 0 + ;; + *"is already in use"*) + # Hmm, might be used by another device in this domU + # Leave it to upper layers to detect a real error + return 2 + ;; + *) + return ${rc} + ;; + esac + + # Normally we should not get here, but if this happens + # we have to return an error + return 1 +} + +function activate_md() +{ + # Make it explicitly local + local par=$1 + local cfg dev dev_path rc t mdadm_opts + + if [[ ${par} == ${par%%(*} ]]; then + # No configuration file specified + dev=${par} + cfg="" + else + dev=${par%%(*} + t=${par#*(} + cfg="-c ${t%%)*}" + fi + + # Looking for device name or aliase + if [[ ${dev:0:1} == / ]]; then + dev_path=${dev%/*} + mdadm_opts="" + else + dev_path=/dev/md + mdadm_opts="-s -N" + fi + + # Logging message + log info "Activating MD device ${dev}..." + + # Is MD device already active? + # We need to use full path name, aliase is not possible... + if [ -e ${dev_path}/${dev##*/} ]; then + ${MDADM_BIN} -Q -D ${dev_path}/${dev##*/} 2>/dev/null \ + | grep -iq state.*\:.*inactive || return 0 + fi + + # Activate MD device + run_mdadm "-A ${mdadm_opts} ${dev} ${cfg}" + rc=$? + + # A return code of 2 can indicate the array configuration was incorrect + if [[ ${rc} == 2 ]]; then + # Logging message + log info "Verifying MD device ${dev} activation..." + + # If the array is active, return 0, otherwise return an error + ${MDADM_BIN} -Q -D ${dev_path}/${dev##*/} &>/dev/null && return 0 \ + || return 1 + fi + + return ${rc} +} + +function deactivate_md() +{ + local par=$1 + local dev + + if [[ ${par} == ${par%%(*} ]]; then + # No configuration file specified + dev=${par} + else + dev=${par%%(*} + fi + + # Looking for device name or aliase + if [[ ${dev:0:1} == / ]]; then + dev_path=${dev%/*} + else + dev_path=/dev/md + fi + + # Logging message + log info "Deactivating MD device ${dev}..." + + # We need the device name only while deactivating + ${MDADM_BIN} -S ${dev_path}/${dev##*/} > /dev/null 2>&1 + + return $? +} + +function lvm_action() +{ + local action=$1 + local dev=$2 + local run_timeout=90 + local end_time + + # Logging message + log info "${action} LVM device ${dev}..." + + # Set end_time for the loop + (( end_time = $(${DATE_SEC}) + run_timeout )) + + while true; do + # Action depends of what the user asks + if [[ ${action} == activate ]]; then + # First scan for PVs and VGs + # We need this for using MD device as PV + ${PVSCAN_BIN} > /dev/null 2>&1 + + ${LVCHANGE_BIN} -aey ${dev} > /dev/null 2>&1 \ + && [[ -e ${dev} ]] \ + && return 0 + elif [[ ${action} == deactivate ]]; then + ${LVCHANGE_BIN} -aen ${dev} > /dev/null 2>&1 \ + && return 0 + + # If the LV is already deactivated we may be in an infinite loop + # So we need to test if the LV is still present + [[ -e ${dev} ]] || return 0 + fi + + # It seems that we had a problem during lvchange + # If we are in a cluster the problem may be due to a cLVM locking bug, + # so try to reload it + reload_clvm + + # If it takes too long we need to return an error + if (( $(${DATE_SEC}) >= end_time )); then + log err "Failed to ${action} $1 within ${run_timeout} seconds" + return 1 + fi + + # Briefly sleep before restarting the loop + sleep 0.1 + + done + + # Normally we should not get here, but if this happens + # we have to return an error + return 1 +} + +# Variables +typeset command=$1 +typeset BP=100 +typeset SP=${BP} +typeset VBD +typeset -a stack + +function push() +{ + local value="$1" + + [[ -n "${value}" ]] \ + && stack[$((--SP))]="${value}" + + return 0 +} + +function pop() +{ + [[ "${SP}" != "${BP}" ]] \ + && VBD=${stack[$((SP++))]} \ + || VBD="" + + return 0 +} + +function activate_dmmd() +{ + case "$1" in + "md") + activate_md $2 + return $? + ;; + "lvm") + lvm_action activate $2 + return $? + ;; + esac + + # Normally we should not get here, but if this happens + # we have to return an error + return 1 +} + +function deactivate_dmmd() +{ + case "$1" in + "md") + deactivate_md $2 + return $? + ;; + "lvm") + lvm_action deactivate $2 + return $? + ;; + esac + + # Normally we should not get here, but if this happens + # we have to return an error + return 1 +} + +function cleanup_stack() +{ + while true; do + pop + [[ -z "${VBD}" ]] && break + deactivate_dmmd ${VBD} + done +} + +function parse_par() +{ + # Make these vars explicitly local + local ac par rc s t + + ac=$1 + par="$2" + + par="${par};" + while true; do + t=${par%%;*} + + [[ -z "${t}" ]] && return 0 + par=${par#*;} + + s=${par%%;*} + [[ -z "${s}" ]] && return 1 + par=${par#*;} + + if [[ "${ac}" == "activate" ]]; then + activate_dmmd ${t} ${s} \ + || return 1 + fi + push "${t} ${s}" + done +} + +case "${command}" in + "add") + p=$(xenstore-read ${XENBUS_PATH}/params) || true + claim_lock "dmmd" + dmmd=${p#dmmd:} + + if ! parse_par activate "${dmmd}"; then + cleanup_stack + release_lock "dmmd" + exit 1 + fi + + lastparam=${dmmd##*;} + usedevice=${lastparam%(*} + xenstore-write ${XENBUS_PATH}/node "${usedevice}" + write_dev "${usedevice}" + release_lock "dmmd" + + exit 0 + ;; + + "remove") + p=$(xenstore-read ${XENBUS_PATH}/params) || true + claim_lock "dmmd" + dmmd=${p#dmmd:} + + parse_par noactivate "${dmmd}" + + cleanup_stack + release_lock "dmmd" + + exit 0 + ;; +esac + +# Normally we should not get here, but if this happens +# we have to return an error +return 1 diff --git a/block-npiv b/block-npiv new file mode 100644 index 0000000..b393bb4 --- /dev/null +++ b/block-npiv @@ -0,0 +1,129 @@ +#!/bin/bash + +# Usage: block-npiv [add npiv | remove dev] + +dir=$(dirname "$0") +. "$dir/block-npiv-common.sh" +. "$dir/block-common.sh" + +#set -x +#command=$1 + +case "$command" in + add) + # Params is one big arg, with fields separated by hyphens: + # single path: + # VPWWPN-TGTWWPN-LUN# + # multipath: + # {VPWWPN1.VPWWPN2....VPWWPNx}-{TGTWWPN1.TGTWWPN2....TGTWWPNx}-LUN# + # arg 1 - VPORT's WWPN + # arg 2 - Target's WWPN + # arg 3 - LUN # on Target + # no wwn contains a leading 0x - it is a 16 character hex value + # You may want to optionally pick a specific adapter ? + par=`xenstore-read $XENBUS_PATH/params` || true + NPIVARGS=(${par//-/ }) + wc=${#NPIVARGS[@]} + if [ $wc -eq 5 ]; then + # support old syntax + # FABRIC-VPWWPN-VPWWNN-TGTWWPN-LUN + VPORTWWPNS=${NPIVARGS[1]} + VPORTWWNNS=${NPIVARGS[2]} + TGTWWPNS=${NPIVARGS[3]} + LUN=${NPIVARGS[4]} + elif [ $wc -eq 3 ]; then + # new syntax + VPORTWWPNS=${NPIVARGS[0]} + TGTWWPNS=${NPIVARGS[1]} + LUN=${NPIVARGS[2]} + else + # wrong syntax + exit 1 + fi + + # Ensure we compare everything using lower-case hex characters + TGTWWPNS=`echo $TGTWWPNS | tr A-Z a-z |sed 's/[{.}]/ /g'` + VPORTWWPNS=`echo $VPORTWWPNS | tr A-Z a-z |sed 's/[{.}]/ /g'` + # Only one VPWWNN is supported + VPORTWWNN=`echo $VPORTWWNNS | tr A-Z a-z | sed -e 's/\..*//g' -e 's/{//'` + + claim_lock "npiv" + paths=0 + for VPORTWWPN in $VPORTWWPNS; do + find_vhost $VPORTWWPN + if test -z "$vhost" ; then + create_vport $VPORTWWPN $VPORTWWNN + if [ $? -ne 0 ] ; then exit 2; fi + sleep 8 + find_vhost $VPORTWWPN + if test -z "$vhost" ; then exit 3; fi + fi + for TGTWWPN in $TGTWWPNS; do + find_sdev $vhost $TGTWWPN $LUN + if test -z "$dev"; then + echo "- - -" > /sys/class/scsi_host/$vhost/scan + sleep 2 + find_sdev $vhost $TGTWWPN $LUN + fi + if test -z "$dev"; then + exit 4 + fi + paths=$(($paths+1)) + done + done + release_lock "npiv" + + if test $paths -gt 1; then + xenstore-write $XENBUS_PATH/multipath 1 + /etc/init.d/multipathd start + if test $? -ne 0 ; then exit 4; fi + dm=`multipath -l /dev/$dev | grep dm | cut -f2 -d' '` + else + xenstore-write $XENBUS_PATH/multipath 0 + dm=$dev + fi + + if test ! -z "$dm"; then + xenstore-write $XENBUS_PATH/node /dev/$dm + write_dev /dev/$dm + exit 0 + fi + + exit 4 + ;; + + remove) + node=`xenstore-read $XENBUS_PATH/node` || true + multipath=`xenstore-read $XENBUS_PATH/multipath` || true + # this is really screwy. the first delete of a lun will + # terminate the entire vport (all luns) + if test $multipath = 1; then + par=`xenstore-read $XENBUS_PATH/params` || true + NPIVARGS=(${par//-/ }) + wc=${#NPIVARGS[@]} + if [ $wc -eq 5 ]; then + # old syntax + # FABRIC-VPWWPN-VPWWNN-TGTWWPN-LUN + VPORTWWPNS=${NPIVARGS[1]} + elif [ $wc -eq 3 ]; then + # new syntax + VPORTWWPNS=${NPIVARGS[0]} + fi + VPORTWWPNS=`echo $VPORTWWPNS | tr A-Z a-z |sed 's/[{.}]/ /g'` + for VPORTWWPN in $VPORTWWPNS; do + find_vhost $VPORTWWPN + if test -z "$vhost" ; then exit 5; fi + flush_nodes_on_vhost $vhost + delete_vhost $vhost + done + else + dev=$node; dev=${dev#/dev/} + find_vhost_from_dev $dev + if test -z "$vhost" ; then exit 5; fi + flush_nodes_on_vhost $vhost + delete_vhost $vhost + fi + + exit 0 + ;; +esac diff --git a/block-npiv-common.sh b/block-npiv-common.sh new file mode 100644 index 0000000..cbffdd1 --- /dev/null +++ b/block-npiv-common.sh @@ -0,0 +1,277 @@ + + +# Look for the NPIV vport with the WWPN +# $1 contains the WWPN (assumes it does not contain a leading "0x") +find_vhost() +{ + unset vhost + + # look in upstream locations + for fchost in /sys/class/fc_vports/* ; do + if test -e $fchost/port_name ; then + wwpn=`cat $fchost/port_name | sed -e s/^0x//` + if test $wwpn = $1 ; then + # Note: makes the assumption the vport will always have an scsi_host child + vhost=`ls -d $fchost/device/host*` + vhost=`basename $vhost` + return + fi + fi + done + + # look in vendor-specific locations + + # Emulex - just looks like another scsi_host - so look at fc_hosts... + for fchost in /sys/class/fc_host/* ; do + if test -e $fchost/port_name ; then + wwpn=`cat $fchost/port_name | sed -e s/^0x//` + if test $wwpn = $1 ; then + # Note: makes the assumption the vport will always have an scsi_host child + vhost=`basename $fchost` + return + fi + fi + done +} + + +# Create a NPIV vport with WWPN +# $1 contains the VPORT WWPN +# $2 may contain the VPORT WWNN +# (assumes no name contains a leading "0x") +create_vport() +{ + wwpn=$1 + wwnn=$2 + if [ -z "$wwnn" ]; then + # auto generate wwnn, follow FluidLabUpdateForEmulex.pdf + # Novell specific identifier + # byte 6 = 0 indicates WWNN, = 1 indicates WWPN + wwnn=${wwpn:0:6}"0"${wwpn:7} + fi + # find a base adapter with npiv support that is on the right fabric + + # Look via upstream interfaces + for fchost in /sys/class/fc_host/* ; do + if test -e $fchost/vport_create ; then + # is the link up, w/ NPIV support ? + pstate=`cat $fchost/port_state` + ptype=`cat $fchost/port_type | cut -c 1-5` + if [ $pstate = "Online" -a $ptype = "NPort" ] ; then + vmax=`cat $fchost/max_npiv_vports` + vinuse=`cat $fchost/npiv_vports_inuse` + avail=`expr $vmax - $vinuse` + if [ $avail -gt 0 ] ; then + # create the vport + echo $wwpn":"$wwnn > $fchost/vport_create + if [ $? -eq 0 ] ; then + return 0 + fi + # failed - so we'll just look for the next adapter + fi + fi + fi + done + + # Look in vendor-specific locations + + # Emulex: interfaces mirror upstream, but are under adapter scsi_host + for shost in /sys/class/scsi_host/* ; do + if [ -e $shost/vport_create ] ; then + fchost=`ls -d $shost/device/fc_host*` + # is the link up, w/ NPIV support ? + if [ -e $fchost/port_state ] ; then + pstate=`cat $fchost/port_state` + ptype=`cat $fchost/port_type | cut -c 1-5` + if [ $pstate = "Online" -a $ptype = "NPort" ] ; then + vmax=`cat $shost/max_npiv_vports` + vinuse=`cat $shost/npiv_vports_inuse` + avail=`expr $vmax - $vinuse` + if [ $avail -gt 0 ] ; then + # create the vport + echo $wwpn":"$wwnn > $shost/vport_create + if [ $? -eq 0 ] ; then + return 0 + fi + # failed - so we'll just look for the next adapter + fi + fi + fi + fi + done + + # BFA are under adapter scsi_host + for shost in /sys/class/scsi_host/* ; do + if [ -e $shost/vport_create ] ; then + fchost=`ls -d $shost/device/fc_host/*` + # is the link up, w/ NPIV support ? + if [ -e $fchost/port_state ] ; then + pstate=`cat $fchost/port_state` + ptype=`cat $fchost/port_type | cut -c 1-5` + if [ $pstate = "Online" -a $ptype = "NPort" ] ; then + # create the vport + echo $wwpn":"$wwnn > $shost/vport_create + if [ $? -eq 0 ] ; then + return 0 + fi + # failed - so we'll just look for the next adapter + fi + fi + fi + done + + return 1 +} + + +# Look for the LUN on the indicated scsi_host (which is an NPIV vport) +# $1 is the scsi_host name (normalized to simply the hostX name) +# $2 is the WWPN of the tgt port the lun is on +# Note: this implies we don't support a multipath'd lun, or we +# are explicitly identifying a "path" +# $3 is the LUN number of the scsi device +find_sdev() +{ + unset dev + hostno=${1/*host/} + for sdev in /sys/class/scsi_device/${hostno}:*:$3 ; do + if test -e $sdev/device/../fc_trans*/target${hostno}*/port_name ; then + tgtwwpn=`cat $sdev/device/../fc_trans*/target${hostno}*/port_name | sed -e s/^0x//` + if test $tgtwwpn = $2 ; then + if test -e $sdev/device/block* ; then + dev=`ls $sdev/device/block*` + dev=${dev##*/} + return + fi + fi + fi + done +} + + +# Look for the NPIV vhost based on a scsi "sdX" name +# $1 is the "sdX" name +find_vhost_from_dev() +{ + unset vhost + hostno=`readlink /sys/block/$1/device` + hostno=${hostno##*/} + hostno=${hostno%%:*} + if test -z "$hostno" ; then return; fi + vhost="host"$hostno +} + + +# We're about to terminate a vhost based on a scsi device +# Flush all nodes on that vhost as they are about to go away +# $1 is the vhost +flush_nodes_on_vhost() +{ + if test ! -x /sbin/blockdev ; then return; fi + hostno=${1/*host/} + for sdev in /sys/class/scsi_device/${hostno}:* ; do + if test -e $sdev/device/block* ; then + dev=`ls $sdev/device/block*` + dev="/dev/"$dev + if test -n "$dev"; then + blockdev --flushbufs $dev + fi + fi + done +} + + +# Terminate a NPIV vhost +# $1 is vhost +delete_vhost() +{ + # use upstream interface + for vport in /sys/class/fc_vports/* ; do + if test -e $vport/device/$1 ; then + if test -e $vport/vport_delete ; then + echo "1" > $vport/vport_delete + if test $? -ne 0 ; then exit 6; fi + sleep 4 + return + fi + fi + done + + # use vendor specific interface + + # Emulex + if test -e /sys/class/fc_host/$1/device/../scsi_host*/lpfc_drvr_version ; then + shost=`ls -1d /sys/class/fc_host/$1/device/../scsi_host* | sed s/.*scsi_host://` + vportwwpn=`cat /sys/class/fc_host/$1/port_name | sed s/^0x//` + vportwwnn=`cat /sys/class/fc_host/$1/node_name | sed s/^0x//` + echo "$vportwwpn:$vportwwnn" > /sys/class/scsi_host/$shost/vport_delete + if test $? -ne 0 ; then exit 6; fi + sleep 4 + return + fi + + # Qlogic + if test -e /sys/class/fc_host/$1/device/../scsi_host*/driver_version ; then + shost=`ls -1d /sys/class/fc_host/$1/device/../scsi_host* | sed s/.*scsi_host://` + vportwwpn=`cat /sys/class/fc_host/$1/port_name | sed s/^0x//` + vportwwnn=`cat /sys/class/fc_host/$1/node_name | sed s/^0x//` + echo "$vportwwpn:$vportwwnn" > /sys/class/scsi_host/$shost/vport_delete + if test $? -ne 0 ; then exit 6; fi + sleep 4 + return + fi + + # BFA + if test -e /sys/class/fc_host/$1/device/../scsi_host/*/driver_name ; then + shost=`ls -1d /sys/class/fc_host/$1/device/../scsi_host/* | sed s#.*scsi_host/##` + vportwwpn=`cat /sys/class/fc_host/$1/port_name | sed s/^0x//` + vportwwnn=`cat /sys/class/fc_host/$1/node_name | sed s/^0x//` + echo "$vportwwpn:$vportwwnn" > /sys/class/scsi_host/$shost/vport_delete + if test $? -ne 0 ; then exit 6; fi + sleep 4 + return + fi + + + exit 6 +} + + +vport_status() +{ + # Look via upstream interfaces + for fchost in /sys/class/fc_host/* ; do + if test -e $fchost/vport_create ; then + vport_status_display $fchost $fchost + fi + done + + # Look in vendor-specific locations + + # Emulex: interfaces mirror upstream, but are under adapter scsi_host + for shost in /sys/class/scsi_host/* ; do + if [ -e $shost/vport_create ] ; then + fchost=`ls -d $shost/device/fc_host*` + vport_status_display $fchost $shost + fi + done + + return 0 +} + + +vport_status_display() +{ + echo + echo "fc_host: " $2 + echo "port_state: " `cat $1/port_state` + echo "port_type: " `cat $1/port_type` + echo "fabric_name: " `cat $1/fabric_name` + echo "max_npiv_vports: " `cat $2/max_npiv_vports` + echo "npiv_vports_inuse: " `cat $2/npiv_vports_inuse` + echo "modeldesc: " `cat $2/modeldesc` + echo "speed: " `cat $1/speed` + + return 0 +} + diff --git a/block-npiv-vport b/block-npiv-vport new file mode 100644 index 0000000..082dc54 --- /dev/null +++ b/block-npiv-vport @@ -0,0 +1,79 @@ +#!/bin/bash + +# Usage: block-npiv-vport [create npivargs | delete vportwwpn | status] + +dir=$(dirname "$0") +. "$dir/block-npiv-common.sh" + +#set -x +command=$1 +params=$2 + +case "$command" in + create) + # Params is one big arg, with fields separated by hyphens: + # FABRIC-VPWWPN-VPWWNN-TGTWWPN-LUN# + # arg 2 - Fabric Name + # arg 3 - VPORT's WWPN + # arg 4 - VPORT's WWNN + # arg 5 - Target's WWPN + # arg 6 - LUN # on Target + # no wwn contains a leading 0x - it is a 16 character hex value + # You may want to optionally pick a specific adapter ? + NPIVARGS=$params; + LUN=${NPIVARGS##*-*-*-*-}; NPIVARGS=${NPIVARGS%-*} + if test $LUN = $NPIVARGS ; then exit 1; fi + TGTWWPN=${NPIVARGS##*-*-*-}; NPIVARGS=${NPIVARGS%-*} + if test $TGTWWPN = $NPIVARGS ; then exit 1; fi + VPORTWWNN=${NPIVARGS##*-*-}; NPIVARGS=${NPIVARGS%-*} + if test $VPORTWWNN = $NPIVARGS ; then exit 1; fi + VPORTWWPN=${NPIVARGS##*-}; NPIVARGS=${NPIVARGS%-*} + if test $VPORTWWPN = $NPIVARGS ; then exit 1; fi + FABRICNM=$NPIVARGS + + # Ensure we compare everything using lower-case hex characters + TGTWWPN=`echo $TGTWWPN | tr A-Z a-z` + VPORTWWPN=`echo $VPORTWWPN | tr A-Z a-z` + VPORTWWNN=`echo $VPORTWWNN | tr A-Z a-z` + FABRICNM=`echo $FABRICNM | tr A-Z a-z` + + find_vhost $VPORTWWPN $FABRICNM + if test -z "$vhost" ; then + create_vport $FABRICNM $VPORTWWPN $VPORTWWNN + if [ $? -ne 0 ] ; then exit 2; fi + sleep 8 + find_vhost $VPORTWWPN $FABRICNM + if test -z "$vhost" ; then exit 3; fi + fi + + exit 0 + ;; + + delete) + # Params is VPORT's WWPN + # no wwn contains a leading 0x - it is a 16 character hex value + VPORTWWPN=$params + + # Ensure we compare everything using lower-case hex characters + VPORTWWPN=`echo $VPORTWWPN | tr A-Z a-z` + + find_vhost $VPORTWWPN $FABRICNM + if test -z "$vhost" ; then exit 4; fi + delete_vhost $vhost + + exit 0 + ;; + + status) + vport_status + + exit 0 + ;; + + *) + echo "Usage: block-npiv-vport [create npivargs | delete vportwwpn | status]" + + exit 1 + ;; +esac + diff --git a/boot.local.xenU b/boot.local.xenU new file mode 100644 index 0000000..2045b15 --- /dev/null +++ b/boot.local.xenU @@ -0,0 +1,79 @@ +#! /bin/sh +# +# Copyright (c) 2014 SUSE GmbH Nuernberg, Germany. All rights reserved. +# +# Author: Werner Fink , 1996 +# Burchard Steinbild , 1996 +# +# /etc/init.d/boot.local +# +# script with local commands to be executed from init on system startup +# +# +# Here you should add things, that should happen directly after booting +# before we're going to the first run level. +# + +date + +# echo "$MACHINE: running $0 $*" +my_REDIRECT="$(echo $REDIRECT | sed 's#^/dev/##')" +my_DEVICE="$(echo $my_REDIRECT | sed 's#^tty##')" +my_SPEED="$(stty speed)" +# echo REDIRECT $REDIRECT $my_REDIRECT +# echo my_DEVICE $my_DEVICE +# echo my_SPEED $my_SPEED + +# compose a line like that for inittab +# S0:12345:respawn:/sbin/agetty -L 9600 ttyS0 vt102 + +case $my_REDIRECT in + ttyS*) + echo adding this line to inittab + echo "$my_DEVICE:12345:respawn:/sbin/agetty -L $my_SPEED $my_REDIRECT vt102" + echo "$my_DEVICE:12345:respawn:/sbin/agetty -L $my_SPEED $my_REDIRECT vt102" >> /etc/inittab + echo $my_REDIRECT >> /etc/securetty + ;; + + hvc*) + echo adding this line to inittab + echo "$my_DEVICE:12345:respawn:/sbin/agetty -L $my_SPEED $my_REDIRECT vt320" + echo "$my_DEVICE:12345:respawn:/sbin/agetty -L $my_SPEED $my_REDIRECT vt320" >> /etc/inittab + echo $my_REDIRECT >> /etc/securetty + ;; + + *) + echo "no modification in inittab needed for: $my_REDIRECT" + ;; +esac + +telinit q + +# Changes for Xen +test -f /lib/modules/`uname -r`/modules.dep || depmod -ae + +CMDLINE=`cat /proc/cmdline | grep 'ip='` +if test ! -z "$CMDLINE"; then + OLDIFS=$IFS + IFS=":" + read ip oth mask gw hostname dev dhcp rest < /proc/cmdline + IFS=$OLDIFS + hostname $hostname + ip=`echo $ip | sed 's/ip= *//'` + if test ! -z "$ip"; then + if test -z "$mask"; then + if [ ${ip%/*} = $ip ]; then + ip="$ip/27" + fi + echo "ip addr add $ip dev $dev" + ip addr add $ip dev $dev + ip link set $dev up + else + ifconfig add $ip netmask $mask $dev + fi + fi + if test "${dhcp#dhcp}" != "$dhcp"; then + ifup-dhcp $dev + fi +fi + diff --git a/boot.xen b/boot.xen new file mode 100644 index 0000000..84ea851 --- /dev/null +++ b/boot.xen @@ -0,0 +1,101 @@ +#! /bin/sh +# Copyright (c) 2005-2006 SUSE Linux AG, Nuernberg, Germany. +# All rights reserved. +# +# /etc/init.d/boot.xen +# +# LSB compatible service control script; see http://www.linuxbase.org/spec/ +# +### BEGIN INIT INFO +# Provides: Xen +# Required-Start: boot.localfs +# Should-Start: boot.localnet +# Required-Stop: boot.localfs +# Should-Stop: +# Default-Start: B +# Default-Stop: +# Short-Description: Switch on and off TLS depending on whether Xen is running +# Description: Xen gets a major performance hit by the way +# recent glibc (& gcc) set up the TLS offset, as it needs to +# play segmentation tricks. This can be avoided by moving away +# the tls libs. +### END INIT INFO + +. /etc/rc.status + +# Reset status of this service +rc_reset + +case "$1" in + start) + echo -n "Starting Xen setup " + if test -d /proc/xen; then + export LD_ASSUME_KERNEL=2.4.21 + echo -n "Xen running " + fi + if test -d /proc/xen -a -d /lib/tls; then + echo -n "move /lib/tls away " + mv /lib/tls /lib/tls.save + elif test ! -d /proc/xen -a -d /lib/tls.save; then + echo -n "move back /lib/tls " + mv /lib/tls.save /lib/tls + fi + rc_status -v + ;; + stop) + # rc_status -v + ;; + try-restart|condrestart) + $0 restart + # Remember status and be quiet + rc_status + ;; + restart) + ## Stop the service and regardless of whether it was + ## running or not, start it again. + $0 start + # Remember status and be quiet + rc_status + ;; + force-reload) + $0 try-restart + rc_status + ;; + reload) + rc_failed 3 + rc_status -v + ;; + status) + echo -n "Checking for Xen " + # Return value is slightly different for the status command: + # 0 - service up and running + # 1 - service dead, but /var/run/ pid file exists + # 2 - service dead, but /var/lock/ lock file exists + # 3 - service not running (unused) + # 4 - service status unknown :-( + # 5--199 reserved (5--99 LSB, 100--149 distro, 150--199 appl.) + + if test -d /proc/xen; then + if test -d /lib/tls; then + echo -n "Xen running, /lib/tls existing " + rc_failed 1 + else + echo -n "Xen running, /lib/tls not existing " + fi + else + if test -d /lib/tls.save; then + echo -n "Xen not running, /lib/tls existing " + rc_failed 2 + else + echo -n "Xen not running, /lib/tls not existing " + rc_failed 3 + fi + fi + rc_status -v + ;; + *) + echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload}" + exit 1 + ;; +esac +rc_exit diff --git a/build-python3-conversion.patch b/build-python3-conversion.patch new file mode 100644 index 0000000..ef163f5 --- /dev/null +++ b/build-python3-conversion.patch @@ -0,0 +1,201 @@ +Index: xen-4.18.0-testing/Config.mk +=================================================================== +--- xen-4.18.0-testing.orig/Config.mk ++++ xen-4.18.0-testing/Config.mk +@@ -77,7 +77,7 @@ EXTRA_INCLUDES += $(EXTRA_PREFIX)/includ + EXTRA_LIB += $(EXTRA_PREFIX)/lib + endif + +-PYTHON ?= python ++PYTHON ?= python3 + PYTHON_PREFIX_ARG ?= --prefix="$(prefix)" + # The above requires that prefix contains *no spaces*. This variable is here + # to permit the user to set PYTHON_PREFIX_ARG to '' to workaround this bug: +Index: xen-4.18.0-testing/tools/configure +=================================================================== +--- xen-4.18.0-testing.orig/tools/configure ++++ xen-4.18.0-testing/tools/configure +@@ -7392,15 +7392,15 @@ if test x"${PYTHONPATH}" = x"no" + then + as_fn_error $? "Unable to find $PYTHON, please install $PYTHON" "$LINENO" 5 + fi +-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for python version >= 2.6 " >&5 +-$as_echo_n "checking for python version >= 2.6 ... " >&6; } +-`$PYTHON -c 'import sys; sys.exit(eval("sys.version_info < (2, 6)"))'` ++{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for python3 version >= 3.0 " >&5 ++$as_echo_n "checking for python3 version >= 3.0 ... " >&6; } ++`$PYTHON -c 'import sys; sys.exit(eval("sys.version_info < (3, 0)"))'` + if test "$?" != "0" + then + python_version=`$PYTHON -V 2>&1` + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 + $as_echo "no" >&6; } +- as_fn_error $? "$python_version is too old, minimum required version is 2.6" "$LINENO" 5 ++ as_fn_error $? "$python_version is too old, minimum required version is 3.0" "$LINENO" 5 + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 + $as_echo "yes" >&6; } +Index: xen-4.18.0-testing/tools/configure.ac +=================================================================== +--- xen-4.18.0-testing.orig/tools/configure.ac ++++ xen-4.18.0-testing/tools/configure.ac +@@ -385,7 +385,7 @@ PYTHONPATH=$PYTHON + PYTHON=`basename $PYTHONPATH` + + AX_PATH_PROG_OR_FAIL([PYTHONPATH], [$PYTHON]) +-AX_CHECK_PYTHON_VERSION([2], [6]) ++AX_CHECK_PYTHON_VERSION([3], [0]) + + AS_IF([test "$cross_compiling" != yes], [ + AX_CHECK_PYTHON_DEVEL() +Index: xen-4.18.0-testing/tools/libs/light/idl.py +=================================================================== +--- xen-4.18.0-testing.orig/tools/libs/light/idl.py ++++ xen-4.18.0-testing/tools/libs/light/idl.py +@@ -271,7 +271,7 @@ class KeyedUnion(Aggregate): + if not isinstance(keyvar_type, Enumeration): + raise ValueError + +- kv_kwargs = dict([(x.lstrip('keyvar_'),y) for (x,y) in kwargs.items() if x.startswith('keyvar_')]) ++ kv_kwargs = dict([(x.lstrip('keyvar_'),y) for (x,y) in list(kwargs.items()) if x.startswith('keyvar_')]) + + self.keyvar = Field(keyvar_type, keyvar_name, **kv_kwargs) + +@@ -317,7 +317,7 @@ class Array(Type): + kwargs.setdefault('json_parse_type', 'JSON_ARRAY') + Type.__init__(self, namespace=elem_type.namespace, typename=elem_type.rawname + " *", **kwargs) + +- lv_kwargs = dict([(x.lstrip('lenvar_'),y) for (x,y) in kwargs.items() if x.startswith('lenvar_')]) ++ lv_kwargs = dict([(x.lstrip('lenvar_'),y) for (x,y) in list(kwargs.items()) if x.startswith('lenvar_')]) + + self.lenvar = Field(integer, lenvar_name, **lv_kwargs) + self.elem_type = elem_type +@@ -353,7 +353,7 @@ def parse(f): + globs = {} + locs = OrderedDict() + +- for n,t in globals().items(): ++ for n,t in list(globals().items()): + if isinstance(t, Type): + globs[n] = t + elif isinstance(t,type(object)) and issubclass(t, Type): +Index: xen-4.18.0-testing/tools/libs/light/gentest.py +=================================================================== +--- xen-4.18.0-testing.orig/tools/libs/light/gentest.py ++++ xen-4.18.0-testing/tools/libs/light/gentest.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/python ++#!/usr/bin/python3 + + from __future__ import print_function + +Index: xen-4.18.0-testing/tools/libs/light/gentypes.py +=================================================================== +--- xen-4.18.0-testing.orig/tools/libs/light/gentypes.py ++++ xen-4.18.0-testing/tools/libs/light/gentypes.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/python ++#!/usr/bin/python3 + + from __future__ import print_function + +Index: xen-4.18.0-testing/tools/include/xen-foreign/mkheader.py +=================================================================== +--- xen-4.18.0-testing.orig/tools/include/xen-foreign/mkheader.py ++++ xen-4.18.0-testing/tools/include/xen-foreign/mkheader.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/python ++#!/usr/bin/python3 + + from __future__ import print_function + +Index: xen-4.18.0-testing/tools/include/xen-foreign/mkchecker.py +=================================================================== +--- xen-4.18.0-testing.orig/tools/include/xen-foreign/mkchecker.py ++++ xen-4.18.0-testing/tools/include/xen-foreign/mkchecker.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/python ++#!/usr/bin/python3 + + import sys; + from structs import structs, compat_arches; +Index: xen-4.18.0-testing/xen/tools/gen-cpuid.py +=================================================================== +--- xen-4.18.0-testing.orig/xen/tools/gen-cpuid.py ++++ xen-4.18.0-testing/xen/tools/gen-cpuid.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/python3 + # -*- coding: utf-8 -*- + + import sys, os, re +Index: xen-4.18.0-testing/xen/tools/compat-build-source.py +=================================================================== +--- xen-4.18.0-testing.orig/xen/tools/compat-build-source.py ++++ xen-4.18.0-testing/xen/tools/compat-build-source.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/python3 + + import re,sys + +Index: xen-4.18.0-testing/xen/tools/compat-build-header.py +=================================================================== +--- xen-4.18.0-testing.orig/xen/tools/compat-build-header.py ++++ xen-4.18.0-testing/xen/tools/compat-build-header.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/python3 + + import re,sys + +Index: xen-4.18.0-testing/tools/misc/xensymoops +=================================================================== +--- xen-4.18.0-testing.orig/tools/misc/xensymoops ++++ xen-4.18.0-testing/tools/misc/xensymoops +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/python3 + + # An oops analyser for Xen + # Usage: xensymoops path-to-xen.s < oops-message +@@ -43,12 +43,12 @@ def read_oops(): + return (eip_addr, stack_addresses) + + def usage(): +- print >> sys.stderr, """Usage: %s path-to-asm < oops-msg ++ print("""Usage: %s path-to-asm < oops-msg + The oops message should be fed to the standard input. The + command-line argument specifies the path to the Xen assembly dump + produced by \"make debug\". The location of EIP and the backtrace + will be output to standard output. +- """ % sys.argv[0] ++ """ % sys.argv[0], file=sys.stderr) + sys.exit() + + ##### main +@@ -99,7 +99,7 @@ while True: + + # if this address was seen as a potential code address in the backtrace then + # record it in the backtrace list +- if stk_addrs.has_key(address): ++ if address in stk_addrs: + backtrace.append((stk_addrs[address], address, func)) + + # if this was the address that EIP... +@@ -107,12 +107,12 @@ while True: + eip_func = func + + +-print "EIP %s in function %s" % (eip_addr, eip_func) +-print "Backtrace:" ++print("EIP %s in function %s" % (eip_addr, eip_func)) ++print("Backtrace:") + + # sorting will order primarily by the first element of each tuple, + # i.e. the order in the original oops + backtrace.sort() + + for (i, a, f) in backtrace: +- print "%s in function %s" % ( a, f ) ++ print("%s in function %s" % ( a, f )) diff --git a/etc_pam.d_xen-api b/etc_pam.d_xen-api new file mode 100644 index 0000000..343bc70 --- /dev/null +++ b/etc_pam.d_xen-api @@ -0,0 +1,7 @@ +#%PAM-1.0 +auth required pam_listfile.so onerr=fail item=user \ + sense=allow file=/etc/xen/xenapiusers +auth include common-auth +account include common-account +password include common-password +session include common-session diff --git a/hibernate.patch b/hibernate.patch new file mode 100644 index 0000000..4eab8da --- /dev/null +++ b/hibernate.patch @@ -0,0 +1,44 @@ +Index: xen-4.18.0-testing/tools/libacpi/ssdt_s3.asl +=================================================================== +--- xen-4.18.0-testing.orig/tools/libacpi/ssdt_s3.asl ++++ xen-4.18.0-testing/tools/libacpi/ssdt_s3.asl +@@ -7,13 +7,9 @@ + + DefinitionBlock ("SSDT_S3.aml", "SSDT", 2, "Xen", "HVM", 0) + { +- /* Must match piix emulation */ +- Name (\_S3, Package (0x04) +- { +- 0x01, /* PM1a_CNT.SLP_TYP */ +- 0x01, /* PM1b_CNT.SLP_TYP */ +- 0x0, /* reserved */ +- 0x0 /* reserved */ +- }) ++ /* ++ * Turn off support for s3 sleep state to deal with SVVP tests. ++ * This is what MSFT does on HyperV. ++ */ + } + +Index: xen-4.18.0-testing/tools/libacpi/ssdt_s4.asl +=================================================================== +--- xen-4.18.0-testing.orig/tools/libacpi/ssdt_s4.asl ++++ xen-4.18.0-testing/tools/libacpi/ssdt_s4.asl +@@ -7,13 +7,9 @@ + + DefinitionBlock ("SSDT_S4.aml", "SSDT", 2, "Xen", "HVM", 0) + { +- /* Must match piix emulation */ +- Name (\_S4, Package (0x04) +- { +- 0x00, /* PM1a_CNT.SLP_TYP */ +- 0x00, /* PM1b_CNT.SLP_TYP */ +- 0x00, /* reserved */ +- 0x00 /* reserved */ +- }) ++ /* ++ * Turn off support for s4 sleep state to deal with SVVP tests. ++ * This is what MSFT does on HyperV. ++ */ + } + diff --git a/ignore-ip-command-script-errors.patch b/ignore-ip-command-script-errors.patch new file mode 100644 index 0000000..76a632a --- /dev/null +++ b/ignore-ip-command-script-errors.patch @@ -0,0 +1,54 @@ +References: bsc#1172356 +The bug is that virt-manager reports a failure when in fact +the host and guest have added the network interface. The Xen +scripts are failing with an error when in fact that command +is succeeding. + +The 'ip' commands seem to abort the script due to a 'set -e' in +xen-script-common.sh with what appears to be an error condition. +However, the command actually succeeds when checked from the +host console or also by inserting a sleep before each ip command +and executing it manually at the command line. This seems to be +an artifact of using 'set -e' everywhere. + +Index: xen-4.15.0-testing/tools/hotplug/Linux/xen-network-common.sh +=================================================================== +--- xen-4.15.0-testing.orig/tools/hotplug/Linux/xen-network-common.sh ++++ xen-4.15.0-testing/tools/hotplug/Linux/xen-network-common.sh +@@ -90,7 +90,7 @@ _setup_bridge_port() { + local virtual="$2" + + # take interface down ... +- ip link set dev ${dev} down ++ (ip link set dev ${dev} down || true) + + if [ $virtual -ne 0 ] ; then + # Initialise a dummy MAC address. We choose the numerically +@@ -101,7 +101,7 @@ _setup_bridge_port() { + fi + + # ... and configure it +- ip address flush dev ${dev} ++ (ip address flush dev ${dev} || true) + } + + setup_physical_bridge_port() { +@@ -136,15 +136,15 @@ add_to_bridge () { + if [ ! -e "/sys/class/net/${bridge}/brif/${dev}" ]; then + log debug "adding $dev to bridge $bridge" + if which brctl >&/dev/null; then +- brctl addif ${bridge} ${dev} ++ (brctl addif ${bridge} ${dev} || true) + else +- ip link set ${dev} master ${bridge} ++ (ip link set ${dev} master ${bridge} || true) + fi + else + log debug "$dev already on bridge $bridge" + fi + +- ip link set dev ${dev} up ++ (ip link set dev ${dev} up || true) + } + + remove_from_bridge () { diff --git a/init.pciback b/init.pciback new file mode 100644 index 0000000..b9e81fc --- /dev/null +++ b/init.pciback @@ -0,0 +1,119 @@ +#!/bin/bash +# +# Copyright (c) 2014 SUSE GmbH Nuernberg, Germany. All rights reserved. +# +# /etc/init.d/pciback +# +### BEGIN INIT INFO +# Provides: pciback +# Required-Start: $syslog $network +# Should-Start: $null +# Required-Stop: $syslog $network +# Should-Stop: $null +# Default-Start: 3 5 +# Default-Stop: 0 1 2 6 +# Description: bind PCI devices to pciback +### END INIT INFO + +. /etc/rc.status +. /etc/sysconfig/pciback + +rc_reset + +load_pciback() { + if ! lsmod | grep -qi "pciback" + then + echo "Loading pciback ..." + modprobe pciback + fi +} + +unload_pciback() { + if lsmod | grep -qi "pciback" + then + echo "Unloading pciback ..." + modprobe -r pciback + fi +} + +bind_dev_to_pciback() { + for DEVICE in ${XEN_PCI_HIDE_LIST} + do + local DRV=`echo ${DEVICE} | /usr/bin/cut -d "," -f 1` + local PCIID=`echo ${DEVICE} | /usr/bin/cut -d "," -f 2` + + if ! ls /sys/bus/pci/drivers/pciback/${PCIID} > /dev/null 2>&1 + then + echo "Binding ${PCIID} ..." + if ls /sys/bus/pci/drivers/${DRV}/${PCIID} > /dev/null 2>&1 + then + echo -n ${PCIID} > /sys/bus/pci/drivers/${DRV}/unbind + fi + echo -n ${PCIID} > /sys/bus/pci/drivers/pciback/new_slot + echo -n ${PCIID} > /sys/bus/pci/drivers/pciback/bind + fi + done +} + +unbind_dev_from_pciback() { + for DEVICE in ${XEN_PCI_HIDE_LIST} + do + local DRV=`echo ${DEVICE} | /usr/bin/cut -d "," -f 1` + local PCIID=`echo ${DEVICE} | /usr/bin/cut -d "," -f 2` + + if ls /sys/bus/pci/drivers/pciback/${PCIID} > /dev/null + then + echo "Unbinding ${PCIID} ..." + echo -n ${PCIID} > /sys/bus/pci/drivers/pciback/unbind + fi + done +} + +test "uname -r" | grep xen && exit 0 + +case $1 in + start) + echo "Starting pciback ..." + echo + load_pciback + bind_dev_to_pciback + + rc_status -v -r + ;; + stop) + echo "Stopping pciback ..." + echo + unbind_dev_from_pciback + unload_pciback + + rc_status -v + ;; + reload|restart) + echo "Stopping pciback ..." + echo + unbind_dev_from_pciback + unload_pciback + echo "Starting pciback ..." + echo + load_pciback + bind_dev_to_pciback + ;; + status) + if lsmod | grep -qi pciback + then + echo + echo "pciback: loaded" + echo + echo "Currently bound devices ..." + echo "-----------------------------" + ls /sys/bus/pci/drivers/pciback | grep ^0000 + echo + else + echo "pciback: not loaded" + fi + ;; + *) + echo "Usage: $0 [start|stop|restart|reload|status]" + exit 1 + ;; +esac diff --git a/libxc-bitmap-long.patch b/libxc-bitmap-long.patch new file mode 100644 index 0000000..f70cb9a --- /dev/null +++ b/libxc-bitmap-long.patch @@ -0,0 +1,64 @@ +From: Olaf Hering +Date: Wed, 9 Dec 2020 16:40:00 +0100 +Subject: libxc sr bitmap long + +tools: add API to work with sevaral bits at once + +Introduce new API to test if a fixed number of bits is clear or set, +and clear or set them all at once. + +The caller has to make sure the input bitnumber is a multiple of BITS_PER_LONG. + +This API avoids the loop over each bit in a known range just to see +if all of them are either clear or set. + +Signed-off-by: Olaf Hering + +v02: +- change return type from int to bool (jgross) +--- + tools/libs/ctrl/xc_bitops.h | 28 ++++++++++++++++++++++++++++ + 1 file changed, 28 insertions(+) + +--- a/tools/libs/ctrl/xc_bitops.h ++++ b/tools/libs/ctrl/xc_bitops.h +@@ -3,6 +3,7 @@ + + /* bitmap operations for single threaded access */ + ++#include + #include + #include + +@@ -81,4 +82,31 @@ static inline void bitmap_or(void *_dst, + dst[i] |= other[i]; + } + ++static inline bool test_bit_long_set(unsigned long nr_base, const void *_addr) ++{ ++ const unsigned long *addr = _addr; ++ unsigned long val = addr[nr_base / BITS_PER_LONG]; ++ ++ return val == ~0; ++} ++ ++static inline bool test_bit_long_clear(unsigned long nr_base, const void *_addr) ++{ ++ const unsigned long *addr = _addr; ++ unsigned long val = addr[nr_base / BITS_PER_LONG]; ++ ++ return val == 0; ++} ++ ++static inline void clear_bit_long(unsigned long nr_base, void *_addr) ++{ ++ unsigned long *addr = _addr; ++ addr[nr_base / BITS_PER_LONG] = 0; ++} ++ ++static inline void set_bit_long(unsigned long nr_base, void *_addr) ++{ ++ unsigned long *addr = _addr; ++ addr[nr_base / BITS_PER_LONG] = ~0; ++} + #endif /* XC_BITOPS_H */ diff --git a/libxc-sr-LIBXL_HAVE_DOMAIN_SUSPEND_PROPS.patch b/libxc-sr-LIBXL_HAVE_DOMAIN_SUSPEND_PROPS.patch new file mode 100644 index 0000000..af3c9e8 --- /dev/null +++ b/libxc-sr-LIBXL_HAVE_DOMAIN_SUSPEND_PROPS.patch @@ -0,0 +1,144 @@ +From: Olaf Hering +Date: Thu, 7 Jan 2021 15:58:30 +0100 +Subject: libxc sr LIBXL_HAVE_DOMAIN_SUSPEND_PROPS + +tools: adjust libxl_domain_suspend to receive a struct props + +Upcoming changes will pass more knobs down to xc_domain_save. +Adjust the libxl_domain_suspend API to allow easy adding of additional knobs. + +No change in behavior intented. + +Signed-off-by: Olaf Hering +Acked-by: Christian Lindig +--- + tools/include/libxl.h | 26 +++++++++++++++++++++++--- + tools/libs/light/libxl_domain.c | 7 ++++--- + tools/xl/xl_migrate.c | 9 ++++++--- + tools/xl/xl_saverestore.c | 3 ++- + 4 files changed, 35 insertions(+), 10 deletions(-) + +--- a/tools/include/libxl.h ++++ b/tools/include/libxl.h +@@ -1811,13 +1811,28 @@ static inline int libxl_retrieve_domain_ + libxl_retrieve_domain_configuration_0x041200 + #endif + +-int libxl_domain_suspend(libxl_ctx *ctx, uint32_t domid, int fd, +- int flags, /* LIBXL_SUSPEND_* */ +- const libxl_asyncop_how *ao_how) +- LIBXL_EXTERNAL_CALLERS_ONLY; ++/* ++ * LIBXL_HAVE_DOMAIN_SUSPEND_PROPS indicates that the ++ * libxl_domain_suspend_props() function takes a props struct. ++ */ ++#define LIBXL_HAVE_DOMAIN_SUSPEND_PROPS 1 ++ ++typedef struct { ++ uint32_t flags; /* LIBXL_SUSPEND_* */ ++} libxl_domain_suspend_suse_properties; + #define LIBXL_SUSPEND_DEBUG 1 + #define LIBXL_SUSPEND_LIVE 2 + ++#define LIBXL_HAVE_DOMAIN_SUSPEND_SUSE ++int libxl_domain_suspend_suse(libxl_ctx *ctx, uint32_t domid, int fd, ++ const libxl_domain_suspend_suse_properties *props, /* optional */ ++ const libxl_asyncop_how *ao_how) ++ LIBXL_EXTERNAL_CALLERS_ONLY; ++ ++int libxl_domain_suspend(libxl_ctx *ctx, uint32_t domid, int fd, int flags, ++ const libxl_asyncop_how *ao_how) ++ LIBXL_EXTERNAL_CALLERS_ONLY; ++ + /* + * Only suspend domain, do not save its state to file, do not destroy it. + * Suspended domain can be resumed with libxl_domain_resume() +--- a/tools/libs/light/libxl_domain.c ++++ b/tools/libs/light/libxl_domain.c +@@ -502,7 +502,8 @@ static void domain_suspend_cb(libxl__egc + + } + +-int libxl_domain_suspend(libxl_ctx *ctx, uint32_t domid, int fd, int flags, ++static int do_libxl_domain_suspend(libxl_ctx *ctx, uint32_t domid, int fd, ++ const libxl_domain_suspend_suse_properties *props, + const libxl_asyncop_how *ao_how) + { + AO_CREATE(ctx, domid, ao_how); +@@ -523,8 +524,8 @@ int libxl_domain_suspend(libxl_ctx *ctx, + dss->domid = domid; + dss->fd = fd; + dss->type = type; +- dss->live = flags & LIBXL_SUSPEND_LIVE; +- dss->debug = flags & LIBXL_SUSPEND_DEBUG; ++ dss->live = props->flags & LIBXL_SUSPEND_LIVE; ++ dss->debug = props->flags & LIBXL_SUSPEND_DEBUG; + dss->checkpointed_stream = LIBXL_CHECKPOINTED_STREAM_NONE; + + rc = libxl__fd_flags_modify_save(gc, dss->fd, +@@ -539,6 +540,21 @@ int libxl_domain_suspend(libxl_ctx *ctx, + return AO_CREATE_FAIL(rc); + } + ++int libxl_domain_suspend_suse(libxl_ctx *ctx, uint32_t domid, int fd, ++ const libxl_domain_suspend_suse_properties *props, ++ const libxl_asyncop_how *ao_how) ++{ ++ return do_libxl_domain_suspend(ctx, domid, fd, props, ao_how); ++} ++ ++int libxl_domain_suspend(libxl_ctx *ctx, uint32_t domid, int fd, int flags, ++ const libxl_asyncop_how *ao_how) ++{ ++ libxl_domain_suspend_suse_properties props = { .flags = flags }; ++ ++ return do_libxl_domain_suspend(ctx, domid, fd, &props, ao_how); ++} ++ + static void domain_suspend_empty_cb(libxl__egc *egc, + libxl__domain_suspend_state *dss, int rc) + { +--- a/tools/xl/xl_migrate.c ++++ b/tools/xl/xl_migrate.c +@@ -186,7 +186,10 @@ static void migrate_domain(uint32_t domi + char *away_domname; + char rc_buf; + uint8_t *config_data; +- int config_len, flags = LIBXL_SUSPEND_LIVE; ++ int config_len; ++ libxl_domain_suspend_suse_properties props = { ++ .flags = LIBXL_SUSPEND_LIVE, ++ }; + + save_domain_core_begin(domid, preserve_domid, override_config_file, + &config_data, &config_len); +@@ -205,8 +208,8 @@ static void migrate_domain(uint32_t domi + xtl_stdiostream_adjust_flags(logger, XTL_STDIOSTREAM_HIDE_PROGRESS, 0); + + if (debug) +- flags |= LIBXL_SUSPEND_DEBUG; +- rc = libxl_domain_suspend(ctx, domid, send_fd, flags, NULL); ++ props.flags |= LIBXL_SUSPEND_DEBUG; ++ rc = libxl_domain_suspend_suse(ctx, domid, send_fd, &props, NULL); + if (rc) { + fprintf(stderr, "migration sender: libxl_domain_suspend failed" + " (rc=%d)\n", rc); +--- a/tools/xl/xl_saverestore.c ++++ b/tools/xl/xl_saverestore.c +@@ -130,6 +130,7 @@ static int save_domain(uint32_t domid, i + int fd; + uint8_t *config_data; + int config_len; ++ libxl_domain_suspend_suse_properties props = {}; + + save_domain_core_begin(domid, preserve_domid, override_config_file, + &config_data, &config_len); +@@ -146,7 +147,7 @@ static int save_domain(uint32_t domid, i + + save_domain_core_writeconfig(fd, filename, config_data, config_len); + +- int rc = libxl_domain_suspend(ctx, domid, fd, 0, NULL); ++ int rc = libxl_domain_suspend_suse(ctx, domid, fd, &props, NULL); + close(fd); + + if (rc < 0) { diff --git a/libxc-sr-abort_if_busy.patch b/libxc-sr-abort_if_busy.patch new file mode 100644 index 0000000..4867eab --- /dev/null +++ b/libxc-sr-abort_if_busy.patch @@ -0,0 +1,238 @@ +From: Olaf Hering +Date: Thu, 7 Jan 2021 20:25:28 +0100 +Subject: libxc sr abort_if_busy + +tools: add --abort_if_busy to libxl_domain_suspend + +Provide a knob to the host admin to abort the live migration of a +running domU if the downtime during final transit will be too long +for the workload within domU. + +Adjust error reporting. Add ERROR_MIGRATION_ABORTED to allow callers of +libxl_domain_suspend to distinguish between errors and the requested +constraint. + +Adjust precopy_policy to simplify reporting of remaining dirty pages. +The loop in send_memory_live populates ->dirty_count in a different +place than ->iteration. Let it proceeed one more time to provide the +desired information before leaving the loop. + +This patch adjusts xl(1) and the libxl API. +External users check LIBXL_HAVE_DOMAIN_SUSPEND_PROPS for the availibility +of the new .abort_if_busy property. + +Signed-off-by: Olaf Hering +--- + docs/man/xl.1.pod.in | 8 +++++++ + tools/include/libxl.h | 1 + + tools/libs/light/libxl_dom_save.c | 7 ++++++- + tools/libs/light/libxl_domain.c | 1 + + tools/libs/light/libxl_internal.h | 2 ++ + tools/libs/light/libxl_stream_write.c | 9 +++++++- + tools/libs/light/libxl_types.idl | 1 + + tools/xl/xl_cmdtable.c | 6 +++++- + tools/xl/xl_migrate.c | 30 ++++++++++++++++++++------- + 9 files changed, 55 insertions(+), 10 deletions(-) + +--- a/docs/man/xl.1.pod.in ++++ b/docs/man/xl.1.pod.in +@@ -513,6 +513,14 @@ low, the guest is suspended and the domU + This allows the host admin to control for how long the domU will likely + be suspended during transit. + ++=item B<--abort_if_busy> ++ ++Abort migration instead of doing final suspend/move/resume if the ++guest produced more than I dirty pages during th number ++of I iterations. ++This avoids long periods of time where the guest is suspended, which ++may confuse the workload within domU. ++ + =back + + =item B [I] I I +--- a/tools/include/libxl.h ++++ b/tools/include/libxl.h +@@ -1824,6 +1824,7 @@ typedef struct { + } libxl_domain_suspend_suse_properties; + #define LIBXL_SUSPEND_DEBUG 1 + #define LIBXL_SUSPEND_LIVE 2 ++#define LIBXL_SUSPEND_ABORT_IF_BUSY 4 + + #define LIBXL_HAVE_DOMAIN_SUSPEND_SUSE + int libxl_domain_suspend_suse(libxl_ctx *ctx, uint32_t domid, int fd, +--- a/tools/libs/light/libxl_dom_save.c ++++ b/tools/libs/light/libxl_dom_save.c +@@ -383,11 +383,16 @@ static int libxl__domain_save_precopy_po + stats.iteration, stats.dirty_count, stats.total_written); + if (stats.dirty_count >= 0 && stats.dirty_count < dss->min_remaining) + goto stop_copy; +- if (stats.iteration >= dss->max_iters) ++ if (stats.dirty_count >= 0 && stats.iteration >= dss->max_iters) + goto stop_copy; + return XGS_POLICY_CONTINUE_PRECOPY; + + stop_copy: ++ if (dss->abort_if_busy) ++ { ++ dss->remaining_dirty_pages = stats.dirty_count; ++ return XGS_POLICY_ABORT; ++ } + return XGS_POLICY_STOP_AND_COPY; + } + +--- a/tools/libs/light/libxl_domain.c ++++ b/tools/libs/light/libxl_domain.c +@@ -526,6 +526,7 @@ static int do_libxl_domain_suspend(libxl + dss->type = type; + dss->max_iters = props->max_iters ?: LIBXL_XGS_POLICY_MAX_ITERATIONS; + dss->min_remaining = props->min_remaining ?: LIBXL_XGS_POLICY_TARGET_DIRTY_COUNT; ++ dss->abort_if_busy = props->flags & LIBXL_SUSPEND_ABORT_IF_BUSY; + dss->live = props->flags & LIBXL_SUSPEND_LIVE; + dss->debug = props->flags & LIBXL_SUSPEND_DEBUG; + dss->checkpointed_stream = LIBXL_CHECKPOINTED_STREAM_NONE; +--- a/tools/libs/light/libxl_internal.h ++++ b/tools/libs/light/libxl_internal.h +@@ -3655,9 +3655,11 @@ struct libxl__domain_save_state { + libxl_domain_type type; + int live; + int debug; ++ int abort_if_busy; + int checkpointed_stream; + uint32_t max_iters; + uint32_t min_remaining; ++ long remaining_dirty_pages; + const libxl_domain_remus_info *remus; + /* private */ + int rc; +--- a/tools/libs/light/libxl_stream_write.c ++++ b/tools/libs/light/libxl_stream_write.c +@@ -344,11 +344,18 @@ void libxl__xc_domain_save_done(libxl__e + goto err; + + if (retval) { ++ if (dss->remaining_dirty_pages) { ++ LOGD(NOTICE, dss->domid, "saving domain: aborted," ++ " %ld remaining dirty pages.", dss->remaining_dirty_pages); ++ } else { + LOGEVD(ERROR, errnoval, dss->domid, "saving domain: %s", + dss->dsps.guest_responded ? + "domain responded to suspend request" : + "domain did not respond to suspend request"); +- if (!dss->dsps.guest_responded) ++ } ++ if (dss->remaining_dirty_pages) ++ rc = ERROR_MIGRATION_ABORTED; ++ else if(!dss->dsps.guest_responded) + rc = ERROR_GUEST_TIMEDOUT; + else if (dss->rc) + rc = dss->rc; +--- a/tools/libs/light/libxl_types.idl ++++ b/tools/libs/light/libxl_types.idl +@@ -76,6 +76,7 @@ libxl_error = Enumeration("error", [ + (-30, "QMP_DEVICE_NOT_ACTIVE"), # a device has failed to be become active + (-31, "QMP_DEVICE_NOT_FOUND"), # the requested device has not been found + (-32, "QEMU_API"), # QEMU's replies don't contains expected members ++ (-33, "MIGRATION_ABORTED"), + ], value_namespace = "") + + libxl_domain_type = Enumeration("domain_type", [ +--- a/tools/xl/xl_cmdtable.c ++++ b/tools/xl/xl_cmdtable.c +@@ -177,7 +177,11 @@ const struct cmd_spec cmd_table[] = { + "-p Do not unpause domain after migrating it.\n" + "-D Preserve the domain id\n" + "--max_iters N Number of copy iterations before final stop+move\n" +- "--min_remaining N Number of remaining dirty pages before final stop+move" ++ "--min_remaining N Number of remaining dirty pages before final stop+move\n" ++ "--abort_if_busy Abort migration instead of doing final stop+move,\n" ++ " if the number of dirty pages is higher than \n" ++ " after iterations. Otherwise the amount of memory\n" ++ " to be transfered would exceed maximum allowed domU downtime." + }, + { "restore", + &main_restore, 0, 1, +--- a/tools/xl/xl_migrate.c ++++ b/tools/xl/xl_migrate.c +@@ -177,7 +177,7 @@ static void migrate_do_preamble(int send + } + + static void migrate_domain(uint32_t domid, int preserve_domid, +- const char *rune, int debug, ++ const char *rune, int debug, int abort_if_busy, + uint32_t max_iters, + uint32_t min_remaining, + const char *override_config_file) +@@ -213,14 +213,20 @@ static void migrate_domain(uint32_t domi + + if (debug) + props.flags |= LIBXL_SUSPEND_DEBUG; ++ if (abort_if_busy) ++ props.flags |= LIBXL_SUSPEND_ABORT_IF_BUSY; + rc = libxl_domain_suspend_suse(ctx, domid, send_fd, &props, NULL); + if (rc) { + fprintf(stderr, "migration sender: libxl_domain_suspend failed" + " (rc=%d)\n", rc); +- if (rc == ERROR_GUEST_TIMEDOUT) +- goto failed_suspend; +- else +- goto failed_resume; ++ switch (rc) { ++ case ERROR_GUEST_TIMEDOUT: ++ goto failed_suspend; ++ case ERROR_MIGRATION_ABORTED: ++ goto failed_busy; ++ default: ++ goto failed_resume; ++ } + } + + //fprintf(stderr, "migration sender: Transfer complete.\n"); +@@ -302,6 +308,12 @@ static void migrate_domain(uint32_t domi + fprintf(stderr, "Migration failed, failed to suspend at sender.\n"); + exit(EXIT_FAILURE); + ++ failed_busy: ++ close(send_fd); ++ migration_child_report(recv_fd); ++ fprintf(stderr, "Migration aborted as requested, domain is too busy.\n"); ++ exit(EXIT_FAILURE); ++ + failed_resume: + close(send_fd); + migration_child_report(recv_fd); +@@ -545,13 +557,14 @@ int main_migrate(int argc, char **argv) + char *rune = NULL; + char *host; + int opt, daemonize = 1, monitor = 1, debug = 0, pause_after_migration = 0; +- int preserve_domid = 0; ++ int preserve_domid = 0, abort_if_busy = 0; + uint32_t max_iters = 0; + uint32_t min_remaining = 0; + static struct option opts[] = { + {"debug", 0, 0, 0x100}, + {"max_iters", 1, 0, 0x101}, + {"min_remaining", 1, 0, 0x102}, ++ {"abort_if_busy", 0, 0, 0x103}, + {"live", 0, 0, 0x200}, + COMMON_LONG_OPTS + }; +@@ -585,6 +598,9 @@ int main_migrate(int argc, char **argv) + case 0x102: /* --min_remaining */ + min_remaining = atoi(optarg); + break; ++ case 0x103: /* --abort_if_busy */ ++ abort_if_busy = 1; ++ break; + case 0x200: /* --live */ + /* ignored for compatibility with xm */ + break; +@@ -619,7 +635,7 @@ int main_migrate(int argc, char **argv) + pause_after_migration ? " -p" : ""); + } + +- migrate_domain(domid, preserve_domid, rune, debug, ++ migrate_domain(domid, preserve_domid, rune, debug, abort_if_busy, + max_iters, min_remaining, config_filename); + return EXIT_SUCCESS; + } diff --git a/libxc-sr-max_iters.patch b/libxc-sr-max_iters.patch new file mode 100644 index 0000000..bd6441f --- /dev/null +++ b/libxc-sr-max_iters.patch @@ -0,0 +1,148 @@ +From: Olaf Hering +Date: Sat, 9 Jan 2021 11:32:17 +0100 +Subject: libxc sr max_iters + +tools: add --max_iters to libxl_domain_suspend + +Migrating a large, and potentially busy, domU will take more +time than neccessary due to excessive number of copying iterations. + +Allow to host admin to control the number of iterations which +copy cumulated domU dirty pages to the target host. + +The default remains 5, which means one initial iteration to copy the +entire domU memory, and up to 4 additional iterations to copy dirty +memory from the still running domU. After the given number of iterations +the domU is suspended, remaining dirty memory is copied and the domU is +finally moved to the target host. + +This patch adjusts xl(1) and the libxl API. +External users check LIBXL_HAVE_DOMAIN_SUSPEND_PROPS for the availibility +of the new .max_iters property. + +Signed-off-by: Olaf Hering +--- + docs/man/xl.1.pod.in | 4 ++++ + tools/include/libxl.h | 1 + + tools/libs/light/libxl_dom_save.c | 2 +- + tools/libs/light/libxl_domain.c | 1 + + tools/libs/light/libxl_internal.h | 1 + + tools/xl/xl_cmdtable.c | 3 ++- + tools/xl/xl_migrate.c | 10 +++++++++- + 7 files changed, 19 insertions(+), 3 deletions(-) + +--- a/docs/man/xl.1.pod.in ++++ b/docs/man/xl.1.pod.in +@@ -501,6 +501,10 @@ such that it will be identical on the de + configuration is overridden using the B<-C> option. Note that it is not + possible to use this option for a 'localhost' migration. + ++=item B<--max_iters> I ++ ++Number of copy iterations before final suspend+move (default: 5) ++ + =back + + =item B [I] I I +--- a/tools/include/libxl.h ++++ b/tools/include/libxl.h +@@ -1819,6 +1819,7 @@ static inline int libxl_retrieve_domain_ + + typedef struct { + uint32_t flags; /* LIBXL_SUSPEND_* */ ++ uint32_t max_iters; + } libxl_domain_suspend_suse_properties; + #define LIBXL_SUSPEND_DEBUG 1 + #define LIBXL_SUSPEND_LIVE 2 +--- a/tools/libs/light/libxl_dom_save.c ++++ b/tools/libs/light/libxl_dom_save.c +@@ -383,7 +383,7 @@ static int libxl__domain_save_precopy_po + stats.iteration, stats.dirty_count, stats.total_written); + if (stats.dirty_count >= 0 && stats.dirty_count < LIBXL_XGS_POLICY_TARGET_DIRTY_COUNT) + goto stop_copy; +- if (stats.iteration >= LIBXL_XGS_POLICY_MAX_ITERATIONS) ++ if (stats.iteration >= dss->max_iters) + goto stop_copy; + return XGS_POLICY_CONTINUE_PRECOPY; + +--- a/tools/libs/light/libxl_domain.c ++++ b/tools/libs/light/libxl_domain.c +@@ -524,6 +524,7 @@ static int do_libxl_domain_suspend(libxl + dss->domid = domid; + dss->fd = fd; + dss->type = type; ++ dss->max_iters = props->max_iters ?: LIBXL_XGS_POLICY_MAX_ITERATIONS; + dss->live = props->flags & LIBXL_SUSPEND_LIVE; + dss->debug = props->flags & LIBXL_SUSPEND_DEBUG; + dss->checkpointed_stream = LIBXL_CHECKPOINTED_STREAM_NONE; +--- a/tools/libs/light/libxl_internal.h ++++ b/tools/libs/light/libxl_internal.h +@@ -3656,6 +3656,7 @@ struct libxl__domain_save_state { + int live; + int debug; + int checkpointed_stream; ++ uint32_t max_iters; + const libxl_domain_remus_info *remus; + /* private */ + int rc; +--- a/tools/xl/xl_cmdtable.c ++++ b/tools/xl/xl_cmdtable.c +@@ -175,7 +175,8 @@ const struct cmd_spec cmd_table[] = { + " of the domain.\n" + "--debug Enable verification mode.\n" + "-p Do not unpause domain after migrating it.\n" +- "-D Preserve the domain id" ++ "-D Preserve the domain id\n" ++ "--max_iters N Number of copy iterations before final stop+move" + }, + { "restore", + &main_restore, 0, 1, +--- a/tools/xl/xl_migrate.c ++++ b/tools/xl/xl_migrate.c +@@ -178,6 +178,7 @@ static void migrate_do_preamble(int send + + static void migrate_domain(uint32_t domid, int preserve_domid, + const char *rune, int debug, ++ uint32_t max_iters, + const char *override_config_file) + { + pid_t child = -1; +@@ -189,6 +190,7 @@ static void migrate_domain(uint32_t domi + int config_len; + libxl_domain_suspend_suse_properties props = { + .flags = LIBXL_SUSPEND_LIVE, ++ .max_iters = max_iters, + }; + + save_domain_core_begin(domid, preserve_domid, override_config_file, +@@ -542,8 +544,10 @@ int main_migrate(int argc, char **argv) + char *host; + int opt, daemonize = 1, monitor = 1, debug = 0, pause_after_migration = 0; + int preserve_domid = 0; ++ uint32_t max_iters = 0; + static struct option opts[] = { + {"debug", 0, 0, 0x100}, ++ {"max_iters", 1, 0, 0x101}, + {"live", 0, 0, 0x200}, + COMMON_LONG_OPTS + }; +@@ -571,6 +575,9 @@ int main_migrate(int argc, char **argv) + case 0x100: /* --debug */ + debug = 1; + break; ++ case 0x101: /* --max_iters */ ++ max_iters = atoi(optarg); ++ break; + case 0x200: /* --live */ + /* ignored for compatibility with xm */ + break; +@@ -605,7 +612,8 @@ int main_migrate(int argc, char **argv) + pause_after_migration ? " -p" : ""); + } + +- migrate_domain(domid, preserve_domid, rune, debug, config_filename); ++ migrate_domain(domid, preserve_domid, rune, debug, ++ max_iters, config_filename); + return EXIT_SUCCESS; + } + diff --git a/libxc-sr-min_remaining.patch b/libxc-sr-min_remaining.patch new file mode 100644 index 0000000..3eddda3 --- /dev/null +++ b/libxc-sr-min_remaining.patch @@ -0,0 +1,173 @@ +From: Olaf Hering +Date: Thu, 7 Jan 2021 19:39:28 +0100 +Subject: libxc sr min_remaining + +tools: add --min_remaining to libxl_domain_suspend + +The decision to stop+move a domU to the new host must be based on two factors: +- the available network bandwidth for the migration stream +- the maximum time a workload within a domU can be savely suspended + +Both values define how many dirty pages a workload may produce prior the +final stop+move. + +The default value of 50 pages is much too low with todays network bandwidths. +On an idle 1GiB link these 200K will be transferred within ~2ms. + +Give the admin a knob to adjust the point when the final stop+move will +be done, so he can base this decision on his own needs. + +This patch adjusts xl(1) and the libxl API. +External users check LIBXL_HAVE_DOMAIN_SUSPEND_PROPS for the availibility +of the new .min_remaining property. + +Signed-off-by: Olaf Hering +--- + docs/man/xl.1.pod.in | 8 ++++++++ + tools/include/libxl.h | 1 + + tools/libs/light/libxl_dom_save.c | 2 +- + tools/libs/light/libxl_domain.c | 1 + + tools/libs/light/libxl_internal.h | 1 + + tools/xl/xl_cmdtable.c | 23 ++++++++++++----------- + tools/xl/xl_migrate.c | 9 ++++++++- + 7 files changed, 32 insertions(+), 13 deletions(-) + +--- a/docs/man/xl.1.pod.in ++++ b/docs/man/xl.1.pod.in +@@ -505,6 +505,14 @@ possible to use this option for a 'local + + Number of copy iterations before final suspend+move (default: 5) + ++=item B<--min_remaing> I ++ ++Number of remaining dirty pages. If the number of dirty pages drops that ++low, the guest is suspended and the domU will finally be moved to I. ++ ++This allows the host admin to control for how long the domU will likely ++be suspended during transit. ++ + =back + + =item B [I] I I +--- a/tools/include/libxl.h ++++ b/tools/include/libxl.h +@@ -1820,6 +1820,7 @@ static inline int libxl_retrieve_domain_ + typedef struct { + uint32_t flags; /* LIBXL_SUSPEND_* */ + uint32_t max_iters; ++ uint32_t min_remaining; + } libxl_domain_suspend_suse_properties; + #define LIBXL_SUSPEND_DEBUG 1 + #define LIBXL_SUSPEND_LIVE 2 +--- a/tools/libs/light/libxl_dom_save.c ++++ b/tools/libs/light/libxl_dom_save.c +@@ -381,7 +381,7 @@ static int libxl__domain_save_precopy_po + + LOGD(DEBUG, shs->domid, "iteration %u dirty_count %ld total_written %lu", + stats.iteration, stats.dirty_count, stats.total_written); +- if (stats.dirty_count >= 0 && stats.dirty_count < LIBXL_XGS_POLICY_TARGET_DIRTY_COUNT) ++ if (stats.dirty_count >= 0 && stats.dirty_count < dss->min_remaining) + goto stop_copy; + if (stats.iteration >= dss->max_iters) + goto stop_copy; +--- a/tools/libs/light/libxl_domain.c ++++ b/tools/libs/light/libxl_domain.c +@@ -525,6 +525,7 @@ static int do_libxl_domain_suspend(libxl + dss->fd = fd; + dss->type = type; + dss->max_iters = props->max_iters ?: LIBXL_XGS_POLICY_MAX_ITERATIONS; ++ dss->min_remaining = props->min_remaining ?: LIBXL_XGS_POLICY_TARGET_DIRTY_COUNT; + dss->live = props->flags & LIBXL_SUSPEND_LIVE; + dss->debug = props->flags & LIBXL_SUSPEND_DEBUG; + dss->checkpointed_stream = LIBXL_CHECKPOINTED_STREAM_NONE; +--- a/tools/libs/light/libxl_internal.h ++++ b/tools/libs/light/libxl_internal.h +@@ -3657,6 +3657,7 @@ struct libxl__domain_save_state { + int debug; + int checkpointed_stream; + uint32_t max_iters; ++ uint32_t min_remaining; + const libxl_domain_remus_info *remus; + /* private */ + int rc; +--- a/tools/xl/xl_cmdtable.c ++++ b/tools/xl/xl_cmdtable.c +@@ -166,17 +166,18 @@ const struct cmd_spec cmd_table[] = { + &main_migrate, 0, 1, + "Migrate a domain to another host", + "[options] ", +- "-h Print this help.\n" +- "-C Send instead of config file from creation.\n" +- "-s Use instead of ssh. String will be passed\n" +- " to sh. If empty, run instead of ssh xl\n" +- " migrate-receive [-d -e]\n" +- "-e Do not wait in the background (on ) for the death\n" +- " of the domain.\n" +- "--debug Enable verification mode.\n" +- "-p Do not unpause domain after migrating it.\n" +- "-D Preserve the domain id\n" +- "--max_iters N Number of copy iterations before final stop+move" ++ "-h Print this help.\n" ++ "-C Send instead of config file from creation.\n" ++ "-s Use instead of ssh. String will be passed\n" ++ " to sh. If empty, run instead of ssh xl\n" ++ " migrate-receive [-d -e]\n" ++ "-e Do not wait in the background (on ) for the death\n" ++ " of the domain.\n" ++ "--debug Enable verification mode.\n" ++ "-p Do not unpause domain after migrating it.\n" ++ "-D Preserve the domain id\n" ++ "--max_iters N Number of copy iterations before final stop+move\n" ++ "--min_remaining N Number of remaining dirty pages before final stop+move" + }, + { "restore", + &main_restore, 0, 1, +--- a/tools/xl/xl_migrate.c ++++ b/tools/xl/xl_migrate.c +@@ -179,6 +179,7 @@ static void migrate_do_preamble(int send + static void migrate_domain(uint32_t domid, int preserve_domid, + const char *rune, int debug, + uint32_t max_iters, ++ uint32_t min_remaining, + const char *override_config_file) + { + pid_t child = -1; +@@ -191,6 +192,7 @@ static void migrate_domain(uint32_t domi + libxl_domain_suspend_suse_properties props = { + .flags = LIBXL_SUSPEND_LIVE, + .max_iters = max_iters, ++ .min_remaining = min_remaining, + }; + + save_domain_core_begin(domid, preserve_domid, override_config_file, +@@ -545,9 +547,11 @@ int main_migrate(int argc, char **argv) + int opt, daemonize = 1, monitor = 1, debug = 0, pause_after_migration = 0; + int preserve_domid = 0; + uint32_t max_iters = 0; ++ uint32_t min_remaining = 0; + static struct option opts[] = { + {"debug", 0, 0, 0x100}, + {"max_iters", 1, 0, 0x101}, ++ {"min_remaining", 1, 0, 0x102}, + {"live", 0, 0, 0x200}, + COMMON_LONG_OPTS + }; +@@ -578,6 +582,9 @@ int main_migrate(int argc, char **argv) + case 0x101: /* --max_iters */ + max_iters = atoi(optarg); + break; ++ case 0x102: /* --min_remaining */ ++ min_remaining = atoi(optarg); ++ break; + case 0x200: /* --live */ + /* ignored for compatibility with xm */ + break; +@@ -613,7 +620,7 @@ int main_migrate(int argc, char **argv) + } + + migrate_domain(domid, preserve_domid, rune, debug, +- max_iters, config_filename); ++ max_iters, min_remaining, config_filename); + return EXIT_SUCCESS; + } + diff --git a/libxc-sr-number-of-iterations.patch b/libxc-sr-number-of-iterations.patch new file mode 100644 index 0000000..b1be9db --- /dev/null +++ b/libxc-sr-number-of-iterations.patch @@ -0,0 +1,24 @@ +From: Olaf Hering +Date: Mon, 4 Jan 2021 20:58:42 +0200 +Subject: libxc sr number of iterations + +Reduce default value of --max_iters from 5 to 1. +The workload within domU will continue to produce dirty pages. +It is unreasonable to expect any slowdown during migration. +Now there is one initial copy of all memory, one instead of five +iterations for dirty memory, and a final copy iteration prior move. +--- + tools/libs/light/libxl_internal.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/tools/libs/light/libxl_internal.h ++++ b/tools/libs/light/libxl_internal.h +@@ -124,7 +124,7 @@ + #define DOMID_XS_PATH "domid" + #define PVSHIM_BASENAME "xen-shim" + #define PVSHIM_CMDLINE "pv-shim console=xen,pv" +-#define LIBXL_XGS_POLICY_MAX_ITERATIONS 5 ++#define LIBXL_XGS_POLICY_MAX_ITERATIONS 1 + #define LIBXL_XGS_POLICY_TARGET_DIRTY_COUNT 50 + + /* Size macros. */ diff --git a/libxc-sr-precopy_policy.patch b/libxc-sr-precopy_policy.patch new file mode 100644 index 0000000..13bd116 --- /dev/null +++ b/libxc-sr-precopy_policy.patch @@ -0,0 +1,90 @@ +From: Olaf Hering +Date: Fri, 8 Jan 2021 18:19:49 +0100 +Subject: libxc sr precopy_policy + +tools: add callback to libxl for precopy_policy and precopy_stats + +This duplicates simple_precopy_policy. To recap its purpose: +- do up to 5 iterations of copying dirty domU memory to target, + including the initial copying of all domU memory, excluding + the final copying while the domU is suspended +- do fewer iterations in case the domU dirtied less than 50 pages + +Take the opportunity to also move xen_pfn_t into qw(). + +Signed-off-by: Olaf Hering + +v02: +- use plain struct precopy_stats instead of inventing + a new precopy_stats_t (anthony) +--- + tools/libs/light/libxl_dom_save.c | 19 +++++++++++++++++++ + tools/libs/light/libxl_internal.h | 2 ++ + tools/libs/light/libxl_save_msgs_gen.pl | 3 ++- + 3 files changed, 23 insertions(+), 1 deletion(-) + +--- a/tools/libs/light/libxl_dom_save.c ++++ b/tools/libs/light/libxl_dom_save.c +@@ -373,6 +373,24 @@ int libxl__save_emulator_xenstore_data(l + return rc; + } + ++static int libxl__domain_save_precopy_policy(struct precopy_stats stats, void *user) ++{ ++ libxl__save_helper_state *shs = user; ++ libxl__domain_save_state *dss = shs->caller_state; ++ STATE_AO_GC(dss->ao); ++ ++ LOGD(DEBUG, shs->domid, "iteration %u dirty_count %ld total_written %lu", ++ stats.iteration, stats.dirty_count, stats.total_written); ++ if (stats.dirty_count >= 0 && stats.dirty_count < LIBXL_XGS_POLICY_TARGET_DIRTY_COUNT) ++ goto stop_copy; ++ if (stats.iteration >= LIBXL_XGS_POLICY_MAX_ITERATIONS) ++ goto stop_copy; ++ return XGS_POLICY_CONTINUE_PRECOPY; ++ ++stop_copy: ++ return XGS_POLICY_STOP_AND_COPY; ++} ++ + /*----- main code for saving, in order of execution -----*/ + + void libxl__domain_save(libxl__egc *egc, libxl__domain_save_state *dss) +@@ -430,6 +448,7 @@ void libxl__domain_save(libxl__egc *egc, + callbacks->suspend = libxl__domain_suspend_callback; + + callbacks->switch_qemu_logdirty = libxl__domain_suspend_common_switch_qemu_logdirty; ++ callbacks->precopy_policy = libxl__domain_save_precopy_policy; + + dss->sws.ao = dss->ao; + dss->sws.dss = dss; +--- a/tools/libs/light/libxl_internal.h ++++ b/tools/libs/light/libxl_internal.h +@@ -124,6 +124,8 @@ + #define DOMID_XS_PATH "domid" + #define PVSHIM_BASENAME "xen-shim" + #define PVSHIM_CMDLINE "pv-shim console=xen,pv" ++#define LIBXL_XGS_POLICY_MAX_ITERATIONS 5 ++#define LIBXL_XGS_POLICY_TARGET_DIRTY_COUNT 50 + + /* Size macros. */ + #define MB(_mb) (_AC(_mb, ULL) << 20) +--- a/tools/libs/light/libxl_save_msgs_gen.pl ++++ b/tools/libs/light/libxl_save_msgs_gen.pl +@@ -23,6 +23,7 @@ our @msgs = ( + STRING doing_what), + 'unsigned long', 'done', + 'unsigned long', 'total'] ], ++ [ 'scxW', "precopy_policy", ['struct precopy_stats', 'stats'] ], + [ 'srcxA', "suspend", [] ], + [ 'srcxA', "postcopy", [] ], + [ 'srcxA', "checkpoint", [] ], +@@ -142,7 +143,7 @@ static void bytes_put(unsigned char *con + + END + +-foreach my $simpletype (qw(int uint16_t uint32_t unsigned), 'unsigned long', 'xen_pfn_t') { ++foreach my $simpletype (qw(int uint16_t uint32_t unsigned xen_pfn_t), 'struct precopy_stats', 'unsigned long') { + my $typeid = typeid($simpletype); + $out_body{'callout'} .= < +Date: Wed, 28 Oct 2020 12:07:36 +0100 +Subject: libxc sr readv_exact + +tools: add readv_exact to libxenctrl + +Read a batch of iovec's. + +Short reads are the common case, finish the trailing iov with read_exact. + +Signed-off-by: Olaf Hering + +v2: +- add comment to short-read handling +--- + tools/libs/ctrl/xc_private.c | 57 +++++++++++++++++++++++++++++++++++- + tools/libs/ctrl/xc_private.h | 1 + + 2 files changed, 57 insertions(+), 1 deletion(-) + +--- a/tools/libs/ctrl/xc_private.c ++++ b/tools/libs/ctrl/xc_private.c +@@ -699,8 +699,23 @@ int write_exact(int fd, const void *data + + #if defined(__MINIOS__) + /* +- * MiniOS's libc doesn't know about writev(). Implement it as multiple write()s. ++ * MiniOS's libc doesn't know about readv/writev(). ++ * Implement it as multiple read/write()s. + */ ++int readv_exact(int fd, const struct iovec *iov, int iovcnt) ++{ ++ int rc, i; ++ ++ for ( i = 0; i < iovcnt; ++i ) ++ { ++ rc = read_exact(fd, iov[i].iov_base, iov[i].iov_len); ++ if ( rc ) ++ return rc; ++ } ++ ++ return 0; ++} ++ + int writev_exact(int fd, const struct iovec *iov, int iovcnt) + { + int rc, i; +@@ -715,6 +730,46 @@ int writev_exact(int fd, const struct io + return 0; + } + #else ++int readv_exact(int fd, const struct iovec *iov, int iovcnt) ++{ ++ int rc = 0, idx = 0; ++ ssize_t len; ++ ++ while ( idx < iovcnt ) ++ { ++ len = readv(fd, &iov[idx], min(iovcnt - idx, IOV_MAX)); ++ if ( len == -1 && errno == EINTR ) ++ continue; ++ if ( len <= 0 ) ++ { ++ rc = -1; ++ goto out; ++ } ++ ++ /* Finish a potential short read in the last iov */ ++ while ( len > 0 && idx < iovcnt ) ++ { ++ if ( len >= iov[idx].iov_len ) ++ { ++ len -= iov[idx].iov_len; ++ } ++ else ++ { ++ void *p = iov[idx].iov_base + len; ++ size_t l = iov[idx].iov_len - len; ++ ++ rc = read_exact(fd, p, l); ++ if ( rc ) ++ goto out; ++ len = 0; ++ } ++ idx++; ++ } ++ } ++out: ++ return rc; ++} ++ + int writev_exact(int fd, const struct iovec *iov, int iovcnt) + { + struct iovec *local_iov = NULL; +--- a/tools/libs/ctrl/xc_private.h ++++ b/tools/libs/ctrl/xc_private.h +@@ -395,6 +395,7 @@ int xc_flush_mmu_updates(xc_interface *x + + /* Return 0 on success; -1 on error setting errno. */ + int read_exact(int fd, void *data, size_t size); /* EOF => -1, errno=0 */ ++int readv_exact(int fd, const struct iovec *iov, int iovcnt); + int write_exact(int fd, const void *data, size_t size); + int writev_exact(int fd, const struct iovec *iov, int iovcnt); + diff --git a/libxc-sr-restore-handle_buffered_page_data.patch b/libxc-sr-restore-handle_buffered_page_data.patch new file mode 100644 index 0000000..c695f73 --- /dev/null +++ b/libxc-sr-restore-handle_buffered_page_data.patch @@ -0,0 +1,435 @@ +From: Olaf Hering +Date: Tue, 27 Oct 2020 19:21:50 +0100 +Subject: libxc sr restore handle_buffered_page_data + +tools: restore: split handle_page_data + +handle_page_data must be able to read directly into mapped guest memory. +This will avoid unneccesary memcpy calls for data that can be consumed verbatim. + +Split the various steps of record processing: +- move processing to handle_buffered_page_data +- adjust xenforeignmemory_map to set errno in case of failure +- adjust verify mode to set errno in case of failure + +This change is preparation for future changes in handle_page_data, +no change in behavior is intended. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 4 + + tools/libs/guest/xg_sr_restore.c | 320 ++++++++++++++++++++----------- + 2 files changed, 207 insertions(+), 117 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -262,6 +262,10 @@ struct xc_sr_context + int *map_errs; + xen_pfn_t *pp_pfns; + xen_pfn_t *pp_mfns; ++ void **guest_data; ++ ++ void *guest_mapping; ++ uint32_t nr_mapped_pages; + + int send_back_fd; + unsigned long p2m_size; +--- a/tools/libs/guest/xg_sr_restore.c ++++ b/tools/libs/guest/xg_sr_restore.c +@@ -183,121 +183,18 @@ int populate_pfns(struct xc_sr_context * + return rc; + } + +-/* +- * Given a list of pfns, their types, and a block of page data from the +- * stream, populate and record their types, map the relevant subset and copy +- * the data into the guest. +- */ +-static int process_page_data(struct xc_sr_context *ctx, unsigned int count, +- xen_pfn_t *pfns, uint32_t *types, void *page_data) ++static int handle_static_data_end_v2(struct xc_sr_context *ctx) + { +- xc_interface *xch = ctx->xch; +- int rc; +- void *mapping = NULL, *guest_page = NULL; +- unsigned int i, /* i indexes the pfns from the record. */ +- j, /* j indexes the subset of pfns we decide to map. */ +- nr_pages = 0; +- +- rc = populate_pfns(ctx, count, pfns, types); +- if ( rc ) +- { +- ERROR("Failed to populate pfns for batch of %u pages", count); +- goto err; +- } +- +- for ( i = 0; i < count; ++i ) +- { +- ctx->restore.ops.set_page_type(ctx, pfns[i], types[i]); +- +- if ( page_type_has_stream_data(types[i]) ) +- ctx->restore.mfns[nr_pages++] = ctx->restore.ops.pfn_to_gfn(ctx, pfns[i]); +- } +- +- /* Nothing to do? */ +- if ( nr_pages == 0 ) +- goto done; +- +- mapping = guest_page = xenforeignmemory_map( +- xch->fmem, ctx->domid, PROT_READ | PROT_WRITE, +- nr_pages, ctx->restore.mfns, ctx->restore.map_errs); +- if ( !mapping ) +- { +- rc = -1; +- PERROR("Unable to map %u mfns for %u pages of data", +- nr_pages, count); +- goto err; +- } +- +- for ( i = 0, j = 0; i < count; ++i ) +- { +- if ( !page_type_has_stream_data(types[i]) ) +- continue; +- +- if ( ctx->restore.map_errs[j] ) +- { +- rc = -1; +- ERROR("Mapping pfn %#"PRIpfn" (mfn %#"PRIpfn", type %#"PRIx32") failed with %d", +- pfns[i], ctx->restore.mfns[j], types[i], ctx->restore.map_errs[j]); +- goto err; +- } +- +- /* Undo page normalisation done by the saver. */ +- rc = ctx->restore.ops.localise_page(ctx, types[i], page_data); +- if ( rc ) +- { +- ERROR("Failed to localise pfn %#"PRIpfn" (type %#"PRIx32")", +- pfns[i], types[i] >> XEN_DOMCTL_PFINFO_LTAB_SHIFT); +- goto err; +- } +- +- if ( ctx->restore.verify ) +- { +- /* Verify mode - compare incoming data to what we already have. */ +- if ( memcmp(guest_page, page_data, PAGE_SIZE) ) +- ERROR("verify pfn %#"PRIpfn" failed (type %#"PRIx32")", +- pfns[i], types[i] >> XEN_DOMCTL_PFINFO_LTAB_SHIFT); +- } +- else +- { +- /* Regular mode - copy incoming data into place. */ +- memcpy(guest_page, page_data, PAGE_SIZE); +- } +- +- ++j; +- guest_page += PAGE_SIZE; +- page_data += PAGE_SIZE; +- } +- +- done: +- rc = 0; +- +- err: +- if ( mapping ) +- xenforeignmemory_unmap(xch->fmem, mapping, nr_pages); +- +- return rc; +-} ++ int rc = 0; + +-/* +- * Validate a PAGE_DATA record from the stream, and pass the results to +- * process_page_data() to actually perform the legwork. +- */ +-static int handle_page_data(struct xc_sr_context *ctx, struct xc_sr_record *rec) +-{ ++#if defined(__i386__) || defined(__x86_64__) + xc_interface *xch = ctx->xch; +- struct xc_sr_rec_page_data_header *pages = rec->data; +- unsigned int i, pages_of_data = 0; +- int rc = -1; +- +- xen_pfn_t pfn; +- uint32_t type; +- + /* + * v2 compatibility only exists for x86 streams. This is a bit of a + * bodge, but it is less bad than duplicating handle_page_data() between + * different architectures. + */ +-#if defined(__i386__) || defined(__x86_64__) ++ + /* v2 compat. Infer the position of STATIC_DATA_END. */ + if ( ctx->restore.format_version < 3 && !ctx->restore.seen_static_data_end ) + { +@@ -315,12 +212,26 @@ static int handle_page_data(struct xc_sr + ERROR("No STATIC_DATA_END seen"); + goto err; + } ++ ++ rc = 0; ++err: + #endif + +- if ( rec->length < sizeof(*pages) ) ++ return rc; ++} ++ ++static bool verify_rec_page_hdr(struct xc_sr_context *ctx, uint32_t rec_length, ++ struct xc_sr_rec_page_data_header *pages) ++{ ++ xc_interface *xch = ctx->xch; ++ bool ret = false; ++ ++ errno = EINVAL; ++ ++ if ( rec_length < sizeof(*pages) ) + { + ERROR("PAGE_DATA record truncated: length %u, min %zu", +- rec->length, sizeof(*pages)); ++ rec_length, sizeof(*pages)); + goto err; + } + +@@ -330,13 +241,28 @@ static int handle_page_data(struct xc_sr + goto err; + } + +- if ( rec->length < sizeof(*pages) + (pages->count * sizeof(uint64_t)) ) ++ if ( rec_length < sizeof(*pages) + (pages->count * sizeof(uint64_t)) ) + { + ERROR("PAGE_DATA record (length %u) too short to contain %u" +- " pfns worth of information", rec->length, pages->count); ++ " pfns worth of information", rec_length, pages->count); + goto err; + } + ++ ret = true; ++ ++err: ++ return ret; ++} ++ ++static bool verify_rec_page_pfns(struct xc_sr_context *ctx, uint32_t rec_length, ++ struct xc_sr_rec_page_data_header *pages) ++{ ++ xc_interface *xch = ctx->xch; ++ uint32_t i, pages_of_data = 0; ++ xen_pfn_t pfn; ++ uint32_t type; ++ bool ret = false; ++ + for ( i = 0; i < pages->count; ++i ) + { + pfn = pages->pfn[i] & PAGE_DATA_PFN_MASK; +@@ -363,19 +289,177 @@ static int handle_page_data(struct xc_sr + ctx->restore.types[i] = type; + } + +- if ( rec->length != (sizeof(*pages) + ++ if ( rec_length != (sizeof(*pages) + + (sizeof(uint64_t) * pages->count) + + (PAGE_SIZE * pages_of_data)) ) + { + ERROR("PAGE_DATA record wrong size: length %u, expected " +- "%zu + %zu + %lu", rec->length, sizeof(*pages), ++ "%zu + %zu + %lu", rec_length, sizeof(*pages), + (sizeof(uint64_t) * pages->count), (PAGE_SIZE * pages_of_data)); + goto err; + } + +- rc = process_page_data(ctx, pages->count, ctx->restore.pfns, +- ctx->restore.types, &pages->pfn[pages->count]); ++ ret = true; ++ ++err: ++ return ret; ++} ++ ++/* ++ * Populate pfns, if required ++ * Fill guest_data with either mapped address or NULL ++ * The caller must unmap guest_mapping ++ */ ++static int map_guest_pages(struct xc_sr_context *ctx, ++ struct xc_sr_rec_page_data_header *pages) ++{ ++ xc_interface *xch = ctx->xch; ++ uint32_t i, p; ++ int rc; ++ ++ rc = populate_pfns(ctx, pages->count, ctx->restore.pfns, ctx->restore.types); ++ if ( rc ) ++ { ++ ERROR("Failed to populate pfns for batch of %u pages", pages->count); ++ goto err; ++ } ++ ++ ctx->restore.nr_mapped_pages = 0; ++ ++ for ( i = 0; i < pages->count; i++ ) ++ { ++ ctx->restore.ops.set_page_type(ctx, ctx->restore.pfns[i], ctx->restore.types[i]); ++ ++ if ( page_type_has_stream_data(ctx->restore.types[i]) == false ) ++ { ++ ctx->restore.guest_data[i] = NULL; ++ continue; ++ } ++ ++ ctx->restore.mfns[ctx->restore.nr_mapped_pages++] = ctx->restore.ops.pfn_to_gfn(ctx, ctx->restore.pfns[i]); ++ } ++ ++ /* Nothing to do? */ ++ if ( ctx->restore.nr_mapped_pages == 0 ) ++ goto done; ++ ++ ctx->restore.guest_mapping = xenforeignmemory_map(xch->fmem, ctx->domid, ++ PROT_READ | PROT_WRITE, ctx->restore.nr_mapped_pages, ++ ctx->restore.mfns, ctx->restore.map_errs); ++ if ( !ctx->restore.guest_mapping ) ++ { ++ rc = -1; ++ PERROR("Unable to map %u mfns for %u pages of data", ++ ctx->restore.nr_mapped_pages, pages->count); ++ goto err; ++ } ++ ++ /* Verify mapping, and assign address to pfn data */ ++ for ( i = 0, p = 0; i < pages->count; i++ ) ++ { ++ if ( !page_type_has_stream_data(ctx->restore.types[i]) ) ++ continue; ++ ++ if ( ctx->restore.map_errs[p] == 0 ) ++ { ++ ctx->restore.guest_data[i] = ctx->restore.guest_mapping + (p * PAGE_SIZE); ++ p++; ++ continue; ++ } ++ ++ errno = ctx->restore.map_errs[p]; ++ rc = -1; ++ PERROR("Mapping pfn %#"PRIpfn" (mfn %#"PRIpfn", type %#"PRIx32") failed", ++ ctx->restore.pfns[i], ctx->restore.mfns[p], ctx->restore.types[i]); ++ goto err; ++ } ++ ++done: ++ rc = 0; ++ ++err: ++ return rc; ++} ++ ++/* ++ * Handle PAGE_DATA record from an existing buffer ++ * Given a list of pfns, their types, and a block of page data from the ++ * stream, populate and record their types, map the relevant subset and copy ++ * the data into the guest. ++ */ ++static int handle_buffered_page_data(struct xc_sr_context *ctx, ++ struct xc_sr_record *rec) ++{ ++ xc_interface *xch = ctx->xch; ++ struct xc_sr_rec_page_data_header *pages = rec->data; ++ void *p; ++ uint32_t i; ++ int rc = -1, idx; ++ ++ rc = handle_static_data_end_v2(ctx); ++ if ( rc ) ++ goto err; ++ ++ /* First read and verify the header */ ++ if ( !verify_rec_page_hdr(ctx, rec->length, pages) ) ++ { ++ rc = -1; ++ goto err; ++ } ++ ++ /* Then read and verify the pfn numbers */ ++ if ( !verify_rec_page_pfns(ctx, rec->length, pages) ) ++ { ++ rc = -1; ++ goto err; ++ } ++ ++ /* Map the target pfn */ ++ rc = map_guest_pages(ctx, pages); ++ if ( rc ) ++ goto err; ++ ++ for ( i = 0, idx = 0; i < pages->count; i++ ) ++ { ++ if ( !ctx->restore.guest_data[i] ) ++ continue; ++ ++ p = &pages->pfn[pages->count] + (idx * PAGE_SIZE); ++ rc = ctx->restore.ops.localise_page(ctx, ctx->restore.types[i], p); ++ if ( rc ) ++ { ++ ERROR("Failed to localise pfn %#"PRIpfn" (type %#"PRIx32")", ++ ctx->restore.pfns[i], ctx->restore.types[i] >> XEN_DOMCTL_PFINFO_LTAB_SHIFT); ++ goto err; ++ ++ } ++ ++ if ( ctx->restore.verify ) ++ { ++ if ( memcmp(ctx->restore.guest_data[i], p, PAGE_SIZE) ) ++ { ++ errno = EIO; ++ ERROR("verify pfn %#"PRIpfn" failed (type %#"PRIx32")", ++ ctx->restore.pfns[i], ctx->restore.types[i] >> XEN_DOMCTL_PFINFO_LTAB_SHIFT); ++ goto err; ++ } ++ } ++ else ++ { ++ memcpy(ctx->restore.guest_data[i], p, PAGE_SIZE); ++ } ++ ++ idx++; ++ } ++ ++ rc = 0; ++ + err: ++ if ( ctx->restore.guest_mapping ) ++ { ++ xenforeignmemory_unmap(xch->fmem, ctx->restore.guest_mapping, ctx->restore.nr_mapped_pages); ++ ctx->restore.guest_mapping = NULL; ++ } + return rc; + } + +@@ -623,7 +707,7 @@ static int process_buffered_record(struc + break; + + case REC_TYPE_PAGE_DATA: +- rc = handle_page_data(ctx, rec); ++ rc = handle_buffered_page_data(ctx, rec); + break; + + case REC_TYPE_VERIFY: +@@ -703,9 +787,10 @@ static int setup(struct xc_sr_context *c + ctx->restore.map_errs = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.map_errs)); + ctx->restore.pp_pfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pp_pfns)); + ctx->restore.pp_mfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pp_mfns)); ++ ctx->restore.guest_data = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.guest_data)); + if ( !ctx->restore.pfns || !ctx->restore.types || !ctx->restore.mfns || + !ctx->restore.map_errs || !ctx->restore.pp_pfns || +- !ctx->restore.pp_mfns ) ++ !ctx->restore.pp_mfns || !ctx->restore.guest_data ) + { + ERROR("Unable to allocate memory"); + rc = -1; +@@ -742,6 +827,7 @@ static void cleanup(struct xc_sr_context + + free(ctx->restore.buffered_records); + free(ctx->restore.populated_pfns); ++ free(ctx->restore.guest_data); + free(ctx->restore.pp_mfns); + free(ctx->restore.pp_pfns); + free(ctx->restore.map_errs); diff --git a/libxc-sr-restore-handle_incoming_page_data.patch b/libxc-sr-restore-handle_incoming_page_data.patch new file mode 100644 index 0000000..7f58b48 --- /dev/null +++ b/libxc-sr-restore-handle_incoming_page_data.patch @@ -0,0 +1,230 @@ +From: Olaf Hering +Date: Thu, 29 Oct 2020 16:13:10 +0100 +Subject: libxc sr restore handle_incoming_page_data + +tools: restore: write data directly into guest + +Read incoming migration stream directly into the guest memory. +This avoids the memory allocation and copying, and the resulting +performance penalty. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 3 + + tools/libs/guest/xg_sr_restore.c | 155 ++++++++++++++++++++++++++++++- + 2 files changed, 153 insertions(+), 5 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -263,6 +263,8 @@ struct xc_sr_context + xen_pfn_t *pp_pfns; + xen_pfn_t *pp_mfns; + void **guest_data; ++ struct iovec *iov; ++ struct xc_sr_rec_page_data_header *pages; + + void *guest_mapping; + uint32_t nr_mapped_pages; +@@ -311,6 +313,7 @@ struct xc_sr_context + + /* Sender has invoked verify mode on the stream. */ + bool verify; ++ void *verify_buf; + } restore; + }; + +--- a/tools/libs/guest/xg_sr_restore.c ++++ b/tools/libs/guest/xg_sr_restore.c +@@ -382,6 +382,129 @@ err: + } + + /* ++ * Handle PAGE_DATA record from the stream. ++ * Given a list of pfns, their types, and a block of page data from the ++ * stream, populate and record their types, map the relevant subset and copy ++ * the data into the guest. ++ */ ++static int handle_incoming_page_data(struct xc_sr_context *ctx, ++ struct xc_sr_rhdr *rhdr) ++{ ++ xc_interface *xch = ctx->xch; ++ struct xc_sr_rec_page_data_header *pages = ctx->restore.pages; ++ uint64_t *pfn_nums = &pages->pfn[0]; ++ uint32_t i; ++ int rc, iov_idx; ++ ++ rc = handle_static_data_end_v2(ctx); ++ if ( rc ) ++ goto err; ++ ++ /* First read and verify the header */ ++ rc = read_exact(ctx->fd, pages, sizeof(*pages)); ++ if ( rc ) ++ { ++ PERROR("Could not read rec_pfn header"); ++ goto err; ++ } ++ ++ if ( !verify_rec_page_hdr(ctx, rhdr->length, pages) ) ++ { ++ rc = -1; ++ goto err; ++ } ++ ++ /* Then read and verify the incoming pfn numbers */ ++ rc = read_exact(ctx->fd, pfn_nums, sizeof(*pfn_nums) * pages->count); ++ if ( rc ) ++ { ++ PERROR("Could not read rec_pfn data"); ++ goto err; ++ } ++ ++ if ( !verify_rec_page_pfns(ctx, rhdr->length, pages) ) ++ { ++ rc = -1; ++ goto err; ++ } ++ ++ /* Finally read and verify the incoming pfn data */ ++ rc = map_guest_pages(ctx, pages); ++ if ( rc ) ++ goto err; ++ ++ /* Prepare read buffers, either guest or throw-away memory */ ++ for ( i = 0, iov_idx = 0; i < pages->count; i++ ) ++ { ++ struct iovec *iov; ++ ++ if ( !ctx->restore.guest_data[i] ) ++ continue; ++ ++ iov = &ctx->restore.iov[iov_idx]; ++ iov->iov_len = PAGE_SIZE; ++ if ( ctx->restore.verify ) ++ iov->iov_base = ctx->restore.verify_buf + (i * PAGE_SIZE); ++ else ++ iov->iov_base = ctx->restore.guest_data[i]; ++ iov_idx++; ++ } ++ ++ if ( !iov_idx ) ++ goto done; ++ ++ rc = readv_exact(ctx->fd, ctx->restore.iov, iov_idx); ++ if ( rc ) ++ { ++ PERROR("read of %d pages failed", iov_idx); ++ goto err; ++ } ++ ++ /* Post-processing of pfn data */ ++ for ( i = 0, iov_idx = 0; i < pages->count; i++ ) ++ { ++ void *addr; ++ ++ if ( !ctx->restore.guest_data[i] ) ++ continue; ++ ++ addr = ctx->restore.iov[iov_idx].iov_base; ++ rc = ctx->restore.ops.localise_page(ctx, ctx->restore.types[i], addr); ++ if ( rc ) ++ { ++ ERROR("Failed to localise pfn %#"PRIpfn" (type %#"PRIx32")", ++ ctx->restore.pfns[i], ++ ctx->restore.types[i] >> XEN_DOMCTL_PFINFO_LTAB_SHIFT); ++ goto err; ++ ++ } ++ ++ if ( ctx->restore.verify ) ++ { ++ if ( memcmp(ctx->restore.guest_data[i], addr, PAGE_SIZE) ) ++ { ++ ERROR("verify pfn %#"PRIpfn" failed (type %#"PRIx32")", ++ ctx->restore.pfns[i], ++ ctx->restore.types[i] >> XEN_DOMCTL_PFINFO_LTAB_SHIFT); ++ } ++ } ++ ++ iov_idx++; ++ } ++ ++done: ++ rc = 0; ++ ++err: ++ if ( ctx->restore.guest_mapping ) ++ { ++ xenforeignmemory_unmap(xch->fmem, ctx->restore.guest_mapping, ctx->restore.nr_mapped_pages); ++ ctx->restore.guest_mapping = NULL; ++ } ++ return rc; ++} ++ ++/* + * Handle PAGE_DATA record from an existing buffer + * Given a list of pfns, their types, and a block of page data from the + * stream, populate and record their types, map the relevant subset and copy +@@ -713,6 +836,15 @@ static int process_buffered_record(struc + case REC_TYPE_VERIFY: + DPRINTF("Verify mode enabled"); + ctx->restore.verify = true; ++ if ( !ctx->restore.verify_buf ) ++ { ++ ctx->restore.verify_buf = malloc(MAX_BATCH_SIZE * PAGE_SIZE); ++ if ( !ctx->restore.verify_buf ) ++ { ++ PERROR("Unable to allocate verify_buf"); ++ rc = -1; ++ } ++ } + break; + + case REC_TYPE_CHECKPOINT: +@@ -739,11 +871,19 @@ static int process_incoming_record_heade + struct xc_sr_record rec; + int rc; + +- rc = read_record_data(ctx, ctx->fd, rhdr, &rec); +- if ( rc ) +- return rc; ++ switch ( rhdr->type ) ++ { ++ case REC_TYPE_PAGE_DATA: ++ rc = handle_incoming_page_data(ctx, rhdr); ++ break; ++ default: ++ rc = read_record_data(ctx, ctx->fd, rhdr, &rec); ++ if ( rc == 0 ) ++ rc = process_buffered_record(ctx, &rec);; ++ break; ++ } + +- return process_buffered_record(ctx, &rec); ++ return rc; + } + + +@@ -788,9 +928,12 @@ static int setup(struct xc_sr_context *c + ctx->restore.pp_pfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pp_pfns)); + ctx->restore.pp_mfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pp_mfns)); + ctx->restore.guest_data = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.guest_data)); ++ ctx->restore.iov = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.iov)); ++ ctx->restore.pages = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pages->pfn) + sizeof(*ctx->restore.pages)); + if ( !ctx->restore.pfns || !ctx->restore.types || !ctx->restore.mfns || + !ctx->restore.map_errs || !ctx->restore.pp_pfns || +- !ctx->restore.pp_mfns || !ctx->restore.guest_data ) ++ !ctx->restore.pp_mfns || !ctx->restore.guest_data || ++ !ctx->restore.iov || !ctx->restore.pages ) + { + ERROR("Unable to allocate memory"); + rc = -1; +@@ -827,6 +970,8 @@ static void cleanup(struct xc_sr_context + + free(ctx->restore.buffered_records); + free(ctx->restore.populated_pfns); ++ free(ctx->restore.pages); ++ free(ctx->restore.iov); + free(ctx->restore.guest_data); + free(ctx->restore.pp_mfns); + free(ctx->restore.pp_pfns); diff --git a/libxc-sr-restore-hvm-legacy-superpage.patch b/libxc-sr-restore-hvm-legacy-superpage.patch new file mode 100644 index 0000000..d4f2cd6 --- /dev/null +++ b/libxc-sr-restore-hvm-legacy-superpage.patch @@ -0,0 +1,701 @@ +From: Olaf Hering +Date: Mon, 7 Aug 2017 12:58:02 +0000 +Subject: libxc sr restore hvm legacy superpage + +tools: use superpages during restore of HVM guest + +bsc#1035231 - migration of HVM domU does not use superpages on destination dom0 +bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored + +During creating of a HVM domU meminit_hvm() tries to map superpages. +After save/restore or migration this mapping is lost, everything is +allocated in single pages. This causes a performance degradation after +migration. + +Add neccessary code to preallocate a superpage for an incoming chunk of +pfns. In case a pfn was not populated on the sending side, it must be +freed on the receiving side to avoid over-allocation. + +The existing code for x86_pv is moved unmodified into its own file. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_dom_x86.c | 5 - + tools/libs/guest/xg_private.h | 5 + + tools/libs/guest/xg_sr_common.h | 28 +- + tools/libs/guest/xg_sr_restore.c | 60 +--- + tools/libs/guest/xg_sr_restore_x86_hvm.c | 381 ++++++++++++++++++++++- + tools/libs/guest/xg_sr_restore_x86_pv.c | 61 +++- + 6 files changed, 467 insertions(+), 73 deletions(-) + +--- a/tools/libs/guest/xg_dom_x86.c ++++ b/tools/libs/guest/xg_dom_x86.c +@@ -44,11 +44,6 @@ + + #define SUPERPAGE_BATCH_SIZE 512 + +-#define SUPERPAGE_2MB_SHIFT 9 +-#define SUPERPAGE_2MB_NR_PFNS (1UL << SUPERPAGE_2MB_SHIFT) +-#define SUPERPAGE_1GB_SHIFT 18 +-#define SUPERPAGE_1GB_NR_PFNS (1UL << SUPERPAGE_1GB_SHIFT) +- + #define X86_CR0_PE 0x01 + #define X86_CR0_ET 0x10 + +--- a/tools/libs/guest/xg_private.h ++++ b/tools/libs/guest/xg_private.h +@@ -180,4 +180,9 @@ struct xc_cpu_policy { + }; + #endif /* x86 */ + ++#define SUPERPAGE_2MB_SHIFT 9 ++#define SUPERPAGE_2MB_NR_PFNS (1UL << SUPERPAGE_2MB_SHIFT) ++#define SUPERPAGE_1GB_SHIFT 18 ++#define SUPERPAGE_1GB_NR_PFNS (1UL << SUPERPAGE_1GB_SHIFT) ++ + #endif /* XG_PRIVATE_H */ +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -208,6 +208,16 @@ struct xc_sr_restore_ops + int (*setup)(struct xc_sr_context *ctx); + + /** ++ * Populate PFNs ++ * ++ * Given a set of pfns, obtain memory from Xen to fill the physmap for the ++ * unpopulated subset. ++ */ ++ int (*populate_pfns)(struct xc_sr_context *ctx, unsigned count, ++ const xen_pfn_t *original_pfns, const uint32_t *types); ++ ++ ++ /** + * Process an individual record from the stream. The caller shall take + * care of processing common records (e.g. END, PAGE_DATA). + * +@@ -338,6 +348,8 @@ struct xc_sr_context + + int send_back_fd; + unsigned long p2m_size; ++ unsigned long max_pages; ++ unsigned long tot_pages; + xc_hypercall_buffer_t dirty_bitmap_hbuf; + + /* From Image Header. */ +@@ -471,6 +483,14 @@ struct xc_sr_context + { + /* HVM context blob. */ + struct xc_sr_blob context; ++ ++ /* Bitmap of currently allocated PFNs during restore. */ ++ struct sr_bitmap attempted_1g; ++ struct sr_bitmap attempted_2m; ++ struct sr_bitmap allocated_pfns; ++ xen_pfn_t prev_populated_pfn; ++ xen_pfn_t iteration_tracker_pfn; ++ unsigned long iteration; + } restore; + }; + } hvm; +@@ -535,14 +555,6 @@ int read_record_header(struct xc_sr_cont + int read_record_data(struct xc_sr_context *ctx, int fd, struct xc_sr_rhdr *rhdr, + struct xc_sr_record *rec); + +-/* +- * This would ideally be private in restore.c, but is needed by +- * x86_pv_localise_page() if we receive pagetables frames ahead of the +- * contents of the frames they point at. +- */ +-int populate_pfns(struct xc_sr_context *ctx, unsigned int count, +- const xen_pfn_t *original_pfns, const uint32_t *types); +- + /* Handle a STATIC_DATA_END record. */ + int handle_static_data_end(struct xc_sr_context *ctx); + +--- a/tools/libs/guest/xg_sr_restore.c ++++ b/tools/libs/guest/xg_sr_restore.c +@@ -71,60 +71,6 @@ static int read_headers(struct xc_sr_con + return 0; + } + +-/* +- * Given a set of pfns, obtain memory from Xen to fill the physmap for the +- * unpopulated subset. If types is NULL, no page type checking is performed +- * and all unpopulated pfns are populated. +- */ +-int populate_pfns(struct xc_sr_context *ctx, unsigned int count, +- const xen_pfn_t *original_pfns, const uint32_t *types) +-{ +- xc_interface *xch = ctx->xch; +- unsigned int i, nr_pfns = 0; +- int rc = -1; +- +- for ( i = 0; i < count; ++i ) +- { +- if ( (!types || page_type_to_populate(types[i])) && +- !pfn_is_populated(ctx, original_pfns[i]) ) +- { +- rc = pfn_set_populated(ctx, original_pfns[i]); +- if ( rc ) +- goto err; +- ctx->restore.pp_pfns[nr_pfns] = ctx->restore.pp_mfns[nr_pfns] = original_pfns[i]; +- ++nr_pfns; +- } +- } +- +- if ( nr_pfns ) +- { +- rc = xc_domain_populate_physmap_exact( +- xch, ctx->domid, nr_pfns, 0, 0, ctx->restore.pp_mfns); +- if ( rc ) +- { +- PERROR("Failed to populate physmap"); +- goto err; +- } +- +- for ( i = 0; i < nr_pfns; ++i ) +- { +- if ( ctx->restore.pp_mfns[i] == INVALID_MFN ) +- { +- ERROR("Populate physmap failed for pfn %u", i); +- rc = -1; +- goto err; +- } +- +- ctx->restore.ops.set_gfn(ctx, ctx->restore.pp_pfns[i], ctx->restore.pp_mfns[i]); +- } +- } +- +- rc = 0; +- +- err: +- return rc; +-} +- + static int handle_static_data_end_v2(struct xc_sr_context *ctx) + { + int rc = 0; +@@ -259,7 +205,8 @@ static int map_guest_pages(struct xc_sr_ + uint32_t i, p; + int rc; + +- rc = populate_pfns(ctx, pages->count, ctx->restore.pfns, ctx->restore.types); ++ rc = ctx->restore.ops.populate_pfns(ctx, pages->count, ctx->restore.pfns, ++ ctx->restore.types); + if ( rc ) + { + ERROR("Failed to populate pfns for batch of %u pages", pages->count); +@@ -1074,6 +1021,9 @@ int xc_domain_restore(xc_interface *xch, + return -1; + } + ++ /* See xc_domain_getinfo */ ++ ctx.restore.max_pages = ctx.dominfo.max_pages; ++ ctx.restore.tot_pages = ctx.dominfo.tot_pages; + ctx.restore.p2m_size = nr_pfns; + ctx.restore.ops = hvm ? restore_ops_x86_hvm : restore_ops_x86_pv; + +--- a/tools/libs/guest/xg_sr_restore_x86_hvm.c ++++ b/tools/libs/guest/xg_sr_restore_x86_hvm.c +@@ -130,6 +130,33 @@ static int x86_hvm_localise_page(struct + return 0; + } + ++static bool x86_hvm_expand_sp_bitmaps(struct xc_sr_context *ctx, unsigned long max_pfn) ++{ ++ struct sr_bitmap *bm; ++ ++ bm = &ctx->x86.hvm.restore.attempted_1g; ++ if ( !sr_bitmap_expand(bm, max_pfn >> SUPERPAGE_1GB_SHIFT) ) ++ return false; ++ ++ bm = &ctx->x86.hvm.restore.attempted_2m; ++ if ( !sr_bitmap_expand(bm, max_pfn >> SUPERPAGE_2MB_SHIFT) ) ++ return false; ++ ++ bm = &ctx->x86.hvm.restore.allocated_pfns; ++ if ( !sr_bitmap_expand(bm, max_pfn) ) ++ return false; ++ ++ return true; ++} ++ ++static void x86_hvm_no_superpage(struct xc_sr_context *ctx, unsigned long addr) ++{ ++ unsigned long pfn = addr >> XC_PAGE_SHIFT; ++ ++ sr_set_bit(pfn >> SUPERPAGE_1GB_SHIFT, &ctx->x86.hvm.restore.attempted_1g); ++ sr_set_bit(pfn >> SUPERPAGE_2MB_SHIFT, &ctx->x86.hvm.restore.attempted_2m); ++} ++ + /* + * restore_ops function. Confirms the stream matches the domain. + */ +@@ -164,12 +191,24 @@ static int x86_hvm_setup(struct xc_sr_co + + max_pfn = max(ctx->restore.p2m_size, max_pages); + if ( !sr_bitmap_expand(&ctx->restore.populated_pfns, max_pfn) ) +- { +- PERROR("Unable to allocate memory for populated_pfns bitmap"); +- return -1; +- } ++ goto out; ++ ++ if ( !x86_hvm_expand_sp_bitmaps(ctx, max_pfn) ) ++ goto out; ++ ++ /* FIXME: distinguish between PVH and HVM */ ++ /* No superpage in 1st 2MB due to VGA hole */ ++ x86_hvm_no_superpage(ctx, 0xA0000u); ++#define LAPIC_BASE_ADDRESS 0xfee00000u ++#define ACPI_INFO_PHYSICAL_ADDRESS 0xfc000000u ++ x86_hvm_no_superpage(ctx, LAPIC_BASE_ADDRESS); ++ x86_hvm_no_superpage(ctx, ACPI_INFO_PHYSICAL_ADDRESS); + + return 0; ++ ++out: ++ PERROR("Unable to allocate memory for pfn bitmaps"); ++ return -1; + } + + /* +@@ -250,6 +289,9 @@ static int x86_hvm_stream_complete(struc + static int x86_hvm_cleanup(struct xc_sr_context *ctx) + { + sr_bitmap_free(&ctx->restore.populated_pfns); ++ sr_bitmap_free(&ctx->x86.hvm.restore.attempted_1g); ++ sr_bitmap_free(&ctx->x86.hvm.restore.attempted_2m); ++ sr_bitmap_free(&ctx->x86.hvm.restore.allocated_pfns); + free(ctx->x86.hvm.restore.context.ptr); + + free(ctx->x86.restore.cpuid.ptr); +@@ -258,6 +300,336 @@ static int x86_hvm_cleanup(struct xc_sr_ + return 0; + } + ++/* ++ * Set a range of pfns as allocated ++ */ ++static void pfn_set_long_allocated(struct xc_sr_context *ctx, xen_pfn_t base_pfn) ++{ ++ sr_set_long_bit(base_pfn, &ctx->x86.hvm.restore.allocated_pfns); ++} ++ ++static void pfn_set_allocated(struct xc_sr_context *ctx, xen_pfn_t pfn) ++{ ++ sr_set_bit(pfn, &ctx->x86.hvm.restore.allocated_pfns); ++} ++ ++struct x86_hvm_sp { ++ xen_pfn_t pfn; ++ xen_pfn_t base_pfn; ++ unsigned long index; ++ unsigned long count; ++}; ++ ++/* ++ * Try to allocate a 1GB page for this pfn, but avoid Over-allocation. ++ * If this succeeds, mark the range of 2MB pages as busy. ++ */ ++static bool x86_hvm_alloc_1g(struct xc_sr_context *ctx, struct x86_hvm_sp *sp) ++{ ++ xc_interface *xch = ctx->xch; ++ unsigned int order; ++ int i, done; ++ xen_pfn_t extent; ++ ++ /* Only one attempt to avoid overlapping allocation */ ++ if ( sr_test_and_set_bit(sp->index, &ctx->x86.hvm.restore.attempted_1g) ) ++ return false; ++ ++ order = SUPERPAGE_1GB_SHIFT; ++ sp->count = SUPERPAGE_1GB_NR_PFNS; ++ ++ /* Allocate only if there is room for another superpage */ ++ if ( ctx->restore.tot_pages + sp->count > ctx->restore.max_pages ) ++ return false; ++ ++ extent = sp->base_pfn = (sp->pfn >> order) << order; ++ done = xc_domain_populate_physmap(xch, ctx->domid, 1, order, 0, &extent); ++ if ( done < 0 ) { ++ PERROR("populate_physmap failed."); ++ return false; ++ } ++ if ( done == 0 ) ++ return false; ++ ++ DPRINTF("1G %" PRI_xen_pfn "\n", sp->base_pfn); ++ ++ /* Mark all 2MB pages as done to avoid overlapping allocation */ ++ for ( i = 0; i < (SUPERPAGE_1GB_NR_PFNS/SUPERPAGE_2MB_NR_PFNS); i++ ) ++ sr_set_bit((sp->base_pfn >> SUPERPAGE_2MB_SHIFT) + i, &ctx->x86.hvm.restore.attempted_2m); ++ ++ return true; ++} ++ ++/* Allocate a 2MB page if x86_hvm_alloc_1g failed, avoid Over-allocation. */ ++static bool x86_hvm_alloc_2m(struct xc_sr_context *ctx, struct x86_hvm_sp *sp) ++{ ++ xc_interface *xch = ctx->xch; ++ unsigned int order; ++ int done; ++ xen_pfn_t extent; ++ ++ /* Only one attempt to avoid overlapping allocation */ ++ if ( sr_test_and_set_bit(sp->index, &ctx->x86.hvm.restore.attempted_2m) ) ++ return false; ++ ++ order = SUPERPAGE_2MB_SHIFT; ++ sp->count = SUPERPAGE_2MB_NR_PFNS; ++ ++ /* Allocate only if there is room for another superpage */ ++ if ( ctx->restore.tot_pages + sp->count > ctx->restore.max_pages ) ++ return false; ++ ++ extent = sp->base_pfn = (sp->pfn >> order) << order; ++ done = xc_domain_populate_physmap(xch, ctx->domid, 1, order, 0, &extent); ++ if ( done < 0 ) { ++ PERROR("populate_physmap failed."); ++ return false; ++ } ++ if ( done == 0 ) ++ return false; ++ ++ DPRINTF("2M %" PRI_xen_pfn "\n", sp->base_pfn); ++ return true; ++} ++ ++/* Allocate a single page if x86_hvm_alloc_2m failed. */ ++static bool x86_hvm_alloc_4k(struct xc_sr_context *ctx, struct x86_hvm_sp *sp) ++{ ++ xc_interface *xch = ctx->xch; ++ unsigned int order; ++ int done; ++ xen_pfn_t extent; ++ ++ order = 0; ++ sp->count = 1UL; ++ ++ /* Allocate only if there is room for another page */ ++ if ( ctx->restore.tot_pages + sp->count > ctx->restore.max_pages ) { ++ errno = E2BIG; ++ return false; ++ } ++ ++ extent = sp->base_pfn = (sp->pfn >> order) << order; ++ done = xc_domain_populate_physmap(xch, ctx->domid, 1, order, 0, &extent); ++ if ( done < 0 ) { ++ PERROR("populate_physmap failed."); ++ return false; ++ } ++ if ( done == 0 ) { ++ errno = ENOMEM; ++ return false; ++ } ++ ++ DPRINTF("4K %" PRI_xen_pfn "\n", sp->base_pfn); ++ return true; ++} ++/* ++ * Attempt to allocate a superpage where the pfn resides. ++ */ ++static int x86_hvm_allocate_pfn(struct xc_sr_context *ctx, xen_pfn_t pfn) ++{ ++ bool success; ++ unsigned long idx_1g, idx_2m; ++ struct x86_hvm_sp sp = { ++ .pfn = pfn ++ }; ++ ++ if ( sr_test_bit(pfn, &ctx->x86.hvm.restore.allocated_pfns) ) ++ return 0; ++ ++ idx_1g = pfn >> SUPERPAGE_1GB_SHIFT; ++ idx_2m = pfn >> SUPERPAGE_2MB_SHIFT; ++ ++ sp.index = idx_1g; ++ success = x86_hvm_alloc_1g(ctx, &sp); ++ ++ if ( success == false ) { ++ sp.index = idx_2m; ++ success = x86_hvm_alloc_2m(ctx, &sp); ++ } ++ ++ if ( success == false ) { ++ sp.index = 0; ++ success = x86_hvm_alloc_4k(ctx, &sp); ++ } ++ ++ if ( success == false ) ++ return -1; ++ ++ do { ++ if ( sp.count >= BITS_PER_LONG && (sp.count % BITS_PER_LONG) == 0 ) { ++ sp.count -= BITS_PER_LONG; ++ ctx->restore.tot_pages += BITS_PER_LONG; ++ pfn_set_long_allocated(ctx, sp.base_pfn + sp.count); ++ } else { ++ sp.count--; ++ ctx->restore.tot_pages++; ++ pfn_set_allocated(ctx, sp.base_pfn + sp.count); ++ } ++ } while ( sp.count ); ++ ++ return 0; ++} ++ ++/* ++ * Deallocate memory. ++ * There was likely an optimistic superpage allocation. ++ * This means more pages may have been allocated past gap_end. ++ * This range is not freed now. Incoming higher pfns will release it. ++ */ ++static int x86_hvm_punch_hole(struct xc_sr_context *ctx, ++ xen_pfn_t gap_start, xen_pfn_t gap_end) ++{ ++ xc_interface *xch = ctx->xch; ++ xen_pfn_t _pfn, pfn; ++ uint32_t domid, freed = 0; ++ int rc; ++ ++ pfn = gap_start >> SUPERPAGE_1GB_SHIFT; ++ do ++ { ++ sr_set_bit(pfn, &ctx->x86.hvm.restore.attempted_1g); ++ } while (++pfn <= gap_end >> SUPERPAGE_1GB_SHIFT); ++ ++ pfn = gap_start >> SUPERPAGE_2MB_SHIFT; ++ do ++ { ++ sr_set_bit(pfn, &ctx->x86.hvm.restore.attempted_2m); ++ } while (++pfn <= gap_end >> SUPERPAGE_2MB_SHIFT); ++ ++ pfn = gap_start; ++ ++ while ( pfn <= gap_end ) ++ { ++ if ( sr_test_and_clear_bit(pfn, &ctx->x86.hvm.restore.allocated_pfns) ) ++ { ++ domid = ctx->domid; ++ _pfn = pfn; ++ rc = xc_domain_decrease_reservation_exact(xch, domid, 1, 0, &_pfn); ++ if ( rc ) ++ { ++ PERROR("Failed to release pfn %" PRI_xen_pfn, pfn); ++ return -1; ++ } ++ ctx->restore.tot_pages--; ++ freed++; ++ } ++ pfn++; ++ } ++ if ( freed ) ++ DPRINTF("freed %u between %" PRI_xen_pfn " %" PRI_xen_pfn "\n", ++ freed, gap_start, gap_end); ++ return 0; ++} ++ ++static int x86_hvm_unpopulate_page(struct xc_sr_context *ctx, xen_pfn_t pfn) ++{ ++ sr_clear_bit(pfn, &ctx->restore.populated_pfns); ++ return x86_hvm_punch_hole(ctx, pfn, pfn); ++} ++ ++static int x86_hvm_populate_page(struct xc_sr_context *ctx, xen_pfn_t pfn) ++{ ++ xen_pfn_t gap_start, gap_end; ++ bool has_gap, first_iteration; ++ int rc; ++ ++ /* ++ * Check for a gap between the previous populated pfn and this pfn. ++ * In case a gap exists, it is required to punch a hole to release memory, ++ * starting after the previous pfn and before this pfn. ++ * ++ * But: this can be done only during the first iteration, which is the ++ * only place where superpage allocations are attempted. All following ++ * iterations lack the info to properly maintain prev_populated_pfn. ++ */ ++ has_gap = ctx->x86.hvm.restore.prev_populated_pfn + 1 < pfn; ++ first_iteration = ctx->x86.hvm.restore.iteration == 0; ++ if ( has_gap && first_iteration ) ++ { ++ gap_start = ctx->x86.hvm.restore.prev_populated_pfn + 1; ++ gap_end = pfn - 1; ++ ++ rc = x86_hvm_punch_hole(ctx, gap_start, gap_end); ++ if ( rc ) ++ goto err; ++ } ++ ++ rc = x86_hvm_allocate_pfn(ctx, pfn); ++ if ( rc ) ++ goto err; ++ pfn_set_populated(ctx, pfn); ++ ctx->x86.hvm.restore.prev_populated_pfn = pfn; ++ ++ rc = 0; ++err: ++ return rc; ++} ++ ++/* ++ * Try to allocate superpages. ++ * This works without memory map because the pfns arrive in incremental order. ++ * All pfn numbers and their type are submitted. ++ * Only pfns with data will have also pfn content transmitted. ++ */ ++static int x86_hvm_populate_pfns(struct xc_sr_context *ctx, unsigned count, ++ const xen_pfn_t *original_pfns, ++ const uint32_t *types) ++{ ++ xc_interface *xch = ctx->xch; ++ xen_pfn_t pfn, min_pfn, max_pfn; ++ bool to_populate, populated; ++ unsigned i = count; ++ int rc = 0; ++ ++ min_pfn = count ? original_pfns[0] : 0; ++ max_pfn = count ? original_pfns[count - 1] : 0; ++ DPRINTF("batch of %u pfns between %" PRI_xen_pfn " %" PRI_xen_pfn "\n", ++ count, min_pfn, max_pfn); ++ ++ if ( !x86_hvm_expand_sp_bitmaps(ctx, max_pfn) ) ++ { ++ ERROR("Unable to allocate memory for pfn bitmaps"); ++ return -1; ++ } ++ ++ /* ++ * There is no indicator for a new iteration. ++ * Simulate it by checking if a lower pfn is coming in. ++ * In the end it matters only to know if this iteration is the first one. ++ */ ++ if ( min_pfn < ctx->x86.hvm.restore.iteration_tracker_pfn ) ++ ctx->x86.hvm.restore.iteration++; ++ ctx->x86.hvm.restore.iteration_tracker_pfn = min_pfn; ++ ++ for ( i = 0; i < count; ++i ) ++ { ++ pfn = original_pfns[i]; ++ ++ to_populate = page_type_to_populate(types[i]); ++ populated = pfn_is_populated(ctx, pfn); ++ ++ /* ++ * page has data, pfn populated: nothing to do ++ * page has data, pfn not populated: likely never seen before ++ * page has no data, pfn populated: likely ballooned out during migration ++ * page has no data, pfn not populated: nothing to do ++ */ ++ if ( to_populate && !populated ) ++ { ++ rc = x86_hvm_populate_page(ctx, pfn); ++ } else if ( !to_populate && populated ) ++ { ++ rc = x86_hvm_unpopulate_page(ctx, pfn); ++ } ++ if ( rc ) ++ break; ++ } ++ ++ return rc; ++} ++ ++ + struct xc_sr_restore_ops restore_ops_x86_hvm = + { + .pfn_is_valid = x86_hvm_pfn_is_valid, +@@ -266,6 +638,7 @@ struct xc_sr_restore_ops restore_ops_x86 + .set_page_type = x86_hvm_set_page_type, + .localise_page = x86_hvm_localise_page, + .setup = x86_hvm_setup, ++ .populate_pfns = x86_hvm_populate_pfns, + .process_record = x86_hvm_process_record, + .static_data_complete = x86_static_data_complete, + .stream_complete = x86_hvm_stream_complete, +--- a/tools/libs/guest/xg_sr_restore_x86_pv.c ++++ b/tools/libs/guest/xg_sr_restore_x86_pv.c +@@ -960,6 +960,64 @@ static void x86_pv_set_gfn(struct xc_sr_ + } + + /* ++ * Given a set of pfns, obtain memory from Xen to fill the physmap for the ++ * unpopulated subset. If types is NULL, no page type checking is performed ++ * and all unpopulated pfns are populated. ++ */ ++static int x86_pv_populate_pfns(struct xc_sr_context *ctx, unsigned count, ++ const xen_pfn_t *original_pfns, ++ const uint32_t *types) ++{ ++ xc_interface *xch = ctx->xch; ++ xen_pfn_t *mfns = ctx->restore.pp_mfns, ++ *pfns = ctx->restore.pp_pfns; ++ unsigned int i, nr_pfns = 0; ++ int rc = -1; ++ ++ for ( i = 0; i < count; ++i ) ++ { ++ if ( (!types || ++ (types && page_type_has_stream_data(types[i]) == true)) && ++ !pfn_is_populated(ctx, original_pfns[i]) ) ++ { ++ rc = pfn_set_populated(ctx, original_pfns[i]); ++ if ( rc ) ++ goto err; ++ pfns[nr_pfns] = mfns[nr_pfns] = original_pfns[i]; ++ ++nr_pfns; ++ } ++ } ++ ++ if ( nr_pfns ) ++ { ++ rc = xc_domain_populate_physmap_exact( ++ xch, ctx->domid, nr_pfns, 0, 0, mfns); ++ if ( rc ) ++ { ++ PERROR("Failed to populate physmap"); ++ goto err; ++ } ++ ++ for ( i = 0; i < nr_pfns; ++i ) ++ { ++ if ( mfns[i] == INVALID_MFN ) ++ { ++ ERROR("Populate physmap failed for pfn %u", i); ++ rc = -1; ++ goto err; ++ } ++ ++ ctx->restore.ops.set_gfn(ctx, pfns[i], mfns[i]); ++ } ++ } ++ ++ rc = 0; ++ ++ err: ++ return rc; ++} ++ ++/* + * restore_ops function. Convert pfns back to mfns in pagetables. Possibly + * needs to populate new frames if a PTE is found referring to a frame which + * hasn't yet been seen from PAGE_DATA records. +@@ -1003,7 +1061,7 @@ static int x86_pv_localise_page(struct x + } + } + +- if ( to_populate && populate_pfns(ctx, to_populate, pfns, NULL) ) ++ if ( to_populate && x86_pv_populate_pfns(ctx, to_populate, pfns, NULL) ) + return -1; + + for ( i = 0; i < (PAGE_SIZE / sizeof(uint64_t)); ++i ) +@@ -1200,6 +1258,7 @@ struct xc_sr_restore_ops restore_ops_x86 + .set_gfn = x86_pv_set_gfn, + .localise_page = x86_pv_localise_page, + .setup = x86_pv_setup, ++ .populate_pfns = x86_pv_populate_pfns, + .process_record = x86_pv_process_record, + .static_data_complete = x86_static_data_complete, + .stream_complete = x86_pv_stream_complete, diff --git a/libxc-sr-restore-map_errs.patch b/libxc-sr-restore-map_errs.patch new file mode 100644 index 0000000..e81d8b1 --- /dev/null +++ b/libxc-sr-restore-map_errs.patch @@ -0,0 +1,101 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 14:44:09 +0200 +Subject: libxc sr restore map_errs + +tools: restore: preallocate map_errs array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in an incoming batch. +Allocate the space once. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 1 + + tools/libs/guest/xg_sr_restore.c | 22 +++++++--------------- + 2 files changed, 8 insertions(+), 15 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -259,6 +259,7 @@ struct xc_sr_context + xen_pfn_t *pfns; + uint32_t *types; + xen_pfn_t *mfns; ++ int *map_errs; + + int send_back_fd; + unsigned long p2m_size; +--- a/tools/libs/guest/xg_sr_restore.c ++++ b/tools/libs/guest/xg_sr_restore.c +@@ -204,21 +204,12 @@ static int process_page_data(struct xc_s + xen_pfn_t *pfns, uint32_t *types, void *page_data) + { + xc_interface *xch = ctx->xch; +- int *map_errs = malloc(count * sizeof(*map_errs)); + int rc; + void *mapping = NULL, *guest_page = NULL; + unsigned int i, /* i indexes the pfns from the record. */ + j, /* j indexes the subset of pfns we decide to map. */ + nr_pages = 0; + +- if ( !map_errs ) +- { +- rc = -1; +- ERROR("Failed to allocate %zu bytes to process page data", +- count * sizeof(*map_errs)); +- goto err; +- } +- + rc = populate_pfns(ctx, count, pfns, types); + if ( rc ) + { +@@ -240,7 +231,7 @@ static int process_page_data(struct xc_s + + mapping = guest_page = xenforeignmemory_map( + xch->fmem, ctx->domid, PROT_READ | PROT_WRITE, +- nr_pages, ctx->restore.mfns, map_errs); ++ nr_pages, ctx->restore.mfns, ctx->restore.map_errs); + if ( !mapping ) + { + rc = -1; +@@ -254,11 +245,11 @@ static int process_page_data(struct xc_s + if ( !page_type_has_stream_data(types[i]) ) + continue; + +- if ( map_errs[j] ) ++ if ( ctx->restore.map_errs[j] ) + { + rc = -1; + ERROR("Mapping pfn %#"PRIpfn" (mfn %#"PRIpfn", type %#"PRIx32") failed with %d", +- pfns[i], ctx->restore.mfns[j], types[i], map_errs[j]); ++ pfns[i], ctx->restore.mfns[j], types[i], ctx->restore.map_errs[j]); + goto err; + } + +@@ -296,8 +287,6 @@ static int process_page_data(struct xc_s + if ( mapping ) + xenforeignmemory_unmap(xch->fmem, mapping, nr_pages); + +- free(map_errs); +- + return rc; + } + +@@ -704,7 +693,9 @@ static int setup(struct xc_sr_context *c + ctx->restore.pfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pfns)); + ctx->restore.types = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.types)); + ctx->restore.mfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.mfns)); +- if ( !ctx->restore.pfns || !ctx->restore.types || !ctx->restore.mfns ) ++ ctx->restore.map_errs = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.map_errs)); ++ if ( !ctx->restore.pfns || !ctx->restore.types || !ctx->restore.mfns || ++ !ctx->restore.map_errs ) + { + ERROR("Unable to allocate memory"); + rc = -1; +@@ -741,6 +732,7 @@ static void cleanup(struct xc_sr_context + + free(ctx->restore.buffered_records); + free(ctx->restore.populated_pfns); ++ free(ctx->restore.map_errs); + free(ctx->restore.mfns); + free(ctx->restore.types); + free(ctx->restore.pfns); diff --git a/libxc-sr-restore-mfns.patch b/libxc-sr-restore-mfns.patch new file mode 100644 index 0000000..afdd637 --- /dev/null +++ b/libxc-sr-restore-mfns.patch @@ -0,0 +1,103 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 14:42:19 +0200 +Subject: libxc sr restore mfns + +tools: restore: preallocate mfns array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in an incoming batch. +Allocate the space once. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 1 + + tools/libs/guest/xg_sr_restore.c | 16 ++++++++-------- + 2 files changed, 9 insertions(+), 8 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -258,6 +258,7 @@ struct xc_sr_context + struct restore_callbacks *callbacks; + xen_pfn_t *pfns; + uint32_t *types; ++ xen_pfn_t *mfns; + + int send_back_fd; + unsigned long p2m_size; +--- a/tools/libs/guest/xg_sr_restore.c ++++ b/tools/libs/guest/xg_sr_restore.c +@@ -204,7 +204,6 @@ static int process_page_data(struct xc_s + xen_pfn_t *pfns, uint32_t *types, void *page_data) + { + xc_interface *xch = ctx->xch; +- xen_pfn_t *mfns = malloc(count * sizeof(*mfns)); + int *map_errs = malloc(count * sizeof(*map_errs)); + int rc; + void *mapping = NULL, *guest_page = NULL; +@@ -212,11 +211,11 @@ static int process_page_data(struct xc_s + j, /* j indexes the subset of pfns we decide to map. */ + nr_pages = 0; + +- if ( !mfns || !map_errs ) ++ if ( !map_errs ) + { + rc = -1; + ERROR("Failed to allocate %zu bytes to process page data", +- count * (sizeof(*mfns) + sizeof(*map_errs))); ++ count * sizeof(*map_errs)); + goto err; + } + +@@ -232,7 +231,7 @@ static int process_page_data(struct xc_s + ctx->restore.ops.set_page_type(ctx, pfns[i], types[i]); + + if ( page_type_has_stream_data(types[i]) ) +- mfns[nr_pages++] = ctx->restore.ops.pfn_to_gfn(ctx, pfns[i]); ++ ctx->restore.mfns[nr_pages++] = ctx->restore.ops.pfn_to_gfn(ctx, pfns[i]); + } + + /* Nothing to do? */ +@@ -241,7 +240,7 @@ static int process_page_data(struct xc_s + + mapping = guest_page = xenforeignmemory_map( + xch->fmem, ctx->domid, PROT_READ | PROT_WRITE, +- nr_pages, mfns, map_errs); ++ nr_pages, ctx->restore.mfns, map_errs); + if ( !mapping ) + { + rc = -1; +@@ -259,7 +258,7 @@ static int process_page_data(struct xc_s + { + rc = -1; + ERROR("Mapping pfn %#"PRIpfn" (mfn %#"PRIpfn", type %#"PRIx32") failed with %d", +- pfns[i], mfns[j], types[i], map_errs[j]); ++ pfns[i], ctx->restore.mfns[j], types[i], map_errs[j]); + goto err; + } + +@@ -298,7 +297,6 @@ static int process_page_data(struct xc_s + xenforeignmemory_unmap(xch->fmem, mapping, nr_pages); + + free(map_errs); +- free(mfns); + + return rc; + } +@@ -705,7 +703,8 @@ static int setup(struct xc_sr_context *c + + ctx->restore.pfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pfns)); + ctx->restore.types = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.types)); +- if ( !ctx->restore.pfns || !ctx->restore.types ) ++ ctx->restore.mfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.mfns)); ++ if ( !ctx->restore.pfns || !ctx->restore.types || !ctx->restore.mfns ) + { + ERROR("Unable to allocate memory"); + rc = -1; +@@ -742,6 +741,7 @@ static void cleanup(struct xc_sr_context + + free(ctx->restore.buffered_records); + free(ctx->restore.populated_pfns); ++ free(ctx->restore.mfns); + free(ctx->restore.types); + free(ctx->restore.pfns); + diff --git a/libxc-sr-restore-pfns.patch b/libxc-sr-restore-pfns.patch new file mode 100644 index 0000000..9fba250 --- /dev/null +++ b/libxc-sr-restore-pfns.patch @@ -0,0 +1,108 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 14:39:30 +0200 +Subject: libxc sr restore pfns + +tools: restore: preallocate pfns array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in an incoming batch. +Allocate the space once. + +Adjust the verification for page count. It must be at least one page, +but not more than MAX_BATCH_SIZE. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 1 + + tools/libs/guest/xg_sr_restore.c | 23 +++++++++++++++-------- + 2 files changed, 16 insertions(+), 8 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -256,6 +256,7 @@ struct xc_sr_context + { + struct xc_sr_restore_ops ops; + struct restore_callbacks *callbacks; ++ xen_pfn_t *pfns; + + int send_back_fd; + unsigned long p2m_size; +--- a/tools/libs/guest/xg_sr_restore.c ++++ b/tools/libs/guest/xg_sr_restore.c +@@ -314,7 +314,7 @@ static int handle_page_data(struct xc_sr + unsigned int i, pages_of_data = 0; + int rc = -1; + +- xen_pfn_t *pfns = NULL, pfn; ++ xen_pfn_t pfn; + uint32_t *types = NULL, type; + + /* +@@ -349,9 +349,9 @@ static int handle_page_data(struct xc_sr + goto err; + } + +- if ( pages->count < 1 ) ++ if ( !pages->count || pages->count > MAX_BATCH_SIZE ) + { +- ERROR("Expected at least 1 pfn in PAGE_DATA record"); ++ ERROR("Unexpected pfn count %u in PAGE_DATA record", pages->count); + goto err; + } + +@@ -362,9 +362,8 @@ static int handle_page_data(struct xc_sr + goto err; + } + +- pfns = malloc(pages->count * sizeof(*pfns)); + types = malloc(pages->count * sizeof(*types)); +- if ( !pfns || !types ) ++ if ( !types ) + { + ERROR("Unable to allocate enough memory for %u pfns", + pages->count); +@@ -393,7 +392,7 @@ static int handle_page_data(struct xc_sr + * have a page worth of data in the record. */ + pages_of_data++; + +- pfns[i] = pfn; ++ ctx->restore.pfns[i] = pfn; + types[i] = type; + } + +@@ -407,11 +406,10 @@ static int handle_page_data(struct xc_sr + goto err; + } + +- rc = process_page_data(ctx, pages->count, pfns, types, ++ rc = process_page_data(ctx, pages->count, ctx->restore.pfns, types, + &pages->pfn[pages->count]); + err: + free(types); +- free(pfns); + + return rc; + } +@@ -715,6 +713,14 @@ static int setup(struct xc_sr_context *c + goto err; + } + ++ ctx->restore.pfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pfns)); ++ if ( !ctx->restore.pfns ) ++ { ++ ERROR("Unable to allocate memory"); ++ rc = -1; ++ goto err; ++ } ++ + ctx->restore.buffered_records = malloc( + DEFAULT_BUF_RECORDS * sizeof(struct xc_sr_record)); + if ( !ctx->restore.buffered_records ) +@@ -745,6 +751,7 @@ static void cleanup(struct xc_sr_context + + free(ctx->restore.buffered_records); + free(ctx->restore.populated_pfns); ++ free(ctx->restore.pfns); + + if ( ctx->restore.ops.cleanup(ctx) ) + PERROR("Failed to clean up"); diff --git a/libxc-sr-restore-populate_pfns-mfns.patch b/libxc-sr-restore-populate_pfns-mfns.patch new file mode 100644 index 0000000..06aaa94 --- /dev/null +++ b/libxc-sr-restore-populate_pfns-mfns.patch @@ -0,0 +1,111 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 14:54:12 +0200 +Subject: libxc sr restore populate_pfns mfns + +tools: restore: preallocate populate_pfns mfns array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in an incoming batch. +Allocate the space once. + +Use some prefix to avoid conflict with an array used in handle_page_data. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 1 + + tools/libs/guest/xg_sr_restore.c | 23 ++++++++--------------- + 2 files changed, 9 insertions(+), 15 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -261,6 +261,7 @@ struct xc_sr_context + xen_pfn_t *mfns; + int *map_errs; + xen_pfn_t *pp_pfns; ++ xen_pfn_t *pp_mfns; + + int send_back_fd; + unsigned long p2m_size; +--- a/tools/libs/guest/xg_sr_restore.c ++++ b/tools/libs/guest/xg_sr_restore.c +@@ -138,17 +138,9 @@ int populate_pfns(struct xc_sr_context * + const xen_pfn_t *original_pfns, const uint32_t *types) + { + xc_interface *xch = ctx->xch; +- xen_pfn_t *mfns = malloc(count * sizeof(*mfns)); + unsigned int i, nr_pfns = 0; + int rc = -1; + +- if ( !mfns ) +- { +- ERROR("Failed to allocate %zu bytes for populating the physmap", +- 2 * count * sizeof(*mfns)); +- goto err; +- } +- + for ( i = 0; i < count; ++i ) + { + if ( (!types || page_type_to_populate(types[i])) && +@@ -157,7 +149,7 @@ int populate_pfns(struct xc_sr_context * + rc = pfn_set_populated(ctx, original_pfns[i]); + if ( rc ) + goto err; +- ctx->restore.pp_pfns[nr_pfns] = mfns[nr_pfns] = original_pfns[i]; ++ ctx->restore.pp_pfns[nr_pfns] = ctx->restore.pp_mfns[nr_pfns] = original_pfns[i]; + ++nr_pfns; + } + } +@@ -165,7 +157,7 @@ int populate_pfns(struct xc_sr_context * + if ( nr_pfns ) + { + rc = xc_domain_populate_physmap_exact( +- xch, ctx->domid, nr_pfns, 0, 0, mfns); ++ xch, ctx->domid, nr_pfns, 0, 0, ctx->restore.pp_mfns); + if ( rc ) + { + PERROR("Failed to populate physmap"); +@@ -174,22 +166,20 @@ int populate_pfns(struct xc_sr_context * + + for ( i = 0; i < nr_pfns; ++i ) + { +- if ( mfns[i] == INVALID_MFN ) ++ if ( ctx->restore.pp_mfns[i] == INVALID_MFN ) + { + ERROR("Populate physmap failed for pfn %u", i); + rc = -1; + goto err; + } + +- ctx->restore.ops.set_gfn(ctx, ctx->restore.pp_pfns[i], mfns[i]); ++ ctx->restore.ops.set_gfn(ctx, ctx->restore.pp_pfns[i], ctx->restore.pp_mfns[i]); + } + } + + rc = 0; + + err: +- free(mfns); +- + return rc; + } + +@@ -693,8 +683,10 @@ static int setup(struct xc_sr_context *c + ctx->restore.mfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.mfns)); + ctx->restore.map_errs = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.map_errs)); + ctx->restore.pp_pfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pp_pfns)); ++ ctx->restore.pp_mfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pp_mfns)); + if ( !ctx->restore.pfns || !ctx->restore.types || !ctx->restore.mfns || +- !ctx->restore.map_errs || !ctx->restore.pp_pfns ) ++ !ctx->restore.map_errs || !ctx->restore.pp_pfns || ++ !ctx->restore.pp_mfns ) + { + ERROR("Unable to allocate memory"); + rc = -1; +@@ -731,6 +723,7 @@ static void cleanup(struct xc_sr_context + + free(ctx->restore.buffered_records); + free(ctx->restore.populated_pfns); ++ free(ctx->restore.pp_mfns); + free(ctx->restore.pp_pfns); + free(ctx->restore.map_errs); + free(ctx->restore.mfns); diff --git a/libxc-sr-restore-populate_pfns-pfns.patch b/libxc-sr-restore-populate_pfns-pfns.patch new file mode 100644 index 0000000..e0f8678 --- /dev/null +++ b/libxc-sr-restore-populate_pfns-pfns.patch @@ -0,0 +1,89 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 14:58:53 +0200 +Subject: libxc sr restore populate_pfns pfns + +tools: restore: preallocate populate_pfns pfns array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in an incoming batch. +Allocate the space once. + +Use some prefix to avoid conflict with an array used in handle_page_data. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 1 + + tools/libs/guest/xg_sr_restore.c | 14 +++++++------- + 2 files changed, 8 insertions(+), 7 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -260,6 +260,7 @@ struct xc_sr_context + uint32_t *types; + xen_pfn_t *mfns; + int *map_errs; ++ xen_pfn_t *pp_pfns; + + int send_back_fd; + unsigned long p2m_size; +--- a/tools/libs/guest/xg_sr_restore.c ++++ b/tools/libs/guest/xg_sr_restore.c +@@ -138,12 +138,11 @@ int populate_pfns(struct xc_sr_context * + const xen_pfn_t *original_pfns, const uint32_t *types) + { + xc_interface *xch = ctx->xch; +- xen_pfn_t *mfns = malloc(count * sizeof(*mfns)), +- *pfns = malloc(count * sizeof(*pfns)); ++ xen_pfn_t *mfns = malloc(count * sizeof(*mfns)); + unsigned int i, nr_pfns = 0; + int rc = -1; + +- if ( !mfns || !pfns ) ++ if ( !mfns ) + { + ERROR("Failed to allocate %zu bytes for populating the physmap", + 2 * count * sizeof(*mfns)); +@@ -158,7 +157,7 @@ int populate_pfns(struct xc_sr_context * + rc = pfn_set_populated(ctx, original_pfns[i]); + if ( rc ) + goto err; +- pfns[nr_pfns] = mfns[nr_pfns] = original_pfns[i]; ++ ctx->restore.pp_pfns[nr_pfns] = mfns[nr_pfns] = original_pfns[i]; + ++nr_pfns; + } + } +@@ -182,14 +181,13 @@ int populate_pfns(struct xc_sr_context * + goto err; + } + +- ctx->restore.ops.set_gfn(ctx, pfns[i], mfns[i]); ++ ctx->restore.ops.set_gfn(ctx, ctx->restore.pp_pfns[i], mfns[i]); + } + } + + rc = 0; + + err: +- free(pfns); + free(mfns); + + return rc; +@@ -694,8 +692,9 @@ static int setup(struct xc_sr_context *c + ctx->restore.types = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.types)); + ctx->restore.mfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.mfns)); + ctx->restore.map_errs = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.map_errs)); ++ ctx->restore.pp_pfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pp_pfns)); + if ( !ctx->restore.pfns || !ctx->restore.types || !ctx->restore.mfns || +- !ctx->restore.map_errs ) ++ !ctx->restore.map_errs || !ctx->restore.pp_pfns ) + { + ERROR("Unable to allocate memory"); + rc = -1; +@@ -732,6 +731,7 @@ static void cleanup(struct xc_sr_context + + free(ctx->restore.buffered_records); + free(ctx->restore.populated_pfns); ++ free(ctx->restore.pp_pfns); + free(ctx->restore.map_errs); + free(ctx->restore.mfns); + free(ctx->restore.types); diff --git a/libxc-sr-restore-read_record.patch b/libxc-sr-restore-read_record.patch new file mode 100644 index 0000000..35557fa --- /dev/null +++ b/libxc-sr-restore-read_record.patch @@ -0,0 +1,272 @@ +From: Olaf Hering +Date: Mon, 26 Oct 2020 12:19:17 +0100 +Subject: libxc sr restore read_record + +tools: restore: split record processing + +handle_page_data must be able to read directly into mapped guest memory. +This will avoid unneccesary memcpy calls for data which can be consumed verbatim. + +Rearrange the code to allow decisions based on the incoming record. + +This change is preparation for future changes in handle_page_data, +no change in behavior is intended. + +Signed-off-by: Olaf Hering +Reviewed-by: Juergen Gross +--- + tools/libs/guest/xg_sr_common.c | 33 ++++++++++++--------- + tools/libs/guest/xg_sr_common.h | 4 ++- + tools/libs/guest/xg_sr_restore.c | 49 ++++++++++++++++++++++---------- + tools/libs/guest/xg_sr_save.c | 7 ++++- + 4 files changed, 63 insertions(+), 30 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.c ++++ b/tools/libs/guest/xg_sr_common.c +@@ -91,26 +91,33 @@ int write_split_record(struct xc_sr_cont + return -1; + } + +-int read_record(struct xc_sr_context *ctx, int fd, struct xc_sr_record *rec) ++int read_record_header(struct xc_sr_context *ctx, int fd, struct xc_sr_rhdr *rhdr) + { + xc_interface *xch = ctx->xch; +- struct xc_sr_rhdr rhdr; +- size_t datasz; + +- if ( read_exact(fd, &rhdr, sizeof(rhdr)) ) ++ if ( read_exact(fd, rhdr, sizeof(*rhdr)) ) + { + PERROR("Failed to read Record Header from stream"); + return -1; + } + +- if ( rhdr.length > REC_LENGTH_MAX ) ++ if ( rhdr->length > REC_LENGTH_MAX ) + { +- ERROR("Record (0x%08x, %s) length %#x exceeds max (%#x)", rhdr.type, +- rec_type_to_str(rhdr.type), rhdr.length, REC_LENGTH_MAX); ++ ERROR("Record (0x%08x, %s) length %#x exceeds max (%#x)", rhdr->type, ++ rec_type_to_str(rhdr->type), rhdr->length, REC_LENGTH_MAX); + return -1; + } + +- datasz = ROUNDUP(rhdr.length, REC_ALIGN_ORDER); ++ return 0; ++} ++ ++int read_record_data(struct xc_sr_context *ctx, int fd, struct xc_sr_rhdr *rhdr, ++ struct xc_sr_record *rec) ++{ ++ xc_interface *xch = ctx->xch; ++ size_t datasz; ++ ++ datasz = ROUNDUP(rhdr->length, REC_ALIGN_ORDER); + + if ( datasz ) + { +@@ -119,7 +126,7 @@ int read_record(struct xc_sr_context *ct + if ( !rec->data ) + { + ERROR("Unable to allocate %zu bytes for record data (0x%08x, %s)", +- datasz, rhdr.type, rec_type_to_str(rhdr.type)); ++ datasz, rhdr->type, rec_type_to_str(rhdr->type)); + return -1; + } + +@@ -128,18 +135,18 @@ int read_record(struct xc_sr_context *ct + free(rec->data); + rec->data = NULL; + PERROR("Failed to read %zu bytes of data for record (0x%08x, %s)", +- datasz, rhdr.type, rec_type_to_str(rhdr.type)); ++ datasz, rhdr->type, rec_type_to_str(rhdr->type)); + return -1; + } + } + else + rec->data = NULL; + +- rec->type = rhdr.type; +- rec->length = rhdr.length; ++ rec->type = rhdr->type; ++ rec->length = rhdr->length; + + return 0; +-}; ++} + + static void __attribute__((unused)) build_assertions(void) + { +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -458,7 +458,9 @@ static inline int write_record(struct xc + * + * On failure, the contents of the record structure are undefined. + */ +-int read_record(struct xc_sr_context *ctx, int fd, struct xc_sr_record *rec); ++int read_record_header(struct xc_sr_context *ctx, int fd, struct xc_sr_rhdr *rhdr); ++int read_record_data(struct xc_sr_context *ctx, int fd, struct xc_sr_rhdr *rhdr, ++ struct xc_sr_record *rec); + + /* + * This would ideally be private in restore.c, but is needed by +--- a/tools/libs/guest/xg_sr_restore.c ++++ b/tools/libs/guest/xg_sr_restore.c +@@ -453,7 +453,7 @@ static int send_checkpoint_dirty_pfn_lis + return rc; + } + +-static int process_record(struct xc_sr_context *ctx, struct xc_sr_record *rec); ++static int process_buffered_record(struct xc_sr_context *ctx, struct xc_sr_record *rec); + static int handle_checkpoint(struct xc_sr_context *ctx) + { + xc_interface *xch = ctx->xch; +@@ -492,7 +492,7 @@ static int handle_checkpoint(struct xc_s + + for ( i = 0; i < ctx->restore.buffered_rec_num; i++ ) + { +- rc = process_record(ctx, &ctx->restore.buffered_records[i]); ++ rc = process_buffered_record(ctx, &ctx->restore.buffered_records[i]); + if ( rc ) + goto err; + } +@@ -553,10 +553,11 @@ static int handle_checkpoint(struct xc_s + return rc; + } + +-static int buffer_record(struct xc_sr_context *ctx, struct xc_sr_record *rec) ++static int buffer_record(struct xc_sr_context *ctx, struct xc_sr_rhdr *rhdr) + { + xc_interface *xch = ctx->xch; + unsigned int new_alloc_num; ++ struct xc_sr_record rec; + struct xc_sr_record *p; + + if ( ctx->restore.buffered_rec_num >= ctx->restore.allocated_rec_num ) +@@ -574,8 +575,13 @@ static int buffer_record(struct xc_sr_co + ctx->restore.allocated_rec_num = new_alloc_num; + } + ++ if ( read_record_data(ctx, ctx->fd, rhdr, &rec) ) ++ { ++ return -1; ++ } ++ + memcpy(&ctx->restore.buffered_records[ctx->restore.buffered_rec_num++], +- rec, sizeof(*rec)); ++ &rec, sizeof(rec)); + + return 0; + } +@@ -606,7 +612,7 @@ int handle_static_data_end(struct xc_sr_ + return rc; + } + +-static int process_record(struct xc_sr_context *ctx, struct xc_sr_record *rec) ++static int process_buffered_record(struct xc_sr_context *ctx, struct xc_sr_record *rec) + { + xc_interface *xch = ctx->xch; + int rc = 0; +@@ -644,6 +650,19 @@ static int process_record(struct xc_sr_c + return rc; + } + ++static int process_incoming_record_header(struct xc_sr_context *ctx, struct xc_sr_rhdr *rhdr) ++{ ++ struct xc_sr_record rec; ++ int rc; ++ ++ rc = read_record_data(ctx, ctx->fd, rhdr, &rec); ++ if ( rc ) ++ return rc; ++ ++ return process_buffered_record(ctx, &rec); ++} ++ ++ + static int setup(struct xc_sr_context *ctx) + { + xc_interface *xch = ctx->xch; +@@ -740,7 +759,7 @@ static void cleanup(struct xc_sr_context + static int restore(struct xc_sr_context *ctx) + { + xc_interface *xch = ctx->xch; +- struct xc_sr_record rec; ++ struct xc_sr_rhdr rhdr; + int rc, saved_rc = 0, saved_errno = 0; + + IPRINTF("Restoring domain"); +@@ -751,7 +770,7 @@ static int restore(struct xc_sr_context + + do + { +- rc = read_record(ctx, ctx->fd, &rec); ++ rc = read_record_header(ctx, ctx->fd, &rhdr); + if ( rc ) + { + if ( ctx->restore.buffer_all_records ) +@@ -761,25 +780,25 @@ static int restore(struct xc_sr_context + } + + if ( ctx->restore.buffer_all_records && +- rec.type != REC_TYPE_END && +- rec.type != REC_TYPE_CHECKPOINT ) ++ rhdr.type != REC_TYPE_END && ++ rhdr.type != REC_TYPE_CHECKPOINT ) + { +- rc = buffer_record(ctx, &rec); ++ rc = buffer_record(ctx, &rhdr); + if ( rc ) + goto err; + } + else + { +- rc = process_record(ctx, &rec); ++ rc = process_incoming_record_header(ctx, &rhdr); + if ( rc == RECORD_NOT_PROCESSED ) + { +- if ( rec.type & REC_TYPE_OPTIONAL ) ++ if ( rhdr.type & REC_TYPE_OPTIONAL ) + DPRINTF("Ignoring optional record %#x (%s)", +- rec.type, rec_type_to_str(rec.type)); ++ rhdr.type, rec_type_to_str(rhdr.type)); + else + { + ERROR("Mandatory record %#x (%s) not handled", +- rec.type, rec_type_to_str(rec.type)); ++ rhdr.type, rec_type_to_str(rhdr.type)); + rc = -1; + goto err; + } +@@ -790,7 +809,7 @@ static int restore(struct xc_sr_context + goto err; + } + +- } while ( rec.type != REC_TYPE_END ); ++ } while ( rhdr.type != REC_TYPE_END ); + + remus_failover: + if ( ctx->stream_type == XC_STREAM_COLO ) +--- a/tools/libs/guest/xg_sr_save.c ++++ b/tools/libs/guest/xg_sr_save.c +@@ -590,6 +590,7 @@ static int send_memory_live(struct xc_sr + static int colo_merge_secondary_dirty_bitmap(struct xc_sr_context *ctx) + { + xc_interface *xch = ctx->xch; ++ struct xc_sr_rhdr rhdr; + struct xc_sr_record rec; + uint64_t *pfns = NULL; + uint64_t pfn; +@@ -598,7 +599,11 @@ static int colo_merge_secondary_dirty_bi + DECLARE_HYPERCALL_BUFFER_SHADOW(unsigned long, dirty_bitmap, + &ctx->save.dirty_bitmap_hbuf); + +- rc = read_record(ctx, ctx->save.recv_fd, &rec); ++ rc = read_record_header(ctx, ctx->save.recv_fd, &rhdr); ++ if ( rc ) ++ goto err; ++ ++ rc = read_record_data(ctx, ctx->save.recv_fd, &rhdr, &rec); + if ( rc ) + goto err; + diff --git a/libxc-sr-restore-types.patch b/libxc-sr-restore-types.patch new file mode 100644 index 0000000..5e793f3 --- /dev/null +++ b/libxc-sr-restore-types.patch @@ -0,0 +1,93 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 14:39:31 +0200 +Subject: libxc sr restore types + +tools: restore: preallocate types array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in an incoming batch. +Allocate the space once. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 1 + + tools/libs/guest/xg_sr_restore.c | 22 +++++++--------------- + 2 files changed, 8 insertions(+), 15 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -257,6 +257,7 @@ struct xc_sr_context + struct xc_sr_restore_ops ops; + struct restore_callbacks *callbacks; + xen_pfn_t *pfns; ++ uint32_t *types; + + int send_back_fd; + unsigned long p2m_size; +--- a/tools/libs/guest/xg_sr_restore.c ++++ b/tools/libs/guest/xg_sr_restore.c +@@ -315,7 +315,7 @@ static int handle_page_data(struct xc_sr + int rc = -1; + + xen_pfn_t pfn; +- uint32_t *types = NULL, type; ++ uint32_t type; + + /* + * v2 compatibility only exists for x86 streams. This is a bit of a +@@ -362,14 +362,6 @@ static int handle_page_data(struct xc_sr + goto err; + } + +- types = malloc(pages->count * sizeof(*types)); +- if ( !types ) +- { +- ERROR("Unable to allocate enough memory for %u pfns", +- pages->count); +- goto err; +- } +- + for ( i = 0; i < pages->count; ++i ) + { + pfn = pages->pfn[i] & PAGE_DATA_PFN_MASK; +@@ -393,7 +385,7 @@ static int handle_page_data(struct xc_sr + pages_of_data++; + + ctx->restore.pfns[i] = pfn; +- types[i] = type; ++ ctx->restore.types[i] = type; + } + + if ( rec->length != (sizeof(*pages) + +@@ -406,11 +398,9 @@ static int handle_page_data(struct xc_sr + goto err; + } + +- rc = process_page_data(ctx, pages->count, ctx->restore.pfns, types, +- &pages->pfn[pages->count]); ++ rc = process_page_data(ctx, pages->count, ctx->restore.pfns, ++ ctx->restore.types, &pages->pfn[pages->count]); + err: +- free(types); +- + return rc; + } + +@@ -714,7 +704,8 @@ static int setup(struct xc_sr_context *c + } + + ctx->restore.pfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pfns)); +- if ( !ctx->restore.pfns ) ++ ctx->restore.types = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.types)); ++ if ( !ctx->restore.pfns || !ctx->restore.types ) + { + ERROR("Unable to allocate memory"); + rc = -1; +@@ -751,6 +742,7 @@ static void cleanup(struct xc_sr_context + + free(ctx->restore.buffered_records); + free(ctx->restore.populated_pfns); ++ free(ctx->restore.types); + free(ctx->restore.pfns); + + if ( ctx->restore.ops.cleanup(ctx) ) diff --git a/libxc-sr-save-errors.patch b/libxc-sr-save-errors.patch new file mode 100644 index 0000000..4f6d362 --- /dev/null +++ b/libxc-sr-save-errors.patch @@ -0,0 +1,109 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 11:26:05 +0200 +Subject: libxc sr save errors + +tools: save: preallocate errors array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in a batch. +Allocate the space once. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 1 + + tools/libs/guest/xg_sr_save.c | 20 ++++++++++---------- + 2 files changed, 11 insertions(+), 10 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -246,6 +246,7 @@ struct xc_sr_context + xen_pfn_t *batch_pfns; + xen_pfn_t *mfns; + xen_pfn_t *types; ++ int *errors; + unsigned int nr_batch_pfns; + unsigned long *deferred_pages; + unsigned long nr_deferred_pages; +--- a/tools/libs/guest/xg_sr_save.c ++++ b/tools/libs/guest/xg_sr_save.c +@@ -91,7 +91,7 @@ static int write_batch(struct xc_sr_cont + void *guest_mapping = NULL; + void **guest_data = NULL; + void **local_pages = NULL; +- int *errors = NULL, rc = -1; ++ int rc = -1; + unsigned int i, p, nr_pages = 0, nr_pages_mapped = 0; + unsigned int nr_pfns = ctx->save.nr_batch_pfns; + void *page, *orig_page; +@@ -104,8 +104,6 @@ static int write_batch(struct xc_sr_cont + + assert(nr_pfns != 0); + +- /* Errors from attempting to map the gfns. */ +- errors = malloc(nr_pfns * sizeof(*errors)); + /* Pointers to page data to send. Mapped gfns or local allocations. */ + guest_data = calloc(nr_pfns, sizeof(*guest_data)); + /* Pointers to locally allocated pages. Need freeing. */ +@@ -113,7 +111,7 @@ static int write_batch(struct xc_sr_cont + /* iovec[] for writev(). */ + iov = malloc((nr_pfns + 4) * sizeof(*iov)); + +- if ( !errors || !guest_data || !local_pages || !iov ) ++ if ( !guest_data || !local_pages || !iov ) + { + ERROR("Unable to allocate arrays for a batch of %u pages", + nr_pfns); +@@ -158,8 +156,8 @@ static int write_batch(struct xc_sr_cont + + if ( nr_pages > 0 ) + { +- guest_mapping = xenforeignmemory_map( +- xch->fmem, ctx->domid, PROT_READ, nr_pages, ctx->save.mfns, errors); ++ guest_mapping = xenforeignmemory_map(xch->fmem, ctx->domid, PROT_READ, ++ nr_pages, ctx->save.mfns, ctx->save.errors); + if ( !guest_mapping ) + { + PERROR("Failed to map guest pages"); +@@ -172,10 +170,11 @@ static int write_batch(struct xc_sr_cont + if ( !page_type_has_stream_data(ctx->save.types[i]) ) + continue; + +- if ( errors[p] ) ++ if ( ctx->save.errors[p] ) + { + ERROR("Mapping of pfn %#"PRIpfn" (mfn %#"PRIpfn") failed %d", +- ctx->save.batch_pfns[i], ctx->save.mfns[p], errors[p]); ++ ctx->save.batch_pfns[i], ctx->save.mfns[p], ++ ctx->save.errors[p]); + goto err; + } + +@@ -271,7 +270,6 @@ static int write_batch(struct xc_sr_cont + free(iov); + free(local_pages); + free(guest_data); +- free(errors); + + return rc; + } +@@ -846,10 +844,11 @@ static int setup(struct xc_sr_context *c + sizeof(*ctx->save.batch_pfns)); + ctx->save.mfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.mfns)); + ctx->save.types = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.types)); ++ ctx->save.errors = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.errors)); + ctx->save.deferred_pages = bitmap_alloc(ctx->save.p2m_size); + + if ( !ctx->save.batch_pfns || !ctx->save.mfns || !ctx->save.types || +- !dirty_bitmap || !ctx->save.deferred_pages ) ++ !ctx->save.errors || !dirty_bitmap || !ctx->save.deferred_pages ) + { + ERROR("Unable to allocate memory for dirty bitmaps, batch pfns and" + " deferred pages"); +@@ -880,6 +879,7 @@ static void cleanup(struct xc_sr_context + xc_hypercall_buffer_free_pages(xch, dirty_bitmap, + NRPAGES(bitmap_size(ctx->save.p2m_size))); + free(ctx->save.deferred_pages); ++ free(ctx->save.errors); + free(ctx->save.types); + free(ctx->save.mfns); + free(ctx->save.batch_pfns); diff --git a/libxc-sr-save-guest_data.patch b/libxc-sr-save-guest_data.patch new file mode 100644 index 0000000..bf3e464 --- /dev/null +++ b/libxc-sr-save-guest_data.patch @@ -0,0 +1,123 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 11:40:45 +0200 +Subject: libxc sr save guest_data + +tools: save: preallocate guest_data array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in a batch. +Allocate the space once. + +Because this was allocated with calloc: +Adjust the loop to clear unused entries as needed. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 1 + + tools/libs/guest/xg_sr_save.c | 20 +++++++++++--------- + 2 files changed, 12 insertions(+), 9 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -249,6 +249,7 @@ struct xc_sr_context + int *errors; + struct iovec *iov; + uint64_t *rec_pfns; ++ void **guest_data; + unsigned int nr_batch_pfns; + unsigned long *deferred_pages; + unsigned long nr_deferred_pages; +--- a/tools/libs/guest/xg_sr_save.c ++++ b/tools/libs/guest/xg_sr_save.c +@@ -89,7 +89,6 @@ static int write_batch(struct xc_sr_cont + { + xc_interface *xch = ctx->xch; + void *guest_mapping = NULL; +- void **guest_data = NULL; + void **local_pages = NULL; + int rc = -1; + unsigned int i, p, nr_pages = 0, nr_pages_mapped = 0; +@@ -103,12 +102,10 @@ static int write_batch(struct xc_sr_cont + + assert(nr_pfns != 0); + +- /* Pointers to page data to send. Mapped gfns or local allocations. */ +- guest_data = calloc(nr_pfns, sizeof(*guest_data)); + /* Pointers to locally allocated pages. Need freeing. */ + local_pages = calloc(nr_pfns, sizeof(*local_pages)); + +- if ( !guest_data || !local_pages ) ++ if ( !local_pages ) + { + ERROR("Unable to allocate arrays for a batch of %u pages", + nr_pfns); +@@ -165,7 +162,10 @@ static int write_batch(struct xc_sr_cont + for ( i = 0, p = 0; i < nr_pfns; ++i ) + { + if ( !page_type_has_stream_data(ctx->save.types[i]) ) ++ { ++ ctx->save.guest_data[i] = NULL; + continue; ++ } + + if ( ctx->save.errors[p] ) + { +@@ -183,6 +183,7 @@ static int write_batch(struct xc_sr_cont + + if ( rc ) + { ++ ctx->save.guest_data[i] = NULL; + if ( rc == -1 && errno == EAGAIN ) + { + set_bit(ctx->save.batch_pfns[i], ctx->save.deferred_pages); +@@ -194,7 +195,7 @@ static int write_batch(struct xc_sr_cont + goto err; + } + else +- guest_data[i] = page; ++ ctx->save.guest_data[i] = page; + + rc = -1; + ++p; +@@ -232,9 +233,9 @@ static int write_batch(struct xc_sr_cont + { + for ( i = 0; i < nr_pfns; ++i ) + { +- if ( guest_data[i] ) ++ if ( ctx->save.guest_data[i] ) + { +- ctx->save.iov[iovcnt].iov_base = guest_data[i]; ++ ctx->save.iov[iovcnt].iov_base = ctx->save.guest_data[i]; + ctx->save.iov[iovcnt].iov_len = PAGE_SIZE; + iovcnt++; + --nr_pages; +@@ -258,7 +259,6 @@ static int write_batch(struct xc_sr_cont + for ( i = 0; local_pages && i < nr_pfns; ++i ) + free(local_pages[i]); + free(local_pages); +- free(guest_data); + + return rc; + } +@@ -836,11 +836,12 @@ static int setup(struct xc_sr_context *c + ctx->save.errors = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.errors)); + ctx->save.iov = malloc((4 + MAX_BATCH_SIZE) * sizeof(*ctx->save.iov)); + ctx->save.rec_pfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.rec_pfns)); ++ ctx->save.guest_data = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.guest_data)); + ctx->save.deferred_pages = bitmap_alloc(ctx->save.p2m_size); + + if ( !ctx->save.batch_pfns || !ctx->save.mfns || !ctx->save.types || + !ctx->save.errors || !ctx->save.iov || !ctx->save.rec_pfns || +- !dirty_bitmap || !ctx->save.deferred_pages ) ++ !ctx->save.guest_data ||!dirty_bitmap || !ctx->save.deferred_pages ) + { + ERROR("Unable to allocate memory for dirty bitmaps, batch pfns and" + " deferred pages"); +@@ -871,6 +872,7 @@ static void cleanup(struct xc_sr_context + xc_hypercall_buffer_free_pages(xch, dirty_bitmap, + NRPAGES(bitmap_size(ctx->save.p2m_size))); + free(ctx->save.deferred_pages); ++ free(ctx->save.guest_data); + free(ctx->save.rec_pfns); + free(ctx->save.iov); + free(ctx->save.errors); diff --git a/libxc-sr-save-iov.patch b/libxc-sr-save-iov.patch new file mode 100644 index 0000000..aff908b --- /dev/null +++ b/libxc-sr-save-iov.patch @@ -0,0 +1,124 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 11:30:41 +0200 +Subject: libxc sr save iov + +tools: save: preallocate iov array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in a batch. +Allocate the space once. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 1 + + tools/libs/guest/xg_sr_save.c | 34 ++++++++++++++++----------------- + 2 files changed, 18 insertions(+), 17 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -247,6 +247,7 @@ struct xc_sr_context + xen_pfn_t *mfns; + xen_pfn_t *types; + int *errors; ++ struct iovec *iov; + unsigned int nr_batch_pfns; + unsigned long *deferred_pages; + unsigned long nr_deferred_pages; +--- a/tools/libs/guest/xg_sr_save.c ++++ b/tools/libs/guest/xg_sr_save.c +@@ -96,7 +96,7 @@ static int write_batch(struct xc_sr_cont + unsigned int nr_pfns = ctx->save.nr_batch_pfns; + void *page, *orig_page; + uint64_t *rec_pfns = NULL; +- struct iovec *iov = NULL; int iovcnt = 0; ++ int iovcnt = 0; + struct xc_sr_rec_page_data_header hdr = { 0 }; + struct xc_sr_record rec = { + .type = REC_TYPE_PAGE_DATA, +@@ -108,10 +108,8 @@ static int write_batch(struct xc_sr_cont + guest_data = calloc(nr_pfns, sizeof(*guest_data)); + /* Pointers to locally allocated pages. Need freeing. */ + local_pages = calloc(nr_pfns, sizeof(*local_pages)); +- /* iovec[] for writev(). */ +- iov = malloc((nr_pfns + 4) * sizeof(*iov)); + +- if ( !guest_data || !local_pages || !iov ) ++ if ( !guest_data || !local_pages ) + { + ERROR("Unable to allocate arrays for a batch of %u pages", + nr_pfns); +@@ -221,17 +219,17 @@ static int write_batch(struct xc_sr_cont + for ( i = 0; i < nr_pfns; ++i ) + rec_pfns[i] = ((uint64_t)(ctx->save.types[i]) << 32) | ctx->save.batch_pfns[i]; + +- iov[0].iov_base = &rec.type; +- iov[0].iov_len = sizeof(rec.type); ++ ctx->save.iov[0].iov_base = &rec.type; ++ ctx->save.iov[0].iov_len = sizeof(rec.type); + +- iov[1].iov_base = &rec.length; +- iov[1].iov_len = sizeof(rec.length); ++ ctx->save.iov[1].iov_base = &rec.length; ++ ctx->save.iov[1].iov_len = sizeof(rec.length); + +- iov[2].iov_base = &hdr; +- iov[2].iov_len = sizeof(hdr); ++ ctx->save.iov[2].iov_base = &hdr; ++ ctx->save.iov[2].iov_len = sizeof(hdr); + +- iov[3].iov_base = rec_pfns; +- iov[3].iov_len = nr_pfns * sizeof(*rec_pfns); ++ ctx->save.iov[3].iov_base = rec_pfns; ++ ctx->save.iov[3].iov_len = nr_pfns * sizeof(*rec_pfns); + + iovcnt = 4; + ctx->save.pages_sent += nr_pages; +@@ -243,15 +241,15 @@ static int write_batch(struct xc_sr_cont + { + if ( guest_data[i] ) + { +- iov[iovcnt].iov_base = guest_data[i]; +- iov[iovcnt].iov_len = PAGE_SIZE; ++ ctx->save.iov[iovcnt].iov_base = guest_data[i]; ++ ctx->save.iov[iovcnt].iov_len = PAGE_SIZE; + iovcnt++; + --nr_pages; + } + } + } + +- if ( writev_exact(ctx->fd, iov, iovcnt) ) ++ if ( writev_exact(ctx->fd, ctx->save.iov, iovcnt) ) + { + PERROR("Failed to write page data to stream"); + goto err; +@@ -267,7 +265,6 @@ static int write_batch(struct xc_sr_cont + xenforeignmemory_unmap(xch->fmem, guest_mapping, nr_pages_mapped); + for ( i = 0; local_pages && i < nr_pfns; ++i ) + free(local_pages[i]); +- free(iov); + free(local_pages); + free(guest_data); + +@@ -845,10 +842,12 @@ static int setup(struct xc_sr_context *c + ctx->save.mfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.mfns)); + ctx->save.types = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.types)); + ctx->save.errors = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.errors)); ++ ctx->save.iov = malloc((4 + MAX_BATCH_SIZE) * sizeof(*ctx->save.iov)); + ctx->save.deferred_pages = bitmap_alloc(ctx->save.p2m_size); + + if ( !ctx->save.batch_pfns || !ctx->save.mfns || !ctx->save.types || +- !ctx->save.errors || !dirty_bitmap || !ctx->save.deferred_pages ) ++ !ctx->save.errors || !ctx->save.iov || !dirty_bitmap || ++ !ctx->save.deferred_pages ) + { + ERROR("Unable to allocate memory for dirty bitmaps, batch pfns and" + " deferred pages"); +@@ -879,6 +878,7 @@ static void cleanup(struct xc_sr_context + xc_hypercall_buffer_free_pages(xch, dirty_bitmap, + NRPAGES(bitmap_size(ctx->save.p2m_size))); + free(ctx->save.deferred_pages); ++ free(ctx->save.iov); + free(ctx->save.errors); + free(ctx->save.types); + free(ctx->save.mfns); diff --git a/libxc-sr-save-local_pages.patch b/libxc-sr-save-local_pages.patch new file mode 100644 index 0000000..3956b38 --- /dev/null +++ b/libxc-sr-save-local_pages.patch @@ -0,0 +1,218 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 12:47:56 +0200 +Subject: libxc sr save local_pages + +tools: save: preallocate local_pages array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in a batch. +Allocate the space once. + +Adjust the code to use the unmodified src page in case of HVM. +In case of PV the page may need to be normalised, use a private memory +area for this purpose. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 22 ++++++++++--------- + tools/libs/guest/xg_sr_save.c | 26 ++++------------------ + tools/libs/guest/xg_sr_save_x86_hvm.c | 5 +++-- + tools/libs/guest/xg_sr_save_x86_pv.c | 31 ++++++++++++++++++--------- + 4 files changed, 40 insertions(+), 44 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -33,16 +33,12 @@ struct xc_sr_save_ops + * Optionally transform the contents of a page from being specific to the + * sending environment, to being generic for the stream. + * +- * The page of data at the end of 'page' may be a read-only mapping of a +- * running guest; it must not be modified. If no transformation is +- * required, the callee should leave '*pages' untouched. ++ * The page of data '*src' may be a read-only mapping of a running guest; ++ * it must not be modified. If no transformation is required, the callee ++ * should leave '*src' untouched, and return it via '**ptr'. + * +- * If a transformation is required, the callee should allocate themselves +- * a local page using malloc() and return it via '*page'. +- * +- * The caller shall free() '*page' in all cases. In the case that the +- * callee encounters an error, it should *NOT* free() the memory it +- * allocated for '*page'. ++ * If a transformation is required, the callee should provide the ++ * transformed page in a private buffer and return it via '**ptr'. + * + * It is valid to fail with EAGAIN if the transformation is not able to be + * completed at this point. The page shall be retried later. +@@ -50,7 +46,7 @@ struct xc_sr_save_ops + * @returns 0 for success, -1 for failure, with errno appropriately set. + */ + int (*normalise_page)(struct xc_sr_context *ctx, xen_pfn_t type, +- void **page); ++ void *src, unsigned int idx, void **ptr); + + /** + * Set up local environment to save a domain. (Typically querying +@@ -359,6 +355,12 @@ struct xc_sr_context + { + struct + { ++ /* Used by write_batch for modified pages. */ ++ void *normalised_pages; ++ } save; ++ ++ struct ++ { + /* State machine for the order of received records. */ + bool seen_pv_info; + +--- a/tools/libs/guest/xg_sr_save.c ++++ b/tools/libs/guest/xg_sr_save.c +@@ -89,11 +89,10 @@ static int write_batch(struct xc_sr_cont + { + xc_interface *xch = ctx->xch; + void *guest_mapping = NULL; +- void **local_pages = NULL; + int rc = -1; + unsigned int i, p, nr_pages = 0, nr_pages_mapped = 0; + unsigned int nr_pfns = ctx->save.nr_batch_pfns; +- void *page, *orig_page; ++ void *src; + int iovcnt = 0; + struct xc_sr_rec_page_data_header hdr = { 0 }; + struct xc_sr_record rec = { +@@ -102,16 +101,6 @@ static int write_batch(struct xc_sr_cont + + assert(nr_pfns != 0); + +- /* Pointers to locally allocated pages. Need freeing. */ +- local_pages = calloc(nr_pfns, sizeof(*local_pages)); +- +- if ( !local_pages ) +- { +- ERROR("Unable to allocate arrays for a batch of %u pages", +- nr_pfns); +- goto err; +- } +- + for ( i = 0; i < nr_pfns; ++i ) + { + ctx->save.types[i] = ctx->save.mfns[i] = ctx->save.ops.pfn_to_gfn(ctx, +@@ -175,11 +164,9 @@ static int write_batch(struct xc_sr_cont + goto err; + } + +- orig_page = page = guest_mapping + (p * PAGE_SIZE); +- rc = ctx->save.ops.normalise_page(ctx, ctx->save.types[i], &page); +- +- if ( orig_page != page ) +- local_pages[i] = page; ++ src = guest_mapping + (p * PAGE_SIZE); ++ rc = ctx->save.ops.normalise_page(ctx, ctx->save.types[i], src, i, ++ &ctx->save.guest_data[i]); + + if ( rc ) + { +@@ -194,8 +181,6 @@ static int write_batch(struct xc_sr_cont + else + goto err; + } +- else +- ctx->save.guest_data[i] = page; + + rc = -1; + ++p; +@@ -256,9 +241,6 @@ static int write_batch(struct xc_sr_cont + err: + if ( guest_mapping ) + xenforeignmemory_unmap(xch->fmem, guest_mapping, nr_pages_mapped); +- for ( i = 0; local_pages && i < nr_pfns; ++i ) +- free(local_pages[i]); +- free(local_pages); + + return rc; + } +--- a/tools/libs/guest/xg_sr_save_x86_hvm.c ++++ b/tools/libs/guest/xg_sr_save_x86_hvm.c +@@ -129,9 +129,10 @@ static xen_pfn_t x86_hvm_pfn_to_gfn(cons + return pfn; + } + +-static int x86_hvm_normalise_page(struct xc_sr_context *ctx, +- xen_pfn_t type, void **page) ++static int x86_hvm_normalise_page(struct xc_sr_context *ctx, xen_pfn_t type, ++ void *src, unsigned int idx, void **ptr) + { ++ *ptr = src; + return 0; + } + +--- a/tools/libs/guest/xg_sr_save_x86_pv.c ++++ b/tools/libs/guest/xg_sr_save_x86_pv.c +@@ -999,29 +999,31 @@ static xen_pfn_t x86_pv_pfn_to_gfn(const + * save_ops function. Performs pagetable normalisation on appropriate pages. + */ + static int x86_pv_normalise_page(struct xc_sr_context *ctx, xen_pfn_t type, +- void **page) ++ void *src, unsigned int idx, void **ptr) + { + xc_interface *xch = ctx->xch; +- void *local_page; ++ void *dst; + int rc; + + type &= XEN_DOMCTL_PFINFO_LTABTYPE_MASK; + + if ( type < XEN_DOMCTL_PFINFO_L1TAB || type > XEN_DOMCTL_PFINFO_L4TAB ) ++ { ++ *ptr = src; + return 0; ++ } + +- local_page = malloc(PAGE_SIZE); +- if ( !local_page ) ++ if ( idx >= MAX_BATCH_SIZE ) + { +- ERROR("Unable to allocate scratch page"); +- rc = -1; +- goto out; ++ ERROR("idx %u out of range", idx); ++ errno = ERANGE; ++ return -1; + } + +- rc = normalise_pagetable(ctx, *page, local_page, type); +- *page = local_page; ++ dst = ctx->x86.pv.save.normalised_pages + (idx * PAGE_SIZE); ++ rc = normalise_pagetable(ctx, src, dst, type); ++ *ptr = dst; + +- out: + return rc; + } + +@@ -1031,8 +1033,16 @@ static int x86_pv_normalise_page(struct + */ + static int x86_pv_setup(struct xc_sr_context *ctx) + { ++ xc_interface *xch = ctx->xch; + int rc; + ++ ctx->x86.pv.save.normalised_pages = malloc(MAX_BATCH_SIZE * PAGE_SIZE); ++ if ( !ctx->x86.pv.save.normalised_pages ) ++ { ++ PERROR("Failed to allocate normalised_pages"); ++ return -1; ++ } ++ + rc = x86_pv_domain_info(ctx); + if ( rc ) + return rc; +@@ -1118,6 +1128,7 @@ static int x86_pv_check_vm_state(struct + + static int x86_pv_cleanup(struct xc_sr_context *ctx) + { ++ free(ctx->x86.pv.save.normalised_pages); + free(ctx->x86.pv.p2m_pfns); + + if ( ctx->x86.pv.p2m ) diff --git a/libxc-sr-save-mfns.patch b/libxc-sr-save-mfns.patch new file mode 100644 index 0000000..585ccf7 --- /dev/null +++ b/libxc-sr-save-mfns.patch @@ -0,0 +1,132 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 11:20:36 +0200 +Subject: libxc sr save mfns + +tools: save: preallocate mfns array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in a batch, see add_to_batch. +Allocate the space once. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 1 + + tools/libs/guest/xg_sr_save.c | 25 +++++++++++++------------ + 2 files changed, 14 insertions(+), 12 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -244,6 +244,7 @@ struct xc_sr_context + struct precopy_stats stats; + + xen_pfn_t *batch_pfns; ++ xen_pfn_t *mfns; + unsigned int nr_batch_pfns; + unsigned long *deferred_pages; + unsigned long nr_deferred_pages; +--- a/tools/libs/guest/xg_sr_save.c ++++ b/tools/libs/guest/xg_sr_save.c +@@ -88,7 +88,7 @@ static int write_checkpoint_record(struc + static int write_batch(struct xc_sr_context *ctx) + { + xc_interface *xch = ctx->xch; +- xen_pfn_t *mfns = NULL, *types = NULL; ++ xen_pfn_t *types = NULL; + void *guest_mapping = NULL; + void **guest_data = NULL; + void **local_pages = NULL; +@@ -105,8 +105,6 @@ static int write_batch(struct xc_sr_cont + + assert(nr_pfns != 0); + +- /* Mfns of the batch pfns. */ +- mfns = malloc(nr_pfns * sizeof(*mfns)); + /* Types of the batch pfns. */ + types = malloc(nr_pfns * sizeof(*types)); + /* Errors from attempting to map the gfns. */ +@@ -118,7 +116,7 @@ static int write_batch(struct xc_sr_cont + /* iovec[] for writev(). */ + iov = malloc((nr_pfns + 4) * sizeof(*iov)); + +- if ( !mfns || !types || !errors || !guest_data || !local_pages || !iov ) ++ if ( !types || !errors || !guest_data || !local_pages || !iov ) + { + ERROR("Unable to allocate arrays for a batch of %u pages", + nr_pfns); +@@ -127,11 +125,11 @@ static int write_batch(struct xc_sr_cont + + for ( i = 0; i < nr_pfns; ++i ) + { +- types[i] = mfns[i] = ctx->save.ops.pfn_to_gfn(ctx, ++ types[i] = ctx->save.mfns[i] = ctx->save.ops.pfn_to_gfn(ctx, + ctx->save.batch_pfns[i]); + + /* Likely a ballooned page. */ +- if ( mfns[i] == INVALID_MFN ) ++ if ( ctx->save.mfns[i] == INVALID_MFN ) + { + set_bit(ctx->save.batch_pfns[i], ctx->save.deferred_pages); + ++ctx->save.nr_deferred_pages; +@@ -150,20 +148,21 @@ static int write_batch(struct xc_sr_cont + { + if ( !is_known_page_type(types[i]) ) + { +- ERROR("Unknown type %#"PRIpfn" for pfn %#"PRIpfn, types[i], mfns[i]); ++ ERROR("Unknown type %#"PRIpfn" for pfn %#"PRIpfn, ++ types[i], ctx->save.mfns[i]); + goto err; + } + + if ( !page_type_has_stream_data(types[i]) ) + continue; + +- mfns[nr_pages++] = mfns[i]; ++ ctx->save.mfns[nr_pages++] = ctx->save.mfns[i]; + } + + if ( nr_pages > 0 ) + { + guest_mapping = xenforeignmemory_map( +- xch->fmem, ctx->domid, PROT_READ, nr_pages, mfns, errors); ++ xch->fmem, ctx->domid, PROT_READ, nr_pages, ctx->save.mfns, errors); + if ( !guest_mapping ) + { + PERROR("Failed to map guest pages"); +@@ -179,7 +178,7 @@ static int write_batch(struct xc_sr_cont + if ( errors[p] ) + { + ERROR("Mapping of pfn %#"PRIpfn" (mfn %#"PRIpfn") failed %d", +- ctx->save.batch_pfns[i], mfns[p], errors[p]); ++ ctx->save.batch_pfns[i], ctx->save.mfns[p], errors[p]); + goto err; + } + +@@ -277,7 +276,6 @@ static int write_batch(struct xc_sr_cont + free(guest_data); + free(errors); + free(types); +- free(mfns); + + return rc; + } +@@ -850,9 +848,11 @@ static int setup(struct xc_sr_context *c + xch, dirty_bitmap, NRPAGES(bitmap_size(ctx->save.p2m_size))); + ctx->save.batch_pfns = malloc(MAX_BATCH_SIZE * + sizeof(*ctx->save.batch_pfns)); ++ ctx->save.mfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.mfns)); + ctx->save.deferred_pages = bitmap_alloc(ctx->save.p2m_size); + +- if ( !ctx->save.batch_pfns || !dirty_bitmap || !ctx->save.deferred_pages ) ++ if ( !ctx->save.batch_pfns || !ctx->save.mfns || ++ !dirty_bitmap || !ctx->save.deferred_pages ) + { + ERROR("Unable to allocate memory for dirty bitmaps, batch pfns and" + " deferred pages"); +@@ -883,6 +883,7 @@ static void cleanup(struct xc_sr_context + xc_hypercall_buffer_free_pages(xch, dirty_bitmap, + NRPAGES(bitmap_size(ctx->save.p2m_size))); + free(ctx->save.deferred_pages); ++ free(ctx->save.mfns); + free(ctx->save.batch_pfns); + } + diff --git a/libxc-sr-save-rec_pfns.patch b/libxc-sr-save-rec_pfns.patch new file mode 100644 index 0000000..f0958e2 --- /dev/null +++ b/libxc-sr-save-rec_pfns.patch @@ -0,0 +1,110 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 11:34:00 +0200 +Subject: libxc sr save rec_pfns + +tools: save: preallocate rec_pfns array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in a batch. +Allocate the space once. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 1 + + tools/libs/guest/xg_sr_save.c | 28 +++++++++++----------------- + 2 files changed, 12 insertions(+), 17 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -248,6 +248,7 @@ struct xc_sr_context + xen_pfn_t *types; + int *errors; + struct iovec *iov; ++ uint64_t *rec_pfns; + unsigned int nr_batch_pfns; + unsigned long *deferred_pages; + unsigned long nr_deferred_pages; +--- a/tools/libs/guest/xg_sr_save.c ++++ b/tools/libs/guest/xg_sr_save.c +@@ -95,7 +95,6 @@ static int write_batch(struct xc_sr_cont + unsigned int i, p, nr_pages = 0, nr_pages_mapped = 0; + unsigned int nr_pfns = ctx->save.nr_batch_pfns; + void *page, *orig_page; +- uint64_t *rec_pfns = NULL; + int iovcnt = 0; + struct xc_sr_rec_page_data_header hdr = { 0 }; + struct xc_sr_record rec = { +@@ -202,22 +201,15 @@ static int write_batch(struct xc_sr_cont + } + } + +- rec_pfns = malloc(nr_pfns * sizeof(*rec_pfns)); +- if ( !rec_pfns ) +- { +- ERROR("Unable to allocate %zu bytes of memory for page data pfn list", +- nr_pfns * sizeof(*rec_pfns)); +- goto err; +- } +- + hdr.count = nr_pfns; + + rec.length = sizeof(hdr); +- rec.length += nr_pfns * sizeof(*rec_pfns); ++ rec.length += nr_pfns * sizeof(*ctx->save.rec_pfns); + rec.length += nr_pages * PAGE_SIZE; + + for ( i = 0; i < nr_pfns; ++i ) +- rec_pfns[i] = ((uint64_t)(ctx->save.types[i]) << 32) | ctx->save.batch_pfns[i]; ++ ctx->save.rec_pfns[i] = ((uint64_t)(ctx->save.types[i]) << 32) | ++ ctx->save.batch_pfns[i]; + + ctx->save.iov[0].iov_base = &rec.type; + ctx->save.iov[0].iov_len = sizeof(rec.type); +@@ -228,12 +220,13 @@ static int write_batch(struct xc_sr_cont + ctx->save.iov[2].iov_base = &hdr; + ctx->save.iov[2].iov_len = sizeof(hdr); + +- ctx->save.iov[3].iov_base = rec_pfns; +- ctx->save.iov[3].iov_len = nr_pfns * sizeof(*rec_pfns); ++ ctx->save.iov[3].iov_base = ctx->save.rec_pfns; ++ ctx->save.iov[3].iov_len = nr_pfns * sizeof(*ctx->save.rec_pfns); + + iovcnt = 4; + ctx->save.pages_sent += nr_pages; +- ctx->save.overhead_sent += sizeof(rec) + sizeof(hdr) + nr_pfns * sizeof(*rec_pfns); ++ ctx->save.overhead_sent += sizeof(rec) + sizeof(hdr) + ++ nr_pfns * sizeof(*ctx->save.rec_pfns); + + if ( nr_pages ) + { +@@ -260,7 +253,6 @@ static int write_batch(struct xc_sr_cont + rc = ctx->save.nr_batch_pfns = 0; + + err: +- free(rec_pfns); + if ( guest_mapping ) + xenforeignmemory_unmap(xch->fmem, guest_mapping, nr_pages_mapped); + for ( i = 0; local_pages && i < nr_pfns; ++i ) +@@ -843,11 +835,12 @@ static int setup(struct xc_sr_context *c + ctx->save.types = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.types)); + ctx->save.errors = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.errors)); + ctx->save.iov = malloc((4 + MAX_BATCH_SIZE) * sizeof(*ctx->save.iov)); ++ ctx->save.rec_pfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.rec_pfns)); + ctx->save.deferred_pages = bitmap_alloc(ctx->save.p2m_size); + + if ( !ctx->save.batch_pfns || !ctx->save.mfns || !ctx->save.types || +- !ctx->save.errors || !ctx->save.iov || !dirty_bitmap || +- !ctx->save.deferred_pages ) ++ !ctx->save.errors || !ctx->save.iov || !ctx->save.rec_pfns || ++ !dirty_bitmap || !ctx->save.deferred_pages ) + { + ERROR("Unable to allocate memory for dirty bitmaps, batch pfns and" + " deferred pages"); +@@ -878,6 +871,7 @@ static void cleanup(struct xc_sr_context + xc_hypercall_buffer_free_pages(xch, dirty_bitmap, + NRPAGES(bitmap_size(ctx->save.p2m_size))); + free(ctx->save.deferred_pages); ++ free(ctx->save.rec_pfns); + free(ctx->save.iov); + free(ctx->save.errors); + free(ctx->save.types); diff --git a/libxc-sr-save-show_transfer_rate.patch b/libxc-sr-save-show_transfer_rate.patch new file mode 100644 index 0000000..2387fa1 --- /dev/null +++ b/libxc-sr-save-show_transfer_rate.patch @@ -0,0 +1,116 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 15:39:59 +0200 +Subject: libxc sr save show_transfer_rate + +tools: show migration transfer rate in send_dirty_pages + +Show how fast domU pages are transferred in each iteration. + +The relevant data is how fast the pfns travel, not so much how much +protocol overhead exists. So the reported MiB/sec is just for pfns. + +Signed-off-by: Olaf Hering + +v02: +- rearrange MiB_sec calculation (jgross) +--- + tools/libs/guest/xg_sr_common.h | 2 ++ + tools/libs/guest/xg_sr_save.c | 46 +++++++++++++++++++++++++++++++++ + 2 files changed, 48 insertions(+) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -238,6 +238,8 @@ struct xc_sr_context + bool debug; + + unsigned long p2m_size; ++ size_t pages_sent; ++ size_t overhead_sent; + + struct precopy_stats stats; + +--- a/tools/libs/guest/xg_sr_save.c ++++ b/tools/libs/guest/xg_sr_save.c +@@ -1,5 +1,6 @@ + #include + #include ++#include + + #include "xg_sr_common.h" + +@@ -238,6 +239,8 @@ static int write_batch(struct xc_sr_cont + iov[3].iov_len = nr_pfns * sizeof(*rec_pfns); + + iovcnt = 4; ++ ctx->save.pages_sent += nr_pages; ++ ctx->save.overhead_sent += sizeof(rec) + sizeof(hdr) + nr_pfns * sizeof(*rec_pfns); + + if ( nr_pages ) + { +@@ -356,6 +359,42 @@ static int suspend_domain(struct xc_sr_c + return 0; + } + ++static void show_transfer_rate(struct xc_sr_context *ctx, struct timespec *start) ++{ ++ xc_interface *xch = ctx->xch; ++ struct timespec end = {}, diff = {}; ++ size_t ms, MiB_sec; ++ ++ if (!ctx->save.pages_sent) ++ return; ++ ++ if ( clock_gettime(CLOCK_MONOTONIC, &end) ) ++ PERROR("clock_gettime"); ++ ++ if ( (end.tv_nsec - start->tv_nsec) < 0 ) ++ { ++ diff.tv_sec = end.tv_sec - start->tv_sec - 1; ++ diff.tv_nsec = end.tv_nsec - start->tv_nsec + (1000U*1000U*1000U); ++ } ++ else ++ { ++ diff.tv_sec = end.tv_sec - start->tv_sec; ++ diff.tv_nsec = end.tv_nsec - start->tv_nsec; ++ } ++ ++ ms = (diff.tv_nsec / (1000U*1000U)); ++ ms += (diff.tv_sec * 1000U); ++ if (!ms) ++ ms = 1; ++ ++ MiB_sec = (ctx->save.pages_sent * PAGE_SIZE * 1000U) / ms / (1024U*1024U); ++ ++ errno = 0; ++ IPRINTF("%s: %zu bytes + %zu pages in %ld.%09ld sec, %zu MiB/sec", __func__, ++ ctx->save.overhead_sent, ctx->save.pages_sent, ++ diff.tv_sec, diff.tv_nsec, MiB_sec); ++} ++ + /* + * Send a subset of pages in the guests p2m, according to the dirty bitmap. + * Used for each subsequent iteration of the live migration loop. +@@ -369,9 +408,15 @@ static int send_dirty_pages(struct xc_sr + xen_pfn_t p; + unsigned long written; + int rc; ++ struct timespec start = {}; + DECLARE_HYPERCALL_BUFFER_SHADOW(unsigned long, dirty_bitmap, + &ctx->save.dirty_bitmap_hbuf); + ++ ctx->save.pages_sent = 0; ++ ctx->save.overhead_sent = 0; ++ if ( clock_gettime(CLOCK_MONOTONIC, &start) ) ++ PERROR("clock_gettime"); ++ + for ( p = 0, written = 0; p < ctx->save.p2m_size; ++p ) + { + if ( !test_bit(p, dirty_bitmap) ) +@@ -395,6 +440,7 @@ static int send_dirty_pages(struct xc_sr + if ( written > entries ) + DPRINTF("Bitmap contained more entries than expected..."); + ++ show_transfer_rate(ctx, &start); + xc_report_progress_step(xch, entries, entries); + + return ctx->save.ops.check_vm_state(ctx); diff --git a/libxc-sr-save-types.patch b/libxc-sr-save-types.patch new file mode 100644 index 0000000..454308e --- /dev/null +++ b/libxc-sr-save-types.patch @@ -0,0 +1,154 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 11:23:51 +0200 +Subject: libxc sr save types + +tools: save: preallocate types array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in a batch. +Allocate the space once. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 1 + + tools/libs/guest/xg_sr_save.c | 28 +++++++++++++--------------- + 2 files changed, 14 insertions(+), 15 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -245,6 +245,7 @@ struct xc_sr_context + + xen_pfn_t *batch_pfns; + xen_pfn_t *mfns; ++ xen_pfn_t *types; + unsigned int nr_batch_pfns; + unsigned long *deferred_pages; + unsigned long nr_deferred_pages; +--- a/tools/libs/guest/xg_sr_save.c ++++ b/tools/libs/guest/xg_sr_save.c +@@ -88,7 +88,6 @@ static int write_checkpoint_record(struc + static int write_batch(struct xc_sr_context *ctx) + { + xc_interface *xch = ctx->xch; +- xen_pfn_t *types = NULL; + void *guest_mapping = NULL; + void **guest_data = NULL; + void **local_pages = NULL; +@@ -105,8 +104,6 @@ static int write_batch(struct xc_sr_cont + + assert(nr_pfns != 0); + +- /* Types of the batch pfns. */ +- types = malloc(nr_pfns * sizeof(*types)); + /* Errors from attempting to map the gfns. */ + errors = malloc(nr_pfns * sizeof(*errors)); + /* Pointers to page data to send. Mapped gfns or local allocations. */ +@@ -116,7 +113,7 @@ static int write_batch(struct xc_sr_cont + /* iovec[] for writev(). */ + iov = malloc((nr_pfns + 4) * sizeof(*iov)); + +- if ( !types || !errors || !guest_data || !local_pages || !iov ) ++ if ( !errors || !guest_data || !local_pages || !iov ) + { + ERROR("Unable to allocate arrays for a batch of %u pages", + nr_pfns); +@@ -125,7 +122,7 @@ static int write_batch(struct xc_sr_cont + + for ( i = 0; i < nr_pfns; ++i ) + { +- types[i] = ctx->save.mfns[i] = ctx->save.ops.pfn_to_gfn(ctx, ++ ctx->save.types[i] = ctx->save.mfns[i] = ctx->save.ops.pfn_to_gfn(ctx, + ctx->save.batch_pfns[i]); + + /* Likely a ballooned page. */ +@@ -136,7 +133,7 @@ static int write_batch(struct xc_sr_cont + } + } + +- rc = xc_get_pfn_type_batch(xch, ctx->domid, nr_pfns, types); ++ rc = xc_get_pfn_type_batch(xch, ctx->domid, nr_pfns, ctx->save.types); + if ( rc ) + { + PERROR("Failed to get types for pfn batch"); +@@ -146,14 +143,14 @@ static int write_batch(struct xc_sr_cont + + for ( i = 0; i < nr_pfns; ++i ) + { +- if ( !is_known_page_type(types[i]) ) ++ if ( !is_known_page_type(ctx->save.types[i]) ) + { + ERROR("Unknown type %#"PRIpfn" for pfn %#"PRIpfn, +- types[i], ctx->save.mfns[i]); ++ ctx->save.types[i], ctx->save.mfns[i]); + goto err; + } + +- if ( !page_type_has_stream_data(types[i]) ) ++ if ( !page_type_has_stream_data(ctx->save.types[i]) ) + continue; + + ctx->save.mfns[nr_pages++] = ctx->save.mfns[i]; +@@ -172,7 +169,7 @@ static int write_batch(struct xc_sr_cont + + for ( i = 0, p = 0; i < nr_pfns; ++i ) + { +- if ( !page_type_has_stream_data(types[i]) ) ++ if ( !page_type_has_stream_data(ctx->save.types[i]) ) + continue; + + if ( errors[p] ) +@@ -183,7 +180,7 @@ static int write_batch(struct xc_sr_cont + } + + orig_page = page = guest_mapping + (p * PAGE_SIZE); +- rc = ctx->save.ops.normalise_page(ctx, types[i], &page); ++ rc = ctx->save.ops.normalise_page(ctx, ctx->save.types[i], &page); + + if ( orig_page != page ) + local_pages[i] = page; +@@ -194,7 +191,7 @@ static int write_batch(struct xc_sr_cont + { + set_bit(ctx->save.batch_pfns[i], ctx->save.deferred_pages); + ++ctx->save.nr_deferred_pages; +- types[i] = XEN_DOMCTL_PFINFO_XTAB; ++ ctx->save.types[i] = XEN_DOMCTL_PFINFO_XTAB; + --nr_pages; + } + else +@@ -223,7 +220,7 @@ static int write_batch(struct xc_sr_cont + rec.length += nr_pages * PAGE_SIZE; + + for ( i = 0; i < nr_pfns; ++i ) +- rec_pfns[i] = ((uint64_t)(types[i]) << 32) | ctx->save.batch_pfns[i]; ++ rec_pfns[i] = ((uint64_t)(ctx->save.types[i]) << 32) | ctx->save.batch_pfns[i]; + + iov[0].iov_base = &rec.type; + iov[0].iov_len = sizeof(rec.type); +@@ -275,7 +272,6 @@ static int write_batch(struct xc_sr_cont + free(local_pages); + free(guest_data); + free(errors); +- free(types); + + return rc; + } +@@ -849,9 +845,10 @@ static int setup(struct xc_sr_context *c + ctx->save.batch_pfns = malloc(MAX_BATCH_SIZE * + sizeof(*ctx->save.batch_pfns)); + ctx->save.mfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.mfns)); ++ ctx->save.types = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.types)); + ctx->save.deferred_pages = bitmap_alloc(ctx->save.p2m_size); + +- if ( !ctx->save.batch_pfns || !ctx->save.mfns || ++ if ( !ctx->save.batch_pfns || !ctx->save.mfns || !ctx->save.types || + !dirty_bitmap || !ctx->save.deferred_pages ) + { + ERROR("Unable to allocate memory for dirty bitmaps, batch pfns and" +@@ -883,6 +880,7 @@ static void cleanup(struct xc_sr_context + xc_hypercall_buffer_free_pages(xch, dirty_bitmap, + NRPAGES(bitmap_size(ctx->save.p2m_size))); + free(ctx->save.deferred_pages); ++ free(ctx->save.types); + free(ctx->save.mfns); + free(ctx->save.batch_pfns); + } diff --git a/libxc-sr-track-migration-time.patch b/libxc-sr-track-migration-time.patch new file mode 100644 index 0000000..087ff90 --- /dev/null +++ b/libxc-sr-track-migration-time.patch @@ -0,0 +1,263 @@ +From: Olaf Hering +Date: Thu, 4 Feb 2021 20:33:53 +0100 +Subject: libxc sr track migration time + +Track live migration state unconditionally in logfiles to see how long a domU was suspended. + +Signed-off-by: Olaf Hering +--- + tools/include/xentoollog.h | 1 + + tools/libs/ctrl/xc_domain.c | 12 +++++-- + tools/libs/ctrl/xc_private.h | 9 +++++ + tools/libs/guest/xg_resume.c | 5 ++- + tools/libs/guest/xg_sr_common.c | 59 ++++++++++++++++++++++++++++++++ + tools/libs/guest/xg_sr_common.h | 3 ++ + tools/libs/guest/xg_sr_restore.c | 3 ++ + tools/libs/guest/xg_sr_save.c | 6 +++- + tools/xl/xl.c | 2 ++ + 9 files changed, 96 insertions(+), 4 deletions(-) + +--- a/tools/include/xentoollog.h ++++ b/tools/include/xentoollog.h +@@ -133,6 +133,7 @@ const char *xtl_level_to_string(xentooll + }); + + ++#define XL_NO_SUSEINFO "XL_NO_SUSEINFO" + #endif /* XENTOOLLOG_H */ + + /* +--- a/tools/libs/ctrl/xc_domain.c ++++ b/tools/libs/ctrl/xc_domain.c +@@ -66,20 +66,28 @@ int xc_domain_cacheflush(xc_interface *x + int xc_domain_pause(xc_interface *xch, + uint32_t domid) + { ++ int ret; + DECLARE_DOMCTL; + domctl.cmd = XEN_DOMCTL_pausedomain; + domctl.domain = domid; +- return do_domctl(xch, &domctl); ++ ret = do_domctl(xch, &domctl); ++ if (getenv(XL_NO_SUSEINFO) == NULL) ++ SUSEINFO("domid %u: %s returned %d", domid, __func__, ret); ++ return ret; + } + + + int xc_domain_unpause(xc_interface *xch, + uint32_t domid) + { ++ int ret; + DECLARE_DOMCTL; + domctl.cmd = XEN_DOMCTL_unpausedomain; + domctl.domain = domid; +- return do_domctl(xch, &domctl); ++ ret = do_domctl(xch, &domctl); ++ if (getenv(XL_NO_SUSEINFO) == NULL) ++ SUSEINFO("domid %u: %s returned %d", domid, __func__, ret); ++ return ret; + } + + +--- a/tools/libs/ctrl/xc_private.h ++++ b/tools/libs/ctrl/xc_private.h +@@ -42,6 +42,15 @@ + + #include + ++/* ++ * Using loglevel ERROR to make sure the intended informational messages appear ++ * in libvirts libxl-driver.log ++ */ ++#define SUSEINFO(_m, _a...) do { int ERROR_errno = errno; \ ++ xc_report(xch, xch->error_handler, XTL_ERROR, XC_ERROR_NONE, "SUSEINFO: " _m , ## _a ); \ ++ errno = ERROR_errno; \ ++ } while (0) ++ + #if defined(HAVE_VALGRIND_MEMCHECK_H) && !defined(NDEBUG) && !defined(__MINIOS__) + /* Compile in Valgrind client requests? */ + #include +--- a/tools/libs/guest/xg_resume.c ++++ b/tools/libs/guest/xg_resume.c +@@ -259,7 +259,10 @@ out: + */ + int xc_domain_resume(xc_interface *xch, uint32_t domid, int fast) + { +- return (fast ++ int ret = (fast + ? xc_domain_resume_cooperative(xch, domid) + : xc_domain_resume_any(xch, domid)); ++ if (getenv(XL_NO_SUSEINFO) == NULL) ++ SUSEINFO("domid %u: %s%s returned %d", domid, __func__, fast ? " fast" : "", ret); ++ return ret; + } +--- a/tools/libs/guest/xg_sr_common.c ++++ b/tools/libs/guest/xg_sr_common.c +@@ -163,6 +163,65 @@ static void __attribute__((unused)) buil + BUILD_BUG_ON(sizeof(struct xc_sr_rec_hvm_params) != 8); + } + ++/* Write a two-character hex representation of 'byte' to digits[]. ++ Pre-condition: sizeof(digits) >= 2 */ ++static void byte_to_hex(char *digits, const uint8_t byte) ++{ ++ uint8_t nybbel = byte >> 4; ++ ++ if ( nybbel > 9 ) ++ digits[0] = 'a' + nybbel-10; ++ else ++ digits[0] = '0' + nybbel; ++ ++ nybbel = byte & 0x0f; ++ if ( nybbel > 9 ) ++ digits[1] = 'a' + nybbel-10; ++ else ++ digits[1] = '0' + nybbel; ++} ++ ++/* Convert an array of 16 unsigned bytes to a DCE/OSF formatted UUID ++ string. ++ ++ Pre-condition: sizeof(dest) >= 37 */ ++void sr_uuid_to_string(char *dest, const uint8_t *uuid) ++{ ++ int i = 0; ++ char *p = dest; ++ ++ for (; i < 4; i++ ) ++ { ++ byte_to_hex(p, uuid[i]); ++ p += 2; ++ } ++ *p++ = '-'; ++ for (; i < 6; i++ ) ++ { ++ byte_to_hex(p, uuid[i]); ++ p += 2; ++ } ++ *p++ = '-'; ++ for (; i < 8; i++ ) ++ { ++ byte_to_hex(p, uuid[i]); ++ p += 2; ++ } ++ *p++ = '-'; ++ for (; i < 10; i++ ) ++ { ++ byte_to_hex(p, uuid[i]); ++ p += 2; ++ } ++ *p++ = '-'; ++ for (; i < 16; i++ ) ++ { ++ byte_to_hex(p, uuid[i]); ++ p += 2; ++ } ++ *p = '\0'; ++} ++ + /* + * Expand the tracking structures as needed. + * To avoid realloc()ing too excessively, the size increased to the nearest +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -294,6 +294,7 @@ struct xc_sr_context + xc_stream_type_t stream_type; + + xc_domaininfo_t dominfo; ++ char uuid[16*2+4+1]; + + union /* Common save or restore data. */ + { +@@ -505,6 +506,8 @@ extern struct xc_sr_save_ops save_ops_x8 + extern struct xc_sr_restore_ops restore_ops_x86_pv; + extern struct xc_sr_restore_ops restore_ops_x86_hvm; + ++extern void sr_uuid_to_string(char *dest, const uint8_t *uuid); ++ + struct xc_sr_record + { + uint32_t type; +--- a/tools/libs/guest/xg_sr_restore.c ++++ b/tools/libs/guest/xg_sr_restore.c +@@ -871,6 +871,8 @@ static int restore(struct xc_sr_context + struct xc_sr_rhdr rhdr; + int rc, saved_rc = 0, saved_errno = 0; + ++ SUSEINFO("domid %u: %s %s start", ctx->domid, ctx->uuid, __func__); ++ DPRINTF("domid %u: max_pages %lx tot_pages %lx p2m_size %lx", ctx->domid, ctx->restore.max_pages, ctx->restore.tot_pages, ctx->restore.p2m_size); + IPRINTF("Restoring domain"); + + rc = setup(ctx); +@@ -946,6 +948,7 @@ static int restore(struct xc_sr_context + PERROR("Restore failed"); + + done: ++ SUSEINFO("domid %u: %s done", ctx->domid, __func__); + cleanup(ctx); + + if ( saved_rc ) +@@ -1011,6 +1014,7 @@ int xc_domain_restore(xc_interface *xch, + io_fd, dom, hvm, stream_type); + + ctx.domid = dom; ++ sr_uuid_to_string(ctx.uuid, ctx.dominfo.handle); + + if ( read_headers(&ctx) ) + return -1; +--- a/tools/libs/guest/xg_sr_save.c ++++ b/tools/libs/guest/xg_sr_save.c +@@ -353,7 +353,7 @@ static void show_transfer_rate(struct xc + MiB_sec = (ctx->save.pages_sent * PAGE_SIZE * 1000U) / ms / (1024U*1024U); + + errno = 0; +- IPRINTF("%s: %zu bytes + %zu pages in %ld.%09ld sec, %zu MiB/sec", __func__, ++ SUSEINFO("domid %u: %zu bytes + %zu pages in %ld.%09ld sec, %zu MiB/sec", ctx->domid, + ctx->save.overhead_sent, ctx->save.pages_sent, + diff.tv_sec, diff.tv_nsec, MiB_sec); + } +@@ -875,13 +875,16 @@ static int save(struct xc_sr_context *ct + { + xc_interface *xch = ctx->xch; + int rc, saved_rc = 0, saved_errno = 0; ++ unsigned long tot_pages = ctx->dominfo.tot_pages; + ++ SUSEINFO("domid %u: %s %s start, %lu pages allocated", ctx->domid, ctx->uuid, __func__, tot_pages); + IPRINTF("Saving domain %d, type %s", + ctx->domid, dhdr_type_to_str(guest_type)); + + rc = setup(ctx); + if ( rc ) + goto err; ++ SUSEINFO("domid %u: p2m_size %lx", ctx->domid, ctx->save.p2m_size); + + xc_report_progress_single(xch, "Start of stream"); + +@@ -995,6 +998,7 @@ static int save(struct xc_sr_context *ct + PERROR("Save failed"); + + done: ++ SUSEINFO("domid %u: %s done", ctx->domid, __func__); + cleanup(ctx); + + if ( saved_rc ) +@@ -1054,6 +1058,7 @@ int xc_domain_save(xc_interface *xch, in + io_fd, dom, flags, hvm); + + ctx.domid = dom; ++ sr_uuid_to_string(ctx.uuid, ctx.dominfo.handle); + + if ( hvm ) + { +--- a/tools/xl/xl.c ++++ b/tools/xl/xl.c +@@ -424,6 +424,8 @@ int main(int argc, char **argv) + logger = xtl_createlogger_stdiostream(stderr, minmsglevel, xtl_flags); + if (!logger) exit(EXIT_FAILURE); + ++ /* Provide context to libxl and libxc: no SUSEINFO() from xl */ ++ setenv(XL_NO_SUSEINFO, "1", 0); + xl_ctx_alloc(); + + atexit(xl_ctx_free); diff --git a/libxc-sr-xg_sr_bitmap-populated_pfns.patch b/libxc-sr-xg_sr_bitmap-populated_pfns.patch new file mode 100644 index 0000000..0a45ea3 --- /dev/null +++ b/libxc-sr-xg_sr_bitmap-populated_pfns.patch @@ -0,0 +1,197 @@ +From: Olaf Hering +Date: Fri, 5 Feb 2021 20:16:02 +0100 +Subject: libxc sr xg_sr_bitmap populated_pfns + +tools: use xg_sr_bitmap for populated_pfns + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 20 ++++++- + tools/libs/guest/xg_sr_restore.c | 69 ------------------------ + tools/libs/guest/xg_sr_restore_x86_hvm.c | 9 ++++ + tools/libs/guest/xg_sr_restore_x86_pv.c | 7 +++ + 4 files changed, 34 insertions(+), 71 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -375,8 +375,7 @@ struct xc_sr_context + uint32_t xenstore_domid, console_domid; + + /* Bitmap of currently populated PFNs during restore. */ +- unsigned long *populated_pfns; +- xen_pfn_t max_populated_pfn; ++ struct sr_bitmap populated_pfns; + + /* Sender has invoked verify mode on the stream. */ + bool verify; +@@ -632,6 +631,23 @@ static inline bool page_type_has_stream_ + } + } + ++static inline bool pfn_is_populated(struct xc_sr_context *ctx, xen_pfn_t pfn) ++{ ++ return sr_test_bit(pfn, &ctx->restore.populated_pfns); ++} ++ ++static inline int pfn_set_populated(struct xc_sr_context *ctx, xen_pfn_t pfn) ++{ ++ xc_interface *xch = ctx->xch; ++ ++ if ( sr_set_bit(pfn, &ctx->restore.populated_pfns) == false ) ++ { ++ PERROR("Failed to realloc populated_pfns bitmap"); ++ errno = ENOMEM; ++ return -1; ++ } ++ return 0; ++} + #endif + /* + * Local variables: +--- a/tools/libs/guest/xg_sr_restore.c ++++ b/tools/libs/guest/xg_sr_restore.c +@@ -72,64 +72,6 @@ static int read_headers(struct xc_sr_con + } + + /* +- * Is a pfn populated? +- */ +-static bool pfn_is_populated(const struct xc_sr_context *ctx, xen_pfn_t pfn) +-{ +- if ( pfn > ctx->restore.max_populated_pfn ) +- return false; +- return test_bit(pfn, ctx->restore.populated_pfns); +-} +- +-/* +- * Set a pfn as populated, expanding the tracking structures if needed. To +- * avoid realloc()ing too excessively, the size increased to the nearest power +- * of two large enough to contain the required pfn. +- */ +-static int pfn_set_populated(struct xc_sr_context *ctx, xen_pfn_t pfn) +-{ +- xc_interface *xch = ctx->xch; +- +- if ( pfn > ctx->restore.max_populated_pfn ) +- { +- xen_pfn_t new_max; +- size_t old_sz, new_sz; +- unsigned long *p; +- +- /* Round up to the nearest power of two larger than pfn, less 1. */ +- new_max = pfn; +- new_max |= new_max >> 1; +- new_max |= new_max >> 2; +- new_max |= new_max >> 4; +- new_max |= new_max >> 8; +- new_max |= new_max >> 16; +-#ifdef __x86_64__ +- new_max |= new_max >> 32; +-#endif +- +- old_sz = bitmap_size(ctx->restore.max_populated_pfn + 1); +- new_sz = bitmap_size(new_max + 1); +- p = realloc(ctx->restore.populated_pfns, new_sz); +- if ( !p ) +- { +- ERROR("Failed to realloc populated bitmap"); +- errno = ENOMEM; +- return -1; +- } +- +- memset((uint8_t *)p + old_sz, 0x00, new_sz - old_sz); +- +- ctx->restore.populated_pfns = p; +- ctx->restore.max_populated_pfn = new_max; +- } +- +- assert(!test_bit(pfn, ctx->restore.populated_pfns)); +- set_bit(pfn, ctx->restore.populated_pfns); +- +- return 0; +-} +- +-/* + * Given a set of pfns, obtain memory from Xen to fill the physmap for the + * unpopulated subset. If types is NULL, no page type checking is performed + * and all unpopulated pfns are populated. +@@ -911,16 +853,6 @@ static int setup(struct xc_sr_context *c + if ( rc ) + goto err; + +- ctx->restore.max_populated_pfn = (32 * 1024 / 4) - 1; +- ctx->restore.populated_pfns = bitmap_alloc( +- ctx->restore.max_populated_pfn + 1); +- if ( !ctx->restore.populated_pfns ) +- { +- ERROR("Unable to allocate memory for populated_pfns bitmap"); +- rc = -1; +- goto err; +- } +- + ctx->restore.pfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pfns)); + ctx->restore.types = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.types)); + ctx->restore.mfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.mfns)); +@@ -969,7 +901,6 @@ static void cleanup(struct xc_sr_context + xch, dirty_bitmap, NRPAGES(bitmap_size(ctx->restore.p2m_size))); + + free(ctx->restore.buffered_records); +- free(ctx->restore.populated_pfns); + free(ctx->restore.pages); + free(ctx->restore.iov); + free(ctx->restore.guest_data); +--- a/tools/libs/guest/xg_sr_restore_x86_hvm.c ++++ b/tools/libs/guest/xg_sr_restore_x86_hvm.c +@@ -136,6 +136,7 @@ static int x86_hvm_localise_page(struct + static int x86_hvm_setup(struct xc_sr_context *ctx) + { + xc_interface *xch = ctx->xch; ++ unsigned long max_pfn, max_pages = ctx->dominfo.max_pages; + + if ( ctx->restore.guest_type != DHDR_TYPE_X86_HVM ) + { +@@ -161,6 +162,13 @@ static int x86_hvm_setup(struct xc_sr_co + } + #endif + ++ max_pfn = max(ctx->restore.p2m_size, max_pages); ++ if ( !sr_bitmap_expand(&ctx->restore.populated_pfns, max_pfn) ) ++ { ++ PERROR("Unable to allocate memory for populated_pfns bitmap"); ++ return -1; ++ } ++ + return 0; + } + +@@ -241,6 +249,7 @@ static int x86_hvm_stream_complete(struc + + static int x86_hvm_cleanup(struct xc_sr_context *ctx) + { ++ sr_bitmap_free(&ctx->restore.populated_pfns); + free(ctx->x86.hvm.restore.context.ptr); + + free(ctx->x86.restore.cpuid.ptr); +--- a/tools/libs/guest/xg_sr_restore_x86_pv.c ++++ b/tools/libs/guest/xg_sr_restore_x86_pv.c +@@ -1060,6 +1060,12 @@ static int x86_pv_setup(struct xc_sr_con + if ( rc ) + return rc; + ++ if ( !sr_bitmap_expand(&ctx->restore.populated_pfns, 32 * 1024 / 4) ) ++ { ++ PERROR("Unable to allocate memory for populated_pfns bitmap"); ++ return -1; ++ } ++ + ctx->x86.pv.restore.nr_vcpus = ctx->dominfo.max_vcpu_id + 1; + ctx->x86.pv.restore.vcpus = calloc(sizeof(struct xc_sr_x86_pv_restore_vcpu), + ctx->x86.pv.restore.nr_vcpus); +@@ -1153,6 +1159,7 @@ static int x86_pv_stream_complete(struct + */ + static int x86_pv_cleanup(struct xc_sr_context *ctx) + { ++ sr_bitmap_free(&ctx->restore.populated_pfns); + free(ctx->x86.pv.p2m); + free(ctx->x86.pv.p2m_pfns); + diff --git a/libxc-sr-xg_sr_bitmap.patch b/libxc-sr-xg_sr_bitmap.patch new file mode 100644 index 0000000..03d3413 --- /dev/null +++ b/libxc-sr-xg_sr_bitmap.patch @@ -0,0 +1,141 @@ +From: Olaf Hering +Date: Fri, 5 Feb 2021 19:50:03 +0100 +Subject: libxc sr xg_sr_bitmap + +tools: add API for expandable bitmaps + +Since the incoming migration stream lacks info about what the highest pfn +will be, some data structures can not be allocated upfront. + +Add an API for expandable bitmaps, loosely based on pfn_set_populated. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.c | 39 +++++++++++++++++++ + tools/libs/guest/xg_sr_common.h | 67 +++++++++++++++++++++++++++++++++ + 2 files changed, 106 insertions(+) + +--- a/tools/libs/guest/xg_sr_common.c ++++ b/tools/libs/guest/xg_sr_common.c +@@ -164,6 +164,45 @@ static void __attribute__((unused)) buil + } + + /* ++ * Expand the tracking structures as needed. ++ * To avoid realloc()ing too excessively, the size increased to the nearest ++ * power of two large enough to contain the required number of bits. ++ */ ++bool _sr_bitmap_expand(struct sr_bitmap *bm, unsigned long bits) ++{ ++ size_t new_max; ++ size_t old_sz, new_sz; ++ void *p; ++ ++ if (bits <= bm->bits) ++ return true; ++ ++ /* Round up to the nearest power of two larger than bit, less 1. */ ++ new_max = bits; ++ new_max |= new_max >> 1; ++ new_max |= new_max >> 2; ++ new_max |= new_max >> 4; ++ new_max |= new_max >> 8; ++ new_max |= new_max >> 16; ++ new_max |= sizeof(unsigned long) > 4 ? new_max >> 32 : 0; ++ ++ /* Allocate units of unsigned long */ ++ new_max = (new_max + BITS_PER_LONG - 1) & ~(BITS_PER_LONG - 1); ++ ++ old_sz = bitmap_size(bm->bits); ++ new_sz = bitmap_size(new_max); ++ p = realloc(bm->p, new_sz); ++ if (!p) ++ return false; ++ ++ memset(p + old_sz, 0, new_sz - old_sz); ++ bm->p = p; ++ bm->bits = new_max; ++ ++ return true; ++} ++ ++/* + * Local variables: + * mode: C + * c-file-style: "BSD" +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -18,6 +18,73 @@ const char *rec_type_to_str(uint32_t typ + struct xc_sr_context; + struct xc_sr_record; + ++struct sr_bitmap ++{ ++ void *p; ++ unsigned long bits; ++}; ++ ++extern bool _sr_bitmap_expand(struct sr_bitmap *bm, unsigned long bits); ++ ++static inline bool sr_bitmap_expand(struct sr_bitmap *bm, unsigned long bits) ++{ ++ if (bits > bm->bits) ++ return _sr_bitmap_expand(bm, bits); ++ return true; ++} ++ ++static inline void sr_bitmap_free(struct sr_bitmap *bm) ++{ ++ free(bm->p); ++ bm->p = NULL; ++} ++ ++static inline bool sr_set_bit(unsigned long bit, struct sr_bitmap *bm) ++{ ++ if (sr_bitmap_expand(bm, bit + 1) == false) ++ return false; ++ ++ set_bit(bit, bm->p); ++ return true; ++} ++ ++static inline bool sr_test_bit(unsigned long bit, struct sr_bitmap *bm) ++{ ++ if (bit + 1 > bm->bits) ++ return false; ++ return !!test_bit(bit, bm->p); ++} ++ ++static inline void sr_clear_bit(unsigned long bit, struct sr_bitmap *bm) ++{ ++ if (bit + 1 <= bm->bits) ++ clear_bit(bit, bm->p); ++} ++ ++static inline bool sr_test_and_clear_bit(unsigned long bit, struct sr_bitmap *bm) ++{ ++ if (bit + 1 > bm->bits) ++ return false; ++ return !!test_and_clear_bit(bit, bm->p); ++} ++ ++/* No way to report potential allocation error, bitmap must be expanded prior usage */ ++static inline bool sr_test_and_set_bit(unsigned long bit, struct sr_bitmap *bm) ++{ ++ if (bit + 1 > bm->bits) ++ return false; ++ return !!test_and_set_bit(bit, bm->p); ++} ++ ++static inline bool sr_set_long_bit(unsigned long base_bit, struct sr_bitmap *bm) ++{ ++ if (sr_bitmap_expand(bm, base_bit + BITS_PER_LONG) == false) ++ return false; ++ ++ set_bit_long(base_bit, bm->p); ++ return true; ++} ++ + /** + * Save operations. To be implemented for each type of guest, for use by the + * common save algorithm. diff --git a/libxc-sr-xl-migration-debug.patch b/libxc-sr-xl-migration-debug.patch new file mode 100644 index 0000000..cf1ab57 --- /dev/null +++ b/libxc-sr-xl-migration-debug.patch @@ -0,0 +1,46 @@ +From: Olaf Hering +Date: Thu, 29 Oct 2020 17:00:19 +0100 +Subject: libxc sr xl migration debug + +xl: fix description of migrate --debug + +xl migrate --debug used to track every pfn in every batch of pages. +But these times are gone. The code in xc_domain_save is the consumer +of this knob, now may enable verification mode. + +Signed-off-by: Olaf Hering + +v03: +- adjust to describe what --debug would do when the code which + consumes this knob is fixed. +v02: +- the option has no effect anymore +--- + docs/man/xl.1.pod.in | 4 +++- + tools/xl/xl_cmdtable.c | 2 +- + 2 files changed, 4 insertions(+), 2 deletions(-) + +--- a/docs/man/xl.1.pod.in ++++ b/docs/man/xl.1.pod.in +@@ -486,7 +486,9 @@ domain. + + =item B<--debug> + +-Display huge (!) amount of debug information during the migration process. ++This enables verification mode, which will transfer the entire domU memory ++once more to the receiving host to make sure the content is identical on ++both sides. + + =item B<-p> + +--- a/tools/xl/xl_cmdtable.c ++++ b/tools/xl/xl_cmdtable.c +@@ -173,7 +173,7 @@ const struct cmd_spec cmd_table[] = { + " migrate-receive [-d -e]\n" + "-e Do not wait in the background (on ) for the death\n" + " of the domain.\n" +- "--debug Print huge (!) amount of debug during the migration process.\n" ++ "--debug Enable verification mode.\n" + "-p Do not unpause domain after migrating it.\n" + "-D Preserve the domain id" + }, diff --git a/libxl.LIBXL_HOTPLUG_TIMEOUT.patch b/libxl.LIBXL_HOTPLUG_TIMEOUT.patch new file mode 100644 index 0000000..cc01f91 --- /dev/null +++ b/libxl.LIBXL_HOTPLUG_TIMEOUT.patch @@ -0,0 +1,318 @@ +References: bsc#1120095 + +A domU with a large amount of disks may run into the hardcoded +LIBXL_HOTPLUG_TIMEOUT limit, which is 40 seconds. This happens if the +preparation for each disk takes an unexpected large amount of time. Then +the sum of all configured disks and the individual preparation time will +be larger than 40 seconds. The hotplug script which does the preparation +takes a lock before doing the actual preparation. Since the hotplug +scripts for each disk are spawned at nearly the same time, each one has +to wait for the lock. Due to this contention, the total execution time +of a script can easily exceed the timeout. In this case libxl will +terminate the script because it has to assume an error condition. + +Example: +10 configured disks, each one takes 3 seconds within the critital +section. The total execution time will be 30 seconds, which is still +within the limit. With 5 additional configured disks, the total +execution time will be 45 seconds, which would trigger the timeout. + +To handle such setup without a recompile of libxl, a special key/value +has to be created in xenstore prior domain creation. This can be done +either manually, or at system startup. + +If this systemd service file is placed in /etc/systemd/system/, and +activated, it will create the required entry in xenstore: + +/etc/systemd/system # cat xen-LIBXL_HOTPLUG_TIMEOUT.service +[Unit] +Description=set global LIBXL_HOTPLUG_TIMEOUT +ConditionPathExists=/proc/xen/capabilities + +Requires=xenstored.service +After=xenstored.service +Requires=xen-init-dom0.service +After=xen-init-dom0.service +Before=xencommons.service + +[Service] +Type=oneshot +RemainAfterExit=true +ExecStartPre=/bin/grep -q control_d /proc/xen/capabilities +ExecStart=/usr/bin/xenstore-write /libxl/suse/per-device-LIBXL_HOTPLUG_TIMEOUT 5 + +[Install] +WantedBy=multi-user.target + +/etc/systemd/system # systemctl enable xen-LIBXL_HOTPLUG_TIMEOUT.service +/etc/systemd/system # systemctl start xen-LIBXL_HOTPLUG_TIMEOUT.service + +In this example the per-device value will be set to 5 seconds. + +The change for libxl which handles this xenstore value will enable +additional logging if the key is found. That extra logging will show how +the execution time of each script. +Index: xen-4.18.0-testing/tools/libs/light/libxl_aoutils.c +=================================================================== +--- xen-4.18.0-testing.orig/tools/libs/light/libxl_aoutils.c ++++ xen-4.18.0-testing/tools/libs/light/libxl_aoutils.c +@@ -529,6 +529,8 @@ static void async_exec_timeout(libxl__eg + { + libxl__async_exec_state *aes = CONTAINER_OF(ev, *aes, time); + STATE_AO_GC(aes->ao); ++ char b[64]; ++ libxl__suse_diff_timespec(&aes->start, b, sizeof(b)); + + if (!aes->rc) + aes->rc = rc; +@@ -536,7 +538,7 @@ static void async_exec_timeout(libxl__eg + libxl__ev_time_deregister(gc, &aes->time); + + assert(libxl__ev_child_inuse(&aes->child)); +- LOG(ERROR, "killing execution of %s because of timeout", aes->what); ++ LOG(ERROR, "killing execution of %s because of timeout%s", aes->what, b); + + if (kill(aes->child.pid, SIGKILL)) { + LOGEV(ERROR, errno, "unable to kill %s [%ld]", +@@ -552,6 +554,10 @@ static void async_exec_done(libxl__egc * + { + libxl__async_exec_state *aes = CONTAINER_OF(child, *aes, child); + STATE_AO_GC(aes->ao); ++ char b[64]; ++ libxl__suse_diff_timespec(&aes->start, b, sizeof(b)); ++ if (b[0]) ++ LOG(NOTICE, "finished execution of '%s'%s", aes->what, b); + + libxl__ev_time_deregister(gc, &aes->time); + +Index: xen-4.18.0-testing/tools/libs/light/libxl_create.c +=================================================================== +--- xen-4.18.0-testing.orig/tools/libs/light/libxl_create.c ++++ xen-4.18.0-testing/tools/libs/light/libxl_create.c +@@ -1323,6 +1323,7 @@ static void initiate_domain_create(libxl + * build info around just to know if the domain has a device model or not. + */ + store_libxl_entry(gc, domid, &d_config->b_info); ++ libxl__suse_domain_set_hotplug_timeout(gc, domid, d_config->num_disks, d_config->num_nics); + + for (i = 0; i < d_config->num_disks; i++) { + ret = libxl__disk_devtype.set_default(gc, domid, &d_config->disks[i], +Index: xen-4.18.0-testing/tools/libs/light/libxl_device.c +=================================================================== +--- xen-4.18.0-testing.orig/tools/libs/light/libxl_device.c ++++ xen-4.18.0-testing/tools/libs/light/libxl_device.c +@@ -1278,7 +1278,7 @@ static void device_hotplug(libxl__egc *e + } + + aes->ao = ao; +- aes->what = GCSPRINTF("%s %s", args[0], args[1]); ++ aes->what = GCSPRINTF("%s %s for %s", args[0], args[1], be_path); + aes->env = env; + aes->args = args; + aes->callback = device_hotplug_child_death_cb; +@@ -1287,6 +1287,15 @@ static void device_hotplug(libxl__egc *e + aes->stdfds[1] = 2; + aes->stdfds[2] = -1; + ++ switch (aodev->dev->backend_kind) { ++ case LIBXL__DEVICE_KIND_VBD: ++ case LIBXL__DEVICE_KIND_VIF: ++ if (aodev->num_exec == 0) ++ libxl__suse_domain_get_hotplug_timeout(gc, aodev->dev->domid, aodev->dev->backend_kind, &aes->start, &aes->timeout_ms, be_path); ++ default: ++ break; ++ } ++ + rc = libxl__async_exec_start(aes); + if (rc) + goto out; +Index: xen-4.18.0-testing/tools/libs/light/libxl_event.c +=================================================================== +--- xen-4.18.0-testing.orig/tools/libs/light/libxl_event.c ++++ xen-4.18.0-testing/tools/libs/light/libxl_event.c +@@ -1032,27 +1032,29 @@ static void devstate_callback(libxl__egc + { + EGC_GC; + libxl__ev_devstate *ds = CONTAINER_OF(xsw, *ds, w); ++ char b[64]; ++ libxl__suse_diff_timespec(&ds->w.start, b, sizeof(b)); + + if (rc) { + if (rc == ERROR_TIMEDOUT) +- LOG(DEBUG, "backend %s wanted state %d "" timed out", ds->w.path, +- ds->wanted); ++ LOG(DEBUG, "backend %s wanted state %d "" timed out%s", ds->w.path, ++ ds->wanted, b); + goto out; + } + if (!sstate) { +- LOG(DEBUG, "backend %s wanted state %d"" but it was removed", +- ds->w.path, ds->wanted); ++ LOG(DEBUG, "backend %s wanted state %d"" but it was removed%s", ++ ds->w.path, ds->wanted, b); + rc = ERROR_INVAL; + goto out; + } + + int got = atoi(sstate); + if (got == ds->wanted) { +- LOG(DEBUG, "backend %s wanted state %d ok", ds->w.path, ds->wanted); ++ LOG(DEBUG, "backend %s wanted state %d ok%s", ds->w.path, ds->wanted, b); + rc = 0; + } else { +- LOG(DEBUG, "backend %s wanted state %d"" still waiting state %d", +- ds->w.path, ds->wanted, got); ++ LOG(DEBUG, "backend %s wanted state %d"" still waiting state %d%s", ++ ds->w.path, ds->wanted, got, b); + return; + } + +@@ -1078,6 +1080,8 @@ int libxl__ev_devstate_wait(libxl__ao *a + ds->w.path = state_path; + ds->w.timeout_ms = milliseconds; + ds->w.callback = devstate_callback; ++ rc = clock_gettime(CLOCK_MONOTONIC, &ds->w.start); ++ if (rc) goto out; + rc = libxl__xswait_start(gc, &ds->w); + if (rc) goto out; + +Index: xen-4.18.0-testing/tools/libs/light/libxl_internal.c +=================================================================== +--- xen-4.18.0-testing.orig/tools/libs/light/libxl_internal.c ++++ xen-4.18.0-testing/tools/libs/light/libxl_internal.c +@@ -18,6 +18,97 @@ + #include "libxl_internal.h" + #include "libxl_arch.h" + ++#define LIBXL_SUSE_PATH_TIMEOUT "/libxl/suse/per-device-LIBXL_HOTPLUG_TIMEOUT" ++#define LIBXL_SUSE_PATH_DISK_TIMEOUT "suse/disks-LIBXL_HOTPLUG_TIMEOUT" ++#define LIBXL_SUSE_PATH_NIC_TIMEOUT "suse/nics-LIBXL_HOTPLUG_TIMEOUT" ++ ++void libxl__suse_domain_set_hotplug_timeout(libxl__gc *gc, uint32_t domid, long d, long n) ++{ ++ char *path; ++ char *val, *p; ++ long v; ++ ++ val = libxl__xs_read(gc, XBT_NULL, LIBXL_SUSE_PATH_TIMEOUT); ++ if (!val) ++ return; ++ ++ v = strtol(val, NULL, 0); ++ if (v <= 0) ++ return; ++ ++ path = libxl__xs_libxl_path(gc, domid); ++ if (d > 0) { ++ p = GCSPRINTF("%s/" LIBXL_SUSE_PATH_DISK_TIMEOUT, path); ++ LOGD(NOTICE, domid, "Setting %s to %ld*%ld=%ld", p, d, v, d*v); ++ libxl__xs_printf(gc, XBT_NULL, p, "%ld", d*v); ++ } ++ if (n > 0) { ++ p = GCSPRINTF("%s/" LIBXL_SUSE_PATH_NIC_TIMEOUT, path); ++ LOGD(NOTICE, domid, "Setting %s to %ld*%ld=%ld", p, n, v, n*v); ++ libxl__xs_printf(gc, XBT_NULL, p, "%ld", n*v); ++ } ++} ++ ++void libxl__suse_domain_get_hotplug_timeout(libxl__gc *gc, uint32_t domid, libxl__device_kind kind, struct timespec *ts, int *timeout_ms, const char *be_path) ++{ ++ char *path; ++ char *val, *p; ++ long v = 0; ++ ++ path = libxl__xs_libxl_path(gc, domid); ++ if (!path) ++ return; ++ ++ switch (kind) { ++ case LIBXL__DEVICE_KIND_VBD: ++ p = GCSPRINTF("%s/" LIBXL_SUSE_PATH_DISK_TIMEOUT, path); ++ break; ++ case LIBXL__DEVICE_KIND_VIF: ++ p = GCSPRINTF("%s/" LIBXL_SUSE_PATH_NIC_TIMEOUT, path); ++ break; ++ default: ++ return; ++ } ++ errno = 0; ++ val = libxl__xs_read(gc, XBT_NULL, p); ++ if (val) ++ v = strtol(val, NULL, 0); ++ LOGED(DEBUG, domid, "Got from '%s' = %ld from %s for %s", val?:"", v, p, be_path); ++ if (!val || v <= 0) ++ return; ++ ++ if (v > (INT_MAX/1000)) ++ v = (INT_MAX/1000); ++ v *= 1000; ++ LOGD(NOTICE, domid, "Replacing timeout %d with %ld for %s", *timeout_ms, v, be_path); ++ *timeout_ms = v; ++ if (clock_gettime(CLOCK_MONOTONIC, ts) < 0) { ++ LOGED(ERROR, domid, "clock_gettime failed for %s", be_path); ++ ts->tv_sec = ts->tv_nsec = 0; ++ } ++ ++} ++ ++void libxl__suse_diff_timespec(const struct timespec *old, char *b, size_t s) ++{ ++ struct timespec new, diff; ++ ++ if (old->tv_sec == 0 && old->tv_nsec == 0) { ++ *b = '\0'; ++ return; ++ } ++ if (clock_gettime(CLOCK_MONOTONIC, &new)) ++ new = *old; ++ if ((new.tv_nsec - old->tv_nsec) < 0) { ++ diff.tv_sec = new.tv_sec - old->tv_sec - 1; ++ diff.tv_nsec = new.tv_nsec - old->tv_nsec + (1000*1000*1000); ++ } else { ++ diff.tv_sec = new.tv_sec - old->tv_sec; ++ diff.tv_nsec = new.tv_nsec - old->tv_nsec; ++ } ++ snprintf(b, s, " (%ld.%09lds)", (long)diff.tv_sec, diff.tv_nsec); ++} ++ + void libxl__alloc_failed(libxl_ctx *ctx, const char *func, + size_t nmemb, size_t size) { + #define M "libxl: FATAL ERROR: memory allocation failure" +Index: xen-4.18.0-testing/tools/libs/light/libxl_internal.h +=================================================================== +--- xen-4.18.0-testing.orig/tools/libs/light/libxl_internal.h ++++ xen-4.18.0-testing/tools/libs/light/libxl_internal.h +@@ -50,6 +50,7 @@ + #include + #include + #include ++#include + + #include + #include +@@ -1629,6 +1630,7 @@ struct libxl__xswait_state { + const char *what; /* for error msgs: noun phrase, what we're waiting for */ + const char *path; + int timeout_ms; /* as for poll(2) */ ++ struct timespec start; + libxl__xswait_callback *callback; + /* remaining fields are private to xswait */ + libxl__ev_time time_ev; +@@ -2707,6 +2709,7 @@ struct libxl__async_exec_state { + char **args; /* execution arguments */ + char **env; /* execution environment */ + ++ struct timespec start; + /* private */ + libxl__ev_time time; + libxl__ev_child child; +@@ -4896,6 +4899,9 @@ _hidden int userlookup_helper_getpwuid(l + + #endif + ++_hidden void libxl__suse_domain_set_hotplug_timeout(libxl__gc *gc, uint32_t domid, long d, long n); ++_hidden void libxl__suse_domain_get_hotplug_timeout(libxl__gc *gc, uint32_t domid, libxl__device_kind kind, struct timespec *ts, int *timeout_ms, const char *be_path); ++_hidden void libxl__suse_diff_timespec(const struct timespec *old, char *b, size_t s); + /* + * Local variables: + * mode: C diff --git a/libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch b/libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch new file mode 100644 index 0000000..456d3d8 --- /dev/null +++ b/libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch @@ -0,0 +1,215 @@ +https://bugzilla.novell.com/show_bug.cgi?id=879425 +--- + tools/libxl/libxl.c | 2 ++ + tools/libxl/libxl.h | 12 ++++++++++++ + tools/libxl/libxlu_disk.c | 2 ++ + tools/libxl/libxlu_disk_i.h | 2 +- + tools/libxl/libxlu_disk_l.l | 1 + + 5 files changed, 18 insertions(+), 1 deletion(-) + +Index: xen-4.18.0-testing/docs/man/xl-disk-configuration.5.pod.in +=================================================================== +--- xen-4.18.0-testing.orig/docs/man/xl-disk-configuration.5.pod.in ++++ xen-4.18.0-testing/docs/man/xl-disk-configuration.5.pod.in +@@ -337,6 +337,32 @@ No + + discard + ++=item B ++ ++=over 4 ++ ++=item Description ++ ++Request that the qemu block driver does not automatically flush written data to the backend storage. ++ ++=item Supported values ++ ++absent, present ++ ++=item Mandatory ++ ++No ++ ++=item Default value ++ ++absent ++ ++=back ++ ++This enables the '-disk cache=unsafe' mode inside qemu. ++In this mode writes to the underlying blockdevice are delayed. ++While using this option in production is dangerous, it improves performance during installation of a domU. ++ + =back + + An advisory setting for the backend driver, specifying whether to +Index: xen-4.18.0-testing/tools/include/libxl.h +=================================================================== +--- xen-4.18.0-testing.orig/tools/include/libxl.h ++++ xen-4.18.0-testing/tools/include/libxl.h +@@ -584,6 +584,21 @@ + */ + #define LIBXL_HAVE_CONSOLE_ADD_XENSTORE 1 + /* ++ * The libxl_device_disk has no way to indicate that cache=unsafe is ++ * supposed to be used. Provide this knob without breaking the ABI. ++ * This is done by overloading struct libxl_device_disk->readwrite: ++ * readwrite == 0: disk is readonly, cache= does not matter ++ * readwrite == 1: disk is readwrite, backend driver may tweak cache= ++ * readwrite == MAGIC: disk is readwrite, backend driver should ignore ++ * flush requests from the frontend driver. ++ * Note: the macro with MAGIC is used by libvirt to decide if this patch is applied ++ */ ++#define LIBXL_HAVE_LIBXL_DEVICE_DISK_DISABLE_FLUSH_MAGIC 0x00006000U ++#define LIBXL_HAVE_LIBXL_DEVICE_DISK_DISABLE_FLUSH_MASK 0xffff0fffU ++#define LIBXL_SUSE_IS_CACHE_UNSAFE(rw) (((rw) & ~LIBXL_HAVE_LIBXL_DEVICE_DISK_DISABLE_FLUSH_MASK) == LIBXL_HAVE_LIBXL_DEVICE_DISK_DISABLE_FLUSH_MAGIC) ++#define LIBXL_SUSE_SET_CACHE_UNSAFE(rw) (((rw) & LIBXL_HAVE_LIBXL_DEVICE_DISK_DISABLE_FLUSH_MASK) | LIBXL_HAVE_LIBXL_DEVICE_DISK_DISABLE_FLUSH_MAGIC) ++ ++/* + * libxl ABI compatibility + * + * The only guarantee which libxl makes regarding ABI compatibility +Index: xen-4.18.0-testing/tools/libs/light/libxl_disk.c +=================================================================== +--- xen-4.18.0-testing.orig/tools/libs/light/libxl_disk.c ++++ xen-4.18.0-testing/tools/libs/light/libxl_disk.c +@@ -422,6 +422,8 @@ static void device_disk_add(libxl__egc * + flexarray_append_pair(back, "discard-enable", + libxl_defbool_val(disk->discard_enable) ? + "1" : "0"); ++ if (LIBXL_SUSE_IS_CACHE_UNSAFE(disk->readwrite)) ++ flexarray_append_pair(back, "suse-diskcache-disable-flush", "1"); + flexarray_append(back, "specification"); + flexarray_append(back, libxl__device_disk_string_of_specification(disk->specification)); + if (disk->specification == LIBXL_DISK_SPECIFICATION_VIRTIO) { +Index: xen-4.18.0-testing/tools/libs/light/libxl_dm.c +=================================================================== +--- xen-4.18.0-testing.orig/tools/libs/light/libxl_dm.c ++++ xen-4.18.0-testing/tools/libs/light/libxl_dm.c +@@ -1019,14 +1019,27 @@ enum { + LIBXL__COLO_SECONDARY, + }; + ++static const char *qemu_cache_mode(const libxl_device_disk *disk) ++{ ++ static const char cache_directsync[] = "directsync"; ++ static const char cache_writeback[] = "writeback"; ++ static const char cache_unsafe[] = "unsafe"; ++ ++ if (LIBXL_SUSE_IS_CACHE_UNSAFE(disk->readwrite)) ++ return cache_unsafe; ++ if (disk->direct_io_safe) ++ return cache_directsync; ++ return cache_writeback; ++} ++ + static char *qemu_disk_scsi_drive_string(libxl__gc *gc, const char *target_path, + int unit, const char *format, + const libxl_device_disk *disk, + int colo_mode, const char **id_ptr) + { + char *drive = NULL; +- char *common = GCSPRINTF("if=none,readonly=%s,cache=writeback", +- disk->readwrite ? "off" : "on"); ++ char *common = GCSPRINTF("if=none,readonly=%s,cache=%s", ++ disk->readwrite ? "off" : "on", qemu_cache_mode(disk)); + const char *exportname = disk->colo_export; + const char *active_disk = disk->active_disk; + const char *hidden_disk = disk->hidden_disk; +@@ -1085,8 +1098,8 @@ static char *qemu_disk_ide_drive_string( + switch (colo_mode) { + case LIBXL__COLO_NONE: + drive = GCSPRINTF +- ("file=%s,if=ide,index=%d,media=disk,format=%s,cache=writeback", +- target_path, unit, format); ++ ("file=%s,if=ide,index=%d,media=disk,format=%s,cache=%s", ++ target_path, unit, format, qemu_cache_mode(disk)); + break; + case LIBXL__COLO_PRIMARY: + /* +@@ -1099,13 +1112,14 @@ static char *qemu_disk_ide_drive_string( + * vote-threshold=1 + */ + drive = GCSPRINTF( +- "if=ide,index=%d,media=disk,cache=writeback,driver=quorum," ++ "if=ide,index=%d,media=disk,cache=%s,driver=quorum," + "id=%s," + "children.0.file.filename=%s," + "children.0.driver=%s," + "read-pattern=fifo," + "vote-threshold=1", +- unit, exportname, target_path, format); ++ unit, qemu_cache_mode(disk), ++ exportname, target_path, format); + break; + case LIBXL__COLO_SECONDARY: + /* +@@ -1119,7 +1133,7 @@ static char *qemu_disk_ide_drive_string( + * file.backing.backing=exportname, + */ + drive = GCSPRINTF( +- "if=ide,index=%d,id=top-colo,media=disk,cache=writeback," ++ "if=ide,index=%d,id=top-colo,media=disk,cache=%s," + "driver=replication," + "mode=secondary," + "top-id=top-colo," +@@ -1128,7 +1142,8 @@ static char *qemu_disk_ide_drive_string( + "file.backing.driver=qcow2," + "file.backing.file.filename=%s," + "file.backing.backing=%s", +- unit, active_disk, hidden_disk, exportname); ++ unit, qemu_cache_mode(disk), ++ active_disk, hidden_disk, exportname); + break; + default: + abort(); +@@ -1998,8 +2013,8 @@ static int libxl__build_device_model_arg + return ERROR_INVAL; + } + flexarray_vappend(dm_args, "-drive", +- GCSPRINTF("file=%s,if=none,id=ahcidisk-%d,format=%s,cache=writeback", +- target_path, disk, format), ++ GCSPRINTF("file=%s,if=none,id=ahcidisk-%d,format=%s,cache=%s", ++ target_path, disk, format, qemu_cache_mode(&disks[i])), + "-device", GCSPRINTF("ide-hd,bus=ahci0.%d,unit=0,drive=ahcidisk-%d", + disk, disk), NULL); + continue; +Index: xen-4.18.0-testing/tools/libs/util/libxlu_disk.c +=================================================================== +--- xen-4.18.0-testing.orig/tools/libs/util/libxlu_disk.c ++++ xen-4.18.0-testing/tools/libs/util/libxlu_disk.c +@@ -78,6 +78,8 @@ int xlu_disk_parse(XLU_Config *cfg, + if (!disk->pdev_path || !strcmp(disk->pdev_path, "")) + disk->format = LIBXL_DISK_FORMAT_EMPTY; + } ++ if (disk->readwrite && dpc.suse_diskcache_disable_flush) ++ disk->readwrite = LIBXL_SUSE_SET_CACHE_UNSAFE(disk->readwrite); + + if (!disk->vdev) { + xlu__disk_err(&dpc,0, "no vdev specified"); +Index: xen-4.18.0-testing/tools/libs/util/libxlu_disk_i.h +=================================================================== +--- xen-4.18.0-testing.orig/tools/libs/util/libxlu_disk_i.h ++++ xen-4.18.0-testing/tools/libs/util/libxlu_disk_i.h +@@ -10,7 +10,7 @@ typedef struct { + void *scanner; + YY_BUFFER_STATE buf; + libxl_device_disk *disk; +- int access_set, had_depr_prefix; ++ int access_set, suse_diskcache_disable_flush, had_depr_prefix; + const char *spec; + } DiskParseContext; + +Index: xen-4.18.0-testing/tools/libs/util/libxlu_disk_l.l +=================================================================== +--- xen-4.18.0-testing.orig/tools/libs/util/libxlu_disk_l.l ++++ xen-4.18.0-testing/tools/libs/util/libxlu_disk_l.l +@@ -216,6 +216,7 @@ colo-port=[^,]*,? { STRIP(','); setcolop + colo-export=[^,]*,? { STRIP(','); SAVESTRING("colo-export", colo_export, FROMEQUALS); } + active-disk=[^,]*,? { STRIP(','); SAVESTRING("active-disk", active_disk, FROMEQUALS); } + hidden-disk=[^,]*,? { STRIP(','); SAVESTRING("hidden-disk", hidden_disk, FROMEQUALS); } ++suse-diskcache-disable-flush,? { DPC->suse_diskcache_disable_flush = 1; } + + trusted,? { libxl_defbool_set(&DPC->disk->trusted, true); } + untrusted,? { libxl_defbool_set(&DPC->disk->trusted, false); } diff --git a/libxl.helper_done-crash.patch b/libxl.helper_done-crash.patch new file mode 100644 index 0000000..3d4fff1 --- /dev/null +++ b/libxl.helper_done-crash.patch @@ -0,0 +1,51 @@ +From fb0f946726ff8aaa15b76bc3ec3b18878851a447 Mon Sep 17 00:00:00 2001 +From: Olaf Hering +Date: Fri, 27 Sep 2019 18:06:12 +0200 +Subject: libxl: fix crash in helper_done due to uninitialized data + +A crash in helper_done, called from libxl_domain_suspend, was reported, +triggered by 'virsh migrate --live xen+ssh://host': + + #1 helper_done (...) at libxl_save_callout.c:371 + helper_failed + helper_stop + libxl__save_helper_abort + #2 check_all_finished (..., rc=-3) at libxl_stream_write.c:671 + stream_done + stream_complete + write_done + dc->callback == write_done + efd->func == datacopier_writable + #3 afterpoll_internal (...) at libxl_event.c:1269 + +This is triggered by a failed poll, the actual error was: + +libxl_aoutils.c:328:datacopier_writable: unexpected poll event 0x1c on fd 37 (should be POLLOUT) writing libxc header during copy of save v2 stream + +In this case revents in datacopier_writable is POLLHUP|POLLERR|POLLOUT, +which triggers datacopier_callback. In helper_done, +shs->completion_callback is still zero. libxl__xc_domain_save fills +dss.sws.shs. But that function is only called after stream_header_done. +Any error before that will leave dss partly uninitialized. + +Fix this crash by checking if ->completion_callback is valid. + +Signed-off-by: Olaf Hering +--- + tools/libxl/libxl_save_callout.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +--- a/tools/libs/light/libxl_save_callout.c ++++ b/tools/libs/light/libxl_save_callout.c +@@ -364,8 +364,9 @@ static void helper_done(libxl__egc *egc, + assert(!libxl__save_helper_inuse(shs)); + + shs->egc = egc; +- shs->completion_callback(egc, shs->caller_state, +- shs->rc, shs->retval, shs->errnoval); ++ if (shs->completion_callback) ++ shs->completion_callback(egc, shs->caller_state, ++ shs->rc, shs->retval, shs->errnoval); + shs->egc = 0; + } + diff --git a/libxl.max_event_channels.patch b/libxl.max_event_channels.patch new file mode 100644 index 0000000..135911b --- /dev/null +++ b/libxl.max_event_channels.patch @@ -0,0 +1,23 @@ +References: bsc#1167608 +unbound limits for max_event_channels +1023 is too low for a three digit value of vcpus +it is difficult to make the value depend on the number of vcpus +adding devices at runtime also needs event channels + +But, having an unbound value (of 128k) may have a negative effect on XSA-344. + +Therefore, just let the built-in default depend on the number of vcpus. + +Index: xen-4.17.0-testing/tools/libs/light/libxl_create.c +=================================================================== +--- xen-4.17.0-testing.orig/tools/libs/light/libxl_create.c ++++ xen-4.17.0-testing/tools/libs/light/libxl_create.c +@@ -263,7 +263,7 @@ int libxl__domain_build_info_setdefault( + b_info->iomem[i].gfn = b_info->iomem[i].start; + + if (!b_info->event_channels) +- b_info->event_channels = 1023; ++ b_info->event_channels = max(1023, 8 * b_info->max_vcpus + 511); + + rc = libxl_get_physinfo(CTX, &info); + if (rc) { diff --git a/logrotate.conf b/logrotate.conf new file mode 100644 index 0000000..79b645e --- /dev/null +++ b/logrotate.conf @@ -0,0 +1,19 @@ +/var/log/xen/xen-hotplug.log { + compress + missingok + notifempty + rotate 2 + size 100k + copytruncate +} + +/var/log/xen/xl-*.log /var/log/xen/qemu-dm-*.log /var/log/xen/console/*.log { + compress + missingok + notifempty + rotate 4 + dateext + dateformat -%Y%m%d-%H%M + size 2M + copytruncate +} diff --git a/migration-python3-conversion.patch b/migration-python3-conversion.patch new file mode 100644 index 0000000..5381616 --- /dev/null +++ b/migration-python3-conversion.patch @@ -0,0 +1,63 @@ +Index: xen-4.18.0-testing/tools/python/xen/migration/legacy.py +=================================================================== +--- xen-4.18.0-testing.orig/tools/python/xen/migration/legacy.py ++++ xen-4.18.0-testing/tools/python/xen/migration/legacy.py +@@ -1,3 +1,4 @@ ++#!/usr/bin/python3 + # -*- coding: utf-8 -*- + + """ +Index: xen-4.18.0-testing/tools/python/xen/migration/libxc.py +=================================================================== +--- xen-4.18.0-testing.orig/tools/python/xen/migration/libxc.py ++++ xen-4.18.0-testing/tools/python/xen/migration/libxc.py +@@ -1,3 +1,4 @@ ++#!/usr/bin/python3 + # -*- coding: utf-8 -*- + + """ +Index: xen-4.18.0-testing/tools/python/xen/migration/libxl.py +=================================================================== +--- xen-4.18.0-testing.orig/tools/python/xen/migration/libxl.py ++++ xen-4.18.0-testing/tools/python/xen/migration/libxl.py +@@ -1,3 +1,4 @@ ++#!/usr/bin/python3 + # -*- coding: utf-8 -*- + + """ +Index: xen-4.18.0-testing/tools/python/xen/migration/public.py +=================================================================== +--- xen-4.18.0-testing.orig/tools/python/xen/migration/public.py ++++ xen-4.18.0-testing/tools/python/xen/migration/public.py +@@ -1,3 +1,4 @@ ++#!/usr/bin/python3 + # -*- coding: utf-8 -*- + + """ +Index: xen-4.18.0-testing/tools/python/xen/migration/tests.py +=================================================================== +--- xen-4.18.0-testing.orig/tools/python/xen/migration/tests.py ++++ xen-4.18.0-testing/tools/python/xen/migration/tests.py +@@ -1,3 +1,4 @@ ++#!/usr/bin/python3 + # -*- coding: utf-8 -*- + + """ +Index: xen-4.18.0-testing/tools/python/xen/migration/verify.py +=================================================================== +--- xen-4.18.0-testing.orig/tools/python/xen/migration/verify.py ++++ xen-4.18.0-testing/tools/python/xen/migration/verify.py +@@ -1,3 +1,4 @@ ++#!/usr/bin/python3 + # -*- coding: utf-8 -*- + + """ +Index: xen-4.18.0-testing/tools/python/xen/migration/xl.py +=================================================================== +--- xen-4.18.0-testing.orig/tools/python/xen/migration/xl.py ++++ xen-4.18.0-testing/tools/python/xen/migration/xl.py +@@ -1,3 +1,4 @@ ++#!/usr/bin/python3 + # -*- coding: utf-8 -*- + + """ diff --git a/mini-os.tar.bz2 b/mini-os.tar.bz2 new file mode 100644 index 0000000..3eed099 --- /dev/null +++ b/mini-os.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:48c0d8f1909a0345243dc529047eb2bf7881139f8fdfb5bbf32b2a83b14a44ac +size 312038 diff --git a/pygrub-boot-legacy-sles.patch b/pygrub-boot-legacy-sles.patch new file mode 100644 index 0000000..4327538 --- /dev/null +++ b/pygrub-boot-legacy-sles.patch @@ -0,0 +1,63 @@ +Index: xen-4.17.2-testing/tools/pygrub/src/pygrub +=================================================================== +--- xen-4.17.2-testing.orig/tools/pygrub/src/pygrub ++++ xen-4.17.2-testing/tools/pygrub/src/pygrub +@@ -579,7 +579,7 @@ class Grub: + self.cf.filename = f + break + if self.__dict__.get('cf', None) is None: +- raise RuntimeError("couldn't find bootloader config file in the image provided.") ++ return + f = fs.open_file(self.cf.filename) + # limit read size to avoid pathological cases + buf = f.read(FS_READ_MAX) +@@ -754,6 +754,20 @@ def run_grub(file, entry, fs, cfg_args): + + g = Grub(file, fs) + ++ # If missing config or grub has no menu entries to select, look for ++ # vmlinuz-xen and initrd-xen in /boot ++ if g.__dict__.get('cf', None) is None or len(g.cf.images) == 0 or re.search(r"xen(-pae)?\.gz",g.cf.images[0].kernel[1]): ++ if not list_entries: ++ chosencfg = { "kernel": None, "ramdisk": None, "args": "" } ++ chosencfg = sniff_xen_kernel(fs, incfg) ++ if chosencfg["kernel"] and chosencfg["ramdisk"]: ++ chosencfg["args"] = cfg_args ++ return chosencfg ++ if g.__dict__.get('cf', None) is None: ++ raise RuntimeError("couldn't find bootloader config file in the image provided.") ++ else: ++ return ++ + if list_entries: + for i in range(len(g.cf.images)): + img = g.cf.images[i] +@@ -840,6 +854,19 @@ def sniff_netware(fs, cfg): + + return cfg + ++def sniff_xen_kernel(fs, cfg): ++ if not cfg["kernel"]: ++ if fs.file_exists('/boot/vmlinuz-xen'): ++ cfg["kernel"] = '/boot/vmlinuz-xen' ++ elif fs.file_exists('/boot/vmlinuz-xenpae'): ++ cfg["kernel"] = '/boot/vmlinuz-xenpae' ++ if cfg["kernel"] and not cfg["ramdisk"]: ++ if fs.file_exists('/boot/initrd-xen'): ++ cfg["ramdisk"] = '/boot/initrd-xen' ++ elif fs.file_exists('/boot/initrd-xenpae'): ++ cfg["ramdisk"] = '/boot/initrd-xenpae' ++ return cfg ++ + def format_sxp(kernel, ramdisk, args): + s = "linux (kernel %s)" % repr(kernel) + if ramdisk: +@@ -918,7 +945,7 @@ if __name__ == "__main__": + debug = False + not_really = False + output_format = "sxp" +- output_directory = "/var/run/xen/pygrub/" ++ output_directory = "/var/run/xen" + uid = None + + # what was passed in diff --git a/pygrub-handle-one-line-menu-entries.patch b/pygrub-handle-one-line-menu-entries.patch new file mode 100644 index 0000000..b190a10 --- /dev/null +++ b/pygrub-handle-one-line-menu-entries.patch @@ -0,0 +1,59 @@ +References: bsc#978413 + +The parsing code can't handle a single line menu entry. +For example: menuentry 'halt' { halt } +Force it to fall through where it will handle the closing brace. +Also change warning to debug to cut down on verbose output. + +Index: xen-4.18.0-testing/tools/pygrub/src/GrubConf.py +=================================================================== +--- xen-4.18.0-testing.orig/tools/pygrub/src/GrubConf.py ++++ xen-4.18.0-testing/tools/pygrub/src/GrubConf.py +@@ -150,7 +150,7 @@ class GrubImage(_GrubImage): + else: + logging.info("Ignored image directive %s" %(com,)) + else: +- logging.warning("Unknown image directive %s" %(com,)) ++ logging.debug("Unknown image directive %s" %(com,)) + + # now put the line in the list of lines + if replace is None: +@@ -309,7 +309,7 @@ class GrubConfigFile(_GrubConfigFile): + else: + logging.info("Ignored directive %s" %(com,)) + else: +- logging.warning("Unknown directive %s" %(com,)) ++ logging.debug("Unknown directive %s" %(com,)) + + if img: + self.add_image(GrubImage(title, img)) +@@ -343,7 +343,7 @@ class Grub2Image(_GrubImage): + elif com.startswith('set:'): + pass + else: +- logging.warning("Unknown image directive %s" %(com,)) ++ logging.debug("Unknown image directive %s" %(com,)) + + # now put the line in the list of lines + if replace is None: +@@ -408,7 +408,10 @@ class Grub2ConfigFile(_GrubConfigFile): + raise RuntimeError("syntax error: cannot nest menuentry (%d %s)" % (len(img),img)) + img = [] + title = title_match.group(1) +- continue ++ if not l.endswith('}'): ++ continue ++ # One line menuentry, Ex. menuentry 'halt' { halt } ++ l = '}' + + if l.startswith("submenu"): + menu_level += 1 +@@ -447,7 +450,7 @@ class Grub2ConfigFile(_GrubConfigFile): + elif com.startswith('set:'): + pass + else: +- logging.warning("Unknown directive %s" %(com,)) ++ logging.debug("Unknown directive %s" %(com,)) + + if img is not None: + raise RuntimeError("syntax error: end of file with open menuentry(%d %s)" % (len(img),img)) diff --git a/replace-obsolete-network-configuration-commands-in-s.patch b/replace-obsolete-network-configuration-commands-in-s.patch new file mode 100644 index 0000000..0d7a3eb --- /dev/null +++ b/replace-obsolete-network-configuration-commands-in-s.patch @@ -0,0 +1,151 @@ +From 5e1e18fde92bae1ae87f78d470e80b1ffc9350d1 Mon Sep 17 00:00:00 2001 +From: Michal Kubecek +Date: Wed, 26 Jul 2017 10:28:54 +0200 +Subject: [PATCH] replace obsolete network configuration commands in scripts + +Some scripts still use obsolete network configuration commands ifconfig and +brctl. Replace them by commands from iproute2 package. +--- + README | 3 +-- + tools/hotplug/Linux/colo-proxy-setup | 14 ++++++-------- + tools/hotplug/Linux/remus-netbuf-setup | 3 ++- + tools/hotplug/Linux/vif-bridge | 7 ++++--- + tools/hotplug/Linux/vif-nat | 2 +- + tools/hotplug/Linux/vif-route | 6 ++++-- + tools/hotplug/Linux/xen-network-common.sh | 6 ++---- + .../i386-dm/qemu-ifup-Linux | 5 +++-- + 9 files changed, 26 insertions(+), 26 deletions(-) + +Index: xen-4.17.0-testing/README +=================================================================== +--- xen-4.17.0-testing.orig/README ++++ xen-4.17.0-testing/README +@@ -61,8 +61,7 @@ provided by your OS distributor: + * Development install of GLib v2.0 (e.g. libglib2.0-dev) + * Development install of Pixman (e.g. libpixman-1-dev) + * pkg-config +- * bridge-utils package (/sbin/brctl) +- * iproute package (/sbin/ip) ++ * iproute package (/sbin/ip, /sbin/bridge) + * GNU bison and GNU flex + * ACPI ASL compiler (iasl) + +Index: xen-4.17.0-testing/tools/hotplug/Linux/remus-netbuf-setup +=================================================================== +--- xen-4.17.0-testing.orig/tools/hotplug/Linux/remus-netbuf-setup ++++ xen-4.17.0-testing/tools/hotplug/Linux/remus-netbuf-setup +@@ -76,6 +76,7 @@ + #specific setup code such as renaming. + dir=$(dirname "$0") + . "$dir/xen-hotplug-common.sh" ++. "$dir/xen-network-common.sh" + + findCommand "$@" + +@@ -139,8 +140,16 @@ check_ifb() { + + setup_ifb() { + +- for ifb in `ifconfig -a -s|egrep ^ifb|cut -d ' ' -f1` ++ if [ "$legacy_tools" ]; then ++ ifbs=`ifconfig -a -s|egrep ^ifb|cut -d ' ' -f1` ++ else ++ ifbs=$(ip --oneline link show type ifb | cut -d ' ' -f2) ++ fi ++ for ifb in $ifbs + do ++ if [ ! "$legacy_tools" ]; then ++ ifb="${ifb%:}" ++ fi + check_ifb "$ifb" || continue + REMUS_IFB="$ifb" + break +Index: xen-4.17.0-testing/tools/hotplug/Linux/vif-bridge +=================================================================== +--- xen-4.17.0-testing.orig/tools/hotplug/Linux/vif-bridge ++++ xen-4.17.0-testing/tools/hotplug/Linux/vif-bridge +@@ -42,7 +42,8 @@ if [ -z "$bridge" ]; then + if which brctl >&/dev/null; then + bridge=$(brctl show | awk 'NR==2{print$1}') + else +- bridge=$(bridge link | cut -d" " -f7) ++ bridge=$(ip --oneline link show type bridge | awk '(NR == 1) { print $2; }') ++ bridge="${bridge%:}" + fi + if [ -z "$bridge" ] + then +Index: xen-4.17.0-testing/tools/hotplug/Linux/vif-nat +=================================================================== +--- xen-4.17.0-testing.orig/tools/hotplug/Linux/vif-nat ++++ xen-4.17.0-testing/tools/hotplug/Linux/vif-nat +@@ -172,7 +172,11 @@ case "$command" in + ;; + offline) + [ "$dhcp" != 'no' ] && dhcp_down +- do_without_error ifconfig "${dev}" down ++ if [ "$legacy_tools" ]; then ++ do_without_error ifconfig "${dev}" down ++ else ++ do_without_error ip link set "${dev}" down ++ fi + ;; + esac + +Index: xen-4.17.0-testing/tools/hotplug/Linux/vif-route +=================================================================== +--- xen-4.17.0-testing.orig/tools/hotplug/Linux/vif-route ++++ xen-4.17.0-testing/tools/hotplug/Linux/vif-route +@@ -23,13 +23,23 @@ main_ip=$(dom0_ip) + + case "${command}" in + add|online) +- ifconfig ${dev} ${main_ip} netmask 255.255.255.255 up ++ if [ "$legacy_tools" ]; then ++ ifconfig ${dev} ${main_ip} netmask 255.255.255.255 up ++ else ++ ip addr add "${main_ip}/32" dev "$dev" ++ fi ++ ip link set "dev" up + echo 1 >/proc/sys/net/ipv4/conf/${dev}/proxy_arp + ipcmd='add' + cmdprefix='' + ;; + remove|offline) +- do_without_error ifdown ${dev} ++ if [ "$legacy_tools" ]; then ++ do_without_error ifdown ${dev} ++ else ++ do_without_error ip addr flush dev "$dev" ++ do_without_error ip link set "$dev" down ++ fi + ipcmd='del' + cmdprefix='do_without_error' + ;; +Index: xen-4.17.0-testing/tools/hotplug/Linux/xen-network-common.sh +=================================================================== +--- xen-4.17.0-testing.orig/tools/hotplug/Linux/xen-network-common.sh ++++ xen-4.17.0-testing/tools/hotplug/Linux/xen-network-common.sh +@@ -15,6 +15,12 @@ + # + + ++# Use brctl and ifconfig on older systems ++legacy_tools= ++if [ -f /sbin/brctl -a -f /sbin/ifconfig ]; then ++ legacy_tools="true" ++fi ++ + # Gentoo doesn't have ifup/ifdown, so we define appropriate alternatives. + + # Other platforms just use ifup / ifdown directly. +@@ -152,8 +158,10 @@ remove_from_bridge () { + log debug "removing $dev from bridge $bridge" + if which brctl >&/dev/null; then + do_without_error brctl delif ${bridge} ${dev} ++ do_without_error ifconfig "$dev" down + else + do_without_error ip link set ${dev} nomaster ++ do_without_error ip link set "$dev" down + fi + else + log debug "$dev not on bridge $bridge" diff --git a/stdvga-cache.patch b/stdvga-cache.patch new file mode 100644 index 0000000..8a4df5b --- /dev/null +++ b/stdvga-cache.patch @@ -0,0 +1,16 @@ +Index: xen-4.18.0-testing/xen/arch/x86/hvm/stdvga.c +=================================================================== +--- xen-4.18.0-testing.orig/xen/arch/x86/hvm/stdvga.c ++++ xen-4.18.0-testing/xen/arch/x86/hvm/stdvga.c +@@ -165,7 +165,10 @@ static int stdvga_outb(uint64_t addr, ui + + /* When in standard vga mode, emulate here all writes to the vram buffer + * so we can immediately satisfy reads without waiting for qemu. */ +- s->stdvga = (s->sr[7] == 0x00); ++ s->stdvga = ++ (s->sr[7] == 0x00) && /* standard vga mode */ ++ (s->gr[6] == 0x05); /* misc graphics register w/ MemoryMapSelect=1 ++ * 0xa0000-0xaffff (64k region), AlphaDis=1 */ + + if ( !prev_stdvga && s->stdvga ) + { diff --git a/stubdom.tar.bz2 b/stubdom.tar.bz2 new file mode 100644 index 0000000..1419de9 --- /dev/null +++ b/stubdom.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e60d1310164c2ec47222381d45a609def533435f0dd08bf9935401f15dfa07ef +size 19767945 diff --git a/suse-xendomains-service.patch b/suse-xendomains-service.patch new file mode 100644 index 0000000..42658dd --- /dev/null +++ b/suse-xendomains-service.patch @@ -0,0 +1,20 @@ +xendomains: remove libvirtd conflict + +Conflicting with libvirtd is fine for upstream, where xl/libxl is king. +But down the SUSE stream, we promote libvirt and all the libvirt-based +tools. If a user installs libvirt on their SUSE Xen host, then libvirt +should be king and override xendomains. + +bsc#1015348 +Index: xen-4.8.0-testing/tools/hotplug/Linux/systemd/xendomains.service.in +=================================================================== +--- xen-4.8.0-testing.orig/tools/hotplug/Linux/systemd/xendomains.service.in ++++ xen-4.8.0-testing/tools/hotplug/Linux/systemd/xendomains.service.in +@@ -5,7 +5,6 @@ After=proc-xen.mount xenstored.service x + After=network-online.target + After=remote-fs.target + ConditionPathExists=/proc/xen/capabilities +-Conflicts=libvirtd.service + + [Service] + Type=oneshot diff --git a/suspend_evtchn_lock.patch b/suspend_evtchn_lock.patch new file mode 100644 index 0000000..6507d45 --- /dev/null +++ b/suspend_evtchn_lock.patch @@ -0,0 +1,78 @@ +Fix problems that suspend eventchannel lock file might be obselete for some reason +like segment fault or other abnormal exit, and once obselete lock file exists, +it might affact latter save process. +Have discussed with upstream, for some reason not accepted. +http://xen.1045712.n5.nabble.com/Re-PATCH-improve-suspend-evtchn-lock-processing-td3395229.html + +Signed-off-by: Chunyan Liu + +Index: xen-4.10.0-testing/tools/libs/guest/xg_suspend.c +=================================================================== +--- xen-4.10.0-testing.orig/tools/libs/guest/xg_suspend.c ++++ xen-4.10.0-testing/tools/libs/guest/xg_suspend.c +@@ -20,6 +20,10 @@ + + #include "xc_private.h" + #include "xenguest.h" ++#include ++#ifdef __MINIOS__ ++extern int kill (__pid_t __pid, int __sig); ++#endif + + #define SUSPEND_LOCK_FILE XEN_RUN_DIR "/suspend-evtchn-%d.lock" + +@@ -35,6 +39,37 @@ + + #define SUSPEND_FILE_BUFLEN (sizeof(SUSPEND_LOCK_FILE) + 10) + ++/* cleanup obsolete suspend lock file which is unlinked for any reason, ++so that current process can get lock */ ++static void clean_obsolete_lock(int domid) ++{ ++ int fd, pid, n; ++ char buf[128]; ++ char suspend_file[256]; ++ ++ snprintf(suspend_file, sizeof(suspend_file), "%s_%d_lock.d", ++ SUSPEND_LOCK_FILE, domid); ++ fd = open(suspend_file, O_RDWR); ++ ++ if (fd < 0) ++ return; ++ ++ n = read(fd, buf, 127); ++ ++ close(fd); ++ ++ if (n > 0) ++ { ++ sscanf(buf, "%d", &pid); ++ /* pid does not exist, this lock file is obsolete, just delete it */ ++ if ( kill(pid,0) ) ++ { ++ unlink(suspend_file); ++ return; ++ } ++ } ++} ++ + static void get_suspend_file(char buf[], uint32_t domid) + { + snprintf(buf, SUSPEND_FILE_BUFLEN, SUSPEND_LOCK_FILE, domid); +@@ -48,6 +83,7 @@ static int lock_suspend_event(xc_interfa + struct flock fl; + + get_suspend_file(suspend_file, domid); ++ clean_obsolete_lock(domid); + + *lockfd = -1; + +@@ -97,6 +133,8 @@ static int lock_suspend_event(xc_interfa + if (fd >= 0) + close(fd); + ++ unlink(suspend_file); ++ + return -1; + } + diff --git a/sysconfig.pciback b/sysconfig.pciback new file mode 100644 index 0000000..ae012c3 --- /dev/null +++ b/sysconfig.pciback @@ -0,0 +1,9 @@ +## Path: System/Virtualization +## Type: string +## Default: "" +# +# Space delimited list of PCI devices to late bind to pciback +# Format: , +# +#XEN_PCI_HIDE_LIST="e1000,0000:0b:00.0 e1000,0000:0b:00.1" +XEN_PCI_HIDE_LIST="" diff --git a/vif-bridge-no-iptables.patch b/vif-bridge-no-iptables.patch new file mode 100644 index 0000000..f602b0d --- /dev/null +++ b/vif-bridge-no-iptables.patch @@ -0,0 +1,13 @@ +Index: xen-4.15.0-testing/tools/hotplug/Linux/vif-bridge +=================================================================== +--- xen-4.15.0-testing.orig/tools/hotplug/Linux/vif-bridge ++++ xen-4.15.0-testing/tools/hotplug/Linux/vif-bridge +@@ -87,7 +87,7 @@ case "$command" in + ;; + esac + +-handle_iptable ++#handle_iptable + + call_hooks vif post + diff --git a/vif-bridge-tap-fix.patch b/vif-bridge-tap-fix.patch new file mode 100644 index 0000000..8dfc761 --- /dev/null +++ b/vif-bridge-tap-fix.patch @@ -0,0 +1,30 @@ +# HG changeset patch +# User Jim Fehlig +# Date 1319581952 21600 +# Node ID 74da2a3a1db1476d627f42e4a99e9e720cc6774d +# Parent 6c583d35d76dda2236c81d9437ff9d57ab02c006 +Prevent vif-bridge from adding user-created tap interfaces to a bridge + +Exit vif-bridge script if there is no device info in xenstore, preventing +it from adding user-created taps to bridges. + + Signed-off-by: Jim Fehlig + +Index: xen-4.5.0-testing/tools/hotplug/Linux/vif-bridge +=================================================================== +--- xen-4.5.0-testing.orig/tools/hotplug/Linux/vif-bridge ++++ xen-4.5.0-testing/tools/hotplug/Linux/vif-bridge +@@ -28,6 +28,13 @@ + dir=$(dirname "$0") + . "$dir/vif-common.sh" + ++mac=$(xenstore_read_default "$XENBUS_PATH/mac" "") ++if [ -z "$mac" ] ++then ++ log debug "No device details in $XENBUS_PATH, exiting." ++ exit 0 ++fi ++ + bridge=${bridge:-} + bridge=$(xenstore_read_default "$XENBUS_PATH/bridge" "$bridge") + diff --git a/vif-route.patch b/vif-route.patch new file mode 100644 index 0000000..4e8b0a9 --- /dev/null +++ b/vif-route.patch @@ -0,0 +1,25 @@ +References: bsc#985503 + +Index: xen-4.15.1-testing/tools/hotplug/Linux/vif-route +=================================================================== +--- xen-4.15.1-testing.orig/tools/hotplug/Linux/vif-route ++++ xen-4.15.1-testing/tools/hotplug/Linux/vif-route +@@ -57,11 +57,13 @@ case "${type_if}" in + ;; + esac + +-# If we've been given a list of IP addresses, then add routes from dom0 to +-# the guest using those addresses. +-for addr in ${ip} ; do +- ${cmdprefix} ip route ${ipcmd} ${addr} dev ${dev} src ${main_ip} metric ${metric} +-done ++if [ "${ip}" ] && [ "${ipcmd}" ] ; then ++ # If we've been given a list of IP addresses, then add routes from dom0 to ++ # the guest using those addresses. ++ for addr in ${ip} ; do ++ ${cmdprefix} ip route ${ipcmd} ${addr} dev ${dev} src ${main_ip} metric ${metric} ++ done ++fi + + handle_iptable + diff --git a/x86-ioapic-ack-default.patch b/x86-ioapic-ack-default.patch new file mode 100644 index 0000000..567c8b3 --- /dev/null +++ b/x86-ioapic-ack-default.patch @@ -0,0 +1,16 @@ +Change default IO-APIC ack mode for single IO-APIC systems to old-style. + +--- a/xen/arch/x86/io_apic.c ++++ b/xen/arch/x86/io_apic.c +@@ -2074,7 +2074,10 @@ void __init setup_IO_APIC(void) + io_apic_irqs = ~PIC_IRQS; + + printk("ENABLING IO-APIC IRQs\n"); +- printk(" -> Using %s ACK method\n", ioapic_ack_new ? "new" : "old"); ++ if (!directed_eoi_enabled && !ioapic_ack_forced) { ++ ioapic_ack_new = (nr_ioapics > 1); ++ printk(" -> Using %s ACK method\n", ioapic_ack_new ? "new" : "old"); ++ } + + if (ioapic_ack_new) { + ioapic_level_type.ack = irq_complete_move; diff --git a/xen-4.18.0-testing-src.tar.bz2 b/xen-4.18.0-testing-src.tar.bz2 new file mode 100644 index 0000000..2ba7ce9 --- /dev/null +++ b/xen-4.18.0-testing-src.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:438eb9fc6df87cc4f87ce69001de6900c17471abcfeabad71d0e367a5a0438e8 +size 5572970 diff --git a/xen-arch-kconfig-nr_cpus.patch b/xen-arch-kconfig-nr_cpus.patch new file mode 100644 index 0000000..eff902d --- /dev/null +++ b/xen-arch-kconfig-nr_cpus.patch @@ -0,0 +1,13 @@ +Index: xen-4.18.0-testing/xen/arch/Kconfig +=================================================================== +--- xen-4.18.0-testing.orig/xen/arch/Kconfig ++++ xen-4.18.0-testing/xen/arch/Kconfig +@@ -7,7 +7,7 @@ config PHYS_ADDR_T_32 + config NR_CPUS + int "Maximum number of CPUs" + range 1 4095 +- default "256" if X86 ++ default "1024" if X86 + default "8" if ARM && RCAR3 + default "4" if ARM && QEMU + default "4" if ARM && MPSOC diff --git a/xen-destdir.patch b/xen-destdir.patch new file mode 100644 index 0000000..3569810 --- /dev/null +++ b/xen-destdir.patch @@ -0,0 +1,30 @@ +--- xen-4.18.0-testing/tools/xs-clients/Makefile.orig 2023-10-02 12:51:09.364766336 -0600 ++++ xen-4.18.0-testing/tools/xs-clients/Makefile 2023-10-02 12:53:09.360769196 -0600 +@@ -29,7 +29,7 @@ all: $(TARGETS) + clients: xenstore $(CLIENTS) xenstore-control + + $(CLIENTS): xenstore +- ln -f xenstore $@ ++ ln -sf xenstore $@ + + xenstore: xenstore_client.o + $(CC) $(LDFLAGS) $^ $(LDLIBS) -o $@ $(APPEND_LDFLAGS) +@@ -54,7 +54,7 @@ install: all + $(INSTALL_PROG) xenstore-control $(DESTDIR)$(bindir) + $(INSTALL_PROG) xenstore $(DESTDIR)$(bindir) + set -e ; for c in $(CLIENTS) ; do \ +- ln -f $(DESTDIR)$(bindir)/xenstore $(DESTDIR)$(bindir)/$${c} ; \ ++ ln -sf xenstore $(DESTDIR)$(bindir)/$${c} ; \ + done + + .PHONY: uninstall +--- xen-4.18.0-testing/tools/xenstored/Makefile.orig 2023-10-02 12:51:03.364766193 -0600 ++++ xen-4.18.0-testing/tools/xenstored/Makefile 2023-10-02 12:54:09.472770628 -0600 +@@ -37,6 +37,7 @@ TAGS: + install: all + $(INSTALL_DIR) $(DESTDIR)$(sbindir) + $(INSTALL_PROG) xenstored $(DESTDIR)$(sbindir) ++ $(INSTALL_DIR) $(DESTDIR)$(bindir) + + .PHONY: uninstall + uninstall: diff --git a/xen-dom0-modules.service b/xen-dom0-modules.service new file mode 100644 index 0000000..fea878f --- /dev/null +++ b/xen-dom0-modules.service @@ -0,0 +1,16 @@ +[Unit] +Description=Load dom0 backend drivers +ConditionPathExists=/proc/xen +Before=xenstored.service xen-watchdog.service + +[Install] +WantedBy=multi-user.target + +[Service] +Type=oneshot +RemainAfterExit=true +Environment=PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin +# dummy to have always one valid line +ExecStart=-/usr/bin/env uname -a +# modules listed in /usr/lib/modules.d/xen.conf +# load them manually to avoid usage of system-modules-load.service diff --git a/xen-supportconfig b/xen-supportconfig new file mode 100644 index 0000000..a4d325a --- /dev/null +++ b/xen-supportconfig @@ -0,0 +1,81 @@ +#!/bin/bash +############################################################# +# Name: Supportconfig Plugin for Xen +# Description: Gathers important troubleshooting information +# about Xen and its tools +############################################################# + +# TODO: +# - Anything needed for UEFI? +# + +RCFILE="/usr/lib/supportconfig/resources/supportconfig.rc" +OF="output-xen.txt" + +GRUB2_CONF_FILES="/etc/default/grub" +XEN_CONF_FILES="/etc/xen/xl.conf /etc/sysconfig/xencommons /etc/sysconfig/xendomains" +XEN_SERVICES="xencommons xendomains xen-watchdog" +PERSISTENT_VM_CONF_FILES="" +ACTIVE_VM_CONF_FILES="" +XEN_LOG_FILES="" + +if [ -s $RCFILE ]; then + if ! source $RCFILE; then + log_write $OF "ERROR: Initializing resource file: $RCFILE" + exit 1 + fi +fi + +# if no xen package we are done +rpm_verify $OF xen || exit 111 + +# if not a xen host (dom0) we are done +log_write $OF "#==[ Checking if booted Xen ]=================================#" +if [ ! -d /proc/xen ] || [ ! -e /proc/xen/capabilities ] || [ `cat /proc/xen/capabilities` != "control_d" ]; then + log_write $OF "No" + log_write $OF "Skipped" + exit 0 +else + log_write $OF "Yes" +fi + +# basic system information: +log_cmd $OF "uname -r" +for service in $XEN_SERVICES; do + log_cmd $OF "systemctl status $service" + log_cmd $OF "systemctl is-enabled $service" +done +log_cmd $OF "lscpu" +log_cmd $OF "xl info --numa" +log_cmd $OF "xl list" +log_cmd $OF "xl pci-assignable-list" +log_cmd $OF "xenstore-ls" +log_cmd $OF "ps -ef | grep xen" +# dump grub2-related conf files +conf_files $OF "$GRUB2_CONF_FILES" +# dump Xen-related conf files +conf_files $OF "$XEN_CONF_FILES" + +# detailed system info: +log_cmd $OF "xl list --long" +log_cmd $OF "xl dmesg" +# network-related info often useful for debugging +if [ systemctl is-enabled NetworkManager.service 2>&1 > /dev/null ]; then + log_write $OF "NOTE: NetworkManager should not be enabled on a Xen host" +fi +log_cmd $OF "route -n" +log_cmd $OF "arp -v" +log_cmd $OF "ip link show type bridge" +log_cmd $OF "bridge link show" +# list contents of common config and image directories +log_cmd $OF "ls -alR /etc/xen/vm/" +log_cmd $OF "ls -alR /etc/xen/auto/" +log_cmd $OF "ls -alR /var/lib/xen/images/" +# dump VM-related conf files +test -d /etc/xen/vm && PERSISTENT_VM_CONF_FILES=$(find -L /etc/xen/vm/ -type f | sort) +conf_files $OF "$PERSISTENT_VM_CONF_FILES" +test -d /var/lib/xen && ACTIVE_VM_CONF_FILES=$(find -L /var/lib/xen/userdata* -type f | sort) +conf_files $OF "$ACTIVE_VM_CONF_FILES" +# dump log files +test -d /var/log/xen && XEN_LOG_FILES="$(find -L /var/log/xen/ -type f | grep 'log$' | sort)" +log_files $OF 0 "$XEN_LOG_FILES" diff --git a/xen.bug1026236.suse_vtsc_tolerance.patch b/xen.bug1026236.suse_vtsc_tolerance.patch new file mode 100644 index 0000000..148cdb2 --- /dev/null +++ b/xen.bug1026236.suse_vtsc_tolerance.patch @@ -0,0 +1,58 @@ +suse_vtsc_tolerance= +Reference: bsc#1026236 + +To avoid emulation of vTSC after live migration or save/restore allow +different clock frequency up to the specified value. If the frequency +is within the allowed range TSC access by the domU will be performed +at native speed. Otherwise TSC access will be emulated. It is up to +the hostadmin to decide how much tolerance all running domUs can +actually handle. The default is zero tolerance. + +--- a/xen/arch/x86/time.c ++++ b/xen/arch/x86/time.c +@@ -47,6 +47,9 @@ + static char __initdata opt_clocksource[10]; + string_param("clocksource", opt_clocksource); + ++static unsigned int __ro_after_init opt_suse_vtsc_tolerance; ++integer_param("suse_vtsc_tolerance", opt_suse_vtsc_tolerance); ++ + unsigned long __read_mostly cpu_khz; /* CPU clock frequency in kHz. */ + DEFINE_SPINLOCK(rtc_lock); + unsigned long pit0_ticks; +@@ -2720,6 +2723,8 @@ int tsc_set_info(struct domain *d, + + switch ( tsc_mode ) + { ++ bool disable_vtsc; ++ + case XEN_CPUID_TSC_MODE_DEFAULT: + case XEN_CPUID_TSC_MODE_ALWAYS_EMULATE: + d->arch.vtsc_offset = get_s_time() - elapsed_nsec; +@@ -2733,8 +2738,25 @@ int tsc_set_info(struct domain *d, + * When a guest is created, gtsc_khz is passed in as zero, making + * d->arch.tsc_khz == cpu_khz. Thus no need to check incarnation. + */ ++ disable_vtsc = d->arch.tsc_khz == cpu_khz; ++ ++ if ( tsc_mode == XEN_CPUID_TSC_MODE_DEFAULT && !disable_vtsc && ++ opt_suse_vtsc_tolerance && is_hvm_domain(d) ) ++ { ++ long khz_diff = ABS((long)cpu_khz - gtsc_khz); ++ ++ disable_vtsc = khz_diff <= opt_suse_vtsc_tolerance; ++ ++ printk(XENLOG_G_INFO "%pd: host has %lu kHz," ++ " domU expects %u kHz," ++ " difference of %ld is %s tolerance of %u\n", ++ d, cpu_khz, gtsc_khz, khz_diff, ++ disable_vtsc ? "within" : "outside", ++ opt_suse_vtsc_tolerance); ++ } ++ + if ( tsc_mode == XEN_CPUID_TSC_MODE_DEFAULT && host_tsc_is_safe() && +- (d->arch.tsc_khz == cpu_khz || ++ (disable_vtsc || + (is_hvm_domain(d) && + hvm_get_tsc_scaling_ratio(d->arch.tsc_khz))) ) + { diff --git a/xen.build-compare.doc_html.patch b/xen.build-compare.doc_html.patch new file mode 100644 index 0000000..e662273 --- /dev/null +++ b/xen.build-compare.doc_html.patch @@ -0,0 +1,31 @@ +The result of $(wildcard *) is random. +Sort input files to reduce build-compare noise. + +--- + docs/Makefile | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +Index: xen-4.18.0-testing/docs/Makefile +=================================================================== +--- xen-4.18.0-testing.orig/docs/Makefile ++++ xen-4.18.0-testing/docs/Makefile +@@ -192,7 +192,7 @@ uninstall: uninstall-man-pages uninstall + + # Individual file build targets + html/index.html: $(DOC_HTML) $(CURDIR)/gen-html-index INDEX +- $(PERL) -w -- $(CURDIR)/gen-html-index -i INDEX html $(DOC_HTML) ++ $(PERL) -w -- $(CURDIR)/gen-html-index -i INDEX html $(sort $(DOC_HTML)) + + html/%.txt: %.txt + @$(INSTALL_DIR) $(@D) +@@ -207,8 +207,8 @@ html/hypercall/%/index.html: $(CURDIR)/x + $(INSTALL_DIR) $(@D) + $(PERL) -w $(CURDIR)/xen-headers -O $(@D) \ + -T 'arch-$* - Xen public headers' \ +- $(patsubst %,-X arch-%,$(filter-out $*,$(DOC_ARCHES))) \ +- $(patsubst %,-X xen-%,$(filter-out $*,$(DOC_ARCHES))) \ ++ $(sort $(patsubst %,-X arch-%,$(filter-out $*,$(DOC_ARCHES)))) \ ++ $(sort $(patsubst %,-X xen-%,$(filter-out $*,$(DOC_ARCHES)))) \ + $(EXTRA_EXCLUDE) \ + $(XEN_ROOT)/xen include/public include/xen/errno.h + diff --git a/xen.changes b/xen.changes new file mode 100644 index 0000000..0015a6c --- /dev/null +++ b/xen.changes @@ -0,0 +1,14579 @@ +------------------------------------------------------------------- +Tue Nov 21 13:22:23 MST 2023 - carnold@suse.com + +- Enable the Kconfig options REQUIRE_NX and DIT_DEFAULT to + provide better hypervisor security + xen.spec + +------------------------------------------------------------------- +Tue Nov 21 12:14:00 CET 2023 - jbeulich@suse.com + +- Upstream bug fixes (bsc#1027519) + 654370e2-x86-x2APIC-remove-ACPI_FADT_APIC_CLUSTER-use.patch + 65437103-x86-i8259-dont-assume-IRQs-always-target-CPU0.patch + 655b2ba9-fix-sched_move_domain.patch + +------------------------------------------------------------------- +Mon Nov 20 10:08:38 UTC 2023 - Bernhard Wiedemann + +- Pass XEN_BUILD_DATE + _TIME to override build date (boo#1047218) + +------------------------------------------------------------------- +Thu Nov 16 06:24:59 MST 2023 - carnold@suse.com + +- Update to Xen 4.18.0 RC5 release (jsc#PED-4984) + xen-4.18.0-testing-src.tar.bz2 + * Repurpose command line gnttab_max_{maptrack_,}frames options so they don't + cap toolstack provided values. + * Ignore VCPUOP_set_singleshot_timer's VCPU_SSHOTTMR_future flag. The only + known user doesn't use it properly, leading to in-guest breakage. + * The "dom0" option is now supported on Arm and "sve=" sub-option can be used + to enable dom0 guest to use SVE/SVE2 instructions. + * Physical CPU Hotplug downgraded to Experimental and renamed "ACPI CPU + Hotplug" for clarity + * On x86, support for features new in Intel Sapphire Rapids CPUs: + - PKS (Protection Key Supervisor) available to HVM/PVH guests. + - VM-Notify used by Xen to mitigate certain micro-architectural pipeline + livelocks, instead of crashing the entire server. + - Bus-lock detection, used by Xen to mitigate (by rate-limiting) the system + wide impact of a guest misusing atomic instructions. + * xl/libxl can customize SMBIOS strings for HVM guests. + * Add support for AVX512-FP16 on x86. + * On Arm, Xen supports guests running SVE/SVE2 instructions. (Tech Preview) + * On Arm, add suport for Firmware Framework for Arm A-profile (FF-A) Mediator + (Tech Preview) + * Add Intel Hardware P-States (HWP) cpufreq driver. + * On Arm, experimental support for dynamic addition/removal of Xen device tree + nodes using a device tree overlay binary (.dtbo). + * Introduce two new hypercalls to map the vCPU runstate and time areas by + physical rather than linear/virtual addresses. + * On x86, support for enforcing system-wide operation in Data Operand + Independent Timing Mode. + * The project has now officially adopted 6 directives and 65 rules of MISRA-C. + * On x86, the "pku" command line option has been removed. It has never + behaved precisely as described, and was redundant with the unsupported + "cpuid=no-pku". Visibility of PKU to guests should be via its vm.cfg file. + * xenpvnetboot removed as unable to convert to Python 3. + * xencons is no longer supported or present. See 5d22d69b30 +- Droppped patches contained in new tarballs + 63e4da00-dont-log-errors-when-trying-to-load-PVH-xenstore-stubdom.patch + 643e3810-CONFIG_DEBUG_INFO-no-EXPERT.patch + 643e387f-xen-update-CONFIG_DEBUG_INFO-help-text.patch + 6447a8fd-x86-EFI-permit-crash-dump-analysis.patch + 64d33a57-libxenstat-Linux-nul-terminate-string.patch + aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch + xen.stubdom.newlib.patch + xsa446.patch + xsa445.patch + xsa438.patch + xsa439-00.patch + xsa439-01.patch + xsa439-02.patch + xsa439-03.patch + xsa439-04.patch + xsa439-05.patch + xsa439-06.patch + xsa439-07.patch + xsa439-08.patch + xsa439-09.patch + xsa443-10.patch + xsa443-11.patch + xsa440.patch +- Dropped xen-utils-0.1.tar.bz2 + The xen-list and xen-destroy commands are removed. Originally + created as a better replacement for 'xm'. The 'xl' equivalent + commands should be used instead. +- Dropped libxl.pvscsi.patch + Support for PVSCSI devices in the guest is no longer supported. + +------------------------------------------------------------------- +Thu Nov 2 06:44:38 MDT 2023 - carnold@suse.com + +- bsc#1216807 - VUL-0: CVE-2023-46836: xen: x86: BTC/SRSO fixes not + fully effective (XSA-446) + xsa446.patch + +------------------------------------------------------------------- +Fri Oct 27 09:22:33 MDT 2023 - carnold@suse.com + +- bsc#1216654 - VUL-0: CVE-2023-46835: xen: x86/AMD: mismatch in + IOMMU quarantine page table levels (XSA-445) + xsa445.patch + +------------------------------------------------------------------- +Wed Oct 18 15:30:33 MDT 2023 - jfehlig@suse.com + +- Supportconfig: Adapt plugin to modern supportconfig + The supportconfig 'scplugin.rc' file is deprecated in favor of + supportconfig.rc'. Adapt the xen plugin to the new scheme. + xen-supportconfig + +------------------------------------------------------------------- +Tue Oct 17 14:40:00 CEST 2023 - jbeulich@suse.com + +- bsc#1215145 - VUL-0: CVE-2023-34322: xen: top-level shadow + reference dropped too early for 64-bit PV guests (XSA-438) + 650abbfe-x86-shadow-defer-PV-top-level-release.patch +- bsc#1215474 - VUL-0: CVE-2023-20588: xen: AMD CPU transitional + execution leak via division by zero (XSA-439) + 64e5b4ac-x86-AMD-extend-Zenbleed-check.patch + 65087000-x86-spec-ctrl-SPEC_CTRL_EXIT_TO_XEN-confusion.patch + 65087001-x86-spec-ctrl-fold-DO_SPEC_CTRL_EXIT_TO_XEN.patch + 65087002-x86-spec-ctrl-SPEC_CTRL-ENTRY-EXIT-asm-macros.patch + 65087003-x86-spec-ctrl-SPEC_CTRL-ENTER-EXIT-comments.patch + 65087004-x86-entry-restore_all_xen-stack_end.patch + 65087005-x86-entry-track-IST-ness-of-entry.patch + 65087006-x86-spec-ctrl-VERW-on-IST-exit-to-Xen.patch + 65087007-x86-AMD-Zen-1-2-predicates.patch + 65087008-x86-spec-ctrl-Zen1-DIV-leakage.patch +- bsc#1215746 - VUL-0: CVE-2023-34326: xen: x86/AMD: missing IOMMU + TLB flushing (XSA-442) + 65263470-AMD-IOMMU-flush-TLB-when-flushing-DTE.patch +- bsc#1215747 - VUL-0: CVE-2023-34325: xen: Multiple + vulnerabilities in libfsimage disk handling (XSA-443) + 65263471-libfsimage-xfs-remove-dead-code.patch + 65263472-libfsimage-xfs-amend-mask32lo.patch + 65263473-libfsimage-xfs-sanity-check-superblock.patch + 65263474-libfsimage-xfs-compile-time-check.patch + 65263475-pygrub-remove-unnecessary-hypercall.patch + 65263476-pygrub-small-refactors.patch + 65263477-pygrub-open-output-files-earlier.patch + 65263478-libfsimage-function-to-preload-plugins.patch + 65263479-pygrub-deprivilege.patch + 6526347a-libxl-allow-bootloader-restricted-mode.patch + 6526347b-libxl-limit-bootloader-when-restricted.patch +- bsc#1215748 - VUL-0: CVE-2023-34327,CVE-2023-34328: xen: x86/AMD: + Debug Mask handling (XSA-444) + 6526347c-SVM-fix-AMD-DR-MASK-context-switch-asymmetry.patch + 6526347d-x86-PV-auditing-of-guest-breakpoints.patch +- Upstream bug fixes (bsc#1027519) + 64e6459b-revert-VMX-sanitize-rIP-before-reentering.patch + 64eef7e9-x86-reporting-spurious-i8259-interrupts.patch + 64f71f50-Arm-handle-cache-flush-at-top.patch + 65084ba5-x86-AMD-dont-expose-TscFreqSel.patch +- Patches dropped / replaced by newer upstream versions + xsa438.patch + xsa439-00.patch + xsa439-01.patch + xsa439-02.patch + xsa439-03.patch + xsa439-04.patch + xsa439-05.patch + xsa439-06.patch + xsa439-07.patch + xsa439-08.patch + xsa439-09.patch + xsa442.patch + xsa443-01.patch + xsa443-02.patch + xsa443-03.patch + xsa443-04.patch + xsa443-05.patch + xsa443-06.patch + xsa443-07.patch + xsa443-08.patch + xsa443-09.patch + xsa443-10.patch + xsa443-11.patch + xsa444-1.patch + xsa444-2.patch + +------------------------------------------------------------------- +Wed Sep 27 13:17:04 MDT 2023 - carnold@suse.com + +- bsc#1215744 - VUL-0: CVE-2023-34323: xen: xenstored: A + transaction conflict can crash C Xenstored (XSA-440) + xsa440.patch +- bsc#1215746 - VUL-0: CVE-2023-34326: xen: x86/AMD: missing IOMMU + TLB flushing (XSA-442) + xsa442.patch +- bsc#1215747 - VUL-0: CVE-2023-34325: xen: Multiple + vulnerabilities in libfsimage disk handling (XSA-443) + xsa443-01.patch + xsa443-02.patch + xsa443-03.patch + xsa443-04.patch + xsa443-05.patch + xsa443-06.patch + xsa443-07.patch + xsa443-08.patch + xsa443-09.patch + xsa443-10.patch + xsa443-11.patch +- bsc#1215748 - VUL-0: CVE-2023-34327,CVE-2023-34328: xen: x86/AMD: + Debug Mask handling (XSA-444) + xsa444-1.patch + xsa444-2.patch + +------------------------------------------------------------------- +Mon Sep 18 11:36:39 MDT 2023 - carnold@suse.com + +- bsc#1215474 - VUL-0: CVE-2023-20588: xen: AMD CPU transitional + execution leak via division by zero (XSA-439) + xsa439-00.patch + xsa439-01.patch + xsa439-02.patch + xsa439-03.patch + xsa439-04.patch + xsa439-05.patch + xsa439-06.patch + xsa439-07.patch + xsa439-08.patch + xsa439-09.patch + +------------------------------------------------------------------- +Fri Sep 8 10:10:18 MDT 2023 - carnold@suse.com + +- bsc#1215145 - VUL-0: CVE-2023-34322: xen: top-level shadow + reference dropped too early for 64-bit PV guests (XSA-438) + xsa438.patch + +------------------------------------------------------------------- +Sun Aug 13 13:13:13 UTC 2023 - ohering@suse.de + +- Handle potential unaligned access to bitmap in + libxc-sr-restore-hvm-legacy-superpage.patch + If setting BITS_PER_LONG at once, the initial bit must be aligned + +------------------------------------------------------------------- +Thu Aug 10 11:10:00 CEST 2023 - jbeulich@suse.com + +- bsc#1212684 - xentop fails with long interface name + 64d33a57-libxenstat-Linux-nul-terminate-string.patch + +------------------------------------------------------------------- +Tue Aug 8 11:36:00 MDT 2023 - carnold@suse.com + +- Update to Xen 4.17.2 bug fix release (bsc#1027519) + xen-4.17.2-testing-src.tar.bz2 + * No upstream changelog found in sources or webpage +- bsc#1214082 - VUL-0: CVE-2023-20569: xen: x86/AMD: Speculative + Return Stack Overflow (XSA-434) +- bsc#1214083 - VUL-0: CVE-2022-40982: xen: x86/Intel: Gather Data + Sampling (XSA-435) +- Dropped patches contained in new tarball + 64525c61-tools-libs-guest-assist-gcc13s-realloc-analyzer.patch + 645dec48-AMD-IOMMU-assert-boolean-enum.patch + 64639e84-amd-fix-legacy-setting-of-SSBD-on-AMD-Family-17h.patch + 646b782b-PCI-pci_get_pdev-respect-segment.patch + 647dfb0e-x86-missing-unlock-in-microcode_update_helper.patch + 648863fc-AMD-IOMMU-Invalidate-All-check.patch + 64bea1b2-x86-AMD-Zenbleed.patch + +------------------------------------------------------------------- +Tue Aug 1 11:11:11 UTC 2023 - ohering@suse.de + +- Handle potential off-by-one errors in libxc-sr-xg_sr_bitmap.patch + A bit is an index in bitmap, while bits is the allocated size + of the bitmap. + +------------------------------------------------------------------- +Fri Jul 28 15:15:15 UTC 2023 - ohering@suse.de + +- Add more debug to libxc-sr-track-migration-time.patch + This is supposed to help with doing the math in case xl restore + fails with ERANGE as reported in bug#1209311 + +------------------------------------------------------------------- +Tue Jul 25 10:44:08 MDT 2023 - carnold@suse.com + +- bsc#1213616 - VUL-0: CVE-2023-20593: xen: x86/AMD: Zenbleed + (XSA-433) + 64bea1b2-x86-AMD-Zenbleed.patch + +------------------------------------------------------------------- +Thu Jul 6 13:41:00 CET 2023 - jbeulich@suse.com + +- Upstream bug fixes (bsc#1027519) + 645dec48-AMD-IOMMU-assert-boolean-enum.patch + 646b782b-PCI-pci_get_pdev-respect-segment.patch + 647dfb0e-x86-missing-unlock-in-microcode_update_helper.patch + 648863fc-AMD-IOMMU-Invalidate-All-check.patch + +------------------------------------------------------------------- +Mon May 22 07:52:57 MDT 2023 - carnold@suse.com + +- bsc#1211433 - VUL-0: CVE-2022-42336: xen: Mishandling of guest + SSBD selection on AMD hardware (XSA-431) + 64639e84-amd-fix-legacy-setting-of-SSBD-on-AMD-Family-17h.patch + +------------------------------------------------------------------- +Thu May 4 11:22:27 MDT 2023 - carnold@suse.com + +- bsc#1210570 - gcc-13 realloc use-after-free analysis error + 64525c61-tools-libs-guest-assist-gcc13s-realloc-analyzer.patch + +------------------------------------------------------------------- +Fri Apr 28 14:53:15 MDT 2023 - carnold@suse.com + +- bsc#1209237 - xen-syms doesn't contain debug-info + 643e3810-CONFIG_DEBUG_INFO-no-EXPERT.patch + 643e387f-xen-update-CONFIG_DEBUG_INFO-help-text.patch + 6447a8fd-x86-EFI-permit-crash-dump-analysis.patch + +------------------------------------------------------------------- +Thu Apr 27 11:40:25 MDT 2023 - carnold@suse.com + +- Update to Xen 4.17.1 bug fix release (bsc#1027519) + xen-4.17.1-testing-src.tar.bz2 + * No upstream changelog found in sources or webpage +- Dropped patches contained in new tarball + 63a03b73-VMX-VMExit-based-BusLock-detection.patch + 63a03ba6-VMX-INTR_SHADOW_NMI-helper.patch + 63a03bce-VMX-Notify-VMExit.patch + 63a03e28-x86-high-freq-TSC-overflow.patch + 63c05478-VMX-calculate-model-specific-LBRs-once.patch + 63c05478-VMX-support-CPUs-without-model-specific-LBR.patch + 63d24e91-tools-xenstore-revert-simplify-loop-handling.patch + 63e53ac9-x86-CPUID-leaves-7-1-ecx-edx.patch + 63e53ac9-x86-disable-CET-SS-when-fractured-updates.patch + 63ebca9c-x86-spec-ctrl-Mitigate-Cross-Thread-Return-Address-Predictions.patch + 63f4d045-x86-ucode-AMD-apply-early-on-all-threads.patch + 63fe06e0-x86-ucode-AMD-apply-late-on-all-threads.patch + 640f3035-x86-altp2m-help-gcc13.patch + 641041e8-VT-d-constrain-IGD-check.patch + 64104238-bunzip-gcc13.patch + 6419697d-AMD-IOMMU-no-XT-x2APIC-phys.patch + 64199e0c-x86-shadow-account-for-log-dirty-mode.patch + 64199e0d-x86-HVM-bound-number-of-pca-regions.patch + 64199e0e-x86-HVM-serialize-pca-list-manipulation.patch + 64199e0f-x86-spec-ctrl-defer-CR4_PV32_RESTORE-for-CSTAR.patch + libxl.fix-guest-kexec-skip-cpuid-policy.patch + xsa430.patch + +------------------------------------------------------------------- +Tue Apr 11 09:36:33 MDT 2023 - carnold@suse.com + +- bsc#1210315 - VUL-0: CVE-2022-42335: xen: x86 shadow paging + arbitrary pointer dereference (XSA-430) + xsa430.patch + +------------------------------------------------------------------- +Fri Mar 31 11:02:49 MDT 2023 - carnold@suse.com + +- Not building the shim is correctly handled by --disable-pvshim + Drop disable-building-pv-shim.patch + +------------------------------------------------------------------- +Thu Mar 23 08:10:00 CET 2023 - jbeulich@suse.com + +- Upstream bug fixes (bsc#1027519) + 63a03b73-VMX-VMExit-based-BusLock-detection.patch + 63a03ba6-VMX-INTR_SHADOW_NMI-helper.patch + 63a03bce-VMX-Notify-VMExit.patch + 63e53ac9-x86-CPUID-leaves-7-1-ecx-edx.patch + 63e53ac9-x86-disable-CET-SS-when-fractured-updates.patch + 63f4d045-x86-ucode-AMD-apply-early-on-all-threads.patch + 63fe06e0-x86-ucode-AMD-apply-late-on-all-threads.patch + 641041e8-VT-d-constrain-IGD-check.patch + 6419697d-AMD-IOMMU-no-XT-x2APIC-phys.patch +- Use "proper" upstream backports: + 640f3035-x86-altp2m-help-gcc13.patch + 64104238-bunzip-gcc13.patch + 64199e0c-x86-shadow-account-for-log-dirty-mode.patch + 64199e0d-x86-HVM-bound-number-of-pca-regions.patch + 64199e0e-x86-HVM-serialize-pca-list-manipulation.patch + 64199e0f-x86-spec-ctrl-defer-CR4_PV32_RESTORE-for-CSTAR.patch +- ... in place of: + bunzip-gcc13.patch + altp2m-gcc13.patch + xsa427.patch + xsa428-1.patch + xsa428-2.patch + xsa429.patch + +------------------------------------------------------------------- +Thu Mar 16 08:08:08 UTC 2023 - ohering@suse.de + +- bsc#1209245 - fix host-assisted kexec/kdump for HVM domUs + libxl.fix-guest-kexec-skip-cpuid-policy.patch + +------------------------------------------------------------------- +Tue Mar 7 10:44:12 MST 2023 - carnold@suse.com + +- bsc#1209017 - VUL-0: CVE-2022-42332: xen: x86 shadow plus + log-dirty mode use-after-free (XSA-427) + xsa427.patch +- bsc#1209018 - VUL-0: CVE-2022-42333,CVE-2022-42334: xen: x86/HVM + pinned cache attributes mis-handling (XSA-428) + xsa428-1.patch + xsa428-2.patch +- bsc#1209019 - VUL-0: CVE-2022-42331: xen: x86: speculative + vulnerability in 32bit SYSCALL path (XSA-429) + xsa429.patch + +------------------------------------------------------------------- +Thu Mar 2 10:33:46 MST 2023 - carnold@suse.com + +- bsc#1208736 - GCC 13: xen package fails + bunzip-gcc13.patch + altp2m-gcc13.patch +- Drop gcc13-fixes.patch + +------------------------------------------------------------------- +Tue Feb 28 08:56:55 MST 2023 - carnold@suse.com + +- bsc#1208736 - GCC 13: xen package fails + gcc13-fixes.patch + +------------------------------------------------------------------- +Wed Feb 15 11:07:08 MST 2023 - carnold@suse.com + +- bsc#1208286 - VUL-0: CVE-2022-27672: xen: Cross-Thread Return + Address Predictions (XSA-426) + 63ebca9c-x86-spec-ctrl-Mitigate-Cross-Thread-Return-Address-Predictions.patch + +------------------------------------------------------------------- +Thu Feb 9 09:56:27 MST 2023 - carnold@suse.com + +- bsc#1205792 - Partner-L3: launch-xenstore error messages show in + SLES15 SP4 xen kernel. + 63e4da00-dont-log-errors-when-trying-to-load-PVH-xenstore-stubdom.patch + +------------------------------------------------------------------- +Mon Feb 6 12:17:00 CET 2023 - jbeulich@suse.com + +- bsc#1026236 - tidy/modernize patch + xen.bug1026236.suse_vtsc_tolerance.patch + +------------------------------------------------------------------- +Mon Feb 6 12:15:00 CET 2023 - jbeulich@suse.com + +- Upstream bug fixes (bsc#1027519) + 63c05478-VMX-calculate-model-specific-LBRs-once.patch + 63c05478-VMX-support-CPUs-without-model-specific-LBR.patch +- bsc#1207544 - VUL-0: CVE-2022-42330: xen: Guests can cause + Xenstore crash via soft reset (XSA-425) + xsa425.patch -> + 63d24e91-tools-xenstore-revert-simplify-loop-handling.patch + +------------------------------------------------------------------- +Wed Jan 25 10:39:54 MST 2023 - carnold@suse.com + +- bsc#1207544 - VUL-0: CVE-2022-42330: xen: Guests can cause + Xenstore crash via soft reset (XSA-425) + xsa425.patch + +------------------------------------------------------------------- +Tue Dec 20 13:35:00 CET 2022 - jbeulich@suse.com + +- Upstream bug fixes (bsc#1027519) + 63a03e28-x86-high-freq-TSC-overflow.patch + +------------------------------------------------------------------- +Thu Dec 8 10:54:29 MST 2022 - carnold@suse.com + +- Update to Xen 4.17.0 FCS release (jsc#PED-1858) + xen-4.17.0-testing-src.tar.bz2 + * On x86 "vga=current" can now be used together with GrUB2's gfxpayload setting. Note that + this requires use of "multiboot2" (and "module2") as the GrUB commands loading Xen. + * The "gnttab" option now has a new command line sub-option for disabling the + GNTTABOP_transfer functionality. + * The x86 MCE command line option info is now updated. + * Out-of-tree builds for the hypervisor now supported. + * __ro_after_init support, for marking data as immutable after boot. + * The project has officially adopted 4 directives and 24 rules of MISRA-C, + added MISRA-C checker build integration, and defined how to document + deviations. + * IOMMU superpage support on x86, affecting PV guests as well as HVM/PVH ones + when they don't share page tables with the CPU (HAP / EPT / NPT). + * Support for VIRT_SSBD and MSR_SPEC_CTRL for HVM guests on AMD. + * Improved TSC, CPU, and APIC clock frequency calibration on x86. + * Support for Xen using x86 Control Flow Enforcement technology for its own + protection. Both Shadow Stacks (ROP protection) and Indirect Branch + Tracking (COP/JOP protection). + * Add mwait-idle support for SPR and ADL on x86. + * Extend security support for hosts to 12 TiB of memory on x86. + * Add command line option to set cpuid parameters for dom0 at boot time on x86. + * Improved static configuration options on Arm. + * cpupools can be specified at boot using device tree on Arm. + * It is possible to use PV drivers with dom0less guests, allowing statically + booted dom0less guests with PV devices. + * On Arm, p2m structures are now allocated out of a pool of memory set aside at + domain creation. + * Improved mitigations against Spectre-BHB on Arm. + * Support VirtIO-MMIO devices device-tree binding creation in toolstack on Arm. + * Allow setting the number of CPUs to activate at runtime from command line + option on Arm. + * Grant-table support on Arm was improved and hardened by implementing + "simplified M2P-like approach for the xenheap pages" + * Add Renesas R-Car Gen4 IPMMU-VMSA support on Arm. + * Add i.MX lpuart and i.MX8QM support on Arm. + * Improved toolstack build system. + * Add Xue - console over USB 3 Debug Capability. + * gitlab-ci automation: Fixes and improvements together with new tests. + * dropped support for the (x86-only) "vesa-mtrr" and "vesa-remap" command line options +- Drop patches contained in new tarball or invalid + 62fde97e-tools-libxl-Replace-deprecated-soundhw-on-QEMU-command-line.patch + 6306185f-x86-XSTATE-CPUID-subleaf-1-EBX.patch + 631b5ba6-gnttab-acquire-resource-vaddrs.patch + 63455f82-Arm-P2M-prevent-adding-mapping-when-dying.patch + 63455fa8-Arm-P2M-preempt-when-freeing-intermediate.patch + 63455fc3-x86-p2m_teardown-allow-skip-root-pt-removal.patch + 63455fe4-x86-HAP-monitor-table-error-handling.patch + 63456000-x86-tolerate-sh_set_toplevel_shadow-failure.patch + 6345601d-x86-tolerate-shadow_prealloc-failure.patch + 6345603a-x86-P2M-refuse-new-alloc-for-dying.patch + 63456057-x86-P2M-truly-free-paging-pool-for-dying.patch + 63456075-x86-P2M-free-paging-pool-preemptively.patch + 63456090-x86-p2m_teardown-preemption.patch + 63456175-libxl-per-arch-extra-default-paging-memory.patch + 63456177-Arm-construct-P2M-pool-for-guests.patch + 6345617a-Arm-XEN_DOMCTL_shadow_op.patch + 6345617c-Arm-take-P2M-pages-P2M-pool.patch + 634561aa-gnttab-locking-on-transitive-copy-error-path.patch + 634561f1-x86emul-respect-NSCB.patch + 6346e404-VMX-correct-error-handling-in-vmx_create_vmcs.patch + 6351095c-Arm-rework-p2m_init.patch + 6351096a-Arm-P2M-populate-pages-for-GICv2-mapping.patch + 635274c0-EFI-dont-convert-runtime-mem-to-RAM.patch + 635665fb-sched-fix-restore_vcpu_affinity.patch + 63569723-x86-shadow-replace-bogus-assertions.patch + 61dd5f64-limit-support-statement-for-Linux-and-Windows-frontends.patch + xsa326-01.patch + xsa326-02.patch + xsa326-03.patch + xsa326-04.patch + xsa326-05.patch + xsa326-06.patch + xsa326-07.patch + xsa326-08.patch + xsa326-09.patch + xsa326-10.patch + xsa326-11.patch + xsa326-12.patch + xsa326-13.patch + xsa326-14.patch + xsa326-15.patch + xsa326-16.patch + xsa412.patch + xsa414.patch + xsa415.patch + xsa416.patch + xsa417.patch + xsa418-01.patch + xsa418-02.patch + xsa418-03.patch + xsa418-04.patch + xsa418-05.patch + xsa418-06.patch + xsa418-07.patch + xsa419-01.patch + xsa419-02.patch + xsa419-03.patch + xsa421-01.patch + xsa421-02.patch + +------------------------------------------------------------------- +Fri Oct 28 14:10:11 MDT 2022 - carnold@suse.com + +- bsc#1193923 - VUL-1: xen: Frontends vulnerable to backends + (XSA-376) + 61dd5f64-limit-support-statement-for-Linux-and-Windows-frontends.patch + +------------------------------------------------------------------- +Tue Oct 25 16:45:00 CEST 2022 - jbeulich@suse.com + +- bsc#1203806 - VUL-0: CVE-2022-33746: xen: P2M pool freeing may + take excessively long (XSA-410) + 63455f82-Arm-P2M-prevent-adding-mapping-when-dying.patch + 63455fa8-Arm-P2M-preempt-when-freeing-intermediate.patch + 63455fc3-x86-p2m_teardown-allow-skip-root-pt-removal.patch + 63455fe4-x86-HAP-monitor-table-error-handling.patch + 63456000-x86-tolerate-sh_set_toplevel_shadow-failure.patch + 6345601d-x86-tolerate-shadow_prealloc-failure.patch + 6345603a-x86-P2M-refuse-new-alloc-for-dying.patch + 63456057-x86-P2M-truly-free-paging-pool-for-dying.patch + 63456075-x86-P2M-free-paging-pool-preemptively.patch + 63456090-x86-p2m_teardown-preemption.patch +- bcs#1203804 - VUL-0: CVE-2022-33747: xen: unbounded memory consumption + for 2nd-level page tables on ARM systems (XSA-409) + 63456175-libxl-per-arch-extra-default-paging-memory.patch + 63456177-Arm-construct-P2M-pool-for-guests.patch + 6345617a-Arm-XEN_DOMCTL_shadow_op.patch + 6345617c-Arm-take-P2M-pages-P2M-pool.patch +- bsc#1203807 - VUL-0: CVE-2022-33748: xen: lock order inversion in + transitive grant copy handling (XSA-411) + 634561aa-gnttab-locking-on-transitive-copy-error-path.patch +- Upstream bug fixes (bsc#1027519) + 6306185f-x86-XSTATE-CPUID-subleaf-1-EBX.patch + 631b5ba6-gnttab-acquire-resource-vaddrs.patch + 634561f1-x86emul-respect-NSCB.patch + 6346e404-VMX-correct-error-handling-in-vmx_create_vmcs.patch + 6351095c-Arm-rework-p2m_init.patch + 6351096a-Arm-P2M-populate-pages-for-GICv2-mapping.patch + 635274c0-EFI-dont-convert-runtime-mem-to-RAM.patch + 635665fb-sched-fix-restore_vcpu_affinity.patch + 63569723-x86-shadow-replace-bogus-assertions.patch +- Drop patches replaced by upstream versions: + xsa410-01.patch + xsa410-02.patch + xsa410-03.patch + xsa410-04.patch + xsa410-05.patch + xsa410-06.patch + xsa410-07.patch + xsa410-08.patch + xsa410-09.patch + xsa410-10.patch + xsa411.patch + +------------------------------------------------------------------- +Wed Oct 19 08:42:59 MDT 2022 - carnold@suse.com + +- bsc#1204482 - VUL-0: CVE-2022-42311, CVE-2022-42312, + CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316, + CVE-2022-42317, CVE-2022-42318: xen: Xenstore: Guests can let + xenstored run out of memory (XSA-326) + xsa326-01.patch + xsa326-02.patch + xsa326-03.patch + xsa326-04.patch + xsa326-05.patch + xsa326-06.patch + xsa326-07.patch + xsa326-08.patch + xsa326-09.patch + xsa326-10.patch + xsa326-11.patch + xsa326-12.patch + xsa326-13.patch + xsa326-14.patch + xsa326-15.patch + xsa326-16.patch +- bsc#1204485 - VUL-0: CVE-2022-42309: xen: Xenstore: Guests can + crash xenstored (XSA-414) + xsa414.patch +- bsc#1204487 - VUL-0: CVE-2022-42310: xen: Xenstore: Guests can + create orphaned Xenstore nodes (XSA-415) + xsa415.patch +- bsc#1204488 - VUL-0: CVE-2022-42319: xen: Xenstore: Guests can + cause Xenstore to not free temporary memory (XSA-416) + xsa416.patch +- bsc#1204489 - VUL-0: CVE-2022-42320: xen: Xenstore: Guests can + get access to Xenstore nodes of deleted domains (XSA-417) + xsa417.patch +- bsc#1204490 - VUL-0: CVE-2022-42321: xen: Xenstore: Guests can + crash xenstored via exhausting the stack (XSA-418) + xsa418-01.patch + xsa418-02.patch + xsa418-03.patch + xsa418-04.patch + xsa418-05.patch + xsa418-06.patch + xsa418-07.patch +- bsc#1204494 - VUL-0: CVE-2022-42322,CVE-2022-42323: xen: + Xenstore: cooperating guests can create arbitrary numbers of + nodes (XSA-419) + xsa419-01.patch + xsa419-02.patch + xsa419-03.patch +- bsc#1204496 - VUL-0: CVE-2022-42325,CVE-2022-42326: xen: + Xenstore: Guests can create arbitray number of nodes via + transactions (XSA-421) + xsa421-01.patch + xsa421-02.patch + +------------------------------------------------------------------- +Wed Oct 19 08:30:06 MDT 2022 - carnold@suse.com + +- bsc#1204483 - VUL-0: CVE-2022-42327: xen: x86: unintended memory + sharing between guests (XSA-412) + xsa412.patch + +------------------------------------------------------------------- +Wed Sep 28 10:14:10 MDT 2022 - carnold@suse.com + +- bsc#1203806 - VUL-0: CVE-2022-33746: xen: P2M pool freeing may + take excessively long (XSA-410) + xsa410-01.patch + xsa410-02.patch + xsa410-03.patch + xsa410-04.patch + xsa410-05.patch + xsa410-06.patch + xsa410-07.patch + xsa410-08.patch + xsa410-09.patch + xsa410-10.patch +- bsc#1203807 - VUL-0: CVE-2022-33748: xen: lock order inversion in + transitive grant copy handling (XSA-411) + xsa411.patch + +------------------------------------------------------------------- +Mon Aug 29 10:24:31 MDT 2022 - carnold@suse.com + +- bsc#1201994 - Xen DomU unable to emulate audio device + 62fde97e-tools-libxl-Replace-deprecated-soundhw-on-QEMU-command-line.patch + +------------------------------------------------------------------- +Tue Aug 23 08:52:05 MDT 2022 - carnold@suse.com + +- Things are compiling fine now with gcc12. + Drop gcc12-fixes.patch + +------------------------------------------------------------------- +Thu Aug 18 14:18:46 MDT 2022 - carnold@suse.com + +- Update to Xen 4.16.2 bug fix release (bsc#1027519) + xen-4.16.2-testing-src.tar.bz2 + * No upstream changelog found in sources or webpage +- Drop patches contained in new tarball + 625fca42-VT-d-reserved-CAP-ND.patch + 626f7ee8-x86-MSR-handle-P5-MC-reads.patch + 627549d6-IO-shutdown-race.patch + 62a1e594-x86-clean-up-_get_page_type.patch + 62a1e5b0-x86-ABAC-race-in-_get_page_type.patch + 62a1e5d2-x86-introduce-_PAGE_-for-mem-types.patch + 62a1e5f0-x86-dont-change-cacheability-of-directmap.patch + 62a1e60e-x86-split-cache_flush-out-of-cache_writeback.patch + 62a1e62b-x86-AMD-work-around-CLFLUSH-ordering.patch + 62a1e649-x86-track-and-flush-non-coherent.patch + 62a99614-IOMMU-x86-gcc12.patch + 62ab0fab-x86-spec-ctrl-VERW-flushing-runtime-cond.patch + 62ab0fac-x86-spec-ctrl-enum-for-MMIO-Stale-Data.patch + 62ab0fad-x86-spec-ctrl-add-unpriv-mmio.patch + 62bdd840-x86-spec-ctrl-only-adjust-idle-with-legacy-IBRS.patch + 62bdd841-x86-spec-ctrl-knobs-for-STIBP-and-PSFD.patch + 62c56cc0-libxc-fix-compilation-error-with-gcc13.patch + 62cc31ed-x86-honour-spec-ctrl-0-for-unpriv-mmio.patch + 62cc31ee-cmdline-extend-parse_boolean.patch + 62cc31ef-x86-spec-ctrl-fine-grained-cmdline-subopts.patch + 62cd91d0-x86-spec-ctrl-rework-context-switching.patch + 62cd91d1-x86-spec-ctrl-rename-SCF_ist_wrmsr.patch + 62cd91d2-x86-spec-ctrl-rename-opt_ibpb.patch + 62cd91d3-x86-spec-ctrl-rework-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch + 62cd91d4-x86-spec-ctrl-IBPB-on-entry.patch + 62cd91d5-x86-cpuid-BTC_NO-enum.patch + 62cd91d6-x86-spec-ctrl-enable-Zen2-chickenbit.patch + 62cd91d7-x86-spec-ctrl-mitigate-Branch-Type-Confusion.patch + xsa408.patch + +------------------------------------------------------------------- +Thu Jul 28 07:07:07 UTC 2022 - ohering@suse.de + +- bsc#1167608, bsc#1201631 - fix built-in default of max_event_channels + A previous change to the built-in default had a logic error, + effectively restoring the upstream limit of 1023 channels per domU. + Fix the logic to calculate the default based on the number of vcpus. + adjust libxl.max_event_channels.patch + +------------------------------------------------------------------- +Wed Jul 13 11:10:03 MDT 2022 - carnold@suse.com + +- Added --disable-pvshim when running configure in xen.spec. + We have never shipped the shim and don't need to build it. + +------------------------------------------------------------------- +Tue Jul 13 10:30:00 CEST 2022 - jbeulich@suse.com + +- bsc#1199965 - VUL-0: CVE-2022-26362: xen: Race condition + in typeref acquisition + 62a1e594-x86-clean-up-_get_page_type.patch + 62a1e5b0-x86-ABAC-race-in-_get_page_type.patch +- bsc#1199966 - VUL-0: CVE-2022-26363,CVE-2022-26364: xen: + Insufficient care with non-coherent mappings + 62a1e5d2-x86-introduce-_PAGE_-for-mem-types.patch + 62a1e5f0-x86-dont-change-cacheability-of-directmap.patch + 62a1e60e-x86-split-cache_flush-out-of-cache_writeback.patch + 62a1e62b-x86-AMD-work-around-CLFLUSH-ordering.patch + 62a1e649-x86-track-and-flush-non-coherent.patch +- bsc#1200549 VUL-0: CVE-2022-21123,CVE-2022-21125,CVE-2022-21166: + xen: x86: MMIO Stale Data vulnerabilities (XSA-404) + 62ab0fab-x86-spec-ctrl-VERW-flushing-runtime-cond.patch + 62ab0fac-x86-spec-ctrl-enum-for-MMIO-Stale-Data.patch + 62ab0fad-x86-spec-ctrl-add-unpriv-mmio.patch +- bsc#1201469 - VUL-0: CVE-2022-23816,CVE-2022-23825,CVE-2022-29900: + xen: retbleed - arbitrary speculative code execution with return + instructions (XSA-407) + 62cc31ed-x86-honour-spec-ctrl-0-for-unpriv-mmio.patch + 62cc31ee-cmdline-extend-parse_boolean.patch + 62cc31ef-x86-spec-ctrl-fine-grained-cmdline-subopts.patch + 62cd91d0-x86-spec-ctrl-rework-context-switching.patch + 62cd91d1-x86-spec-ctrl-rename-SCF_ist_wrmsr.patch + 62cd91d2-x86-spec-ctrl-rename-opt_ibpb.patch + 62cd91d3-x86-spec-ctrl-rework-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch + 62cd91d4-x86-spec-ctrl-IBPB-on-entry.patch + 62cd91d5-x86-cpuid-BTC_NO-enum.patch + 62cd91d6-x86-spec-ctrl-enable-Zen2-chickenbit.patch + 62cd91d7-x86-spec-ctrl-mitigate-Branch-Type-Confusion.patch +- Upstream bug fixes (bsc#1027519) + 62a99614-IOMMU-x86-gcc12.patch + 62bdd840-x86-spec-ctrl-only-adjust-idle-with-legacy-IBRS.patch + 62bdd841-x86-spec-ctrl-knobs-for-STIBP-and-PSFD.patch +- Drop patches replaced by upstream versions + xsa401-1.patch + xsa401-2.patch + xsa402-1.patch + xsa402-2.patch + xsa402-3.patch + xsa402-4.patch + xsa402-5.patch + +------------------------------------------------------------------- +Tue Jul 12 08:32:19 MDT 2022 - carnold@suse.com + +- bsc#1201394 - VUL-0: CVE-2022-33745: xen: insufficient TLB flush + for x86 PV guests in shadow mode (XSA-408) + xsa408.patch +- Fix gcc13 compilation error + 62c56cc0-libxc-fix-compilation-error-with-gcc13.patch + +------------------------------------------------------------------- +Tue Jun 28 14:31:48 UTC 2022 - Stefan Schubert + +- Moved logrotate files from user specific directory /etc/logrotate.d + to vendor specific directory /usr/etc/logrotate.d. + +------------------------------------------------------------------- +Tue Jun 08 17:50:00 CEST 2022 - jbeulich@suse.com + +- bsc#1199966 - VUL-0: EMBARGOED: CVE-2022-26363,CVE-2022-26364: xen: + Insufficient care with non-coherent mappings + fix xsa402-5.patch + +------------------------------------------------------------------- +Tue May 31 17:25:00 CEST 2022 - jbeulich@suse.com + +- Upstream bug fixes (bsc#1027519) + 625fca42-VT-d-reserved-CAP-ND.patch + 626f7ee8-x86-MSR-handle-P5-MC-reads.patch + 627549d6-IO-shutdown-race.patch +- bsc#1199965 - VUL-0: EMBARGOED: CVE-2022-26362: xen: Race condition + in typeref acquisition + xsa401-1.patch + xsa401-2.patch +- bsc#1199966 - VUL-0: EMBARGOED: CVE-2022-26363,CVE-2022-26364: xen: + Insufficient care with non-coherent mappings + xsa402-1.patch + xsa402-2.patch + xsa402-3.patch + xsa402-4.patch + xsa402-5.patch + +------------------------------------------------------------------- +Tue May 10 16:08:02 UTC 2022 - Dirk Müller + +- fix python3 >= 3.10 version detection + +------------------------------------------------------------------- +Wed Apr 13 08:54:02 MDT 2022 - carnold@suse.com + +- Update to Xen 4.16.1 bug fix release (bsc#1027519) + xen-4.16.1-testing-src.tar.bz2 +- Drop patches contained in new tarball + 61b31d5c-x86-restrict-all-but-self-IPI.patch + 61b88e78-x86-CPUID-TSXLDTRK-definition.patch + 61bc429f-revert-hvmloader-PA-range-should-be-UC.patch + 61d5687a-x86-spec-ctrl-opt_srb_lock-default.patch + 61d6ea2d-VT-d-split-domid-map-cleanup-check-into-a-function.patch + 61d6ea7b-VT-d-dont-leak-domid-mapping-on-error-path.patch + 61e0296a-x86-time-calibration-relative-counts.patch + 61e029c8-x86-time-TSC-freq-calibration-accuracy.patch + 61e02a1c-libxl-PCI-PV-hotplug-stubdom-coldplug.patch + 61e98e88-x86-introduce-get-set-reg-infra.patch + 61e98e89-x86-MSR-split-SPEC_CTRL-handling.patch + 61e98e8a-x86-spec-ctrl-drop-ENTRY-EXIT-HVM.patch + 61e98e8b-VT-x-SPEC_CTRL-NMI-race-condition.patch + 61eaaa23-x86-get-set-reg-infra-build.patch + 61efec1d-Arm-P2M-always-clear-entry-on-mapping-removal.patch + 61efec4d-gnttab-only-decrement-refcounter-on-final-unmap.patch + 61efec96-IOMMU-x86-stop-pirq-iteration-immediately-on-error.patch + 61f2d886-x86-CPUID-disentangle-new-leaves-logic.patch + 61f2d887-x86-CPUID-leaf-7-1-EBX-infra.patch + 61f2dd76-x86-SPEC_CTRL-migration-compatibility.patch + 61f7b2af-libxl-dont-touch-nr_vcpus_out-if-listing.patch + 61f933a4-x86-cpuid-advertise-SSB_NO.patch + 61f933a5-x86-drop-use_spec_ctrl-boolean.patch + 61f933a6-x86-new-has_spec_ctrl-boolean.patch + 61f933a7-x86-dont-use-spec_ctrl-enter-exit-for-S3.patch + 61f933a8-x86-SPEC_CTRL-record-last-write.patch + 61f933a9-x86-SPEC_CTRL-use-common-logic-for-AMD.patch + 61f933aa-SVM-SPEC_CTRL-entry-exit-logic.patch + 61f933ab-x86-AMD-SPEC_CTRL-infra.patch + 61f933ac-SVM-enable-MSR_SPEC_CTRL-for-guests.patch + 61f946a2-VMX-drop-SPEC_CTRL-load-on-VMEntry.patch + 6202afa3-x86-clean-up-MSR_MCU_OPT_CTRL-handling.patch + 6202afa4-x86-TSX-move-has_rtm_always_abort.patch + 6202afa5-x86-TSX-cope-with-deprecation-on-WHL-R-CFL-R.patch + 6202afa7-x86-CPUID-leaf-7-2-EDX-infra.patch + 6202afa8-x86-Intel-PSFD-for-guests.patch + 62278667-Arm-introduce-new-processors.patch + 62278668-Arm-move-errata-CSV2-check-earlier.patch + 62278669-Arm-add-ECBHB-and-CLEARBHB-ID-fields.patch + 6227866a-Arm-Spectre-BHB-handling.patch + 6227866b-Arm-allow-SMCCC_ARCH_WORKAROUND_3-use.patch + 6227866c-x86-AMD-cease-using-thunk-lfence.patch + 6229ba46-VT-d-drop-undue-address-of-from-check_cleanup_domid_map.patch + 624ebcef-VT-d-dont-needlessly-look-up-DID.patch + 624ebd3b-VT-d-avoid-NULL-deref-on-dcmo-error-paths.patch + 624ebd74-VT-d-avoid-infinite-recursion-on-dcmo-error-path.patch + xsa397.patch + xsa399.patch + xsa400-01.patch + xsa400-02.patch + xsa400-03.patch + xsa400-04.patch + xsa400-05.patch + xsa400-06.patch + xsa400-07.patch + xsa400-08.patch + xsa400-09.patch + xsa400-10.patch + xsa400-11.patch + xsa400-12.patch + +------------------------------------------------------------------- +Fri Apr 8 12:00:00 CEST 2022 - jbeulich@suse.com + +- bsc#1197426 - VUL-0: CVE-2022-26358,CVE-2022-26359, + CVE-2022-26360,CVE-2022-26361: xen: IOMMU: RMRR (VT-d) and unity + map (AMD-Vi) handling issues (XSA-400) + 624ebcef-VT-d-dont-needlessly-look-up-DID.patch + 624ebd3b-VT-d-avoid-NULL-deref-on-dcmo-error-paths.patch + 624ebd74-VT-d-avoid-infinite-recursion-on-dcmo-error-path.patch + +------------------------------------------------------------------- +Mon Apr 4 09:58:24 MDT 2022 - carnold@suse.com + +- bsc#1197423 - VUL-0: CVE-2022-26356: xen: Racy interactions + between dirty vram tracking and paging log dirty hypercalls + (XSA-397) + xsa397.patch +- bsc#1197425 - VUL-0: CVE-2022-26357: xen: race in VT-d domain ID + cleanup (XSA-399) + xsa399.patch +- bsc#1197426 - VUL-0: CVE-2022-26358,CVE-2022-26359, + CVE-2022-26360,CVE-2022-26361: xen: IOMMU: RMRR (VT-d) and unity + map (AMD-Vi) handling issues (XSA-400) + xsa400-01.patch + xsa400-02.patch + xsa400-03.patch + xsa400-04.patch + xsa400-05.patch + xsa400-06.patch + xsa400-07.patch + xsa400-08.patch + xsa400-09.patch + xsa400-10.patch + xsa400-11.patch + xsa400-12.patch +- Additional upstream bug fixes for XSA-400 (bsc#1027519) + 61d6ea2d-VT-d-split-domid-map-cleanup-check-into-a-function.patch + 61d6ea7b-VT-d-dont-leak-domid-mapping-on-error-path.patch + 6229ba46-VT-d-drop-undue-address-of-from-check_cleanup_domid_map.patch + +------------------------------------------------------------------- +Mon Mar 14 10:14:00 CET 2022 - jbeulich@suse.com + +- bsc#1196915 - VUL-0: CVE-2022-0001, CVE-2022-0002,CVE-2021-26401: + xen: BHB speculation issues (XSA-398) + 62278667-Arm-introduce-new-processors.patch + 62278668-Arm-move-errata-CSV2-check-earlier.patch + 62278669-Arm-add-ECBHB-and-CLEARBHB-ID-fields.patch + 6227866a-Arm-Spectre-BHB-handling.patch + 6227866b-Arm-allow-SMCCC_ARCH_WORKAROUND_3-use.patch + 6227866c-x86-AMD-cease-using-thunk-lfence.patch + +------------------------------------------------------------------- +Thu Mar 3 14:42:07 MST 2022 - carnold@suse.com + +- bsc#1196545 - GCC 12: xen package fails + gcc12-fixes.patch + +------------------------------------------------------------------- +Mon Feb 14 11:40:00 CET 2022 - jbeulich@suse.com + +- Upstream bug fixes (bsc#1027519) + 61e0296a-x86-time-calibration-relative-counts.patch + 61e029c8-x86-time-TSC-freq-calibration-accuracy.patch + 61e02a1c-libxl-PCI-PV-hotplug-stubdom-coldplug.patch + 61e98e88-x86-introduce-get-set-reg-infra.patch + 61e98e89-x86-MSR-split-SPEC_CTRL-handling.patch + 61e98e8a-x86-spec-ctrl-drop-ENTRY-EXIT-HVM.patch + 61e98e8b-VT-x-SPEC_CTRL-NMI-race-condition.patch + 61eaaa23-x86-get-set-reg-infra-build.patch + 61efec1d-Arm-P2M-always-clear-entry-on-mapping-removal.patch + 61efec4d-gnttab-only-decrement-refcounter-on-final-unmap.patch + 61efec96-IOMMU-x86-stop-pirq-iteration-immediately-on-error.patch + 61f2d886-x86-CPUID-disentangle-new-leaves-logic.patch + 61f2d887-x86-CPUID-leaf-7-1-EBX-infra.patch + 61f2dd76-x86-SPEC_CTRL-migration-compatibility.patch + 61f7b2af-libxl-dont-touch-nr_vcpus_out-if-listing.patch + 61f933a4-x86-cpuid-advertise-SSB_NO.patch + 61f933a5-x86-drop-use_spec_ctrl-boolean.patch + 61f933a6-x86-new-has_spec_ctrl-boolean.patch + 61f933a7-x86-dont-use-spec_ctrl-enter-exit-for-S3.patch + 61f933a8-x86-SPEC_CTRL-record-last-write.patch + 61f933a9-x86-SPEC_CTRL-use-common-logic-for-AMD.patch + 61f933aa-SVM-SPEC_CTRL-entry-exit-logic.patch + 61f933ab-x86-AMD-SPEC_CTRL-infra.patch + 61f933ac-SVM-enable-MSR_SPEC_CTRL-for-guests.patch + 61f946a2-VMX-drop-SPEC_CTRL-load-on-VMEntry.patch + 6202afa3-x86-clean-up-MSR_MCU_OPT_CTRL-handling.patch + 6202afa4-x86-TSX-move-has_rtm_always_abort.patch + 6202afa5-x86-TSX-cope-with-deprecation-on-WHL-R-CFL-R.patch + 6202afa7-x86-CPUID-leaf-7-2-EDX-infra.patch + 6202afa8-x86-Intel-PSFD-for-guests.patch +- Drop patches replaced by the above: + xsa393.patch + xsa394.patch + xsa395.patch + libxl-Fix-PV-hotplug-and-stubdom-coldplug.patch + libxl-dont-try-to-free-a-NULL-list-of-vcpus.patch + libxl-dont-touch-nr_vcpus_out-if-listing-vcpus-and-returning-NULL.patch + +------------------------------------------------------------------- +Thu Jan 13 10:55:58 MST 2022 - carnold@suse.com + +- bsc#1194576 - VUL-0: CVE-2022-23033: xen: arm: + guest_physmap_remove_page not removing the p2m mappings (XSA-393) + xsa393.patch +- bsc#1194581 - VUL-0: CVE-2022-23034: xen: a PV guest could DoS + Xen while unmapping a grant (XSA-394) + xsa394.patch +- bsc#1194588 - VUL-0: CVE-2022-23035: xen: insufficient cleanup of + passed-through device IRQs (XSA-395) + xsa395.patch + +------------------------------------------------------------------- +Wed Jan 12 14:16:53 MST 2022 - carnold@suse.com + +- bsc#1191668 - L3: issue around xl and virsh operation - virsh + list not giving any output + libxl-dont-try-to-free-a-NULL-list-of-vcpus.patch + libxl-dont-touch-nr_vcpus_out-if-listing-vcpus-and-returning-NULL.patch + +------------------------------------------------------------------- +Tue Jan 11 10:47:10 MST 2022 - carnold@suse.com + +- bsc#1193307 - pci backend does not exist when attach a vf to a pv + guest + libxl-Fix-PV-hotplug-and-stubdom-coldplug.patch + Drop libxl-PCI-defer-backend-wait.patch + +------------------------------------------------------------------- +Thu Jan 6 16:05:00 CET 2022 - jbeulich@suse.com + +- bsc#1193447 - Slow execution of hvmloader+ovmf when VM contains + an sriov device + 61bc429f-revert-hvmloader-PA-range-should-be-UC.patch +- Upstream bug fixes (bsc#1027519) + 61b31d5c-x86-restrict-all-but-self-IPI.patch + 61b88e78-x86-CPUID-TSXLDTRK-definition.patch + 61d5687a-x86-spec-ctrl-opt_srb_lock-default.patch + +------------------------------------------------------------------- +Tue Jan 4 15:51:15 UTC 2022 - James Fehlig + +- Collect active VM config files in the supportconfig plugin + xen-supportconfig + +------------------------------------------------------------------- +Mon Jan 3 13:28:03 MST 2022 - carnold@suse.com + +- Now that the ovmf package has been updated, reset the configure + script to use ovmf-x86_64-xen-4m.bin from ovmf-x86_64-ms.bin + References bsc#1194105, bsc#1193274 + xen.spec + +------------------------------------------------------------------- +Thu Dec 9 09:36:20 MST 2021 - carnold@suse.com + +- bsc#1193307 - pci backend does not exist when attach a vf to a pv + guest + libxl-PCI-defer-backend-wait.patch + +------------------------------------------------------------------- +Wed Dec 1 09:45:10 MST 2021 - carnold@suse.com + +- Update to Xen 4.16.0 FCS release + xen-4.16.0-testing-src.tar.bz2 + * Miscellaneous fixes to the TPM manager software in preparation + for TPM 2.0 support. + * Increased reliance on the PV shim as 32-bit PV guests will only + be supported in shim mode going forward. This change reduces + the attack surface in the hypervisor. + * Increased hardware support by allowing Xen to boot on Intel + devices that lack a Programmable Interval Timer. + * Cleanup of legacy components by no longer building QEMU + Traditional or PV-Grub by default. Note both projects have + upstream Xen support merged now, so it is no longer recommended + to use the Xen specific forks. + * Initial support for guest virtualized Performance Monitor + Counters on Arm. + * Improved support for dom0less mode by allowing the usage on + Arm 64bit hardware with EFI firmware. + * Improved support for Arm 64-bit heterogeneous systems by + leveling the CPU features across all to improve big.LITTLE + support. +- bsc#1193274 - [Build67.2][Xen][uefi] xen fullvirt uefi guest can + not be created with default 'type=plash' in virt-manager + xen.spec + +------------------------------------------------------------------- +Thu Nov 18 08:10:26 MST 2021 - carnold@suse.com + +- Update to Xen 4.16.0 RC4 release (jsc#SLE-18467) + xen-4.16.0-testing-src.tar.bz2 + * Xen can now export Intel Processor Trace (IPT) data from guests to tools in dom0. + * Xen now supports Viridian enlightenments for guests with more than 64 vcpus. + * Xenstored and oxenstored both now support LiveUpdate (tech preview). + * Unified boot images + * Switched x86 MSR accesses to deny by default policy. + * Named PCI devices for xl/libxl and improved documentation for xl PCI configuration format. + * Support for zstd-compressed dom0 (x86) and domU kernels. + * Reduce ACPI verbosity by default. + * Add ucode=allow-same option to test late microcode loading path. + * Library improvements from NetBSD ports upstreamed. + * x86: Allow domains to use AVX-VNNI instructions. + * Added XEN_SCRIPT_DIR configuration option to specify location for Xen scripts. + * xennet: Documented a way for the backend (or toolstack) to specify MTU to the frontend. + * On detecting a host crash, some debug key handlers can automatically triggered to aid in debugging. + * Increase the maximum number of guests which can share a single IRQ from 7 to 16, and make this configurable with irq-max-guests. +- Drop iPXE sources and patches. iPXE is only used by QEMU + traditional which has never shipped with SLE15. + ipxe.tar.bz2 + ipxe-enable-nics.patch + ipxe-no-error-logical-not-parentheses.patch + ipxe-use-rpm-opt-flags.patch +- Drop building ocaml xenstored in the spec file. There are no + plans or need to support this version. +- Drop patches contained in new tarball or no longer required + 5fca3b32-tools-libs-ctrl-fix-dumping-of-ballooned-guest.patch + 5ffc58c4-ACPI-reduce-verbosity-by-default.patch + 602ffae9-tools-libs-light-fix-xl-save--c-handling.patch + 608676f2-VT-d-register-based-invalidation-optional.patch + 60a27288-x86emul-gas-2-36-test-harness-build.patch + 60af933d-x86-gcc11-hypervisor-build.patch + 60afe616-x86-CPUID-rework-HLE-and-RTM-handling.patch + 60afe617-x86-TSX-minor-cleanup-and-improvements.patch + 60afe618-x86-TSX-deprecate-vpmu=rtm-abort.patch + 60ba695e-tools-libs-ctrl-fix-xc_core_arch_map_p2m-to-support.patch + 60be0e24-credit2-pick-runnable-unit.patch + 60be0e42-credit2-per-entity-load-tracking-when-continuing.patch + 60be3097-x86-CPUID-fix-HLE-and-RTM-handling-again.patch + 60bf9e19-Arm-create-dom0less-domUs-earlier.patch + 60bf9e1a-Arm-boot-modules-scrubbing.patch + 60bf9e1b-VT-d-size-qinval-queue-dynamically.patch + 60bf9e1c-AMD-IOMMU-size-command-buffer-dynamically.patch + 60bf9e1d-VT-d-eliminate-flush-related-timeouts.patch + 60bf9e1e-x86-spec-ctrl-protect-against-SCSB.patch + 60bf9e1f-x86-spec-ctrl-mitigate-TAA-after-S3.patch + 60bfa904-AMD-IOMMU-wait-for-command-slot.patch + 60bfa906-AMD-IOMMU-drop-command-completion-timeout.patch + 60c0bf86-x86-TSX-cope-with-deprecation.patch + 60c8a7ac-x86-vpt-fully-init-timers-before-enlisting.patch + 60c8de6e-osdep_xenforeignmemory_map-prototype.patch + 60d49689-VT-d-undo-device-mappings-upon-error.patch + 60d496b9-VT-d-adjust-domid-map-updating-on-unmap.patch + 60d496d6-VT-d-clear_fault_bits-should-clear-all.patch + 60d496ee-VT-d-dont-lose-errors-on-multi-IOMMU-flush.patch + 60d5c6df-IOMMU-PCI-dont-let-domain-cleanup-continue.patch + 61001231-x86-work-around-GNU-ld-2-37-issue.patch + 61122ac6-credit2-avoid-spuriously-picking-idle.patch + 611a7e38-x86-CET-shstk-WARN-manipulation.patch + 611cba4e-VT-d-Tylersburg-errata-more-steppings.patch + 611f844b-AMD-IOMMU-dont-leave-pt-mapped.patch + 6126339d-AMD-IOMMU-global-ER-extending.patch + 6126344f-AMD-IOMMU-unity-map-handling.patch + 61263464-IOMMU-pass-access-to-p2m_get_iommu_flags.patch + 6126347d-IOMMU-generalize-VT-d-mapped-RMRR-tracking.patch + 6126349a-AMD-IOMMU-rearrange-reassignment.patch + 612634ae-AMD-IOMMU-rearrange-ER-UM-recording.patch + 612634c3-x86-p2m-introduce-p2m_is_special.patch + 612634dc-x86-p2m-guard-identity-mappings.patch + 612634f4-x86-mm-widen-locked-region-in-xatp1.patch + 6126350a-gnttab-release-mappings-preemption.patch + 6126351f-gnttab-replace-mapkind.patch + 6126353d-gnttab-get-status-frames-array-capacity.patch + 61263553-Arm-restrict-maxmem-for-dom0less.patch + 6128a856-gnttab-radix-tree-node-init.patch + init.xen_loop + libxc-bitmap-50a5215f30e964a6f16165ab57925ca39f31a849.patch + libxc-bitmap-longs.patch + libxc.migrate_tracking.patch + libxc-sr-3cccdae45242dab27198b8e150be0c85acd5d3c9.patch + libxc-sr-add-xc_is_known_page_type.patch + libxc-sr-arrays.patch + libxc-sr-batch_pfns.patch + libxc-sr-page_type_has_stream_data.patch + libxc.sr.superpage.patch + libxc-sr-use-xc_is_known_page_type.patch + libxl-0c0b3a7e4a2d65fd252b89b46bdcdb048bb24b6c.patch + libxl-0ff26a3225d69ffec76fe5aca8296852fa951204.patch + libxl-4e217db45e83fc3173382306c8b03da86099a25d.patch + libxl-7c313e8365eb663311a0cf39f77b4f5880244765.patch + libxl-85760c03d664400368a3f76ae0225307c25049a7.patch + libxl-d5f54009dba11d04bfe2a28eee47b994de66b84a.patch + libxl-f3f778c81769075ac0eb93b98d4b2803e7936453.patch + libxl-fe6630ddc4e8a8fbf8dd28a1bc58e3881393f9c1.patch + libxl.fix-libacpi-dependency.patch + libxl-qemu6-scsi.patch + libxl-qemu6-vnc-password.patch + libxl.set-migration-constraints-from-cmdline.patch + reproducible.patch + stubdom-have-iovec.patch + x86-cpufreq-report.patch + xenstore-launch.patch + xenwatchdogd-options.patch + xsa384.patch + +------------------------------------------------------------------- +Tue Sep 7 08:16:38 MDT 2021 - carnold@suse.com + +- bsc#1189632 - VUL-0: CVE-2021-28701: xen: Another race in + XENMAPSPACE_grant_table handling (XSA-384) + xsa384.patch +- Upstream bug fixes (bsc#1027519) + 61001231-x86-work-around-GNU-ld-2-37-issue.patch + 611a7e38-x86-CET-shstk-WARN-manipulation.patch + 611cba4e-VT-d-Tylersburg-errata-more-steppings.patch + 611f844b-AMD-IOMMU-dont-leave-pt-mapped.patch + 6128a856-gnttab-radix-tree-node-init.patch + 61122ac6-credit2-avoid-spuriously-picking-idle.patch (Replaces + credit2-avoid-picking-a-spurious-idle-unit-when-caps-are-used.patch) + 6126339d-AMD-IOMMU-global-ER-extending.patch (Replaces xsa378-1.patch) + 6126344f-AMD-IOMMU-unity-map-handling.patch (Replaces xsa378-2.patch) + 61263464-IOMMU-pass-access-to-p2m_get_iommu_flags.patch (Replaces xsa378-3.patch) + 6126347d-IOMMU-generalize-VT-d-mapped-RMRR-tracking.patch (Replaces xsa378-4.patch) + 6126349a-AMD-IOMMU-rearrange-reassignment.patch (Replaces xsa378-5.patch) + 612634ae-AMD-IOMMU-rearrange-ER-UM-recording.patch (Replaces xsa378-6.patch) + 612634c3-x86-p2m-introduce-p2m_is_special.patch (Replaces xsa378-7.patch) + 612634dc-x86-p2m-guard-identity-mappings.patch (Replaces xsa378-8.patch) + 612634f4-x86-mm-widen-locked-region-in-xatp1.patch (Replaces xsa379.patch) + 6126350a-gnttab-release-mappings-preemption.patch (Replaces xsa380-1.patch + 6126351f-gnttab-replace-mapkind.patch (Replaces xsa380-2.patch) + 6126353d-gnttab-get-status-frames-array-capacity.patch (Replaces xsa382.patch) + 61263553-Arm-restrict-maxmem-for-dom0less.patch (Replaces xsa383.patch) + +------------------------------------------------------------------- +Mon Aug 30 15:15:15 UTC 2021 - ohering@suse.de + +- bsc#1189882 - refresh libxc.sr.superpage.patch + prevent superpage allocation in the LAPIC and ACPI_INFO range + +------------------------------------------------------------------- +Thu Aug 19 13:18:25 MDT 2021 - carnold@suse.com + +- bsc#1189373 - VUL-0: CVE-2021-28694,CVE-2021-28695, + CVE-2021-28696: xen: IOMMU page mapping issues on x86 (XSA-378) + xsa378-1.patch + xsa378-2.patch + xsa378-3.patch + xsa378-4.patch + xsa378-5.patch + xsa378-6.patch + xsa378-7.patch + xsa378-8.patch +- bsc#1189376 - VUL-0: CVE-2021-28697: xen: grant table v2 status + pages may remain accessible after de-allocation. (XSA-379) + xsa379.patch +- bsc#1189378 - VUL-0: CVE-2021-28698: xen: long running loops in + grant table handling. (XSA-380) + xsa380-1.patch + xsa380-2.patch +- bsc#1189380 - VUL-0: CVE-2021-28699: xen: inadequate grant-v2 + status frames array bounds check. (XSA-382) + xsa382.patch +- bsc#1189381 - VUL-0: CVE-2021-28700: xen: xen/arm: No memory + limit for dom0less domUs. (XSA-383) + xsa383.patch + +------------------------------------------------------------------- +Fri Aug 6 13:08:30 MDT 2021 - carnold@suse.com + +- bsc#1188050 - L3: Xen guest yval1a80 SLES11SP4 hangs on cluster + See also bsc#1179246. + credit2-avoid-picking-a-spurious-idle-unit-when-caps-are-used.patch + +------------------------------------------------------------------- +Wed Aug 4 05:55:41 MDT 2021 - carnold@suse.com + +- Drop aarch64-maybe-uninitialized.patch as the fix is in tarball. + +------------------------------------------------------------------- +Fri Jul 23 11:11:11 UTC 2021 - ohering@suse.de + +- refresh the migration patches to state v20210713 + removed libxc-sr-add-xc_is_known_page_type.patch + removed libxc-sr-arrays.patch + removed libxc-sr-batch_pfns.patch + removed libxc-sr-page_type_has_stream_data.patch + removed libxc-sr-use-xc_is_known_page_type.patch + removed libxc.migrate_tracking.patch + removed libxc.sr.superpage.patch + removed libxl.set-migration-constraints-from-cmdline.patch + added libxc-sr-383b41974d5543b62f3181d216070fe3691fb130.patch + added libxc-sr-5588ebcfca774477cf823949e5703b0ac48818cc.patch + added libxc-sr-9e59d9f8ee3808acde9833192211da25f66d8cc2.patch + added libxc-sr-LIBXL_HAVE_DOMAIN_SUSPEND_PROPS.patch + added libxc-sr-abort_if_busy.patch + added libxc-sr-f17a73b3c0264c62dd6b5dae01ed621c051c3038.patch + added libxc-sr-max_iters.patch + added libxc-sr-min_remaining.patch + added libxc-sr-number-of-iterations.patch + added libxc-sr-precopy_policy.patch + added libxc-sr-restore-hvm-legacy-superpage.patch + added libxc-sr-track-migration-time.patch + added libxc-sr-xg_sr_bitmap-populated_pfns.patch + added libxc-sr-xg_sr_bitmap.patch + added libxc-sr-xl-migration-debug.patch + +------------------------------------------------------------------- +Wed Jul 21 08:08:08 UTC 2021 - ohering@suse.de + +- bsc#1176189 - xl monitoring process exits during xl save -p|-c + keep the monitoring process running to cleanup the domU during shutdown + xl-save-pc.patch + +------------------------------------------------------------------- +Tue Jul 13 12:45:00 CEST 2021 - jbeulich@suse.com + +- bsc#1179246 - Dom0 hangs when pinning CPUs for dom0 with HVM guest + 60be0e24-credit2-pick-runnable-unit.patch + 60be0e42-credit2-per-entity-load-tracking-when-continuing.patch +- Upstream bug fixes (bsc#1027519) + 60bf9e19-Arm-create-dom0less-domUs-earlier.patch (Replaces xsa372-1.patch) + 60bf9e1a-Arm-boot-modules-scrubbing.patch (Replaces xsa372-2.patch) + 60bf9e1b-VT-d-size-qinval-queue-dynamically.patch (Replaces xsa373-1.patch) + 60bf9e1c-AMD-IOMMU-size-command-buffer-dynamically.patch (Replaces xsa373-2.patch) + 60bf9e1d-VT-d-eliminate-flush-related-timeouts.patch (Replaces xsa373-2.patch) + 60bf9e1e-x86-spec-ctrl-protect-against-SCSB.patch (Replaces xsa375.patch) + 60bf9e1f-x86-spec-ctrl-mitigate-TAA-after-S3.patch (Replaces xsa377.patch) + 60bfa904-AMD-IOMMU-wait-for-command-slot.patch (Replaces xsa373-4.patch) + 60bfa906-AMD-IOMMU-drop-command-completion-timeout.patch (Replaces xsa373-5.patch) + 60afe617-x86-TSX-minor-cleanup-and-improvements.patch + 60afe618-x86-TSX-deprecate-vpmu=rtm-abort.patch + 60be3097-x86-CPUID-fix-HLE-and-RTM-handling-again.patch + 60c0bf86-x86-TSX-cope-with-deprecation.patch + 60c8a7ac-x86-vpt-fully-init-timers-before-enlisting.patch + 60c8de6e-osdep_xenforeignmemory_map-prototype.patch + 60d49689-VT-d-undo-device-mappings-upon-error.patch + 60d496b9-VT-d-adjust-domid-map-updating-on-unmap.patch + 60d496d6-VT-d-clear_fault_bits-should-clear-all.patch + 60d496ee-VT-d-dont-lose-errors-on-multi-IOMMU-flush.patch + 60d5c6df-IOMMU-PCI-dont-let-domain-cleanup-continue.patch +- Dropped gcc11-fixes.patch + +------------------------------------------------------------------- +Tue Jul 6 08:03:26 MDT 2021 - carnold@suse.com + +- bsc#1183243 - L3: Core cannot be opened when using xl dump-core + of VM with PTF + 60ba695e-tools-libs-ctrl-fix-xc_core_arch_map_p2m-to-support.patch + +------------------------------------------------------------------- +Tue Jun 29 10:10:10 UTC 2021 - ohering@suse.de + +- bsc#1180350 - some long deprecated commands were finally removed + in qemu6. Adjust libxl to use supported commands. + libxl-d5f54009dba11d04bfe2a28eee47b994de66b84a.patch + libxl-f3f778c81769075ac0eb93b98d4b2803e7936453.patch + libxl-4e217db45e83fc3173382306c8b03da86099a25d.patch + libxl-85760c03d664400368a3f76ae0225307c25049a7.patch + libxl-0ff26a3225d69ffec76fe5aca8296852fa951204.patch + libxl-7c313e8365eb663311a0cf39f77b4f5880244765.patch + libxl-0c0b3a7e4a2d65fd252b89b46bdcdb048bb24b6c.patch + libxl-fe6630ddc4e8a8fbf8dd28a1bc58e3881393f9c1.patch + libxl-qemu6-vnc-password.patch + libxl-qemu6-scsi.patch + +------------------------------------------------------------------- +Tue Jun 22 09:09:09 UTC 2021 - ohering@suse.de + +- Update logrotate.conf, move global options into per-file sections + to prevent globbering of global state (bsc#1187406) + +------------------------------------------------------------------- +Mon Jun 7 15:15:15 UTC 2021 - ohering@suse.de + +- Fix shell macro expansion in xen.spec, so that ExecStart= + in xendomains-wait-disks.service is created correctly (bsc#1183877) + +------------------------------------------------------------------- +Tue Jun 1 12:40:00 CEST 2021 - jbeulich@suse.com + +- bsc#1186428 - VUL-0: CVE-2021-28693: xen: xen/arm: Boot modules + are not scrubbed (XSA-372) + xsa372-1.patch + xsa372-2.patch +- bsc#1186429 - VUL-0: CVE-2021-28692: xen: inappropriate x86 IOMMU + timeout detection / handling (XSA-373) + xsa373-1.patch + xsa373-2.patch + xsa373-3.patch + xsa373-4.patch + xsa373-5.patch +- bsc#1186433 - VUL-0: CVE-2021-0089: xen: Speculative Code Store + Bypass (XSA-375) + xsa375.patch +- bsc#1186434 - VUL-0: CVE-2021-28690: xen: x86: TSX Async Abort + protections not restored after S3 (XSA-377) + xsa377.patch +- Upstream bug fixes (bsc#1027519) + 60a27288-x86emul-gas-2-36-test-harness-build.patch + 60af933d-x86-gcc11-hypervisor-build.patch + 60afe616-x86-CPUID-rework-HLE-and-RTM-handling.patch + +------------------------------------------------------------------- +Thu May 6 10:02:57 MDT 2021 - carnold@suse.com + +- Upstream bug fix (bsc#1027519) + 608676f2-VT-d-register-based-invalidation-optional.patch + +------------------------------------------------------------------- +Wed May 5 06:06:06 UTC 2021 - ohering@suse.de + +- Add xen.sysconfig-fillup.patch to make sure xencommons is in a + format as expected by fillup. (bsc#1185682) + Each comment needs to be followed by an enabled key. Otherwise + fillup will remove manually enabled key=value pairs, along with + everything that looks like a stale comment, during next pkg update + +------------------------------------------------------------------- +Wed May 5 05:05:05 UTC 2021 - ohering@suse.de + +- Refresh xenstore-launch.patch to cover also daemon case + +------------------------------------------------------------------- +Thu Apr 29 06:13:07 MDT 2021 - carnold@suse.com + +- Update to Xen 4.14.2 bug fix release (bsc#1027519) + xen-4.14.2-testing-src.tar.bz2 +- Drop patches contained in new tarball + 5fedf9f4-x86-hpet_setup-fix-retval.patch + 5ff458f2-x86-vPCI-tolerate-disabled-MSI-X-entry.patch + 5ff71655-x86-dpci-EOI-regardless-of-masking.patch + 5ffc58e8-x86-ACPI-dont-overwrite-FADT.patch + 600999ad-x86-dpci-do-not-remove-pirqs-from.patch + 600ab341-x86-vioapic-EOI-check-IRR-before-inject.patch + 6011bbc7-x86-timer-fix-boot-without-PIT.patch + 6013e4bd-memory-bail-from-page-scrub-when-CPU-offline.patch + 6013e546-x86-HVM-reorder-domain-init-error-path.patch + 601d4396-x86-EFI-suppress-ld-2-36-debug-info.patch + 602bd768-page_alloc-only-flush-after-scrubbing.patch + 602cfe3d-IOMMU-check-if-initialized-before-teardown.patch + 602e5a8c-gnttab-never-permit-mapping-transitive-grants.patch + 602e5abb-gnttab-bypass-IOMMU-when-mapping-own-grant.patch + 6037b02e-x86-EFI-suppress-ld-2-36-base-relocs.patch + 60410127-gcc11-adjust-rijndaelEncrypt.patch + 60422428-x86-shadow-avoid-fast-fault-path.patch + 604b9070-VT-d-disable-QI-IR-before-init.patch + 60535c11-libxl-domain-soft-reset.patch + 60700077-x86-vpt-avoid-pt_migrate-rwlock.patch + 60787714-x86-HPET-factor-legacy-replacement-mode-enabling.patch + 60787714-x86-HPET-avoid-legacy-replacement-mode.patch + +------------------------------------------------------------------- +Mon Apr 19 12:03:30 MDT 2021 - carnold@suse.com + +- bsc#1180491 - "Panic on CPU 0: IO-APIC + timer doesn't work!" + 60787714-x86-HPET-avoid-legacy-replacement-mode.patch + 60787714-x86-HPET-factor-legacy-replacement-mode-enabling.patch +- Upstream bug fixes (bsc#1027519) + 60410127-gcc11-adjust-rijndaelEncrypt.patch + 60422428-x86-shadow-avoid-fast-fault-path.patch + 604b9070-VT-d-disable-QI-IR-before-init.patch + 60535c11-libxl-domain-soft-reset.patch (Replaces xsa368.patch) + 60700077-x86-vpt-avoid-pt_migrate-rwlock.patch + +------------------------------------------------------------------- +Thu Mar 25 10:10:10 UTC 2021 - ohering@suse.de + +- bsc#1137251 - Restore changes for xen-dom0-modules.service which + were silently removed on 2019-10-17 + +------------------------------------------------------------------- +Fri Mar 12 19:19:19 UTC 2021 - ohering@suse.de + +- bsc#1177112 - Fix libxc.sr.superpage.patch + The receiving side did detect holes in a to-be-allocated superpage, + but allocated a superpage anyway. This resulted to over-allocation. + +------------------------------------------------------------------- +Mon Mar 8 16:16:16 UTC 2021 - ohering@suse.de + +- bsc#1167608 - adjust limit for max_event_channels + A previous change allowed an unbound number of event channels + to make sure even large domUs can start of of the box. + This may have a bad side effect in the light of XSA-344. + Adjust the built-in limit based on the number of vcpus. + In case this is not enough, max_event_channels=/maxEventChannels= + has to be used to set the limit as needed for large domUs + adjust libxl.max_event_channels.patch + +------------------------------------------------------------------- +Fri Mar 5 08:49:56 MST 2021 - carnold@suse.com + +- bsc#1183072 - VUL-0: CVE-2021-28687: xen: HVM soft-reset crashes + toolstack (XSA-368). Also resolves, + bsc#1179148 - kdump of HVM fails, soft-reset not handled by libxl + bsc#1181989 - openQA job causes libvirtd to dump core when + running kdump inside domain + xsa368.patch + +------------------------------------------------------------------- +Tue Feb 26 14:00:00 CET 2021 - jbeulich@suse.com + +- bsc#1177204 - L3-Question: conring size for XEN HV's with huge + memory to small. Inital Xen logs cut + 5ffc58c4-ACPI-reduce-verbosity-by-default.patch +- Upstream bug fixes (bsc#1027519) + 601d4396-x86-EFI-suppress-ld-2-36-debug-info.patch + 602bd768-page_alloc-only-flush-after-scrubbing.patch + 602cfe3d-IOMMU-check-if-initialized-before-teardown.patch + 602e5a8c-gnttab-never-permit-mapping-transitive-grants.patch + 602e5abb-gnttab-bypass-IOMMU-when-mapping-own-grant.patch + 6037b02e-x86-EFI-suppress-ld-2-36-base-relocs.patch +- bsc#1181921 - GCC 11: xen package fails + gcc11-fixes.patch + +------------------------------------------------------------------- +Tue Feb 23 10:00:26 MST 2021 - carnold@suse.com + +- bsc#1182576 - L3: XEN domU crashed on resume when using the xl + unpause command + 602ffae9-tools-libs-light-fix-xl-save--c-handling.patch + +------------------------------------------------------------------- +Thu Feb 18 11:42:54 MST 2021 - carnold@suse.com + +- Start using the %autosetup macro to simplify patch management + xen.spec + +------------------------------------------------------------------- +Wed Feb 10 12:52:00 MST 2021 - carnold@suse.com + +- bsc#1181921 - GCC 11: xen package fails + gcc11-fixes.patch +- Drop gcc10-fixes.patch + +------------------------------------------------------------------- +Tue Feb 2 05:37:27 MST 2021 - carnold@suse.com + +- Upstream bug fixes (bsc#1027519) + 5fedf9f4-x86-hpet_setup-fix-retval.patch + 5ff458f2-x86-vPCI-tolerate-disabled-MSI-X-entry.patch + 5ff71655-x86-dpci-EOI-regardless-of-masking.patch + 5ffc58e8-x86-ACPI-dont-overwrite-FADT.patch + 600999ad-x86-dpci-do-not-remove-pirqs-from.patch (Replaces xsa360.patch) + 600ab341-x86-vioapic-EOI-check-IRR-before-inject.patch + 6013e4bd-memory-bail-from-page-scrub-when-CPU-offline.patch + 6013e546-x86-HVM-reorder-domain-init-error-path.patch +- bsc#1180491 - "Panic on CPU 0: IO-APIC + timer doesn't work!" + 6011bbc7-x86-timer-fix-boot-without-PIT.patch + +------------------------------------------------------------------- +Thu Jan 21 08:46:20 MST 2021 - carnold@suse.com + +- bsc#1181254 - VUL-0: xen: IRQ vector leak on x86 (XSA-360) + xsa360.patch + +------------------------------------------------------------------- +Wed Jan 13 14:27:51 MST 2021 - carnold@suse.com + +- bsc#1180794 - bogus qemu binary path used when creating fv guest + under xen + xen.spec + +------------------------------------------------------------------- +Wed Jan 13 10:36:49 MST 2021 - carnold@suse.com + +- bsc#1180690 - L3-Question: xen: no needsreboot flag set + Add Provides: installhint(reboot-needed) in xen.spec for libzypp + +------------------------------------------------------------------- +Mon Jan 4 19:19:19 UTC 2021 - ohering@suse.de + +- Update libxl.set-migration-constraints-from-cmdline.patch + Remove code which handled --max_factor. The total amount of + transferred data is no indicator to trigger the final stop+copy. + This should have been removed during upgrade to Xen 4.7. + Fix off-by-one in --max_iters, it caused one additional copy cycle. + Reduce default value of --max_iters from 5 to 2. + The workload within domU will continue to produce dirty pages. + It is unreasonable to expect any slowdown during migration. + Now there is one initial copy of all memory, one instead of four + iteration for dirty memory, and a final copy iteration prior move. + +------------------------------------------------------------------- +Thu Dec 17 10:15:31 MST 2020 - carnold@suse.com + +- Update to Xen 4.14.1 bug fix release (bsc#1027519) + xen-4.14.1-testing-src.tar.bz2 + Contains the following recent security fixes + bsc#1179516 XSA-359 - CVE-2020-29571 + bsc#1179514 XSA-358 - CVE-2020-29570 + bsc#1179513 XSA-356 - CVE-2020-29567 + bsc#1178963 XSA-355 - CVE-2020-29040 + bsc#1178591 XSA-351 - CVE-2020-28368 + bsc#1179506 XSA-348 - CVE-2020-29566 + bsc#1179502 XSA-325 - CVE-2020-29483 + bsc#1179501 XSA-324 - CVE-2020-29484 + bsc#1179498 XSA-322 - CVE-2020-29481 + bsc#1179496 XSA-115 - CVE-2020-29480 +- Dropped patches contained in new tarball + 5f1a9916-x86-S3-put-data-sregs-into-known-state.patch + 5f21b9fd-x86-cpuid-APIC-bit-clearing.patch + 5f479d9e-x86-begin-to-support-MSR_ARCH_CAPS.patch + 5f4cf06e-x86-Dom0-expose-MSR_ARCH_CAPS.patch + 5f4cf96a-x86-PV-fix-SEGBASE_GS_USER_SEL.patch + 5f560c42-x86-PV-64bit-segbase-consistency.patch + 5f560c42-x86-PV-rewrite-segment-ctxt-switch.patch + 5f5b6b7a-hypfs-fix-custom-param-writes.patch + 5f607915-x86-HVM-more-consistent-IO-completion.patch + 5f6a002d-x86-PV-handle-MSR_MISC_ENABLE-correctly.patch + 5f6a0049-memory-dont-skip-RCU-unlock-in-acquire_resource.patch + 5f6a0067-x86-vPT-fix-race-when-migrating-timers.patch + 5f6a008e-x86-MSI-drop-read_msi_msg.patch + 5f6a00aa-x86-MSI-X-restrict-reading-of-PBA-bases.patch + 5f6a00c4-evtchn-relax-port_is_valid.patch + 5f6a00df-x86-PV-avoid-double-exception-injection.patch + 5f6a00f4-evtchn-add-missing-barriers.patch + 5f6a0111-evtchn-x86-enforce-correct-upper-limit.patch + 5f6a013f-evtchn_reset-shouldnt-succeed-with.patch + 5f6a0160-evtchn-IRQ-safe-per-channel-lock.patch + 5f6a0178-evtchn-address-races-with-evtchn_reset.patch + 5f6a01a4-evtchn-preempt-in-evtchn_destroy.patch + 5f6a01c6-evtchn-preempt-in-evtchn_reset.patch + 5f6cfb5b-x86-PV-dont-GP-for-SYSENTER-with-NT-set.patch + 5f6cfb5b-x86-PV-dont-clobber-NT-on-return-to-guest.patch + 5f71a21e-x86-S3-fix-shadow-stack-resume.patch + 5f76ca65-evtchn-Flask-prealloc-for-send.patch + 5f76caaf-evtchn-FIFO-use-stable-fields.patch + 5f897c25-x86-traps-fix-read_registers-for-DF.patch + 5f897c7b-x86-smpboot-restrict-memguard_guard_stack.patch + 5f8ed5d3-x86-mm-map_pages_to_xen-single-exit-path.patch + 5f8ed5eb-x86-mm-modify_xen_mappings-one-exit-path.patch + 5f8ed603-x86-mm-prevent-races-in-mapping-updates.patch + 5f8ed635-IOMMU-suppress-iommu_dont_flush_iotlb-when.patch + 5f8ed64c-IOMMU-hold-page-ref-until-TLB-flush.patch + 5f8ed682-AMD-IOMMU-convert-amd_iommu_pte.patch + 5f8ed69c-AMD-IOMMU-update-live-PTEs-atomically.patch + 5f8ed6b0-AMD-IOMMU-suitably-order-DTE-mods.patch + xsa286-1.patch + xsa286-2.patch + xsa286-3.patch + xsa286-4.patch + xsa286-5.patch + xsa286-6.patch + xsa351-1.patch + xsa351-2.patch + xsa351-3.patch + xsa355.patch + +------------------------------------------------------------------- +Wed Dec 16 16:16:16 UTC 2020 - ohering@suse.de + +- Pass --with-rundir to configure to get rid of /var/run + +------------------------------------------------------------------- +Tue Dec 15 15:15:15 UTC 2020 - ohering@suse.de + +- bsc#1178736 - allow restart of xenwatchdogd, enable tuning of + keep-alive interval and timeout options via XENWATCHDOGD_ARGS= + add xenwatchdogd-options.patch + add xenwatchdogd-restart.patch + +------------------------------------------------------------------- +Tue Dec 15 10:10:10 UTC 2020 - ohering@suse.de + +- bsc#1177112 - Fix libxc.sr.superpage.patch + The receiving side may punch holes incorrectly into optimistically + allocated superpages. Also reduce overhead in bitmap handling. + add libxc-bitmap-50a5215f30e964a6f16165ab57925ca39f31a849.patch + add libxc-bitmap-long.patch + add libxc-bitmap-longs.patch + +------------------------------------------------------------------- +Mon Dec 14 14:22:08 MST 2020 - carnold@suse.com + +- boo#1029961 - Move files in xen-tools-domU to /usr/bin from /bin + xen-destdir.patch + Drop tmp_build.patch + +------------------------------------------------------------------- +Fri Dec 4 06:54:08 MST 2020 - carnold@suse.com + +- bsc#1176782 - L3: xl dump-core shows missing nr_pages during + core. If maxmem and current are the same the issue doesn't happen + 5fca3b32-tools-libs-ctrl-fix-dumping-of-ballooned-guest.patch + +------------------------------------------------------------------- +Fri Nov 20 15:09:49 MST 2020 - carnold@suse.com + +- bsc#1178963 - VUL-0: xen: stack corruption from XSA-346 change + (XSA-355) + xsa355.patch + +------------------------------------------------------------------- +Fri Nov 20 20:20:20 UTC 2020 - ohering@suse.de + +- Fix build error with libxl.fix-libacpi-dependency.patch + +------------------------------------------------------------------- +Fri Nov 20 19:19:19 UTC 2020 - ohering@suse.de + +- Enhance libxc.migrate_tracking.patch + Hide SUSEINFO messages from pause/unpause/resume from xl command. + They are intended for libvirt logging, but lacked info about + execution context. + Remove extra logging about dirty pages in each iteration, the + number of transferred pages + protocol overhead is already + reported elsewhere. + +------------------------------------------------------------------- +Fri Nov 20 18:18:18 UTC 2020 - ohering@suse.de + +- Remove libxl.libxl__domain_pvcontrol.patch + It is already part of 4.14.0-rc1 + +------------------------------------------------------------------- +Tue Nov 10 09:38:03 MST 2020 - carnold@suse.com + +- bsc#1178591 - VUL-0: CVE-2020-28368: xen: Intel RAPL sidechannel + attack aka PLATYPUS attack aka XSA-351 + xsa351-1.patch + xsa351-2.patch + xsa351-3.patch + +------------------------------------------------------------------- +Mon Nov 2 11:11:11 UTC 2020 - ohering@suse.de + +- bsc#1177950 - adjust help for --max_iters, default is 5 + libxl.set-migration-constraints-from-cmdline.patch + +------------------------------------------------------------------- +Fri Oct 30 11:11:11 UTC 2020 - ohering@suse.de + +- jsc#SLE-16899 - improve performance of live migration + remove allocations and memcpy from hotpaths on sending and + receiving side to get more throughput on 10Gbs+ connections + libxc-sr-3cccdae45242dab27198b8e150be0c85acd5d3c9.patch + libxc-sr-add-xc_is_known_page_type.patch + libxc-sr-arrays.patch + libxc-sr-batch_pfns.patch + libxc-sr-page_type_has_stream_data.patch + libxc-sr-readv_exact.patch + libxc-sr-restore-handle_buffered_page_data.patch + libxc-sr-restore-handle_incoming_page_data.patch + libxc-sr-restore-map_errs.patch + libxc-sr-restore-mfns.patch + libxc-sr-restore-pfns.patch + libxc-sr-restore-populate_pfns-mfns.patch + libxc-sr-restore-populate_pfns-pfns.patch + libxc-sr-restore-read_record.patch + libxc-sr-restore-types.patch + libxc-sr-save-errors.patch + libxc-sr-save-guest_data.patch + libxc-sr-save-iov.patch + libxc-sr-save-local_pages.patch + libxc-sr-save-mfns.patch + libxc-sr-save-rec_pfns.patch + libxc-sr-save-show_transfer_rate.patch + libxc-sr-save-types.patch + libxc-sr-use-xc_is_known_page_type.patch + adjust libxc.sr.superpage.patch + adjust libxc.migrate_tracking.patch + +------------------------------------------------------------------- +Wed Oct 21 09:34:32 MDT 2020 - carnold@suse.com + +- Upstream bug fixes (bsc#1027519) + 5f479d9e-x86-begin-to-support-MSR_ARCH_CAPS.patch + 5f4cf06e-x86-Dom0-expose-MSR_ARCH_CAPS.patch + 5f4cf96a-x86-PV-fix-SEGBASE_GS_USER_SEL.patch + 5f560c42-x86-PV-rewrite-segment-ctxt-switch.patch + 5f5b6b7a-hypfs-fix-custom-param-writes.patch + 5f607915-x86-HVM-more-consistent-IO-completion.patch + 5f6cfb5b-x86-PV-dont-GP-for-SYSENTER-with-NT-set.patch + 5f6cfb5b-x86-PV-dont-clobber-NT-on-return-to-guest.patch + 5f71a21e-x86-S3-fix-shadow-stack-resume.patch + 5f76ca65-evtchn-Flask-prealloc-for-send.patch + 5f76caaf-evtchn-FIFO-use-stable-fields.patch + 5f897c25-x86-traps-fix-read_registers-for-DF.patch + 5f897c7b-x86-smpboot-restrict-memguard_guard_stack.patch +- Renamed patches + 5f560c42-x86-PV-64bit-segbase-consistency.patch + Replaces 5f5b6951-x86-PV-64bit-segbase-consistency.patch + 5f6a002d-x86-PV-handle-MSR_MISC_ENABLE-correctly.patch + Replaces 5f6a05a0-pv-Handle-the-Intel-specific-MSR_MISC_ENABLE-correctly.patch + 5f6a0049-memory-dont-skip-RCU-unlock-in-acquire_resource.patch + Replaces 5f6a05b7-xen-memory-Dont-skip-the-RCU-unlock-path-in-acquire_resource.patch + 5f6a0067-x86-vPT-fix-race-when-migrating-timers.patch + Replaces 5f6a05dd-vpt-fix-race-when-migrating-timers-between-vCPUs.patch + 5f6a008e-x86-MSI-drop-read_msi_msg.patch + Replaces 5f6a05fa-msi-get-rid-of-read_msi_msg.patch + 5f6a00aa-x86-MSI-X-restrict-reading-of-PBA-bases.patch + Replaces 5f6a061a-MSI-X-restrict-reading-of-table-PBA-bases-from-BARs.patch + 5f6a00c4-evtchn-relax-port_is_valid.patch + Replaces 5f6a062c-evtchn-relax-port_is_valid.patch + 5f6a00df-x86-PV-avoid-double-exception-injection.patch + Replaces 5f6a065c-pv-Avoid-double-exception-injection.patch + 5f6a00f4-evtchn-add-missing-barriers.patch + Replaces 5f6a0674-xen-evtchn-Add-missing-barriers-when-accessing-allocating-an-event-channel.patch + 5f6a0111-evtchn-x86-enforce-correct-upper-limit.patch + Replaces 5f6a068e-evtchn-x86-enforce-correct-upper-limit-for-32-bit-guests.patch + 5f6a013f-evtchn_reset-shouldnt-succeed-with.patch + Replaces 5f6a06be-evtchn-evtchn_reset-shouldnt-succeed-with-still-open-ports.patch + 5f6a0160-evtchn-IRQ-safe-per-channel-lock.patch + Replaces 5f6a06e0-evtchn-convert-per-channel-lock-to-be-IRQ-safe.patch + 5f6a0178-evtchn-address-races-with-evtchn_reset.patch + Replaces 5f6a06f2-evtchn-address-races-with-evtchn_reset.patch + 5f6a01a4-evtchn-preempt-in-evtchn_destroy.patch + Replaces 5f6a071f-evtchn-arrange-for-preemption-in-evtchn_destroy.patch + 5f6a01c6-evtchn-preempt-in-evtchn_reset.patch + Replaces 5f6a0754-evtchn-arrange-for-preemption-in-evtchn_reset.patch + +------------------------------------------------------------------- +Tue Oct 13 10:48:04 MDT 2020 - carnold@suse.com + +- bsc#1177409 - VUL-0: CVE-2020-27674: xen: x86 PV guest + INVLPG-like flushes may leave stale TLB entries (XSA-286) + xsa286-1.patch + xsa286-2.patch + xsa286-3.patch + xsa286-4.patch + xsa286-5.patch + xsa286-6.patch +- bsc#1177412 - VUL-0: CVE-2020-27672: xen: Race condition in Xen + mapping code (XSA-345) + 5f8ed5d3-x86-mm-map_pages_to_xen-single-exit-path.patch + 5f8ed5eb-x86-mm-modify_xen_mappings-one-exit-path.patch + 5f8ed603-x86-mm-prevent-races-in-mapping-updates.patch +- bsc#1177413 - VUL-0: CVE-2020-27671: xen: undue deferral of IOMMU + TLB flushes (XSA-346) + 5f8ed635-IOMMU-suppress-iommu_dont_flush_iotlb-when.patch + 5f8ed64c-IOMMU-hold-page-ref-until-TLB-flush.patch +- bsc#1177414 - VUL-0: CVE-2020-27670: xen: unsafe AMD IOMMU page + table updates (XSA-347) + 5f8ed682-AMD-IOMMU-convert-amd_iommu_pte.patch + 5f8ed69c-AMD-IOMMU-update-live-PTEs-atomically.patch + 5f8ed6b0-AMD-IOMMU-suitably-order-DTE-mods.patch + +------------------------------------------------------------------- +Mon Oct 12 10:10:10 UTC 2020 - ohering@suse.de + +- Update libxc.sr.superpage.patch + set errno in x86_hvm_alloc_4k (bsc#1177112) + +------------------------------------------------------------------- +Tue Sep 22 10:54:28 MDT 2020 - carnold@suse.com + +- bsc#1176339 - VUL-0: CVE-2020-25602: xen: x86 pv: Crash when + handling guest access to MSR_MISC_ENABLE (XSA-333) + 5f6a05a0-pv-Handle-the-Intel-specific-MSR_MISC_ENABLE-correctly.patch +- bsc#1176341 - VUL-0: CVE-2020-25598: xen: Missing unlock in + XENMEM_acquire_resource error path (XSA-334) + 5f6a05b7-xen-memory-Dont-skip-the-RCU-unlock-path-in-acquire_resource.patch +- bsc#1176343 - VUL-0: CVE-2020-25604: xen: race when migrating + timers between x86 HVM vCPU-s (XSA-336) + 5f6a05dd-vpt-fix-race-when-migrating-timers-between-vCPUs.patch +- bsc#1176344 - VUL-0: CVE-2020-25595: xen: PCI passthrough code + reading back hardware registers (XSA-337) + 5f6a05fa-msi-get-rid-of-read_msi_msg.patch + 5f6a061a-MSI-X-restrict-reading-of-table-PBA-bases-from-BARs.patch +- bsc#1176346 - VUL-0: CVE-2020-25597: xen: once valid event + channels may not turn invalid (XSA-338) + 5f6a062c-evtchn-relax-port_is_valid.patch +- bsc#1176345 - VUL-0: CVE-2020-25596: xen: x86 pv guest kernel + DoS via SYSENTER (XSA-339) + 5f6a065c-pv-Avoid-double-exception-injection.patch +- bsc#1176347 - VUL-0: CVE-2020-25603: xen: Missing barrier + barriers when accessing/allocating an event channel (XSA-340) + 5f6a0674-xen-evtchn-Add-missing-barriers-when-accessing-allocating-an-event-channel.patch +- bsc#1176348 - VUL-0: CVE-2020-25600: xen: out of bounds event + channels available to 32-bit x86 domains (XSA-342) + 5f6a068e-evtchn-x86-enforce-correct-upper-limit-for-32-bit-guests.patch +- bsc#1176349 - VUL-0: CVE-2020-25599: xen: races with + evtchn_reset() (XSA-343) + 5f6a06be-evtchn-evtchn_reset-shouldnt-succeed-with-still-open-ports.patch + 5f6a06e0-evtchn-convert-per-channel-lock-to-be-IRQ-safe.patch + 5f6a06f2-evtchn-address-races-with-evtchn_reset.patch +- bsc#1176350 - VUL-0: CVE-2020-25601: xen: lack of preemption in + evtchn_reset() / evtchn_destroy() (XSA-344) + 5f6a071f-evtchn-arrange-for-preemption-in-evtchn_destroy.patch + 5f6a0754-evtchn-arrange-for-preemption-in-evtchn_reset.patch +- Upstream bug fix (bsc#1027519) + 5f5b6951-x86-PV-64bit-segbase-consistency.patch + +------------------------------------------------------------------- +Mon Sep 21 14:03:02 MDT 2020 - carnold@suse.com + +- Fix problems in xen.spec with building on aarch64 + +------------------------------------------------------------------- +Fri Sep 18 15:20:31 MDT 2020 - carnold@suse.com + +- Make use of %service_del_postun_without_restart while preserving + the old behavior for older distros. +- In %post tools, remove unnecessary qemu symlinks. + +------------------------------------------------------------------- +Thu Sep 17 11:11:11 UTC 2020 - ohering@suse.de + +- Fix error in xen-tools %post when linking pvgrub64.bin +- Make paths below libexec more explicit +- Create symlink also for pvgrub32.bin + +------------------------------------------------------------------- +Fri Sep 11 11:11:11 UTC 2020 - ohering@suse.de + +- Revert previous libexec change for qemu compat wrapper + The path is used in existing domU.xml files in the emulator field +- Escape some % chars in xen.spec, they have to appear verbatim + +------------------------------------------------------------------- +Wed Sep 9 10:11:12 UTC 2020 - ohering@suse.de + +- Enhance libxc.migrate_tracking.patch + Print number of allocated pages on sending side, this is more + accurate than p2m_size. + +------------------------------------------------------------------- +Wed Sep 2 12:53:47 MDT 2020 - carnold@suse.com + +- jsc#SLE-15926 - Dev: XEN: drop netware support + Dropped the following patches + pygrub-netware-xnloader.patch + xnloader.py + Refreshed pygrub-boot-legacy-sles.patch + +------------------------------------------------------------------- +Tue Sep 1 12:28:43 UTC 2020 - Guillaume GARDET + +- Fix build on aarch64 with gcc10 +- Package xenhypfs for aarch64 + +------------------------------------------------------------------- +Wed Aug 5 19:30:23 UTC 2020 - Callum Farmer + +- Correct license name + * GPL-3.0+ is now GPL-3.0-or-later + +------------------------------------------------------------------- +Mon Aug 3 06:26:08 MDT 2020 - carnold@suse.com + +- Upstream bug fixes (bsc#1027519) + 5f1a9916-x86-S3-put-data-sregs-into-known-state.patch + 5f21b9fd-x86-cpuid-APIC-bit-clearing.patch + +------------------------------------------------------------------- +Fri Jul 24 16:27:29 MDT 2020 - carnold@suse.com + +- Update to Xen 4.14.0 FCS release + xen-4.14.0-testing-src.tar.bz2 + * Linux stubdomains (contributed by QUBES OS) + * Control-flow Enforcement Technology (CET) Shadow Stack support (contributed by Citrix) + * Lightweight VM fork for fuzzing / introspection. (contributed by Intel) + * Livepatch: buildid and hotpatch stack requirements + * CONFIG_PV32 + * Hypervisor FS support + * Running Xen as a Hyper-V Guest + * Domain ID randomization, persistence across save / restore + * Golang binding autogeneration + * KDD support for Windows 7, 8.x and 10 +- Dropped patches contained in new tarball + 5eb51be6-cpupool-fix-removing-cpu-from-pool.patch + 5eb51caa-sched-vcpu-pause-flags-atomic.patch + 5ec2a760-x86-determine-MXCSR-mask-always.patch + 5ec50b05-x86-idle-rework-C6-EOI-workaround.patch + 5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch + 5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch + 5ec82237-x86-extend-ISR-C6-workaround-to-Haswell.patch + 5ece1b91-x86-clear-RDRAND-CPUID-bit-on-AMD-fam-15-16.patch + 5ece8ac4-x86-load_system_tables-NMI-MC-safe.patch + 5ed69804-x86-ucode-fix-start-end-update.patch + 5eda60cb-SVM-split-recalc-NPT-fault-handling.patch + 5edf6ad8-ioreq-pending-emulation-server-destruction-race.patch + 5edfbbea-x86-spec-ctrl-CPUID-MSR-defs-for-SRBDS.patch + 5edfbbea-x86-spec-ctrl-mitigate-SRBDS.patch + 5ee24d0e-x86-spec-ctrl-document-SRBDS-workaround.patch + xsa317.patch + xsa319.patch + xsa321-1.patch + xsa321-2.patch + xsa321-3.patch + xsa321-4.patch + xsa321-5.patch + xsa321-6.patch + xsa321-7.patch + xsa328-1.patch + xsa328-2.patch + +------------------------------------------------------------------- +Thu Jul 23 11:12:58 MDT 2020 - carnold@suse.com + +- bsc#1172356 - Not able to hot-plug NIC via virt-manager, asks to + attach on next reboot while it should be live attached + ignore-ip-command-script-errors.patch + +------------------------------------------------------------------- +Fri Jul 17 14:14:14 UTC 2020 - ohering@suse.de + +- Enhance libxc.migrate_tracking.patch + After transfer of domU memory, the target host has to assemble + the backend devices. Track the time prior xc_domain_unpause. + +------------------------------------------------------------------- +Tue Jun 30 18:03:40 UTC 2020 - ohering@suse.de + +- Add libxc.migrate_tracking.patch to track live migrations + unconditionally in logfiles, especially in libvirt. + This will track how long a domU was suspended during transit. + +------------------------------------------------------------------- +Mon Jun 29 11:28:27 MDT 2020 - carnold@suse.com + +- bsc#1173376 - VUL-0: CVE-2020-15566: xen: XSA-317 - Incorrect + error handling in event channel port allocation + xsa317.patch +- bsc#1173377 - VUL-0: CVE-2020-15563: xen: XSA-319 - inverted code + paths in x86 dirty VRAM tracking + xsa319.patch +- bsc#1173378 - VUL-0: CVE-2020-15565: xen: XSA-321 - insufficient + cache write- back under VT-d + xsa321-1.patch + xsa321-2.patch + xsa321-3.patch + xsa321-4.patch + xsa321-5.patch + xsa321-6.patch + xsa321-7.patch +- bsc#1173380 - VUL-0: CVE-2020-15567: xen: XSA-328 - non-atomic + modification of live EPT PTE + xsa328-1.patch + xsa328-2.patch + +------------------------------------------------------------------- +Mon Jun 22 11:24:48 MDT 2020 - carnold@suse.com + +- bsc#1172205 - VUL-0: CVE-2020-0543: xen: Special Register Buffer + Data Sampling (SRBDS) aka "CrossTalk" (XSA-320) + 5ee24d0e-x86-spec-ctrl-document-SRBDS-workaround.patch + 5edfbbea-x86-spec-ctrl-CPUID-MSR-defs-for-SRBDS.patch (Replaces xsa320-1.patch) + 5edfbbea-x86-spec-ctrl-mitigate-SRBDS.patch (Replaces xsa320-2.patch) +- Upstream bug fixes (bsc#1027519) + 5ec50b05-x86-idle-rework-C6-EOI-workaround.patch + 5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch + 5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch + 5ec82237-x86-extend-ISR-C6-workaround-to-Haswell.patch + 5ece1b91-x86-clear-RDRAND-CPUID-bit-on-AMD-fam-15-16.patch + 5ece8ac4-x86-load_system_tables-NMI-MC-safe.patch + 5ed69804-x86-ucode-fix-start-end-update.patch + 5eda60cb-SVM-split-recalc-NPT-fault-handling.patch + 5edf6ad8-ioreq-pending-emulation-server-destruction-race.patch + +------------------------------------------------------------------- +Fri Jun 5 16:42:16 UTC 2020 - Callum Farmer + +- Fixes for %_libexecdir changing to /usr/libexec + +------------------------------------------------------------------- +Thu May 28 08:35:20 MDT 2020 - carnold@suse.com + +- bsc#1172205 - VUL-0: CVE-2020-0543: xen: Special Register Buffer + Data Sampling (SRBDS) aka "CrossTalk" (XSA-320) + xsa320-1.patch + xsa320-2.patch + +------------------------------------------------------------------- +Mon May 18 10:55:26 MDT 2020 - carnold@suse.com + +- Update to Xen 4.13.1 bug fix release (bsc#1027519) + xen-4.13.1-testing-src.tar.bz2 + 5eb51be6-cpupool-fix-removing-cpu-from-pool.patch + 5eb51caa-sched-vcpu-pause-flags-atomic.patch + 5ec2a760-x86-determine-MXCSR-mask-always.patch +- Drop patches contained in new tarball + 5de65f84-gnttab-map-always-do-IOMMU-part.patch + 5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch + 5e15e03d-sched-fix-S3-resume-with-smt=0.patch + 5e16fb6a-x86-clear-per-cpu-stub-page-info.patch + 5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch + 5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch + 5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch + 5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch + 5e318cd4-x86-apic-fix-disabling-LVT0.patch + 5e344c11-x86-HVM-relinquish-resources-from-domain_destroy.patch + 5e3bd385-EFI-recheck-variable-name-strings.patch + 5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch + 5e3bd3f8-xmalloc-guard-against-overflow.patch + 5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch + 5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch + 5e4d4f5b-sched-fix-get_cpu_idle_time-with-core-sched.patch + 5e4e614d-x86-spec-ctrl-no-xen-also-disables-branch-hardening.patch + 5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch + 5e5e7188-fix-error-path-in-cpupool_unassign_cpu_start.patch + 5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch + 5e7a371c-sched-fix-cpu-onlining-with-core-sched.patch + 5e7c90cf-sched-fix-cpu-offlining-with-core-sched.patch + 5e7cfb29-x86-ucode-AMD-fix-assert-in-compare_patch.patch + 5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch + 5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch + 5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch + 5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch + 5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch + 5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch + 5e86f7fd-credit2-fix-credit-too-few-resets.patch + 5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch + 5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch + 5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch + 5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch + 5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch + 5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch + +------------------------------------------------------------------- +Wed May 13 21:07:29 UTC 2020 - James Fehlig + +- spec: Remove invocation of autogen.sh +- spec: Recommend qemu-ovmf-x86_64 to provide UEFI firmwares + +------------------------------------------------------------------- +Wed May 13 09:56:49 MDT 2020 - carnold@suse.com + +- bsc#1170968 - GCC 10: xen build fails on i586 + gcc10-fixes.patch + +------------------------------------------------------------------- +Tue Apr 14 11:06:08 MDT 2020 - carnold@suse.com + +- bsc#1169392 - VUL-0: CVE-2020-11742: xen: Bad continuation + handling in GNTTABOP_copy (XSA-318) + 5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch + +------------------------------------------------------------------- +Mon Apr 6 12:01:45 MDT 2020 - carnold@suse.com + +- bsc#1168140 - VUL-0: CVE-2020-11740, CVE-2020-11741: xen: XSA-313 + multiple xenoprof issues + 5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch + 5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch +- bsc#1168142 - VUL-0: CVE-2020-11739: xen: XSA-314 - Missing + memory barriers in read-write unlock paths + 5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch +- bsc#1168143 - VUL-0: CVE-2020-11743: xen: XSA-316 - Bad error + path in GNTTABOP_map_grant + 5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch +- bsc#1167152 - L3: Xenstored Crashed during VM install Need Core + analyzed + 5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch +- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog + bug soft lockup CPU #0 stuck under high load / upstream with + workaround. See also bsc#1134506 + 5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch + 5e86f7fd-credit2-fix-credit-too-few-resets.patch +- Drop for upstream solution (bsc#1165206) + 01-xen-credit2-avoid-vcpus-to.patch + default-to-credit1-scheduler.patch +- Upstream bug fixes (bsc#1027519) + 5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch + 5e5e7188-fix-error-path-in-cpupool_unassign_cpu_start.patch + 5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch + 5e7a371c-sched-fix-cpu-onlining-with-core-sched.patch + 5e7c90cf-sched-fix-cpu-offlining-with-core-sched.patch + 5e7cfb29-x86-ucode-AMD-fix-assert-in-compare_patch.patch + 5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch + 5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch + 5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch + 5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch + 5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch + +------------------------------------------------------------------- +Wed Mar 25 18:18:18 UTC 2020 - ohering@suse.de + +- bsc#1167608 - unbound limit for max_event_channels + domUs with many vcpus and/or resources fail to start + libxl.max_event_channels.patch + +------------------------------------------------------------------- +Wed Mar 18 17:00:34 UTC 2020 - ohering@suse.de + +- bsc#1161480 - Fix xl shutdown for HVM without PV drivers + add libxl.libxl__domain_pvcontrol.patch + +------------------------------------------------------------------- +Thu Mar 12 07:57:53 MDT 2020 - carnold@suse.com + +- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog + bug soft lockup CPU #0 stuck under high load / upstream with + workaround. See also bsc#1134506 + 01-xen-credit2-avoid-vcpus-to.patch + +------------------------------------------------------------------- +Tue Mar 10 07:41:34 MDT 2020 - carnold@suse.com + +- bsc#1158414 - GCC 10: xen build fails + gcc10-fixes.patch + +------------------------------------------------------------------- +Wed Mar 4 13:28:17 MST 2020 - carnold@suse.com + +- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog + bug soft lockup CPU #0 stuck under high load / upstream with + workaround. See also bsc#1134506 + default-to-credit1-scheduler.patch + +------------------------------------------------------------------- +Thu Feb 20 08:18:37 MST 2020 - carnold@suse.com + +- bsc#1160932 - VUL-0: xen: XSA-312 v1: arm: a CPU may speculate + past the ERET instruction + 5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch +- bsc#1164425 - x86: "spec-ctrl=no-xen" should also disable branch + hardening + 5e4e614d-x86-spec-ctrl-no-xen-also-disables-branch-hardening.patch +- Upstream bug fixes (bsc#1027519) + 5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch + 5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch + 5e318cd4-x86-apic-fix-disabling-LVT0.patch + 5e344c11-x86-HVM-relinquish-resources-from-domain_destroy.patch + 5e3bd385-EFI-recheck-variable-name-strings.patch + 5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch + 5e3bd3f8-xmalloc-guard-against-overflow.patch + 5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch + 5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch + 5e4d4f5b-sched-fix-get_cpu_idle_time-with-core-sched.patch + +------------------------------------------------------------------- +Tue Feb 18 18:18:18 UTC 2020 - ohering@suse.de + +- bsc#1159755 - use fixed qemu-3.1 machine type for HVM + This must be done in qemu to preserve PCI layout + remove libxl.lock-qemu-machine-for-hvm.patch + +------------------------------------------------------------------- +Fri Feb 7 12:37:35 UTC 2020 - ohering@suse.de + +- jsc#SLE-10183 - script to calculate cpuid= mask + add helper script from https://github.com/twizted/xen_maskcalc + domUs may be migrated between different cpus from the same vendor + if their visible cpuid value has incompatible feature bits masked. + +------------------------------------------------------------------- +Wed Feb 5 15:16:06 UTC 2020 - ohering@suse.de + +- jsc#SLE-10172, bsc#1055731 - handle degraded raid for xendomains + add helper script and systemd service from + https://github.com/luizluca/xen-tools-xendomains-wait-disk + in new sub package xen-tools-xendomains-wait-disk + See included README for usage instructions + xendomains-wait-disks.LICENSE + xendomains-wait-disks.README.md + xendomains-wait-disks.sh + +------------------------------------------------------------------- +Tue Jan 28 14:10:38 UTC 2020 - ohering@suse.de + +- bsc#1159755 - use fixed qemu-3.1 machine type for HVM + qemu4 introduced incompatible changes in pc-i440fx, which revealed + a design bug in 'xenfv'. Live migration from domUs started with + qemu versions prior qemu4 can not be received with qemu4+. + libxl.lock-qemu-machine-for-hvm.patch + +------------------------------------------------------------------- +Tue Jan 14 09:19:31 MST 2020 - carnold@suse.com + +- Upstream bug fixes (bsc#1027519) + 5de65f84-gnttab-map-always-do-IOMMU-part.patch + 5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch + 5e15e03d-sched-fix-S3-resume-with-smt=0.patch + 5e16fb6a-x86-clear-per-cpu-stub-page-info.patch + 5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch + +------------------------------------------------------------------- +Wed Jan 8 11:43:04 UTC 2020 - Dominique Leuenberger + +- BuildRequire pkgconfig(libsystemd) instead of systemd-devel: + Allow OBS to shortcut through the -mini flavors. + +------------------------------------------------------------------- +Wed Dec 18 10:16:52 MST 2019 - carnold@suse.com + +- bsc#1159320 - Xen logrotate file needs updated + logrotate.conf + +------------------------------------------------------------------- +Wed Dec 18 08:21:17 MST 2019 - carnold@suse.com + +- Update to Xen 4.13.0 FCS release + xen-4.13.0-testing-src.tar.bz2 + * Core Scheduling (contributed by SUSE) + * Branch hardening to mitigate against Spectre v1 (contributed by Citrix) + * Late uCode loading (contributed by Intel) + * Improved live-patching build tools (contributed by AWS) + * OP-TEE support (contributed by EPAM) + * Renesas R-CAR IPMMU-VMSA driver (contributed by EPAM) + * Dom0-less passthrough and ImageBuilder (contributed by XILINX) + * Support for new Hardware + +------------------------------------------------------------------- +Tue Dec 3 08:57:29 MST 2019 - carnold@suse.com + +- Update to Xen 4.13.0 RC4 release + xen-4.13.0-testing-src.tar.bz2 +- Rebase libxl.pvscsi.patch + +------------------------------------------------------------------- +Mon Nov 25 10:49:13 MST 2019 - carnold@suse.com + +- Update to Xen 4.13.0 RC3 release + xen-4.13.0-testing-src.tar.bz2 +- Drop python38-build.patch + +------------------------------------------------------------------- +Tue Nov 12 08:09:27 MST 2019 - carnold@suse.com + +- Update to Xen 4.13.0 RC2 release + xen-4.13.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Tue Oct 29 14:27:13 CET 2019 - Matej Cepl + +- Add python38-build.patch fixing build with Python 3.8 (add + --embed to python-config call) + +------------------------------------------------------------------- +Mon Oct 14 09:01:47 MDT 2019 - carnold@suse.com + +- Update to Xen 4.13.0 RC1 release + xen-4.13.0-testing-src.tar.bz2 +- Drop patches contained in new tarball or invalid + 5ca7660f-x86-entry-drop-unused-includes.patch + 5cab2a6b-x86-ACPI-also-parse-AMD-tables-early.patch + 5cab2ab7-x86-IOMMU-introduce-init-ops.patch + 5cab2ae8-x86-IOMMU-abstract-iommu_supports_eim.patch + 5cab2b4e-x86-IOMMU-abstract-iommu_enable_x2apic_IR.patch + 5cab2b95-x86-IOMMU-initialize-iommu_ops-in.patch + 5cac9a4b-x86-IOMMU-abstract-adjust_vtd_irq_affinities.patch + 5cdeac7f-AMD-IOMMU-adjust-IOMMU-list-head-init.patch + 5cf8da09-adjust-sysdom-creation-call-earlier-on-x86.patch + 5d0cf4e4-AMD-IOMMU-initialize-IRQ-tasklet-once.patch + 5d149bb0-AMD-IOMMU-dont-add-IOMMUs.patch + 5d1b3fab-AMD-IOMMU-restrict-feature-logging.patch + 5d358508-x86-IRQ-desc-affinity-represents-request.patch + 5d358534-x86-IRQ-consolidate-arch-cpu_mask-use.patch + 5d358a67-AMD-IOMMU-pass-IOMMU-to-iterate_ivrs_entries-cb.patch + 5d358a92-AMD-IOMMU-pass-IOMMU-to-amd_iommu_alloc_intremap_table.patch + 5d39811c-x86-IOMMU-dont-restrict-IRQ-affinities.patch + 5d417813-AMD-IOMMU-bitfield-extended-features.patch + 5d417838-AMD-IOMMU-bitfield-control-reg.patch + 5d41785b-AMD-IOMMU-bitfield-IRTE.patch + 5d41787e-AMD-IOMMU-pass-IOMMU-to-gfu-intremap-entry.patch + 5d4178ad-AMD-IOMMU-128bit-non-guest-APIC-IRTE.patch + 5d4178fc-AMD-IOMMU-split-amd_iommu_init_one.patch + 5d41793f-AMD-IOMMU-allow-enabling-without-IRQ.patch + 5d417a16-AMD-IOMMU-adjust-IRQ-setup-for-x2APIC.patch + 5d417ab6-AMD-IOMMU-enable-x2APIC-mode.patch + 5d417b38-AMD-IOMMU-correct-IRTE-updating.patch + 5d417b6a-AMD-IOMMU-dont-needlessly-log-headers.patch + 5d419d49-x86-spec-ctrl-report-proper-status.patch + 5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch + 5d4a9d25-AMD-IOMMU-drop-not-found-message.patch + 5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch + 5d4afa7a-credit2-fix-memory-leak.patch + 5d4d850a-introduce-bss-percpu-page-aligned.patch + 5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch + 5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch + 5d6524ca-x86-mm-correctly-init-M2P-entries.patch + 5d67ceaf-x86-properly-gate-PKU-clearing.patch + 5d70bfba-x86-shadow-dont-enable-with-too-small-allocation.patch + 5d779811-x86-fix-CPUID7-0-eax-levelling-MSR.patch + 5d77b40f-fix-hvm_all_ioreq_servers_add_vcpu-cleanup.patch + 5d80e7c0-AMD-IOMMU-free-shared-IRT-once.patch + 5d80e80d-AMD-IOMMU-valid-flag-for-IVRS-mappings.patch + 5d80e82e-AMD-IOMMU-alloc_intremap_table-callers-handle-errors.patch + 5d80e857-x86-PCI-read-MSI-X-table-entry-count-early.patch + 5d80ea13-vpci-honor-read-only-devices.patch + 5d89d8d9-libxc-x86-avoid-overflow-in-CPUID-APIC-ID.patch + 5d8b715f-ACPI-cpuidle-bump-max-num-of-states.patch + 5d8b72e5-AMD-IOMMU-dont-blindly-alloc-intremap-tables.patch + 5d8b730e-AMD-IOMMU-phantom-funcs-share-intremap-tables.patch + 5d8b733b-x86-PCI-read-max-MSI-vector-count-early.patch + 5d8b736d-AMD-IOMMU-replace-INTREMAP_ENTRIES.patch + 5d8b7393-AMD-IOMMU-restrict-intremap-table-sizes.patch + 5d9ee2a8-AMD-IOMMU-alloc-1-devtab-per-PCI-seg.patch + 5d9ee2f0-AMD-IOMMU-allocate_buffer-avoid-memset.patch + 5d9ee312-AMD-IOMMU-prefill-all-DTEs.patch + CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch + blktap2-no-uninit.patch + libxl.prepare-environment-for-domcreate_stream_done.patch + pygrub-python3-conversion.patch + fix-xenpvnetboot.patch + +------------------------------------------------------------------- +Thu Oct 10 08:39:52 MDT 2019 - carnold@suse.com + +- bsc#1135799 - Partner-L3: Xen crashes on AMD ROME based machines + 5d9ee2a8-AMD-IOMMU-alloc-1-devtab-per-PCI-seg.patch + 5d9ee2f0-AMD-IOMMU-allocate_buffer-avoid-memset.patch + 5d9ee312-AMD-IOMMU-prefill-all-DTEs.patch + +------------------------------------------------------------------- +Wed Oct 2 08:37:47 UTC 2019 - ohering@suse.de + +- bsc#1120095 - add code to change LIBXL_HOTPLUG_TIMEOUT at runtime + The included README has details about the impact of this change + libxl.LIBXL_HOTPLUG_TIMEOUT.patch + +------------------------------------------------------------------- +Mon Sep 30 10:43:43 MDT 2019 - carnold@suse.com + +- bsc#1135799 - Partner-L3: Xen crashes on AMD ROME based machines + 5ca7660f-x86-entry-drop-unused-includes.patch + 5cf8da09-adjust-sysdom-creation-call-earlier-on-x86.patch + 5cab2a6b-x86-ACPI-also-parse-AMD-tables-early.patch + 5cab2ab7-x86-IOMMU-introduce-init-ops.patch + 5cab2ae8-x86-IOMMU-abstract-iommu_supports_eim.patch + 5cab2b4e-x86-IOMMU-abstract-iommu_enable_x2apic_IR.patch + 5cab2b95-x86-IOMMU-initialize-iommu_ops-in.patch + 5cac9a4b-x86-IOMMU-abstract-adjust_vtd_irq_affinities.patch + 5cdeac7f-AMD-IOMMU-adjust-IOMMU-list-head-init.patch + 5d0cf4e4-AMD-IOMMU-initialize-IRQ-tasklet-once.patch + 5d149bb0-AMD-IOMMU-dont-add-IOMMUs.patch + 5d1b3fab-AMD-IOMMU-restrict-feature-logging.patch + 5d358508-x86-IRQ-desc-affinity-represents-request.patch + 5d358534-x86-IRQ-consolidate-arch-cpu_mask-use.patch + 5d358a67-AMD-IOMMU-pass-IOMMU-to-iterate_ivrs_entries-cb.patch + 5d358a92-AMD-IOMMU-pass-IOMMU-to-amd_iommu_alloc_intremap_table.patch + 5d39811c-x86-IOMMU-dont-restrict-IRQ-affinities.patch + 5d417813-AMD-IOMMU-bitfield-extended-features.patch + 5d417838-AMD-IOMMU-bitfield-control-reg.patch + 5d41785b-AMD-IOMMU-bitfield-IRTE.patch + 5d41787e-AMD-IOMMU-pass-IOMMU-to-gfu-intremap-entry.patch + 5d4178ad-AMD-IOMMU-128bit-non-guest-APIC-IRTE.patch + 5d4178fc-AMD-IOMMU-split-amd_iommu_init_one.patch + 5d41793f-AMD-IOMMU-allow-enabling-without-IRQ.patch + 5d417a16-AMD-IOMMU-adjust-IRQ-setup-for-x2APIC.patch + 5d417ab6-AMD-IOMMU-enable-x2APIC-mode.patch + 5d417b38-AMD-IOMMU-correct-IRTE-updating.patch + 5d417b6a-AMD-IOMMU-dont-needlessly-log-headers.patch + 5d4a9d25-AMD-IOMMU-drop-not-found-message.patch + 5d80e7c0-AMD-IOMMU-free-shared-IRT-once.patch + 5d80e80d-AMD-IOMMU-valid-flag-for-IVRS-mappings.patch + 5d80e82e-AMD-IOMMU-alloc_intremap_table-callers-handle-errors.patch + 5d80e857-x86-PCI-read-MSI-X-table-entry-count-early.patch + 5d8b72e5-AMD-IOMMU-dont-blindly-alloc-intremap-tables.patch + 5d8b730e-AMD-IOMMU-phantom-funcs-share-intremap-tables.patch + 5d8b733b-x86-PCI-read-max-MSI-vector-count-early.patch + 5d8b736d-AMD-IOMMU-replace-INTREMAP_ENTRIES.patch + 5d8b7393-AMD-IOMMU-restrict-intremap-table-sizes.patch +- bsc#1145240 - [Migration]Can't pre-allocate 1 shadow pages + 5d70bfba-x86-shadow-dont-enable-with-too-small-allocation.patch +- bsc#1137717 - [HPS Bug] Unable to install Windows Server 2016 + with 2 CPUs setting (or above) under SLES12 SP4 Xen Server on AMD + ROME platform + 5d89d8d9-libxc-x86-avoid-overflow-in-CPUID-APIC-ID.patch +- Upstream bug fixes (bsc#1027519) + 5d67ceaf-x86-properly-gate-PKU-clearing.patch + 5d779811-x86-fix-CPUID7-0-eax-levelling-MSR.patch + 5d77b40f-fix-hvm_all_ioreq_servers_add_vcpu-cleanup.patch + 5d80ea13-vpci-honor-read-only-devices.patch + 5d8b715f-ACPI-cpuidle-bump-max-num-of-states.patch + +------------------------------------------------------------------- +Fri Sep 27 16:25:38 UTC 2019 - ohering@suse.de + +- bsc#1145774 - Libivrtd segfaults when trying to live migrate a VM + Fix crash in an error path of libxl_domain_suspend with + libxl.helper_done-crash.patch + +------------------------------------------------------------------- +Wed Aug 28 09:25:30 MDT 2019 - carnold@suse.com + +- Upstream bug fixes (bsc#1027519) + 5d419d49-x86-spec-ctrl-report-proper-status.patch + 5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch + 5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch + 5d4afa7a-credit2-fix-memory-leak.patch + 5d4d850a-introduce-bss-percpu-page-aligned.patch + 5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch + 5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch + 5d6524ca-x86-mm-correctly-init-M2P-entries.patch +- Drop 5d419d49-x86-spec-ctrl-facilities-report-wrong-status.patch + +------------------------------------------------------------------- +Wed Aug 28 11:25:17 UTC 2019 - ohering@suse.de + +- Preserve modified files which used to be marked as %config, + rename file.rpmsave to file + +------------------------------------------------------------------- +Fri Aug 9 10:29:45 MDT 2019 - carnold@suse.com + +- Update to Xen 4.12.1 bug fix release (bsc#1027519) + xen-4.12.1-testing-src.tar.bz2 +- Drop patches contained in new tarball + 5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch + 5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch + 5c87b6c8-drop-arch_evtchn_inject.patch + 5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch + 5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch + 5c8f752c-x86-e820-build-with-gcc9.patch + 5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch + 5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch + 5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch + 5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch + 5c9e63c5-credit2-SMT-idle-handling.patch + 5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch + 5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch + 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch + 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch + 5cd921fb-trace-fix-build-with-gcc9.patch + 5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch + 5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch + 5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch + 5cd926d0-bitmap_fill-zero-sized.patch + 5cd92724-drivers-video-drop-constraints.patch + 5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch + 5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch + 5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch + 5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch + 5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch + 5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch + 5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch + 5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch + 5cdeb9fd-sched-fix-csched2_deinit_pdata.patch + 5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch + 5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch + 5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch + 5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch + 5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch + 5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch + 5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch + 5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch + 5d03a0c4-6-Arm64-cmpxchg-simplify.patch + 5d03a0c4-7-Arm32-cmpxchg-simplify.patch + 5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch + 5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch + 5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch + 5d03a0c4-B-bitops-guest-helpers.patch + 5d03a0c4-C-cmpxchg-guest-helpers.patch + 5d03a0c4-D-use-guest-atomics-helpers.patch + 5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch + 5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch +- Refreshed patches + libxl.pvscsi.patch + +------------------------------------------------------------------- +Thu Aug 1 13:10:39 MDT 2019 - carnold@suse.com + +- bsc#1143563 - Speculative mitigation facilities report wrong status + 5d419d49-x86-spec-ctrl-facilities-report-wrong-status.patch + +------------------------------------------------------------------- +Wed Jul 17 13:56:46 UTC 2019 - ohering@suse.de + +- Update xen-dom0-modules.service (bsc#1137251) + Map backend module names from pvops and xenlinux kernels to a + module alias. This avoids errors from modprobe about unknown + modules. Ignore a few xenlinux modules that lack aliases. + +------------------------------------------------------------------- +Mon Jul 15 07:56:56 MDT 2019 - carnold@suse.com + +- Gcc9 warnings seem to be cleared up with upstream fixes. + Drop gcc9-ignore-warnings.patch + +------------------------------------------------------------------- +Tue Jun 25 09:29:05 MDT 2019 - carnold@suse.com + +- bsc#1138563 - L3: xenpvnetboot improperly ported to Python 3 + fix-xenpvnetboot.patch + +------------------------------------------------------------------- +Mon Jun 24 08:02:57 UTC 2019 - ohering@suse.de + +- Move /etc/modprobe.d/xen_loop.conf to /lib/modprobe.d/xen_loop.conf + +------------------------------------------------------------------- +Mon Jun 24 08:00:10 UTC 2019 - ohering@suse.de + +- Remove /etc/xen/xenapiusers and /etc/pam.d/xen-api + +------------------------------------------------------------------- +Fri Jun 21 12:25:55 UTC 2019 - ohering@suse.de + +- Remove all upstream provided files in /etc/xen + They are not required at runtime. The host admin is now + responsible if he really needs anything in this subdirectory. + +------------------------------------------------------------------- +Fri Jun 21 12:07:45 UTC 2019 - ohering@suse.de + +- In our effort to make /etc fully admin controlled, move /etc/xen/scripts + to libexec/xen/scripts with xen-tools.etc_pollution.patch + +------------------------------------------------------------------- +Wed Jun 19 13:20:39 UTC 2019 - ohering@suse.de + +- Move /etc/bash_completion.d/xl.sh to %{_datadir}/bash-completion/completions + +------------------------------------------------------------------- +Mon Jun 17 09:08:33 MDT 2019 - carnold@suse.com + +- bsc#1138294 - VUL-0: CVE-2019-17349: XSA-295: Unlimited Arm + Atomics Operations + 5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch + 5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch + 5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch + 5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch + 5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch + 5d03a0c4-6-Arm64-cmpxchg-simplify.patch + 5d03a0c4-7-Arm32-cmpxchg-simplify.patch + 5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch + 5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch + 5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch + 5d03a0c4-B-bitops-guest-helpers.patch + 5d03a0c4-C-cmpxchg-guest-helpers.patch + 5d03a0c4-D-use-guest-atomics-helpers.patch + 5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch + 5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch +- Upstream bug fixes (bsc#1027519) + 5c87b6c8-drop-arch_evtchn_inject.patch + 5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch + 5cd921fb-trace-fix-build-with-gcc9.patch + 5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch + 5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch + 5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch + 5cd926d0-bitmap_fill-zero-sized.patch + 5cd92724-drivers-video-drop-constraints.patch + 5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch (Replaces xsa297-0a.patch) + 5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch (Replaces xsa297-0b.patch) + 5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch (Replaces xsa297-0c.patch) + 5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch (Replaces xsa297-0d.patch) + 5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch (Replaces xsa297-1.patch) + 5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch (Replaces xsa297-2.patch) + 5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch (Replaces xsa297-3.patch) + 5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch + 5cdeb9fd-sched-fix-csched2_deinit_pdata.patch + 5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch + 5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch + 5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch + +------------------------------------------------------------------- +Fri Jun 14 15:35:28 MDT 2019 - carnold@suse.com + +- Fix some outdated information in the readme + README.SUSE + +------------------------------------------------------------------- +Tue Jun 11 20:22:47 UTC 2019 - Jim Fehlig + +- spec: xen-tools: require matching version of xen package + bsc#1137471 + +------------------------------------------------------------------- +Fri May 17 08:50:57 UTC 2019 - ohering@suse.de + +- Remove two stale patches + xen.build-compare.man.patch + xenpaging.doc.patch + +------------------------------------------------------------------- +Tue May 14 15:35:17 UTC 2019 - Martin Liška + +- Disable LTO (boo#1133296). + +------------------------------------------------------------------- +Mon May 13 20:20:00 UTC 2019 - ohering@suse.de + +- Remove arm32 from ExclusiveArch to fix build + +------------------------------------------------------------------- +Mon Apr 29 08:54:04 MDT 2019 - carnold@suse.com + +- bsc#1111331 - VUL-0: CPU issues Q2 2019 aka "Group 4". + CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 + xsa297-0a.patch + xsa297-0b.patch + xsa297-0c.patch + xsa297-0d.patch + xsa297-1.patch + xsa297-2.patch + xsa297-3.patch +- Update 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch and + drop 5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch + Refresh 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch + +------------------------------------------------------------------- +Wed Apr 17 08:28:50 MDT 2019 - carnold@suse.com + +- bsc#1131811 - [XEN] internal error: libxenlight failed to create + new domain. This patch is a workaround for a systemd issue. See + patch header for additional comments. + xenstore-launch.patch + +------------------------------------------------------------------- +Thu Apr 11 16:29:39 MDT 2019 - carnold@suse.com + +- bsc#1125378 - [xen][pygrub] Can not restore sle11sp4 pv guest + after upgrading host from sle11sp4 to sle15sp1 + pygrub-python3-conversion.patch +- Fix "TypeError: virDomainDefineXML() argument 2 must be str or + None, not bytes" when converting VMs from using the xm/xend + toolstack to the libxl/libvirt toolstack. (bsc#1123378) + xen2libvirt.py + +------------------------------------------------------------------- +Mon Apr 8 08:13:04 MDT 2019 - carnold@suse.com + +- bsc#1124560 - Fully virtualized guests crash on boot + 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch +- bsc#1121391 - GCC 9: xen build fails + 5c8f752c-x86-e820-build-with-gcc9.patch +- Upstream bug fixes (bsc#1027519) + 5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch + 5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch + 5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch + 5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch + 5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch + 5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch + 5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch + 5c9e63c5-credit2-SMT-idle-handling.patch + 5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch + 5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch + 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch + 5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch + +------------------------------------------------------------------- +Thu Apr 4 08:53:02 UTC 2019 - ohering@suse.de + +- Install pkgconfig files into libdir instead of datadir + +------------------------------------------------------------------- +Tue Apr 2 08:03:53 MDT 2019 - carnold@suse.com + +- Update to Xen 4.12.0 FCS release (fate#325107, fate#323901) + xen-4.12.0-testing-src.tar.bz2 + * HVM/PVH and PV only Hypervisor: The Xen 4.12 release separates + the HVM/PVH and PV code paths in Xen and provides KCONFIG + options to build a PV only or HVM/PVH only hypervisor. + * QEMU Deprivilege (DM_RESTRICT): In Xen 4.12, this feature has + been vastly improved. + * Argo - Hypervisor-Mediated data eXchange: Argo is a new inter- + domain communication mechanism. + * Improvements to Virtual Machine Introspection: The VMI subsystem + which allows detection of 0-day vulnerabilities has seen many + functional and performance improvements. + * Credit 2 Scheduler: The Credit2 scheduler is now the Xen Project + default scheduler. + * PVH Support: Grub2 boot support has been added to Xen and Grub2. + * PVH Dom0: PVH Dom0 support has now been upgraded from experimental + to tech preview. + * The Xen 4.12 upgrade also includes improved IOMMU mapping code, + which is designed to significantly improve the startup times of + AMD EPYC based systems. + * The upgrade also features Automatic Dom0 Sizing which allows the + setting of Dom0 memory size as a percentage of host memory (e.g. + 10%) or with an offset (e.g. 1G+10%). + +------------------------------------------------------------------- +Tue Mar 26 10:06:06 MDT 2019 - carnold@suse.com + +- bsc#1130485 - Please drop Requires on multipath-tools in + xen-tools. Now using Recommends multipath-tools. + xen.spec + +------------------------------------------------------------------- +Mon Mar 25 08:17:31 MDT 2019 - carnold@suse.com + +- Update to Xen 4.12.0 RC7 release (fate#325107, fate#323901) + xen-4.12.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Wed Mar 20 09:48:26 MDT 2019 - carnold@suse.com + +- Update to Xen 4.12.0 RC6 release (fate#325107, fate#323901) + xen-4.12.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Fri Mar 15 13:09:29 UTC 2019 - ohering@suse.de + +- bsc#1026236 - add Xen cmdline option "suse_vtsc_tolerance" to + avoid TSC emulation for HVM domUs if their expected frequency + does not match exactly the frequency of the receiving host + xen.bug1026236.suse_vtsc_tolerance.patch + +------------------------------------------------------------------- +Mon Mar 11 11:24:42 MDT 2019 - carnold@suse.com + +- Update to Xen 4.12.0 RC5 release (fate#325107, fate#323901) + xen-4.12.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Mon Mar 11 05:58:59 MDT 2019 - carnold@suse.com + +- jsc#SLE-3059 - Disable Xen auto-ballooning +- Add CONFIG_DOM0_MEM to the spec file for managing dom0 memory. + xen.spec +- Disable autoballooning in xl.con + xl-conf-disable-autoballoon.patch + +------------------------------------------------------------------- +Thu Mar 7 17:55:20 UTC 2019 - ohering@suse.de + +- Update gcc9-ignore-warnings.patch to fix build in SLE12 + +------------------------------------------------------------------- +Thu Mar 7 15:28:02 UTC 2019 - ohering@suse.de + +- bsc#1126325 - fix crash in libxl in error path + Setup of grant_tables and other variables may fail + libxl.prepare-environment-for-domcreate_stream_done.patch + +------------------------------------------------------------------- +Wed Mar 6 11:12:09 MST 2019 - carnold@suse.com + +- bsc#1127620 - Documentation for the xl configuration file allows + for firmware=pvgrub64 but we don't ship pvgrub64. + Create a link from grub.xen to pvgrub64 + xen.spec + +------------------------------------------------------------------- +Mon Mar 4 14:58:18 MST 2019 - carnold@suse.com + +- Update to Xen 4.12.0 RC4 release (fate#325107, fate#323901) + xen-4.12.0-testing-src.tar.bz2 +- Tarball also contains additional post RC4 security fixes for + Xen Security Advisories 287, 288, and 290 through 294. + +------------------------------------------------------------------- +Tue Feb 19 08:11:38 MST 2019 - carnold@suse.com + +- Update to Xen 4.12.0 RC3 release (fate#325107, fate#323901) + xen-4.12.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Mon Feb 4 12:34:57 MST 2019 - carnold@suse.com + +- Update to Xen 4.12.0 RC2 release (fate#325107, fate#323901) + xen-4.12.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Fri Jan 25 12:53:37 MST 2019 - carnold@suse.com + +- bsc#1121391 - GCC 9: xen build fails + gcc9-ignore-warnings.patch + +------------------------------------------------------------------- +Thu Jan 24 09:39:18 MST 2019 - carnold@suse.com + +- bsc#1122563 - Virtualization/xen: Bug no Xen on boot, missing + /proc/xen, after 4.11 -> 4.12 upgrade on X86_64/efi. + Keep xen.efi in /usr/lib64/efi for booting older distros. + xen.spec + +------------------------------------------------------------------- +Fri Jan 18 10:51:12 MST 2019 - carnold@suse.com + +- fate#326960: Package grub2 as noarch. + As part of the effort to have a unified bootloader across + architectures, modify the xen.spec file to move the Xen efi files + to /usr/share/efi/$(uname -m) from /usr/lib64/efi. + +------------------------------------------------------------------- +Wed Jan 16 11:24:49 MST 2019 - carnold@suse.com + +- Update to Xen 4.12.0 RC1 release (fate#325107, fate#323901) + xen-4.12.0-testing-src.tar.bz2 +- Drop + 5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch + 5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch + 5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch + 5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch + 5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch + 5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch + 5b9784d2-x86-HVM-add-known_gla-helper.patch + 5b9784f2-x86-HVM-split-page-straddling-accesses.patch + 5bdc31d5-VMX-fix-vmx_handle_eoi.patch + gcc8-fix-array-warning-on-i586.patch + gcc8-fix-format-warning-on-i586.patch + gcc8-inlining-failed.patch + xen.bug1079730.patch + +------------------------------------------------------------------- +Tue Jan 15 13:38:13 MST 2019 - carnold@suse.com + +- bsc#1121960 - xen: sync with Factory + xen.spec + xen.changes + +------------------------------------------------------------------- +Sat Jan 12 14:06:02 UTC 2019 - Jan Engelhardt + +- Replace old $RPM_* shell vars. +- Run fdupes for all architectures, and not crossing + subvolume boundaries. + +------------------------------------------------------------------- +Thu Jan 10 10:57:44 UTC 2019 - Guillaume GARDET + +- Do not run %fdupes on aarch64 to avoid the hardlink-across-partition + rpmlint error + +------------------------------------------------------------------- +Tue Jan 8 13:31:30 UTC 2019 - Guillaume GARDET + +- Require qemu-seabios only on x86* as it is not available on non-x86 + systems + +------------------------------------------------------------------- +Thu Dec 27 18:16:54 UTC 2018 - Bernhard Wiedemann + +- Avoid creating dangling symlinks (bsc#1116524) + This reverts the revert of tmp_build.patch + +------------------------------------------------------------------- +Tue Dec 4 13:19:21 MST 2018 - carnold@suse.com + +- Update to Xen 4.11.1 bug fix release (bsc#1027519) + xen-4.11.1-testing-src.tar.bz2 +- 5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch + replaces xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch +- 5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch + replaces xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch +- Drop the following patches contained in the new tarball + 5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch + 5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch + 5b3cab8e-2-VMX-improve-MSR-load-save-API.patch + 5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch + 5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch + 5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch + 5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch + 5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch + 5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch + 5b3f8fa5-port-array_index_nospec-from-Linux.patch + 5b4321f6-x86-correctly-set-nonlazy_xstate_used-when-loading-full-state.patch + 5b4488e7-x86-spec-ctrl-cmdline-handling.patch + 5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch + 5b4c9a60-allow-cpu_down-to-be-called-earlier.patch + 5b4db308-SVM-fix-cleanup-svm_inject_event.patch + 5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch + 5b5040f2-x86-AMD-distinguish-CU-from-HT.patch + 5b505fe5-VMX-fix-find-msr-build.patch + 5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch + 5b508775-2-x86-possibly-bring-up-all-CPUs.patch + 5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch + 5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch + 5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch + 5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch + 5b56feb1-hvm-Disallow-unknown-MSR_EFER-bits.patch + 5b56feb2-spec-ctrl-Fix-the-parsing-of-xpti--on-fixed-Intel-hardware.patch + 5b62ca93-VMX-avoid-hitting-BUG_ON.patch + 5b6d84ac-x86-fix-improve-vlapic-read-write.patch + 5b6d8ce2-x86-XPTI-parsing.patch + 5b72fbbe-ARM-disable-grant-table-v2.patch + 5b72fbbe-oxenstored-eval-order.patch + 5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch + 5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch + 5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch + 5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch + 5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch + 5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch + 5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch + 5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch + 5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch + 5b72fbbf-x86-Make-spec-ctrl-no-a-global-disable-of-all-mitigations.patch + 5b72fbbf-xl.conf-Add-global-affinity-masks.patch + 5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch + 5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch + 5b75afef-x86-setup-avoid-OoB-E820-lookup.patch + 5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch + 5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch + 5b8d5832-x86-assorted-array_index_nospec-insertions.patch + 5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch + 5bacae4b-x86-boot-allocate-extra-module-slot.patch + 5bae44ce-x86-silence-false-log-messages.patch + 5bb60c12-x86-split-opt_xpti.patch + 5bb60c4f-x86-split-opt_pv_l1tf.patch + 5bb60c74-x86-fix-xpti-and-pv-l1tf.patch + 5bcf0722-x86-boot-enable-NMIs.patch + 5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch + 5bd076e9-x86-boot-init-debug-regs-correctly.patch + 5bd076e9-x86-init-vcpu-debug-regs-correctly.patch + 5bd0e0cf-vvmx-Disallow-the-use-of-VT-x-instructions-when-nested-virt-is-disabled.patch + 5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch + 5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch + 5be2a308-x86-extend-get_platform_badpages.patch + 5be2a354-x86-work-around-HLE-host-lockup-erratum.patch + xsa275-1.patch + xsa275-2.patch + xsa276-1.patch + xsa276-2.patch + xsa277.patch + xsa279.patch + xsa280-1.patch + xsa280-2.patch + +------------------------------------------------------------------- +Wed Nov 21 15:44:39 MST 2018 - carnold@suse.com + +- bsc#1116524 - Package xen-tools-4.11.0_09-2.1.x86_64 broken: + Missing /bin/domu-xenstore. This was broken because "make + package build reproducible" change. (boo#1047218, boo#1062303) + This fix reverses the change to this patch. + tmp_build.patch + +------------------------------------------------------------------- +Mon Nov 12 09:47:39 MST 2018 - carnold@suse.com + +- bsc#1115040 - VUL-0: CVE-2018-19961 CVE-2018-19962: xen: + insufficient TLB flushing / improper large page mappings with AMD + IOMMUs (XSA-275) + xsa275-1.patch + xsa275-2.patch +- bsc#1115043 - VUL-0: CVE-2018-19963: xen: resource accounting + issues in x86 IOREQ server handling (XSA-276) + xsa276-1.patch + xsa276-2.patch +- bsc#1115044 - VUL-0: CVE-2018-19964: xen: x86: incorrect error + handling for guest p2m page removals (XSA-277) + xsa277.patch +- bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even + when disabled (XSA-278) + 5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch +- bsc#1115045 - VUL-0: xen: CVE-2018-19965: x86: DoS from attempting + to use INVPCID with a non-canonical addresses (XSA-279) + xsa279.patch +- bsc#1115047 - VUL-0: CVE-2018-19966: xen: Fix for XSA-240 + conflicts with shadow paging (XSA-280) + xsa280-1.patch + xsa280-2.patch +- bsc#1114988 - VUL-0: CVE-2018-19967: xen: guest use of HLE + constructs may lock up host (XSA-282) + 5be2a308-x86-extend-get_platform_badpages.patch + 5be2a354-x86-work-around-HLE-host-lockup-erratum.patch +- bsc#1108940 - L3: XEN SLE12-SP1 domU hang on SLE12-SP3 HV + 5bdc31d5-VMX-fix-vmx_handle_eoi.patch +- Upstream bug fixes (bsc#1027519) + 5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch + 5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch + 5bacae4b-x86-boot-allocate-extra-module-slot.patch + 5bae44ce-x86-silence-false-log-messages.patch + 5bb60c12-x86-split-opt_xpti.patch + 5bb60c4f-x86-split-opt_pv_l1tf.patch + 5bb60c74-x86-fix-xpti-and-pv-l1tf.patch + 5bcf0722-x86-boot-enable-NMIs.patch + 5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch + 5bd076e9-x86-boot-init-debug-regs-correctly.patch + 5bd076e9-x86-init-vcpu-debug-regs-correctly.patch + 5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch + +------------------------------------------------------------------- +Tue Nov 6 08:33:59 MST 2018 - carnold@suse.com + +- bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even + when disabled (XSA-278) + 5bd0e0cf-vvmx-Disallow-the-use-of-VT-x-instructions-when-nested-virt-is-disabled.patch + +------------------------------------------------------------------- +Wed Oct 24 20:08:24 UTC 2018 - ohering@suse.de + +- Use SMBIOS_REL_DATE instead of SMBIOS_DATE for reproducible binaries + +------------------------------------------------------------------- +Wed Oct 24 08:21:01 UTC 2018 - Bernhard Wiedemann + +- make package build reproducible (boo#1047218, boo#1062303) + * Set SMBIOS_REL_DATE + * Update tmp_build.patch to use SHA instead of random build-id + * Add reproducible.patch to use --no-insert-timestamp + +------------------------------------------------------------------- +Mon Oct 15 06:55:47 UTC 2018 - ohering@suse.de + +- Building with ncurses 6.1 will fail without + xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch +- Building libxl acpi support on aarch64 with gcc 8.2 will fail without + xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch + +------------------------------------------------------------------- +Tue Sep 11 13:29:58 MDT 2018 - carnold@suse.com + +- bsc#1106263 - L3: The affinity reporting via 'xl vcpu-list' is + apparently broken + 5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch + 5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch + 5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch + +------------------------------------------------------------------- +Tue Sep 11 07:47:57 MDT 2018 - carnold@suse.com + +- bsc#1094508 - L3: Kernel oops in fs/dcache.c called by + d_materialise_unique() + 5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch + 5b9784d2-x86-HVM-add-known_gla-helper.patch + 5b9784f2-x86-HVM-split-page-straddling-accesses.patch +- bsc#1103279 - (CVE-2018-15470) VUL-0: CVE-2018-15470: xen: + oxenstored does not apply quota-maxentity (XSA-272) + 5b72fbbe-oxenstored-eval-order.patch +- bsc#1103275 - (CVE-2018-15469) VUL-0: CVE-2018-15469: xen: Use of + v2 grant tables may cause crash on ARM (XSA-268) + 5b72fbbe-ARM-disable-grant-table-v2.patch +- Upstream patches from Jan (bsc#1027519) + 5b6d84ac-x86-fix-improve-vlapic-read-write.patch + 5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch + 5b75afef-x86-setup-avoid-OoB-E820-lookup.patch + 5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch + 5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch + 5b8d5832-x86-assorted-array_index_nospec-insertions.patch +- Drop 5b741962-x86-write-to-correct-variable-in-parse_pv_l1tf.patch + +------------------------------------------------------------------- +Tue Aug 28 16:07:52 MDT 2018 - carnold@suse.com + +- bsc#1078292 - rpmbuild -ba SPECS/xen.spec with xen-4.9.1 failed + xen.spec + +------------------------------------------------------------------- +Fri Aug 17 13:01:36 MDT 2018 - carnold@suse.com + +- bsc#1091107 - VUL-0: CVE-2018-3646: xen: L1 Terminal Fault -VMM + (XSA-273) + 5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch + 5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch + 5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch + 5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch + 5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch + 5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch + 5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch + 5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch +- bsc#1103276 - VUL-0: CVE-2018-15468: xen: x86: Incorrect + MSR_DEBUGCTL handling lets guests enable BTS (XSA-269) + 5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch +- Upstream prereq patches for XSA-273 and other upstream fixes + (bsc#1027519) + 5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch + 5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch + 5b3cab8e-2-VMX-improve-MSR-load-save-API.patch + 5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch + 5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch + 5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch + 5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch + 5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch + 5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch + 5b4321f6-x86-correctly-set-nonlazy_xstate_used-when-loading-full-state.patch + 5b505fe5-VMX-fix-find-msr-build.patch + 5b56feb1-hvm-Disallow-unknown-MSR_EFER-bits.patch + 5b56feb2-spec-ctrl-Fix-the-parsing-of-xpti--on-fixed-Intel-hardware.patch + 5b62ca93-VMX-avoid-hitting-BUG_ON.patch + 5b6d8ce2-x86-XPTI-parsing.patch + 5b72fbbf-x86-Make-spec-ctrl-no-a-global-disable-of-all-mitigations.patch + 5b72fbbf-xl.conf-Add-global-affinity-masks.patch + 5b741962-x86-write-to-correct-variable-in-parse_pv_l1tf.patch + +------------------------------------------------------------------- +Tue Jul 24 09:17:09 MDT 2018 - carnold@suse.com + +- Upstream patches from Jan (bsc#1027519) + 5b3f8fa5-port-array_index_nospec-from-Linux.patch + 5b4488e7-x86-spec-ctrl-cmdline-handling.patch + 5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch + 5b4c9a60-allow-cpu_down-to-be-called-earlier.patch + 5b4db308-SVM-fix-cleanup-svm_inject_event.patch + 5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch + 5b5040f2-x86-AMD-distinguish-CU-from-HT.patch + 5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch + 5b508775-2-x86-possibly-bring-up-all-CPUs.patch + 5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch + 5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch + 5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch + 5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch + gcc8-fix-format-warning-on-i586.patch + gcc8-fix-array-warning-on-i586.patch +- Drop xen.fuzz-_FORTIFY_SOURCE.patch + gcc8-fix-warning-on-i586.patch + +------------------------------------------------------------------- +Mon Jul 9 10:53:15 MDT 2018 - carnold@suse.com + +- Update to Xen 4.11.0 FCS (fate#325202, fate#325123) + xen-4.11.0-testing-src.tar.bz2 + disable-building-pv-shim.patch +- Dropped patches + 5a33a12f-domctl-improve-locking-during-domain-destruction.patch + 5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch + 5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch + 5a9985bd-x86-invpcid-support.patch + 5ac72a48-gcc8.patch + 5ac72a5f-gcc8.patch + 5ac72a64-gcc8.patch + 5ac72a69-gcc8.patch + 5ac72a6e-gcc8.patch + 5ac72a74-gcc8.patch + 5ac72a7b-gcc8.patch + 5ad4923e-x86-correct-S3-resume-ordering.patch + 5ad49293-x86-suppress-BTI-mitigations-around-S3.patch + 5ad600d4-x86-pv-introduce-x86emul_read_dr.patch + 5ad600d4-x86-pv-introduce-x86emul_write_dr.patch + 5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch + 5adda097-x86-HPET-fix-race-triggering-ASSERT.patch + 5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch + 5adde9ed-xpti-fix-double-fault-handling.patch + 5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch + 5ae31917-x86-cpuidle-init-stats-lock-once.patch + 5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch + 5aeaeaf0-sched-fix-races-in-vcpu-migration.patch + 5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch + 5aec7393-1-x86-xpti-avoid-copy.patch + 5aec7393-2-x86-xpti-write-cr3.patch + 5aec744a-3-x86-xpti-per-domain-flag.patch + 5aec744a-4-x86-xpti-use-invpcid.patch + 5aec744a-5-x86-xpti-no-global-pages.patch + 5aec744a-6-x86-xpti-cr3-valid-flag.patch + 5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch + 5aec744b-8-x86-xpti-cr3-helpers.patch + 5aec74a8-9-x86-xpti-use-pcid.patch + 5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch + 5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch + 5af1daa9-3-x86-traps-use-IST-for-DB.patch + 5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch + 5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch + 5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch + 5af97999-viridian-cpuid-leaf-40000003.patch + 5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch + 5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch + 5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch + 5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch + 5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch + 5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch + 5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch + 5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch + 5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch + 5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch + 5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch + 5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch + 5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch + 5b0bc9da-x86-XPTI-fix-S3-resume.patch + 5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x80000008.patch + 5b0d2d91-x86-suppress-sync-when-XPTI-off.patch + 5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch + 5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch + 5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch + 5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch + 5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch + 5b238b92-x86-HVM-account-for-fully-eager-FPU.patch + 5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch + 5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch + 5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch + 5b34882d-x86-mm-dont-bypass-preemption-checks.patch + 5b348874-x86-refine-checks-in-DB-handler.patch + 5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch + 5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch + 5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch + 5b348954-x86-guard-against-NM.patch + libxl.Add-a-version-check-of-QEMU-for-QMP-commands.patch + libxl.LIBXL_DESTROY_TIMEOUT.patch + libxl.qmp-Tell-QEMU-about-live-migration-or-snapshot.patch + xen_fix_build_with_acpica_20180427_and_new_packages.patch + +------------------------------------------------------------------- +Wed Jul 4 15:46:01 UTC 2018 - trenn@suse.de + +- Submit upstream patch libacpi: fixes for iasl >= 20180427 + git commit 858dbaaeda33b05c1ac80aea0ba9a03924e09005 + xen_fix_build_with_acpica_20180427_and_new_packages.patch + This is needed for acpica package to get updated in our build service + +------------------------------------------------------------------- +Fri Jun 29 08:35:34 MDT 2018 - carnold@suse.com + +- Upstream patches from Jan (bsc#1027519) + 5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-1.patch) + 5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-2.patch) + 5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch (Replaces Spectre-v4-3.patch) + 5b0bc9da-x86-XPTI-fix-S3-resume.patch + 5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x80000008.patch + 5b0d2d91-x86-suppress-sync-when-XPTI-off.patch + 5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch + 5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch + 5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch + 5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch (Replaces xsa267-1.patch) + 5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch (Replaces xsa267-2.patch) + 5b238b92-x86-HVM-account-for-fully-eager-FPU.patch + 5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch + 5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch + 5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch + 5b34882d-x86-mm-dont-bypass-preemption-checks.patch (Replaces xsa264.patch) + 5b348874-x86-refine-checks-in-DB-handler.patch (Replaces xsa265.patch) + 5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch (Replaces xsa266-1-<>.patch) + 5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch (Replaces xsa266-2-<>.patch) + 5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch + 5b348954-x86-guard-against-NM.patch + +------------------------------------------------------------------- +Mon Jun 25 09:50:31 UTC 2018 - ohering@suse.de + +- Fix more build gcc8 related failures with xen.fuzz-_FORTIFY_SOURCE.patch + +------------------------------------------------------------------- +Mon Jun 25 09:44:25 UTC 2018 - ohering@suse.de + +- bsc#1098403 - fix regression introduced by changes for bsc#1079730 + a PV domU without qcow2 and/or vfb has no qemu attached. + Ignore QMP errors for PV domUs to handle PV domUs with and without + an attached qemu-xen. + xen.bug1079730.patch + +------------------------------------------------------------------- +Mon Jun 18 14:57:06 MDT 2018 - carnold@suse.com + +- bsc#1097521 - VUL-0: CVE-2018-12891: xen: preemption checks + bypassed in x86 PV MM handling (XSA-264) + xsa264.patch +- bsc#1097522 - VUL-0: CVE-2018-12893: xen: x86: #DB exception + safety check can be triggered by a guest (XSA-265) + xsa265.patch +- bsc#1097523 - VUL-0: CVE-2018-12892: xen: libxl fails to honour + readonly flag on HVM emulated SCSI disks (XSA-266) + xsa266-1-libxl-qemu_disk_scsi_drive_string-Break-out-common-p.patch + xsa266-2-libxl-restore-passing-readonly-to-qemu-for-SCSI-disk.patch + +------------------------------------------------------------------- +Wed Jun 13 14:20:14 MDT 2018 - carnold@suse.com + +- bsc#1095242 - VUL-0: CVE-2018-3665: xen: Lazy FP Save/Restore + (XSA-267) + xsa267-1.patch + xsa267-2.patch + +------------------------------------------------------------------- +Fri Jun 1 10:27:44 MDT 2018 - carnold@suse.com + +- bsc#1092543 - GCC 8: xen build fails + gcc8-fix-warning-on-i586.patch + +------------------------------------------------------------------- +Fri May 18 08:03:46 MDT 2018 - carnold@suse.com + +- bsc#1092631 - VUL-0: CVE-2018-3639: xen: V4 – Speculative Store + Bypass aka "Memory Disambiguation" (XSA-263) + 5ad4923e-x86-correct-S3-resume-ordering.patch + 5ad49293-x86-suppress-BTI-mitigations-around-S3.patch + 5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch + 5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch + 5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch + 5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch + 5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch + 5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch + 5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch + 5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch + 5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch + 5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch + Spectre-v4-1.patch + Spectre-v4-2.patch + Spectre-v4-3.patch + +------------------------------------------------------------------- +Thu May 17 20:29:37 UTC 2018 - ohering@suse.de + +- Always call qemus xen-save-devices-state in suspend/resume to + fix migration with qcow2 images (bsc#1079730) + libxl.Add-a-version-check-of-QEMU-for-QMP-commands.patch + libxl.qmp-Tell-QEMU-about-live-migration-or-snapshot.patch + xen.bug1079730.patch + +------------------------------------------------------------------- +Wed May 16 08:45:24 MDT 2018 - carnold@suse.com + +- bsc#1087289 - L3: Xen BUG at sched_credit.c:1663 + 5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch + 5aeaeaf0-sched-fix-races-in-vcpu-migration.patch +- Upstream patches from Jan (bsc#1027519) + 5ad600d4-x86-pv-introduce-x86emul_read_dr.patch + 5ad600d4-x86-pv-introduce-x86emul_write_dr.patch + 5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch + 5adda097-x86-HPET-fix-race-triggering-ASSERT.patch + 5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch + 5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch + 5ae31917-x86-cpuidle-init-stats-lock-once.patch + 5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch + 5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch (Replaces xsa260-1.patch) + 5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch (Replaces xsa260-2.patch) + 5af1daa9-3-x86-traps-use-IST-for-DB.patch (Replaces xsa260-3.patch) + 5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch (Replaces xsa260-4.patch) + 5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch (Replaces xsa262.patch) + 5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch (Replaces xsa261.patch) + 5af97999-viridian-cpuid-leaf-40000003.patch + +------------------------------------------------------------------- +Fri May 11 08:36:45 MDT 2018 - carnold@suse.com + +- Fixes related to Page Table Isolation (XPTI). bsc#1074562 XSA-254 + 5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch + 5a9985bd-x86-invpcid-support.patch + 5adde9ed-xpti-fix-double-fault-handling.patch + 5aec7393-1-x86-xpti-avoid-copy.patch + 5aec7393-2-x86-xpti-write-cr3.patch + 5aec744a-3-x86-xpti-per-domain-flag.patch + 5aec744a-4-x86-xpti-use-invpcid.patch + 5aec744a-5-x86-xpti-no-global-pages.patch + 5aec744a-6-x86-xpti-cr3-valid-flag.patch + 5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch + 5aec744b-8-x86-xpti-cr3-helpers.patch + 5aec74a8-9-x86-xpti-use-pcid.patch + +------------------------------------------------------------------- +Wed May 9 08:32:42 MDT 2018 - carnold@suse.com + +- bsc#1092543 - GCC 8: xen build fails + 5ac72a48-gcc8.patch + 5ac72a5f-gcc8.patch + 5ac72a64-gcc8.patch + 5ac72a69-gcc8.patch + 5ac72a6e-gcc8.patch + 5ac72a74-gcc8.patch + 5ac72a7b-gcc8.patch + gcc8-inlining-failed.patch + +------------------------------------------------------------------- +Tue May 8 12:51:26 MDT 2018 - carnold@suse.com + +- Update to Xen 4.10.1 bug fix release (bsc#1027519) + xen-4.10.1-testing-src.tar.bz2 + disable-building-pv-shim.patch +- Drop the following patches contained in the new tarball + 5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch + 5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch + 5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch + 5a313972-x86-microcode-add-support-for-AMD-Fam17.patch + 5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch + 5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch + 5a4caa8c-x86-E820-don-t-overrun-array.patch + 5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch + 5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch + 5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch + 5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch + 5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch + 5a4fd893-4-x86-introduce-cpuid_policy_updated.patch + 5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch + 5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch + 5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch + 5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch + 5a4fd894-4-clarifications-to-wait-infrastructure.patch + 5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch + 5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch + 5a5e2cff-x86-Meltdown-band-aid.patch + 5a5e2d73-x86-Meltdown-band-aid-conditional.patch + 5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch + 5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch + 5a5e3a4e-3-x86-report-speculative-mitigation-details.patch + 5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch + 5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch + 5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch + 5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch + 5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch + 5a5e459c-2-x86-report-domain-id-on-CPUID.patch + 5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch + 5a69c0b9-x86-fix-GET_STACK_END.patch + 5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch + 5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch + 5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch + 5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch + 5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch + 5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch + 5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch + 5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch + 5a6b36cd-9-x86-issue-speculation-barrier.patch + 5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch + 5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch + 5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch + 5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch + 5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch + 5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch + 5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch + 5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch + 5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch + 5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch + 5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch + 5a955800-gnttab-dont-free-status-pages-on-ver-change.patch + 5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch + 5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch + 5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch + 5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch + 5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch + 5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch + 5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch + xsa258.patch + xsa259.patch + +------------------------------------------------------------------- +Wed Apr 25 09:45:03 MDT 2018 - carnold@suse.com + +- bsc#1090820 - VUL-0: CVE-2018-8897: xen: x86: mishandling of + debug exceptions (XSA-260) + xsa260-1.patch + xsa260-2.patch + xsa260-3.patch + xsa260-4.patch +- bsc#1090822 - VUL-0: CVE-2018-10982: xen: x86 vHPET interrupt + injection errors (XSA-261) + xsa261.patch +- bsc#1090823 - VUL-0: CVE-2018-10981: xen: qemu may drive Xen into + unbounded loop (XSA-262) + xsa262.patch + +------------------------------------------------------------------- +Mon Apr 16 14:03:24 MDT 2018 - carnold@suse.com + +- bsc#1089152 - VUL-0: CVE-2018-10472: xen: Information leak via + crafted user-supplied CDROM (XSA-258) + xsa258.patch +- bsc#1089635 - VUL-0: CVE-2018-10471: xen: x86: PV guest may crash + Xen with XPTI (XSA-259) + xsa259.patch + +------------------------------------------------------------------- +Wed Mar 28 08:28:59 UTC 2018 - ohering@suse.de + +- Preserve xen-syms from xen-dbg.gz to allow processing vmcores + with crash(1) (bsc#1087251) + +------------------------------------------------------------------- +Mon Mar 26 08:20:45 MDT 2018 - carnold@suse.com + +- Upstream patches from Jan (bsc#1027519) and fixes related to + Page Table Isolation (XPTI). See also bsc#1074562 XSA-254 + 5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch + 5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch + 5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch + 5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch + 5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch + 5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch + +------------------------------------------------------------------- +Thu Mar 1 09:36:03 MST 2018 - carnold@suse.com + +- bsc#1072834 - Xen HVM: unchecked MSR access error: RDMSR from + 0xc90 at rIP: 0xffffffff93061456 (native_read_msr+0x6/0x30) + 5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch +- Upstream patches from Jan (bsc#1027519) + 5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch + 5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch + 5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch + 5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch + 5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch + 5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch + 5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch + 5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch (Replaces xsa252.patch) + 5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch (Replaces xsa255-1.patch) + 5a955800-gnttab-dont-free-status-pages-on-ver-change.patch (Replaces xsa255-2.patch) + 5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch (Replaces xsa256.patch) +- Drop + xsa252.patch + xsa255-1.patch + xsa255-2.patch + xsa256.patch + +------------------------------------------------------------------- +Mon Feb 12 13:26:38 MST 2018 - carnold@suse.com + +- bsc#1080635 - VUL-0: CVE-2018-7540: xen: DoS via non-preemptable + L3/L4 pagetable freeing (XSA-252) + xsa252.patch +- bsc#1080662 - VUL-0: CVE-2018-7541: xen: grant table v2 -> v1 + transition may crash Xen (XSA-255) + xsa255-1.patch + xsa255-2.patch +- bsc#1080634 - VUL-0: CVE-2018-7542: xen: x86 PVH guest without + LAPIC may DoS the host (XSA-256) + xsa256.patch + +------------------------------------------------------------------- +Fri Feb 9 12:59:12 UTC 2018 - ohering@suse.de + +- Remove stale systemd presets code for 13.2 and older + +------------------------------------------------------------------- +Fri Feb 9 12:31:33 UTC 2018 - ohering@suse.de + +- fate#324965 - add script, udev rule and systemd service to watch + for vcpu online/offline events in a HVM domU + They are triggered via xl vcpu-set domU N + +------------------------------------------------------------------- +Fri Feb 9 10:23:15 UTC 2018 - ohering@suse.de + +- Replace hardcoded xen with Name tag when refering to subpkgs + +------------------------------------------------------------------- +Fri Feb 9 10:19:49 UTC 2018 - ohering@suse.de + +- Make sure tools and tools-domU require libs from the very same build + +------------------------------------------------------------------- +Wed Feb 7 22:47:44 UTC 2018 - jfehlig@suse.com + +- tools-domU: Add support for qemu guest agent. New files + 80-xen-channel-setup.rules and xen-channel-setup.sh configure a + xen-pv-channel for use by the guest agent + FATE#324963 + +------------------------------------------------------------------- +Wed Feb 7 15:01:10 UTC 2018 - ohering@suse.de + +- Remove outdated /etc/xen/README* + +------------------------------------------------------------------- +Mon Jan 29 10:11:05 MST 2018 - carnold@suse.com + +- bsc#1073961 - VUL-0: CVE-2018-5244: xen: x86: memory leak with + MSR emulation (XSA-253) + 5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch +- bsc#1074562 - VUL-0: CVE-2017-5753,CVE-2017-5715,CVE-2017-5754 + xen: Information leak via side effects of speculative execution + (XSA-254). Includes Spectre v2 mitigation. + 5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch + 5a4caa8c-x86-E820-don-t-overrun-array.patch + 5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch + 5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch + 5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch + 5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch + 5a4fd893-4-x86-introduce-cpuid_policy_updated.patch + 5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch + 5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch + 5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch + 5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch + 5a4fd894-4-clarifications-to-wait-infrastructure.patch + 5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch + 5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch + 5a5e2cff-x86-Meltdown-band-aid.patch + 5a5e2d73-x86-Meltdown-band-aid-conditional.patch + 5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch + 5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch + 5a5e3a4e-3-x86-report-speculative-mitigation-details.patch + 5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch + 5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch + 5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch + 5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch + 5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch + 5a5e459c-2-x86-report-domain-id-on-CPUID.patch + 5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch + 5a69c0b9-x86-fix-GET_STACK_END.patch + 5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch + 5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch + 5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch + 5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch + 5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch + 5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch + 5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch + 5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch + 5a6b36cd-9-x86-issue-speculation-barrier.patch + 5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch + 5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch + +------------------------------------------------------------------- +Fri Jan 26 14:40:14 MST 2018 - carnold@suse.com + +- Fix python3 deprecated atoi call (bsc#1067224) + pygrub-python3-conversion.patch +- Drop xenmon-python3-conversion.patch + +------------------------------------------------------------------- +Wed Jan 10 11:12:07 UTC 2018 - ohering@suse.de + +- bsc#1067317 - pass cache=writeback|unsafe|directsync to qemu, + depending on the libxl disk settings + libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch + +------------------------------------------------------------------- +Mon Jan 8 08:15:11 UTC 2018 - ohering@suse.de + +- Remove libxl.LIBXL_DESTROY_TIMEOUT.debug.patch + +------------------------------------------------------------------- +Fri Jan 5 13:45:40 MST 2018 - carnold@suse.com + +- bsc#1067224 - xen-tools have hard dependency on Python 2 + build-python3-conversion.patch + bin-python3-conversion.patch + +------------------------------------------------------------------- +Wed Dec 20 09:57:09 MST 2017 - carnold@suse.com + +- bsc#1070165 - xen crashes after aborted localhost migration + 5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch +- bsc#1035442 - L3: libxl: error: libxl.c:1676:devices_destroy_cb: + libxl__devices_destroy failed + 5a33a12f-domctl-improve-locking-during-domain-destruction.patch +- Upstream patches from Jan (bsc#1027519) + 5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch + 5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch + 5a313972-x86-microcode-add-support-for-AMD-Fam17.patch + 5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch + +------------------------------------------------------------------- +Wed Dec 13 08:43:00 MST 2017 - carnold@suse.com + +- Update to Xen 4.10.0 FCS (fate#321394, fate#322686) + xen-4.10.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Mon Dec 11 12:07:30 UTC 2017 - ohering@suse.de + +- Rebuild initrd if xen-tools-domU is updated + +------------------------------------------------------------------- +Tue Dec 5 08:38:58 MST 2017 - carnold@suse.com + +- Update to Xen 4.10.0-rc8 (fate#321394, fate#322686) + xen-4.10.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Tue Nov 28 10:14:56 UTC 2017 - ohering@suse.de + +- Increase the value of LIBXL_DESTROY_TIMEOUT from 10 to 100 seconds + If many domUs shutdown in parallel the backends can not keep up + Add some debug output to track how long backend shutdown takes (bsc#1035442) + libxl.LIBXL_DESTROY_TIMEOUT.patch + libxl.LIBXL_DESTROY_TIMEOUT.debug.patch + +------------------------------------------------------------------- +Tue Nov 28 10:06:03 UTC 2017 - ohering@suse.de + +- Adjust xenstore-run-in-studomain.patch to change the defaults + in the code instead of changing the sysconfig template, to also + cover the upgrade case + +------------------------------------------------------------------- +Fri Nov 24 17:28:59 UTC 2017 - carnold@suse.com + +- Update to Xen 4.10.0-rc6 (fate#321394, fate#322686) + xen-4.10.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Fri Nov 24 13:25:07 UTC 2017 - ohering@suse.de + +- Since xen switched to Kconfig, building a debug hypervisor + was done by default. Adjust make logic to build a non-debug + hypervisor by default, and continue to provide one as xen-dbg.gz + +------------------------------------------------------------------- +Fri Nov 24 11:26:45 UTC 2017 - ohering@suse.de + +- fate#316614: set migration constraints from cmdline + fix libxl.set-migration-constraints-from-cmdline.patch for xen-4.10 + +------------------------------------------------------------------- +Thu Nov 23 15:06:44 UTC 2017 - ohering@suse.de + +- Document the suse-diskcache-disable-flush option in + xl-disk-configuration(5) (bsc#879425,bsc#1067317) + +------------------------------------------------------------------- +Thu Nov 23 13:47:42 UTC 2017 - rbrown@suse.com + +- Replace references to /var/adm/fillup-templates with new + %_fillupdir macro (boo#1069468) + +------------------------------------------------------------------- +Thu Nov 16 08:48:07 MST 2017 - carnold@suse.com + +- Update to Xen 4.10.0-rc5 (fate#321394, fate#322686) + xen-4.10.0-testing-src.tar.bz2 +- fate#323663 - Run Xenstore in stubdomain + xenstore-run-in-studomain.patch + +------------------------------------------------------------------- +Thu Nov 9 15:11:57 MST 2017 - carnold@suse.com + +- bsc#1067224 - xen-tools have hard dependency on Python 2 + pygrub-python3-conversion.patch + xenmon-python3-conversion.patch + migration-python3-conversion.patch + xnloader.py + xen2libvirt.py + +------------------------------------------------------------------- +Wed Nov 8 10:47:24 UTC 2017 - ohering@suse.de + +- Remove xendriverdomain.service (bsc#1065185) + Driver domains must be configured manually with custom .service file + +------------------------------------------------------------------- +Thu Nov 2 14:14:02 MDT 2017 - carnold@suse.com + +- Update to Xen 4.10.0-rc3 (fate#321394, fate#322686) + xen-4.10.0-testing-src.tar.bz2 +- Drop 59f31268-libxc-remove-stale-error-check-for-domain-size.patch + +------------------------------------------------------------------- +Thu Nov 2 11:36:27 UTC 2017 - ohering@suse.de + +- Adjust xen-dom0-modules.service to ignore errors (bsc#1065187) + +------------------------------------------------------------------- +Fri Oct 27 07:48:55 MDT 2017 - carnold@suse.com + +- fate#324052 Support migration of Xen HVM domains larger than 1TB + 59f31268-libxc-remove-stale-error-check-for-domain-size.patch + +------------------------------------------------------------------- +Wed Oct 25 16:26:33 MDT 2017 - carnold@suse.com + +- Update to Xen 4.10.0-rc2 (fate#321394, fate#322686) + xen-4.10.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Mon Oct 16 09:34:23 MDT 2017 - carnold@suse.com + +- Update to Xen 4.10.0-rc1 (fate#321394, fate#322686) + xen-4.10.0-testing-src.tar.bz2 +- Drop patches included in new tarball + 592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch + 596f257e-x86-fix-hvmemul_insn_fetch.patch + 5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch + 598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch + 598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch + 5992f1e5-x86-grant-disallow-misaligned-PTEs.patch + 5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch + 5992f233-gnttab-correct-pin-status-fixup-for-copy.patch + 59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch + 59958ebf-gnttab-fix-transitive-grant-handling.patch + 59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch + 599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch + 59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch + 59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch + 59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch + 59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch + 59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch + 59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch + 59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch + 59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch + 59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch + 59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch + 59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch + 59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch + gcc7-arm.patch + gcc7-mini-os.patch + +------------------------------------------------------------------- +Tue Oct 3 09:03:57 MDT 2017 - carnold@suse.com + +- bsc#1061084 - VUL-0: xen: page type reference leak on x86 + (XSA-242) + xsa242.patch +- bsc#1061086 - VUL-0: xen: x86: Incorrect handling of self-linear + shadow mappings with translated guests (XSA-243) + xsa243.patch +- bsc#1061087 - VUL-0: xen: x86: Incorrect handling of IST settings + during CPU hotplug (XSA-244) + xsa244.patch + +------------------------------------------------------------------- +Mon Oct 2 13:26:08 MDT 2017 - carnold@suse.com + +- bsc#1061077 - VUL-0: xen: DMOP map/unmap missing argument checks + (XSA-238) + xsa238.patch +- bsc#1061080 - VUL-0: xen: hypervisor stack leak in x86 I/O + intercept code (XSA-239) + xsa239.patch +- bsc#1061081 - VUL-0: xen: Unlimited recursion in linear pagetable + de-typing (XSA-240) + xsa240-1.patch + xsa240-2.patch +- bsc#1061082 - VUL-0: xen: Stale TLB entry due to page type + release race (XSA-241) + xsa241.patch + +------------------------------------------------------------------- +Fri Sep 29 10:57:35 MDT 2017 - carnold@suse.com + +- bsc#1061075 - VUL-0: xen: pin count / page reference race in + grant table code (XSA-236) + xsa236.patch +- bsc#1061076 - VUL-0: xen: multiple MSI mapping issues on x86 + (XSA-237) + xsa237-1.patch + xsa237-2.patch + xsa237-3.patch + xsa237-4.patch + xsa237-5.patch + +------------------------------------------------------------------- +Tue Sep 26 08:44:03 MDT 2017 - carnold@suse.com + +- bsc#1056278 - VUL-0: xen: Missing NUMA node parameter + verification (XSA-231) + 59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch +- bsc#1056280 - VUL-0: xen: Missing check for grant table (XSA-232) + 59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch +- bsc#1056281 - VUL-0: xen: cxenstored: Race in domain cleanup + (XSA-233) + 59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch +- bsc#1056282 - VUL-0: xen: insufficient grant unmapping checks for + x86 PV guests (XSA-234) + 59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch +- bsc#1055321 - VUL-0: xen: add-to-physmap error paths fail to + release lock on ARM (XSA-235) + 599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch +- Upstream patches from Jan (bsc#1027519) + 59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch + 59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch + 59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch + 59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch + 59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch + 59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch + 59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch + 59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch +- Dropped gcc7-xen.patch + +------------------------------------------------------------------- +Thu Sep 7 04:58:12 MDT 2017 - carnold@suse.com + +- bsc#1057358 - Cannot Boot into SLES12.3 with Xen hypervisor when + Secure Boot is Enabled + xen.spec + +------------------------------------------------------------------- +Tue Sep 5 12:00:59 UTC 2017 - ohering@suse.de + +- bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored + update from v6 to v9 to cover more cases for ballooned domUs + libxc.sr.superpage.patch + +------------------------------------------------------------------- +Mon Aug 28 14:51:54 UTC 2017 - ohering@suse.de + +- bsc#1026236 - remove suse_vtsc_tolerance= cmdline option for Xen + drop the patch because it is not upstream acceptable + remove xen.suse_vtsc_tolerance.patch + +------------------------------------------------------------------- +Sat Aug 26 10:52:46 UTC 2017 - ohering@suse.de + +- bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored + after the save using xl stack + libxc.sr.superpage.patch + +------------------------------------------------------------------- +Tue Aug 22 13:25:33 UTC 2017 - ohering@suse.de + +- Unignore gcc-PIE + the toolstack disables PIE for firmware builds as needed + +------------------------------------------------------------------- +Mon Aug 21 10:42:46 MDT 2017 - carnold@suse.com + +- Upstream patches from Jan (bsc#1027519) + 592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch + 596f257e-x86-fix-hvmemul_insn_fetch.patch + 5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch + 598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch + 598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch + 5992f1e5-x86-grant-disallow-misaligned-PTEs.patch (Replaces xsa227.patch) + 5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch (Replaces xsa228.patch) + 5992f233-gnttab-correct-pin-status-fixup-for-copy.patch (Replaces xsa230.patch) + 59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch (Replaces xsa226-1.patch) + 59958ebf-gnttab-fix-transitive-grant-handling.patch (Replaces xsa226-2.patch) + 59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch + +------------------------------------------------------------------- +Wed Aug 16 15:03:46 MDT 2017 - carnold@suse.com + +- bsc#1044974 - xen-tools require python-pam + xen.spec + +------------------------------------------------------------------- +Fri Aug 11 16:37:44 MDT 2017 - carnold@suse.com + +- Clean up spec file errors and a few warnings. (bsc#1027519) +- Removed conditional 'with_systemd' and some old deprecated + 'sles_version' checks. + xen.spec + +------------------------------------------------------------------- +Thu Aug 10 19:45:31 UTC 2017 - jfehlig@suse.com + +- Remove use of brctl utiltiy from supportconfig plugin + FATE#323639 + +------------------------------------------------------------------- +Thu Aug 10 07:50:47 UTC 2017 - ohering@suse.de + +- Use upstream variant of mini-os __udivmoddi4 change + gcc7-mini-os.patch + +------------------------------------------------------------------- +Wed Aug 9 13:14:56 MDT 2017 - carnold@suse.com + +- fate#323639 Move bridge-utils to legacy + replace-obsolete-network-configuration-commands-in-s.patch + +------------------------------------------------------------------- +Tue Aug 8 08:20:41 MDT 2017 - carnold@suse.com + +- bsc#1052686 - VUL-0: xen: grant_table: possibly premature + clearing of GTF_writing / GTF_reading (XSA-230) + xsa230.patch + +------------------------------------------------------------------- +Mon Aug 7 12:53:44 UTC 2017 - ohering@suse.de + +- bsc#1035231 - migration of HVM domU does not use superpages + on destination dom0 + libxc.sr.superpage.patch + +------------------------------------------------------------------- +Thu Aug 3 11:51:11 MDT 2017 - carnold@suse.com + +- bsc#1051787 - VUL-0: CVE-2017-12135: xen: possibly unbounded + recursion in grant table code (XSA-226) + xsa226-1.patch + xsa226-2.patch +- bsc#1051788 - VUL-0: CVE-2017-12137: xen: x86: PV privilege + escalation via map_grant_ref (XSA-227) + xsa227.patch +- bsc#1051789 - VUL-0: CVE-2017-12136: xen: grant_table: Race + conditions with maptrack free list handling (XSA-228) + xsa228.patch + +------------------------------------------------------------------- +Tue Aug 1 20:02:58 UTC 2017 - jfehlig@suse.com + +- Add a supportconfig plugin + xen-supportconfig + FATE#323661 + +------------------------------------------------------------------- +Tue Jul 25 14:48:02 UTC 2017 - ohering@suse.de + +- bsc#1026236 - add suse_vtsc_tolerance= cmdline option for Xen + To avoid emulation of TSC access from a domU after live migration + add a global tolerance for the measured host kHz + xen.suse_vtsc_tolerance.patch + +------------------------------------------------------------------- +Thu Jul 20 10:46:43 MDT 2017 - carnold@suse.com + +- fate#323662 Drop qemu-dm from xen-tools package + The following tarball and patches have been removed + qemu-xen-traditional-dir-remote.tar.bz2 + VNC-Support-for-ExtendedKeyEvent-client-message.patch + 0001-net-move-the-tap-buffer-into-TAPState.patch + 0002-net-increase-tap-buffer-size.patch + 0003-e1000-fix-access-4-bytes-beyond-buffer-end.patch + 0004-e1000-secrc-support.patch + 0005-e1000-multi-buffer-packet-support.patch + 0006-e1000-clear-EOP-for-multi-buffer-descriptors.patch + 0007-e1000-verify-we-have-buffers-upfront.patch + 0008-e1000-check-buffer-availability.patch + CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch + CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch + CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch + CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch + CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch + CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch + CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch + CVE-2015-4037-qemut-smb-config-dir-name.patch + CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch + CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch + CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch + CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch + CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch + CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch + CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch + CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch + CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch + CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch + CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch + CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch + CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch + CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch + CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch + CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch + CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch + CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch + CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch + CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch + CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch + CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch + CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch + CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch + blktap.patch + cdrom-removable.patch + xen-qemu-iscsi-fix.patch + qemu-security-etch1.patch + xen-disable-qemu-monitor.patch + xen-hvm-default-bridge.patch + qemu-ifup-set-mtu.patch + ioemu-vnc-resize.patch + capslock_enable.patch + altgr_2.patch + log-guest-console.patch + bdrv_open2_fix_flags.patch + bdrv_open2_flags_2.patch + ioemu-7615-qcow2-fix-alloc_cluster_link_l2.patch + qemu-dm-segfault.patch + bdrv_default_rwflag.patch + kernel-boot-hvm.patch + ioemu-watchdog-support.patch + ioemu-watchdog-linkage.patch + ioemu-watchdog-ib700-timer.patch + ioemu-hvm-pv-support.patch + pvdrv_emulation_control.patch + ioemu-disable-scsi.patch + ioemu-disable-emulated-ide-if-pv.patch + xenpaging.qemu.flush-cache.patch + ioemu-devicemodel-include.patch +- Cleanup spec file and remove unused KMP patches + kmp_filelist + supported_module.patch + xen_pvonhvm.xen_emul_unplug.patch + +------------------------------------------------------------------- +Mon Jul 17 15:19:50 MDT 2017 - carnold@suse.com + +- bsc#1002573 - Optimize LVM functions in block-dmmd + block-dmmd + +------------------------------------------------------------------- +Fri Jul 14 18:05:12 UTC 2017 - ohering@suse.de + +- Record initial Xen dmesg in /var/log/xen/xen-boot.log for + supportconfig. Keep previous log in /var/log/xen/xen-boot.prev.log + +------------------------------------------------------------------- +Fri Jul 14 10:41:34 UTC 2017 - ohering@suse.de + +- Remove storytelling from description in xen.rpm + +------------------------------------------------------------------- +Wed Jun 28 01:40:43 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0 FCS (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Wed Jun 21 14:03:40 MDT 2017 - carnold@suse.com + +- Update block-dmmd script (bsc#1002573) + block-dmmd + +------------------------------------------------------------------- +Tue Jun 20 15:18:25 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc8+ (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + gcc7-arm.patch +- Drop gcc7-error-xenpmd.patch + +------------------------------------------------------------------- +Mon Jun 5 10:49:34 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc8 (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Thu Jun 1 13:24:26 MDT 2017 - carnold@suse.com + +- bsc#1042160 - VUL-1: CVE-2017-9330: xen: usb: ohci: infinite loop + due to incorrect return value + CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch + +------------------------------------------------------------------- +Tue May 30 11:24:41 MDT 2017 - carnold@suse.com + +- bsc#1037243 - VUL-1: CVE-2017-8309: xen: audio: host memory + leakage via capture buffer + CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch + +------------------------------------------------------------------- +Fri May 26 12:58:06 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc7 (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Mon May 22 14:43:01 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc6 (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Thu May 18 16:22:53 MDT 2017 - carnold@suse.com + +- bsc#1031343 - xen fails to build with GCC 7 + gcc7-mini-os.patch + gcc7-xen.patch + +------------------------------------------------------------------- +Wed May 17 08:28:37 MDT 2017 - carnold@suse.com + +- bsc#1031343 - xen fails to build with GCC 7 + gcc7-error-xenpmd.patch + +------------------------------------------------------------------- +Tue May 16 09:04:19 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc5 (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 +- Drop xen-tools-pkgconfig-xenlight.patch + +------------------------------------------------------------------- +Wed May 10 15:26:38 MDT 2017 - carnold@suse.com + +- bsc#1037779 - xen breaks kexec-tools build + xen-tools-pkgconfig-xenlight.patch + +------------------------------------------------------------------- +Tue May 9 08:40:58 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc4 (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Tue May 2 09:18:24 MDT 2017 - carnold@suse.com + +- bsc#1036146 - sles12sp2 xen VM dumps core to wrong path + xen.spec + +------------------------------------------------------------------- +Fri Apr 28 09:03:56 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc3 (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + aarch64-maybe-uninitialized.patch + +------------------------------------------------------------------- +Fri Apr 21 16:26:31 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc2 (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Wed Apr 19 07:54:58 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc1 (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + ioemu-devicemodel-include.patch +- Dropped patches contained in new tarball + xen-4.8.0-testing-src.tar.bz2 + 0001-xenstore-let-write_node-and-some-callers-return-errn.patch + 0002-xenstore-undo-function-rename.patch + 0003-xenstore-rework-of-transaction-handling.patch + 584806ce-x86emul-correct-PUSHF-POPF.patch + 584fc649-fix-determining-when-domain-creation-is-complete.patch + 58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch + 58510cac-x86emul-MOVNTI-no-REP-prefixes.patch + 58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch + 5853ed37-VT-d-correct-dma_msi_set_affinity.patch + 5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch + 58580060-x86-emul-correct-SYSCALL-eflags-handling.patch + 585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch + 585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch + 585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch + 586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch + 587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch + 587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch + 5882129d-x86emul-LOCK-check-adjustments.patch + 58821300-x86-segment-attribute-handling.patch + 58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch + 58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch + 5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch + 5887888f-credit2-never-consider-CPUs-outside-of-pool.patch + 5887888f-credit2-use-the-correct-scratch-cpumask.patch + 5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch + 5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch + 589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch + 58a44771-IOMMU-always-call-teardown-callback.patch + 58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch + 58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch + 58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch + 58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch + 58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch + 58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch + 58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch + 58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch + 58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch + 58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch + 58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch + 58d25ea2-xenstore-add-missing-checks-for-allocation-failure.patch + 58d91365-sched-dont-call-wrong-hook-via-VCPU2OP.patch + CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch + CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch + glibc-2.25-compatibility-fix.patch + xs-09-add_change_node-params.patch + xs-10-call-add_change_node.patch + xs-11-tdb-record-header.patch + xs-12-node-gen-count.patch + xs-13-read-directory-part-support.patch + xs-14-command-array.patch + xs-15-command-return-val.patch + xs-16-function-static.patch + xs-17-arg-parsing.patch + xs-18-default-buffer.patch + xs-19-handle-alloc-failures.patch + xs-20-tdb-version.patch + xs-21-empty-tdb-database.patch + xs-22-reopen_log-fix.patch + xs-23-XS_DEBUG-rename.patch + xs-24-xenstored_control.patch + xs-25-control-enhance.patch + xs-26-log-control.patch + xs-27-memory-report.patch + xs-28-remove-talloc-report.patch + xs-29-define-off_t.patch + xsa206-0001-xenstored-apply-a-write-transaction-rate-limit.patch + xsa206-0002-xenstored-Log-when-the-write-transaction-rate-limit.patch + +------------------------------------------------------------------- +Wed Apr 5 11:41:52 MDT 2017 - carnold@suse.com + +- bsc#1022703 - Xen HVM guest with OVMF hangs with unattached CDRom + 58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch + +------------------------------------------------------------------- +Wed Mar 29 16:18:26 UTC 2017 - jfehlig@suse.com + +- bsc#1015348 - L3: libvirtd does not start during boot + suse-xendomains-service.patch + +------------------------------------------------------------------- +Wed Mar 22 08:54:15 MDT 2017 - carnold@suse.com + +- bsc#1014136 - Partner-L3: kdump can't dump a kernel on SLES12-SP2 + with Xen hypervisor. + 58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch +- bsc#1026236 - L3: Paravirtualized vs. fully virtualized migration + - latter one much faster + 58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch +- Upstream patch from Jan + 58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch + 58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch + 58d91365-sched-dont-call-wrong-hook-via-VCPU2OP.patch + +------------------------------------------------------------------- +Mon Mar 20 09:46:02 MDT 2017 - carnold@suse.com + +- bsc#1022555 - L3: Timeout in "execution of /etc/xen/scripts/block + add" + 58d25ea2-xenstore-add-missing-checks-for-allocation-failure.patch + 0001-xenstore-let-write_node-and-some-callers-return-errn.patch + 0002-xenstore-undo-function-rename.patch + 0003-xenstore-rework-of-transaction-handling.patch +- bsc#1030144 - VUL-0: xen: xenstore denial of service via repeated + update (XSA-206) + xsa206-0001-xenstored-apply-a-write-transaction-rate-limit.patch + xsa206-0002-xenstored-Log-when-the-write-transaction-rate-limit.patch +- bsc#1029827 - Forward port xenstored + xs-09-add_change_node-params.patch + xs-10-call-add_change_node.patch + xs-11-tdb-record-header.patch + xs-12-node-gen-count.patch + xs-13-read-directory-part-support.patch + xs-14-command-array.patch + xs-15-command-return-val.patch + xs-16-function-static.patch + xs-17-arg-parsing.patch + xs-18-default-buffer.patch + xs-19-handle-alloc-failures.patch + xs-20-tdb-version.patch + xs-21-empty-tdb-database.patch + xs-22-reopen_log-fix.patch + xs-23-XS_DEBUG-rename.patch + xs-24-xenstored_control.patch + xs-25-control-enhance.patch + xs-26-log-control.patch + xs-27-memory-report.patch + xs-28-remove-talloc-report.patch + xs-29-define-off_t.patch + +------------------------------------------------------------------- +Tue Mar 14 06:59:46 UTC 2017 - ohering@suse.de + +- bsc#1029128 - fix make xen to really produce xen.efi with gcc48 + +------------------------------------------------------------------- +Wed Mar 8 07:51:35 MST 2017 - carnold@suse.com + +- bsc#1028235 - VUL-0: CVE-2017-6505: xen: qemu: usb: an infinite + loop issue in ohci_service_ed_list + CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch +- Upstream patches from Jan (bsc#1027519) + 5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch + 5887888f-credit2-use-the-correct-scratch-cpumask.patch + 5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch + 589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch + 58a44771-IOMMU-always-call-teardown-callback.patch + 58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch + 58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch + 58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch + 58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch + 58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch + 58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch + +------------------------------------------------------------------- +Thu Mar 2 15:21:25 MST 2017 - carnold@suse.com + +- bsc#1027654 - XEN fails to build against glibc 2.25 + glibc-2.25-compatibility-fix.patch + libxl.pvscsi.patch + +------------------------------------------------------------------- +Thu Feb 16 11:42:23 UTC 2017 - ohering@suse.de + +- fate#316613: Refresh and enable libxl.pvscsi.patch + +------------------------------------------------------------------- +Fri Feb 10 11:22:01 MST 2017 - carnold@suse.com + +- bsc#1024834 - VUL-0: CVE-2017-2620: xen: cirrus_bitblt_cputovideo + does not check if memory region is safe (XSA-209) + CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch + +------------------------------------------------------------------- +Wed Feb 8 10:19:24 MST 2017 - carnold@suse.com + +- bsc#1023948 - [pvusb][sles12sp3][openqa] Segmentation fault + happened when adding usbctrl devices via xl + 589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch + +------------------------------------------------------------------- +Thu Feb 2 09:57:01 MST 2017 - carnold@suse.com + +- Upstream patches from Jan (bsc#1027519) + 587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch + 587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch + 5882129d-x86emul-LOCK-check-adjustments.patch + 58821300-x86-segment-attribute-handling.patch + 58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch + 58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch + 5887888f-credit2-use-the-correct-scratch-cpumask.patch + 5887888f-credit2-never-consider-CPUs-outside-of-pool.patch + 5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch + 5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch + +------------------------------------------------------------------- +Wed Feb 1 09:36:25 MST 2017 - carnold@suse.com + +- bsc#1023004 - VUL-0: CVE-2017-2615: qemu: display: cirrus: oob + access while doing bitblt copy backward mode + CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch + +------------------------------------------------------------------- +Thu Jan 26 10:30:19 MST 2017 - carnold@suse.com + +- fate#322313 and fate#322150 require the acpica package ported to + aarch64 which Xen 4.8 needs to build. Temporarily disable aarch64 + until these fates are complete. + xen.spec + +------------------------------------------------------------------- +Wed Jan 25 15:39:26 MST 2017 - carnold@suse.com + +- bsc#1021952 - Virutalization/xen: Bug xen-tools missing + /usr/bin/domu-xenstore; guests fail to launch + tmp_build.patch + xen.spec + +------------------------------------------------------------------- +Wed Jan 18 10:50:52 UTC 2017 - ohering@suse.de + +- No systemd presets for 42.3+ and SLE12SP3+ (bsc#1012842) + +------------------------------------------------------------------- +Thu Jan 12 11:34:06 MST 2017 - carnold@suse.com + +- bsc#1007224 - broken symlinks in /usr/share/doc/packages/xen/misc/ + xen.spec + +------------------------------------------------------------------- +Mon Jan 9 10:54:19 MST 2017 - carnold@suse.com + +- 585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch + Replaces xsa202.patch (bsc#1014298) +- 585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch + Replaces xsa203.patch (bsc#1014300) +- 58580060-x86-emul-correct-SYSCALL-eflags-handling.patch + Replaces xsa204.patch (bsc#1016340) +- Upstream patches from Jan + 58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch + 5853ed37-VT-d-correct-dma_msi_set_affinity.patch + 5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch + 585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch + 586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch + +------------------------------------------------------------------- +Wed Jan 4 14:59:04 MST 2017 - carnold@suse.com + +- bsc#1015169 - VUL-0: CVE-2016-9921, CVE-2016-9922: xen: qemu: + display: cirrus_vga: a divide by zero in cirrus_do_copy + CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch + +------------------------------------------------------------------- +Mon Dec 19 10:32:51 MST 2016 - carnold@suse.com + +- bsc#1016340 - VUL-0: CVE-2016-10013: xen: x86: Mishandling of + SYSCALL singlestep during emulation (XSA-204) + xsa204.patch + +------------------------------------------------------------------- +Thu Dec 15 09:08:18 MST 2016 - carnold@suse.com + +- bsc#1012651 - VUL-0: CVE-2016-9932: xen: x86 CMPXCHG8B emulation + fails to ignore operand size override (XSA-200) + 58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch + +------------------------------------------------------------------- +Wed Dec 14 08:24:41 MST 2016 - carnold@suse.com + +- bsc#1014298 - VUL-0: CVE-2016-10024: xen: x86 PV guests may be + able to mask interrupts (XSA-202) + xsa202.patch +- bsc#1014300 - VUL-0: CVE-2016-10025: xen: x86: missing NULL + pointer check in VMFUNC emulation (XSA-203) + xsa203.patch +- Upstream patches from Jan + 584806ce-x86emul-correct-PUSHF-POPF.patch + 584fc649-fix-determining-when-domain-creation-is-complete.patch + 58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch + 58510cac-x86emul-MOVNTI-no-REP-prefixes.patch + +------------------------------------------------------------------- +Mon Dec 5 15:32:00 MST 2016 - carnold@suse.com + +- Update to Xen 4.8 FCS + xen-4.8.0-testing-src.tar.bz2 +- Dropped + xen-4.7.1-testing-src.tar.bz2 + 0001-libxc-Rework-extra-module-initialisation.patch + 0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch + 0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch + 0004-firmware-makefile-install-BIOS-blob.patch + 0005-libxl-Load-guest-BIOS-from-file.patch + 0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch + 0007-hvmloader-Grab-the-hvm_start_info-pointer.patch + 0008-hvmloader-Locate-the-BIOS-blob.patch + 0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch + 0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch + 0011-hvmloader-Load-OVMF-from-modules.patch + 0012-hvmloader-Specific-bios_load-function-required.patch + 0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch + 0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch + 57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch + 576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch + 5769106e-x86-generate-assembler-equates-for-synthesized.patch + 57a1e603-x86-time-adjust-local-system-time-initialization.patch + 57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch + 57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch + 57a30261-x86-support-newer-Intel-CPU-models.patch + 5810a9cc-x86-emul-Correct-decoding-of-SReg3-operands.patch + 581b2c3b-x86-emul-reject-LGDT-LIDT-with-non-canonical-addresses.patch + 581b647a-x86emul-L-S-G-I-DT-ignore-opsz-overrides-in-64-bit-mode.patch + 58249392-x86-svm-dont-clobber-eax-edx-if-RDMSR-intercept-fails.patch + 582c35d6-x86-vmx-correct-long-mode-check-in-vmx_cpuid_intercept.patch + 582c35ee-x86-traps-dont-call-hvm_hypervisor_cpuid_leaf-for-PV.patch + 58343dc2-x86-hvm-Fix-the-handling-of-non-present-segments.patch + 58343df8-x86-HVM-dont-load-LDTR-with-VM86-mode-attrs-during-task-switch.patch + 58343e24-x86-PV-writes-of-fs-and-gs-base-MSRs-require-canonical-addresses.patch + 58343e9e-libelf-fix-stack-memory-leak-when-loading-32-bit-symbol-tables.patch + 58343ec2-x86emul-fix-huge-bit-offset-handling.patch + 58343f29-x86-emul-correct-the-IDT-entry-calculation-in-inject_swint.patch + 58343f44-x86-svm-fix-injection-of-software-interrupts.patch + 58343f79-pygrub-Properly-quote-results-when-returning-them-to-the-caller.patch + CVE-2016-9381-xsa197-qemut.patch + CVE-2016-9637-xsa199-qemut.patch + +------------------------------------------------------------------- +Tue Nov 22 10:49:36 MST 2016 - carnold@suse.com + +- bsc#1011652 - VUL-0: xen: qemu ioport array overflow + CVE-2016-9637-xsa199-qemut.patch + +------------------------------------------------------------------- +Fri Nov 18 11:30:20 MST 2016 - carnold@suse.com + +- bsc#1009100 - VUL-0: CVE-2016-9386: XSA-191: xen: x86 null + segments not always treated as unusable + 58343dc2-x86-hvm-Fix-the-handling-of-non-present-segments.patch +- bsc#1009103 - VUL-0: CVE-2016-9382: XSA-192: xen: x86 task switch + to VM86 mode mis-handled + 58343df8-x86-HVM-dont-load-LDTR-with-VM86-mode-attrs-during-task-switch.patch +- bsc#1009104 - VUL-0: CVE-2016-9385: XSA-193: xen: x86 segment base + write emulation lacking canonical address checks + 58343e24-x86-PV-writes-of-fs-and-gs-base-MSRs-require-canonical-addresses.patch +- bsc#1009105 - VUL-0: CVE-2016-9384: XSA-194: xen: guest 32-bit + ELF symbol table load leaking host data + 58343e9e-libelf-fix-stack-memory-leak-when-loading-32-bit-symbol-tables.patch +- bsc#1009107 - VUL-0: CVE-2016-9383: XSA-195: xen: x86 64-bit bit + test instruction emulation broken + 58343ec2-x86emul-fix-huge-bit-offset-handling.patch +- bsc#1009108 - VUL-0: CVE-2016-9377,CVE-2016-9378: XSA-196: xen: + x86 software interrupt injection mis-handled + 58343f29-x86-emul-correct-the-IDT-entry-calculation-in-inject_swint.patch + 58343f44-x86-svm-fix-injection-of-software-interrupts.patch +- bsc#1009109 - VUL-0: CVE-2016-9381: XSA-197: xen: qemu incautious + about shared ring processing + CVE-2016-9381-xsa197-qemut.patch +- bsc#1009111 - VUL-0: CVE-2016-9379,CVE-2016-9380: XSA-198: xen: + delimiter injection vulnerabilities in pygrub + 58343f79-pygrub-Properly-quote-results-when-returning-them-to-the-caller.patch +- Upstream patches from Jan + 581b2c3b-x86-emul-reject-LGDT-LIDT-with-non-canonical-addresses.patch + 581b647a-x86emul-L-S-G-I-DT-ignore-opsz-overrides-in-64-bit-mode.patch + 58249392-x86-svm-dont-clobber-eax-edx-if-RDMSR-intercept-fails.patch + 582c35d6-x86-vmx-correct-long-mode-check-in-vmx_cpuid_intercept.patch + 582c35ee-x86-traps-dont-call-hvm_hypervisor_cpuid_leaf-for-PV.patch + +------------------------------------------------------------------- +Tue Nov 15 13:12:40 MST 2016 - carnold@suse.com + +- Update to Xen Version 4.7.1 + xen-4.7.1-testing-src.tar.bz2 +- Dropped patches contained in new tarball + xen-4.7.0-testing-src.tar.bz2 + 575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch + 57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch + 57973099-have-schedulers-revise-initial-placement.patch + 579730e6-remove-buggy-initial-placement-algorithm.patch + 57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch + 57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch + 57ac6316-don-t-restrict-DMA-heap-to-node-0.patch + 57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch + 57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch + 57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch + 57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch + 57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch + 57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch + 57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch + 57c82be2-x86-32on64-adjust-call-gate-emulation.patch + 57c93e52-fix-error-in-libxl_device_usbdev_list.patch + 57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch + 57c96e2c-x86-correct-PT_NOTE-file-position.patch + 57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch + 57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch + 57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch + 57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch + 57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch + 57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch + 57d7ca5f-x86-domctl-fix-TOCTOU-race-in-XEN_DOMCTL_getvcpuextstate.patch + 57d7ca64-x86-domctl-fix-migration-of-guests-not-using-xsave.patch + 57da8883-credit1-fix-mask-to-be-used-for-tickling.patch + 57da8883-credit2-properly-schedule-migration-of-running-vcpu.patch + 57dfb1c5-x86-Intel-hide-CPUID-faulting-capability-from-guests.patch + 57e93e1d-x86emul-correct-loading-of-ss.patch + 57e93e4a-x86emul-don-t-allow-null-selector-for-LTR.patch + 57e93e89-x86-AMD-apply-erratum-665-workaround.patch + 57ee6cbc-credit1-return-time-remaining-to-limit-as-next-timeslice.patch + 57f3a8ee-x86emul-honor-guest-CR0-TS-and-CR0-EM.patch + 57fb6a91-x86-defer-not-present-segment-checks.patch + 5800c51d-x86-hvm-Clobber-cs-L-when-LME-becomes-set.patch + 5800caec-x86emul-fix-pushing-of-selector-registers.patch + 5800cb06-x86-Viridian-don-t-depend-on-undefined-register-state.patch + 580e29f9-x86-MISALIGNSSE-feature-depends-on-SSE.patch + 57dfb2ff-x86-Intel-Broadwell-no-PKG_C8-10_RESIDENCY-MSRs.patch + +------------------------------------------------------------------- +Mon Nov 7 15:08:58 MST 2016 - carnold@suse.com + +- bsc#1004981 - Xen RPM doesn't contain debug hypervisor for EFI + systems + xen.spec + +------------------------------------------------------------------- +Thu Nov 3 09:30:24 MDT 2016 - carnold@suse.com + +- bsc#1000106 - VUL-0: CVE-2016-7777: xen: CR0.TS and CR0.EM not + always honored for x86 HVM guests (XSA-190) + 57f3a8ee-x86emul-honor-guest-CR0-TS-and-CR0-EM.patch +- bsc#996191 - [XEN][acpi]residency -n 88 -c will cause xen panic + on broadwell-ep + 57dfb2ff-x86-Intel-Broadwell-no-PKG_C8-10_RESIDENCY-MSRs.patch +- Upstream patches from Jan + 57d7ca5f-x86-domctl-fix-TOCTOU-race-in-XEN_DOMCTL_getvcpuextstate.patch + 57d7ca64-x86-domctl-fix-migration-of-guests-not-using-xsave.patch + 57da8883-credit1-fix-mask-to-be-used-for-tickling.patch + 57da8883-credit2-properly-schedule-migration-of-running-vcpu.patch + 57dfb1c5-x86-Intel-hide-CPUID-faulting-capability-from-guests.patch + 57e93e1d-x86emul-correct-loading-of-ss.patch + 57e93e4a-x86emul-don-t-allow-null-selector-for-LTR.patch + 57e93e89-x86-AMD-apply-erratum-665-workaround.patch + 57ee6cbc-credit1-return-time-remaining-to-limit-as-next-timeslice.patch + 57fb6a91-x86-defer-not-present-segment-checks.patch + 5800c51d-x86-hvm-Clobber-cs-L-when-LME-becomes-set.patch + 5800caec-x86emul-fix-pushing-of-selector-registers.patch + 5800cb06-x86-Viridian-don-t-depend-on-undefined-register-state.patch + 580e29f9-x86-MISALIGNSSE-feature-depends-on-SSE.patch + 5810a9cc-x86-emul-Correct-decoding-of-SReg3-operands.patch + +------------------------------------------------------------------- +Wed Nov 2 10:30:58 MDT 2016 - carnold@suse.com + +- bsc#1007941 - Xen tools limit the number of vcpus to 256 when the + system has 384 + xen-arch-kconfig-nr_cpus.patch + +------------------------------------------------------------------- +Tue Nov 1 09:37:08 MDT 2016 - carnold@suse.com + +- bsc#1007157 - VUL-0: CVE-2016-8910: xen: net: rtl8139: infinite + loop while transmit in C+ mode + CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch + +------------------------------------------------------------------- +Mon Oct 17 10:00:19 MDT 2016 - carnold@suse.com + +- bsc#1005004 - CVE-2016-8667: xen: dma: rc4030 divide by zero + error in set_next_tick + CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch +- bsc#1005005 - VUL-0: CVE-2016-8669: xen: char: divide by zero + error in serial_update_parameters + CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch + +------------------------------------------------------------------- +Wed Oct 5 10:55:45 MDT 2016 - carnold@suse.com + +- bsc#1003030 - VUL-0: CVE-2016-7908: xen: net: Infinite loop in + mcf_fec_do_tx + CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch +- bsc#1003032 - VUL-0: CVE-2016-7909: xen: net: pcnet: infinite + loop in pcnet_rdra_addr + CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch + +------------------------------------------------------------------- +Mon Sep 12 08:44:11 MDT 2016 - carnold@suse.com + +- bsc#995785 - VUL-0: CVE-2016-7092: xen: x86: Disallow L3 + recursive pagetable for 32-bit PV guests (XSA-185) + 57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch +- bsc#995789 - VUL-0: CVE-2016-7093: xen: x86: Mishandling of + instruction pointer truncation during emulation (XSA-186) + 57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch + 57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch +- bsc#995792 - VUL-0: CVE-2016-7094: xen: x86 HVM: Overflow of + sh_ctxt->seg_reg[] (XSA-187) + 57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch + 57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch +- bsc#991934 - xen hypervisor crash in csched_acct + 57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch +- Upstream patches from Jan + 57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch + 57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch + 57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch + 57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch + 57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch + 57c82be2-x86-32on64-adjust-call-gate-emulation.patch + 57c96e2c-x86-correct-PT_NOTE-file-position.patch + 57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch + +------------------------------------------------------------------- +Mon Sep 12 13:10:21 UTC 2016 - ohering@suse.de + +- bsc#979002 - add 60-persistent-xvd.rules and helper script + also to initrd, add the relevant dracut helper + +------------------------------------------------------------------- +Mon Sep 5 11:39:21 UTC 2016 - ohering@suse.de + +- bnc#953518 - unplug also SCSI disks in qemu-xen-traditional for + upstream unplug protocol + +------------------------------------------------------------------- +Fri Sep 2 08:32:44 MDT 2016 - carnold@suse.com + +- bsc#989679 - [pvusb feature] USB device not found when + 'virsh detach-device guest usb.xml' + 57c93e52-fix-error-in-libxl_device_usbdev_list.patch + +------------------------------------------------------------------- +Tue Aug 23 08:07:46 MDT 2016 - carnold@suse.com + +- bsc#992224 - [HPS Bug] During boot of Xen Hypervisor, Failed to + get contiguous memory for DMA from Xen + 57ac6316-don-t-restrict-DMA-heap-to-node-0.patch +- bsc#978755 - xen uefi systems fail to boot +- bsc#983697 - SLES12 SP2 Xen UEFI mode cannot boot + 57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch +- Upstream patch from Jan + 57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch + +------------------------------------------------------------------- +Mon Aug 8 18:27:23 UTC 2016 - jfehlig@suse.com + +- spec: to stay compatible with the in-tree qemu-xen binary, use + /usr/bin/qemu-system-i386 instead of /usr/bin/qemu-system-x86_64 + bsc#986164 + +------------------------------------------------------------------- +Thu Aug 4 09:12:34 MDT 2016 - carnold@suse.com + +- bsc#970135 - new virtualization project clock test randomly fails + on Xen + 576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch + 5769106e-x86-generate-assembler-equates-for-synthesized.patch + 57a1e603-x86-time-adjust-local-system-time-initialization.patch + 57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch + 57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch +- bsc#991934 - xen hypervisor crash in csched_acct + 57973099-have-schedulers-revise-initial-placement.patch + 579730e6-remove-buggy-initial-placement-algorithm.patch +- bsc#988675 - VUL-0: CVE-2016-6258: xen: x86: Privilege escalation + in PV guests (XSA-182) + 57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch +- bsc#988676 - VUL-0: CVE-2016-6259: xen: x86: Missing SMAP + whitelisting in 32-bit exception / event delivery (XSA-183) + 57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch +- Upstream patches from Jan + 57a30261-x86-support-newer-Intel-CPU-models.patch + +------------------------------------------------------------------- +Mon Aug 1 11:46:22 MDT 2016 - carnold@suse.com + +- bsc#985503 - vif-route broken + vif-route.patch + +------------------------------------------------------------------- +Thu Jul 28 05:23:12 MDT 2016 - carnold@suse.com + +- bsc#978413 - PV guest upgrade from sles11sp4 to sles12sp2 alpha3 + failed on sles11sp4 xen host. + pygrub-handle-one-line-menu-entries.patch + +------------------------------------------------------------------- +Wed Jul 27 14:09:06 MDT 2016 - carnold@suse.com + +- bsc#990843 - VUL-1: CVE-2016-6351: xen: qemu: scsi: esp: OOB + write access in esp_do_dma + CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch + +------------------------------------------------------------------- +Thu Jun 23 09:45:38 MDT 2016 - carnold@suse.com + +- bsc#900418 - Dump cannot be performed on SLES12 XEN + 57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch +- Upstream patches from Jan + 575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch + 57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch + +------------------------------------------------------------------- +Tue Jun 21 08:26:51 MDT 2016 - carnold@suse.com + +- fate#319989 - Update to Xen 4.7 FCS + xen-4.7.0-testing-src.tar.bz2 +- Drop CVE-2014-3672-qemut-xsa180.patch + +------------------------------------------------------------------- +Thu Jun 16 16:27:25 MDT 2016 - carnold@suse.com + +- bsc#954872 - script block-dmmd not working as expected - libxl: + error: libxl_dm.c (Additional fixes) + block-dmmd + +------------------------------------------------------------------- +Fri Jun 10 14:23:51 UTC 2016 - ohering@suse.de + +- Convert with_stubdom into build_conditional to allow adjusting + via prjconf +- Convert with_debug into build_conditional to allow adjusting + via prjconf + +------------------------------------------------------------------- +Fri Jun 10 13:36:32 UTC 2016 - ohering@suse.de + +- bsc#979002 - add 60-persistent-xvd.rules and helper script to + xen-tools-domU to simplify transition to pvops based kernels + +------------------------------------------------------------------- +Fri Jun 10 13:18:13 UTC 2016 - ohering@suse.de + +- Convert with_oxenstored into build_conditional to allow + adjusting via prjconf (fate#320836) + +------------------------------------------------------------------- +Thu Jun 9 11:10:33 MDT 2016 - carnold@suse.com + +- bsc#983984 - VUL-0: CVE-2016-5338: xen: qemu: scsi: esp: OOB r/w + access while processing ESP_FIFO + CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch +- bsc#982960 - VUL-0: CVE-2016-5238: xen: qemu: scsi: esp: OOB + write when using non-DMA mode in get_cmd + CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch + +------------------------------------------------------------------- +Tue Jun 7 08:05:09 MDT 2016 - carnold@suse.com + +- fate#319989 - Update to Xen 4.7 RC5 + xen-4.7.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Tue May 25 08:54:54 MDT 2016 - carnold@suse.com + +- fate#319989 - Update to Xen 4.7 RC4 + xen-4.7.0-testing-src.tar.bz2 +- Dropped + xen.pkgconfig-4.7.patch + xsa164.patch + +------------------------------------------------------------------- +Mon May 23 15:24:35 MDT 2016 - carnold@suse.com + +- bsc#981264 - VUL-0: CVE-2014-3672: xen: Unrestricted qemu logging + (XSA-180) + CVE-2014-3672-qemut-xsa180.patch + +------------------------------------------------------------------- +Thu May 19 10:46:53 MDT 2016 - carnold@suse.com + +- bsc#980724 - VUL-0: CVE-2016-4441: Qemu: scsi: esp: OOB write + while writing to 's->cmdbuf' in get_cmd + CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch +- bsc#980716 - VUL-0: CVE-2016-4439: xen: scsi: esp: OOB write + while writing to 's->cmdbuf' in esp_reg_write + CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch + +------------------------------------------------------------------- +Tue May 17 10:16:47 MDT 2016 - carnold@suse.com + +- fate#319989 - Update to Xen 4.7 RC3 + xen-4.7.0-testing-src.tar.bz2 +- Dropped + libxl-remove-cdrom-cachemode.patch + x86-PoD-only-reclaim-if-needed.patch + gcc6-warnings-as-errors.patch + +------------------------------------------------------------------- +Wed May 11 16:55:23 MDT 2016 - carnold@suse.com + +- bsc#954872 - script block-dmmd not working as expected - libxl: + error: libxl_dm.c (another modification) + block-dmmd + +------------------------------------------------------------------- +Tue May 10 14:39:00 MDT 2016 - carnold@suse.com + +- fate#319989 - Update to Xen 4.7 RC2 + xen-4.7.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Tue May 10 11:06:56 MDT 2016 - carnold@suse.com + +- bsc#961600 - L3: poor performance when Xen HVM domU configured + with max memory > current memory + x86-PoD-only-reclaim-if-needed.patch + +------------------------------------------------------------------- +Fri May 6 11:47:24 UTC 2016 - ohering@suse.de + +- Mark SONAMEs and pkgconfig as xen 4.7 + xen.pkgconfig-4.7.patch + +------------------------------------------------------------------- +Tue May 3 17:25:08 UTC 2016 - jfehlig@suse.com + +- bsc#977329 - Xen: Cannot boot HVM guests with empty cdrom + libxl-remove-cdrom-cachemode.patch + +------------------------------------------------------------------- +Tue May 3 08:25:27 MDT 2016 - carnold@suse.com + +- fate#319989 - Update to Xen 4.7 RC1 + xen-4.7.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Tue May 3 13:48:59 UTC 2016 - ohering@suse.de + +- fate#316614: set migration constraints from cmdline + restore libxl.set-migration-constraints-from-cmdline.patch + +------------------------------------------------------------------- +Tue May 3 11:49:31 UTC 2016 - ohering@suse.de + +- Remove obsolete patch for xen-kmp + magic_ioport_compat.patch + +------------------------------------------------------------------- +Tue May 3 07:31:28 UTC 2016 - ohering@suse.de + +- fate#316613: update to v12 + libxl.pvscsi.patch + +------------------------------------------------------------------- +Fri Apr 29 16:50:33 MDT 2016 - carnold@suse.com + +- Update to the latest Xen 4.7 pre-release c2994f86 + Drop libxl.migrate-legacy-stream-read.patch + +------------------------------------------------------------------- +Fri Apr 15 09:22:31 UTC 2016 - ohering@suse.de + +- bnc#972756 - Can't migrate HVM guest from SLES12SP1 Xen host + to SLES12SP2 Alpha 1 host using xl migrate + libxl.migrate-legacy-stream-read.patch + +------------------------------------------------------------------- +Fri Apr 1 20:14:38 UTC 2016 - jfehlig@suse.com + +- Add patches from proposed upstream series to load BIOS's from + the toolstack instead of embedding in hvmloader + http://lists.xenproject.org/archives/html/xen-devel/2016-03/msg01626.html + 0001-libxc-Rework-extra-module-initialisation.patch, + 0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch, + 0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch, + 0004-firmware-makefile-install-BIOS-blob.patch, + 0005-libxl-Load-guest-BIOS-from-file.patch, + 0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch, + 0007-hvmloader-Grab-the-hvm_start_info-pointer.patch, + 0008-hvmloader-Locate-the-BIOS-blob.patch, + 0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch, + 0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch, + 0011-hvmloader-Load-OVMF-from-modules.patch, + 0012-hvmloader-Specific-bios_load-function-required.patch, + 0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch, + 0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch +- Enable support for UEFI on x86_64 using the ovmf-x86_64-ms.bin + firmware from qemu-ovmf-x86_64. The firmware is preloaded with + Microsoft keys to more closely resemble firmware on real hardware + FATE#320490 + +------------------------------------------------------------------- +Fri Mar 25 14:46:11 MDT 2016 - carnold@suse.com + +- fate#319989: Update to Xen 4.7 (pre-release) + xen-4.7.0-testing-src.tar.bz2 +- Dropped: + xen-4.6.1-testing-src.tar.bz2 + 55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch + 5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch + 5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch + 5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch + hotplug-Linux-block-performance-fix.patch + set-mtu-from-bridge-for-tap-interface.patch + xendomains-libvirtd-conflict.patch + xsa154.patch + xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch + xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch + xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch + xsa170.patch + +------------------------------------------------------------------- +Tue Mar 22 21:48:06 UTC 2016 - jfehlig@suse.com + +- Use system SeaBIOS instead of building/installing another one + FATE#320638 + Dropped files: + seabios-dir-remote.tar.bz2 + xen-c99-fix.patch + xen.build-compare.seabios.patch + +------------------------------------------------------------------- +Wed Mar 16 23:33:01 UTC 2016 - jfehlig@suse.com + +- spec: drop BuildRequires that were only needed for qemu-xen + +------------------------------------------------------------------- +Fri Mar 4 16:11:02 MST 2016 - carnold@suse.com + +- bsc#969377 - xen does not build with GCC 6 + ipxe-use-rpm-opt-flags.patch + gcc6-warnings-as-errors.patch + +------------------------------------------------------------------- +Thu Mar 3 10:27:55 MST 2016 - carnold@suse.com + +- bsc#969351 - VUL-0: CVE-2016-2841: xen: net: ne2000: infinite + loop in ne2000_receive + CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch +- Drop xsa154-fix.patch + +------------------------------------------------------------------- +Wed Mar 2 16:53:51 UTC 2016 - jfehlig@suse.com + +- Use system qemu instead of building/installing yet another qemu + FATE#320638 +- Dropped files + qemu-xen-dir-remote.tar.bz2 + CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch + CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch + CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch + CVE-2015-4037-qemuu-smb-config-dir-name.patch + CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch + CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch + CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch + CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch + CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch + CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch + CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch + CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch + CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch + CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch + CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch + CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch + CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch + CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch + CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch + CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch + qemu-xen-enable-spice-support.patch + qemu-xen-upstream-qdisk-cache-unsafe.patch + tigervnc-long-press.patch + xsa162-qemuu.patch + +------------------------------------------------------------------- +Mon Feb 29 09:40:43 MST 2016 - carnold@suse.com + +- bsc#962321 - VUL-0: CVE-2016-1922: xen: i386: null pointer + dereference in vapic_write() + CVE-2016-1922-qemuu-i386-null-pointer-dereference-in-vapic_write.patch + +------------------------------------------------------------------- +Wed Feb 24 08:05:02 MST 2016 - carnold@suse.com + +- bsc#968004 - VUL-0: CVE-2016-2538: xen: usb: integer overflow in + remote NDIS control message handling + CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch + +------------------------------------------------------------------- +Thu Feb 18 10:39:00 MST 2016 - carnold@suse.com + +- bsc#954872 - L3: script block-dmmd not working as expected - + libxl: error: libxl_dm.c + block-dmmd +- Update libxl to recognize dmmd and npiv prefix in disk spec + xen.libxl.dmmd.patch + +------------------------------------------------------------------- +Wed Feb 17 08:30:35 MST 2016 - carnold@suse.com + +- bsc#967101 - VUL-0: CVE-2016-2391: xen: usb: multiple eof_timers + in ohci module leads to null pointer dereference + CVE-2016-2391-qemuu-usb-null-pointer-dereference-in-ohci-module.patch + CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch +- bsc#967090 - VUL-0: CVE-2016-2392: xen: usb: null pointer + dereference in remote NDIS control message handling + CVE-2016-2392-qemuu-usb-null-pointer-dereference-in-NDIS-message-handling.patch + +------------------------------------------------------------------- +Thu Feb 11 09:29:01 MST 2016 - carnold@suse.com + +- Update to Xen Version 4.6.1 + xen-4.6.1-testing-src.tar.bz2 +- Dropped patches now contained in tarball or unnecessary + xen-4.6.0-testing-src.tar.bz2 + 5604f239-x86-PV-properly-populate-descriptor-tables.patch + 561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-it-is-zero.patch + 561d2046-VT-d-use-proper-error-codes-in-iommu_enable_x2apic_IR.patch + 561d20a0-x86-hide-MWAITX-from-PV-domains.patch + 561e3283-x86-NUMA-fix-SRAT-table-processor-entry-parsing-and-consumption.patch + 5632118e-arm-Support-hypercall_create_continuation-for-multicall.patch + 56321222-arm-rate-limit-logging-from-unimplemented-PHYSDEVOP-and-HVMOP.patch + 56321249-arm-handle-races-between-relinquish_memory-and-free_domheap_pages.patch + 5632127b-x86-guard-against-undue-super-page-PTE-creation.patch + 5632129c-free-domain-s-vcpu-array.patch + 563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch + 563212e4-xenoprof-free-domain-s-vcpu-array.patch + 563212ff-x86-rate-limit-logging-in-do_xen-oprof-pmu-_op.patch + 56323737-libxl-adjust-PoD-target-by-memory-fudge-too.patch + 56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch + 5641ceec-x86-HVM-always-intercept-AC-and-DB.patch + 56549f24-x86-vPMU-document-as-unsupported.patch + 5677f350-x86-make-debug-output-consistent-in-hvm_set_callback_via.patch + xsa155-qemut-qdisk-double-access.patch + xsa155-qemut-xenfb.patch + xsa155-qemuu-qdisk-double-access.patch + xsa155-qemuu-xenfb.patch + xsa159.patch + xsa160.patch + xsa162-qemut.patch + xsa165.patch + xsa166.patch + xsa167.patch + xsa168.patch + +------------------------------------------------------------------- +Fri Feb 5 13:07:53 MST 2016 - carnold@suse.com + +- bsc#965315 - VUL-0: CVE-2016-2270: xen: x86: inconsistent + cachability flags on guest mappings (XSA-154) + xsa154.patch +- bsc#965317 - VUL-0: CVE-2016-2271: xen: VMX: guest user mode may + crash guest with non-canonical RIP (XSA-170) + xsa170.patch + +------------------------------------------------------------------- +Fri Feb 5 08:51:16 MST 2016 - carnold@suse.com + +- bsc#965269 - VUL-1: CVE-2015-8619: xen: stack based OOB write in + hmp_sendkey routine + CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch + +------------------------------------------------------------------- +Thu Feb 4 09:26:34 MST 2016 - carnold@suse.com + +- bsc#965156 - VUL-0: CVE-2015-6855: xen: ide: divide by zero issue + CVE-2015-6855-qemuu-ide-divide-by-zero-issue.patch +- bsc#965112 - VUL-0: CVE-2014-3640: xen: slirp: NULL pointer deref + in sosendto() + CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch + +------------------------------------------------------------------- +Wed Feb 3 10:47:41 MST 2016 - carnold@suse.com + +- bsc#964947 - VUL-0: CVE-2015-5278: xen: Infinite loop in + ne2000_receive() function + CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch +- bsc#956832 - VUL-0: CVE-2015-8345: xen: qemu: net: eepro100: + infinite loop in processing command block list + CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch + CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch + +------------------------------------------------------------------- +Tue Feb 2 08:45:07 MST 2016 - carnold@suse.com + +- bsc#964644 - VUL-0: CVE-2013-4533: xen pxa2xx: buffer overrun on + incoming migration + CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch +- bsc#964925 - VUL-0: CVE-2014-0222: xen: qcow1: validate L2 table + size to avoid integer overflows + CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch +- Dropped CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch + +------------------------------------------------------------------- +Mon Feb 1 13:29:55 MST 2016 - carnold@suse.com + +- bsc#964415 - VUL-1: CVE-2016-2198: xen: usb: ehci null pointer + dereference in ehci_caps_write + CVE-2016-2198-qemuu-usb-ehci-null-pointer-dereference-in-ehci_caps_write.patch +- bsc#964452 - VUL-0: CVE-2013-4534: xen: openpic: buffer overrun + on incoming migration + CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch + +------------------------------------------------------------------- +Wed Jan 27 08:23:26 MST 2016 - carnold@suse.com + +- bsc#963783 - VUL-1: CVE-2016-1981: xen: net: e1000 infinite loop + in start_xmit and e1000_receive_iov routines + CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch + CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch + +------------------------------------------------------------------- +Wed Jan 20 08:21:42 MST 2016 - carnold@suse.com + +- bsc#962758 - VUL-0: CVE-2013-4539: xen: tsc210x: buffer overrun + on invalid state load + CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch + +------------------------------------------------------------------- +Tue Jan 19 09:23:56 MST 2016 - carnold@suse.com + +- bsc#962632 - VUL-0: CVE-2015-1779: xen: vnc: insufficient + resource limiting in VNC websockets decoder + CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch + CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch +- bsc#962642 - VUL-0: CVE-2013-4537: xen: ssi-sd: buffer overrun on + invalid state load + CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch +- bsc#962627 - VUL-0: CVE-2014-7815: xen: vnc: insufficient + bits_per_pixel from the client sanitization + CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch + +------------------------------------------------------------------- +Mon Jan 18 09:04:10 MST 2016 - carnold@suse.com + +- bsc#962335 - VUL-0: CVE-2013-4538: xen: ssd0323: fix buffer + overun on invalid state + CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch +- bsc#962360 - VUL-0: CVE-2015-7512: xen: net: pcnet: buffer + overflow in non-loopback mode + CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch + CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch + +------------------------------------------------------------------- +Wed Jan 13 09:56:52 MST 2016 - carnold@suse.com + +- bsc#961692 - VUL-0: CVE-2016-1714: xen: nvram: OOB r/w access in + processing firmware configurations + CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch + CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch + +------------------------------------------------------------------- +Mon Jan 11 11:51:45 MST 2016 - carnold@suse.com + +- bsc#961358 - VUL-0: CVE-2015-8613: xen: qemu: scsi: stack based + buffer overflow in megasas_ctrl_get_info + CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch +- bsc#961332 - VUL-0: CVE-2016-1568: xen: Qemu: ide: ahci + use-after-free vulnerability in aio port commands + CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch + +------------------------------------------------------------------- +Thu Jan 7 10:38:20 MST 2016 - carnold@suse.com + +- bsc#959695 - missing docs for xen + xen.spec + +------------------------------------------------------------------- +Wed Jan 6 10:38:36 MST 2016 - carnold@suse.com + +- bsc#960862 - VUL-0: CVE-2016-1571: xen: VMX: intercept issue with + INVLPG on non-canonical address (XSA-168) + xsa168.patch +- bsc#960861 - VUL-0: CVE-2016-1570: xen: PV superpage + functionality missing sanity checks (XSA-167) + xsa167.patch +- bsc#960836 - VUL-0: CVE-2015-8744: xen: net: vmxnet3: incorrect + l2 header validation leads to a crash via assert(2) call + CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch + +------------------------------------------------------------------- +Tue Jan 5 13:56:08 MST 2016 - carnold@suse.com + +- bsc#960707 - VUL-0: CVE-2015-8745: xen: reading IMR registers + leads to a crash via assert(2) call + CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch +- bsc#960726 - VUL-0: CVE-2015-8743: xen: ne2000: OOB memory access + in ioport r/w functions + CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch + +------------------------------------------------------------------- +Mon Jan 4 11:32:10 MST 2016 - carnold@suse.com + +- bsc#960093 - VUL-0: CVE-2015-8615: xen: x86: unintentional + logging upon guest changing callback method (XSA-169) + 5677f350-x86-make-debug-output-consistent-in-hvm_set_callback_via.patch + +------------------------------------------------------------------- +Mon Dec 21 09:09:55 UTC 2015 - ohering@suse.de + +- Adjust xen-dom0-modules.service to run Before xenstored.service + instead of proc-xen.mount to workaround a bug in systemd "design" + (bnc#959845) + +------------------------------------------------------------------- +Wed Dec 16 12:16:21 MST 2015 - carnold@suse.com + +- bsc#959387 - VUL-0: CVE-2015-8568 CVE-2015-8567: xen: qemu: net: + vmxnet3: host memory leakage + CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch + +------------------------------------------------------------------- +Mon Dec 14 10:12:05 MST 2015 - carnold@suse.com + +- bsc#957988 - VUL-0: CVE-2015-8550: xen: paravirtualized drivers + incautious about shared memory contents (XSA-155) + xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch + xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch + xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch + xsa155-qemuu-qdisk-double-access.patch + xsa155-qemut-qdisk-double-access.patch + xsa155-qemuu-xenfb.patch + xsa155-qemut-xenfb.patch +- bsc#959006 - VUL-0: CVE-2015-8558: xen: qemu: usb: infinite loop + in ehci_advance_state results in DoS + CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch +- bsc#958918 - VUL-0: CVE-2015-7549: xen: qemu pci: null pointer + dereference issue + CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch +- bsc#958493 - VUL-0: CVE-2015-8504: xen: qemu: ui: vnc: avoid + floating point exception + CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch + CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch +- bsc#958007 - VUL-0: CVE-2015-8554: xen: qemu-dm buffer overrun in + MSI-X handling (XSA-164) + xsa164.patch +- bsc#958009 - VUL-0: CVE-2015-8555: xen: information leak in + legacy x86 FPU/XMM initialization (XSA-165) + xsa165.patch +- bsc#958523 - VUL-0: xen: ioreq handling possibly susceptible to + multiple read issue (XSA-166) + xsa166.patch + +------------------------------------------------------------------- +Fri Nov 27 10:39:38 MST 2015 - carnold@suse.com + +- bsc#956832 - VUL-0: CVE-2015-8345: xen: qemu: net: eepro100: + infinite loop in processing command block list + CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch + CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch +- Upstream patches from Jan + 56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch + 5641ceec-x86-HVM-always-intercept-AC-and-DB.patch (Replaces CVE-2015-5307-xsa156.patch) + 5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch + 56544a57-VMX-fix-adjust-trap-injection.patch + 56546ab2-sched-fix-insert_vcpu-locking.patch + +------------------------------------------------------------------- +Wed Nov 25 10:06:30 MST 2015 - carnold@suse.com + +- bsc#956592 - VUL-0: xen: virtual PMU is unsupported (XSA-163) + 56549f24-x86-vPMU-document-as-unsupported.patch +- bsc#956408 - VUL-0: CVE-2015-8339, CVE-2015-8340: xen: + XENMEM_exchange error handling issues (XSA-159) + xsa159.patch +- bsc#956409 - VUL-0: CVE-2015-8341: xen: libxl leak of pv kernel + and initrd on error (XSA-160) + xsa160.patch +- bsc#956411 - VUL-0: CVE-2015-7504: xen: heap buffer overflow + vulnerability in pcnet emulator (XSA-162) + xsa162-qemuu.patch + xsa162-qemut.patch +- bsc#947165 - VUL-0: CVE-2015-7311: xen: libxl fails to honour + readonly flag on disks with qemu-xen (xsa-142) + 5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch + 5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch + +------------------------------------------------------------------- +Tue Nov 24 08:44:57 MST 2015 - carnold@suse.com + +- fate#315712: XEN: Use the PVOPS kernel + Turn off building the KMPs now that we are using the pvops kernel + xen.spec + +------------------------------------------------------------------- +Thu Nov 19 11:18:03 MST 2015 - carnold@suse.com + +- Upstream patches from Jan + 561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-it-is-zero.patch + 561d20a0-x86-hide-MWAITX-from-PV-domains.patch + 561e3283-x86-NUMA-fix-SRAT-table-processor-entry-parsing-and-consumption.patch + 5632118e-arm-Support-hypercall_create_continuation-for-multicall.patch + 56321222-arm-rate-limit-logging-from-unimplemented-PHYSDEVOP-and-HVMOP.patch + 56321249-arm-handle-races-between-relinquish_memory-and-free_domheap_pages.patch + 5632127b-x86-guard-against-undue-super-page-PTE-creation.patch + 5632129c-free-domain-s-vcpu-array.patch (Replaces CVE-2015-7969-xsa149.patch) + 563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch + 563212e4-xenoprof-free-domain-s-vcpu-array.patch + 563212ff-x86-rate-limit-logging-in-do_xen-oprof-pmu-_op.patch + 56323737-libxl-adjust-PoD-target-by-memory-fudge-too.patch + 56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch + 5641ceec-x86-HVM-always-intercept-AC-and-DB.patch (Replaces CVE-2015-5307-xsa156.patch) + 5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch +- Dropped 55b0a2db-x86-MSI-track-guest-masking.patch + +------------------------------------------------------------------- +Thu Nov 19 07:47:47 UTC 2015 - ohering@suse.de + +- Use upstream variants of block-iscsi and block-nbd + +------------------------------------------------------------------- +Thu Nov 19 07:38:06 UTC 2015 - ohering@suse.de + +- Remove xenalyze.hg, its part of xen-4.6 + +------------------------------------------------------------------- +Wed Nov 10 16:16:24 MDT 2015 - carnold@suse.com + +- Update to Xen Version 4.6.0 + xen-4.6.0-testing-src.tar.bz2 + mini-os.tar.bz2 + blktap2-no-uninit.patch + stubdom-have-iovec.patch +- Renamed + xsa149.patch to CVE-2015-7969-xsa149.patch +- Dropped patches now contained in tarball or unnecessary + xen-4.5.2-testing-src.tar.bz2 + 54c2553c-grant-table-use-uint16_t-consistently-for-offset-and-length.patch + 54ca33bc-grant-table-refactor-grant-copy-to-reduce-duplicate-code.patch + 54ca340e-grant-table-defer-releasing-pages-acquired-in-a-grant-copy.patch + 54f4985f-libxl-fix-libvirtd-double-free.patch + 55103616-vm-assist-prepare-for-discontiguous-used-bit-numbers.patch + 551ac326-xentop-add-support-for-qdisk.patch + 552d0fd2-x86-hvm-don-t-include-asm-spinlock-h.patch + 552d0fe8-x86-mtrr-include-asm-atomic.h.patch + 552d293b-x86-vMSI-X-honor-all-mask-requests.patch + 552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch + 5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch + 5548e903-domctl-don-t-truncate-XEN_DOMCTL_max_mem-requests.patch + 5548e95d-x86-allow-to-suppress-M2P-user-mode-exposure.patch + 554c7aee-x86-provide-arch_fetch_and_add.patch + 554c7b00-arm-provide-arch_fetch_and_add.patch + 554cc211-libxl-add-qxl.patch 55534b0a-x86-provide-add_sized.patch + 55534b25-arm-provide-add_sized.patch + 5555a4f8-use-ticket-locks-for-spin-locks.patch + 5555a5b9-x86-arm-remove-asm-spinlock-h.patch + 5555a8ec-introduce-non-contiguous-allocation.patch + 556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch + 5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch + 55795a52-x86-vMSI-X-support-qword-MMIO-access.patch + 557eb55f-gnttab-per-active-entry-locking.patch + 557eb5b6-gnttab-introduce-maptrack-lock.patch + 557eb620-gnttab-make-the-grant-table-lock-a-read-write-lock.patch + 557ffab8-evtchn-factor-out-freeing-an-event-channel.patch + 5582bf43-evtchn-simplify-port_is_valid.patch + 5582bf81-evtchn-remove-the-locking-when-unmasking-an-event-channel.patch + 5583d9c5-x86-MSI-X-cleanup.patch + 5583da09-x86-MSI-track-host-and-guest-masking-separately.patch + 5583da64-gnttab-use-per-VCPU-maptrack-free-lists.patch + 5583da8c-gnttab-steal-maptrack-entries-from-other-VCPUs.patch + 5587d711-evtchn-clear-xen_consumer-when-clearing-state.patch + 5587d779-evtchn-defer-freeing-struct-evtchn-s-until-evtchn_destroy_final.patch + 5587d7b7-evtchn-use-a-per-event-channel-lock-for-sending-events.patch + 5587d7e2-evtchn-pad-struct-evtchn-to-64-bytes.patch + 55b0a218-x86-PCI-CFG-write-intercept.patch + 55b0a255-x86-MSI-X-maskall.patch 55b0a283-x86-MSI-X-teardown.patch + 55b0a2ab-x86-MSI-X-enable.patch blktapctrl-close-fifos.patch + blktapctrl-default-to-ioemu.patch blktapctrl-disable-debug-printf.patch + blktap-no-uninit.patch blktap-pv-cdrom.patch build-tapdisk-ioemu.patch + ioemu-bdrv-open-CACHE_WB.patch ioemu-blktap-barriers.patch + ioemu-blktap-fv-init.patch ioemu-blktap-image-format.patch + ioemu-blktap-zero-size.patch libxl.set-migration-constraints-from-cmdline.patch + local_attach_support_for_phy.patch pci-attach-fix.patch + qemu-xen-upstream-megasas-buildtime.patch tapdisk-ioemu-logfile.patch + tapdisk-ioemu-shutdown-fix.patch udev-rules.patch xen.build-compare.ipxe.patch + xen.build-compare.mini-os.patch xen.build-compare.smbiosdate.patch + xen.build-compare.vgabios.patch xen.build-compare.xen_compile_h.patch + xl-coredump-file-location.patch + +------------------------------------------------------------------- +Thu Nov 5 07:42:08 MST 2015 - carnold@suse.com + +- bsc#954405 - VUL-0: CVE-2015-8104: Xen: guest to host DoS by + triggering an infinite loop in microcode via #DB exception +- bsc#954018 - VUL-0: CVE-2015-5307: xen: x86: CPU lockup during + fault delivery (XSA-156) + CVE-2015-5307-xsa156.patch + +------------------------------------------------------------------- +Wed Nov 4 10:33:59 MST 2015 - carnold@suse.com + +- Update to Xen 4.5.2 + xen-4.5.2-testing-src.tar.bz2 +- Drop the following + xen-4.5.1-testing-src.tar.bz2 + 552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch + 5576f178-kexec-add-more-pages-to-v1-environment.patch + 55780be1-x86-EFI-adjust-EFI_MEMORY_WP-handling-for-spec-version-2.5.patch + 558bfaa0-x86-traps-avoid-using-current-too-early.patch + 5592a116-nested-EPT-fix-the-handling-of-nested-EPT.patch + 559b9dd6-x86-p2m-ept-don-t-unmap-in-use-EPT-pagetable.patch + 559bc633-x86-cpupool-clear-proper-cpu_valid-bit-on-CPU-teardown.patch + 559bc64e-credit1-properly-deal-with-CPUs-not-in-any-pool.patch + 559bc87f-x86-hvmloader-avoid-data-corruption-with-xenstore-rw.patch + 559bdde5-pull-in-latest-linux-earlycpio.patch + 55a62eb0-xl-correct-handling-of-extra_config-in-main_cpupoolcreate.patch + 55a66a1e-make-rangeset_report_ranges-report-all-ranges.patch + 55a77e4f-dmar-device-scope-mem-leak-fix.patch + 55c1d83d-x86-gdt-Drop-write-only-xalloc-d-array.patch + 55c3232b-x86-mm-Make-hap-shadow-teardown-preemptible.patch + 55dc78e9-x86-amd_ucode-skip-updates-for-final-levels.patch + 55df2f76-IOMMU-skip-domains-without-page-tables-when-dumping.patch + 55e43fd8-x86-NUMA-fix-setup_node.patch + 55e43ff8-x86-NUMA-don-t-account-hotplug-regions.patch + 55e593f1-x86-NUMA-make-init_node_heap-respect-Xen-heap-limit.patch + 55f2e438-x86-hvm-fix-saved-pmtimer-and-hpet-values.patch + 55f9345b-x86-MSI-fail-if-no-hardware-support.patch + 5604f2e6-vt-d-fix-IM-bit-mask-and-unmask-of-FECTL_REG.patch + 560a4af9-x86-EPT-tighten-conditions-of-IOMMU-mapping-updates.patch + 560a7c36-x86-p2m-pt-delay-freeing-of-intermediate-page-tables.patch + 560a7c53-x86-p2m-pt-ignore-pt-share-flag-for-shadow-mode-guests.patch + 560bd926-credit1-fix-tickling-when-it-happens-from-a-remote-pCPU.patch + 560e6d34-x86-p2m-pt-tighten-conditions-of-IOMMU-mapping-updates.patch + 561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-0.patch + 561d20a0-x86-hide-MWAITX-from-PV-domains.patch + 561e3283-x86-NUMA-fix-SRAT-table-processor-entry-handling.patch + 563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch + CVE-2015-4106-xsa131-9.patch CVE-2015-3259-xsa137.patch + CVE-2015-7311-xsa142.patch CVE-2015-7835-xsa148.patch + xsa139-qemuu.patch xsa140-qemuu-1.patch xsa140-qemuu-2.patch + xsa140-qemuu-3.patch xsa140-qemuu-4.patch xsa140-qemuu-5.patch + xsa140-qemuu-6.patch xsa140-qemuu-7.patch xsa140-qemut-1.patch + xsa140-qemut-2.patch xsa140-qemut-3.patch xsa140-qemut-4.patch + xsa140-qemut-5.patch xsa140-qemut-6.patch xsa140-qemut-7.patch + xsa151.patch xsa152.patch xsa153-libxl.patch + CVE-2015-5154-qemuu-check-array-bounds-before-writing-to-io_buffer.patch + CVE-2015-5154-qemuu-fix-START-STOP-UNIT-command-completion.patch + CVE-2015-5154-qemuu-clear-DRQ-after-handling-all-expected-accesses.patch + CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch + CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch + CVE-2015-6815-qemuu-e1000-fix-infinite-loop.patch + CVE-2015-5239-qemuu-limit-client_cut_text-msg-payload-size.patch + CVE-2015-5239-qemut-limit-client_cut_text-msg-payload-size.patch" + +------------------------------------------------------------------- +Mon Nov 2 11:21:15 MST 2015 - carnold@suse.com + +- bsc#950704 - CVE-2015-7970 VUL-1: xen: x86: Long latency + populate-on-demand operation is not preemptible (XSA-150) + 563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch + +------------------------------------------------------------------- +Wed Oct 28 09:47:38 MDT 2015 - carnold@suse.com + +- Upstream patches from Jan + 5604f239-x86-PV-properly-populate-descriptor-tables.patch + 561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-0.patch + 561d2046-VT-d-use-proper-error-codes-in-iommu_enable_x2apic_IR.patch + 561d20a0-x86-hide-MWAITX-from-PV-domains.patch + 561e3283-x86-NUMA-fix-SRAT-table-processor-entry-handling.patch + +------------------------------------------------------------------- +Fri Oct 23 13:35:59 MDT 2015 - carnold@suse.com + +- bsc#951845 - VUL-0: CVE-2015-7972: xen: x86: populate-on-demand + balloon size inaccuracy can crash guests (XSA-153) + xsa153-libxl.patch + +------------------------------------------------------------------- +Fri Oct 16 08:40:31 MDT 2015 - carnold@suse.com + +- bsc#950703 - VUL-1: CVE-2015-7969: xen: leak of main per-domain + vcpu pointer array (DoS) (XSA-149) + xsa149.patch +- bsc#950705 - VUL-1: CVE-2015-7969: xen: x86: leak of per-domain + profiling-related vcpu pointer array (DoS) (XSA-151) + xsa151.patch +- bsc#950706 - VUL-0: CVE-2015-7971: xen: x86: some pmu and + profiling hypercalls log without rate limiting (XSA-152) + xsa152.patch +- Dropped + 55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch + 5604f239-x86-PV-properly-populate-descriptor-tables.patch + +------------------------------------------------------------------- +Thu Oct 15 11:43:23 MDT 2015 - carnold@suse.com + +- bsc#932267 - VUL-1: CVE-2015-4037: qemu,kvm,xen: insecure + temporary file use in /net/slirp.c + CVE-2015-4037-qemuu-smb-config-dir-name.patch + CVE-2015-4037-qemut-smb-config-dir-name.patch +- bsc#877642 - VUL-0: CVE-2014-0222: qemu: qcow1: validate L2 table + size to avoid integer overflows + CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch + CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch + +------------------------------------------------------------------- +Wed Oct 14 10:24:15 MDT 2015 - carnold@suse.com + +- bsc#950367 - VUL-0: CVE-2015-7835: xen: x86: Uncontrolled + creation of large page mappings by PV guests (XSA-148) + CVE-2015-7835-xsa148.patch + +------------------------------------------------------------------- +Tue Oct 6 14:52:30 MDT 2015 - jfehlig@suse.com + +- bsc#949138 - Setting vcpu affinity under Xen causes libvirtd + abort + 54f4985f-libxl-fix-libvirtd-double-free.patch + +------------------------------------------------------------------- +Tue Oct 6 09:04:17 MDT 2015 - carnold@suse.com + +- bsc#949046 - Increase %suse_version in SP1 to 1316 + xen.spec +- Update README.SUSE detailing dom0 ballooning recommendations + +------------------------------------------------------------------- +Mon Oct 5 09:12:45 MDT 2015 - carnold@suse.com + +- bsc#945167 - Running command ’ xl pci-assignable-add 03:10.1’ + secondly show errors + 55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch +- Upstream patches from Jan + 55f2e438-x86-hvm-fix-saved-pmtimer-and-hpet-values.patch + 55f9345b-x86-MSI-fail-if-no-hardware-support.patch + 5604f239-x86-PV-properly-populate-descriptor-tables.patch + 5604f2e6-vt-d-fix-IM-bit-mask-and-unmask-of-FECTL_REG.patch + 560a4af9-x86-EPT-tighten-conditions-of-IOMMU-mapping-updates.patch + 560a7c36-x86-p2m-pt-delay-freeing-of-intermediate-page-tables.patch + 560a7c53-x86-p2m-pt-ignore-pt-share-flag-for-shadow-mode-guests.patch + 560bd926-credit1-fix-tickling-when-it-happens-from-a-remote-pCPU.patch + 560e6d34-x86-p2m-pt-tighten-conditions-of-IOMMU-mapping-updates.patch + +------------------------------------------------------------------- +Fri Oct 2 11:31:34 MDT 2015 - mlatimer@suse.com + +- bsc#941074 - VmError: Device 51728 (vbd) could not be connected. + Hotplug scripts not working. + hotplug-Linux-block-performance-fix.patch + +------------------------------------------------------------------- +Wed Sep 23 14:56:47 MDT 2015 - carnold@suse.com + +- bsc#947165 - VUL-0: CVE-2015-7311: xen: libxl fails to honour + readonly flag on disks with qemu-xen (xsa-142) + CVE-2015-7311-xsa142.patch + +------------------------------------------------------------------- +Mon Sep 16 07:17:00 UTC 2015 - cyliu@suse.com + +- bsc#945165 - Xl pci-attach show error with kernel of SLES 12 sp1 + pci-attach-fix.patch + +------------------------------------------------------------------- +Tue Sep 15 14:48:27 MDT 2015 - jfehlig@suse.com + +- bsc#945164 - Xl destroy show error with kernel of SLES 12 sp1 + 5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch + +------------------------------------------------------------------- +Wed Sep 9 08:55:29 MDT 2015 - carnold@suse.com + +- Upstream patches from Jan + 55dc78e9-x86-amd_ucode-skip-updates-for-final-levels.patch + 55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch + 55df2f76-IOMMU-skip-domains-without-page-tables-when-dumping.patch + 55e43fd8-x86-NUMA-fix-setup_node.patch + 55e43ff8-x86-NUMA-don-t-account-hotplug-regions.patch + 55e593f1-x86-NUMA-make-init_node_heap-respect-Xen-heap-limit.patch + 54c2553c-grant-table-use-uint16_t-consistently-for-offset-and-length.patch + 54ca33bc-grant-table-refactor-grant-copy-to-reduce-duplicate-code.patch + 54ca340e-grant-table-defer-releasing-pages-acquired-in-a-grant-copy.patch + +------------------------------------------------------------------- +Tue Sep 8 11:26:45 MDT 2015 - carnold@suse.com + +- bsc#944463 - VUL-0: CVE-2015-5239: qemu-kvm: Integer overflow in + vnc_client_read() and protocol_client_msg() + CVE-2015-5239-qemuu-limit-client_cut_text-msg-payload-size.patch + CVE-2015-5239-qemut-limit-client_cut_text-msg-payload-size.patch +- bsc#944697 - VUL-1: CVE-2015-6815: qemu: net: e1000: infinite + loop issue + CVE-2015-6815-qemuu-e1000-fix-infinite-loop.patch + CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch + +------------------------------------------------------------------- +Wed Aug 26 16:18:58 MDT 2015 - carnold@suse.com + +- bnc#935634 - VUL-0: CVE-2015-3259: xen: XSA-137: xl command line + config handling stack overflow + 55a62eb0-xl-correct-handling-of-extra_config-in-main_cpupoolcreate.patch + +------------------------------------------------------------------- +Tue Aug 18 10:18:20 MDT 2015 - carnold@suse.com + +- bsc#907514 - Bus fatal error & sles12 sudden reboot has been + observed +- bsc#910258 - SLES12 Xen host crashes with FATAL NMI after + shutdown of guest with VT-d NIC +- bsc#918984 - Bus fatal error & sles11-SP4 sudden reboot has been + observed +- bsc#923967 - Partner-L3: Bus fatal error & sles11-SP3 sudden + reboot has been observed + 552d293b-x86-vMSI-X-honor-all-mask-requests.patch + 552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch + 5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch + 55795a52-x86-vMSI-X-support-qword-MMIO-access.patch + 5583d9c5-x86-MSI-X-cleanup.patch + 5583da09-x86-MSI-track-host-and-guest-masking-separately.patch + 55b0a218-x86-PCI-CFG-write-intercept.patch + 55b0a255-x86-MSI-X-maskall.patch + 55b0a283-x86-MSI-X-teardown.patch + 55b0a2ab-x86-MSI-X-enable.patch + 55b0a2db-x86-MSI-track-guest-masking.patch +- Upstream patches from Jan + 552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch + 559bc633-x86-cpupool-clear-proper-cpu_valid-bit-on-CPU-teardown.patch + 559bc64e-credit1-properly-deal-with-CPUs-not-in-any-pool.patch + 559bc87f-x86-hvmloader-avoid-data-corruption-with-xenstore-rw.patch + 55a66a1e-make-rangeset_report_ranges-report-all-ranges.patch + 55a77e4f-dmar-device-scope-mem-leak-fix.patch + 55c1d83d-x86-gdt-Drop-write-only-xalloc-d-array.patch + 55c3232b-x86-mm-Make-hap-shadow-teardown-preemptible.patch +- Dropped for upstream version + x86-MSI-mask.patch + x86-MSI-pv-unmask.patch + x86-MSI-X-enable.patch + x86-MSI-X-maskall.patch + x86-MSI-X-teardown.patch + x86-pci_cfg_okay.patch + x86-PCI-CFG-write-intercept.patch + +------------------------------------------------------------------- +Tue Jul 28 09:04:13 MDT 2015 - carnold@suse.com + +- bsc#939712 - VUL-0: XSA-140: QEMU leak of uninitialized heap + memory in rtl8139 device model + xsa140-qemuu-1.patch + xsa140-qemuu-2.patch + xsa140-qemuu-3.patch + xsa140-qemuu-4.patch + xsa140-qemuu-5.patch + xsa140-qemuu-6.patch + xsa140-qemuu-7.patch + xsa140-qemut-1.patch + xsa140-qemut-2.patch + xsa140-qemut-3.patch + xsa140-qemut-4.patch + xsa140-qemut-5.patch + xsa140-qemut-6.patch + xsa140-qemut-7.patch +- bsc#939709 - VUL-0: XSA-139: xen: Use after free in QEMU/Xen + block unplug protocol + xsa139-qemuu.patch + +------------------------------------------------------------------- +Tue Jul 21 10:03:24 UTC 2015 - ohering@suse.de + +- bsc#937371 - xen vm's running after reboot + xendomains-libvirtd-conflict.patch + +------------------------------------------------------------------- +Thu Jul 16 10:14:12 MDT 2015 - carnold@suse.com + +- bsc#938344 - VUL-0: CVE-2015-5154: qemu,kvm,xen: host code + execution via IDE subsystem CD-ROM + CVE-2015-5154-qemuu-check-array-bounds-before-writing-to-io_buffer.patch + CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch + CVE-2015-5154-qemuu-fix-START-STOP-UNIT-command-completion.patch + CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch + CVE-2015-5154-qemuu-clear-DRQ-after-handling-all-expected-accesses.patch + CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch + +------------------------------------------------------------------- +Wed Jul 15 08:28:23 UTC 2015 - ohering@suse.de + +- Remove xendomains.service from systemd preset file because it + conflicts with libvirt-guests.service (bnc#937371) + Its up to the admin to run systemctl enable xendomains.service + +------------------------------------------------------------------- +Wed Jul 8 11:38:26 MDT 2015 - carnold@suse.com + +- bnc#935634 - VUL-0: CVE-2015-3259: xen: XSA-137: xl command line + config handling stack overflow + CVE-2015-3259-xsa137.patch +- Upstream patches from Jan + 558bfaa0-x86-traps-avoid-using-current-too-early.patch + 5592a116-nested-EPT-fix-the-handling-of-nested-EPT.patch + 559b9dd6-x86-p2m-ept-don-t-unmap-in-use-EPT-pagetable.patch + 559bdde5-pull-in-latest-linux-earlycpio.patch +- Upstream patches from Jan pending review + 552d0fd2-x86-hvm-don-t-include-asm-spinlock-h.patch + 552d0fe8-x86-mtrr-include-asm-atomic.h.patch + 552d293b-x86-vMSI-X-honor-all-mask-requests.patch + 552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch + 554c7aee-x86-provide-arch_fetch_and_add.patch + 554c7b00-arm-provide-arch_fetch_and_add.patch + 55534b0a-x86-provide-add_sized.patch + 55534b25-arm-provide-add_sized.patch + 5555a4f8-use-ticket-locks-for-spin-locks.patch + 5555a5b9-x86-arm-remove-asm-spinlock-h.patch + 5555a8ec-introduce-non-contiguous-allocation.patch + 55795a52-x86-vMSI-X-support-qword-MMIO-access.patch + 557eb55f-gnttab-per-active-entry-locking.patch + 557eb5b6-gnttab-introduce-maptrack-lock.patch + 557eb620-gnttab-make-the-grant-table-lock-a-read-write-lock.patch + 557ffab8-evtchn-factor-out-freeing-an-event-channel.patch + 5582bf43-evtchn-simplify-port_is_valid.patch + 5582bf81-evtchn-remove-the-locking-when-unmasking-an-event-channel.patch + 5583d9c5-x86-MSI-X-cleanup.patch + 5583da09-x86-MSI-track-host-and-guest-masking-separately.patch + 5583da64-gnttab-use-per-VCPU-maptrack-free-lists.patch + 5583da8c-gnttab-steal-maptrack-entries-from-other-VCPUs.patch + 5587d711-evtchn-clear-xen_consumer-when-clearing-state.patch + 5587d779-evtchn-defer-freeing-struct-evtchn-s-until-evtchn_destroy_final.patch + 5587d7b7-evtchn-use-a-per-event-channel-lock-for-sending-events.patch + 5587d7e2-evtchn-pad-struct-evtchn-to-64-bytes.patch + x86-MSI-pv-unmask.patch + x86-pci_cfg_okay.patch + x86-PCI-CFG-write-intercept.patch + x86-MSI-X-maskall.patch + x86-MSI-X-teardown.patch + x86-MSI-X-enable.patch + x86-MSI-mask.patch + +------------------------------------------------------------------- +Tue Jul 7 13:35:34 UTC 2015 - ohering@suse.de + +- Adjust more places to use br0 instead of xenbr0 + +------------------------------------------------------------------- +Tue Jun 30 08:25:35 MDT 2015 - carnold@suse.com + +- bnc#936516 - xen fails to build with kernel update(4.1.0 from + stable) + 556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch + +------------------------------------------------------------------- +Fri Jun 26 09:22:28 MDT 2015 - carnold@suse.com + +- Update to Xen Version 4.5.1 FCS (fate#315675) + xen-4.5.1-testing-src.tar.bz2 +- Dropped patches now contained in tarball + 556c2cf2-x86-don-t-crash-mapping-a-page-using-EFI-rt-page-tables.patch + 556d9718-efi-fix-allocation-problems-if-ExitBootServices-fails.patch + 556eabf7-x86-apic-Disable-the-LAPIC-later-in-smp_send_stop.patch + 556eac15-x86-crash-don-t-use-set_fixmap-in-the-crash-path.patch + 55780aaa-efi-avoid-calling-boot-services-after-ExitBootServices.patch + 55780aff-x86-EFI-fix-EFI_MEMORY_WP-handling.patch + 55780b43-EFI-early-add-mapbs-to-map-EfiBootServices-Code-Data.patch + 55780b97-EFI-support-default-attributes-to-map-Runtime-service-areas.patch + 5513b458-allow-reboot-overrides-when-running-under-EFI.patch + 5513b4d1-dont-apply-reboot-quirks-if-reboot-set-by-user.patch + 5576f178-kexec-add-more-pages-to-v1-environment.patch + 5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch + CVE-2015-3456-xsa133-qemuu.patch + CVE-2015-3456-xsa133-qemut.patch + qemu-MSI-X-enable-maskall.patch + qemu-MSI-X-latch-writes.patch + x86-MSI-X-guest-mask.patch + +------------------------------------------------------------------- +Thu Jun 25 17:19:35 MDT 2015 - jfehlig@suse.com + +- Replace 5124efbe-add-qxl-support.patch with the variant that + finally made it upstream, 554cc211-libxl-add-qxl.patch + +------------------------------------------------------------------- +Wed Jun 10 09:06:36 MDT 2015 - carnold@suse.com + +- bsc#931627 - VUL-0: CVE-2015-4105: XSA-130: xen: Guest triggerable + qemu MSI-X pass-through error messages + qemu-MSI-X-latch-writes.patch +- bsc#907514 - Bus fatal error & sles12 sudden reboot has been observed +- bsc#910258 - SLES12 Xen host crashes with FATAL NMI after shutdown + of guest with VT-d NIC +- bsc#918984 - Bus fatal error & sles11-SP4 sudden reboot has been + observed +- bsc#923967 - Partner-L3: Bus fatal error & sles11-SP3 sudden reboot + has been observed + x86-MSI-X-teardown.patch + x86-MSI-X-enable.patch + x86-MSI-X-guest-mask.patch + x86-MSI-X-maskall.patch + qemu-MSI-X-enable-maskall.patch +- Upstream patches from Jan + 55780aaa-efi-avoid-calling-boot-services-after-ExitBootServices.patch + 55780aff-x86-EFI-fix-EFI_MEMORY_WP-handling.patch + 55780b43-EFI-early-add-mapbs-to-map-EfiBootServices-Code-Data.patch + 55780b97-EFI-support-default-attributes-to-map-Runtime-service-areas.patch + 55780be1-x86-EFI-adjust-EFI_MEMORY_WP-handling-for-spec-version-2.5.patch + 55103616-vm-assist-prepare-for-discontiguous-used-bit-numbers.patch + 5548e95d-x86-allow-to-suppress-M2P-user-mode-exposure.patch +- Dropped the following patches now contained in the tarball + xen-no-array-bounds.patch CVE-2015-4103-xsa128.patch + CVE-2015-4104-xsa129.patch CVE-2015-4105-xsa130.patch + CVE-2015-4106-xsa131-1.patch CVE-2015-4106-xsa131-2.patch + CVE-2015-4106-xsa131-3.patch CVE-2015-4106-xsa131-4.patch + CVE-2015-4106-xsa131-5.patch CVE-2015-4106-xsa131-6.patch + CVE-2015-4106-xsa131-7.patch CVE-2015-4106-xsa131-8.patch + +------------------------------------------------------------------- +Wed Jun 3 08:57:26 MDT 2015 - carnold@suse.com + +- Update to Xen 4.5.1 RC2 +- bsc#931628 - VUL-0: CVE-2015-4106: XSA-131: xen: Unmediated PCI + register access in qemu + CVE-2015-4106-xsa131-1.patch + CVE-2015-4106-xsa131-2.patch + CVE-2015-4106-xsa131-3.patch + CVE-2015-4106-xsa131-4.patch + CVE-2015-4106-xsa131-5.patch + CVE-2015-4106-xsa131-6.patch + CVE-2015-4106-xsa131-7.patch + CVE-2015-4106-xsa131-8.patch + CVE-2015-4106-xsa131-9.patch +- bsc#931627 - VUL-0: CVE-2015-4105: XSA-130: xen: Guest triggerable + qemu MSI-X pass-through error messages + CVE-2015-4105-xsa130.patch +- bsc#931626 - VUL-0: CVE-2015-4104: XSA-129: xen: PCI MSI mask + bits inadvertently exposed to guests + CVE-2015-4104-xsa129.patch +- bsc#931625 - VUL-0: CVE-2015-4103: XSA-128: xen: Potential + unintended writes to host MSI message data field via qemu + CVE-2015-4103-xsa128.patch +- Upstream patches from Jan + 5548e903-domctl-don-t-truncate-XEN_DOMCTL_max_mem-requests.patch + 556c2cf2-x86-don-t-crash-mapping-a-page-using-EFI-rt-page-tables.patch + 556d9718-efi-fix-allocation-problems-if-ExitBootServices-fails.patch + 556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch + 556eabf7-x86-apic-Disable-the-LAPIC-later-in-smp_send_stop.patch + 556eac15-x86-crash-don-t-use-set_fixmap-in-the-crash-path.patch + +------------------------------------------------------------------- +Wed May 20 12:13:25 UTC 2015 - ohering@suse.de + +- Add DefaultDependencies=no to xen-dom0-modules.service because + it has to run before proc-xen.mount + +------------------------------------------------------------------- +Tue May 19 11:05:31 MDT 2015 - carnold@suse.com + +- Update to Xen 4.5.1 RC1 + +------------------------------------------------------------------- +Fri May 15 16:34:08 UTC 2015 - ohering@suse.de + +- Update blktap-no-uninit.patch to work with gcc-4.5 + +------------------------------------------------------------------- +Mon May 11 15:07:30 MDT 2015 - carnold@suse.com + +- bsc#927967 - VUL-0: CVE-2015-3340: xen: Information leak through + XEN_DOMCTL_gettscinfo (XSA-132) + 5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch + +------------------------------------------------------------------- +Thu May 7 06:53:15 MDT 2015 - carnold@suse.com + +- bnc#929339 - VUL-0: CVE-2015-3456: qemu kvm xen: VENOM qemu + floppy driver host code execution + CVE-2015-3456-xsa133-qemuu.patch + CVE-2015-3456-xsa133-qemut.patch + +------------------------------------------------------------------- +Mon Apr 27 09:55:01 MDT 2015 - carnold@suse.com + +- bsc#928783 - Reboot failure; Request backport of upstream Xen + patch to 4.5.0, or update pkgs to 4.5.1 + 5513b458-allow-reboot-overrides-when-running-under-EFI.patch + 5513b4d1-dont-apply-reboot-quirks-if-reboot-set-by-user.patch + +------------------------------------------------------------------- +Tue Apr 21 12:21:05 UTC 2015 - ohering@suse.de + +- bnc#927750 - Avoid errors reported by system-modules-load.service + +------------------------------------------------------------------- +Wed Apr 8 10:17:41 UTC 2015 - rguenther@suse.com + +- Add xen-no-array-bounds.patch and blktap-no-uninit.patch to selectively + turn errors back to warnings to fix build with GCC 5. +- Amend xen.stubdom.newlib.patch to pull in declaration of strcmp to + avoid implicit-fortify-decl rpmlint error. +- Fix quoting of __SMBIOS_DATE__ in xen.build-compare.smbiosdate.patch. + +------------------------------------------------------------------- +Fri Apr 3 10:54:05 MDT 2015 - carnold@suse.com + +- xentop: Fix memory leak on read failure + 551ac326-xentop-add-support-for-qdisk.patch + +------------------------------------------------------------------- +Tue Mar 31 16:03:54 MDT 2015 - carnold@suse.com + +- Dropped xentop-add-support-for-qdisk.patch in favor of upstream + version + 551ac326-xentop-add-support-for-qdisk.patch + +------------------------------------------------------------------- +Mon Mar 16 10:14:15 MDT 2015 - carnold@suse.com + +- Enable spice support in qemu for x86_64 + 5124efbe-add-qxl-support.patch + qemu-xen-enable-spice-support.patch + +------------------------------------------------------------------- +Thu Mar 12 12:33:45 UTC 2015 - rguenther@suse.com + +- Add xen-c99-fix.patch to remove pointless inline specifier on + function declarations which break build with a C99 compiler which + GCC 5 is by default. (bsc#921994) +- Add ipxe-no-error-logical-not-parentheses.patch to supply + -Wno-logical-not-parentheses to the ipxe build to fix + breakage with GCC 5. (bsc#921994) + +------------------------------------------------------------------- +Wed Mar 11 13:15:07 MDT 2015 - carnold@suse.com + +- bnc#921842 - Xentop doesn't display disk statistics for VMs using + qdisks + xentop-add-support-for-qdisk.patch + +------------------------------------------------------------------- +Tue Feb 24 16:22:45 UTC 2015 - meissner@suse.com + +- Disable the PIE enablement done for Factory, as the XEN code + is not buildable with PIE and it does not make much sense + to build the hypervisor code with it. + +------------------------------------------------------------------- +Tue Feb 17 10:48:56 MST 2015 - carnold@suse.com + +- bnc#918169 - XEN fixes required to work with Kernel 3.19.0 + xen.spec + +------------------------------------------------------------------- +Tue Feb 10 16:06:40 UTC 2015 - ohering@suse.de + +- Package xen.changes because its referenced in xen.spec + +------------------------------------------------------------------- +Wed Jan 28 08:44:32 MST 2015 - carnold@suse.com + +- Update seabios to rel-1.7.5 which is the correct version for + Xen 4.5 + +------------------------------------------------------------------- +Wed Jan 14 10:47:43 MST 2015 - carnold@suse.com + +- Update to Xen 4.5.0 FCS + +------------------------------------------------------------------- +Wed Jan 14 16:54:24 UTC 2015 - ohering@suse.de + +- Include systemd presets in 13.2 and older + +------------------------------------------------------------------- +Mon Jan 12 14:49:23 UTC 2015 - ohering@suse.de + +- bnc#897352 - Enable xencommons/xendomains only during fresh install +- disable restart on upgrade because the toolstack is not restartable + +------------------------------------------------------------------- +Tue Dec 16 11:42:30 UTC 2014 - ohering@suse.de + +- adjust seabios, vgabios, stubdom and hvmloader build to reduce + build-compare noise + xen.build-compare.mini-os.patch + xen.build-compare.smbiosdate.patch + xen.build-compare.ipxe.patch + xen.build-compare.vgabios.patch + xen.build-compare.seabios.patch + xen.build-compare.man.patch + +------------------------------------------------------------------- +Mon Dec 15 11:36:42 MST 2014 - carnold@suse.com + +- Update to Xen 4.5.0 RC4 + +------------------------------------------------------------------- +Wed Dec 10 08:54:22 UTC 2014 - ohering@suse.de + +- Remove xend specific if-up scripts + Recording bridge slaves is a generic task which should be handled + by generic network code + +------------------------------------------------------------------- +Tue Dec 9 18:33:51 UTC 2014 - ohering@suse.de + +- Use systemd features from upstream + requires updated systemd-presets-branding package + +------------------------------------------------------------------- +Thu Dec 4 11:59:29 MST 2014 - carnold@suse.com + +- Update to Xen 4.5.0 RC3 + +------------------------------------------------------------------- +Thu Dec 4 11:44:24 UTC 2014 - ohering@suse.de + +- Set GIT, WGET and FTP to /bin/false + +------------------------------------------------------------------- +Wed Dec 3 12:14:27 UTC 2014 - ohering@suse.de + +- Use new configure features instead of make variables + xen.stubdom.newlib.patch + +------------------------------------------------------------------- +Wed Nov 19 17:10:51 UTC 2014 - ohering@suse.de + +- adjust docs and xen build to reduce build-compare noise + xen.build-compare.doc_html.patch + xen.build-compare.xen_compile_h.patch + +------------------------------------------------------------------- +Mon Nov 17 16:28:13 UTC 2014 - ohering@suse.de + +- Drop trailing B_CNT from XEN_EXTRAVERSION to reduce build-compare noise + +------------------------------------------------------------------- +Tue Nov 11 11:15:30 MST 2014 - carnold@suse.com + +- Update to Xen 4.5.0 RC2 + +------------------------------------------------------------------- +Thu Oct 23 18:34:55 MDT 2014 - carnold@suse.com + +- Update to Xen 4.5.0 RC1 + xen-4.5.0-testing-src.tar.bz2 +- Remove all patches now contained in the new tarball + xen-4.4.1-testing-src.tar.bz2 + 5315a3bb-x86-don-t-propagate-acpi_skip_timer_override-do-Dom0.patch + 5315a43a-x86-ACPI-also-print-address-space-for-PM1x-fields.patch + 53299d8f-xenconsole-reset-tty-on-failure.patch + 53299d8f-xenconsole-tolerate-tty-errors.patch + 5346a7a0-x86-AMD-support-further-feature-masking-MSRs.patch + 53563ea4-x86-MSI-drop-workaround-for-insecure-Dom0-kernels.patch + 537c9c77-libxc-check-return-values-on-mmap-and-madvise.patch + 537cd0b0-hvmloader-also-cover-PCI-MMIO-ranges-above-4G-with-UC-MTRR-ranges.patch + 537cd0cc-hvmloader-PA-range-0xfc000000-0xffffffff-should-be-UC.patch + 539ebe62-x86-EFI-improve-boot-time-diagnostics.patch + 53aac342-x86-HVM-consolidate-and-sanitize-CR4-guest-reserved-bit-determination.patch + 53c9151b-Fix-xl-vncviewer-accesses-port-0-by-any-invalid-domid.patch + 53d124e7-fix-list_domain_details-check-config-data-length-0.patch + 53dba447-x86-ACPI-allow-CMOS-RTC-use-even-when-ACPI-says-there-is-none.patch + 53df727b-x86-HVM-extend-LAPIC-shortcuts-around-P2M-lookups.patch + 53e8be5f-x86-vHPET-use-rwlock-instead-of-simple-one.patch + 53f737b1-VMX-fix-DebugCtl-MSR-clearing.patch + 53f7386d-x86-irq-process-softirqs-in-irq-keyhandlers.patch + 53fcebab-xen-pass-kernel-initrd-to-qemu.patch + 53ff3659-x86-consolidate-boolean-inputs-in-hvm-and-p2m.patch + 53ff36ae-x86-hvm-treat-non-insn-fetch-NPF-also-as-read-violations.patch + 53ff36d5-x86-mem_event-deliver-gla-fault-EPT-violation-information.patch + 53ff3716-x86-ats-Disable-Address-Translation-Services-by-default.patch + 53ff3899-x86-NMI-allow-processing-unknown-NMIs-with-watchdog.patch + 54005472-EPT-utilize-GLA-GPA-translation-known-for-certain-faults.patch + 540effe6-evtchn-check-control-block-exists-when-using-FIFO-based-events.patch + 540f2624-x86-idle-add-barriers-to-CLFLUSH-workaround.patch + 541825dc-VMX-don-t-leave-x2APIC-MSR-intercepts-disabled.patch + 541ad385-x86-suppress-event-check-IPI-to-MWAITing-CPUs.patch + 541ad3ca-x86-HVM-batch-vCPU-wakeups.patch + 541ad81a-VT-d-suppress-UR-signaling-for-further-desktop-chipsets.patch + 54216833-x86-shadow-fix-race-when-sampling-dirty-vram-state.patch + 54216882-x86-emulate-check-cpl-for-all-privileged-instructions.patch + 542168ae-x86emul-only-emulate-swint-injection-for-real-mode.patch + 54228a37-x86-EFI-fix-freeing-of-uninitialized-pointer.patch + 5423e61c-x86emul-fix-SYSCALL-SYSENTER-SYSEXIT-emulation.patch + 5424057f-x86-HVM-fix-miscellaneous-aspects-of-x2APIC-emulation.patch + 542405b4-x86-HVM-fix-ID-handling-of-x2APIC-emulation.patch + 542bf997-x86-HVM-properly-bound-x2APIC-MSR-range.patch + 54325cc0-x86-MSI-fix-MSI-X-case-of-freeing-IRQ.patch + 54325d2f-x86-restore-reserving-of-IO-APIC-pages-in-XENMEM_machine_memory_map-output.patch + 54325d95-don-t-allow-Dom0-access-to-IOMMUs-MMIO-pages.patch + 54325ecc-AMD-guest_iommu-properly-disable-guest-iommu-support.patch + 54325f3c-x86-paging-make-log-dirty-operations-preemptible.patch + 54379e6d-x86-vlapic-don-t-silently-accept-bad-vectors.patch + CVE-2013-4540-qemu.patch qemu-support-xen-hvm-direct-kernel-boot.patch + qemu-xen-upstream-blkif-discard.patch change-vnc-passwd.patch + libxc-pass-errno-to-callers-of-xc_domain_save.patch + libxl.honor-more-top-level-vfb-options.patch + libxl.add-option-for-discard-support-to-xl-disk-conf.patch + libxl.introduce-an-option-to-disable-the-non-O_DIRECT-workaround.patch + x86-dom-print.patch x86-extra-trap-info.patch tmp_build.patch + xl-check-for-libvirt-managed-domain.patch disable-wget-check.patch +- Xend/xm is no longer supported and is not part of the upstream code. Remove + all xend/xm specific patches, configs, and scripts + xen-xmexample.patch bridge-opensuse.patch xmexample.disks xmclone.sh + init.xend xend-relocation.sh xend.service xend-relocation-server.fw + domUloader.py xmexample.domUloader xmexample.disks + bridge-vlan.patch bridge-bonding.patch bridge-record-creation.patch + network-nat-open-SuSEfirewall2-FORWARD.patch + xend-set-migration-constraints-from-cmdline.patch + xen.migrate.tools-xend_move_assert_to_exception_block.patch + xend-pvscsi-recognize-also-SCSI-CDROM-devices.patch + xend-config.patch xend-max-free-mem.patch xend-hvm-default-pae.patch + xend-vif-route-ifup.patch xend-xenapi-console-protocol.patch xend-core-dump-loc.patch + xend-xen-api-auth.patch xend-checkpoint-rename.patch xend-xm-save-check-file.patch + xend-xm-create-xflag.patch xend-domu-usb-controller.patch xend-devid-or-name.patch + xend-migration-domname-fix.patch xend-del_usb_xend_entry.patch xend-xen-domUloader.patch + xend-multi-xvdp.patch xend-check_device_status.patch xend-change_home_server.patch + xend-minimum-restart-time.patch xend-disable-internal-logrotate.patch xend-config-enable-dump-comment.patch + xend-tools-watchdog-support.patch xend-console-port-restore.patch xend-vcpu-affinity-fix.patch + xend-migration-bridge-check.patch xend-managed-pci-device.patch xend-hvm-firmware-passthrough.patch + xend-cpuinfo-model-name.patch xend-xm-reboot-fix.patch xend-domain-lock.patch + xend-domain-lock-sfex.patch xend-32on64-extra-mem.patch xend-hv_extid_compatibility.patch + xend-xenpaging.autostart.patch xend-remove-xm-deprecation-warning.patch libxen_permissive.patch + tmp-initscript-modprobe.patch init.xendomains xendomains.service + xen-watchdog.service xen-updown.sh + +------------------------------------------------------------------- +Thu Oct 16 14:17:37 MDT 2014 - carnold@suse.com + +- bnc#901317 - L3: increase limit domUloader to 32MB + domUloader.py + +------------------------------------------------------------------- +Tue Oct 14 09:16:37 MDT 2014 - carnold@suse.com + +- bnc#898772 - SLES 12 RC3 - XEN Host crashes when assigning non-VF + device (SR-IOV) to guest + 54325cc0-x86-MSI-fix-MSI-X-case-of-freeing-IRQ.patch +- bnc#882089 - Windows 2012 R2 fails to boot up with greater than + 60 vcpus + 54325ecc-AMD-guest_iommu-properly-disable-guest-iommu-support.patch +- bnc#826717 - VUL-0: CVE-2013-3495: XSA-59: xen: Intel VT-d + Interrupt Remapping engines can be evaded by native NMI interrupts + 541ad81a-VT-d-suppress-UR-signaling-for-further-desktop-chipsets.patch +- Upstream patches from Jan + 540effe6-evtchn-check-control-block-exists-when-using-FIFO-based-events.patch (Replaces xsa107.patch) + 54216833-x86-shadow-fix-race-when-sampling-dirty-vram-state.patch (Replaces xsa104.patch) + 54216882-x86-emulate-check-cpl-for-all-privileged-instructions.patch (Replaces xsa105.patch) + 542168ae-x86emul-only-emulate-swint-injection-for-real-mode.patch (Replaces xsa106.patch) + 54228a37-x86-EFI-fix-freeing-of-uninitialized-pointer.patch + 5423e61c-x86emul-fix-SYSCALL-SYSENTER-SYSEXIT-emulation.patch + 5424057f-x86-HVM-fix-miscellaneous-aspects-of-x2APIC-emulation.patch + 542405b4-x86-HVM-fix-ID-handling-of-x2APIC-emulation.patch + 542bf997-x86-HVM-properly-bound-x2APIC-MSR-range.patch (Replaces xsa108.patch) + 54325d2f-x86-restore-reserving-of-IO-APIC-pages-in-XENMEM_machine_memory_map-output.patch + 54325d95-don-t-allow-Dom0-access-to-IOMMUs-MMIO-pages.patch + 54325f3c-x86-paging-make-log-dirty-operations-preemptible.patch (Replaces xsa97.patch) + 54379e6d-x86-vlapic-don-t-silently-accept-bad-vectors.patch + +------------------------------------------------------------------- +Sat Oct 11 08:38:36 UTC 2014 - dmueller@suse.com + +- restrict requires on grub2-x86_64-xen to x86_64 hosts + +------------------------------------------------------------------- +Wed Oct 8 15:25:34 MDT 2014 - jfehlig@suse.com + +- bsc#900292 - xl: change default dump directory + xl-coredump-file-location.patch + +------------------------------------------------------------------- +Tue Oct 03 15:42:36 MDT 2014 - mlatimer@suse.com + +- Update xen2libvirt.py to better detect and handle file formats + +------------------------------------------------------------------- +Tue Sep 30 12:11:36 MDT 2014 - carnold@suse.com + +- bnc#889526 - VUL-0: CVE-2014-5146, CVE-2014-5149: xen: XSA-97 + Long latency virtual-mmu operations are not preemptible + xsa97.patch +- bnc#882089 - Windows 2012 R2 fails to boot up with greater than + 60 vcpus + 541ad385-x86-suppress-event-check-IPI-to-MWAITing-CPUs.patch + 541ad3ca-x86-HVM-batch-vCPU-wakeups.patch +- Upstream patches from Jan + 540f2624-x86-idle-add-barriers-to-CLFLUSH-workaround.patch + 541825dc-VMX-don-t-leave-x2APIC-MSR-intercepts-disabled.patch + +------------------------------------------------------------------- +Tue Sep 30 09:01:16 MDT 2014 - carnold@suse.com + +- bnc#897657 - VUL-0: CVE-2014-7188: xen: XSA-108 Improper MSR + range used for x2APIC emulation + xsa108.patch + +------------------------------------------------------------------- +Mon Sep 29 14:20:15 MDT 2014 - carnold@suse.com + +- bnc#897906 - libxc: check return values on mmap() and madvise() + on xc_alloc_hypercall_buffer() + 537c9c77-libxc-check-return-values-on-mmap-and-madvise.patch + +------------------------------------------------------------------- +Mon Sep 22 09:55:35 MDT 2014 - carnold@suse.com + +- bnc#897614 - Virtualization/xen: Bug `xen-tools` uninstallable; + grub2-x86_64-xen dependency not available + xen.spec + +------------------------------------------------------------------- +Wed Sep 17 16:21:22 MDT 2014 - jfehlig@suse.com + +- More cleanup of README.SUSE + +------------------------------------------------------------------- +Fri Sep 15 09:37:10 CST 2014 - cyliu@suse.com + +- Update xen patch with upstream patch so that latest libvirt + patch can work. (bnc#896044) + + 53fcebab-xen-pass-kernel-initrd-to-qemu.patch + - xen-pass-kernel-initrd-to-qemu.patch + +------------------------------------------------------------------- +Wed Sep 10 09:15:39 MDT 2014 - carnold@suse.com + +- bnc#895804 - VUL-0: CVE-2014-6268: xen: XSA-107: Mishandling of + uninitialised FIFO-based event channel control blocks + xsa107.patch +- bnc#895802 - VUL-0: CVE-2014-7156: xen: XSA-106: Missing + privilege level checks in x86 emulation of software interrupts + xsa106.patch +- bnc#895799 - VUL-0: CVE-2014-7155: xen: XSA-105: Missing + privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation + xsa105.patch +- bnc#895798 - VUL-0: CVE-2014-7154: xen: XSA-104: Race condition + in HVMOP_track_dirty_vram + xsa104.patch + +------------------------------------------------------------------- +Thu Sep 4 17:01:24 CST 2014 - cyliu@suse.com + +- bnc#882405 - Only one key-press event was generated while holding + a key before key-release in pv guests through xl vncviewer + tigervnc-long-press.patch + +------------------------------------------------------------------- +Tue Sep 2 09:01:24 MDT 2014 - carnold@suse.com + +- Update to Xen Version 4.4.1 FCS + xen-4.4.1-testing-src.tar.bz2 +- Dropped patches now contained in tarball + 53d7b781-x86-cpu-undo-BIOS-CPUID-max_leaf-limit-earlier.patch + 53df71c7-lz4-check-for-underruns.patch + 53e47d6b-x86_emulate-properly-do-IP-updates-and-other-side-effects.patch + +------------------------------------------------------------------- +Mon Sep 1 15:20:20 MDT 2014 - carnold@suse.com + +- bnc#882089 - Windows 2012 R2 fails to boot up with greater than + 60 vcpus + 53df727b-x86-HVM-extend-LAPIC-shortcuts-around-P2M-lookups.patch + 53e8be5f-x86-vHPET-use-rwlock-instead-of-simple-one.patch + 53ff3659-x86-consolidate-boolean-inputs-in-hvm-and-p2m.patch + 53ff36ae-x86-hvm-treat-non-insn-fetch-NPF-also-as-read-violations.patch + 53ff36d5-x86-mem_event-deliver-gla-fault-EPT-violation-information.patch + 54005472-EPT-utilize-GLA-GPA-translation-known-for-certain-faults.patch +- Upstream patches from Jan + 53f737b1-VMX-fix-DebugCtl-MSR-clearing.patch + 53f7386d-x86-irq-process-softirqs-in-irq-keyhandlers.patch + 53ff3716-x86-ats-Disable-Address-Translation-Services-by-default.patch + 53ff3899-x86-NMI-allow-processing-unknown-NMIs-with-watchdog.patch + +------------------------------------------------------------------- +Fri Aug 29 09:25:47 MDT 2014 - carnold@suse.com + +- bnc#864801 - VUL-0: CVE-2013-4540: qemu: zaurus: buffer overrun + on invalid state load + CVE-2013-4540-qemu.patch + +------------------------------------------------------------------- +Fri Aug 15 15:09:27 MDT 2014 - carnold@suse.com + +- Update README.SUSE with additional debug help + +------------------------------------------------------------------- +Fri Aug 8 07:34:38 MDT 2014 - carnold@suse.com + +- bnc#883112 - Xen Panic during boot "System without CMOS RTC must + be booted from EFI" + 53dba447-x86-ACPI-allow-CMOS-RTC-use-even-when-ACPI-says-there-is-none.patch +- Upstream patches from Jan + 53d7b781-x86-cpu-undo-BIOS-CPUID-max_leaf-limit-earlier.patch + 53df71c7-lz4-check-for-underruns.patch + 53df727b-x86-HVM-extend-LAPIC-shortcuts-around-P2M-lookups.patch + 53e47d6b-x86_emulate-properly-do-IP-updates-and-other-side-effects.patch + +------------------------------------------------------------------- +Thu Aug 7 11:26:15 UTC 2014 - carnold@suse.com + +- Update to Xen Version 4.4.1-rc2 + xen-4.4.1-testing-src.tar.bz2 +- Dropped the following upstream patches and xen-4.4.0-testing-src.tar.bz2 + 537b5ede-move-domain-to-cpupool0-before-destroying-it.patch + 5327190a-x86-Intel-work-around-Xeon-7400-series-erratum-AAI65.patch + 534bdf47-x86-HAP-also-flush-TLB-when-altering-a-present-1G-or-intermediate-entry.patch + 535a354b-passthrough-allow-to-suppress-SERR-and-PERR-signaling.patch + 53636ebf-x86-fix-guest-CPUID-handling.patch + 5347b524-evtchn-eliminate-64k-ports-limitation.patch + 53a040c6-page-alloc-scrub-pages-used-by-hypervisor-upon-freeing.patch + 53a1990a-IOMMU-prevent-VT-d-device-IOTLB-operations-on-wrong-IOMMU.patch + 53732f4f-x86-MCE-bypass-uninitialized-vcpu-in-vMCE-injection.patch + 531dc0e2-xmalloc-handle-correctly-page-allocation-when-align-size.patch + 5331917d-x86-enforce-preemption-in-HVM_set_mem_access-p2m_set_mem_access.patch + 531d8e09-x86-HVM-fix-memory-type-merging-in-epte_get_entry_emt.patch + 538ee637-ACPI-Prevent-acpi_table_entries-from-falling-into-a-infinite-loop.patch + 535a34eb-VT-d-suppress-UR-signaling-for-server-chipsets.patch + 535e31bc-x86-HVM-correct-the-SMEP-logic-for-HVM_CR0_GUEST_RESERVED_BITS.patch + 53859956-timers-set-the-deadline-more-accurately.patch + 53636978-hvm_set_ioreq_page-releases-wrong-page-in-error-path.patch + 535a3516-VT-d-suppress-UR-signaling-for-desktop-chipsets.patch + 53cfdcc7-avoid-crash-when-doing-shutdown-with-active-cpupools.patch + 5383175e-VT-d-fix-mask-applied-to-DMIBAR-in-desktop-chipset-XSA-59-workaround.patch + 531d8e34-x86-HVM-consolidate-passthrough-handling-in-epte_get_entry_emt.patch + 532fff53-x86-fix-determination-of-bit-count-for-struct-domain-allocations.patch + 5357baff-x86-add-missing-break-in-dom0_pit_access.patch + 530c54c3-x86-mce-Reduce-boot-time-logspam.patch + 5383167d-ACPI-ERST-fix-table-mapping.patch + 5390927f-x86-fix-reboot-shutdown-with-running-HVM-guests.patch + 530b27fd-x86-MCE-Fix-race-condition-in-mctelem_reserve.patch + 53709b77-Nested-VMX-load-current_vmcs-only-when-it-exists.patch + 5396d818-avoid-crash-on-HVM-domain-destroy-with-PCI-passthrough.patch + 531d8fd0-kexec-identify-which-cpu-the-kexec-image-is-being-executed-on.patch + 5385956b-x86-don-t-use-VA-for-cache-flush-when-also-flushing-TLB.patch + 539ec004-x86-mce-don-t-spam-the-console-with-CPUx-Temperature-z.patch + 53909259-x86-domctl-two-functional-fixes-to-XEN_DOMCTL_-gs-etvcpuextstate.patch + 53859549-AMD-IOMMU-don-t-free-page-table-prematurely.patch + 533d413b-x86-mm-fix-checks-against-max_mapped_pfn.patch + 535fa503-x86-HVM-restrict-HVMOP_set_mem_type.patch + 53271880-VT-d-fix-RMRR-handling.patch + 5390917a-VT-d-honor-APEI-firmware-first-mode-in-XSA-59-workaround-code.patch + 538dcada-x86-HVM-eliminate-vulnerabilities-from-hvm_inject_msi.patch + 53455585-x86-AMD-feature-masking-is-unavailable-on-Fam11.patch + 537b5e50-VT-d-apply-quirks-at-device-setup-time-rather-than-only-at-boot.patch + 53a199d7-x86-EFI-allow-FPU-XMM-use-in-runtime-service-functions.patch + 53cfddaf-x86-mem_event-validate-the-response-vcpu_id-before-acting-on-it.patch + 53b16cd4-VT-d-ATS-correct-and-clean-up-dev_invalidate_iotlb.patch + 53cfdde4-x86-mem_event-prevent-underflow-of-vcpu-pause-counts.patch + 53356c1e-x86-HVM-correct-CPUID-leaf-80000008-handling.patch + 534bbd90-x86-nested-HAP-don-t-BUG-on-legitimate-error.patch + 530b28c5-x86-MSI-don-t-risk-division-by-zero.patch + 5396e805-x86-HVM-refine-SMEP-test-in-HVM_CR4_GUEST_RESERVED_BITS.patch + 5370e03b-pygrub-fix-error-handling-if-no-valid-partitions-are-found.patch + 5321b257-x86-make-hypercall-preemption-checks-consistent.patch + 5321b20b-common-make-hypercall-preemption-checks-consistent.patch + 538c338f-x86-amd_ucode-flip-revision-numbers-in-printk.patch + 537b5e79-VT-d-extend-error-report-masking-workaround-to-newer-chipsets.patch + 531d8db1-x86-hvm-refine-the-judgment-on-IDENT_PT-for-EMT.patch + 53b56de1-properly-reference-count-DOMCTL_-un-pausedomain-hypercalls.patch + 530b2880-Nested-VMX-update-nested-paging-mode-on-vmexit.patch + 533ad1ee-VMX-fix-PAT-value-seen-by-guest.patch + 53206661-pygrub-support-linux16-and-initrd16.patch + 5315a254-IOMMU-generalize-and-correct-softirq-processing.patch + +------------------------------------------------------------------- +Fri Aug 1 08:25:12 UTC 2014 - cyliu@suse.com + +- bnc#820873 - The "long" option doesn't work with "xl list" + 53d124e7-fix-list_domain_details-check-config-data-length-0.patch + +------------------------------------------------------------------- +Thu Jul 30 09:31:52 MDT 2014 - carnold@suse.com + +- bnc#888996 - Package 'xen-tool' contains 'SuSE' spelling in a + filename and/or SPEC file + Renamed README.SuSE -> README.SUSE + Modified files: xen.spec, boot.local.xenU, init.pciback + xend-config.patch, xend-vif-route-ifup.patch + +------------------------------------------------------------------- +Wed Jul 29 16:44:48 MDT 2014 - carnold@suse.com + +- bnc#882673 - Dom0 memory should enforce a minimum memory size + (e.g. dom0_mem=min:512M) + xen.spec (Mike Latimer) + +------------------------------------------------------------------- +Thu Jul 24 07:54:34 MDT 2014 - carnold@suse.com + +- Upstream patches from Jan + 5347b524-evtchn-eliminate-64k-ports-limitation.patch + 53aac342-x86-HVM-consolidate-and-sanitize-CR4-guest-reserved-bit-determination.patch + 53b16cd4-VT-d-ATS-correct-and-clean-up-dev_invalidate_iotlb.patch + 53b56de1-properly-reference-count-DOMCTL_-un-pausedomain-hypercalls.patch + 53cfdcc7-avoid-crash-when-doing-shutdown-with-active-cpupools.patch + 53cfddaf-x86-mem_event-validate-the-response-vcpu_id-before-acting-on-it.patch + 53cfdde4-x86-mem_event-prevent-underflow-of-vcpu-pause-counts.patch + +------------------------------------------------------------------- +Mon Jul 21 03:05:48 UTC 2014 - cyliu@suse.com + +- bnc#886801 - xl vncviewer: The first domu can be accessed by any id + 53c9151b-Fix-xl-vncviewer-accesses-port-0-by-any-invalid-domid.patch + +------------------------------------------------------------------- +Mon Jul 14 11:14:38 MDT 2014 - carnold@suse.com + +- Upstream pygrub bug fix + 5370e03b-pygrub-fix-error-handling-if-no-valid-partitions-are-found.patch + +------------------------------------------------------------------- +Wed Jul 9 16:45:58 MDT 2014 - carnold@suse.com + +- Fix pygrub to handle old 32 bit VMs + pygrub-boot-legacy-sles.patch (Mike Latimer) + +------------------------------------------------------------------- +Mon Jul 7 17:54:58 MDT 2014 - jfehlig@suse.com + +- Remove xen-vmresync utility. It is an old Platespin Orchestrate + utility that should have never been included in the Xen package. + Updated xen.spec + +------------------------------------------------------------------- +Mon Jul 7 17:01:59 MDT 2014 - jfehlig@suse.com + +- Rework xen-destroy utility included in xen-utils + bnc#885292 and bnc#886063 + Updated xen-utils-0.1.tar.bz2 + +------------------------------------------------------------------- +Mon Jul 07 11:40:32 MDT 2014 - carnold@suse.com + +- bnc#886063 - Xen monitor fails (xl list --long output different + from xm list --long output) +- bnc#885292 - VirtualDomain: pid_status does not know how to check + status on SLE12 + Re-enable building xen-utils for sle12 and include xen-list and + xen-destroy in the xen-tools package for HA. + xen.spec + +------------------------------------------------------------------- +Fri Jun 27 12:21:47 MDT 2014 - carnold@suse.com + +- bnc#882127 - Xen kernel panics on booting SLES12 Beta 8 + 53a199d7-x86-EFI-allow-FPU-XMM-use-in-runtime-service-functions.patch +- Upstream patches from Jan + 538c338f-x86-amd_ucode-flip-revision-numbers-in-printk.patch + 538ee637-ACPI-Prevent-acpi_table_entries-from-falling-into-a-infinite-loop.patch + 5390917a-VT-d-honor-APEI-firmware-first-mode-in-XSA-59-workaround-code.patch + 53909259-x86-domctl-two-functional-fixes-to-XEN_DOMCTL_-gs-etvcpuextstate.patch + 5390927f-x86-fix-reboot-shutdown-with-running-HVM-guests.patch + 5396d818-avoid-crash-on-HVM-domain-destroy-with-PCI-passthrough.patch + 5396e805-x86-HVM-refine-SMEP-test-in-HVM_CR4_GUEST_RESERVED_BITS.patch + 539ebe62-x86-EFI-improve-boot-time-diagnostics.patch + 539ec004-x86-mce-don-t-spam-the-console-with-CPUx-Temperature-z.patch + 53a040c6-page-alloc-scrub-pages-used-by-hypervisor-upon-freeing.patch (replaces xsa100.patch) + 53a1990a-IOMMU-prevent-VT-d-device-IOTLB-operations-on-wrong-IOMMU.patch + +------------------------------------------------------------------- +Tue Jun 24 16:11:08 MDT 2014 - jfehlig@suse.com + +- Replace 'domUloader' with 'pygrub' when converting or importing + Xen domains into libvirt with xen2libvirt. domUloader is no + longer provided in xen-tools. + Modified: xen2libvirt.py + +------------------------------------------------------------------- +Thu Jun 13 15:50:19 MDT 2014 - cyliu@suse.com + +- fate#310956: Support Direct Kernel Boot for FV guests + patches would go to upstream: + qemu side: qemu-support-xen-hvm-direct-kernel-boot.patch + xen side: xen-pass-kernel-initrd-to-qemu.patch + +------------------------------------------------------------------- +Thu Jun 6 15:50:19 MDT 2014 - carnold@suse.com + +- Modify how we check for libvirt managed domains + xl-check-for-libvirt-managed-domain.patch + +------------------------------------------------------------------- +Thu Jun 5 08:56:13 MDT 2014 - carnold@suse.com + +- bnc#880751 - VUL-0: xen: Hypervisor heap contents leaked to + guests + xsa100.patch +- bnc#878841 - VUL-0: XSA-96: Xen: Vulnerabilities in HVM MSI + injection + 538dcada-x86-HVM-eliminate-vulnerabilities-from-hvm_inject_msi.patch +- Upstream patches from Jan + 537cd0b0-hvmloader-also-cover-PCI-MMIO-ranges-above-4G-with-UC-MTRR-ranges.patch + 537cd0cc-hvmloader-PA-range-0xfc000000-0xffffffff-should-be-UC.patch + 5383167d-ACPI-ERST-fix-table-mapping.patch + 5383175e-VT-d-fix-mask-applied-to-DMIBAR-in-desktop-chipset-XSA-59-workaround.patch + 53859549-AMD-IOMMU-don-t-free-page-table-prematurely.patch + 5385956b-x86-don-t-use-VA-for-cache-flush-when-also-flushing-TLB.patch + 53859956-timers-set-the-deadline-more-accurately.patch + +------------------------------------------------------------------- +Tue May 27 16:54:13 CEST 2014 - ohering@suse.de + +- bnc#879425: handle cache=unsafe from libvirt to disable flush in qdisk + libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch + qemu-xen-upstream-qdisk-cache-unsafe.patch + +------------------------------------------------------------------- +Tue May 27 16:50:22 CEST 2014 - ohering@suse.de + +- libxl: introduce an option for disabling the non-O_DIRECT workaround + recognize direct-io-safe in domU.cfg diskspec + libxl.introduce-an-option-to-disable-the-non-O_DIRECT-workaround.patch + +------------------------------------------------------------------- +Tue May 27 16:44:06 CEST 2014 - ohering@suse.de + +- fate#316071: add discard support for file backed storage (qdisk) + update patch to allow more values in overloaded ->readwrite member + +------------------------------------------------------------------- +Tue May 27 08:03:51 MDT 2014 - carnold@suse.com + +- bnc#826717 - VUL-0: CVE-2013-3495: XSA-59: xen: Intel VT-d + Interrupt Remapping engines can be evaded by native NMI interrupts + 537b5e50-VT-d-apply-quirks-at-device-setup-time-rather-than-only-at-boot.patch + 537b5e79-VT-d-extend-error-report-masking-workaround-to-newer-chipsets.patch +- Upstream patches from Jan + 53709b77-Nested-VMX-load-current_vmcs-only-when-it-exists.patch + 53732f4f-x86-MCE-bypass-uninitialized-vcpu-in-vMCE-injection.patch + 537b5ede-move-domain-to-cpupool0-before-destroying-it.patch + +------------------------------------------------------------------- +Tue May 20 16:34:37 MDT 2014 - carnold@suse.com + +- Update README.SuSE with information on the toolstack change + +------------------------------------------------------------------- +Fri May 16 10:27:04 CEST 2014 - ohering@suse.de + +- fate#316071: add discard support for file backed storage (qdisk) + update to recognize option discard/no-discard instead of discard=0,1 + to match upstream change + +------------------------------------------------------------------- +Mon May 12 18:00:14 CEST 2014 - ohering@suse.de + +- fate#316613: Implement pvscsi in xl/libxl + libxl.pvscsi.patch + +------------------------------------------------------------------- +Fri May 9 08:07:34 MDT 2014 - carnold@suse.com + +- bnc#875668 - VUL-0: CVE-2014-3124: xen: XSA-92: + HVMOP_set_mem_type allows invalid P2M entries to be created + 535fa503-x86-HVM-restrict-HVMOP_set_mem_type.patch (replaces xsa92.patch) +- bnc#826717 - VUL-0: CVE-2013-3495: XSA-59: xen: Intel VT-d + Interrupt Remapping engines can be evaded by native NMI interrupts + 535a34eb-VT-d-suppress-UR-signaling-for-server-chipsets.patch + 535a3516-VT-d-suppress-UR-signaling-for-desktop-chipsets.patch +- Upstream patches from Jan + 535a354b-passthrough-allow-to-suppress-SERR-and-PERR-signaling.patch + 535e31bc-x86-HVM-correct-the-SMEP-logic-for-HVM_CR0_GUEST_RESERVED_BITS.patch + 53636978-hvm_set_ioreq_page-releases-wrong-page-in-error-path.patch + 53636ebf-x86-fix-guest-CPUID-handling.patch + +------------------------------------------------------------------- +Tue May 6 13:24:14 MDT 2014 - carnold@suse.com + +- Fix pygrub to handle VM with no grub/menu.lst file. +- Don't use /var/run/xend/boot for temporary boot directory + pygrub-boot-legacy-sles.patch + +------------------------------------------------------------------- +Sat Apr 26 09:56:36 MDT 2014 - carnold@suse.com + +- When the xl command is used, check to see if the domain being + modified is managed by libvirt and print warning if it is. + xl-check-for-libvirt-managed-domain.patch + +------------------------------------------------------------------- +Thu Apr 24 08:17:36 MDT 2014 - carnold@suse.com + +- Upstream patches from Jan + 53455585-x86-AMD-feature-masking-is-unavailable-on-Fam11.patch + 5346a7a0-x86-AMD-support-further-feature-masking-MSRs.patch + 534bbd90-x86-nested-HAP-don-t-BUG-on-legitimate-error.patch + 534bdf47-x86-HAP-also-flush-TLB-when-altering-a-present-1G-or-intermediate-entry.patch + 53563ea4-x86-MSI-drop-workaround-for-insecure-Dom0-kernels.patch + 5357baff-x86-add-missing-break-in-dom0_pit_access.patch +- XSA-92 + xsa92.patch + +------------------------------------------------------------------- +Sat Apr 12 20:48:21 UTC 2014 - mmarek@suse.cz + +- Add # needssslcertforbuild to use the project's certificate when + building in a home project. (bnc#872354) + +------------------------------------------------------------------- +Wed Apr 9 08:07:03 MDT 2014 - carnold@suse.com + +- Upstream patches from Jan + 53356c1e-x86-HVM-correct-CPUID-leaf-80000008-handling.patch + 533ad1ee-VMX-fix-PAT-value-seen-by-guest.patch + 533d413b-x86-mm-fix-checks-against-max_mapped_pfn.patch + +------------------------------------------------------------------- +Thu Apr 3 16:21:03 UTC 2014 - carnold@suse.com + +- bnc#862608 - SLES 11 SP3 vm-install should get RHEL 7 support + when released + 53206661-pygrub-support-linux16-and-initrd16.patch +- Upstream bug fixes + 53299d8f-xenconsole-reset-tty-on-failure.patch + 53299d8f-xenconsole-tolerate-tty-errors.patch + +------------------------------------------------------------------- +Thu Apr 3 16:21:03 UTC 2014 - dmueller@suse.com + +- fix build for armv7l and aarch64 + +------------------------------------------------------------------- +Thu Apr 3 15:40:31 CEST 2014 - ohering@suse.de + +- Remove compiletime strings from qemu-upstream + qemu-xen-upstream-megasas-buildtime.patch + +------------------------------------------------------------------- +Wed Apr 2 08:47:27 MDT 2014 - carnold@suse.com + +- bnc#871546 - KMPs are not signed in SUSE:SLE-12:GA? + xen.spec + +------------------------------------------------------------------- +Tue Apr 1 08:14:29 MDT 2014 - carnold@suse.com + +- Upstream patches from Jan + 532fff53-x86-fix-determination-of-bit-count-for-struct-domain-allocations.patch + 5331917d-x86-enforce-preemption-in-HVM_set_mem_access-p2m_set_mem_access.patch +- Drop xsa89.patch for upstream version (see bnc#867910, 5331917d-x86-enforce...) + +------------------------------------------------------------------- +Fri Mar 28 11:00:07 MDT 2014 - carnold@suse.com + +- bnc#863821 - Xen unable to boot paravirtualized VMs installed + with btrfs. Add 'Requires: grub2-x86_64-xen' to xen-tools. +- Restore soft links for qemu-system-i386 and qemu-dm +- Cleanup inconsistency in which version of qemu-system-i386 is + being used (Xen vs qemu-x86). Use only Xen's version. + xen.spec + +------------------------------------------------------------------- +Wed Mar 27 14:18:06 MDT 2014 - carnold@suse.com + +- Add conditionals for SLE12 when defining xend and max_cpus + xen.spec + +------------------------------------------------------------------- +Wed Mar 19 14:18:06 MDT 2014 - carnold@suse.com + +- Upstream patches from Jan + 5321b20b-common-make-hypercall-preemption-checks-consistent.patch + 5321b257-x86-make-hypercall-preemption-checks-consistent.patch + 53271880-VT-d-fix-RMRR-handling.patch + 5327190a-x86-Intel-work-around-Xeon-7400-series-erratum-AAI65.patch +- Dropped the following as now part of 5321b257 + 5310bac3-mm-ensure-useful-progress-in-decrease_reservation.patch + +------------------------------------------------------------------- +Wed Mar 12 08:20:42 MDT 2014 - carnold@suse.com + +- bnc#867910 - VUL-0: EMBARGOED: xen: XSA-89: HVMOP_set_mem_access + is not preemptible + xsa89.patch +- Upstream patches from Jan + 530b27fd-x86-MCE-Fix-race-condition-in-mctelem_reserve.patch + 530b2880-Nested-VMX-update-nested-paging-mode-on-vmexit.patch + 530b28c5-x86-MSI-don-t-risk-division-by-zero.patch + 530c54c3-x86-mce-Reduce-boot-time-logspam.patch + 5310bac3-mm-ensure-useful-progress-in-decrease_reservation.patch + 5315a254-IOMMU-generalize-and-correct-softirq-processing.patch + 5315a3bb-x86-don-t-propagate-acpi_skip_timer_override-do-Dom0.patch + 5315a43a-x86-ACPI-also-print-address-space-for-PM1x-fields.patch + 531d8db1-x86-hvm-refine-the-judgment-on-IDENT_PT-for-EMT.patch + 531d8e09-x86-HVM-fix-memory-type-merging-in-epte_get_entry_emt.patch + 531d8e34-x86-HVM-consolidate-passthrough-handling-in-epte_get_entry_emt.patch + 531d8fd0-kexec-identify-which-cpu-the-kexec-image-is-being-executed-on.patch + 531dc0e2-xmalloc-handle-correctly-page-allocation-when-align-size.patch + +------------------------------------------------------------------- +Tue Mar 11 16:21:11 MDT 2014 - carnold@suse.com + +- Add conversion tool for migrating xend/xm managed VMs to libvirt + xen2libvirt.py (Jim Fehlig) + +------------------------------------------------------------------- +Mon Mar 10 07:17:17 MDT 2014 - carnold@suse.com + +- Update to Xen 4.4.0 FCS + +------------------------------------------------------------------- +Thu Mar 06 13:46:24 MST 2014 - mlatimer@suse.com + +- bnc#865682 - Local attach support for PHY backends using scripts + local_attach_support_for_phy.patch + +------------------------------------------------------------------- +Wed Feb 26 00:36:24 UTC 2014 - mlatimer@suse.com + +- bnc#798770 - Improve multipath support for npiv devices + block-npiv + block-npiv-common.sh + +------------------------------------------------------------------- +Wed Feb 19 19:56:31 CET 2014 - ohering@suse.de + +- honor global keymap= option in libxl + libxl.honor-more-top-level-vfb-options.patch + +------------------------------------------------------------------- +Tue Feb 11 13:27:42 MST 2014 - carnold@suse.com + +- Update to c/s 28381 to include libxl fork and event fixes for + libvirt + xen-4.4.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Tue Feb 11 16:14:08 CET 2014 - ohering@suse.de + +- bnc#863297: xend/pvscsi: recognize also SCSI CDROM devices + xend-pvscsi-recognize-also-SCSI-CDROM-devices.patch + +------------------------------------------------------------------- +Tue Feb 11 09:24:23 CET 2014 - ohering@suse.de + +- fate#316614: set migration constraints from cmdline + fix xl migrate to print the actual error string + libxc-pass-errno-to-callers-of-xc_domain_save.patch + +------------------------------------------------------------------- +Mon Feb 10 10:01:54 MST 2014 - carnold@suse.com + +- Include additional help docs for xl in xen-tools +- Apply all patches including those for unpackaged xend + xen.spec + +------------------------------------------------------------------- +Mon Feb 10 10:28:18 CET 2014 - ohering@suse.de + +- fate#316614: set migration constraints from cmdline + split existing changes into libxl and xend part + added libxl.set-migration-constraints-from-cmdline.patch + added xend-set-migration-constraints-from-cmdline.patch + removed xen.migrate.tools_add_xm_migrate_--log_progress_option.patch + removed xen.migrate.tools_set_number_of_dirty_pages_during_migration.patch + removed xen.migrate.tools_set_migration_constraints_from_cmdline.patch + +------------------------------------------------------------------- +Tue Feb 4 11:20:12 MST 2014 - carnold@suse.com + +- Enable ix86 32bit build for xen-libs to be built to support + xen-tools-domU on 32bit VMs and also vhostmd running in 32bit VMs + +------------------------------------------------------------------- +Sun Feb 3 16:38:34 MST 2014 - carnold@suse.de + +- Enable blktapctrl when qemu-traditional is required to satisfy + build dependencies. Remove binaries after build if xend is + disabled + +------------------------------------------------------------------- +Sun Feb 2 22:47:34 CET 2014 - ohering@suse.de + +- update ifarch usage in xen.spec to cover also arm +- blktapctrl is used only by xend +- fix xend-tools-xend sub pkg handling +- default to gcc47 for sles11sp3 builds +- remove all latex packages from BuildRequires +- aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch + +------------------------------------------------------------------- +Sun Feb 2 19:43:05 CET 2014 - ohering@suse.de + +- add arch dependent install suffix for /boot/xen files + +------------------------------------------------------------------- +Sat Feb 1 13:39:03 CET 2014 - ohering@suse.de + +- Set max_cpus==4 for non-x86_64 builds + +------------------------------------------------------------------- +Fri Jan 31 08:41:15 MST 2014 - carnold@suse.com + +- Update to Xen 4.4.0 RC3 c/s 28321 + +------------------------------------------------------------------- +Thu Jan 30 23:10:22 CET 2014 - ohering@suse.de + +- Add flex and bison to BuildRequires, needed by previous patch + +------------------------------------------------------------------- +Thu Jan 30 17:19:10 CET 2014 - ohering@suse.de + +- fate#316071: add discard support for file backed storage (qdisk) + libxl.add-option-for-discard-support-to-xl-disk-conf.patch + +------------------------------------------------------------------- +Thu Jan 27 19:53:39 MST 2014 - carnold@suse.com + +- On platforms where xend is still supported don't output a + deprecation warning when using xm. + xend-remove-xm-deprecation-warning.patch + +------------------------------------------------------------------- +Thu Jan 23 16:11:39 MST 2014 - carnold@suse.com + +- Changed License to GPL-2.0 (from GPL-2.0+) + +------------------------------------------------------------------- +Thu Jan 23 16:11:39 MST 2014 - carnold@suse.com + +- Dropped xen-changeset.patch. It is no longer needed. + +------------------------------------------------------------------- +Sun Jan 19 00:13:06 CET 2014 - ohering@suse.de + +- BuildRequire libfdt1-devel on ARM + +------------------------------------------------------------------- +Sat Jan 18 00:35:46 CET 2014 - ohering@suse.de + +- fate#311487: remove modprobe.conf files for autoloading of + pv-on-hvm files. + Rely on core kernel to skip initialization of emulated hardware + Handle xen_emul_unplug= from xenlinux based core kernel-default + xen_pvonhvm.xen_emul_unplug.patch + Dropped xen_pvdrivers.conf + +------------------------------------------------------------------- +Wed Jan 16 13:11:32 MST 2014 - carnold@suse.com + +- Fix the spec file to build for old distros + The xm/xend toolstack will continue to be contained in xen-tools + for older openSUSE and sles distros but it will be contained in + xend-tools for os13.x + +------------------------------------------------------------------- +Wed Jan 15 19:55:32 CET 2014 - ohering@suse.de + +- fate#316071: add discard support for file backed storage (qdisk) + to qemu-upstream, enabled unconditionally + qemu-xen-upstream-blkif-discard.patch + +------------------------------------------------------------------- +Tue Jan 14 12:13:45 MST 2014 - carnold@suse.com + +- Update to Xen 4.4.0 RC2 c/s 28287 + +------------------------------------------------------------------- +Tue Jan 9 11:44:11 MST 2014 - carnold@suse.com + +- Restore 32bit ix86 support in spec file for kmps and domU tools +- Restore a few missing xend patches + xend-config-enable-dump-comment.patch + xend-tools-watchdog-support.patch + xend-vif-route-ifup.patch + +------------------------------------------------------------------- +Tue Jan 2 11:52:11 MST 2014 - carnold@suse.com + +- fate#315692: XEN: Include Xen version 4.4 in SLES-12 + Update to Xen 4.4.0 RC1 c/s 28233 +- Drop 32bit support from spec file +- Dropped numerous patches now included in the tarball + +------------------------------------------------------------------- +Wed Jan 1 10:28:10 UTC 2014 - coolo@suse.com + +- gcc-32bit pulls in the right gcc bits, so better buildrequire that + +------------------------------------------------------------------- +Tue Nov 26 08:26:07 MST 2013 - carnold@suse.com + +- Upstream patches from Jan + 5281fad4-numa-sched-leave-node-affinity-alone-if-not-in-auto-mode.patch + 52820823-nested-SVM-adjust-guest-handling-of-structure-mappings.patch + 52820863-VMX-don-t-crash-processing-d-debug-key.patch + 5282492f-x86-eliminate-has_arch_mmios.patch + 52864df2-credit-Update-other-parameters-when-setting-tslice_ms.patch + 52864f30-fix-leaking-of-v-cpu_affinity_saved-on-domain-destruction.patch + 5289d225-nested-VMX-don-t-ignore-mapping-errors.patch + 528a0eb0-x86-consider-modules-when-cutting-off-memory.patch + 528f606c-x86-hvm-reset-TSC-to-0-after-domain-resume-from-S3.patch + 528f609c-x86-crash-disable-the-watchdog-NMIs-on-the-crashing-cpu.patch + 52932418-x86-xsave-fix-nonlazy-state-handling.patch + +------------------------------------------------------------------- +Fri Nov 22 14:36:12 MST 2013 - carnold@suse.com + +- bnc#851749 - Xen service file does not call xend properly + xend.service + +------------------------------------------------------------------- +Fri Nov 22 08:15:04 UTC 2013 - adrian@suse.de + +- Add missing requires to pciutils package for xend-tools + +------------------------------------------------------------------- +Tue Nov 19 11:52:31 MST 2013 - carnold@suse.com + +- bnc#851386 - VUL-0: xen: XSA-78: Insufficient TLB flushing in + VT-d (iommu) code + 528a0e5b-TLB-flushing-in-dma_pte_clear_one.patch + +------------------------------------------------------------------- +Tue Nov 19 10:42:54 CET 2013 - tbehrens@suse.com + +- Make -devel package depend on libuuid-devel, since libxl.h + includes uuid.h + +------------------------------------------------------------------- +Mon Nov 11 10:22:20 MST 2013 - carnold@suse.com + +- bnc#849667 - VUL-0: xen: XSA-74: Lock order reversal between + page_alloc_lock and mm_rwlock + CVE-2013-4553-xsa74.patch +- bnc#849665 - VUL-0: CVE-2013-4551: xen: XSA-75: Host crash due to + guest VMX instruction execution + 52809208-nested-VMX-VMLANUCH-VMRESUME-emulation-must-check-permission-1st.patch +- bnc#849668 - VUL-0: xen: XSA-76: Hypercalls exposed to privilege + rings 1 and 2 of HVM guests + CVE-2013-4554-xsa76.patch +- Upstream patches from Jan + 52654798-x86-xsave-also-save-restore-XCR0-across-suspend-ACPI-S3.patch + 526e43d4-x86-refine-address-validity-checks-before-accessing-page-tables.patch + 526f786a-fix-locking-in-cpu_disable_scheduler.patch + 5277646c-x86-ACPI-x2APIC-guard-against-out-of-range-ACPI-or-APIC-IDs.patch + 5277a134-x86-make-sure-memory-block-is-RAM-before-passing-to-the-allocator.patch + 5278f7f9-x86-HVM-32-bit-IN-result-must-be-zero-extended-to-64-bits.patch + 527a0a05-call-sched_destroy_domain-before-cpupool_rm_domain.patch + 527cb7d2-x86-hvm-fix-restart-of-RTC-periodic-timer-with-vpt_align-1.patch + 527cb820-x86-EFI-make-trampoline-allocation-more-flexible.patch + 5280aae0-x86-idle-reduce-contention-on-ACPI-register-accesses.patch + +------------------------------------------------------------------- +Wed Nov 4 09:42:36 MDT 2013 - carnold@suse.com + +- bnc#848657 - VUL-0: xen: CVE-2013-4494: XSA-73: Lock order + reversal between page allocation and grant table locks + 5277639c-gnttab-correct-locking-order-reversal.patch + +------------------------------------------------------------------- +Thu Oct 31 17:07:49 MDT 2013 - carnold@suse.com + +- Update to Xen 4.3.1 + +------------------------------------------------------------------- +Tue Oct 22 13:42:54 MDT 2013 - carnold@suse.com + +- domUloader can no longer be used with the xl toolstack to boot + sles10. Patch pygrub to get the kernel and initrd from the image. + pygrub-boot-legacy-sles.patch + +------------------------------------------------------------------- +Mon Oct 21 09:57:54 MDT 2013 - carnold@suse.com + +- bnc#842515 - VUL-0: CVE-2013-4375: XSA-71: xen: qemu disk backend + (qdisk) resource leak + CVE-2013-4375-xsa71.patch +- bnc#845520 - VUL-0: CVE-2013-4416: xen: ocaml xenstored + mishandles oversized message replies + CVE-2013-4416-xsa72.patch +- Upstream patches from Jan + 52496bea-x86-properly-handle-hvm_copy_from_guest_-phys-virt-errors.patch (Replaces CVE-2013-4355-xsa63.patch) + 52496c11-x86-mm-shadow-Fix-initialization-of-PV-shadow-L4-tables.patch (Replaces CVE-2013-4356-xsa64.patch) + 52496c32-x86-properly-set-up-fbld-emulation-operand-address.patch (Replaces CVE-2013-4361-xsa66.patch) + 52497c6c-x86-don-t-blindly-create-L3-tables-for-the-direct-map.patch + 524e971b-x86-idle-Fix-get_cpu_idle_time-s-interaction-with-offline-pcpus.patch + 524e9762-x86-percpu-Force-INVALID_PERCPU_AREA-to-non-canonical.patch + 524e983e-Nested-VMX-check-VMX-capability-before-read-VMX-related-MSRs.patch + 524e98b1-Nested-VMX-fix-IA32_VMX_CR4_FIXED1-msr-emulation.patch + 524e9dc0-xsm-forbid-PV-guest-console-reads.patch + 5256a979-x86-check-segment-descriptor-read-result-in-64-bit-OUTS-emulation.patch + 5256be57-libxl-fix-vif-rate-parsing.patch + 5256be84-tools-ocaml-fix-erroneous-free-of-cpumap-in-stub_xc_vcpu_getaffinity.patch + 5256be92-libxl-fix-out-of-memory-error-handling-in-libxl_list_cpupool.patch + 5257a89a-x86-correct-LDT-checks.patch + 5257a8e7-x86-add-address-validity-check-to-guest_map_l1e.patch + 5257a944-x86-check-for-canonical-address-before-doing-page-walks.patch + 525b95f4-scheduler-adjust-internal-locking-interface.patch + 525b9617-sched-fix-race-between-sched_move_domain-and-vcpu_wake.patch + 525e69e8-credit-unpause-parked-vcpu-before-destroying-it.patch + 525faf5e-x86-print-relevant-tail-part-of-filename-for-warnings-and-crashes.patch + +------------------------------------------------------------------- +Wed Oct 2 15:58:47 MDT 2013 - jfehlig@suse.com + +- Improvements to block-dmmd script + bnc#828623 + +------------------------------------------------------------------- +Tue Oct 1 15:28:25 MDT 2013 - carnold@suse.com + +- bnc#840196 - L3: MTU size on Dom0 gets reset when booting DomU + with e1000 device + set-mtu-from-bridge-for-tap-interface.patch + +------------------------------------------------------------------- +Mon Sep 30 10:48:29 MDT 2013 - carnold@suse.com + +- bnc#839596 - VUL-0: CVE-2013-1442: XSA-62: xen: Information leak + on AVX and/or LWP capable CPUs + 5242a1b5-x86-xsave-initialize-extended-register-state-when-guests-enable-it.patch +- bnc#840592 - VUL-0: CVE-2013-4355: XSA-63: xen: Information leaks + through I/O instruction emulation + CVE-2013-4355-xsa63.patch +- bnc#840593 - VUL-0: CVE-2013-4356: XSA-64: xen: Memory accessible + by 64-bit PV guests under live migration + CVE-2013-4356-xsa64.patch +- bnc#841766 - VUL-1: CVE-2013-4361: XSA-66: xen: Information leak + through fbld instruction emulation + CVE-2013-4361-xsa66.patch +- bnc#833796 - L3: Xen: migration broken from xsave-capable to + xsave-incapable host + 52205e27-x86-xsave-initialization-improvements.patch + 522dc0e6-x86-xsave-fix-migration-from-xsave-capable-to-xsave-incapable-host.patch +- bnc#839600 - [HP BCS SLES11 Bug]: In HP’s UEFI x86_64 platform and + sles11sp3 with xen environment, xen hypervisor will panic on + multiple blades nPar. + 523172d5-x86-fix-memory-cut-off-when-using-PFN-compression.patch +- bnc#833251 - [HP BCS SLES11 Bug]: In HP’s UEFI x86_64 platform + and with xen environment, in booting stage ,xen hypervisor will + panic. + 522d896b-x86-EFI-properly-handle-run-time-memory-regions-outside-the-1-1-map.patch +- bnc#834751 - [HP BCS SLES11 Bug]: In xen, “shutdown –y 0 –h” + cannot power off system + 522d896b-x86-EFI-properly-handle-run-time-memory-regions-outside-the-1-1-map.patch +- Upstream patches from Jan + 520119fc-xen-conring-Write-to-console-ring-even-if-console-lock-is-busted.patch + 520a2705-watchdog-crash-Always-disable-watchdog-in-console_force_unlock.patch + 522d8a1f-x86-allow-guest-to-set-clear-MSI-X-mask-bit-try-2.patch + 522dc044-xmalloc-make-whole-pages-xfree-clear-the-order-field-ab-used-by-xmalloc.patch + 522f2f9f-Nested-VMX-Clear-bit-31-of-IA32_VMX_BASIC-MSR.patch + 522f37b2-sched-arinc653-check-for-guest-data-transfer-failures.patch + 5231e090-libxc-x86-fix-page-table-creation-for-huge-guests.patch + 5231f00c-cpufreq-missing-check-of-copy_from_guest.patch + 523304b6-x86-machine_restart-must-not-call-acpi_dmar_reinstate-twice.patch + 5239a064-x86-HVM-fix-failure-path-in-hvm_vcpu_initialise.patch + 5239a076-VMX-fix-failure-path-in-construct_vmcs.patch + 523c0ed4-x86-HVM-properly-handle-wide-MMIO.patch + 523c1758-sched_credit-filter-node-affinity-mask-against-online-cpus.patch + 523ff393-x86-HVM-linear-address-must-be-canonical-for-the-whole-accessed-range.patch + 523ff3e2-x86-HVM-refuse-doing-string-operations-in-certain-situations.patch + +------------------------------------------------------------------- +Wed Sep 25 18:54:24 CEST 2013 - ohering@suse.de + +- Use upstream version of unplugging in PVonHVM guests + add 523c1834-unmodified_drivers-enable-unplug-per-default.patch + remove disable_emulated_device.patch + +------------------------------------------------------------------- +Wed Sep 25 16:17:37 CEST 2013 - ohering@suse.de + +- fate#315714 - Support pvUSB in Xen HVM guests, add xen-usb.ko + +------------------------------------------------------------------- +Mon Sep 9 09:26:18 MDT 2013 - carnold@suse.com + +- Upstream patches from Jan + 521c6d4a-x86-don-t-allow-Dom0-access-to-the-MSI-address-range.patch + 521c6d6c-x86-don-t-allow-Dom0-access-to-the-HT-address-range.patch + 521c6e23-x86-Intel-add-support-for-Haswell-CPU-models.patch + 521db25f-Fix-inactive-timer-list-corruption-on-second-S3-resume.patch + 521e1156-x86-AVX-instruction-emulation-fixes.patch + 521ef8d9-AMD-IOMMU-add-missing-checks.patch + 52205a7d-hvmloader-smbios-Correctly-count-the-number-of-tables-written.patch + 52205a90-public-hvm_xs_strings.h-Fix-ABI-regression-for-OEM-SMBios-strings.patch + 52205e27-x86-xsave-initialization-improvements.patch + 5226020f-xend-handle-extended-PCI-configuration-space-when-saving-state.patch + 52260214-xend-fix-file-descriptor-leak-in-pci-utilities.patch + 52285317-hvmloader-fix-SeaBIOS-interface.patch + +------------------------------------------------------------------- +Tue Sep 3 16:23:16 MDT 2013 - carnold@suse.com + +- bnc#837585 - xen* pkg update DISables `xencommons` and + `xendomains` systemd services + xen.spec + +------------------------------------------------------------------- +Fri Aug 30 20:11:46 CEST 2013 - ohering@suse.de + +- remove unneeded patch, autoload is handled by PCI device, without + PCI device xen_platform_pci would not work anyway + xen.sles11sp1.fate311487.xen_platform_pci.dmistring.patch + +------------------------------------------------------------------- +Fri Aug 30 20:07:41 CEST 2013 - ohering@suse.de + +- Update our xen-3.0.4 version of unplug code in qemu-trad + add comments about the usage of the code + rename handler function + reenable handlers for writing/reading from emulated PCI device + +------------------------------------------------------------------- +Fri Aug 30 19:51:03 CEST 2013 - ohering@suse.de + +- Change unplugging of emulated devices in PVonHVM guests + Since 3.0.4 xen-platform-pci.ko triggerd the unplug by writing + to the PCI space of the emulated PCI device. 3.3 introduced an + official unplug protocol. The option to unplug wit the official + protocol is disabled per default. + Remove our version and enable the unplug via official protocol + +------------------------------------------------------------------- +Fri Aug 30 08:11:55 MDT 2013 - carnold@suse.com + +- Upstream patches from Jan + 51e517e6-AMD-IOMMU-allocate-IRTEs.patch + 51e5183f-AMD-IOMMU-untie-remap-and-vector-maps.patch + 51e63df6-VMX-fix-interaction-of-APIC-V-and-Viridian-emulation.patch + 52146070-ACPI-fix-acpi_os_map_memory.patch + 5214d26a-VT-d-warn-about-CFI-being-enabled-by-firmware.patch + 5215d094-Nested-VMX-Check-whether-interrupt-is-blocked-by-TPR.patch + 5215d0c5-Nested-VMX-Force-check-ISR-when-L2-is-running.patch + 5215d135-Nested-VMX-Clear-APIC-v-control-bit-in-vmcs02.patch + 5215d2d5-Nested-VMX-Update-APIC-v-RVI-SVI-when-vmexit-to-L1.patch + 5215d8b0-Correct-X2-APIC-HVM-emulation.patch +- Dropped 520d417d-xen-Add-stdbool.h-workaround-for-BSD.patch + +------------------------------------------------------------------- +Mon Aug 26 15:48:57 MDT 2013 - carnold@suse.com + +- bnc#836239 - SLES 11 SP3 Xen security patch does not + automatically update UEFI boot binary + xen.spec + +------------------------------------------------------------------- +Tue Aug 20 07:56:13 MDT 2013 - carnold@suse.com + +- Upstream patches from Jan + 51d5334e-x86-mm-Ensure-useful-progress-in-alloc_l2_table.patch + 51dd155c-adjust-x86-EFI-build.patch + 51e63d80-x86-cpuidle-Change-logging-for-unknown-APIC-IDs.patch + 51e6540d-x86-don-t-use-destroy_xen_mappings-for-vunmap.patch + 51e7963f-x86-time-Update-wallclock-in-shared-info-when-altering-domain-time-offset.patch + 51ffd577-fix-off-by-one-mistakes-in-vm_alloc.patch + 51ffd5fd-x86-refine-FPU-selector-handling-code-for-XSAVEOPT.patch + 520114bb-Nested-VMX-Flush-TLBs-and-Caches-if-paging-mode-changed.patch + 520a5504-VMX-add-boot-parameter-to-enable-disable-APIC-v-dynamically.patch + 520a24f6-x86-AMD-Fix-nested-svm-crash-due-to-assertion-in-__virt_to_maddr.patch + 520a2570-x86-AMD-Inject-GP-instead-of-UD-when-unable-to-map-vmcb.patch + 520b4b60-VT-d-protect-against-bogus-information-coming-from-BIOS.patch + 520b4bda-x86-MTRR-fix-range-check-in-mtrr_add_page.patch + 520cb8b6-x86-time-fix-check-for-negative-time-in-__update_vcpu_system_time.patch + 520d417d-xen-Add-stdbool.h-workaround-for-BSD.patch + +------------------------------------------------------------------- +Fri Aug 16 14:54:53 MDT 2013 - carnold@suse.com + +- The xencommons.service file handles the starting of xenstored + and xenconsoled. Drop the following services files as + unecessary. Update xendomains.service to reflect these changes. + xenstored.service + xenconsoled.service + blktapctrl.service + +------------------------------------------------------------------- +Thu Aug 16 08:54:04 MDT 2013 - carnold@suse.com + +- Add xencommons.service to xendomains.service 'After' tag + xendomains.service + +------------------------------------------------------------------- +Thu Aug 15 14:54:04 MDT 2013 - carnold@suse.com + +- Change the default bridge in xl.conf from xenbr0 to just br0 + xl-conf-default-bridge.patch +- Add network.target to xendomains.service 'After' tag + xendomains.service + +------------------------------------------------------------------- +Wed Jul 31 11:34:14 MDT 2013 - carnold@suse.com + +- Spec file cleanups + xen.spec +- Renamed xend-sysconfig.patch to xencommons-sysconfig.patch + +------------------------------------------------------------------- +Mon Jul 29 16:46:33 MDT 2013 - carnold@suse.com + +- Added support for systemd with the following service files + xenstored.service + blktapctrl.service + xend.service + xenconsoled.service + xen-watchdog.service + xendomains.service + xencommons.service + +------------------------------------------------------------------- +Fri Jul 12 11:05:11 MDT 2013 - carnold@suse.com + +- Upstream patches from Jan + 51d277a3-x86-don-t-pass-negative-time-to-gtime_to_gtsc-try-2.patch + 51d27807-iommu-amd-Fix-logic-for-clearing-the-IOMMU-interrupt-bits.patch + 51d27841-iommu-amd-Workaround-for-erratum-787.patch + 51daa074-Revert-hvmloader-always-include-HPET-table.patch + +------------------------------------------------------------------- +Fri Jul 12 09:31:01 MDT 2013 - carnold@suse.com + +- Dropped deprecated or unnecessary patches + pvdrv-import-shared-info.patch + minios-fixups.patch + +------------------------------------------------------------------- +Tue Jul 9 13:06:27 MDT 2013 - carnold@suse.com + +- Update to Xen 4.3.0 FCS + +------------------------------------------------------------------- +Fri Jul 5 14:31:51 UTC 2013 - agraf@suse.com + +- Enable ARM targets for Xen + +------------------------------------------------------------------- +Thu Jun 27 16:57:08 MDT 2013 - carnold@suse.com + +- Update to Xen 4.3.0-rc6 + +------------------------------------------------------------------- +Wed Jun 19 14:34:20 MDT 2013 - carnold@suse.com + +- Update to Xen 4.3.0-rc5 + +------------------------------------------------------------------- +Wed Jun 14 11:06:23 MDT 2013 - carnold@suse.com + +- Update to Xen 4.3.0-rc4 + +------------------------------------------------------------------- +Mon Jun 10 18:36:38 MDT 2013 - carnold@suse.com + +- Fix xen-utils compiler time warnings + xen-utils-0.1.tar.bz2 + +------------------------------------------------------------------- +Fri Jun 7 08:45:56 MDT 2013 - carnold@suse.com + +- Enable building the KMPs + xen.spec + +------------------------------------------------------------------- +Wed Jun 5 11:02:23 MDT 2013 - carnold@suse.com + +- Update to Xen 4.3.0-rc3 + +------------------------------------------------------------------- +Fri May 31 09:40:59 MDT 2013 - carnold@suse.com + +- bnc#801663 - performance of mirror lvm unsuitable for production + block-dmmd + +------------------------------------------------------------------- +Thu May 30 18:45:40 MDT 2013 - carnold@suse.com + +- Update to Xen 4.3.0-rc2 + +------------------------------------------------------------------- +Wed May 15 13:45:50 MDT 2013 - carnold@suse.com + +- The xend toolstack is now deprecated and unsupported. Consolidate + all xend and traditional qemu patches into one patch file. + Rename '.diff' patches to '.patch' and reoder others. + xend-traditional-qemu.patch + +------------------------------------------------------------------- +Tue May 14 15:36:04 MDT 2013 - carnold@suse.com + +- Create a xend-tools package for the legacy xend toolstack and + traditional qemu files. + +------------------------------------------------------------------- +Mon May 13 16:02:52 MDT 2013 - carnold@suse.com + +- Update to Xen 4.3.0-rc1 c/s 27068 + Drop all upstream changeset patches now included in 4.3 tarball +- Removed the doc-pdf RPM as there are no more PDFs to include + since the docs/xen-api sources were dropped. + +------------------------------------------------------------------- +Tue May 7 11:46:29 MDT 2013 - carnold@suse.com + +- bnc#818183 - VUL-0: xen: CVE-2013-2007: XSA-51: qga set umask + 0077 when daemonizing + CVE-2013-2007-xsa51-1.patch + CVE-2013-2007-xsa51-2.patch + +------------------------------------------------------------------- +Mon May 6 15:52:03 CEST 2013 - ohering@suse.de + +- add lndir to BuildRequires + +------------------------------------------------------------------- +Mon May 6 11:45:03 CEST 2013 - ohering@suse.de + +- remove xen.migrate.tools_notify_restore_to_hangup_during_migration_--abort_if_busy.patch + It changed migration protocol and upstream wants a different solution + +------------------------------------------------------------------- +Sun May 5 16:20:30 CEST 2013 - ohering@suse.de + +- bnc#802221 - fix xenpaging + readd xenpaging.qemu.flush-cache.patch + +------------------------------------------------------------------- +Thu May 2 09:11:33 MDT 2013 - carnold@suse.com + +- bnc#808269 - Fully Virtualized Windows VM install is failed on + Ivy Bridge platforms with Xen kernel + 26754-hvm-Improve-APIC-INIT-SIPI-emulation.patch + +------------------------------------------------------------------- +Tue Apr 30 09:15:26 MDT 2013 - carnold@suse.com + +- Upstream patches from Jan + 26891-x86-S3-Fix-cpu-pool-scheduling-after-suspend-resume.patch + 26930-x86-EFI-fix-runtime-call-status-for-compat-mode-Dom0.patch +- Additional fix for bnc#816159 + CVE-2013-1918-xsa45-followup.patch + +------------------------------------------------------------------- +Mon Apr 29 15:40:35 MDT 2013 - cyliu@suse.com + +- bnc#817068 - Xen guest with >1 sr-iov vf won't start + xen-managed-pci-device.patch + +------------------------------------------------------------------- +Mon Apr 29 11:21:54 MDT 2013 - carnold@suse.com + +- Update to Xen 4.2.2 c/s 26064 + The following recent security patches are included in the tarball + CVE-2013-0151-xsa34.patch (bnc#797285) + CVE-2012-6075-xsa41.patch (bnc#797523) + CVE-2013-1917-xsa44.patch (bnc#813673) + CVE-2013-1919-xsa46.patch (bnc#813675) + +------------------------------------------------------------------- +Wed Apr 24 08:07:07 MDT 2013 - carnold@suse.com + +- Upstream patch from Jan + 26902-x86-EFI-pass-boot-services-variable-info-to-runtime-code.patch + +------------------------------------------------------------------- +Fri Apr 19 14:22:43 MDT 2013 - carnold@suse.com + +- bnc#816159 - VUL-0: xen: CVE-2013-1918: XSA-45: Several long + latency operations are not preemptible + CVE-2013-1918-xsa45-1-vcpu-destroy-pagetables-preemptible.patch + CVE-2013-1918-xsa45-2-new-guest-cr3-preemptible.patch + CVE-2013-1918-xsa45-3-new-user-base-preemptible.patch + CVE-2013-1918-xsa45-4-vcpu-reset-preemptible.patch + CVE-2013-1918-xsa45-5-set-info-guest-preemptible.patch + CVE-2013-1918-xsa45-6-unpin-preemptible.patch + CVE-2013-1918-xsa45-7-mm-error-paths-preemptible.patch +- bnc#816163 - VUL-0: xen: CVE-2013-1952: XSA-49: VT-d interrupt + remapping source validation flaw for bridges + CVE-2013-1952-xsa49.patch + +------------------------------------------------------------------- +Thu Apr 18 10:17:08 MDT 2013 - cyliu@suse.com + +- bnc#809662 - can't use pv-grub to start domU (pygrub does work) + xen.spec + +------------------------------------------------------------------- +Mon Apr 15 14:47:41 MDT 2013 - carnold@suse.com + +- bnc#814709 - Unable to create XEN virtual machines in SLED 11 SP2 + on Kyoto + xend-cpuinfo-model-name.patch + +------------------------------------------------------------------- +Mon Apr 15 10:55:17 MDT 2013 - carnold@suse.com + +- bnc#813673 - VUL-0: CVE-2013-1917: xen: Xen PV DoS vulnerability with + SYSENTER + CVE-2013-1917-xsa44.patch +- bnc#813675 - VUL-0: CVE-2013-1919: xen: Several access permission + issues with IRQs for unprivileged guests + CVE-2013-1919-xsa46.patch +- bnc#814059 - VUL-1: xen: qemu-nbd format-guessing due to missing + format specification + CVE-2013-1922-xsa48.patch +- Upstream patches from Jan + 26749-x86-reserve-pages-when-SandyBridge-integrated-graphics.patch + 26751-x86-EFI-permit-setting-variable-with-non-zero-attributes.patch + 26765-hvm-Clean-up-vlapic_reg_write-error-propagation.patch + 26770-x86-irq_move_cleanup_interrupt-must-ignore-legacy-vectors.patch + 26771-x86-S3-Restore-broken-vcpu-affinity-on-resume.patch + 26772-VMX-Always-disable-SMEP-when-guest-is-in-non-paging-mode.patch + 26773-x86-mm-shadow-spurious-warning-when-unmapping-xenheap-pages.patch + 26774-defer-event-channel-bucket-pointer-store-until-after-XSM-checks.patch + 26799-x86-don-t-pass-negative-time-to-gtime_to_gtsc.patch + +------------------------------------------------------------------- +Thu Apr 4 11:17:43 MDT 2013 - carnold@suse.com + +- bnc#813156 - IndentationError in XendCheckpoint.py + xend-domain-lock.patch + +------------------------------------------------------------------- +Tue Apr 2 15:41:19 CEST 2013 - ohering@suse.de + +- bnc#797014 - no way to control live migrations +- bnc#803712 - after live migration rcu_sched_state detected stalls + xen.migrate.tools-xend_move_assert_to_exception_block.patch + xen.migrate.tools-libxc_print_stats_if_migration_is_aborted.patch + xen.migrate.tools_set_number_of_dirty_pages_during_migration.patch + xen.migrate.tools_notify_restore_to_hangup_during_migration_--abort_if_busy.patch + +------------------------------------------------------------------- +Tue Mar 26 10:37:43 MDT 2013 - carnold@suse.com + +- bnc#811764 - XEN (hypervisor or kernel) has a problem with EFI + variable services + x86-EFI-set-variable-permit-attrs.patch +- Upstream patches from Jan + 26060-ACPI-ERST-table-size-checks.patch + 26692-x86-fully-protect-MSI-X-table-from-PV-guest-accesses.patch + 26702-powernow-add-fixups-for-AMD-P-state-figures.patch + 26704-x86-MCA-suppress-bank-clearing-for-certain-injected-events.patch (bnc#805579) + 26731-AMD-IOMMU-Process-softirqs-while-building-dom0-iommu-mappings.patch + 26733-VT-d-Enumerate-IOMMUs-when-listing-capabilities.patch + 26734-ACPI-ERST-Name-table-in-otherwise-opaque-error-messages.patch + 26736-ACPI-APEI-Unlock-apei_iomaps_lock-on-error-path.patch + 26737-ACPI-APEI-Add-apei_exec_run_optional.patch + 26742-IOMMU-properly-check-whether-interrupt-remapping-is-enabled.patch + 26743-VT-d-deal-with-5500-5520-X58-errata.patch (bnc#801910) + 26744-AMD-IOMMU-allow-disabling-only-interrupt-remapping.patch + +------------------------------------------------------------------- +Thu Mar 14 09:58:38 MDT 2013 - jfehlig@suse.com + +- Load blktap module in xencommons init script. blktap2 doesn't + support qcow2, so blktap is needed to support domains with + 'tap:qcow2' disk configurations. + modified tmp-initscript-modprobe.patch + +------------------------------------------------------------------- +Thu Mar 14 07:32:17 MDT 2013 - carnold@suse.com + +- bnc#809203 - xen.efi isn't signed with SUSE Secure Boot key + xen.spec + +------------------------------------------------------------------- +Mon Mar 11 21:07:21 MDT 2013 - jfehlig@suse.com + +- Fix adding managed PCI device to an inactive domain + modified xen-managed-pci-device.patch + +------------------------------------------------------------------- +Mon Mar 11 11:45:22 MDT 2013 - jfehlig@suse.com + +- bnc#805094 - xen hot plug attach/detach fails + modified blktap-pv-cdrom.patch + +------------------------------------------------------------------- +Mon Mar 11 11:17:57 MDT 2013 - jfehlig@suse.com + +- bnc# 802690 - domain locking can prevent a live migration from + completing + modified xend-domain-lock.patch + +------------------------------------------------------------------- +Fri Mar 8 15:01:15 CET 2013 - ohering@suse.de + +- bnc#797014 - no way to control live migrations + 26675-tools-xentoollog_update_tty_detection_in_stdiostream_progress.patch + xen.migrate.tools-xc_print_messages_from_xc_save_with_xc_report.patch + xen.migrate.tools-xc_document_printf_calls_in_xc_restore.patch + xen.migrate.tools-xc_rework_xc_save.cswitch_qemu_logdirty.patch + xen.migrate.tools_set_migration_constraints_from_cmdline.patch + xen.migrate.tools_add_xm_migrate_--log_progress_option.patch + +------------------------------------------------------------------- +Thu Mar 7 14:39:57 MST 2013 - carnold@suse.com + +- Upstream patches from Jan + 26585-x86-mm-Take-the-p2m-lock-even-in-shadow-mode.patch + 26595-x86-nhvm-properly-clean-up-after-failure-to-set-up-all-vCPU-s.patch + 26601-honor-ACPI-v4-FADT-flags.patch + 26656-x86-fix-null-pointer-dereference-in-intel_get_extended_msrs.patch + 26659-AMD-IOMMU-erratum-746-workaround.patch + 26660-x86-fix-CMCI-injection.patch + 26672-vmx-fix-handling-of-NMI-VMEXIT.patch + 26673-Avoid-stale-pointer-when-moving-domain-to-another-cpupool.patch + 26676-fix-compat-memory-exchange-op-splitting.patch + 26677-x86-make-certain-memory-sub-ops-return-valid-values.patch + 26678-SEDF-avoid-gathering-vCPU-s-on-pCPU0.patch + 26679-x86-defer-processing-events-on-the-NMI-exit-path.patch + 26683-credit1-Use-atomic-bit-operations-for-the-flags-structure.patch + 26689-fix-domain-unlocking-in-some-xsm-error-paths.patch + +------------------------------------------------------------------- +Tue Mar 5 13:35:40 MST 2013 - carnold@suse.com + +- fate#313584: pass bios information to XEN HVM guest + xend-hvm-firmware-passthrough.patch + +------------------------------------------------------------------- +Mon Mar 4 20:28:29 CET 2013 - ohering@suse.de + +- bnc#806736: enabling xentrace crashes hypervisor + 26686-xentrace_fix_off-by-one_in_calculate_tbuf_size.patch + +------------------------------------------------------------------- +Thu Feb 28 11:12:04 CET 2013 - ohering@suse.de + +- update xenalyze to revision 149 + Make eip_list output more useful + Use correct length when copying record into buffer + decode PV_HYPERCALL_SUBCALL events + decode PV_HYPERCALL_V2 records + Analyze populate-on-demand reclamation patterns + Handle 64-bit MMIO + Also strip write bit when processing a generic event + Make the warnigns in hvm_generic_postprocess more informative + Don't warn about switching paging levels unless verbosity>=6 + Process NPFs as generic for summary purposes + Add HVM_EVENT_VLAPIC + +------------------------------------------------------------------- +Wed Feb 20 15:00:13 MST 2013 - jfehlig@suse.com + +- Add upstream patch to fix vfb/vkb initialization in libxl + 26369-libxl-devid.patch + +------------------------------------------------------------------- +Tue Feb 19 14:35:07 MST 2013 - carnold@suse.com + +- fate##313584: pass bios information to XEN HVM guest + 26554-hvm-firmware-passthrough.patch + 26555-hvm-firmware-passthrough.patch + 26556-hvm-firmware-passthrough.patch + +------------------------------------------------------------------- +Tue Feb 19 10:46:46 MST 2013 - carnold@suse.com + +- Upstream patches from Jan + 26516-ACPI-parse-table-retval.patch (Replaces CVE-2013-0153-xsa36.patch) + 26517-AMD-IOMMU-clear-irtes.patch (Replaces CVE-2013-0153-xsa36.patch) + 26518-AMD-IOMMU-disable-if-SATA-combined-mode.patch (Replaces CVE-2013-0153-xsa36.patch) + 26519-AMD-IOMMU-perdev-intremap-default.patch (Replaces CVE-2013-0153-xsa36.patch) + 26526-pvdrv-no-devinit.patch + 26529-gcc48-build-fix.patch + 26531-AMD-IOMMU-IVHD-special-missing.patch (Replaces CVE-2013-0153-xsa36.patch) + 26532-AMD-IOMMU-phantom-MSI.patch + 26536-xenoprof-div-by-0.patch + 26576-x86-APICV-migration.patch + 26577-x86-APICV-x2APIC.patch + 26578-AMD-IOMMU-replace-BUG_ON.patch + +------------------------------------------------------------------- +Mon Feb 18 17:28:00 CET 2013 - ohering@suse.de + +- bnc#797014 - no way to control live migrations + 26547-tools-xc_fix_logic_error_in_stdiostream_progress.patch + 26548-tools-xc_handle_tty_output_differently_in_stdiostream_progress.patch + 26549-tools-xc_turn_XCFLAGS_*_into_shifts.patch + 26550-tools-xc_restore_logging_in_xc_save.patch + 26551-tools-xc_log_pid_in_xc_save-xc_restore_output.patch + +------------------------------------------------------------------- +Mon Feb 11 14:35:06 UTC 2013 - mmarek@suse.cz + +- Set $BRP_PESIGN_FILES in the %install section so that modules + are signed in the buildservice (fate#314552). + +------------------------------------------------------------------- +Mon Feb 11 15:33:24 CET 2013 - ohering@suse.de + +- PVonHVM: __devinit was removed in linux-3.8 + +------------------------------------------------------------------- +Wed Feb 6 09:01:29 MST 2013 - jfehlig@suse.com + +- Add 'managed' PCI passthrough support to xend, allowing support + for the same through libvirt + xen-managed-pci-device.patch + FATE#313570 + +------------------------------------------------------------------- +Tue Feb 5 11:50:14 MST 2013 - carnold@suse.com + +- Upstream patches from Jan + 26287-sched-credit-pick-idle.patch + 26340-VT-d-intremap-verify-legacy-bridge.patch (Replaces CVE-2012-5634-xsa33.patch) + 26370-libxc-x86-initial-mapping-fit.patch + 26395-x86-FPU-context-conditional.patch + 26404-x86-forward-both-NMI-kinds.patch + 26418-x86-trampoline-consider-multiboot.patch + 26427-x86-AMD-enable-WC+.patch + 26428-x86-HVM-RTC-update.patch + 26440-x86-forward-SERR.patch + 26443-ACPI-zap-DMAR.patch + 26444-x86-nHVM-no-self-enable.patch (Replaces CVE-2013-0152-xsa35.patch) + 26501-VMX-simplify-CR0-update.patch + 26502-VMX-disable-SMEP-when-not-paging.patch + +------------------------------------------------------------------- +Fri Feb 1 08:30:28 MST 2013 - carnold@suse.com + +- bnc#800275 - VUL-0: XSA-36: CVE-2013-0153: xen: interrupt remap + entries shared and old ones not cleared on AMD IOMMUs + CVE-2013-0153-xsa36.patch + +------------------------------------------------------------------- +Wed Jan 30 15:14:41 UTC 2013 - mmarek@suse.cz + +- Add # needssslcertforbuild to the specfile, to make the UEFI + signing certificate available during build (fate#314511, fate#314552). + +------------------------------------------------------------------- +Fri Jan 25 14:57:30 MST 2013 - jfehlig@suse.com + +- bnc#798188 - Add $network to xend initscript dependencies + +------------------------------------------------------------------- +Thu Jan 24 15:57:12 MST 2013 - jfehlig@suse.com + +- Add upstream patches to fix libxl bugs. These patches have + already been posted for inclusion in xen-4.2-testing. + 25912-partial-libxl.patch + 26372-tools-paths.patch + 26468-libxl-race.patch + 26469-libxl-race.patch + +------------------------------------------------------------------- +Tue Jan 22 08:12:39 MST 2013 - carnold@novell.com + +- bnc#797285 - VUL-0: Xen: XSA-34 (CVE-2013-0151) - nested + virtualization on 32-bit exposes host crash + CVE-2013-0151-xsa34.patch +- bnc#797287 - VUL-0: Xen: XSA-35 (CVE-2013-0152) - Nested HVM + exposes host to being driven out of memory by guest + CVE-2013-0152-xsa35.patch + +------------------------------------------------------------------- +Thu Jan 17 14:13:52 MST 2013 - carnold@novell.com + +- bnc#793717 - NetWare will not boot on Xen 4.2 + xnloader.py + domUloader.py + pygrub-netware-xnloader.patch + Removed reverse-24757-use-grant-references.patch + +------------------------------------------------------------------- +Wed Jan 16 11:26:29 MST 2013 - carnold@novell.com + +- bnc#797523 - VUL-1: CVE-2012-6075: qemu / kvm-qemu: e1000 + overflows under some conditions + CVE-2012-6075-xsa41.patch + +------------------------------------------------------------------- +Tue Jan 15 13:19:36 MST 2013 - carnold@novell.com + +- Mask the floating point exceptions for guests like NetWare on + machines that support XSAVE. + x86-fpu-context-conditional.patch + +------------------------------------------------------------------- +Mon Jan 14 12:01:33 MST 2013 - carnold@novell.com + +- fate##313584: pass bios information to XEN HVM guest + 26341-hvm-firmware-passthrough.patch + 26342-hvm-firmware-passthrough.patch + 26343-hvm-firmware-passthrough.patch + 26344-hvm-firmware-passthrough.patch + +------------------------------------------------------------------- +Tue Jan 8 11:06:04 MST 2013 - carnold@novell.com + +- bnc#787169 - L3: Marvell 88SE9125 disk controller not detecting + disk in Xen kernel + 26133-IOMMU-defer-BM-disable.patch + 26324-IOMMU-assign-params.patch + 26325-IOMMU-add-remove-params.patch + 26326-VT-d-context-map-params.patch + 26327-AMD-IOMMU-flush-params.patch + 26328-IOMMU-pdev-type.patch + 26329-IOMMU-phantom-dev.patch + 26330-VT-d-phantom-MSI.patch + 26331-IOMMU-phantom-dev-quirk.patch +- Upstream patches from Jan + 26294-x86-AMD-Fam15-way-access-filter.patch + 26320-IOMMU-domctl-assign-seg.patch + 26332-x86-compat-show-guest-stack-mfn.patch + 26333-x86-get_page_type-assert.patch + +------------------------------------------------------------------- +Mon Dec 17 11:20:47 MST 2012 - carnold@novell.com + +- bnc#794316 - VUL-0: CVE-2012-5634: xen: VT-d interrupt remapping + source validation flaw (XSA-33) + CVE-2012-5634-xsa33.patch + +------------------------------------------------------------------- +Mon Dec 17 11:15:17 MST 2012 - carnold@novell.com + +- Update to Xen 4.2.1 c/s 25952 + +------------------------------------------------------------------- +Tue Dec 11 10:14:11 MST 2012 - carnold@novell.com + +- Upstream patches from Jan + 26195-x86-compat-atp-gmfn-range-cont.patch + 26196-ACPI-set-PDC-bits-rc.patch + 26200-IOMMU-debug-verbose.patch + 26203-x86-HAP-dirty-vram-leak.patch + 26229-gnttab-version-switch.patch (Replaces CVE-2012-5510-xsa26.patch) + 26230-x86-HVM-limit-batches.patch (Replaces CVE-2012-5511-xsa27.patch) + 26231-memory-exchange-checks.patch (Replaces CVE-2012-5513-xsa29.patch) + 26232-x86-mark-PoD-error-path.patch (Replaces CVE-2012-5514-xsa30.patch) + 26233-memop-order-checks.patch (Replaces CVE-2012-5515-xsa31.patch) + 26234-x86-page-from-gfn-pv.patch (Replaces CVE-2012-5525-xsa32.patch) + 26235-IOMMU-ATS-max-queue-depth.patch + 26252-VMX-nested-rflags.patch + 26253-VMX-nested-rdtsc.patch + 26254-VMX-nested-dr.patch + 26255-VMX-nested-ia32e-mode.patch + 26258-VMX-nested-intr-delivery.patch + 26260-x86-mmuext-errors.patch + 26262-x86-EFI-secure-shim.patch + 26266-sched-ratelimit-check.patch + 26272-x86-EFI-makefile-cflags-filter.patch + +------------------------------------------------------------------- +Mon Dec 10 14:21:14 MST 2012 - carnold@novell.com + +- bnc#757525 - domain destroyed on live migration with missing vif + on target machine + xen-migration-bridge-check.patch + +------------------------------------------------------------------- +Thu Dec 6 10:56:26 MST 2012 - carnold@novell.com + +- NetWare will not boot or install on Xen 4.2 + reverse-24757-use-grant-references.patch + +------------------------------------------------------------------- +Fri Nov 30 10:30:10 CST 2012 - cyliu@suse.com + +- fate#313222 - xenstore-chmod should support 256 permissions + 26189-xenstore-chmod.patch + +------------------------------------------------------------------- +Tue Nov 27 09:17:17 MST 2012 - carnold@novell.com + +- bnc#789945 - VUL-0: CVE-2012-5510: xen: Grant table version + switch list corruption vulnerability (XSA-26) + CVE-2012-5510-xsa26.patch +- bnc#789944 - VUL-0: CVE-2012-5511: xen: Several HVM operations do + not validate the range of their inputs (XSA-27) + CVE-2012-5511-xsa27.patch +- bnc#789951 - VUL-0: CVE-2012-5513: xen: XENMEM_exchange may + overwrite hypervisor memory (XSA-29) + CVE-2012-5513-xsa29.patch +- bnc#789948 - VUL-0: CVE-2012-5514: xen: Missing unlock in + guest_physmap_mark_populate_on_demand() (XSA-30) + CVE-2012-5514-xsa30.patch +- bnc#789950 - VUL-0: CVE-2012-5515: xen: Several memory hypercall + operations allow invalid extent order values (XSA-31) + CVE-2012-5515-xsa31.patch +- bnc#789952 - VUL-0: CVE-2012-5525: xen: Several hypercalls do not + validate input GFNs (XSA-32) + CVE-2012-5525-xsa32.patch +- Upstream patches from Jan + 26129-ACPI-BGRT-invalidate.patch + 26132-tmem-save-NULL-check.patch + 26134-x86-shadow-invlpg-check.patch + 26139-cpumap-masking.patch + 26148-vcpu-timer-overflow.patch (Replaces CVE-2012-4535-xsa20.patch) + 26149-x86-p2m-physmap-error-path.patch (Replaces CVE-2012-4537-xsa22.patch) + 26150-x86-shadow-unhook-toplevel-check.patch (Replaces CVE-2012-4538-xsa23.patch) + 26151-gnttab-compat-get-status-frames.patch (Replaces CVE-2012-4539-xsa24.patch) + 26179-PCI-find-next-cap.patch + 26183-x86-HPET-masking.patch + 26188-x86-time-scale-asm.patch + +------------------------------------------------------------------- +Wed Nov 21 20:57:56 CET 2012 - ohering@suse.de + +- remove obsolete pv-driver-build.patch to fix build + +------------------------------------------------------------------- +Sat Nov 17 10:51:05 UTC 2012 - aj@suse.de + +- Fix build with glibc 2.17: add patch xen-glibc217.patch, fix + configure for librt. + +------------------------------------------------------------------- +Tue Nov 13 16:35:55 MST 2012 - jfehlig@suse.com + +- bnc#777628 - guest "disappears" after live migration + Updated block-dmmd script + +------------------------------------------------------------------- +Fri Nov 9 10:29:51 MST 2012 - carnold@novell.com + +- Fix exception in balloon.py and osdep.py + xen-max-free-mem.diff + +------------------------------------------------------------------- +Tue Nov 6 17:41:34 MDT 2012 - carnold@novell.com + +- fate#311966: Fix XEN VNC implementation to correctly map keyboard + layouts + VNC-Support-for-ExtendedKeyEvent-client-message.patch + +------------------------------------------------------------------- +Tue Oct 30 15:28:27 CET 2012 - ohering@suse.de + +- fate#310510 - fix xenpaging + restore changes to integrate paging into xm/xend + xenpaging.autostart.patch + xenpaging.doc.patch + +------------------------------------------------------------------- +Mon Oct 29 10:46:50 MDT 2012 - carnold@novell.com + +- bnc#787163 - VUL-0: CVE-2012-4544: xen: Domain builder Out-of- + memory due to malicious kernel/ramdisk (XSA 25) + CVE-2012-4544-xsa25.patch +- bnc#779212 - VUL-0: CVE-2012-4411: XEN / qemu: guest + administrator can access qemu monitor console (XSA-19) + CVE-2012-4411-xsa19.patch + +------------------------------------------------------------------- +Thu Oct 25 07:02:45 MDT 2012 - carnold@novell.com + +- bnc#786516 - VUL-0: CVE-2012-4535: xen: Timer overflow DoS + vulnerability + CVE-2012-4535-xsa20.patch +- bnc#786518 - VUL-0: CVE-2012-4536: xen: pirq range check DoS + vulnerability + CVE-2012-4536-xsa21.patch +- bnc#786517 - VUL-0: CVE-2012-4537: xen: Memory mapping failure + DoS vulnerability + CVE-2012-4537-xsa22.patch +- bnc#786519 - VUL-0: CVE-2012-4538: xen: Unhooking empty PAE + entries DoS vulnerability + CVE-2012-4538-xsa23.patch +- bnc#786520 - VUL-0: CVE-2012-4539: xen: Grant table hypercall + infinite loop DoS vulnerability + CVE-2012-4539-xsa24.patch +- bnc#784087 - L3: Xen BUG at io_apic.c:129 + 26102-x86-IOAPIC-legacy-not-first.patch + +------------------------------------------------------------------- +Wed Oct 24 06:15:58 MDT 2012 - carnold@novell.com + +- Upstream patches from Jan + 25920-x86-APICV-enable.patch + 25921-x86-APICV-delivery.patch + 25922-x86-APICV-x2APIC.patch + 25957-x86-TSC-adjust-HVM.patch + 25958-x86-TSC-adjust-sr.patch + 25959-x86-TSC-adjust-expose.patch + 25975-x86-IvyBridge.patch + 25984-SVM-nested-paging-mode.patch + 26054-x86-AMD-perf-ctr-init.patch + 26055-x86-oprof-hvm-mode.patch + 26056-page-alloc-flush-filter.patch + 26061-x86-oprof-counter-range.patch + 26062-ACPI-ERST-move-data.patch + 26063-x86-HPET-affinity-lock.patch + 26095-SVM-nested-leak.patch + 26096-SVM-nested-vmexit-emul.patch + 26098-perfc-build.patch + +------------------------------------------------------------------- +Mon Oct 22 21:21:28 CEST 2012 - ohering@suse.de + +- handle possible asprintf failures in log-guest-console.patch + +------------------------------------------------------------------- +Mon Oct 22 20:19:09 CEST 2012 - ohering@suse.de + +- bnc#694863 - kexec fails in xen + 26093-hvm_handle_PoD_and_grant_pages_in_HVMOP_get_mem_type.patch + +------------------------------------------------------------------- +Thu Oct 18 16:25:53 MDT 2012 - carnold@novell.com + +- fate#312709: Pygrub needs to know which entry to select + 26114-pygrub-list-entries.patch + +------------------------------------------------------------------- +Thu Oct 18 11:13:32 CEST 2012 - ohering@suse.de + +- merge changes fron xen-unstable, obsolete our changes + 26077-stubdom_fix_compile_errors_in_grub.patch + 26078-hotplug-Linux_remove_hotplug_support_rely_on_udev_instead.patch + 26079-hotplug-Linux_close_lockfd_after_lock_attempt.patch + 26081-stubdom_fix_rpmlint_warning_spurious-executable-perm.patch + 26082-blktap2-libvhd_fix_rpmlint_warning_spurious-executable-perm.patch + 26083-blktap_fix_rpmlint_warning_spurious-executable-perm.patch + 26084-hotplug_install_hotplugpath.sh_as_data_file.patch + 26085-stubdom_install_stubdompath.sh_as_data_file.patch + 26086-hotplug-Linux_correct_sysconfig_tag_in_xendomains.patch + 26087-hotplug-Linux_install_sysconfig_files_as_data_files.patch + 26088-tools_xend_fix_wrong_condition_check_for_xml_file.patch + +------------------------------------------------------------------- +Tue Oct 16 15:38:34 MDT 2012 - carnold@novell.com + +- fate#311966: Fix XEN VNC implementation to correctly map keyboard + layouts + VNC-Support-for-ExtendedKeyEvent-client-message.patch + +------------------------------------------------------------------- +Mon Oct 15 17:45:52 CEST 2012 - ohering@suse.de + +- workaround bash bug in locking.sh:claim_lock, close fd + +------------------------------------------------------------------- +Sat Oct 13 15:25:08 CEST 2012 - ohering@suse.de + +- fix incorrect self-provides/obsoletes of xen-tools-ioemu + +------------------------------------------------------------------- +Tue Oct 9 06:19:55 MDT 2012 - carnold@novell.com + +- bnc#783847 - Virtualization/xen: Bug Xen 4.2 'xendomins' init + script incorrectly Requires 'xend' service when using 'xl' + toolstack + init.xendomains + +------------------------------------------------------------------- +Mon Oct 8 07:53:24 MDT 2012 - carnold@novell.com + +- bnc#782835 - Xen HVM Guest fails (errors) to launch on Opensuse + 12.2 + Xen 4.2 + 'xl' toolstack + xen-pygrub-grub-args.patch + +------------------------------------------------------------------- +Mon Oct 8 14:21:59 CEST 2012 - ohering@suse.de + +- backport parallel build support for stubdom +- rename 5 patches which were merged upstream + +------------------------------------------------------------------- +Fri Oct 5 21:58:46 CEST 2012 - ohering@suse.de + +- remove more obsolete changes: + CFLAGS passing to qemu-traditional, PYTHON_PREFIX_ARG handling + and pygrub installation + +------------------------------------------------------------------- +Fri Oct 5 20:39:23 CEST 2012 - ohering@suse.de + +- update blktap-pv-cdrom.patch + handle allocation errors in asprintf to fix compile errors + handle value returned from xs_read properly + remove casts from void pointers + +------------------------------------------------------------------- +Fri Oct 5 20:06:09 CEST 2012 - ohering@suse.de + +- update xenalyze to revision 138 + Fix dump time calculation overflow + move struct record_info into a header + correctly display of count of HW events + update trace.h to match xen-unstable + Remove vestigal HW_IRQ trace records + Remove decode of PV_UPDATE_VA_MAPPING + automatically generate dependencies + Get rid of redundant hvm dump_header + Introduce more efficient read mechanism + Eliminate unnecessary cycles_to_time calculation + Rework math to remove two 64-bit divisions + Enable -O2 optimization level + Remove --dump-cooked + Remove spurious dump_header construction + Improve record-sorting algorithm + Use long to cast into and out of pointers + Make max_active_pcpu calculation smarter + Optimize pcpu_string + Enable more cr3 output + Sort cr3 enumerated values by start time + Add option to skip vga range in MMIO enumeration + Handle MMIO records from different vmexits + Relocate pio and mmio enumaration structs to their own sub-struct + Handle new hvm_event traces + Introduce generic summary functionality + Function-ize setting of h->post_process + Reorganize cr trace handling + Allow several summary handlers to register on a single vmexit + Get rid of all tabs in xenalyze.c + Handle new IRQ tracing + Decrease verbosity + Print exit reason number if no string is available + Fix minor summary issue + Add string for TPR_BELOW_THRESHOLD + Raise MAX_CPUS to 256 cpus. + Add --report-pcpu option to report physical cpu utilization. + increase MAX_CPUS + Handle RUNSTATE_INIT in domain_runstate calculation + +------------------------------------------------------------------- +Fri Oct 5 19:58:57 CEST 2012 - ohering@suse.de + +- update RPM_OPT_FLAGS handling in spec file + pass EXTRA_CFLAGS via environment + +------------------------------------------------------------------- +Fri Oct 5 19:53:38 CEST 2012 - ohering@suse.de + +- remove obsolete xencommons-proc-xen.patch + +------------------------------------------------------------------- +Mon Oct 1 10:09:24 MDT 2012 - carnold@novell.com + +- Upstream patches from Jan + 25927-x86-domctl-ioport-mapping-range.patch + 25929-tmem-restore-pool-version.patch + 25931-x86-domctl-iomem-mapping-checks.patch + 25940-x86-S3-flush-cache.patch + 25952-x86-MMIO-remap-permissions.patch + 25961-x86-HPET-interrupts.patch + 25962-x86-assign-irq-vector-old.patch + 25965-x86-ucode-Intel-resume.patch + +------------------------------------------------------------------- +Tue Sep 25 14:24:29 CEST 2012 - ohering@suse.de + +- pygrub: always append --args + 25941-pygrub_always_append_--args.patch + +------------------------------------------------------------------- +Mon Sep 24 16:41:58 CEST 2012 - ohering@suse.de + +- use BuildRequires: gcc46 only in sles11sp2 or 12.1 to fix build + in 11.4 + +------------------------------------------------------------------- +Wed Sep 19 09:43:42 MDT 2012 - carnold@novell.com + +- Upstream patches from Jan + 25833-32on64-bogus-pt_base-adjust.patch + 25835-adjust-rcu-lock-domain.patch + 25836-VT-d-S3-MSI-resume.patch + 25850-tmem-xsa-15-1.patch + 25851-tmem-xsa-15-2.patch + 25852-tmem-xsa-15-3.patch + 25853-tmem-xsa-15-4.patch + 25854-tmem-xsa-15-5.patch + 25855-tmem-xsa-15-6.patch + 25856-tmem-xsa-15-7.patch + 25857-tmem-xsa-15-8.patch + 25858-tmem-xsa-15-9.patch + 25859-tmem-missing-break.patch + 25860-tmem-cleanup.patch + 25861-x86-early-fixmap.patch + 25862-sercon-non-com.patch + 25863-sercon-ehci-dbgp.patch + 25864-sercon-unused.patch + 25866-sercon-ns16550-pci-irq.patch + 25867-sercon-ns16550-parse.patch + 25874-x86-EFI-chain-cfg.patch + 25909-xenpm-consistent.patch + +------------------------------------------------------------------- +Tue Sep 18 16:16:04 MDT 2012 - carnold@novell.com + +- Fixed the 32bit build. + +------------------------------------------------------------------- +Mon Sep 17 09:02:37 MDT 2012 - carnold@novell.com + +- Update to Xen 4.2.0 FCS c/s 25844 + +------------------------------------------------------------------- +Fri Sep 7 19:23:15 CEST 2012 - ohering@suse.de + +- unmodified_drivers: handle IRQF_SAMPLE_RANDOM, it was removed + in 3.6-rc1 + +------------------------------------------------------------------- +Wed Sep 5 11:36:24 MDT 2012 - jfehlig@suse.com + +- bnc#778105 - first XEN-PV VM fails to spawn + xend: Increase wait time for disk to appear in host bootloader + Modified existing xen-domUloader.diff + +------------------------------------------------------------------- +Thu Aug 30 14:08:45 MDT 2012 - carnold@novell.com + +- Disable the snapshot patches. Snapshot only supported the qcow2 + image format which was poorly implemented qemu 0.10.2. Snapshot + support may be restored in the future when the newer upstream + qemu is used by Xen. + +------------------------------------------------------------------- +Tue Aug 28 16:31:18 CEST 2012 - ohering@suse.de + +- bnc#776995 - attaching scsi control luns with pvscsi + - xend/pvscsi: fix passing of SCSI control LUNs + xen-bug776995-pvscsi-no-devname.patch + - xend/pvscsi: fix usage of persistant device names for SCSI devices + xen-bug776995-pvscsi-persistent-names.patch + - xend/pvscsi: update sysfs parser for Linux 3.0 + xen-bug776995-pvscsi-sysfs-parser.patch + +------------------------------------------------------------------- +Thu Aug 23 15:47:24 MDT 2012 - carnold@novell.com + +- Update to Xen 4.2.0 RC3+ c/s 25779 + +------------------------------------------------------------------- +Tue Aug 21 13:54:45 MDT 2012 - carnold@novell.com + +- Update to Xen 4.2.0 RC2+ c/s 25765 + +------------------------------------------------------------------- +Mon Aug 20 18:32:15 CEST 2012 - ohering@suse.de + +-bnc#766284 - compiled-in ata_piix driver issues with PVonHVM guests + Update xen_pvdrivers.conf to match not only libata but also ata_piix + This avoids IO errors in the piix driver caused by unplugged hardware + +------------------------------------------------------------------- +Fri Aug 10 10:07:27 MDT 2012 - carnold@novell.com + +- Update to Xen 4.1.3 c/s 23336 + +------------------------------------------------------------------- +Mon Jul 30 09:39:35 MDT 2012 - carnold@novell.com + +- Upstream or pending upstream patches from Jan + 25587-fix-off-by-one-parsing-error.patch + 25616-x86-MCi_CTL-default.patch + 25617-vtd-qinval-addr.patch + 25688-x86-nr_irqs_gsi.patch + +------------------------------------------------------------------- +Sun Jul 29 11:19:53 UTC 2012 - aj@suse.de + +- Build all files with optimization (fortify source does not work + with -O0). + +------------------------------------------------------------------- +Fri Jul 27 09:29:37 MDT 2012 - carnold@novell.com + +- bnc#773393 - VUL-0: CVE-2012-3433: xen: HVM guest destroy p2m + teardown host DoS vulnerability + CVE-2012-3433-xsa11.patch +- bnc#773401 - VUL-1: CVE-2012-3432: xen: HVM guest user mode MMIO + emulation DoS + 25682-x86-inconsistent-io-state.patch + +------------------------------------------------------------------- +Wed Jul 18 10:22:33 MDT 2012 - carnold@novell.com + +- bnc#762484 - VUL-1: CVE-2012-2625: xen: pv bootloader doesn't + check the size of the bzip2 or lzma compressed kernel, leading to + denial of service + 25589-pygrub-size-limits.patch + +------------------------------------------------------------------- +Tue Jul 10 10:16:42 UTC 2012 - werner@suse.de + +- Make it build with latest TeXLive 2012 with new package layout + +------------------------------------------------------------------- +Fri Jun 15 08:45:50 MDT 2012 - carnold@novell.com + +- bnc#767273 - unsupported /var/lock/subsys is still used by xendomains + init.xendomains + +------------------------------------------------------------------- +Tue Jun 12 14:37:00 MDT 2012 - carnold@novell.com + +- bnc#766283 - opensuse 12.2 pv guests can not start after + installation due to lack of grub2 support in the host + 24000-pygrub-grub2.patch + 24001-pygrub-grub2.patch + 24002-pygrub-grub2.patch + +------------------------------------------------------------------- +Mon Jun 11 10:32:42 MDT 2012 - carnold@novell.com + +- Upstream pygrub patches for grub2 support and fixes + 23686-pygrub-solaris.patch + 23697-pygrub-grub2.patch + 23944-pygrub-debug.patch + 23998-pygrub-GPT.patch + 23999-pygrub-grub2.patch + 24064-pygrub-HybridISO.patch + 24401-pygrub-scrolling.patch + 24402-pygrub-edit-fix.patch + 24460-pygrub-extlinux.patch + 24706-pygrub-extlinux.patch + +------------------------------------------------------------------- +Wed Jun 6 08:14:38 MDT 2012 - carnold@novell.com + +- Revised version of security patch and an additional patch for + bnc#764077 + x86_64-AMD-erratum-121.patch + x86_64-allow-unsafe-adjust.patch + +------------------------------------------------------------------- +Wed Jun 6 10:21:03 CEST 2012 - ohering@suse.de + +- remove dummy asm/smp-processor-id.h + +------------------------------------------------------------------- +Tue May 29 11:59:28 CEST 2012 - jsmeix@suse.de + +- removed dummy xenapi.tex which was added because of bnc#750679 + (see the below entry dated "Mon Apr 2 13:07:20 CEST 2012") + because "ps2pdf xenapi.ps xenapi.pdf" failed only for + Ghostscript version 9.04 (now we have Ghostscript 9.05). + +------------------------------------------------------------------- +Mon May 25 08:02:13 MDT 2012 - carnold@novell.com + +- bnc#764077 - VUL-0: EMBARGOED: xen: XSA-9: denial of service on + older AMD systems + x86_64-AMD-erratum-121.patch +- Revised version of security patch for bnc#757537 + x86_64-sysret-canonical.patch + +------------------------------------------------------------------- +Tue May 15 06:45:59 MDT 2012 - carnold@novell.com + +- Upstream patches from Jan + 25242-x86_64-hotplug-compat-m2p.patch + 25247-SVM-no-rdtsc-intercept.patch + 25267-x86-text-unlikely.patch + 25269-x86-vMCE-addr-misc-write.patch + 25271-x86_64-IST-index.patch + 25327-pvdrv-no-asm-system-h.patch + +------------------------------------------------------------------- +Mon May 14 08:32:45 CEST 2012 - ohering@suse.de + +- add dummy asm/smp-processor-id.h for kernel-source 3.4-rcX + +------------------------------------------------------------------- +Mon May 14 07:43:33 CEST 2012 - ohering@suse.de + +- remove inclusion of asm/system.h from platform-pci.c + +------------------------------------------------------------------- +Tue Apr 24 08:22:16 MDT 2012 - carnold@novell.com + +- Upstream patches from Jan + 25168-x86-memset-size.patch + 25191-x86-tdt-delta-calculation.patch + 25195-x86-cpuidle-C2-no-flush-or-bm-check.patch + 25196-x86-HAP-PAT-sr.patch + 25200-x86_64-trap-bounce-flags.patch + +------------------------------------------------------------------- +Thu Apr 19 07:33:00 MDT 2012 - carnold@novell.com + +- bnc#757537 - VUL-0: xen: CVE-2012-0217 PV guest escalation + x86_64-sysret-canonical.patch +- bnc#757970 - VUL-1: xen: guest denial of service on syscall GPF + generation + x86_64-trap-bounce-flags.patch + +------------------------------------------------------------------- +Tue Apr 3 08:33:36 MDT 2012 - carnold@novell.com + +- Upstream patches from Jan + 25098-x86-emul-lock-UD.patch + 25101-x86-hpet-disable.patch + ioemu-9877-MSI-X-device-cleanup.patch + +------------------------------------------------------------------- +Mon Apr 2 13:07:20 CEST 2012 - ohering@suse.de + +- bnc#750679 - "ps2pdf xenapi.ps xenapi.pdf" fails for user abuild in Factory + add dummy xenapi.tex until ghostscript is fixed + +------------------------------------------------------------------- +Wed Mar 28 11:29:50 CEST 2012 - ohering@suse.de + +- remove vcd.o rule from PVonHVM Makefile, not needed anymore + +------------------------------------------------------------------- +Tue Mar 20 14:14:09 MDT 2012 - carnold@novell.com + +- bnc#753165 - xen/scripts/network-bridge wont create bridge + bridge-bonding.diff + +------------------------------------------------------------------- +Mon Mar 19 11:23:09 MDT 2012 - carnold@novell.com + +- Upstream patches from Jan + 24950-gnttab-copy-mapped.patch + 24970-x86-cpuidle-deny-port-access.patch + 24996-x86-cpuidle-array-overrun.patch + 25041-tapdisk2-create-init-name.patch + +------------------------------------------------------------------- +Wed Mar 14 12:53:53 CET 2012 - ohering@suse.de + +- use BuildRequires: gcc46 only in sles11sp2 to avoid issues + when gcc47 and newer is the distro default + +------------------------------------------------------------------- +Mon Feb 27 16:05:19 MST 2012 - jfehlig@suse.com + +- bnc#745880 - cpuid setting is not preserved across xend restarts + xend-cpuid.patch + +------------------------------------------------------------------- +Mon Feb 27 15:40:02 MST 2012 - jfehlig@suse.com + +- Rename 2XXXX-vif-bridge.patch -> vif-bridge-tap-fix.patch + +------------------------------------------------------------------- +Mon Feb 27 08:16:43 MST 2012 - carnold@novell.com + +- bnc#747331 - XEN: standard "newburn" kernel QA stress test on guest + (+ smartd on Dom0?) freezes the guest + 24883-x86-guest-walk-not-present.patch +- bnc#745367 - MCE bank handling during migration + 24781-x86-vmce-mcg_ctl.patch + 24886-x86-vmce-mcg_ctl-default.patch + 24887-x86-vmce-sr.patch +- bnc#744771 - L3: VM with passed through PCI card fails to reboot + under dom0 load + 24888-pci-release-devices.patch +- Upstream patches from Jan + 24517-VT-d-fault-softirq.patch + 24527-AMD-Vi-fault-softirq.patch + 24535-x86-vMSI-misc.patch + 24615-VESA-lfb-flush.patch + 24690-x86-PCI-SERR-no-deadlock.patch + 24701-gnttab-map-grant-ref-recovery.patch + 24742-gnttab-misc.patch + 24780-x86-paging-use-clear_guest.patch + 24805-x86-MSI-X-dom0-ro.patch + ioemu-9869-MSI-X-init.patch + ioemu-9873-MSI-X-fix-unregister_iomem.patch + +------------------------------------------------------------------- +Sat Feb 25 21:55:42 CET 2012 - ohering@suse.de + +- add BuildRequires: libuuid-devel + +------------------------------------------------------------------- +Tue Feb 14 09:23:35 MST 2012 - carnold@novell.com + +- bnc#746702 - Xen HVM DomU crash during Windows Server 2008 R2 + install, when maxmem > memory + README.SuSE + +------------------------------------------------------------------- +Wed Feb 8 10:16:59 MST 2012 - jfehlig@suse.com + +- bnc#745005 - Update vif configuration examples in xmexample* + Updated xen-xmexample.diff + +------------------------------------------------------------------- +Thu Feb 2 17:11:28 MST 2012 - jfehlig@suse.com + +- bnc#743414 - using vifname is ignored when defining a xen virtual + interface with xl/libxl + 24459-libxl-vifname.patch + +------------------------------------------------------------------- +Thu Feb 2 09:21:01 MST 2012 - carnold@novell.com + +- bnc#740165 - VUL-0: kvm: qemu heap overflow in e1000 device + emulation (applicable to Xen qemu - CVE-2012-0029) + cve-2012-0029-qemu-xen-unstable.patch + +------------------------------------------------------------------- +Wed Feb 1 08:26:58 MST 2012 - carnold@novell.com + +- bnc#744014 - blank screen in SLES11 SP2 guest with a VF statically + assigned + ioemu-MSI-X-fix-unregister_iomem.patch +- Upstream patches from Jan + 24453-x86-vIRQ-IRR-TMR-race.patch + 24456-x86-emul-lea.patch + +------------------------------------------------------------------- +Thu Jan 26 15:18:54 CET 2012 - ohering@suse.de + +- fate#310510 - fix xenpaging + 24586-x86-mm_Properly_account_for_paged_out_pages.patch + 24609-tools-libxc_handle_fallback_in_linux_privcmd_map_foreign_bulk_properly.patch + 24610-xenpaging_make_file_op_largefile_aware.patch + xen-unstable.misc.linux_privcmd_map_foreign_bulk.retry_paged.patch + xenpaging.speedup-page-out.resume_pages.find_next_bit_set.patch + xenpaging.speedup-page-out.evict_pages.free_slot_stack.patch + xenpaging.speedup-page-out.policy_choose_victim.patch + update xenpaging.error-handling.patch, flush qemu cache not so often + +------------------------------------------------------------------- +Thu Jan 26 13:24:22 CET 2012 - ohering@suse.de + +- fate#310510 - fix xenpaging + 24566-tools-libxc_fix_error_handling_in_xc_mem_paging_load.patch + +------------------------------------------------------------------- +Tue Jan 24 15:43:27 CET 2012 - ohering@suse.de + +- fate#310510 - fix xenpaging + 24466-libxc_Only_retry_mapping_pages_when_ENOENT_is_returned.patch + +------------------------------------------------------------------- +Mon Jan 23 13:41:42 MST 2012 - carnold@novell.com + +- The xen kmp packages fail on the 09-check-packaged-twice script. + Rename xen_pvdrivers.conf to xen_pvdrivers-.conf + +------------------------------------------------------------------- +Fri Jan 20 21:28:42 CET 2012 - ohering@suse.de + +- fate#310510 - fix xenpaging + xenpaging.speedup-page-in.gfn_to_slot.patch + +------------------------------------------------------------------- +Wed Jan 18 09:42:54 MST 2012 - carnold@novell.com + +- bnc#739585 - L3: Xen block-attach fails after repeated attach/detach + blktap-close-fifos.patch + blktap-disable-debug-printf.patch + +------------------------------------------------------------------- +Fri Jan 13 10:37:53 MST 2012 - jfehlig@suse.com + +- bnc#741159 - Fix default setting of XENSTORED_ROOTDIR in + xencommons init script + xencommons-xenstored-root.patch + +------------------------------------------------------------------- +Thu Jan 12 06:49:57 MST 2012 - carnold@novell.com + +- bnc#740625 - xen: cannot interact with xend after upgrade (SLES) +- bnc#738694 - xen: cannot interact with xend after upgrade (os12.1) +- Other README changes included. + README.SuSE + +------------------------------------------------------------------- +Tue Jan 10 17:30:20 CET 2012 - ohering@suse.de + +- bnc#694863 - kexec fails in xen + 24478-libxl_add_feature_flag_to_xenstore_for_XS_RESET_WATCHES.patch + +------------------------------------------------------------------- +Mon Jan 9 16:10:19 CET 2012 - ohering@suse.de + +- fate#310510 - fix xenpaging + xenpaging.speedup-page-out.patch + +------------------------------------------------------------------- +Tue Jan 3 08:26:42 MST 2012 - carnold@novell.com + +- bnc#735806 - VF doesn't work after hot-plug for many times + 24448-x86-pt-irq-leak.patch +- Upstream patches from Jan + 24261-x86-cpuidle-Westmere-EX.patch + 24417-amd-erratum-573.patch + 24429-mceinj-tool.patch + 24447-x86-TXT-INIT-SIPI-delay.patch + ioemu-9868-MSI-X.patch + +------------------------------------------------------------------- +Mon Jan 2 10:05:57 CET 2012 - ohering@suse.de + +- bnc#732884 - remove private runlevel 4 from init scripts + xen.no-default-runlevel-4.patch + +------------------------------------------------------------------- +Mon Dec 19 15:22:13 MST 2011 - carnold@novell.com + +- bnc#727515 - Fragmented packets hang network boot of HVM guest + ipxe-gcc45-warnings.patch + ipxe-ipv4-fragment.patch + ipxe-enable-nics.patch + +------------------------------------------------------------------- +Mon Dec 19 12:43:11 CET 2011 - ohering@suse.de + +- fate#310510 - fix xenpaging + update xenpaging.autostart.patch, make changes with mem-swap-target + permanent + update xenpaging.doc.patch, mention issues with live migration + +------------------------------------------------------------------- +Thu Dec 15 17:53:51 CET 2011 - ohering@suse.de + +- fate#310510 - fix xenpaging + add xenpaging.evict_mmap_readonly.patch + update xenpaging.error-handling.patch, reduce debug output + +------------------------------------------------------------------- +Thu Dec 15 08:35:27 MST 2011 - carnold@novell.com + +- bnc#736824 - Microcode patches for AMD's 15h processors panic the + system + 24189-x86-p2m-pod-locking.patch + 24412-x86-AMD-errata-model-shift.patch + 24411-x86-ucode-AMD-Fam15.patch + +------------------------------------------------------------------- +Wed Dec 14 10:08:24 MST 2011 - carnold@novell.com + +- bnc#711219 - SR-IOV VF doesn't work in SLES11 sp2 guest + 24357-firmware-no-_PS0-_PS3.patch +- Upstream patches from Jan + 24153-x86-emul-feature-checks.patch + 24275-x86-emul-lzcnt.patch + 24277-x86-dom0-features.patch + 24278-x86-dom0-no-PCID.patch + 24282-x86-log-dirty-bitmap-leak.patch + 24359-x86-domU-features.patch + 24360-x86-pv-domU-no-PCID.patch + 24389-amd-fam10-gart-tlb-walk-err.patch + 24391-x86-pcpu-version.patch + +------------------------------------------------------------------- +Thu Dec 8 14:19:49 CET 2011 - ohering@suse.de + +- bnc#729208 - xenpaging=-1 doesn't work + xenpaging.doc.patch + +------------------------------------------------------------------- +Thu Dec 8 08:41:36 CET 2011 - ohering@suse.de + +- fate#310510 - fix xenpaging + readd xenpaging.qemu.flush-cache.patch + +------------------------------------------------------------------- +Wed Dec 7 11:01:43 MST 2011 - jfehlig@suse.com + +- bnc#732782 - L3: xm create hangs when maxmen value is enclosed + in "quotes" + xm-create-maxmem.patch + +------------------------------------------------------------------- +Wed Dec 7 10:44:06 MST 2011 - carnold@novell.com + +- Upstream patches / changes from Jan + Added 24358-kexec-compat-overflow.patch + Removed 24341-x86-64-mmcfg_remove___initdata_annotation_overlooked_in_23749e8d1c8f074ba.patch + Removed 24345-tools-libxc_Fix_x86_32_build_breakage_in_previous_changeset..patch + +------------------------------------------------------------------- +Wed Dec 7 16:42:44 CET 2011 - ohering@suse.de + +- fate#310510 - fix xenpaging + 24178-debug_Add_domain-vcpu_pause_count_info_to_d_key..patch + Use wait queues for paging, improve foreign mappings. + xenpaging.versioned-interface.patch + xenpaging.mmap-before-nominate.patch + xenpaging.p2m_is_paged.patch + xenpaging.evict_fail_fast_forward.patch + xenpaging.error-handling.patch + xenpaging.mem_event-use-wait_queue.patch + xenpaging.waitqueue-paging.patch + Remove obsolete patch, not needed with wait queue usage + xenpaging.HVMCOPY_gfn_paged_out.patch + +------------------------------------------------------------------- +Wed Dec 7 16:23:49 CET 2011 - ohering@suse.de + +- fate#310510 - fix xenpaging + Fix incorrect backport, remove double memset, use xzalloc + 24171-x86waitqueue_Allocate_whole_page_for_shadow_stack..patch + +------------------------------------------------------------------- +Wed Dec 7 12:08:31 CET 2011 - ohering@suse.de + +- fate#310510 - fix xenpaging + fix typo in nominate, use lock instead of double unlock + 23905-xenpaging_fix_locking_in_p2m_mem_paging_functions.patch + +------------------------------------------------------------------- +Wed Dec 7 11:07:23 CET 2011 - ohering@suse.de + +- fate#310510 - fix xenpaging + 24327-After_preparing_a_page_for_page-in_allow_immediate_fill-in_of_the_page_contents.patch + 24328-Tools_Libxc_wrappers_to_automatically_fill_in_page_oud_page_contents_on_prepare.patch + 24329-Teach_xenpaging_to_use_the_new_and_non-racy_xc_mem_paging_load_interface.patch + +------------------------------------------------------------------- +Tue Dec 6 11:14:51 MST 2011 - jfehlig@suse.com + +- bnc#734826 - xm rename doesn't work anymore + Updated xend-migration-domname-fix.patch + +------------------------------------------------------------------- +Fri Dec 2 20:35:29 CET 2011 - ohering@suse.de + +- fate#310510 - fix xenpaging + 24269-mem_event_move_mem_event_domain_out_of_struct_domain.patch + 24270-Free_d-mem_event_on_domain_destruction..patch + +------------------------------------------------------------------- +Fri Dec 2 20:25:24 CET 2011 - ohering@suse.de + +- fate#310510 - fix xenpaging + 24318-x86-mm_Fix_checks_during_foreign_mapping_of_paged_pages.patch + +------------------------------------------------------------------- +Fri Dec 2 20:21:48 CET 2011 - ohering@suse.de + +- fate#310510 - fix xenpaging + 23949-constify_vcpu_set_affinitys_second_parameter.patch + +------------------------------------------------------------------- +Fri Dec 2 19:36:33 CET 2011 - ohering@suse.de + +- fate#310510 - fix xenpaging + 24105-xenpaging_compare_domain_pointer_in_p2m_mem_paging_populate.patch + 24106-mem_event_check_capabilities_only_once.patch + +------------------------------------------------------------------- +Fri Dec 2 19:02:05 CET 2011 - ohering@suse.de + +- fate#310510 - fix xenpaging + 24272-xenpaging_Fix_c-s_235070a29c8c3ddf7_update_machine_to_phys_mapping_during_page_deallocation.patch + +------------------------------------------------------------------- +Fri Dec 2 18:46:14 CET 2011 - ohering@suse.de + +- bnc#727081 - xend domains don't work anymore since update from 12.1 beta to 12.1 RC 1 + 24344-tools-x86_64_Fix_cpuid_inline_asm_to_not_clobber_stacks_red_zone.patch + 24345-tools-libxc_Fix_x86_32_build_breakage_in_previous_changeset..patch + +------------------------------------------------------------------- +Fri Dec 2 18:42:16 CET 2011 - ohering@suse.de + +- bnc#733449 - Panic in mcfg_ioremap when booting xen-dbg.gz on Xeon E3-1230 + 24341-x86-64-mmcfg_remove___initdata_annotation_overlooked_in_23749e8d1c8f074ba.patch + +------------------------------------------------------------------- +Fri Dec 2 18:21:46 CET 2011 - ohering@suse.de + +- fate#310510 - fix xenpaging + backport waitqueue changes from xen-unstable + 24104-waitqueue_Double_size_of_x86_shadow_stack..patch + 24171-x86waitqueue_Allocate_whole_page_for_shadow_stack..patch + 24195-waitqueue_Detect_saved-stack_overflow_and_crash_the_guest..patch + 24196-waitqueue_Reorder_prepare_to_wait_so_that_vcpu_is_definitely_on_the.patch + 24197-x86-waitqueue_Because_we_have_per-cpu_stacks_we_must_wake_up_on_teh.patch + 24231-waitqueue_Implement_wake_up_nroneall..patch + 24232-waitqueue_Hold_a_reference_to_a_domain_on_a_waitqueue..patch + +------------------------------------------------------------------- +Fri Dec 2 17:32:34 CET 2011 - ohering@suse.de + +- fate#310510 - fix xenpaging + 24227-xenpaging_restrict_pagefile_permissions.patch + +------------------------------------------------------------------- +Fri Dec 2 17:29:35 CET 2011 - ohering@suse.de + +- fate#310510 - fix xenpaging + merge upstream version of our existing patches: + 24218-libxc_add_bitmap_clear_function.patch + remove old versions: + xenpaging.bitmap_clear.patch + +------------------------------------------------------------------- +Fri Dec 2 17:04:56 CET 2011 - ohering@suse.de + +- fate#310510 - fix xenpaging + merge upstream version of our existing patches: + 24138-xenpaging_munmap_all_pages_after_page-in.patch + 24208-xenpaging_remove_filename_from_comment.patch + 24209-xenpaging_remove_obsolete_comment_in_resume_path.patch + 24210-xenpaging_use_PERROR_to_print_errno.patch + 24211-xenpaging_simplify_file_op.patch + 24212-xenpaging_print_gfn_in_failure_case.patch + 24213-xenpaging_update_xenpaging_init.patch + 24214-xenpaging_remove_xc_dominfo_t_from_paging_t.patch + 24215-xenpaging_track_the_number_of_paged-out_pages.patch + 24216-xenpaging_move_page_add-resume_loops_into_its_own_function..patch + 24217-xenpaging_improve_mainloop_exit_handling.patch + 24219-xenpaging_retry_unpageable_gfns.patch + 24220-xenpaging_install_into_LIBEXEC_dir.patch + 24221-xenpaging_add_XEN_PAGING_DIR_-_libxl_xenpaging_dir_path.patch + 24222-xenpaging_use_guests_tot_pages_as_working_target.patch + 24223-xenpaging_watch_the_guests_memory-target-tot_pages_xenstore_value.patch + 24224-xenpaging_add_cmdline_interface_for_pager.patch + 24225-xenpaging_improve_policy_mru_list_handling.patch + 24226-xenpaging_add_debug_to_show_received_watch_event..patch + remove old versions: + xenpaging.XEN_PAGING_DIR.patch + xenpaging.add_evict_pages.patch + xenpaging.cmdline-interface.patch + xenpaging.encapsulate_domain_info.patch + xenpaging.file_op-return-code.patch + xenpaging.install-to-libexec.patch + xenpaging.low_target_policy_nomru.patch + xenpaging.main-loop-exit-handling.patch + xenpaging.misleading-comment.patch + xenpaging.page_in-munmap-size.patch + xenpaging.print-gfn.patch + xenpaging.record-numer-paged-out-pages.patch + xenpaging.reset-uncomsumed.patch + xenpaging.stale-comments.patch + xenpaging.target-tot_pages.patch + xenpaging.use-PERROR.patch + xenpaging.watch-target-tot_pages.patch + xenpaging.watch_event-DPRINTF.patch + xenpaging.xc_interface_open-comment.patch + +------------------------------------------------------------------- +Wed Nov 30 10:48:50 MST 2011 - jfehlig@suse.com + +- bnc#733348 - Use 'xm' in various scripts if xend is running. + Modified xmclone.sh and xen-updown.sh +- Only emit xl warning when xend is running and -f (force) flag + is not specified. + Modified disable-xl-when-using-xend.patch + +------------------------------------------------------------------- +Wed Nov 30 09:43:34 MST 2011 - carnold@novell.com + +- Upstream patches from Jan + 24190-hap-log-dirty-disable-rc.patch + 24193-hap-track-dirty-vram-rc.patch + 24201-x86-pcpu-platform-op.patch + +------------------------------------------------------------------- +Tue Nov 22 17:57:07 MST 2011 - carnold@novell.com + +- Upstream patches from Jan + 23900-xzalloc.patch + 24144-cpufreq-turbo-crash.patch + 24148-shadow-pgt-dying-op-performance.patch + 24155-x86-ioapic-EOI-after-migration.patch + 24156-x86-ioapic-shared-vectors.patch + 24157-x86-xstate-init.patch + 24168-x86-vioapic-clear-remote_irr.patch + +------------------------------------------------------------------- +Sun Nov 22 12:45:13 CST 2011 - cyliu@suse.com +- submit fixes for bnc#649209 and bnc#711892 + xl-create-pv-with-qcow2-img.patch + update suspend_evtchn_lock.patch + +------------------------------------------------------------------- +Sun Nov 20 20:45:13 CET 2011 - ohering@suse.de + +- Update trace.c, merge patches from upstream + 23050-xentrace_dynamic_tracebuffer_allocation.patch + 23091-xentrace_fix_t_info_pages_calculation..patch + 23092-xentrace_print_calculated_numbers_in_calculate_tbuf_size.patch + 23093-xentrace_remove_gdprintk_usage_since_they_are_not_in_guest_context.patch + 23094-xentrace_update_comments.patch + 23095-xentrace_use_consistent_printk_prefix.patch + 23128-xentrace_correct_formula_to_calculate_t_info_pages.patch + 23129-xentrace_remove_unneeded_debug_printk.patch + 23173-xentrace_Move_register_cpu_notifier_call_into_boot-time_init..patch + 23239-xentrace_correct_overflow_check_for_number_of_per-cpu_trace_pages.patch + 23308-xentrace_Move_the_global_variable_t_info_first_offset_into_calculate_tbuf_size.patch + 23309-xentrace_Mark_data_size___read_mostly_because_its_only_written_once.patch + 23310-xentrace_Remove_unneeded_cast_when_assigning_pointer_value_to_dst.patch + 23404-xentrace_reduce_trace_buffer_size_to_something_mfn_offset_can_reach.patch + 23405-xentrace_fix_type_of_offset_to_avoid_ouf-of-bounds_access.patch + 23406-xentrace_update___insert_record_to_copy_the_trace_record_to_individual_mfns.patch + 23407-xentrace_allocate_non-contiguous_per-cpu_trace_buffers.patch + 23643-xentrace_Allow_tracing_to_be_enabled_at_boot.patch + 23719-xentrace_update___trace_var_comment.patch + Remove old patches: + xen-unstable.xentrace.dynamic_tbuf.patch + xen-unstable.xentrace.empty_t_info_pages.patch + xen-unstable.xentrace.verbose.patch + xen-unstable.xentrace.no_gdprintk.patch + xen-unstable.xentrace.comments.patch + xen-unstable.xentrace.printk_prefix.patch + xen-unstable.xentrace.remove_debug_printk.patch + xen-unstable.xentrace.t_info_pages-formula.patch + xen-unstable.xentrace.register_cpu_notifier-boot_time.patch + xen-unstable.xentrace.t_info_page-overflow.patch + xen-unstable.xentrace.t_info_first_offset.patch + xen-unstable.xentrace.data_size__read_mostly.patch + xen-unstable.xentrace.__insert_record-dst-type.patch + +------------------------------------------------------------------- +Mon Nov 14 09:41:46 MST 2011 - carnold@novell.com + +- Upstream patches from Jan + 24116-x86-continuation-cancel.patch + 24123-x86-cpuidle-quiesce.patch + 24124-x86-microcode-amd-quiesce.patch + 24137-revert-23666.patch + 24xxx-shadow-pgt-dying-op-performance.patch + +------------------------------------------------------------------- +Thu Nov 10 17:03:18 MST 2011 - carnold@novell.com + +- bnc#722738 - xm cpupool-create errors out + xen-cpupool-xl-config-format.patch + +------------------------------------------------------------------- +Fri Nov 4 15:14:09 MDT 2011 - carnold@novell.com + +- Fix broken build when building docs + 23819-make-docs.patch + +------------------------------------------------------------------- +Fri Nov 4 11:52:22 MDT 2011 - jfehlig@suse.com + +- bnc#720054 - Prevent vif-bridge from adding user-created tap + interfaces to a bridge + 2XXXX-vif-bridge.patch + +------------------------------------------------------------------- +Fri Nov 4 10:11:04 MDT 2011 - carnold@novell.com + +- bnc#713503 - DOM0 filesystem commit + 23752-x86-shared-IRQ-vector-maps.patch + 23754-AMD-perdev-vector-map.patch + +------------------------------------------------------------------- +Thu Nov 3 23:50:31 CET 2011 - ohering@suse.de + +- fate#310510 - fix xenpaging + This change reverses the task of xenpaging. Before this change a + fixed number of pages was paged out. With this change the guest + will not have access to more than the given number of pages at + the same time. + The xenpaging= config option is replaced by actmem= + A new xm mem-swap-target is added. + The xenpaging binary is moved to /usr/lib/xen/bin/ + xenpaging.HVMCOPY_gfn_paged_out.patch + xenpaging.XEN_PAGING_DIR.patch + xenpaging.add_evict_pages.patch + xenpaging.bitmap_clear.patch + xenpaging.cmdline-interface.patch + xenpaging.encapsulate_domain_info.patch + xenpaging.file_op-return-code.patch + xenpaging.guest-memusage.patch + xenpaging.install-to-libexec.patch + xenpaging.low_target_policy_nomru.patch + xenpaging.main-loop-exit-handling.patch + xenpaging.misleading-comment.patch + xenpaging.page_in-munmap-size.patch + xenpaging.print-gfn.patch + xenpaging.record-numer-paged-out-pages.patch + xenpaging.reset-uncomsumed.patch + xenpaging.stale-comments.patch + xenpaging.target-tot_pages.patch + xenpaging.use-PERROR.patch + xenpaging.watch-target-tot_pages.patch + xenpaging.watch_event-DPRINTF.patch + xenpaging.xc_interface_open-comment.patch + +------------------------------------------------------------------- +Thu Nov 3 23:32:12 CET 2011 - ohering@suse.de + +- xen.spec: update filelist + package /usr/lib*/xen with wildcard to pickup new files + remove duplicate /usr/sbin/xen-list from filelist + +------------------------------------------------------------------- +Wed Oct 26 10:13:04 MDT 2011 - carnold@novell.com + +- bnc#725169 - xen-4.0.2_21511_03-0.5.3: bootup hangs + 23993-x86-microcode-amd-fix-23871.patch + +------------------------------------------------------------------- +Wed Oct 26 09:48:14 MDT 2011 - carnold@novell.com + +- Update to Xen 4.1.2 FCS c/s 23174 + +------------------------------------------------------------------- +Mon Oct 24 09:26:24 MDT 2011 - jfehlig@suse.com + +- bnc#720054 - Fix syntax error introduced during recent adjustment + of Xen's tap udev rule. + Updated udev-rules.patch + +------------------------------------------------------------------- +Thu Oct 20 21:39:08 CEST 2011 - ohering@suse.de + +- fate#310510 - fix xenpaging + Merge paging related fixes from xen-unstable: + 23506-x86_Disable_set_gpfn_from_mfn_until_m2p_table_is_allocated..patch + 23507-xenpaging_update_machine_to_phys_mapping_during_page_deallocation.patch + 23509-x86_32_Fix_build_Define_machine_to_phys_mapping_valid.patch + 23562-xenpaging_remove_unused_spinlock_in_pager.patch + 23576-x86_show_page_walk_also_for_early_page_faults.patch + 23577-tools_merge_several_bitop_functions_into_xc_bitops.h.patch + 23578-xenpaging_add_xs_handle_to_struct_xenpaging.patch + 23579-xenpaging_drop_xc.c_remove_ASSERT.patch + 23580-xenpaging_drop_xc.c_remove_xc_platform_info_t.patch + 23581-xenpaging_drop_xc.c_remove_xc_wait_for_event.patch + 23582-xenpaging_drop_xc.c_move_xc_mem_paging_flush_ioemu_cache.patch + 23583-xenpaging_drop_xc.c_move_xc_wait_for_event_or_timeout.patch + 23584-xenpaging_drop_xc.c_remove_xc_files.patch + 23585-xenpaging_correct_dropping_of_pages_to_avoid_full_ring_buffer.patch + 23586-xenpaging_do_not_bounce_p2mt_back_to_the_hypervisor.patch + 23587-xenpaging_remove_srand_call.patch + 23588-xenpaging_remove_return_values_from_functions_that_can_not_fail.patch + 23589-xenpaging_catch_xc_mem_paging_resume_errors.patch + 23590-xenpaging_remove_local_domain_id_variable.patch + 23591-xenpaging_move_num_pages_into_xenpaging_struct.patch + 23592-xenpaging_start_paging_in_the_middle_of_gfn_range.patch + 23593-xenpaging_pass_integer_to_xenpaging_populate_page.patch + 23594-xenpaging_add_helper_function_for_unlinking_pagefile.patch + 23595-xenpaging_add_watch_thread_to_catch_guest_shutdown.patch + 23596-xenpaging_implement_stopping_of_pager_by_sending_SIGTERM-SIGINT.patch + 23597-xenpaging_remove_private_mem_event.h.patch + 23599-tools_fix_build_after_recent_xenpaging_changes.patch + 23817-mem_event_add_ref_counting_for_free_requestslots.patch + 23818-mem_event_use_mem_event_mark_and_pause_in_mem_event_check_ring.patch + 23827-xenpaging_use_batch_of_pages_during_final_page-in.patch + 23841-mem_event_pass_mem_event_domain_pointer_to_mem_event_functions.patch + 23842-mem_event_use_different_ringbuffers_for_share_paging_and_access.patch + 23874-xenpaging_track_number_of_paged_pages_in_struct_domain.patch + 23904-xenpaging_use_p2m-get_entry_in_p2m_mem_paging_functions.patch + 23905-xenpaging_fix_locking_in_p2m_mem_paging_functions.patch + 23906-xenpaging_remove_confusing_comment_from_p2m_mem_paging_populate.patch + 23908-p2m_query-modify_p2mt_with_p2m_lock_held.patch + 23943-xenpaging_clear_page_content_after_evict.patch + 23953-xenpaging_handle_evict_failures.patch + 23978-xenpaging_check_p2mt_in_p2m_mem_paging_functions.patch + 23979-xenpaging_document_p2m_mem_paging_functions.patch + 23980-xenpaging_disallow_paging_in_a_PoD_guest.patch + Remove obsolete patches: + x86-show-page-walk-early.patch + xenpaging.23817-mem_event_check_ring.patch + xenpaging.catch-xc_mem_paging_resume-error.patch + xenpaging.guest_remove_page.slow_path.patch + xenpaging.mem_event-no-p2mt.patch + xenpaging.no-srand.patch + xenpaging.return-void.patch + xenpaging.xenpaging_populate_page-gfn.patch + +------------------------------------------------------------------- +Thu Oct 20 20:57:11 CEST 2011 - ohering@suse.de + +- xen.spec: use changeset number as patch number for upstream patches + +------------------------------------------------------------------- +Wed Oct 19 11:37:36 UTC 2011 - adrian@suse.de + +- do not use runlevel 4 in init scripts, it makes it impossible + to "insserv xend" on 12.1 + +------------------------------------------------------------------- +Mon Oct 17 11:27:51 MDT 2011 - carnold@novell.com + +- Upstream patches from Jan + 23955-x86-pv-cpuid-xsave.patch + 23957-cpufreq-error-paths.patch + +------------------------------------------------------------------- +Tue Oct 11 09:38:59 MDT 2011 - carnold@novell.com + +- Upstream patches from Jan + 23933-pt-bus2bridge-update.patch + 23726-x86-intel-flexmigration-v2.patch + 23925-x86-AMD-ARAT-Fam12.patch + 23246-x86-xsave-enable.patch + 23897-x86-mce-offline-again.patch + +------------------------------------------------------------------- +Mon Oct 10 09:53:42 MDT 2011 - carnold@novell.com + +- Update to Xen 4.1.2_rc3 c/s 23171 + +------------------------------------------------------------------- +Thu Oct 6 17:57:56 MDT 2011 - jfehlig@suse.com + +- bnc#720054 - Changed /etc/udev/rules.d/40-xen.rules to not run + Xen's vif-bridge script when not running Xen. This is not a + solution to the bug but an improvement in the rules regardless. + Updated udev-rules.patch + +------------------------------------------------------------------- +Tue Oct 4 11:00:56 MDT 2011 - carnold@novell.com + +- Upstream patches from Jan + 23868-vtd-RMRR-validation.patch + 23871-x86-microcode-amd-silent.patch + 23898-cc-option-grep.patch + +------------------------------------------------------------------- +Fri Sep 30 12:47:59 MDT 2011 - jfehlig@suse.com + +- Add pciback init script and sysconf file, giving users a simple + mechanism to configure pciback. + init.pciback sysconfig.pciback + +------------------------------------------------------------------- +Fri Sep 23 12:11:23 CEST 2011 - ohering@suse.de + +- update scripts to use xl -f, or xm if xend is running: + xen-updown.sh, init.xendomains, xmclone.sh + +------------------------------------------------------------------- +Fri Sep 23 11:28:36 CEST 2011 - ohering@suse.de + +- bnc#694863 - kexec fails in xen + xenstored: allow guest to shutdown all its watches/transactions + xenstored.XS_RESET_WATCHES.patch + +------------------------------------------------------------------- +Thu Sep 22 09:33:28 MDT 2011 - carnold@novell.com + +- Upstream patches from Jan + 23843-scheduler-switch.patch + 23846-x86-TSC-check.patch + 23848-vmx-conditional-off.patch + 23853-x86-pv-cpuid-xsave.patch + +------------------------------------------------------------------- +Fri Sep 16 11:40:28 CEST 2011 - ohering@suse.de + +- fate#310510 - fix xenpaging + mem_event: add ref counting for free requestslots + xenpaging.23817-mem_event_check_ring.patch + +------------------------------------------------------------------- +Wed Sep 14 13:54:21 MDT 2011 - carnold@novell.com + +- bnc#717650 - Unable to start VM +- Update to Xen 4.1.2_rc2 c/s 23152 + +------------------------------------------------------------------- +Fri Sep 9 10:44:23 MDT 2011 - jfehlig@suse.com + +- bnc#716695 - domUs using tap devices will not start + updated multi-xvdp.patch + +------------------------------------------------------------------- +Tue Sep 6 13:11:51 MDT 2011 - carnold@novell.com + +- Upstream patches from Jan + 23803-intel-pmu-models.patch + 23800-x86_64-guest-addr-range.patch + 23795-intel-ich10-quirk.patch + 23804-x86-IPI-counts.patch + +------------------------------------------------------------------- +Wed Aug 31 09:31:27 MDT 2011 - jfehlig@suse.com + +- bnc#706106 - Inconsistent reporting of VM names during migration + xend-migration-domname-fix.patch + +------------------------------------------------------------------- +Tue Aug 30 08:50:40 MDT 2011 - carnold@novell.com + +- bnc#712823 - L3:Xen guest does not start reliable when rebooted + xend-vcpu-affinity-fix.patch + +------------------------------------------------------------------- +Tue Aug 23 08:53:20 MDT 2011 - carnold@novell.com + +- Upstream patches from Jan + 23725-pci-add-device.patch + 23762-iommu-fault-bm-off.patch + 23763-pci-multi-seg-x2apic-vtd-no-crash.patch + 23765-x86-irq-vector-leak.patch + 23766-x86-msi-vf-bars.patch + 23771-x86-ioapic-clear-pin.patch + 23772-x86-trampoline.patch + 23774-x86_64-EFI-EDD.patch + 23776-x86-kexec-hpet-legacy-bcast-disable.patch + 23781-pm-wide-ACPI-ids.patch + 23782-x86-ioapic-clear-irr.patch + 23783-ACPI-set-_PDC-bits.patch + +------------------------------------------------------------------- +Mon Aug 15 11:54:08 CEST 2011 - ohering@suse.de + +- Include gcc46 only when its available (>11.4 && >sles11sp1) + +------------------------------------------------------------------- +Fri Aug 12 09:43:23 MDT 2011 - carnold@novell.com + +- bnc#711943 - [xl] Fail to create multi-guests with NIC assigned + 23685-libxl-segfault-fix.patch + +------------------------------------------------------------------- +Thu Aug 11 00:36:17 MDT 2011 - jfehlig@suse.com + +- libxenlight and legacy xend toolstack should not be used + together. If xend is running, print a warning and exit + xl. Add a '-f' (force) option to xl to override this + behavior. + disable-xl-when-using-xend.patch + bnc#707664 + +------------------------------------------------------------------- +Wed Aug 10 09:08:28 MDT 2011 - carnold@novell.com + +- Upstream patches from Jan + 23732-sedf.patch + 23735-guest-dom0-cap.patch + 23746-vtd-cleanup-timers.patch + 23747-mmcfg-base-address.patch + 23749-mmcfg-reservation.patch + +------------------------------------------------------------------- +Tue Aug 9 13:38:09 CST 2011 - cyliu@novell.com + +- bnc#704160 - crm resource migrate fails with xen machines + update snapshot-xend.patch +- bnc#706574 - xm console DomUName hang after "xm save/restore" of + PVM on the latest Xen + xend-console-port-restore.patch + +------------------------------------------------------------------- +Tue Aug 9 16:42:23 CEST 2011 - ohering@suse.de + +- update xencommons script to run only when needed + xencommons-proc-xen.patch + +------------------------------------------------------------------- +Fri Jul 22 09:34:34 MDT 2011 - carnold@novell.com + +- Upstream patches from Jan + 23726-x86-intel-flexmigration.patch + 23706-fix-20892.patch + 23723-x86-CMOS-lock.patch + 23676-x86_64-image-map-bounds.patch + 23724-x86-smpboot-x2apic.patch + +------------------------------------------------------------------- +Mon Jul 11 17:19:53 CEST 2011 - ohering@suse.de + +- hotplug.losetup.patch + correct dev:inode detection, stat returns major:minor without + leading zeros, while losetup -a includes trailing zeros + +------------------------------------------------------------------- +Fri Jul 8 19:13:30 CST 2011 - cyliu@novell.com + +- fate#310635: xen npiv multipath support + update block-npiv* scripts for testing + +------------------------------------------------------------------- +Thu Jul 7 10:17:08 MDT 2011 - carnold@novell.com + +- Fixes for EFI support + x86-EFI-discard-comment.patch + +------------------------------------------------------------------- +Wed Jun 29 09:37:05 MDT 2011 - carnold@novell.com + +- fate#309894: Xen needs to correctly understand family 15h CPU + topology +- fate#311376: EFI support in SP2 +- fate#311529: Native UEFI booting under Xen (installation) + 23074-pfn.h.patch + 23571-vtd-fault-verbosity.patch + 23574-x86-dom0-compressed-ELF.patch + 23575-x86-DMI.patch + 23610-x86-topology-info.patch + 23611-amd-fam15-topology.patch + 23613-EFI-headers.patch + 23614-x86_64-EFI-boot.patch + 23615-x86_64-EFI-runtime.patch + 23616-x86_64-EFI-MPS.patch + +------------------------------------------------------------------- +Wed Jun 29 15:01:54 CEST 2011 - jbeulich@novell.com + +- Mark xen-scsi.ko supported (bnc#582265, fate#309459). + +------------------------------------------------------------------- +Tue Jun 28 11:07:10 MDT 2011 - carnold@novell.com + +- fate#310308: Hypervisor assisted watchdog driver + ioemu-watchdog-support.patch + ioemu-watchdog-linkage.patch + ioemu-watchdog-ib700-timer.patch + tools-watchdog-support.patch + +------------------------------------------------------------------- +Mon Jun 27 09:03:17 MDT 2011 - carnold@novell.com + +- bnc#702025 - VUL-0: xen: VT-d (PCI passthrough) MSI trap + injection (CVE-2011-1898) + Fixed in Xen version 4.1.1 + +------------------------------------------------------------------- +Wed Jun 22 18:11:18 CST 2011 - cyliu@novell.com + +- fate#310956: Support Direct Kernel Boot for FV guests + kernel-boot-hvm.patch + +------------------------------------------------------------------- +Wed Jun 22 13:49:22 CST 2011 - cyliu@novell.com + +- fate#310316: Support change vnc password while vm is running + change-vnc-passwd.patch +- fate#310325: Support get domU console log from Dom0 + log-guest-console.patch + +------------------------------------------------------------------- +Wed Jun 22 11:29:47 CEST 2011 - ohering@suse.de + +- fate#311487: remove modprobe.conf files for autoloading of Xen + and Hyper-V drivers + xen.sles11sp1.fate311487.xen_platform_pci.dmistring.patch + add dmi modalias to xen-platform-pci.ko + +------------------------------------------------------------------- +Tue Jun 21 14:21:42 MDT 2011 - carnold@novell.com + +- fate#308532: [NONCODE] Remove XEN 32-bit Hypervisor + Modify ExclusiveArch in xen.spec to build only x86_64 + +------------------------------------------------------------------- +Tue Jun 21 08:03:59 MDT 2011 - carnold@novell.com + +- fate#309900 - Add Xen support for SVM Decode Assist in AMD family + 15h +- fate#309902 - Add Xen support for AMD family 12h processors +- fate#309903 - Add Xen support for AMD family 14h processors +- fate#309906 - Add Xen support for performance event counters in + AMD family 15h + +------------------------------------------------------------------- +Fri Jun 17 06:37:36 MDT 2011 - carnold@novell.com + +- fate#309893: Add Xen support for AMD family 15h processors +- fate#309901: Add Xen support for SVM TSC scaling in AMD family + 15h +- fate#311951: Ivy Bridge: XEN support for Supervisor Mode + Execution Protection (SMEP) + 23437-amd-fam15-TSC-scaling.patch + 23462-libxc-cpu-feature.patch + 23481-x86-SMEP.patch + 23504-x86-SMEP-hvm.patch + 23505-x86-cpu-add-arg-check.patch + 23508-vmx-proc-based-ctls-probe.patch + 23510-hvm-cpuid-DRNG.patch + 23511-amd-fam15-no-flush-for-C3.patch + 23516-cpuid-ERMS.patch + 23538-hvm-pio-emul-no-host-crash.patch + 23539-hvm-cpuid-FSGSBASE.patch + 23543-x86_64-maddr_to_virt-assertion.patch + 23546-fucomip.patch + +------------------------------------------------------------------- +Wed Jun 15 15:31:17 MDT 2011 - jfehlig@novell.com + +- Fix libxc reentrancy issues + 23383-libxc-rm-static-vars.patch + +------------------------------------------------------------------- +Wed Jun 15 08:09:53 MDT 2011 - carnold@novell.com + +- fate#310957 - Update to Xen 4.1.1 FCS c/s 23079 + +------------------------------------------------------------------- +Tue Jun 14 11:26:30 CST 2011 - lidongyang@novell.com + +- fate#311000 - Extend Xen domain lock framework to support + more alternative + xend-domain-lock-sfex.patch + +------------------------------------------------------------------- +Mon Jun 13 14:50:32 CST 2011 - lidongyang@novell.com + +- fate#311371 - Enhance yast to configure live migration for + Xen and KVM + add firewall service file for xen-tools + +------------------------------------------------------------------- +Fri Jun 10 09:14:07 MDT 2011 - jfehlig@novell.com + +- Add man page for xen-list utility + updated xen-utils-0.1.tar.bz2 + +------------------------------------------------------------------- +Thu May 26 06:36:49 MDT 2011 - carnold@novell.com + +- Upstream patches from Jan + 23233-hvm-cr-access.patch + 23234-svm-decode-assist-base.patch + 23235-svm-decode-assist-crs.patch + 23236-svm-decode-assist-invlpg.patch + 23238-svm-decode-assist-insn-fetch.patch + 23303-cpufreq-misc.patch + 23304-amd-oprofile-strings.patch + 23305-amd-fam15-xenoprof.patch + 23306-amd-fam15-vpmu.patch + 23334-amd-fam12+14-vpmu.patch + 23338-vtd-force-intremap.patch + +------------------------------------------------------------------- +Thu May 26 06:27:56 MDT 2011 - carnold@novell.com + +- fate#310957 - Update to Xen 4.1.1-rc1 c/s 23064 + +------------------------------------------------------------------- +Tue May 24 18:19:04 CEST 2011 - ohering@suse.de + +- xentrace: dynamic tracebuffer allocation + xen-unstable.xentrace.dynamic_tbuf.patch + xen-unstable.xentrace.empty_t_info_pages.patch + xen-unstable.xentrace.verbose.patch + xen-unstable.xentrace.no_gdprintk.patch + xen-unstable.xentrace.comments.patch + xen-unstable.xentrace.printk_prefix.patch + xen-unstable.xentrace.remove_debug_printk.patch + xen-unstable.xentrace.t_info_pages-formula.patch + xen-unstable.xentrace.register_cpu_notifier-boot_time.patch + xen-unstable.xentrace.t_info_page-overflow.patch + xen-unstable.xentrace.t_info_first_offset.patch + xen-unstable.xentrace.data_size__read_mostly.patch + xen-unstable.xentrace.__insert_record-dst-type.patch + +------------------------------------------------------------------- +Tue May 24 13:51:14 CEST 2011 - ohering@suse.de + +- fate#310510 - fix xenpaging + update xenpaging patches for xen 4.1 + xenpaging.guest_remove_page.slow_path.patch + xenpaging.mem_event-no-p2mt.patch + xenpaging.no-srand.patch + xenpaging.return-void.patch + xenpaging.catch-xc_mem_paging_resume-error.patch + xenpaging.xenpaging_populate_page-gfn.patch + xenpaging.autostart.patch + +------------------------------------------------------------------- +Fri May 20 10:48:54 MDT 2011 - carnold@novell.com + +- bnc#670465 - When connecting to Xen guest through vncviewer mouse + tracking is off. +- Upstream patch 23298-hvmop-get-mem-type.patch replaces + xen.sles11sp1.bug684297.HVMOP_get_mem_type.patch +- Upstream patches from Jan + 23333-hvm-32bit-compat-hypercalls.patch + 23337-vtd-malicious-msi-filter.patch + 23338-vtd-force-intremap.patch (CVE-2011-1898) + 23341-x86-ioapic-write-entry.patch + 23343-vtd-error-path-leaks.patch + +------------------------------------------------------------------- +Thu May 19 11:22:51 CEST 2011 - ohering@suse.de + +- bnc#684305 - on_crash is being ignored with kdump now working in HVM + xend-config-enable-dump-comment.patch + +------------------------------------------------------------------- +Thu May 19 11:19:37 CEST 2011 - ohering@suse.de + +- disable xend's logrotation for xend.log, use included logrotate.conf + +------------------------------------------------------------------- +Wed May 18 17:00:16 CEST 2011 - ohering@suse.de + +- bnc#684297 - HVM taking too long to dump vmcore + xen.sles11sp1.bug684297.HVMOP_get_mem_type.patch + new hvm_op hyper call option + xen.sles11sp1.bug684297.xen_oldmem_pfn_is_ram.patch + Use new Xen HVMOP_get_mem_type hvmop hypercall option and new Linux + kernel register_oldmem_pfn_is_ram interface. + (depends on two kernel-source changes) + +------------------------------------------------------------------- +Tue May 17 11:31:49 MDT 2011 - carnold@novell.com + +- Update to Xen 4.1.1-rc1-pre c/s 23051 + +------------------------------------------------------------------- +Thu May 12 21:10:21 MDT 2011 - carnold@novell.com + +- Numerous cleanups when compiling with the unused-but-set-variable + flag enabled and warnings equal to errors. + xen-warnings-unused.diff + +------------------------------------------------------------------- +Thu May 12 08:30:48 MDT 2011 - jfehlig@novell.com + +- Add a 'long' option to xen-list utility + Updated xen-utils-0.1.tar.bz2 + +------------------------------------------------------------------- +Tue May 10 08:53:27 MDT 2011 - jfehlig@novell.com + +- bnc#691256 - move modprobe of xen backend modules from xend to + xencommons initscript + tmp-initscript-modprobe.patch + +------------------------------------------------------------------- +Mon May 9 16:26:06 MDT 2011 - jfehlig@novell.com + +- bnc#691738 - Xen does not find device create with npiv block + xen-qemu-iscsi-fix.patch + +------------------------------------------------------------------- +Tue May 3 11:11:05 MDT 2011 - carnold@novell.com + +- Upstream patches from Jan + 22998-x86-get_page_from_l1e-retcode.patch + 22999-x86-mod_l1_entry-retcode.patch + 23000-x86-mod_l2_entry-retcode.patch + 23096-x86-hpet-no-cpumask_lock.patch + 23099-x86-rwlock-scalability.patch + 23103-x86-pirq-guest-eoi-check.patch + 23127-vtd-bios-settings.patch + 23153-x86-amd-clear-DramModEn.patch + 23154-x86-amd-iorr-no-rdwr.patch + 23199-amd-iommu-unmapped-intr-fault.patch + 23200-amd-iommu-intremap-sync.patch + 23228-x86-conditional-write_tsc.patch + +------------------------------------------------------------------- +Tue May 3 08:54:51 MDT 2011 - carnold@novell.com + +- bnc#691238 - L3: question on behaviour change xm list + snapshot-xend.patch + +------------------------------------------------------------------- +Mon May 2 12:42:16 CEST 2011 - ohering@suse.de + +- update xenalyze to revision 98 + * Unify setting of vcpu data type + * Unify record size checks + * Fix cr3_switch not to access hvm struct before it's initialized +- add xenalyze.gcc46.patch to fix unused-but-set-variable errors + +------------------------------------------------------------------- +Thu Apr 28 10:24:46 MDT 2011 - jfehlig@novell.com + +- bnc#688473 - VUL-0: potential buffer overflow in tools + cve-2011-1583-4.0.patch + +------------------------------------------------------------------- +Thu Apr 28 17:18:57 CEST 2011 - ohering@suse.de + +- hotplug.losetup.patch + correct dev:inode detection and use variable expansion + +------------------------------------------------------------------- +Tue Apr 26 11:30:39 MDT 2011 - carnold@novell.com + +- bnc#623680 - xen kernel freezes during boot when processor module + is loaded + 23228-x86-conditional-write_tsc.patch +- bnc#680824 - dom0 can't recognize boot disk when IOMMU is enabled + 23200-amd-iommu-intremap-sync.patch +- Upstream patches from Jan + 23127-vtd-bios-settings.patch + 23153-x86-amd-clear-DramModEn.patch + 23154-x86-amd-iorr-no-rdwr.patch + 23199-amd-iommu-unmapped-intr-fault.patch + +------------------------------------------------------------------- +Thu Apr 21 16:30:30 CEST 2011 - ohering@suse.de + +- bnc#685189: update vif-route-ifup.patch to use correct variable + after upstream commit 22910:d4bc41a8cecb + +------------------------------------------------------------------- +Wed Apr 20 17:50:04 CEST 2011 - ohering@suse.de + +- bnc#688519: correct indention in xend-domain-lock.patch + +------------------------------------------------------------------- +Thu Apr 19 06:43:19 MST 2011 - jfehlig@novell.com + +- bnc#687981 - L3: mistyping model type when defining VIF crashes + VM + xend-validate-nic-model.patch + +------------------------------------------------------------------- +Mon Apr 11 15:55:04 MDT 2011 - jfehlig@suse.de + +- bnc#685338: Fix porting of xend-domain-lock.patch + +------------------------------------------------------------------- +Mon Apr 11 19:33:34 CEST 2011 - ohering@suse.de + +- update scripts to use xl instead of xm: + xen-updown.sh, init.xendomains, xmclone.sh + +------------------------------------------------------------------- +Mon Apr 11 17:34:46 CEST 2011 - ohering@suse.de + +- disable xend in openSuSE > 11.4 + the xl command is the replacement for the xm command + +------------------------------------------------------------------- +Thu Apr 7 18:16:45 CEST 2011 - ohering@suse.de + +- mark runlevel scripts as config to preserve local changes by + admin or dev during package update + +------------------------------------------------------------------- +Thu Apr 7 18:11:14 CEST 2011 - ohering@suse.de + +- enable xencommons runlevel script during upgrade if xend was + already enabled + +------------------------------------------------------------------- +Thu Apr 7 17:50:23 CEST 2011 - ohering@suse.de + +- call /sbin/ldconfig directly in xen-libs post install scripts + +------------------------------------------------------------------- +Tue Apr 5 10:57:20 MDT 2011 - carnold@novell.com + +- Upstream patches from Jan + 23103-x86-pirq-guest-eoi-check.patch + 23030-x86-hpet-init.patch + 23061-amd-iommu-resume.patch + 23127-vtd-bios-settings.patch + +------------------------------------------------------------------- +Thu Mar 31 12:41:24 UTC 2011 - coolo@novell.com + +- add baselibs.conf as libvirt uses 32bit libraries + +------------------------------------------------------------------- +Tue Mar 29 10:18:09 MDT 2011 - carnold@novell.com + +- Remus support is enabled for now. + +------------------------------------------------------------------- +Mon Mar 28 09:28:49 MDT 2011 - carnold@novell.com + +- Enable support for kernel decompression for gzip, bzip2, and LZMA + so that kernels compressed with any of these methods can be + launched + +------------------------------------------------------------------- +Fri Mar 25 09:48:04 MDT 2011 - carnold@novell.com + +- Update to Xen 4.1 FCS + +------------------------------------------------------------------- +Thu Mar 24 11:44:17 CET 2011 - ohering@suse.de + +- fix xentrace.dynamic_sized_tbuf.patch + the default case did not work, correct size calculation + +------------------------------------------------------------------- +Tue Mar 22 15:13:08 MDT 2011 - carnold@novell.com + +- Update to c/s 23010 Xen 4.1 rc8 + +------------------------------------------------------------------- +Tue Mar 22 10:53:00 CET 2011 - ohering@suse.de + +- use _smp_mflags instead of jobs, jobs is not expanded everywhere + +------------------------------------------------------------------- +Mon Mar 21 10:09:50 MDT 2011 - carnold@novell.com + +- bnc#681302 - xm create -x returns "ImportError: No module + named ext" + xm-create-xflag.patch + +------------------------------------------------------------------- +Thu Mar 17 06:22:30 MDT 2011 - carnold@novell.com + +- bnc#675817 - Kernel panic when creating HVM guests on AMD + platforms with XSAVE + 22462-x86-xsave-init-common.patch + +------------------------------------------------------------------- +Tue Mar 15 09:22:24 MDT 2011 - carnold@novell.com + +- bnc#679344 - Xen: multi-vCPU pv guest may crash host + 23034-x86-arch_set_info_guest-DoS.patch +- bnc#678871 - dom0 hangs long time when starting hvm guests with + memory >= 64GB + 22780-pod-preempt.patch +- bnc#675363 - Random lockups with kernel-xen. Possibly graphics + related + 22997-x86-map_pages_to_xen-check.patch +- Upstream patches from Jan + 22949-x86-nmi-pci-serr.patch + 22992-x86-fiop-m32i.patch + 22996-x86-alloc_xen_pagetable-no-BUG.patch + 23020-x86-cpuidle-ordering.patch + 23039-csched-constrain-cpu.patch + +------------------------------------------------------------------- +Mon Mar 14 22:20:39 MDT 2011 - jfehlig@novell.com + +- Fix xen-utils to cope with xen-unstable c/s 21483 + +------------------------------------------------------------------- +Mon Mar 14 10:11:19 MDT 2011 - carnold@novell.com + +- bnc#678229 - restore of sles HVM fails + 22873-svm-sr-32bit-sysenter-msrs.patch + +------------------------------------------------------------------- +Fri Mar 11 22:28:37 CET 2011 - ohering@suse.de + +- xz-devel is available since 11.2, make it optional for SLES11SP1 + +------------------------------------------------------------------- +Mon Feb 28 14:07:01 CST 2011 - cyliu@novell.com + +- Fix /vm/uuid xenstore leak on tapdisk2 device cleanup + 22499-xen-hotplug-cleanup.patch + +------------------------------------------------------------------- +Fri Feb 25 14:07:01 MST 2011 - carnold@novell.com + +- Upstream patches from Jan + 22872-amd-iommu-pci-reattach.patch + 22879-hvm-no-self-set-mem-type.patch + 22899-x86-tighten-msr-permissions.patch + 22915-x86-hpet-msi-s3.patch + 22947-amd-k8-mce-init-all-msrs.patch + +------------------------------------------------------------------- +Thu Feb 17 21:18:19 MST 2011 - jfehlig@novell.com + +- bnc#672833 - xen-tools bug causing problems with Ubuntu 10.10 + under Xen 4. + 22238-pygrub-grub2-fix.patch + +------------------------------------------------------------------- +Thu Feb 17 20:06:07 CST 2011 - lidongyang@novell.com + +- bnc#665610 - xm console > 1 to same VM messes up both consoles + Upstream rejected due to portability concern, see + http://lists.xensource.com/archives/html/xen-devel/2011-02/msg00942.html + xenconsole-no-multiple-connections.patch + +------------------------------------------------------------------- +Fri Feb 11 11:50:20 MST 2011 - carnold@novell.com + +- Enable support for kernel decompression for gzip, bzip2, and LZMA + so that kernels compressed with any of these methods can be + launched. + +------------------------------------------------------------------- +Tue Feb 10 14:12:46 CST 2011 - lidongyang@novell.com + +- bnc#651822 - xm snapshot-xxx scripts lead to an XP SP3 HVM domU + to chkdsk + Make sure we only apply the snapshot once, and the changes made + after snapshot-apply hit the disk. + +------------------------------------------------------------------- +Wed Feb 9 16:38:12 MST 2011 - carnold@novell.com + +- Update to Xen 4.1.0 c/s 22861 + +------------------------------------------------------------------- +Tue Feb 8 16:02:46 MST 2011 - jfehlig@novell.com + +- bnc#658569 - SLES 11 SP1 dom0 iptables gives lots of physdev + messages + 22385-vif-common.patch + +------------------------------------------------------------------- +Mon Feb 7 13:25:04 CET 2011 - ohering@suse.de + +- update xenalyze, more 64bit fixes + +------------------------------------------------------------------- +Mon Feb 7 13:17:12 CET 2011 - ohering@suse.de + +- allocate xentrace buffer metadata based on requested tbuf_size + xentrace.dynamic_sized_tbuf.patch + +------------------------------------------------------------------- +Mon Feb 7 13:07:43 CET 2011 - ohering@suse.de + +- fate#310510 - fix xenpaging + xenpaging.runtime_mru_size.patch + - specify policy mru size at runtime + xenpaging.no_domain_id.patch + - reduce memory usage in pager + +------------------------------------------------------------------- +Mon Feb 7 13:01:03 CET 2011 - ohering@suse.de + +- bnc#625394 - set vif mtu from bridge mtu if kernel supports it + vif-bridge.mtu.patch + +------------------------------------------------------------------- +Sun Feb 6 15:46:43 CET 2011 - ohering@suse.de + +- fate#310510 - fix xenpaging + xenpaging.autostart_delay.patch + - decouple create/destroycreateXenPaging from _create/_removeDevices + - change xenpaging variable from int to str + - init xenpaging variable to 0 if xenpaging is not in config file + to avoid string None coming from sxp file + +------------------------------------------------------------------- +Tue Feb 1 16:01:45 MST 2011 - carnold@novell.com + +- Update to Xen 4.0.2 rc2-pre, changeset 21443 + +------------------------------------------------------------------- +Mon Jan 31 10:45:21 MST 2011 - carnold@novell.com + +- bnc#633573 - System fail to boot after running several warm + reboot tests + 22749-vtd-workarounds.patch +- Upstream patches from Jan + 22744-ept-pod-locking.patch + 22777-vtd-ats-fixes.patch + 22781-pod-hap-logdirty.patch + 22782-x86-emul-smsw.patch + 22789-i386-no-x2apic.patch + 22790-svm-resume-migrate-pirqs.patch + 22816-x86-pirq-drop-priv-check.patch + +------------------------------------------------------------------- +Thu Jan 27 06:23:35 MST 2011 - carnold@novell.com + +- Don't pass the deprecataed extid parameter to xc.hvm_build + +------------------------------------------------------------------- +Fri Jan 14 08:29:15 MST 2011 - carnold@novell.com + +- bnc#658704 - SLES11 SP1 Xen boot panic in x2apic mode + 22707-x2apic-preenabled-check.patch +- bnc#641419 - L3: Xen: qemu-dm reports "xc_map_foreign_batch: mmap failed: + Cannot allocate memory" + 7434-qemu-rlimit-as.patch +- Additional or upstream patches from Jan + 22693-fam10-mmio-conf-base-protect.patch + 22694-x86_64-no-weak.patch + 22708-xenctx-misc.patch + 21432-4.0-cpu-boot-failure.patch + 22645-amd-flush-filter.patch + qemu-fix-7433.patch + +------------------------------------------------------------------- +Wed Jan 12 21:28:18 MST 2011 - carnold@novell.com + +- Maintain compatibility with the extid flag even though it is + deprecated for both legacy and sxp config files. + hv_extid_compatibility.patch + +------------------------------------------------------------------- +Wed Jan 12 16:08:10 CST 2011 - cyliu@novell.com + +- bnc#649209-improve suspend eventchn lock + suspend_evtchn_lock.patch + +------------------------------------------------------------------- +Tue Jan 11 11:48:10 MST 2011 - carnold@novell.com + +- Removed the hyper-v shim patches in favor of using the upstream + version. + +------------------------------------------------------------------- +Mon Jan 10 21:15:43 MST 2011 - carnold@novell.com + +- bnc#641419 - L3: Xen: qemu-dm reports "xc_map_foreign_batch: mmap + failed: Cannot allocate memory" + qemu-rlimit-as.patch + +------------------------------------------------------------------- +Mon Jan 10 15:23:18 CST 2011 - cyliu@novell.com + +- Upstream c/s 7433 to replace qemu_altgr_more.patch + 7433-qemu-altgr.patch + +------------------------------------------------------------------- +Fri Jan 7 16:13:24 MST 2011 - jfehlig@novell.com + +- bnc#661931 - Fix fd leak in xenstore library + 21344-4.0-testing-xenstore-fd-leak.patch + +------------------------------------------------------------------- +Tue Jan 4 18:06:31 MST 2011 - carnold@novell.com + +- bnc#656369 - g5plus: sles11sp1 xen crash with 8 socket x2apic + preenabled + 21989-x2apic-resume.patch + 22475-x2apic-cleanup.patch + 22535-x2apic-preenabled.patch +- bnc#658163 - maintenance release - Nehalem system cannot boot + into xen with maintenance release installed + 22504-iommu-dom0-holes.patch + 22506-x86-iommu-dom0-estimate.patch +- bnc#658704 - SLES11 SP1 Xen boot panic in x2apic mode + 21810-x2apic-acpi.patch +- Upstream patches from Jan + 22470-vlapic-tick-loss.patch + 22484-vlapic-tmcct-periodic.patch + 22526-ept-access-once.patch + 22533-x86-32bit-apicid.patch + 22534-x86-max-local-apic.patch + 22538-keyhandler-relax.patch + 22540-32on64-hypercall-debug.patch + 22549-vtd-map-page-leak.patch + 22574-ept-skip-validation.patch + 22632-vtd-print-entries.patch + +------------------------------------------------------------------- +Tue Jan 4 16:53:54 MST 2011 - carnold@novell.com + +- bnc#661298 - maintenance release candidate - Windows VMs reboot + too fast, triggering failsafe + xen-minimum-restart-time.patch + +------------------------------------------------------------------- +Tue Jan 4 10:23:18 CST 2011 - cyliu@novell.com + +- bnc#659070 - Fail to input '|' in en-us keyboard + qemu_altgr_more.patch + +------------------------------------------------------------------- +Tue Dec 28 11:23:18 MST 2010 - jfehlig@novell.com + +- bnc#659466 - XEN drbd block device type not working on SLES 11 SP1 + 20158-revert.patch + +------------------------------------------------------------------- +Mon Dec 27 15:35:04 MST 2010 - jfehlig@novell.com + +- Revert changes made to snapshot-xend.patch and + snapshot-ioemu-restore.patch made on 2010-11-19. The changes + were intended to fix bnc#651822, but testing revealed additional + changes were needed to completely resolve the bug. bnc#651822 + will be fixed in a subsequent maintenance release. + +------------------------------------------------------------------- +Mon Dec 27 14:43:13 CST 2010 - lidongyang@novell.com + +- bnc#654543 - PV guest won't unplug the IDE disk created by + qemu-dm + a dirty hack, only add the device to drives_table[] if we are FV + domU, that will be unplugged anyway if a PV driver is loaded + later. + ioemu-disable-emulated-ide-if-pv.patch + +------------------------------------------------------------------- +Wed Dec 22 11:31:52 CST 2010 - cyliu@novell.com + +- Upstream patch to replace xenfb_32bpp.patch + 7426-xenfb-depth.patch + +------------------------------------------------------------------- +Tue Dec 21 11:31:52 CST 2010 - lidongyang@novell.com + +- bnc#651822 make sure we only apply the snapshot once, and the + changes made after snapshot-apply hit the disk. + snapshot-xend.patch + snapshot-without-pv-fix.patch + +------------------------------------------------------------------- +Fri Dec 17 14:34:18 CET 2010 - ohering@suse.de + +- fate#310510 - fix xenpaging + xenpaging.HVMCOPY_gfn_paged_out.patch + - remove incorrect and unneeded cleanup from do_memory_op + subfunctions + add mainline tag to merged patches + +------------------------------------------------------------------- +Thu Dec 16 17:29:11 MST 2010 - jfehlig@novell.com + +- bnc#613584 - If available, use kpartx '-f' option in domUloader + +------------------------------------------------------------------- +Thu Dec 16 10:14:47 MST 2010 - jfehlig@novell.com + +- bnc#659872 - xend: Do no release domain lock on checkpoint + operation. + +------------------------------------------------------------------- +Tue Dec 14 11:59:26 MST 2010 - carnold@novell.com + +- Upstream patches from Jan + 22431-p2m-remove-bug-check.patch + 22448-x86_64-gdt-ldt-fault-filter.patch + 22466-x86-sis-apic-bug.patch + 22451-hvm-cap-clobber.patch + 22388-x2apic-panic.patch + 22452-x86-irq-migrate-directed-eoi.patch + +------------------------------------------------------------------- +Tue Dec 14 10:39:56 MST 2010 - carnold@novell.com + +- bnc#658163 - maintenance release - Nehalem system cannot boot + into xen with maintenance release installed + iommu-dom0-holes.patch + x86-iommu-dom0-estimate.patch + +------------------------------------------------------------------- +Tue Dec 14 10:35:52 MST 2010 - carnold@novell.com + +- bnc#659085 - physical host is rebooted with unknown reason + Regression: Remove the patch 22071-ept-get-entry-lock.patch + +------------------------------------------------------------------- +Tue Dec 13 10:27:04 MST 2010 - carnold@novell.com + +- Removed 7410-qemu-alt-gr.patch and altgr_2.patch. It causes a + regression (see bnc#659070) + +------------------------------------------------------------------- +Tue Dec 7 15:38:58 CET 2010 - ohering@suse.de + +- make stubdom build optional + +------------------------------------------------------------------- +Tue Dec 7 15:14:12 CET 2010 - ohering@suse.de + +- pass -j N to stubdom build + +------------------------------------------------------------------- +Tue Dec 7 14:56:31 CET 2010 - ohering@suse.de + +- add xenalzye from http://xenbits.xensource.com/ext/xenalyze.hg + +------------------------------------------------------------------- +Tue Dec 7 14:25:54 CET 2010 - ohering@suse.de + +- hotplug-block-losetup-a.patch + allow hardlinked blockdevices +- fate#310510 - fix xenpaging + xenpaging.paging_prep_enomem.patch + - retry page-in if guest is temporary out-of-memory + xenpaging.print-arguments.patch + - print arguments passed to xenpaging + xenpaging.machine_to_phys_mapping.patch + - invalidate array during page deallocation + xenpaging.autostart_delay.patch + - fold xenpaging.enabled.patch into this patch + - set xenpaging_delay to 0.0 to start xenpaging right away + +------------------------------------------------------------------- +Fri Dec 3 15:57:58 MST 2010 - carnold@novell.com + +- bnc#654591 - SLES11 SP0->Sp1 regression? (Xen, HVMs, NPIV) + Fixed xen-qemu-iscsi-fix.patch + +------------------------------------------------------------------- +Fri Dec 3 14:50:01 CST 2010 - cyliu@novell.com + +- blktap2 patch - fix problem that blktap2 device info not cleared + when block-attach fail. + blktap2.patch + +------------------------------------------------------------------- +Tue Nov 30 13:44:35 MST 2010 - carnold@novell.com + +- bnc#655438 - Using performance counter in domU on Nehalem cpus + 22417-vpmu-nehalem.patch +- Upstream patches from Jan + 22389-amd-iommu-decls.patch + 22416-acpi-check-mwait.patch + 22431-p2m-remove-bug-check.patch + +------------------------------------------------------------------- +Tue Nov 30 06:46:28 MST 2010 - carnold@novell.com + +- bnc#656245 - VUL-1: hypervisor: application or kernel in any pv + Xen domain can crash Xen + x86_64-gdt-ldt-fault-filter.patch + +------------------------------------------------------------------- +Mon Nov 29 10:06:49 MST 2010 - carnold@novell.com + +- bnc#654050 - Python: a crasher bug in pyexpat - upstream patch + needs backporting + 22235-lxml-validator.patch + +------------------------------------------------------------------- +Tue Nov 23 15:46:09 MST 2010 - jfehlig@novell.com + +- bnc#628729 - Add a small, fast alternative to 'xm list' for + enumerating active domains. xen-list is a C program that uses + libxenstore and libxenctl directly, bypassing the python + toolstack. + xen-utils-0.1.tar.bz2 + +------------------------------------------------------------------- +Mon Nov 22 11:51:30 MST 2010 - jfehlig@novell.com + +- bnc#628729 - Add a small, fast alternative to 'xm list' for + enumerating active domains. xen-list is a C program that uses + libxenstore and libxenctl directly, bypassing the python + toolstack. + xen-utils-0.1.tar.bz2 + +------------------------------------------------------------------- +Fri Nov 19 11:48:43 CST 2010 - lidongyang@novell.com + +- bnc#651822 - xm snapshot-xxx scripts lead to an XP SP3 HVM domU + to chkdsk + snapshot-xend.patch + snapshot-ioemu-restore.patch + +------------------------------------------------------------------- +Wed Nov 17 15:20:02 MST 2010 - carnold@novell.com + +- bnc#651957 - Xen: vm-install failed to start + xenpaging.enabled.patch + +------------------------------------------------------------------- +Wed Nov 17 10:35:52 CET 2010 - ohering@suse.de + +- fate#310510 - fix xenpaging + xenpaging.signal_handling.patch + - unlink pagefile in signal handler + +------------------------------------------------------------------- +Fri Nov 12 09:48:14 MST 2010 - carnold@novell.com + +- Upstream patch for python 2.7 compatibility + 22045-python27-compat.patch + +------------------------------------------------------------------- +Thu Nov 11 18:44:48 CST 2010 - cyliu@novell.com + +- bnc#641144 - FV Xen VM running windows or linux cannot write to + virtual floppy drive + bdrv_default_rwflag.patch + +------------------------------------------------------------------- +Thu Nov 11 21:01:12 CET 2010 - ohering@suse.de + +- fate#310510 - fix xenpaging + xenpaging.optimize_p2m_mem_paging_populate.patch + xenpaging.HVMCOPY_gfn_paged_out.patch + +------------------------------------------------------------------- +Thu Nov 11 10:11:35 MST 2010 - carnold@novell.com + +- bnc#649864 - automatic numa cpu placement of xen conflicts with + cpupools + 22326-cpu-pools-numa-placement.patch + +------------------------------------------------------------------- +Wed Nov 10 17:38:39 CET 2010 - ohering@suse.de + +- fate#310510 - fix xenpaging + xenpaging.populate_only_if_paged.patch + - revert logic, populate needs to happen unconditionally + xenpaging.p2m_mem_paging_populate_if_p2m_ram_paged.patch + - invalidate current mfn only if gfn is not in flight or done + xenpaging.mem_event_check_ring-free_requests.patch + - print info only if 1 instead of 2 slots are free + xenpaging.guest_remove_page.patch + - check mfn before usage in resume function + xenpaging.machine_to_phys_mapping.patch + - check mfn before usage in resume function + +------------------------------------------------------------------- +Tue Nov 9 10:00:48 MST 2010 - jfehlig@novell.com + +- bnc#552115 - Remove target discovery in block-iscsi + modified block-iscsi script + +------------------------------------------------------------------- +Mon Nov 8 13:11:02 MDT 2010 - jfehlig@novell.com + +- bnc#649277 - Fix pci passthru in xend interface used by libvirt + 22369-xend-pci-passthru-fix.patch + +------------------------------------------------------------------- +Mon Nov 8 02:49:00 UTC 2010 - lidongyang@novell.com + +- bnc#642078 - xm snapshot-create causes qemu-dm to SEGV + snapshot-without-pv-fix.patch + +------------------------------------------------------------------- +Fri Nov 5 16:22:15 CET 2010 - ohering@suse.de + +- fate#310510 - fix xenpaging + xenpaging.num_pages_equal_max_pages.patch + +------------------------------------------------------------------- +Fri Nov 5 09:13:38 MDT 2010 - carnold@novell.com + +- bnc#647681 - L3: Passthrough of certain PCI device broken after + SLES 11 to SP1 upgrade +- bnc#650871 - Regression in Xen PCI Passthrough + 22348-vtd-check-secbus-devfn.patch +- Upstream patches from Jan + 22223-vtd-workarounds.patch (bnc#652935) + 22231-x86-pv-ucode-msr-intel.patch + 22232-x86-64-lahf-lm-bios-workaround.patch + 22280-kexec.patch + 22337-vtd-scan-single-func.patch + +------------------------------------------------------------------- +Wed Nov 3 16:26:10 MDT 2010 - carnold@novell.com + +- bnc#497149 - SLES11 64bit Xen - SLES11 64bit HVM guest has + corrupt text console + stdvga-cache.patch + +------------------------------------------------------------------- +Wed Nov 3 17:52:14 CET 2010 - ohering@suse.de + +- fate#310510 - fix xenpaging + xenpaging.page_already_populated.patch + xenpaging.notify_policy_only_once.patch + xenpaging.guest_remove_page.patch + xenpaging.machine_to_phys_mapping.patch + remove xenpaging.memory_op.patch, retry loops are not needed + +------------------------------------------------------------------- +Tue Nov 2 14:10:34 MDT 2010 - carnold@novell.com + +- bnc#474789 - xen-tools 3.3 rpm misses pv-grub +- PV-GRUB replaces PyGrub to boot domU images safely: it runs the + regular grub inside the created domain itself and uses regular + domU facilities to read the disk / fetch files from network etc.; + it eventually loads the PV kernel and chain-boots it. + +------------------------------------------------------------------- +Wed Oct 27 20:08:51 CEST 2010 - ohering@suse.de + +- fate#310510 - fix xenpaging + xenpaging.doc.patch +- add /var/lib/xen/xenpaging directory + +------------------------------------------------------------------- +Wed Oct 27 11:50:17 MDT 2010 - ksrinivasan@novell.com + +- Some cleanup in the APIC handling code in the HyperV shim. + hv_apic.patch + +------------------------------------------------------------------- +Wed Oct 27 18:04:30 CEST 2010 - ohering@suse.de + +- fate#310510 - fix xenpaging + xenpaging.memory_op.patch, correct delay handling in retry loop + +------------------------------------------------------------------- +Wed Oct 27 03:56:38 EDT 2010 - cyliu@novell.com + +- bnc#640370 - VM graphic console in VNC is corrupted + xenfb_32bpp.patch + +------------------------------------------------------------------- +Fri Oct 22 13:34:54 CEST 2010 - ohering@suse.de + +- fate#310510 - fix xenpaging + xenpaging.autostart_delay.patch + delay start of xenpaging 7 seconds for smooth BIOS startup + +------------------------------------------------------------------- +Wed Oct 20 15:50:01 CEST 2010 - ohering@suse.de + +- fate#310510 - fix xenpaging + xenpaging.tools_xenpaging_cleanup.patch + +------------------------------------------------------------------- +Wed Oct 20 15:31:47 CEST 2010 - ohering@suse.de + +- fate#310510 - fix xenpaging + xenpaging.mem_event_check_ring-free_requests.patch + +------------------------------------------------------------------- +Wed Oct 20 15:29:40 CEST 2010 - ohering@suse.de + +- install /etc/xen/examples/xentrace_formats.txt to get human readable + tracedata if xenalyze is not used + +------------------------------------------------------------------- +Sun Oct 17 11:14:33 CEST 2010 - ohering@suse.de + +- fate#310510 - fix xenpaging + xenpaging.autostart_delay.patch + xenpaging.blacklist.patch + xenpaging.MRU_SIZE.patch + remove xenpaging.hacks.patch, realmode works + +------------------------------------------------------------------- +Mon Oct 11 08:59:35 MDT 2010 - carnold@novell.com + +- Upstream patches from Jan including fixes for the following bugs + bnc#583568 - Xen kernel is not booting + bnc#615206 - Xen kernel fails to boot with IO-APIC problem + bnc#640773 - Xen kernel crashing right after grub + bnc#643477 - issues with PCI hotplug/hotunplug to Xen driver domain + 22222-x86-timer-extint.patch + 22214-x86-msr-misc-enable.patch + 22213-x86-xsave-cpuid-check.patch + 22194-tmem-check-pv-mfn.patch + 22177-i386-irq-safe-map_domain_page.patch + 22175-x86-irq-enter-exit.patch + 22174-x86-pmtimer-accuracy.patch + 22160-Intel-C6-EOI.patch + 22159-notify-evtchn-dying.patch + 22157-x86-debug-key-i.patch + +------------------------------------------------------------------- +Mon Oct 11 16:03:23 CEST 2010 - ohering@suse.de + +- fate#310510 - fix xenpaging + xenpaging.signal_handling.patch + xenpaging.autostart.patch + xenpaging.hacks.patch + +------------------------------------------------------------------- +Mon Oct 11 15:42:02 CEST 2010 - ohering@suse.de + +- rename xenpaging.XENMEM_decrease_reservation.patch + to xenpaging.memory_op.patch + +------------------------------------------------------------------- +Tue Oct 8 14:11:31 CST 2010 - cyliu@novell.com + +- bnc#632956 - fix VNC altgr-insert behavior + 7410-qemu-alt-gr.patch + altgr_2.patch + +------------------------------------------------------------------- +Thu Oct 7 10:58:39 MDT 2010 - jfehlig@novell.com + +- bnc#618087 - VNC view won't stay connected to fully virtualized + Linux Xen VMs + modified ioemu-vnc-resize.patch + +------------------------------------------------------------------- +Tue Oct 5 09:34:20 MDT 2010 - carnold@novell.com + +- bnc#639546 - Dom-U deleted after introduction of the parameter + "change_home_server False" in the VM configuration + change_home_server.patch + +------------------------------------------------------------------- +Mon Oct 4 09:06:41 MDT 2010 - jfehlig@novell.com + +- bnc#641859 - block-dmmd script does not handle the configuration + when only MD is used + modified block-dmmd script + +------------------------------------------------------------------- +Thu Sep 30 17:52:55 CEST 2010 - ohering@suse.de + +- fate#310510 - fix xenpaging + xenpaging.populate_only_if_paged.patch + +------------------------------------------------------------------- +Mon Sep 27 09:59:37 MDT 2010 - carnold@novell.com + +- bnc#640773 - Xen kernel crashing right after grub + 21894-intel-unmask-cpuid.patch +- Upstream patch from Jan + 22148-serial-irq-dest.patch + +------------------------------------------------------------------- +Tue Sep 23 16:45:11 CST 2010 - cyliu@novell.com + +- bnc#628719 - improve check_device_status to handle HA cases + check_device_status.patch + +------------------------------------------------------------------- +Tue Sep 23 16:43:11 CST 2010 - cyliu@novell.com + +- bnc#628719 - multi-xvdp + mutli-xvdp.patch + +------------------------------------------------------------------- +Wed Sep 22 10:50:20 CEST 2010 - ohering@suse.de + +- fate#310510 - fix xenpaging + xenpaging.XENMEM_decrease_reservation.patch + xenpaging.xenpaging_init.patch + xenpaging.policy_linear.patch + +------------------------------------------------------------------- +Tue Sep 20 14:11:31 CST 2010 - cyliu@novell.com + +- bnc#632956 - fix VNC altgr-insert behavior + 7410-qemu-alt-gr.patch + altgr_2.patch + +------------------------------------------------------------------- +Fri Sep 17 15:59:45 CEST 2010 - ohering@suse.de + +- fate#310510 - fix xenpaging + xenpaging.pageout_policy.patch + xenpaging.xs_daemon_close.patch + xenpaging.pagefile.patch + xenpaging.mem_paging_tool_qemu_flush_cache.patch + xenpaging.get_paged_frame.patch + xenpaging.notify_via_xen_event_channel.patch + +------------------------------------------------------------------- +Mon Sep 13 16:24:31 MDT 2010 - carnold@novell.com + +- bnc#636231 - XEN: Unable to disconnect/remove CDROM drive from VM + xend-devid-or-name.patch + +------------------------------------------------------------------- +Mon Sep 13 10:50:56 MDT 2010 - carnold@novell.com + +- Upstream patches from Jan + 22019-x86-cpuidle-online-check.patch + 22051-x86-forced-EOI.patch + 22067-x86-irq-domain.patch + 22068-vtd-irte-RH-bit.patch + 22071-ept-get-entry-lock.patch + 22084-x86-xsave-off.patch + +------------------------------------------------------------------- +Mon Sep 13 10:47:09 MDT 2010 - carnold@novell.com + +- bnc#638465 - hypervisor panic in memory handling + 22135-heap-lock.patch + +------------------------------------------------------------------- +Thu Sep 10 14:14:50 MDT 2010 - carnold@novell.com + +- Update to Xen 4.0.1. This is a bug fix release. + +------------------------------------------------------------------- +Thu Sep 9 16:42:43 MDT 2010 - jfehlig@novell.com + +- bnc#635380 - Fix pygrub Grub2 support + See update to Xen 4.0.1 for fixes + +------------------------------------------------------------------- +Fri Aug 27 16:22:48 CST 2010 - cyliu@novell.com + +- bnc#628701 - Improve performance when activate/deactivate dmmd + devices + modified block-dmmd script + +------------------------------------------------------------------- +Wed Aug 25 16:18:39 MDT 2010 - jfehlig@novell.com + +- bnc#628701 - Fix qemu-dm handling of dmmd devices + modified xen-qemu-iscsi-fix.patch + +------------------------------------------------------------------- +Mon Aug 16 18:35:11 MDT 2010 - carnold@novell.com + +- bnc#626262 - Populate-on-demand memory problem on xen with hvm + guest + 21971-pod-accounting.patch + +------------------------------------------------------------------- +Mon Aug 16 17:03:58 CST 2010 - cyliu@novell.com + +- bnc#584204 - xm usb-list broken + usb-list.patch + +------------------------------------------------------------------- +Thu Aug 12 06:13:44 MDT 2010 - carnold@novell.com + +- bnc#625520 - TP-L3: NMI cannot be triggered for xen kernel + 21926-x86-pv-NMI-inject.patch + +------------------------------------------------------------------- +Mon Aug 9 09:47:09 MDT 2010 - carnold@novell.com + +- bnc#613529 - TP-L3: kdump kernel hangs when crash was initiated + from xen kernel + 21886-kexec-shutdown.patch + +------------------------------------------------------------------- +Mon Aug 2 16:42:41 MDT 2010 - carnold@novell.com + +- Upstream Intel patches to improve X2APIC handling. + 21716-iommu-alloc.patch + 21717-ir-qi.patch + 21718-x2apic-logic.patch + +------------------------------------------------------------------- +Tue Jul 27 16:23:09 MDT 2010 - jfehlig@novell.com + +- bnc#623833 - Error in Xend-API method VM_set_actions_after_crash + 21866-xenapi.patch + +------------------------------------------------------------------- +Tue Jul 27 15:37:51 MDT 2010 - jfehlig@novell.com + +- bnc#625003 - Fix vm config options coredump-{restart,destroy} + Added hunk to xm-create-xflag.patch + +------------------------------------------------------------------- +Mon Jul 26 16:53:02 MDT 2010 - jfehlig@novell.com + +- bnc#605186 - Squelch harmless error messages in block-iscsi + +------------------------------------------------------------------- +Mon Jul 26 16:22:56 MDT 2010 - jfehlig@novell.com + +- bnc#623438 - Add ability to control SCSI device path scanning + in xend + 21847-pscsi.patch + +------------------------------------------------------------------- +Mon Jul 26 16:01:07 MDT 2010 - carnold@novell.com + +- Enable the packaging of create.dtd. This is needed for when xm + is configured to use xenapi. + +------------------------------------------------------------------- +Wed Jul 21 11:46:41 MDT 2010 - carnold@novell.com + +- bnc#624285 - TP-L3: xen rdtsc emulation reports wrong frequency + 21445-x86-tsc-handling-cleanups-v2.patch + +------------------------------------------------------------------- +Thu Jul 20 13:23:14 MDT 2010 - carnold@novell.com + +- bnc#623201 - drbd xvd will fail in new xen4 packages due to wrong + popen2 arguments in blkif.py + popen2-argument-fix.patch + +------------------------------------------------------------------- +Thu Jul 8 15:27:14 MDT 2010 - carnold@novell.com + +- bnc#620694 - Xen yast vm-install for existing paravirtualized + disk fails with UnboundLocalError: local variable 'dev_type' + referenced before assignment + 21678-xend-mac-fix.patch + +------------------------------------------------------------------- +Wed Jul 7 11:20:30 MDT 2010 - carnold@novell.com + +- bnc#586221 - cannot add DomU with USB host controller defined + domu-usb-controller.patch (Chun Yan Liu) + +------------------------------------------------------------------- +Tue Jul 6 11:31:33 MDT 2010 - carnold@novell.com + +- Upstream patches from Jan + 21151-trace-bounds-check.patch + 21627-cpuidle-wrap.patch + 21643-vmx-vpmu-pmc-offset.patch + 21682-trace-buffer-range.patch + 21683-vtd-kill-timer-conditional.patch + 21693-memevent-64bit-only.patch + 21695-trace-t_info-readonly.patch + 21698-x86-pirq-range-check.patch + 21699-p2m-query-for-type-change.patch + 21700-32on64-vm86-gpf.patch + 21705-trace-printk.patch + 21706-trace-security.patch + 21712-amd-osvw.patch + 21744-x86-cpufreq-range-check.patch + 21933-vtd-ioapic-write.patch + 21953-msi-enable.patch + +------------------------------------------------------------------- +Fri Jun 25 15:43:35 CST 2010 - jsong@novell.com + +- bnc#599550 - Xen cannot distinguish the status of 'pause' + 21723-get-domu-state.patch + +------------------------------------------------------------------- +Tue Jun 22 11:50:35 MDT 2010 - jfehlig@novell.com + +- bnc#604611 - Do not store vif device details when vif config + contains invalid mac address. + 21653-xend-mac-addr.patch + +------------------------------------------------------------------- +Wed Jun 16 08:36:44 MDT 2010 - carnold@novell.com + +- linux pvdrv: generalize location of autoconf.h + Fixes error because of missing autoconf.h when building os11.2 + Factory. + +------------------------------------------------------------------- +Mon Jun 14 10:00:07 MDT 2010 - carnold@novell.com + +- bnc#609153 - xm migrate localhost -l fails on + Windows VMs + 21615-dont-save-xen-heap-pages.patch +- Upstream fixes from Jan + 21446-iommu-graceful-generic-fail.patch + 21453-shadow-avoid-remove-all-after-teardown.patch + 21456-compat-hvm-addr-check.patch + 21492-x86-pirq-unbind.patch + 21526-x86-nehalem-cpuid-mask.patch + 21620-x86-signed-domain-irq.patch + +------------------------------------------------------------------- +Mon Jun 7 10:55:20 MDT 2010 - carnold@novell.com + +- bnc#612189 - Clear APIC Timer Initial Count Register when masking + timer interrupt + 21542-amd-erratum-411.patch + +------------------------------------------------------------------- +Fri Jun 4 10:48:30 MDT 2010 - carnold@novell.com + +- bnc#610658 - XEN: PXE boot fails for fully virtualized guests - + e1000 virtual nic. (see also bnc#484778) + enable_more_nic_pxe.patch + +------------------------------------------------------------------- +Tue May 25 15:17:38 MDT 2010 - carnold@novell.com + +- bnc#608191 - /var/adm/fillup-templates/sysconfig.xend from + package xen-tools is no valid sysconfig file + xend-sysconfig.patch + +------------------------------------------------------------------- +Tue May 25 14:32:57 MDT 2010 - carnold@novell.com + +- bnc#608194 - /etc/xen/* config files are not packaged with + noreplace + +------------------------------------------------------------------- +Tue May 25 13:19:17 MDT 2010 - carnold@novell.com + +- bnc#569744 - SLE HVM guest clock/timezone is incorrect after + reboot + 21460-xend-timeoffset.patch + +------------------------------------------------------------------- +Tue May 25 11:20:30 MDT 2010 - jfehlig@novell.com + +- bnc#606882 - Allow spaces in vbd path names + 21459-block-script.patch + +------------------------------------------------------------------- +Mon May 24 15:10:12 CST 2010 - jsong@novell.com +- bnc#591799 - The status of Caps Lock is incorrect in domU + capslock_enable.patch + +------------------------------------------------------------------- +Thu May 20 09:56:07 MDT 2010 - carnold@novell.com + +- Upstream fixes from Jan including a fix for Intel's ATS issue + 21435-vmx-retain-global-controls.patch + 21406-x86-microcode-quiet.patch + 21421-vts-ats-enabling.patch + +------------------------------------------------------------------- +Wed May 19 13:23:36 MDT 2010 - carnold@novell.com + +- bnc#607219 - AMD Erratum 383 workaround for Xen + 21408-amd-erratum-383.patch + +------------------------------------------------------------------- +Wed May 19 08:09:41 MDT 2010 - carnold@novell.com + +- Added modprobe of evtchn to init.xend. The kernel will also need + to build evtchn as a module for this to be meaningful. + +------------------------------------------------------------------- +Mon May 17 08:31:24 MDT 2010 - carnold@novell.com + +- bnc#603008 - On an 8 Socket Nehalem-EX system, the fix for 593536 + causes a hang during network setup. +- Upstream patches from Jan. + 21360-x86-mce-polling-disabled-init.patch + 21372-x86-cross-cpu-wait.patch + 21331-svm-vintr-during-nmi.patch + 21333-xentrace-t_info-size.patch + 21340-vtd-dom0-mapping-latency.patch + 21346-x86-platform-timer-wrap.patch + 21373-dummy-domain-io-caps.patch + +------------------------------------------------------------------- +Wed May 12 08:42:20 MDT 2010 - carnold@novell.com + +- bnc#605182 - /etc/xen/scripts/xen-hotplug-cleanup: line 24: [: + !=: unary operator expected + 21129-xen-hotplug-cleanup.patch + +------------------------------------------------------------------- +Mon May 10 10:26:07 MDT 2010 - carnold@novell.com + +- bnc#599929 - Hot add/remove Kawela NIC device over 500 times will + cause guest domain crash + passthrough-hotplug-segfault.patch + +------------------------------------------------------------------- +Fri May 7 09:00:12 MDT 2010 - jfehlig@novell.com + +- bnc#603583 - Fix migration of domUs using tapdisk devices + 21317-xend-blkif-util-tap2.patch + suse-disable-tap2-default.patch + +------------------------------------------------------------------- +Thu May 6 08:33:22 MDT 2010 - carnold@novell.com + +- Match upstreams cpu pools switch from domctl to sysctl +- Upstream replacements for two of our custom patches (to ease + applying further backports) +- Fixed dump-exec-state.patch (could previously hang the system, as + could - with lower probability - the un-patched implementation) + +------------------------------------------------------------------- +Wed May 5 08:20:45 MDT 2010 - carnold@novell.com + +- bnc#593536 - xen hypervisor takes very long to initialize Dom0 on + 128 CPUs and 256Gb + 21272-x86-dom0-alloc-performance.patch + 21266-vmx-disabled-check.patch + 21271-x86-cache-flush-global.patch + +------------------------------------------------------------------- +Tue May 4 09:46:22 MDT 2010 - carnold@novell.com + +- bnc#558815 - using multiple npiv luns with same wwpn/wwnn broken +- bnc#601104 - Xen /etc/xen/scripts/block-npiv script fails when + accessing multiple disks using NPIV + block-npiv + +------------------------------------------------------------------- +Fri Apr 30 08:10:52 MDT 2010 - carnold@novell.com + +- bnc#595124 - VT-d can not be enabled on 32PAE Xen on Nehalem-EX + platform + 21234-x86-bad-srat-clear-pxm2node.patch + bnc#585371 - kdump fails to load with xen: locate_hole failed + 21235-crashkernel-advanced.patch + +------------------------------------------------------------------- +Thu Apr 29 08:02:49 MDT 2010 - carnold@novell.com + +- bnc#588918 - Attaching a U-disk to domain's failed by + "xm usb-attach" + init.xend + +------------------------------------------------------------------- +Wed Apr 21 21:15:04 MDT 2010 - jfehlig@novell.com + +- bnc#596442 - Preserve device config on domain start failure + xend-preserve-devs.patch + +------------------------------------------------------------------- +Tue Apr 20 15:18:31 MDT 2010 - jfehlig@novell.com + +- bnc#597770 - insserv reports a loop between xendomains and + openais. Remove openais from Should-Start in xendomains script. + +------------------------------------------------------------------- +Fri Apr 16 15:00:52 MDT 2010 - jfehlig@novell.com + +- bnc#569194 - Tools-side fixes for tapdisk protocol specification + blktap-script.patch + ioemu-subtype.patch + Modified xen-domUloader.diff + +------------------------------------------------------------------- +Wed Apr 14 08:14:31 MDT 2010 - carnold@novell.com + +- Upstream bug fixes from Jan + 21089-x86-startup-irq-from-setup-gsi.patch + 21109-x86-cpu-hotplug.patch + 21150-shadow-race.patch + 21160-sysctl-debug-keys.patch + +------------------------------------------------------------------- +Fri Apr 9 12:38:47 MDT 2010 - jfehlig@novell.com + +- Updated to Xen 4.0.0 FCS, changeset 21091 + +------------------------------------------------------------------- +Tue Apr 6 18:18:36 MDT 2010 - jfehlig@novell.com + +- Change default lock dir (when domain locking is enabled) to + /var/lib/xen/images/vm_locks +- Support SXP config files in xendomains script + +------------------------------------------------------------------- +Tue Mar 31 08:09:49 MDT 2010 - carnold@novell.com + +- Update to changeset 21087 Xen 4.0.0 RC9. + +------------------------------------------------------------------- +Fri Mar 26 07:57:33 MDT 2010 - carnold@novell.com + +- Update to changeset 21075 Xen 4.0.0 RC8. + +------------------------------------------------------------------- +Thu Mar 25 15:59:28 CST 2010 - jsong@novell.com + +- bnc#584210 - xm usb-hc-destroy does not remove entry from xend + del_usb_xend_entry.patch + +------------------------------------------------------------------- +Tue Mar 23 09:55:52 MDT 2010 - carnold@novell.com + +- Update to changeset 21057 Xen 4.0.0 RC7. + +------------------------------------------------------------------- +Wed Mar 17 16:42:20 CST 2010 - jsong@novell.com + +-Fix bnc#466899 - numa enabled xen fails to start/create vms + adjust_vcpuaffinity_more_cpu.patch + +------------------------------------------------------------------- +Tue Mar 9 16:28:59 MST 2010 - carnold@novell.com + +- Update to changeset 21022 Xen 4.0.0 RC6. + +------------------------------------------------------------------- +Tue Mar 9 10:43:27 MST 2010 - carnold@novell.com + +- bnc#586510 - cpupool fixes + cpu-pools-update.patch + +------------------------------------------------------------------- +Fri Mar 5 09:04:18 MST 2010 - carnold@novell.com + +- bnc#582645 - Xen stuck, mptbase driver attempting to reset config + request + +------------------------------------------------------------------- +Mon Mar 1 10:05:07 MST 2010 - carnold@novell.com + +- Update to changeset 20990 Xen 4.0.0 RC5. + +------------------------------------------------------------------- +Mon Feb 22 08:26:01 MST 2010 - jfehlig@novell.com + +- bnc#556939 - Improve device map cleanup code in domUloader + +------------------------------------------------------------------- +Sun Feb 21 21:34:23 MST 2010 - jfehlig@novell.com + +- bnc# 578910 - xm block-detach does not cleanup xenstore + hotplug-cleanup-fix.patch + +------------------------------------------------------------------- +Fri Feb 19 11:56:57 MST 2010 - carnold@novell.com + +- bnc#579361 - Windows Server 2003 cannot wake up from stand by in + sp1 + hibernate.patch + +------------------------------------------------------------------- +Fri Feb 19 09:49:56 MST 2010 - carnold@novell.com + +- fate#308852: XEN CPU Pools + cpupools-core.patch + cpupools-core-fixup.patch + keyhandler-alternative.patch + cpu-pools-libxc.patch + cpu-pools-python.patch + cpu-pools-libxen.patch + cpu-pools-xmtest.patch + cpu-pools-docs.patch + +------------------------------------------------------------------- +Thu Feb 18 15:18:59 MST 2010 - ksrinivasan@novell.com + +- bnc#558760: Disable scsi devices when PV drivers are loaded. + +------------------------------------------------------------------- +Tue Feb 16 08:35:08 MST 2010 - carnold@novell.com + +- Update to changeset 20951 Xen 4.0.0 RC4 for sle11-sp1 beta5. + +------------------------------------------------------------------- +Mon Feb 8 08:08:01 MST 2010 - carnold@novell.com + +- bnc#572146 - SLES11 SP1 beta 2 Xen - BUG: soft lockup - CPU#31 + stuck for 61s! [kstop/31:4512] + cpuidle-hint-v3.patch + +------------------------------------------------------------------- +Fri Feb 5 08:16:39 MST 2010 - carnold@novell.com + +- Update to changeset 20900 RC2+ for sle11-sp1 beta4. + +------------------------------------------------------------------- +Fri Jan 29 09:22:46 MST 2010 - carnold@novell.com + +- bnc#573376 - OS reboot while create DomU with Windows CD + +------------------------------------------------------------------- +Wed Jan 27 11:45:27 MST 2010 - carnold@novell.com + +- bnc#573881 - /usr/lib64/xen/bin/qemu-dm is a broken link + +------------------------------------------------------------------- +Thu Jan 21 18:50:36 MST 2010 - carnold@novell.com + +- Update to changeset 20840 RC1+ for sle11-sp1 beta3. + +------------------------------------------------------------------- +Thu Jan 21 10:41:59 MST 2010 - jfehlig@novell.com + +- bnc#569581 - SuSEfirewall2 should handle rules. Disable + handle_iptable in vif-bridge script + vif-bridge-no-iptables.patch + +------------------------------------------------------------------- +Wed Jan 20 09:12:00 MST 2010 - carnold@novell.com + +- bnc#569577 - /etc/modprove.d/xen_pvdrivers, installed by + xen-kmp-default, to ../xen_pvdrivers.conf + +------------------------------------------------------------------- +Wed Jan 6 16:50:16 EST 2010 - ksrinivasan@novell.com + +- bnc#564406 - Make the new PV drivers work with older hosts that + do not understand the new PV driver protocol. + +------------------------------------------------------------------- +Fri Dec 11 08:28:16 MST 2009 - carnold@novell.com + +- Upstream Xen version renamed to 4.0.0 in changeset 20624 & 20625. + +------------------------------------------------------------------- +Wed Dec 9 10:37:12 MST 2009 - carnold@novell.com + +- fate#307594: HP-MCBS: XEN: support NR_CPUS=256 + This is a spec file change (xen.spec) + +------------------------------------------------------------------- +Thu Dec 3 06:55:00 MST 2009 - carnold@novell.com + +- bnc#555152 - "NAME" column in xentop (SLES11) output limited to + 10 characters unlike SLES10 + The update to c/s 20572 includes this fix (at c/s 20567). + +------------------------------------------------------------------- +Tue Dec 1 17:46:20 CST 2009 - wkong@novell.com + +- Modify xen-paths.diff + +------------------------------------------------------------------- +Tue Dec 1 16:39:26 CST 2009 - wkong@novell.com + +- Merge xend-tap-fix.patch to xen-domUloader.diff + remove part of it which accepted by upstream + +------------------------------------------------------------------- +Tue Dec 1 11:08:10 MST 2009 - jfehlig@novell.com + +- Load gntdev module in xend init script similar to blkbk, + netbk, etc. + +------------------------------------------------------------------- +Thu Nov 26 11:29:51 CST 2009 - wkong@novell.com + +- Backport dmmd from sles11/xen + block-dmmd + xen-qemu-iscsi-fix.patch + xen.spec + +------------------------------------------------------------------- +Thu Nov 26 10:53:16 CST 2009 - wkong@novell.com + +- Fix regression when create_vbd for tap + xend-tap-fix.patch + +------------------------------------------------------------------- +Tue Nov 24 11:01:22 MST 2009 - carnold@novell.com + +- Temporarily disable libxl because of libconfig dependency. + +------------------------------------------------------------------- +Thu Nov 19 11:32:12 CST 2009 - wkong@novell.com + +- fate#302864 domUloader support lvm in disk + domUloader.py + Note: for test in Beta1, if not good, remove it + +------------------------------------------------------------------- +Thu Nov 19 11:23:22 CST 2009 - wkong@novell.com + +- fate#302864 domUloader support fs on whole disk + domUloader.py + +------------------------------------------------------------------- +Fri Nov 6 16:51:31 CET 2009 - carnold@suse.de + +- Turn KMPs back on now that kernel side fix is checked in. + +------------------------------------------------------------------- +Tue Oct 20 15:09:14 MDT 2009 - jfehlig@novell.com + +- fate#304415 VMM: ability to switch networking mode + Add vif-route-ifup to handle routed configurations using + sysconfig scripts. + vif-route-ifup.patch + +------------------------------------------------------------------- +Mon Oct 19 17:21:25 CST 2009 - jsong@novell.com + +- fate#307540 USB for Xen VMs + usb-add.patch + +------------------------------------------------------------------- +Mon Oct 19 17:21:00 CST 2009 - jsong@novell.com + +- fate#305545 XEN extra descriptive field within xenstore + add_des.patch + +------------------------------------------------------------------- +Mon Oct 12 12:51:50 MDT 2009 - carnold@novell.com + +- Update to Xen version 3.5.0 for the following features. + fate#304226 XEN: FlexMigration feature of VT-x2 support + fate#305004 Add SR-IOV PF and VF drivers to Vt-d enabled Xen + fate#306830 T states in Xen controlling by MSR + fate#306832 Fix for xen panic on new processors + fate#306833 Westmere and Nehalem-EX: Add support for Pause Loop exiting feature for Xen + fate#306835 Xen: server virtual power management enhacement + fate#306837 VT-d2 - PCI SIG ATS support + fate#306872 Xen: Node manager support P/T-states change when Vt-d enable + fate#306873 Xen: SMP guest live migration may fail with hap=1 on NHM + fate#306875 Westmere: LT-SX (Xen) + fate#306891 RAS features for Xen: Add support for Machine Check and CPU/Memory online/offline features + fate#307322 1GB page support in Xen + fate#307324 Xen IOMMU support + +------------------------------------------------------------------- +Fri Oct 9 09:24:29 MDT 2009 - carnold@novell.com + +- bnc#541945 - xm create -x command does not work in SLES 10 SP2 or + SLES 11 + xm-create-xflag.patch + +------------------------------------------------------------------- +Thu Oct 8 22:44:04 MDT 2009 - jfehlig@novell.com + +- Minor enhancement to xen-updown.sh sysconfig hook + +------------------------------------------------------------------- +Mon Sep 28 16:34:19 CST 2009 - wkong@novell.com + +- Add patch ioemu-bdrv-open-CACHE_WB.patch + for install guest on tapdisk very very slow. + +------------------------------------------------------------------- +Fri Sep 25 15:08:12 MDT 2009 - jfehlig@novell.com + +- Add temporary workaround for race between xend writing and + qemu-dm reading from xenstore. The issue is preventing PV + domUs from booting as they have no backend console. + qemu-retry-be-status.patch +- bnc#520234 - npiv does not work with XEN + Update block-npiv +- bnc#496033 - Support for creating NPIV ports without starting vm + block-npiv-common.sh + block-npiv-vport + Update block-npiv +- bnc#500043 - Fix access to NPIV disk from HVM vm + Update xen-qemu-iscsi-fix.patch + +------------------------------------------------------------------- +Tue Sep 15 09:32:59 MDT 2009 - jfehlig@novell.com + +- bnc#513921 - Xen doesn't work get an eror when starting the + install processes or starting a pervious installed DomU + 20125-xc-parse-tuple-fix.patch + +------------------------------------------------------------------- +Wed Sep 2 10:12:18 MDT 2009 - carnold@novell.com + +- bnc#536176 - Xen panic when using iommu after updating hypervisor + 19380-vtd-feature-check.patch + +------------------------------------------------------------------- +Fri Aug 28 09:54:08 MDT 2009 - jfehlig@novell.com + +- bnc#530959 - virsh autostart doesn't work + Fixing this libvirt bug also required fixing xend's op_pincpu + method with upstream c/s 19580 + 19580-xend-pincpu.patch + +------------------------------------------------------------------- +Fri Aug 28 08:05:17 MDT 2009 - jbeulich@novell.com + +- bnc#534146 - Xen: Fix SRAT check for discontig memory + 20120-x86-srat-check-discontig.patch + +------------------------------------------------------------------- +Mon Aug 24 07:59:14 MDT 2009 - carnold@novell.com + +- bnc#491081 - Xen time goes backwards x3950M2 + 20112-x86-dom0-boot-run-timers.patch + +------------------------------------------------------------------- +Tue Aug 11 01:08:51 CEST 2009 - ro@suse.de + +- disable module build for ec2 correctly to fix build + (at the suse_kernel_module_package macro) + +------------------------------------------------------------------- +Mon Aug 10 16:21:00 EDT 2009 - ksrinivasan@novell.com + +- bnc#524071 - implemented workaround for a windows7 bug. + hv_win7_eoi_bug.patch + +------------------------------------------------------------------- +Mon Aug 3 11:53:37 MDT 2009 - jfehlig@novell.com + +- bnc#524180 - xend memory leak resulting in long garbage collector + runs + 20013-xend-memleak.patch + +------------------------------------------------------------------- +Fri Jul 31 13:22:09 MDT 2009 - carnold@novell.com + +- Upstream bugfixes from Jan. + 19896-32on64-arg-xlat.patch + 19960-show-page-walk.patch + 19945-pae-xen-l2-entries.patch + 19953-x86-fsgs-base.patch + 19931-gnttblop-preempt.patch + 19885-kexec-gdt-switch.patch + 19894-shadow-resync-fastpath-race.patch +- hvperv shim patches no longer require being applied conditionally + +------------------------------------------------------------------- +Wed Jul 29 08:47:50 MDT 2009 - jfehlig@novell.com + +- bnc#520234 - npiv does not work with XEN in SLE11 + Update block-npiv +- bnc#496033 - Support for creating NPIV ports without starting vm + block-npiv-common.sh + block-npiv-vport + Update block-npiv +- bnc#500043 - Fix access to NPIV disk from HVM vm + Update xen-qemu-iscsi-fix.patch + +------------------------------------------------------------------- +Wed Jul 15 11:52:31 MDT 2009 - carnold@novell.com + +- Don't build the KMPs for the ec2 kernel. + +------------------------------------------------------------------- +Thu Jul 2 12:45:32 MDT 2009 - jfehlig@novell.com + +- Upstream fixes from Jan Beulich + 19606-hvm-x2apic-cpuid.patch + 19734-vtd-gcmd-submit.patch + 19752-vtd-srtp-sirtp-flush.patch + 19753-vtd-reg-write-lock.patch + 19764-hvm-domain-lock-leak.patch + 19765-hvm-post-restore-vcpu-state.patch + 19767-hvm-port80-inhibit.patch + 19768-x86-dom0-stack-dump.patch + 19770-x86-amd-s3-resume.patch + 19801-x86-p2m-2mb-hap-only.patch + 19815-vtd-kill-correct-timer.patch +- Patch from Jan Beulich to aid in debugging bnc#509911 + gnttblop-preempt.patch + +------------------------------------------------------------------- +Tue Jun 23 15:32:14 CST 2009 - wkong@novell.com + +- bnc#515220 - qemu-img-xen snapshot Segmentation fault + qemu-img-snapshot.patch update + +------------------------------------------------------------------- +Tue Jun 9 13:52:07 CST 2009 - wkong@novell.com + +- bnc#504491 - drop write data when set read only disk in xen config + bdrv_open2_fix_flags.patch + bdrv_open2_flags_2.patch + +------------------------------------------------------------------- +Fri Jun 5 13:19:04 MDT 2009 - carnold@novell.com + +- Upstream fixes from Jan Beulich. + 19474-32on64-S3.patch + 19490-log-dirty.patch + 19492-sched-timer-non-idle.patch + 19493-hvm-io-intercept-count.patch + 19505-x86_64-clear-cr1.patch + 19519-domctl-deadlock.patch + 19523-32on64-restore-p2m.patch + 19555-ept-live-migration.patch + 19557-amd-iommu-ioapic-remap.patch + 19560-x86-flush-tlb-empty-mask.patch + 19571-x86-numa-shift.patch + 19578-hvm-load-ldt-first.patch + 19592-vmx-exit-reason-perfc-size.patch + 19595-hvm-set-callback-irq-level.patch + 19597-x86-ioport-quirks-BL2xx.patch + 19602-vtd-multi-ioapic-remap.patch + 19631-x86-frametable-map.patch + 19653-hvm-vcpuid-range-checks.patch + +------------------------------------------------------------------- +Wed Jun 05 10:35:18 MDT 2009 - jsong@novell.com + +- bnc#382112 - Caps lock not being passed to vm correctly. + capslock_enable.patch + +------------------------------------------------------------------- +Wed May 27 10:35:18 MDT 2009 - jfehlig@novell.com + +- bnc#506833 - Use pidof in xend and xendomains init scripts + +------------------------------------------------------------------- +Wed May 27 09:39:25 MDT 2009 - jsong@novell.com +- bnc#484778 - XEN: PXE boot of FV domU using non-Realtek NIC fails + enable_more_nic_pxe.patch + +------------------------------------------------------------------- +Wed May 27 09:38:40 MDT 2009 - jsong@novell.com +cross-migrate.patch +- bnc#390961 - cross-migration of a VM causes it to become + unresponsive (remains paused after migration) + +------------------------------------------------------------------- +Tue May 19 10:58:40 MDT 2009 - carnold@novell.com + +- Patches taken to fix the xenctx tool. The fixed version of this + tool is needed to debug bnc#502735. + 18962-xc_translate_foreign_address.patch + 18963-xenctx.patch + 19168-hvm-domctl.patch + 19169-remove-declare-bitmap.patch + 19170-libxc.patch + 19171-xenctx.patch + 19450-xc_translate_foreign_address.patch + +------------------------------------------------------------------- +Mon May 18 16:15:57 CST 2009 - wkong@novell.com +-bnc#485770 - check exsit file for save and snapshot-create + xm-save-check-file.patch + snapshot-xend.patch + +------------------------------------------------------------------- +Mon May 18 15:06:41 CST 2009 - wkong@novell.com +-bnc#503782 - Using converted vmdk image does not work + ioemu-tapdisk-compat-QEMU_IMG.patch + +------------------------------------------------------------------- +Thu May 14 10:54:03 MDT 2009 - jfehlig@novell.com + +- bnc#503332 - Remove useless qcow tools + /usr/sbin/{qcow-create,img2qcow,qcow2raw} from xen-tools package. + +------------------------------------------------------------------- +Wed May 13 09:59:50 CST 2009 - jsong@novell.com +- bnc#474738 - adding CD drive to VM guest makes it unbootable. + parse_boot_disk.patch + +------------------------------------------------------------------- +Mon May 11 18:49:50 CST 2009 - wkong@novell.com +- bnc#477892 - snapshot windows can't accomplish. + snapshot-xend.patch + +------------------------------------------------------------------- +Tue Apr 28 11:57:00 MDT 2009 - carnold@novell.com + +- bnc#495300 - L3: Xen unable to PXE boot Windows based DomU's + 18545-hvm-gpxe-rom.patch, 18548-hvm-gpxe-rom.patch + +------------------------------------------------------------------- +Mon Apr 27 10:42:17 MDT 2009 - jfehlig@novell.com + +- bnc#459836 - Fix rtc_timeoffset when localtime=0 + xend-timeoffset.patch + +------------------------------------------------------------------- +Wed Apr 22 14:50:35 MDT 2009 - carnold@novell.com + +- bnc#497440 - xmclone.sh script incorrectly handles networking for + SLE11. + +------------------------------------------------------------------- +Fri Apr 17 16:21:36 MDT 2009 - wkong@novell.com +- bnc#477890 - VM becomes unresponsive after applying snapshot + +------------------------------------------------------------------- +Wed Apr 15 16:34:08 MDT 2009 - jfehlig@novell.com + +- bnc#494892 - Update xend-domain-lock.patch to flock the lock + file. + +------------------------------------------------------------------- +Wed Apr 8 16:30:14 EDT 2009 - ksrinivasan@novell.com + +- bnc#439639 - SVVP Test 273 System - Sleep Stress With IO" fails + +Turned off s3/s4 sleep states for HVM guests. + +------------------------------------------------------------------- +Tue Apr 7 21:55:14 MDT 2009 - jsong@novell.com + +- bnc#468169 - fix domUloader to umount the mounted device mapper target in dom0 + when install a sles10 guest with disk = /dev/disk/by_path + +------------------------------------------------------------------- +Thu Apr 2 16:03:25 MDT 2009 - jfehlig@novell.com + +- bnc#488490 - domUloader can't handle block device names with ':' +- bnc#486244 - vms fail to start after reboot when using qcow2 + +------------------------------------------------------------------- +Tue Mar 31 15:00:50 MDT 2009 - carnold@novell.com + +- bnc#490835 - VTd errata on Cantiga chipset + 19230-vtd-mobile-series4-chipset.patch + +------------------------------------------------------------------- +Mon Mar 30 15:03:16 MDT 2009 - carnold@novell.com + +- bnc#482515 - Missing dependency in xen.spec + +------------------------------------------------------------------- +Thu Mar 26 09:17:00 MDT 2009 - carnold@novell.com + +- Additional upstream bug fix patches from Jan Beulich. + 19132-page-list-mfn-links.patch + 19134-fold-shadow-page-info.patch + 19135-next-shadow-mfn.patch + 19136-page-info-rearrange.patch + 19156-page-list-simplify.patch + 19161-pv-ldt-handling.patch + 19162-page-info-no-cpumask.patch + 19216-msix-fixmap.patch + 19268-page-get-owner.patch + 19293-vcpu-migration-delay.patch + 19391-vpmu-double-free.patch + 19415-vtd-dom0-s3.patch + +------------------------------------------------------------------- +Wed Mar 25 13:55:25 MDT 2009 - carnold@novell.com + +- Imported numerous upstream bug fix patches. + 19083-memory-is-conventional-fix.patch + 19097-M2P-table-1G-page-mappings.patch + 19137-lock-domain-page-list.patch + 19140-init-heap-pages-max-order.patch + 19167-recover-pat-value-s3-resume.patch + 19172-irq-to-vector.patch + 19173-pci-passthrough-fix.patch + 19176-free-irq-shutdown-fix.patch + 19190-pciif-typo-fix.patch + 19204-allow-old-images-restore.patch + 19232-xend-exception-fix.patch + 19239-ioapic-s3-suspend-fix.patch + 19240-ioapic-s3-suspend-fix.patch + 19242-xenstored-use-after-free-fix.patch + 19259-ignore-shutdown-deferrals.patch + 19266-19365-event-channel-access-fix.patch + 19275-19296-schedular-deadlock-fixes.patch + 19276-cpu-selection-allocation-fix.patch + 19302-passthrough-pt-irq-time-out.patch + 19313-hvmemul-read-msr-fix.patch + 19317-vram-tracking-fix.patch + 19335-apic-s3-resume-error-fix.patch + 19353-amd-migration-fix.patch + 19354-amd-migration-fix.patch + 19371-in-sync-L1s-writable.patch + 19372-2-on-3-shadow-mode-fix.patch + 19377-xend-vnclisten.patch + 19400-ensure-ltr-execute.patch + 19410-virt-to-maddr-fix.patch + +------------------------------------------------------------------- +Mon Mar 9 16:28:27 MDT 2009 - jfehlig@novell.com + +- bnc#483565 - Fix block-iscsi script. + Updated block-iscsi and xen-domUloader.diff + +------------------------------------------------------------------- +Mon Mar 9 16:06:03 MDT 2009 - carnold@novell.com + +- bnc#465814 - Mouse stops responding when wheel is used in Windows + VM. + mouse-wheel-roll.patch (James Song) +- bnc#470704 - save/restore of windows VM throws off the mouse + tracking. + usb-save-restore.patch (James Song) + +------------------------------------------------------------------- +Thu Mar 5 15:35:30 MST 2009 - jfehlig@novell.com + +- bnc#436629 - Use global vnc-listen setting specified in xend + configuration file. + xend-vnclisten.patch +- bnc#482623 - Fix pygrub to append user-supplied 'extra' args + to kernel args. + 19234_pygrub.patch + +------------------------------------------------------------------- +Thu Mar 5 13:52:48 MST 2009 - carnold@novell.com + +- bnc#481161 upgrade - sles10sp2 to sles11 upgrade keeps + xen-tools-ioemu + +------------------------------------------------------------------- +Tue Mar 3 16:11:39 CET 2009 - kukuk@suse.de + +- Don't load 8139* driver if xen-vnif works [bnc#480164] + +------------------------------------------------------------------- +Fri Feb 27 18:32:01 MST 2009 - carnold@novell.com + +- bnc#480164 - Default network proposal in fully virtualized + SLES 11 VM is invalid. + xen_pvdrivers + +------------------------------------------------------------------- +Thu Feb 26 15:05:38 MST 2009 - carnold@novell.com + +- bnc#474822 - L3: Win2003 i386 XEN VM can see only 2 TB with a + 4TB LUN. + int13_hardisk-64bit-lba.patch + +------------------------------------------------------------------- +Wed Feb 25 11:52:16 MST 2009 - jfehlig@novell.com + +- bnc#477890 - Destroy domain if snapshot restore fails. + Updated snapshot-xend.patch + +------------------------------------------------------------------- +Tue Feb 24 14:13:35 EST 2009 - ksrinivasan@novell.com + +- bnc#470238 - SLE11 32FV guest is hanging during certification + tests. + bnc#468265 - Xen guest shows duplicate drives + bnc#469598 - SLES11 RC2 64bit Xen - SLES11 full virt guests + hanging under load. + disable_emulated_device.diff + +------------------------------------------------------------------- +Tue Feb 24 16:03:35 CET 2009 - kwolf@suse.de + +- bnc#477892 - Disable xend timeout for snapshots + Updated snapshot-xend.patch + +------------------------------------------------------------------- +Tue Feb 24 14:28:52 CET 2009 - kwolf@suse.de + +- bnc#477895 - Fix detaching blktap disks from domains without + device model + Updated blktap-ioemu-close-fix.patch + +------------------------------------------------------------------- +Fri Feb 20 11:46:12 CET 2009 - kwolf@suse.de + +- bnc#472390 - Enable debuginfo for ioemu + ioemu-debuginfo.patch + +------------------------------------------------------------------- +Thu Feb 19 08:40:07 MST 2009 - carnold@novell.com + +- bnc#473883 - Xen: 64 bit guest crashes with qemu-dm segfault + qemu-dm-segfault.patch + +------------------------------------------------------------------- +Wed Feb 18 15:33:17 MST 2009 - jfehlig@novell.com + +- bnc#437776 - Remove tracing (bash -x) from network-nat script + network-nat.patch + +------------------------------------------------------------------- +Wed Feb 18 15:19:21 MST 2009 - jfehlig@novell.com + +- bnc#473815 - Handle NULL return when reading a xenstore path. + Updated blktap-error-handling.patch + +------------------------------------------------------------------- +Wed Feb 18 20:52:23 CET 2009 - kwolf@suse.de + +- Fix VHD image support for > 4 GB (offsets truncated to 32 bits) + ioemu-vpc-4gb-fix.patch + +------------------------------------------------------------------- +Thu Feb 12 12:03:44 EST 2009 - ksrinivasan@novell.com + +- bnc#468660 - Fix migration from sles10 to sles11 on Intel. + old-arbytes.patch + +------------------------------------------------------------------- +Thu Feb 12 08:17:31 MST 2009 - carnold@novell.com + +- bnc#473800 - If VT-d is enabled, Dom0 fails to boot up on + Nehalem-HEDT platform. + 19198-fix-snoop.patch + 19154-snoop-control.patch + +------------------------------------------------------------------- +Thu Feb 5 12:03:44 MST 2009 - jfehlig@novell.com + +- bnc#470133 - Better error handling in xm when not booted Xen + 19153-xm-noxen-error.patch + +------------------------------------------------------------------- +Wed Feb 4 20:35:41 CET 2009 - kwolf@suse.de + +- bnc#472075 - Fix ioemu to initialize its blktap backend also for + fully virtualized guests + ioemu-blktap-fv-init.patch + +------------------------------------------------------------------- +Tue Feb 3 13:35:28 MST 2009 - jfehlig@novell.com + +- bnc#470855 - Add note to xm man page on how to detach domain + console + 19152-xm-man-page.patch + +------------------------------------------------------------------- +Mon Feb 2 14:15:55 MST 2009 - jfehlig@novell.com + +- bnc#471090 - XendAPIStore: Do not remove non-existent item + class list + 19151-xend-class-dereg.patch + +------------------------------------------------------------------- +Mon Feb 2 10:41:05 MST 2009 - carnold@novell.com + +- bnc#470949 - user mode application may crash kernel + 19088-x86-page-non-atomic-owner.patch (Jan Beulich) + 19089-x86_64-widen-page-refcounts.patch + 19103-x86_64-fold-page-lock.patch + x86_64-page-info-pack.patch + x86_64-sh-next-shadow.patch + +------------------------------------------------------------------- +Fri Jan 23 11:47:31 MST 2009 - carnold@novell.com + +- Intel - Remove improper operating condition that results in a + machine check. + 19072-vmx-pat.patch + 19079-snp_ctl-1.patch + +------------------------------------------------------------------- +Fri Jan 23 11:45:16 CET 2009 - kwolf@suse.de + +- bnc#465379 - Fix blktap error handling + blktap-error-handling.patch + +------------------------------------------------------------------- +Thu Jan 22 08:36:40 MST 2009 - carnold@novell.com + +- bnc#435219 - XEN pv-driver doesn't work + +------------------------------------------------------------------- +Thu Jan 22 14:17:00 CET 2009 - jbeulich@novell.com + +- Fix unmaskable MSI handling. + 18778-msi-irq-fix.patch + +------------------------------------------------------------------- +Wed Jan 21 16:33:16 MST 2009 - jfehlig@novell.com + +- bnc#467883 - Squelch output of xen-updown.sh sysconfig hook + script and don't save state of tap devices not belonging to Xen. + +------------------------------------------------------------------- +Wed Jan 21 08:15:31 MST 2009 - carnold@novell.com + +- bnc#467807 - Xen: IRQs stop working + xen-ioapic-ack-default.diff + +------------------------------------------------------------------- +Fri Jan 16 14:20:08 MST 2009 - carnold@novell.com + +- bnc#447178 - xm dump-core does not work for cross-bitness guest. + 19046-cross-bit-coredumping.patch + 19048-cross-bit-coredumping.patch + 19051-cross-bit-coredumping.patch + +------------------------------------------------------------------- +Thu Jan 15 10:26:13 MST 2009 - brieske@novell.com + +- bnc#429637 - SSVP SMBIOS HCT Test failing + 19027-hvmloader-SMBIOS-dev-mem-boundary.patch + +------------------------------------------------------------------- +Wed Jan 14 08:22:08 MST 2009 - carnold@novell.com + +- bnc#460805 - Unable to boot with Xen kernel with IBM T42p / T41p + 19039-x86-propagate-nolapic.patch + 19038-x86-no-apic.patch + +------------------------------------------------------------------- +Mon Jan 5 10:14:41 MST 2009 - carnold@novell.com + +- bnc#435596 - dom0 S3 resume fails if disk drive is set as AHCI + mode. + 18937-S3-MSI.patch +- Final Xen 3.3.1 FCS changeset 18546 + +------------------------------------------------------------------- +Mon Dec 29 09:16:20 MST 2008 - carnold@novell.com + +- bnc#436021 - On PAE host with EPT enabled, booting a HVM guest + with 4G memory will cause Xen hang. + 18943-amd-32bit-paging-limit.patch + +------------------------------------------------------------------- +Mon Dec 22 14:18:15 MST 2008 - carnold@novell.com + +- bnc#461596 - Failue to load 64-bit HVM Solaris 10U6 DomU with 2 + vcpus. Update to RC4 contains fix in c/s 18538. + +------------------------------------------------------------------- +Mon Dec 22 11:27:38 MST 2008 - jfehlig@novell.com + +- bnc#379032 and bnc#404014 - Fix loop device leak in domUloader + +------------------------------------------------------------------- +Wed Dec 17 16:32:12 CET 2008 - kwolf@suse.de + +- bnc#456758 - Allow all block device types for which a script + exists in /etc/xen/scripts besides file, tap and phy. + reenable-block-protocols.patch + +------------------------------------------------------------------- +Mon Dec 15 10:30:25 MST 2008 - carnold@novell.com + +- Patch cleanup. Updated tarball with several of our stand-alone + but now upstream patches (c/s 18536). + +------------------------------------------------------------------- +Fri Dec 5 15:47:31 CET 2008 - kwolf@suse.de + +- bnc#404014 - Fix memory leak in libxenguest during domain + creation + libxc-zlib-memleak.patch + +------------------------------------------------------------------- +Thu Dec 4 11:45:55 MST 2008 - jfehlig@novell.com + +- bnc#456511 - Fix domain name change after checkpoint/shutdown + events. + +------------------------------------------------------------------- +Tue Dec 2 15:57:03 MST 2008 - carnold@novell.com + +- Fixed xmclone.sh. It calls lomount which no longer exists in the + distro. + +------------------------------------------------------------------- +Tue Nov 25 15:09:12 CET 2008 - kwolf@suse.de + +- Fix the build. Build system seems to be unhappy about having two + copies of the xenstore binary (this is not a proper fix in fact + as the build error says the two files are not identical - they + are hardlinks, so this seems unlikely to be the real cause). + + tmp_build.patch + +------------------------------------------------------------------- +Mon Nov 24 14:24:06 MST 2008 - jfehlig@novell.com + +- bnc#448364 - Fix cpu affinity on save/restore/migrate + +------------------------------------------------------------------- +Thu Nov 20 19:57:19 CET 2008 - kwolf@suse.de + +- bnc#444731 - Fix data corruption bug (caused by broken x86 + emulation for movnti instruction) + + xen-x86-emulate-movnti.patch + +------------------------------------------------------------------- +Wed Nov 19 20:14:54 CET 2008 - kwolf@suse.de + +- Report device model errors during the creation of snapshots + to xend instead of failing silently + +------------------------------------------------------------------- +Wed Nov 19 16:27:01 CET 2008 - kwolf@suse.de + +- bnc#445659 - ioemu: Workaround for VNC client initialization + race with xenfb changing the resolution (caused VNC connection + to be closed, vm-install recognized this as failed installation) + + ioemu-vnc-resize.patch + +------------------------------------------------------------------- +Tue Nov 18 08:11:34 MST 2008 - carnold@novell.com + +- bnc#444203 - With EPT mode4, HVM S3 causes Xen HV crash. + 18783-hvm-vcpu-reset-state-fix.patch + +------------------------------------------------------------------- +Mon Nov 17 09:14:12 MST 2008 - carnold@novell.com + +- bnc#444731 - Blackscreen instead of second stage during + installation + 18766-realmode-stack-size-fix.patch + +------------------------------------------------------------------- +Thu Nov 13 09:22:54 MST 2008 - carnold@novell.com + +- bnc#429739 - Network failure with bnx2 when booted to XEN + 18778-msi-irq-fix.patch + +------------------------------------------------------------------- +Wed Nov 12 19:07:11 CET 2008 - kwolf@suse.de + +- bnc#444197 - Add udev rule to fix domUloader race with + automounter (udev-rules.patch) + +------------------------------------------------------------------- +Sun Nov 9 23:54:34 CET 2008 - ro@suse.de + +- disable kmp to fix build again + +------------------------------------------------------------------- +Fri Nov 7 13:49:09 CET 2008 - kwolf@suse.de + +- Fix merge damage which prevented disks to be snapshotted when + not in disk-only snapshot mode + +------------------------------------------------------------------- +Wed Nov 5 17:22:30 CET 2008 - kwolf@suse.de + +- bnc#435195 - Fix error handling for blktap devices and ioemu; + check for images smaller than a sector and abort (causes hangs + of the complete blktap stack otherwise) + + ioemu-blktap-zero-size.patch + +------------------------------------------------------------------- +Mon Nov 3 10:30:49 MST 2008 - plc@novell.com + +- bnc#436572 - L3: vm serial port configuration and access is not + persistent across dom0 reboot + +------------------------------------------------------------------- +Wed Oct 29 11:50:45 MDT 2008 - carnold@novell.com + +- bnc#436926 - Xen hypervisor crash + +------------------------------------------------------------------- +Tue Oct 28 21:17:12 MDT 2008 - jfehlig@novell.com + +- bnc#438927 - Fix migration bug in xend + +------------------------------------------------------------------- +Tue Oct 28 18:19:52 CET 2008 - carnold@suse.de + +- disable KMP, does not build with current kernel + +------------------------------------------------------------------- +Fri Oct 24 13:01:41 MDT 2008 - jfehlig@novell.com + +- bnc#437756 - Fix default netdev device in network-route + +------------------------------------------------------------------- +Wed Oct 22 10:38:58 MDT 2008 - jfehlig@novell.com + +- bnc#434560 - Remove local patch that prevents creating PV vif + when "type=ioemu" is specified in guest vif config. This patch + is causing several problems with recent changes to xenstore + layout. + +------------------------------------------------------------------- +Wed Oct 22 09:10:45 MDT 2008 - jfehlig@novell.com + +- bnc#431758 - Added upstream changeset 18654 to prevent setting + vcpus > VCPUs_max on running domain. + +------------------------------------------------------------------- +Tue Oct 21 10:28:55 MDT 2008 - carnold@novell.com + +- Update to changeset 18455. + +------------------------------------------------------------------- +Fri Oct 17 08:52:44 CEST 2008 - olh@suse.de + +- add ExclusiveArch x86 x86_64 + +------------------------------------------------------------------- +Wed Oct 15 01:32:18 MDT 2008 - jfehlig@novell.com + +- bnc#433722 - Fix handling of default bridge in qemu-ifup. + +------------------------------------------------------------------- +Mon Oct 13 10:51:51 MDT 2008 - carnold@novell.com + +- bnc#431324 - Cannot boot from XEN kernel + +------------------------------------------------------------------- +Mon Oct 13 14:27:35 CEST 2008 - kwolf@suse.de + +- blktapctrl: Close connection to tapdisk-ioemu only if there are + no more attached disks + blktap-ioemu-close-fix.patch +- blktapctrl: If tapdisk-ioemu has been shut down and a new + instance is needed, fix saving the PID of the new instance + +------------------------------------------------------------------- +Thu Oct 2 16:23:15 MDT 2008 - jfehlig@novell.com + +- bnc#431737 - Fix use of deprecated python constructs in xend + +------------------------------------------------------------------- +Mon Sep 29 10:36:07 MDT 2008 - carnold@novell.com + +- Update to c/s 18430, remove our versions of upstream patches. +- fate#303867 - minimum HVM domain limits. Pulled upstream + patches for supporting up to 255 cpus. + +------------------------------------------------------------------- +Fri Sep 26 18:09:13 CEST 2008 - kwolf@suse.de + +- bnc#430222 - Fixed block-attach for tap:aio images + +------------------------------------------------------------------- +Thu Sep 25 13:30:33 CEST 2008 - kwolf@suse.de + +- bnc#429801 - Fixed xm start -c / --vncviewer + xm-start-fix.patch + +------------------------------------------------------------------- +Wed Sep 24 15:44:43 MDT 2008 - carnold@novell.com + +- bnc#382401 - xm man page missing information for commands. + +------------------------------------------------------------------- +Wed Sep 17 14:57:29 MDT 2008 - carnold@novell.com + +- Pulled some upstream patches for Intel and AMD microcode fixes. + +------------------------------------------------------------------- +Tue Sep 16 10:51:44 MDT 2008 - carnold@novell.com + +- Update to changeset 18412. Contains several bug fixes including + a crash fix in qemu-dm and also various memory leaks fixes. + +------------------------------------------------------------------- +Mon Sep 15 10:48:35 MDT 2008 - carnold@novell.com + +- Fix parameters in call to kill_proc_info (pv drivers). +- Add conditional for use of smp_call_function so the pv drivers + can be built on older kernel versions. + +------------------------------------------------------------------- +Thu Sep 11 12:42:05 MDT 2008 - brogers@novell.com + +- Added gdbserver-xen to the set of tools we build. + fate#302942 + +------------------------------------------------------------------- +Thu Sep 11 10:32:17 MDT 2008 - jfehlig@novell.com + +- Added ocfs2 to Should-Start in xendomains init script + +------------------------------------------------------------------- +Wed Sep 10 20:47:45 MDT 2008 - plc@novell.com + +- Added pv cdrom support to blktap + fate#300964 + +------------------------------------------------------------------- +Wed Sep 10 14:06:51 MDT 2008 - jfehlig@novell.com + +- Removed invocation of network-bridge script from xend-config.sxp. + Networks are now created through yast2-network package. +- Added sysconfig hook script for Xen to cope with ifup/ifdown + events on network devices (e.g. bridges) in use by virtual + machines. + fate#303386 + +------------------------------------------------------------------- +Mon Sep 8 08:53:25 MDT 2008 - carnold@novell.com + +- Updated to xen version 3.3.1 RC changeset 18390. + +------------------------------------------------------------------- +Wed Sep 3 21:07:56 CEST 2008 - kwolf@suse.de + +- Snapshots: Fix xend API functions for libvirt usage + +------------------------------------------------------------------- +Mon Sep 1 08:56:32 MDT 2008 - carnold@novell.com + +- Fix problems building KMPs against the 2.6.27 kernel. + +------------------------------------------------------------------- +Fri Aug 29 06:39:21 MDT 2008 - plc@novell.com + +- Added 'tap' to the type of devices for HalDaemon.py to + scan for change of xenstore attribute media-present. + +------------------------------------------------------------------- +Wed Aug 27 12:21:19 MDT 2008 - jfehlig@novell.com + +- Don't create pv vif device if emulated network device is + explicitly specified in guest config. + +------------------------------------------------------------------- +Fri Aug 22 08:37:49 MDT 2008 - carnold@novell.com + +- Updated to xen-unstable changeset 18358 Xen 3.3.0 FCS. + +------------------------------------------------------------------- +Wed Aug 20 13:59:45 MDT 2008 - carnold@novell.com + +- Updated to xen-unstable changeset 18353 RC7. + +------------------------------------------------------------------- +Wed Aug 20 15:08:19 CEST 2008 - kwolf@suse.de + +- Implementation of xm snapshot-delete + snapshot-ioemu-delete.patch, snapshot-xend.patch +- Add snapshot options to qemu-img-xen + qemu-img-snapshot.patch + +------------------------------------------------------------------- +Tue Aug 19 10:27:05 MDT 2008 - carnold@novell.com + +- Enable kboot and kexec patches. + +------------------------------------------------------------------- +Mon Aug 18 11:13:55 MDT 2008 - carnold@novell.com + +- Updated to xen-unstable changeset 18335 RC5. + +------------------------------------------------------------------- +Mon Aug 18 17:17:25 CEST 2008 - carnold@suse.de + +- Removed git dependency. Instead use a static version of + ioemu-remote. + +------------------------------------------------------------------- +Thu Aug 14 17:58:06 MDT 2008 - jfehlig@novell.com + +- Added patch to prevent starting same domU from multiple hosts. + Feature is disabled by default - see /etc/xen/xend-config.sxp. + fate#305062 + +------------------------------------------------------------------- +Mon Aug 11 16:42:18 MDT 2008 - jfehlig@novell.com + +- Added python-openssl to Requires list for xen-tools. This + package is required if SSL relocation is enabled by user. + +------------------------------------------------------------------- +Mon Aug 11 14:44:03 MDT 2008 - carnold@novell.com + +- Updated to xen-unstable changeset 18309. Pre 3.3.0-rc4. + +------------------------------------------------------------------- +Sat Aug 9 13:22:37 MDT 2008 - jfehlig@novell.com + +- Disabled xend-relocation-ssl-server for now. Certificates must + be created and feature needs testing. + +------------------------------------------------------------------- +Fri Aug 8 15:34:04 MDT 2008 - carnold@novell.com + +- Update to xen-unstable changeset 18269 post RC3. Reverse + version back to 3.3.0 from 4.0.0. + +------------------------------------------------------------------- +Wed Aug 6 10:30:51 MDT 2008 - carnold@novell.com + +- Updated to xen-unstable changeset 18242. Version changes from + 3.3.0 to 4.0.0 + +------------------------------------------------------------------- +Thu Aug 4 10:25:01 MDT 2008 - carnold@novell.com + +- Updated to xen-unstable changeset 18210. Post 3.3.0-rc2. + +------------------------------------------------------------------- +Tue Jul 8 16:39:42 MDT 2008 - carnold@novell.com + +- Updated to xen-unstable changeset 17990. + +------------------------------------------------------------------- +Tue Jul 8 15:09:51 MDT 2008 - kwolf@suse.de + +- ioemu: Write barriers for blktap devices + ioemu-blktap-barriers.patch + +------------------------------------------------------------------- +Thu Jul 3 13:28:35 MDT 2008 - kwolf@suse.de + +- blktapctrl defaults to using ioemu instead of tapdisk now + blktapctrl-default-to-ioemu.patch +- Now that ioemu is default, it can be called with image paths + starting e.g. with tap:qcow2. If the image format is specified, + it has to be respected and no guessing on the image file must + happen. + ioemu-blktap-image-format.patch +- qcow2: Read/Write multiple sectors at once if possible to + improve performance. + ioemu-qcow2-multiblock-aio.patch + +------------------------------------------------------------------- +Thu Jun 12 14:12:05 MDT 2008 - kwolf@novell.com + +- Add snapshot support to ioemu and blktapctrl + snapshot-ioemu-save.patch + snapshot-ioemu-restore.patch + +------------------------------------------------------------------- +Fri Jun 6 08:56:56 MDT 2008 - jfehlig@novell.com + +- bnc#397890 - Create and own /var/lib/xen/dump + +------------------------------------------------------------------- +Thu Jun 5 11:02:32 MDT 2008 - kwolf@novell.com + +- Fix tapdisk for qcow2 images > 2 GB + 1xxxx-qcow2-2gb-bug.patch + +------------------------------------------------------------------- +Thu Jun 5 10:34:29 MDT 2008 - jfehlig@novell.com + +- Updated to xen-unstable changeset 17772. + +------------------------------------------------------------------- +Tue May 27 13:29:22 MDT 2008 - plc@novell.com + +- bnc#381368 - boot qcow image fix. + +------------------------------------------------------------------- +Fri May 23 09:13:59 MDT 2008 - jfehlig@novell.com + +- bnc#378595 - Revert patch that disables use of ifup/ifdown. + ifup-bridge in sysconfig has been fixed so patch is no longer + needed. Calling ifdown on bridge now removes ports and deletes + bridge, so network-bridge no longer needs to do these tasks. + +------------------------------------------------------------------- +Fri May 16 15:29:26 MDT 2008 - carnold@novell.com + +- bnc#390985 - xm man page needs FIXME sections to be fixed + xen-fixme-doc.diff + +------------------------------------------------------------------- +Wed May 14 11:00:42 MDT 2008 - carnold@novell.com + +- bnc#375322 - L3:timer went backwards + x86-domain-shutdown-latency.patch + +------------------------------------------------------------------- +Sat May 10 12:56:24 MDT 2008 - plc@novell.com + +- bnc#388969 - Shift tab traversal does not work + xen-shift-key.patch +- bnc#384277 - PVFB security hole + xen-pvfb-security.patch +- bnc#385586 - VNC windows size too small + xen-vnc-resize.patch + +------------------------------------------------------------------- +Fri Apr 25 13:24:39 MDT 2008 - carnold@novell.com + +- bnc#383513 - Unknown unit 'K' in Xen's logrotate config file. + +------------------------------------------------------------------- +Tue Apr 25 08:23:37 MDT 2008 - carnold@novell.com + +- Update to Xen 3.2.1 FCS changeset 16881. + +------------------------------------------------------------------- +Fri Apr 11 08:38:21 MDT 2008 - carnold@novell.com + +- Update to Xen 3.2.1 RC5 changeset 16864. + +------------------------------------------------------------------- +Thu Apr 10 17:32:15 MDT 2008 - jfehlig@novell.com + +- bnc#378595 - Do not use ifup/ifdown in network-bridge for now. + +------------------------------------------------------------------- +Mon Mar 24 16:47:56 MDT 2008 - carnold@novell.com + +- bnc#373194 - The xen module and the kernel for Dom0 don't match. +- Add ncurses-devel build dependency + +------------------------------------------------------------------- +Mon Mar 24 10:56:35 MDT 2008 - carnold@novell.com + +- Update to Xen 3.2.1 RC1 changeset 16820. + +------------------------------------------------------------------- +Thu Mar 20 09:38:03 CET 2008 - coolo@suse.de + +- 3.1.0 is unfortunately not enough to obsolete 3.1.0_ + in rpm terms + +------------------------------------------------------------------- +Fri Mar 14 16:58:04 CET 2008 - carnold@novell.com + +- Update to Xen 3.2.1 changeset 16805. + +------------------------------------------------------------------- +Fri Mar 14 11:20:22 CET 2008 - coolo@suse.de + +- ipcalc does not exist - and breaks pattern + +------------------------------------------------------------------- +Wed Mar 12 12:28:34 MDT 2008 - jfehlig@novell.com + +- Increased dom0-min-mem value to 512Mb in xend-config.sxp + bnc#370007 + +------------------------------------------------------------------- +Mon Mar 10 16:38:47 MDT 2008 - jfehlig@novell.com + +- Fixed initialization of default VM config values when creating + VMs through Xen API. bnc#368273 + +------------------------------------------------------------------- +Mon Mar 10 14:11:52 MDT 2008 - jfehlig@novell.com + +- Removed unused/untested xend-relocation script. + +------------------------------------------------------------------- +Fri Mar 7 15:44:36 MST 2008 - jfehlig@novell.com + +- Set device model when creating pvfb consoles via XenAPI. + bnc#367851 + +------------------------------------------------------------------- +Fri Mar 7 09:28:58 MST 2008 - jfehlig@novell.com + +- Ensure dhcpcd is activated, if appropriate, on bridges created + by network-multinet. bnc#364633 + +------------------------------------------------------------------- +Fri Feb 29 09:58:06 MST 2008 - carnold@novell.com + +- bnc#357966 - VT-D dosen't work for HVM guest. + +------------------------------------------------------------------- +Fri Feb 29 08:35:11 MST 2008 - plc@novell.com + +- Send UNIT_ATTENTION when CD drive has newly inserted media and + becomes ready. bnc#365386 + +------------------------------------------------------------------- +Thu Feb 28 16:42:16 MST 2008 - jfehlig@novell.com + +- Updated block-iscsi script and xen-domUloader patch, bnc #365385 + +------------------------------------------------------------------- +Thu Feb 28 11:34:52 MST 2008 - carnold@novell.com + +- Add support for Intel EPT / VPID. + +------------------------------------------------------------------- +Tue Feb 26 14:12:17 MST 2008 - carnold@novell.com + +- bnc#362415 - SLE-based installs 32-bit fully-virtualized have + network problems during installs. +- bnc#358244 - Time remaining does not change properly for FV SLES10 + SP2 guest. +- bnc#363053 - Install remaining time always shows 2:00:00 + +------------------------------------------------------------------- +Tue Feb 26 10:37:11 MST 2008 - carnold@novell.com + +- bnc#359457 - Xen full virt has data integrity issue. + +------------------------------------------------------------------- +Tue Feb 26 08:34:17 MST 2008 - plc@novell.com + +- Tranlate colors from 32 bit to 16 bit when viewing a 32 bit PV + VM from a 16 bit client. bnc#351470 + Also includes upstream mouse queue patch. + +------------------------------------------------------------------- +Fri Feb 22 17:57:38 MST 2008 - jfehlig@novell.com + +- Added PAM configuration files for remote authentication via + Xen API. bnc #353464 + +------------------------------------------------------------------- +Tue Feb 19 13:22:32 MST 2008 - carnold@novell.com + +- Fix PV drivers for HVM guests. + +------------------------------------------------------------------- +Fri Feb 15 14:08:35 MST 2008 - carnold@novell.com + +- Support for pxe booting fully virtualized guests in vm-install is + complete. + +------------------------------------------------------------------- +Thu Feb 14 11:47:50 MST 2008 - carnold@novell.com + +- Added upstream changesets that fix various bugs. + 16859 16929 16930 16945 16947 16962 16976 16980 16995 16998 17036 + +------------------------------------------------------------------- +Wed Feb 13 17:42:17 MST 2008 - jfehlig@novell.com + +- Updated network-multinet + - Simplify bridge creation + - Create traditional bridge and hostonly networks by default + +------------------------------------------------------------------- +Fri Feb 8 11:01:49 MST 2008 - jfehlig@novell.com + +- Added upstream changesets 16932, 16965, 16977, and 16988 to fix + various bugs in tool stack +- Also added upstream changeset 16989 to complete fate #302941. + +------------------------------------------------------------------- +Mon Feb 4 14:01:56 MST 2008 - plc@novell.com + +- Replaced xen-blktab-subtype-strip.patch with official upstream + changeset for bnc#353065. + +------------------------------------------------------------------- +Fri Feb 1 16:11:59 MST 2008 - carnold@novell.com + +- Update to xen 3.2 FCS. Changeset 16718 +- Merge xen-tools and xen-tools-ioemu into xen-tools. + +------------------------------------------------------------------- +Wed Dec 19 16:16:36 MST 2007 - carnold@novell.com + +- Update to xen 3.2 RC2. Changeset 16646 + +------------------------------------------------------------------- +Thu Dec 13 15:37:09 MST 2007 - carnold@novell.com + +- Added agent support for HP Proliant hardware. + +------------------------------------------------------------------- +Wed Dec 5 13:04:17 MST 2007 - carnold@novell.com + +- #338108 - VUL-0: Xen security issues in SLE10 +- #279062 - Timer ISR/1: Time went backwards + +------------------------------------------------------------------- +Thu Nov 29 13:44:29 MST 2007 - carnold@novell.com + +- Added part of upstream c/s 15211. Fixed open call with O_CREAT + because it had no mode flags (15211-fix-open-mode.patch). + +------------------------------------------------------------------- +Mon Nov 5 09:38:14 MST 2007 - jfehlig@novell.com + +- Added upstream c/s 15434 to allow access to serial devices. + Bug #338486. + +------------------------------------------------------------------- +Thu Nov 1 13:17:46 MDT 2007 - carnold@novell.com + +- #334445: xenbaked: Fix security vulnerability CVE-2007-3919. + +------------------------------------------------------------------- +Thu Nov 1 11:30:35 MDT 2007 - carnold@novell.com + +- #310279: Kernel Panic while booting Xen + +------------------------------------------------------------------- +Tue Oct 2 17:05:28 MDT 2007 - ccoffing@novell.com + +- #286859: Fix booting from SAN + +------------------------------------------------------------------- +Thu Sep 13 11:26:33 MDT 2007 - ccoffing@novell.com + +- #310338: Fix "No such file or directory" in network-multinet + +------------------------------------------------------------------- +Wed Sep 12 18:04:33 MDT 2007 - jfehlig@novell.com + +- #309940: Fix 'xm reboot' +- Moved hvm_vnc.diff and xend_mem_leak.diff to 'Upstream patches' + section of spec file since both have been accepted upstream now. + +------------------------------------------------------------------- +Mon Sep 10 10:02:36 MDT 2007 - jfehlig@novell.com + +- #289283: Fix memory leak in xend + +------------------------------------------------------------------- +Fri Sep 7 14:17:11 MDT 2007 - jfehlig@novell.com + +- #297125: Expose 'type vnc' in vfb device sexp for HVM guests. + +------------------------------------------------------------------- +Thu Sep 6 14:42:19 MDT 2007 - ccoffing@novell.com + +- #302106: Update network-multinet + +------------------------------------------------------------------- +Wed Sep 5 09:12:31 MDT 2007 - carnold@novell.com + +- #307458: AMD-V CR8 intercept reduction for HVM windows 64b guests + +------------------------------------------------------------------- +Wed Aug 29 16:20:48 MDT 2007 - ccoffing@novell.com + +- Update block-iscsi to match changes to open-iscsi. + +------------------------------------------------------------------- +Mon Aug 27 16:49:48 MDT 2007 - carnold@novell.com + +- #289275 - domu will not reboot if pci= is passed in at boot time. + +------------------------------------------------------------------- +Fri Aug 24 11:30:49 MDT 2007 - carnold@novell.com + +- #297345: Added several upstream patches for hvm migration. + +------------------------------------------------------------------- +Fri Aug 17 18:28:34 MDT 2007 - jfehlig@novell.com + +- Added upstream c/s 15128, 15153, 15477, and 15716. These patches + provide foundation for bug #238986 +- Renamed xend_dev_destroy_cleanup.patch to reflect the upstream + c/s number and moved it to "upstream patches" section of spec + file. + +------------------------------------------------------------------- +Mon Aug 13 10:25:32 MDT 2007 - carnold@novell.com + +- hvm svm: Log into 'xm dmesg' that SVM NPT is enabled. + +------------------------------------------------------------------- +Fri Aug 10 16:43:31 MDT 2007 - ccoffing@novell.com + +- Honor RPM_OPT_FLAGS better + +------------------------------------------------------------------- +Thu Aug 9 10:29:08 MDT 2007 - ccoffing@novell.com + +- #298176: Do not enable NX if CPU/BIOS does not support it +- #289569: Modify network-bridge to handle vlan +- #297295: Fix bridge setup: stop using getcfg + +------------------------------------------------------------------- +Tue Aug 7 08:47:11 CEST 2007 - olh@suse.de + +- remove inclusion of linux/compiler.h and linux/string.h + remove ExclusiveArch and fix prep section for quilt setup *.spec + +------------------------------------------------------------------- +Thu Aug 2 13:10:36 MDT 2007 - jfehlig@novell.com + +- Added patch to fix/cleanup destoryDevice code path in xend. + Patch was submitted upstream. Aids in fixing several bugs, e.g. + #217211 and #242953. + +------------------------------------------------------------------- +Tue Jul 31 13:12:40 MDT 2007 - ccoffing@novell.com + +- Update Ron Terry's network-multi script +- Fix insserv + +------------------------------------------------------------------- +Tue Jul 31 11:41:13 MDT 2007 - jfehlig@novell.com + +- Added following upstream patches: + + 15642 - Fixes bug 289421 found in SLES10 SP1 but applies to + Xen 3.1.0 as well. + + 15649, 15650, 15651 - Fixes/enhancements to Xen API required + by Xen CIM providers + +------------------------------------------------------------------- +Fri Jul 27 10:50:58 MDT 2007 - ccoffing@novell.com + +- #242953: Allow HVM to use blktap +- #239173: block-attach as RW for domUloader to avoid failures with + reiserfs (since blktap does not yet correctly communicate RO to + the kernel) + +------------------------------------------------------------------- +Mon Jul 23 12:57:45 MDT 2007 - ccoffing@novell.com + +- Drop xen-bootloader-dryrun.diff; not needed for xen 3.1 +- rpmlint: Actually apply patch for #280637 +- rpmlint: Rename logrotate config from xend to xen +- Don't package xenperf twice +- xen-detect is a domU tool + +------------------------------------------------------------------- +Mon Jul 23 12:06:55 MDT 2007 - jfehlig@novell.com + +- Added upstream patches that fix various bugs + + 15168 fixes check for duplicate domains + + 15587 resets domain ID and fixes problems with domain state + via Xen API + + 15609 stores memory values changed via Xen API + +------------------------------------------------------------------- +Thu Jul 19 13:41:15 MDT 2007 - ccoffing@novell.com + +- BuildRequires LibVNCServer-devel +- Rotate all logs. +- Fix network data corruption on Win2003 with rtl8139. (#254646) +- Xen fails to create VM due to "out of memory" errors. (#280637) + +------------------------------------------------------------------- +Tue Jul 17 08:23:18 MDT 2007 - plc@novell.com + +- Added CDROM removable media patch from 3.0.4 + +------------------------------------------------------------------- +Fri Jul 6 14:34:20 MDT 2007 - ccoffing@novell.com + +- xensource bug #858: Disable strict aliasing for xenstore, to + avoid domU hangs. + +------------------------------------------------------------------- +Tue Jul 3 15:15:28 MDT 2007 - ccoffing@novell.com + +- #285929: Bad "xendomains status" output w/ empty XENDOMAINS_SAVE + +------------------------------------------------------------------- +Tue Jul 3 13:39:35 MDT 2007 - carnold@novell.com + +- Changes necessary to support EDD and EDID from Jan. + +------------------------------------------------------------------- +Wed Jun 20 17:48:18 MDT 2007 - jfehlig@novell.com + +- Added upstream changesets 15273, 15274, and 15275. +- Removed the modified 15157 patch. This patch was actually a + consolidation of changesets 15157 and 15250. These changesets + are now discrete patches to ease subsequent updates of Xen. + +------------------------------------------------------------------- +Wed Jun 20 15:41:21 MDT 2007 - ccoffing@novell.com + +- Split vm-install off as a separate package. +- Update man page. +- Update Ron Terry's network-multi script. + +------------------------------------------------------------------- +Mon Jun 18 14:23:38 MDT 2007 - ccoffing@novell.com + +- Fix compiler warnings. +- Update block-npiv. + +------------------------------------------------------------------- +Mon Jun 11 10:11:00 MDT 2007 - ccoffing@novell.com + +- Fix more warn_unused_value compiler warnings. + +------------------------------------------------------------------- +Fri Jun 8 12:11:42 MDT 2007 - ccoffing@novell.com + +- Update to official rc10 (changeset 15042). +- Updated vm-install: + + easier to exit with Ctrl-C + + drop "TERM=xterm" for Linux (breaks PVFB text install) + + use "TERM=vt100" when calling "xm" to suppress terminal codes + + command-line support for VNC password + + fixed disk groups (e.g., 2 disks on command line w/o PDEV) + + fixed regression: Don't let user close progress window + + failure to open a device should not completely fail search for + bootsector (consider: no media in /dev/cdrom) + + always remove PV kernel and initrd from /tmp + + #279153: Support disks on iscsi/qcow/vmdk/nbd/file/phy/... + +------------------------------------------------------------------- +Fri Jun 8 11:33:41 MDT 2007 - jfehlig@novell.com + +- Added a modified version of upstream c/s 15157. Original version + of c/s 15157 fixed bug #262805 but also broke + 'xm block-detach dom dev_name'. Modified version fixes bug 262805 + without introducing regression. Patch fixing c/s 15157 has been + submitted upstream. + +------------------------------------------------------------------- +Wed May 23 16:36:54 MDT 2007 - ccoffing@novell.com + +- Drop xen-messages.diff; Xen now supports HVM save/restore. + +------------------------------------------------------------------- +Tue May 22 09:52:50 MDT 2007 - ccoffing@novell.com + +- Update Ron Terry's network-multi script. +- Drop xen-doc-ps. (#267948) +- Update init scripts. +- Tidy spec file to fix rpmlint errors. +- Updated patches from Jan. + +------------------------------------------------------------------- +Mon May 21 10:41:41 MDT 2007 - ccoffing@novell.com + +- vm-install bug fixes: + + #211342: better progress bar + + #259994: disk size would reset when editing path + + #247073: handle autoyast URLs + + #254311: physical disks were showing as 0.0 GB + +------------------------------------------------------------------- +Wed May 16 16:05:22 MDT 2007 - ccoffing@novell.com + +- Properly quote pathnames in domUloader to fix EVMS. (#274484) +- Allow user to specify a default 'keymap' in xend's configuration + file. (#258818 and 241149) + +------------------------------------------------------------------- +Mon May 14 12:46:35 MDT 2007 - plc@novell.com + +- Added upstream python patches for keymap specification in + PV config file. Added upstream ALTGR fix, sign extension fix + and modified patch 323 so that upstream patches applied cleanly. + (#258818) + +------------------------------------------------------------------- +Fri May 11 12:29:27 MDT 2007 - ccoffing@novell.com + +- Update to xen-3.1-testing rc10 (changeset 15040). +- Update .desktop with proper group. (#258600) +- Include Kurt's updated block-iscsi. (#251368) +- Jim's updated patch to honor localtime setting. (#273430) +- Fix vm-install to work correctly when doing multiple simultaneous + installs via virt-manager. (#259917) +- Network connectivity fails in FV SLES 10 SP1; MAC address was + being read incorrectly from xenstore by PV driver. (#272351) +- For FV SLES 9, default apic=1 to allow x86_64 SLES 9 to boot. + (#264183) + +------------------------------------------------------------------- +Fri May 4 08:41:38 MDT 2007 - carnold@novell.com + +- Added security fixes for problems found Travis Orandy (#270621) + CVE-2007-1320, CVE-2007-1321, CVE-2007-1322, CVE-2007-1323, + CVE-2007-1366 + +------------------------------------------------------------------- +Thu May 3 15:35:19 MDT 2007 - ccoffing@novell.com + +- Update to xen-3.1-testing rc7 (changeset 15020). +- Fix identification of virt-manager windows. (#264162) + +------------------------------------------------------------------- +Tue May 1 17:43:33 MDT 2007 - jfehlig@novell.com + +- Integrated domUloader with 3.0.5. Updated xen-domUloader.diff. + +------------------------------------------------------------------- +Mon Apr 30 10:44:41 MDT 2007 - ccoffing@novell.com + +- Update to xen-3.0.5-testing rc4 (changeset 14993). + +------------------------------------------------------------------- +Thu Apr 26 13:20:36 MDT 2007 - jfehlig@novell.com + +- Fixed autobuild error in function that returns random data. + File tools/ioemu/hw/piix4acpi.c line 72. Fix added to + xen-warnings.diff. + +------------------------------------------------------------------- +Thu Apr 26 11:59:04 MDT 2007 - ccoffing@novell.com + +- Fix build on SLES 10 SP1. + +------------------------------------------------------------------- +Wed Apr 25 13:41:20 MDT 2007 - ccoffing@novell.com + +- Update to xen-3.0.5-testing rc3 (changeset 14934). +- Switch BuildRequires to texlive. + +------------------------------------------------------------------- +Fri Apr 20 11:43:06 MDT 2007 - ccoffing@novell.com + +- Updated README. (#250705) +- Fix vm-install's detection of PV RHEL4/5 kernels. (#260983) + +------------------------------------------------------------------- +Thu Apr 19 16:00:12 MDT 2007 - ccoffing@novell.com + +- Place xenstore-* tools in new xen-tools-domU package, to be used + by suse_register. (#249157) + +------------------------------------------------------------------- +Tue Apr 17 08:20:47 MDT 2007 - ccoffing@novell.com + +- Update translations. + +------------------------------------------------------------------- +Thu Apr 12 14:23:15 MDT 2007 - ccoffing@novell.com + +- Combine two xenstore reads into one transaction, which causes + xenstored to not thrash so badly, and makes virt-manager more + responsive and less likely to time out or lock up. Partial fix + for #237406. +- If disk is read-only, pass -r to losetup. (#264158) + +------------------------------------------------------------------- +Thu Apr 5 17:45:45 MDT 2007 - ccoffing@novell.com + +- Update vm-install: + + #260510: do not delete xml settings file + + #260579: write correct vif line for PV NIC in FV VM + + #261288: re-enable add disk buttons after deleting a disk + + #192272, #222765, #250618: Update OS list and their defaults + +------------------------------------------------------------------- +Tue Apr 3 17:07:37 MDT 2007 - ccoffing@novell.com + +- Could not do simultaneous installs via virt-manager. (#259917) + +------------------------------------------------------------------- +Mon Apr 2 17:48:43 MDT 2007 - jfehlig@novell.com + +- Fix improper handling of guest kernel arguments in domUloader. + Bug #259810 + +------------------------------------------------------------------- +Mon Apr 2 17:02:11 MDT 2007 - ccoffing@novell.com + +- Update vm-install: + + #259420: refresh available memory more often + + #259972: cannot enter autoyast url + +------------------------------------------------------------------- +Mon Apr 2 08:46:03 MDT 2007 - ccoffing@novell.com + +- Update translations for RC2. + +------------------------------------------------------------------- +Fri Mar 30 12:54:45 MDT 2007 - ccoffing@novell.com + +- Fix "cannot allocate memory" when starting VMs. (#229849, 258743) + +------------------------------------------------------------------- +Thu Mar 29 10:16:54 MDT 2007 - ccoffing@novell.com + +- Fix quoting of args for child processes during VM install. + (#258376) +- Fix retry logic in block hotplug script. (#257925) + +------------------------------------------------------------------- +Wed Mar 28 11:31:48 MDT 2007 - ccoffing@novell.com + +- Updated vm-install's icon name. +- Updated translations. + +------------------------------------------------------------------- +Fri Mar 23 11:25:01 MDT 2007 - ccoffing@novell.com + +- Disable aspects of qemu's console that can affect domain 0. + (#256135) +- Fix xmclone.sh to work with managed domains. (#253988) +- Update to xen-unstable changeset 14535. + +------------------------------------------------------------------- +Mon Mar 19 09:46:21 MDT 2007 - ccoffing@novell.com + +- Update to xen-unstable changeset 14444. +- Include Ron Terry's network-multi_bridge + +------------------------------------------------------------------- +Fri Mar 9 18:45:33 MST 2007 - jfehlig@novell.com + +- Added lame patch to handle showing suspended state via Xen API. + The patch only affects Xen API and is thus low risk. + Bug #237859 + +------------------------------------------------------------------- +Fri Mar 9 17:00:20 MST 2007 - carnold@novell.com + +- Added AMD support for Vista 64 installation and boot. + +------------------------------------------------------------------- +Fri Mar 9 12:24:12 MST 2007 - ccoffing@novell.com + +- Make vm-install support NFS for SUSE (#241251). + +------------------------------------------------------------------- +Fri Mar 9 10:07:05 MST 2007 - jfehlig@novell.com + +- Fixed bug #250522 + + Upstream c/s 13557 stores model attribute of vif in xenstore. + +------------------------------------------------------------------- +Thu Mar 8 12:35:18 MST 2007 - ccoffing@novell.com + +- Update vm-install: + + Better description on "Virtual Disk" drop-down (not "xvda") + + Proper separation of recording options versus calculating + defaults; fixes corner cases + + #247849, #253013, 253009: Multiple fixes related to how disks + are defined, centered around bug #247849 (handle partitioned + PV installation disk) + + #252437: Allow virtual CDROM to be added (via ISO) even if + physical CDROM doesn't exist + +------------------------------------------------------------------- +Wed Mar 7 19:43:55 MST 2007 - jfehlig@novell.com + +- Fixed bug #252396 + + Added upstream c/s 14021. Applies to Xen API c-bindings - + low risk. + + Added local patch to correctly set Xen API Console.protocol + property + +------------------------------------------------------------------- +Wed Mar 7 14:28:41 MST 2007 - jfehlig@novell.com + +- Added upstream patch that fixes save/restore on 32pae guests. + Upstream c/s 14150. Bug #237859 + +------------------------------------------------------------------- +Tue Mar 6 15:48:13 MST 2007 - carnold@novell.com + +- Remove a debug message which is spamming the logs during live + migration. + +------------------------------------------------------------------- +Mon Mar 5 17:51:17 MST 2007 - jfehlig@novell.com + +- Fixed handling of vbd type in Xen API <-> sexpr integration. + Bug #250351 + + Updated an existing patch (xend_disk_decorate_rm.patch) and + then renamed patch to xend_vbd_type.patch to better reflect + purpose of patch. + +------------------------------------------------------------------- +Mon Mar 5 09:38:36 MST 2007 - ccoffing@novell.com + +- Default apic=0 for SLES 8 and 9, for performance. (#228133) + +------------------------------------------------------------------- +Fri Mar 2 16:58:06 MST 2007 - carnold@novell.com + +- Xen kernel crashes at domain creation time. Bug #248183. + Fix mouse for win2k hvm guest. + +------------------------------------------------------------------- +Fri Mar 2 13:15:33 MST 2007 - jfehlig@novell.com + +- Incorrect values returned for actions_after_* in Xen API. Added + patch xend-actions-after.patch for fix. Patch submitted upstream + as well. Bug #250870. + +------------------------------------------------------------------- +Fri Mar 2 12:08:55 MST 2007 - ccoffing@novell.com + +- Update vm-install: + + Fixed possible "tree path exception" when editing disk + + Fixed failure to properly refresh fields when editing disk + + #248356: allow specifying bridge + +------------------------------------------------------------------- +Fri Mar 2 10:23:38 MST 2007 - jfehlig@novell.com + +- Add check for HVM domain in domain_save. The check is + performed in domain_suspend and should be included here as well. + +------------------------------------------------------------------- +Thu Mar 1 18:13:20 MST 2007 - ccoffing@novell.com + +- Update vm-install: + + #250201: for linux PVFB, pass xencons=tty if graphics=none + + #250016: honor non-sparse flag + +------------------------------------------------------------------- +Thu Mar 1 17:25:44 MST 2007 - jfehlig@novell.com + +- Fix exception caused by incorrect method name in xen-messages.diff. + This is one of perhaps several problems with save/restore, + bug #237859 + +------------------------------------------------------------------- +Thu Mar 1 15:43:00 MST 2007 - dpmerrill@novell.com + +- Add xen-ioemu-hvm-pv-support.diff + This patch allows for shutting down the IDE drive. + +------------------------------------------------------------------- +Thu Mar 1 11:27:00 MST 2007 - jfehlig@novell.com + +- Fix bug #243667 + + Updated domUloader to accept '--args' parameter. The args + provided as an option to --args are simply added to the sexpr + returned by domUloader. pygrub has similar behavior. + +------------------------------------------------------------------- +Wed Feb 28 18:16:53 MST 2007 - ccoffing@novell.com + +- Update vm-install: + + #249013, #228113: default to realtek instead of pcnet + + #249124: write os-type to config files + + Updated translations + + Setting os_type should implicitly set full_virt; fixes NIC + model exceptions + + Add "Add" button to Operating System Installation page, based + on usability feedback + +------------------------------------------------------------------- +Wed Feb 28 15:55:15 MST 2007 - jfehlig@novell.com + +- Added changeset 13786 and 14022 from xen-unstable. These + changesets affect the Xen API C bindings only and are low risk. + This is a continuation of support for FATE feature 110320. ECO + has been approved for late arrival of this feature. + +------------------------------------------------------------------- +Mon Feb 26 10:39:06 MST 2007 - ccoffing@novell.com + +- Update vm-install: + + #244772: display error message in GUI if xen isn't running + + #246049: better error message when OS==SUSE but ISO looks wrong + + Fix printing of jobid when run with --background + +------------------------------------------------------------------- +Wed Feb 21 15:54:51 MST 2007 - ccoffing@novell.com + +- Don't allow "xm create" of running VM. (#245253) +- Update vm-install: + + Fix inability to use already-extracted SUSE kernel/initrds + + Fix accumulation of 0-byte tmp files + + #237063: close fds before running vncviewer + + default apic=0 for Windows, due to performance + +------------------------------------------------------------------- +Tue Feb 20 13:53:22 MST 2007 - carnold@novell.com + +- Domain0 reboots after 2-6 hours of running guests. (#246160) + +------------------------------------------------------------------- +Tue Feb 20 12:49:36 MST 2007 - ccoffing@novell.com + +- Fix typo in xendomains. (#246107) +- Fix order in which vm-install processes command-line arguments. + +------------------------------------------------------------------- +Fri Feb 16 18:07:09 MST 2007 - jfehlig@novell.com + +- Added changeset 13775 from xen-unstable. This patch fixes + the last known issue with the Xen API patchset backported + from xen-unstable. + +------------------------------------------------------------------- +Fri Feb 16 11:31:15 MST 2007 - jfehlig@novell.com + +- Added c/s 13226 from xen-unstable. It affects Xen API only. +- Added patch to remove ':disk' and 'tap:qcow' from stored domain + config. Fixes bug #237414 and helps with bug #242953. + +------------------------------------------------------------------- +Thu Feb 15 19:03:13 MST 2007 - jfehlig@novell.com + +- Backported Xen API functionality from xen-unstable to support + hosting CIM providers. This functionality is required for + FATE feature 110320. ECO has been approved. + + Includes 19 changesets from xen-unstable. Most are + specific to Xen API. + + Includes 1 patch that relaxes parsing of xml response + in Xen API c-bindings. + +------------------------------------------------------------------- +Thu Feb 15 12:52:24 MST 2007 - carnold@novell.com + +- Added x86-nmi-inject.patch for NW debuging. (#245942) + +------------------------------------------------------------------- +Thu Feb 15 10:09:41 MST 2007 - carnold@novell.com + +- kernel panic in DomU while installing 32bit DomU on 64bit + Dom0. (#244055) Patches 13630-domctl.patch, + 13903-domctl.patch and 13908-domctl.patch +- Updated patch pae-guest-linear-pgtable.patch + +------------------------------------------------------------------- +Mon Feb 12 17:00:58 MST 2007 - ccoffing@novell.com + +- Load xenblk at dom0 start to support bootstrapping from + non-loopback devices. (#242963, #186696) +- Update vm-install: + + Update translations + + Clean up exception error codes and sync man pages + + Honor ordering of arguments (as claimed in man page) + + #240984: properly detach vncviewer + + #240387: default to absolute coordinate mouse for Windows +- Drop logging patch. (#245150) + +------------------------------------------------------------------- +Mon Feb 12 01:50:34 CET 2007 - ro@suse.de + +- remove -fstack-protector from RPM_OPT_FLAGS for now + +------------------------------------------------------------------- +Thu Feb 8 16:54:59 MST 2007 - ccoffing@novell.com + +- Update vm-install: + + Allow specifing disk (and disk size) vs. cdrom from CLI + + Add missing -M/--max-memory parameter to CLI to match GUI + + #241528: Display error if user selects FV OS but hw lacks VT + + Move all consistency checks out of Options class, since CLI + options may be processed in a "bad" order + + Fix infinite loops when info is missing from background jobs + + --background implies --no-auto-console + + Don't let user close progress window + + Fix bug in qemu slowness work-around, reported by Jan Albrecht + + Do disk.validate() when clicking "OK" on disks page + + #238959: Probe for removable media via /sys/block + + Output VNC info for backgrounded job + + Fix method of waiting for VM to exit when --no-autoconsole + + #239582: Use extracted kernel-xen/initrd-xen if present + +------------------------------------------------------------------- +Tue Feb 6 12:02:47 MST 2007 - ro@suse.de + +- disable commented out buildreq for kernel for the moment + to workaround endless rebuild + +------------------------------------------------------------------- +Tue Feb 6 10:30:33 MST 2007 - ccoffing@novell.com + +- xm-test should clean up xenstore better (#180138) + +------------------------------------------------------------------- +Thu Feb 1 12:07:59 MST 2007 - ccoffing@novell.com + +- Implement better job support for CIM (#241197) +- Temporary fix to allow PV VMs to reboot (#237414) +- Delete PYTHONOPTIMIZE for good; callers don't set it. + +------------------------------------------------------------------- +Wed Jan 31 08:51:05 MST 2007 - ccoffing@novell.com + +- Update xen-3.0.4 (changeset 13138); includes migration bugfix. + +------------------------------------------------------------------- +Tue Jan 30 07:43:09 MST 2007 - ccoffing@novell.com + +- Enable building KMP. +- Fix xendomains to work with managed domains. (#238781) + +------------------------------------------------------------------- +Thu Jan 25 09:16:10 MST 2007 - ccoffing@novell.com + +- Various bug fixes of 32on64, from Jan and Keir. +- Gerd's fix for domain builder with > 4 GB RAM (#233761) +- Update xen-vm-install: + #234331, #239007: CD/DVDs should always be marked read-only + #238458: Work-around qemu slowness bug + #239196: Support SLED + #239275: Fix .desktop file + #240064: Clean up VMs better after failed install + +------------------------------------------------------------------- +Tue Jan 23 09:11:29 MST 2007 - ccoffing@novell.com + +- Update xen-vm-install: + #237370: Can now install 32pae SLES 10 on x86_64 hypervisor + #237396: Be able to use an existing disk, bypass OS installation + Fix handling of user's extra_args +- Patch from Jan to enable building PV drivers KMP for FV SUSE. + Currently conditionalized. +- Drop unused patches xen-io-register-context.diff and + xen-console.diff + +------------------------------------------------------------------- +Sat Jan 20 09:44:00 MST 2007 - brogers@novell.com + +- Fix handling of localtime config file parameter for PV guests + (#234376) + +------------------------------------------------------------------- +Fri Jan 19 14:40:01 MST 2007 - ccoffing@novell.com + +- Update xen-vm-install (NIC UI work; do not require tcp port bz + #236517; integrate with virt-manager) + +------------------------------------------------------------------- +Wed Jan 17 14:14:17 MST 2007 - ccoffing@novell.com + +- Update xen-vm-install (more disk UI work; support NetWare + response files and licenses) + +------------------------------------------------------------------- +Tue Jan 16 16:36:14 MST 2007 - ccoffing@novell.com + +- Major fixes to xen-vm-install (adding disks in the UI now works, + and fixed several CLI exceptions) +- Microcode does not need to be exactly 2048 bytes (changeset + 13079; Kurt) + +------------------------------------------------------------------- +Fri Jan 12 17:09:56 MST 2007 - ccoffing@novell.com + +- Include script to clone SLES 10 domU, from coolsolutions (fate + #301742) +- Updated patches from Gerd and Jan, including PAE > 4 gig fix, + updated VGA console patch. +- Updated xen-vm-install with finalized strings and desktop file. + +------------------------------------------------------------------- +Thu Jan 11 08:40:18 MST 2007 - ccoffing@novell.com + +- Include xen-unstable patches for HVM save/restore and 32-on-64 + HVM. +- Update to xen-3.0.4-1 (changeset 13132). + +------------------------------------------------------------------- +Wed Jan 10 16:27:50 MST 2007 - ccoffing@novell.com + +- Update xen-vm-install and domUloader to support NetWare. +- Include AMD's nested page table patches. + +------------------------------------------------------------------- +Mon Jan 8 09:36:40 MST 2007 - ccoffing@novell.com + +- Update to xen-3.0.4 (changeset 13129). +- Fix from upstream for mis-emulation of x86-64 pop. + +------------------------------------------------------------------- +Fri Jan 5 10:58:48 MST 2007 - carnold@novell.com + +- Many patches from Jan Beulich and Gerd Hoffmann in support of + 32 on 64 pv guests. These patches apply to both the hypervisor + and the tools. + +------------------------------------------------------------------- +Fri Dec 22 10:40:06 MST 2006 - ccoffing@novell.com + +- Do not require authentication on XenAPI socket, since CIMOM does + not support authentication. Socket is only accessible to root. + +------------------------------------------------------------------- +Wed Dec 20 09:07:41 MST 2006 - ccoffing@novell.com + +- Update to xen-3.0.4 (changeset 13100). +- Update xen-vm-install tools. +- Include Jim's 2 xen-tools patches for CIM provider issues. + +------------------------------------------------------------------- +Mon Dec 18 14:59:01 MST 2006 - ccoffing@novell.com + +- Update to xen-3.0.4-rc3 (changeset 13087). +- Fix line terminators in block-iscsi (#228864) +- Make domUloader work with blktap support in xend. + +------------------------------------------------------------------- +Fri Dec 15 10:22:29 MST 2006 - ccoffing@novell.com + +- Update to xen-3.0.4-rc2 (changeset 13067). + +------------------------------------------------------------------- +Thu Dec 14 14:54:19 MST 2006 - ccoffing@novell.com + +- Update to xen-3.0.4-rc1 (changeset 12901). + +------------------------------------------------------------------- +Wed Dec 13 12:53:00 MST 2006 - brogers@novell.com + +- Patch for loading bimodal PAE kernel to suuport NetWare + +------------------------------------------------------------------- +Thu Dec 7 10:33:58 MST 2006 - ccoffing@novell.com + +- Update to xen-unstable (changeset 12757). +- Enable LIBXENAPI_BINDINGS and XENFB_TOOLS. +- Enable unix domain socket for xend; needed by tools. + +------------------------------------------------------------------- +Tue Dec 5 15:12:12 MST 2006 - ccoffing@novell.com + +- Update to xen-unstable (changeset 12734; feature freeze for + 3.0.4) +- Make /etc/xen mode 0700 to protect vnc passwords. + +------------------------------------------------------------------- +Mon Nov 27 18:07:41 MST 2006 - ccoffing@novell.com + +- Fix how bootloader is called by the xend during restarts. + (#223850) + +------------------------------------------------------------------- +Wed Nov 22 11:26:06 MST 2006 - ccoffing@novell.com + +- Series of patches from Jan to address selectors with non-zero- + bases and other related issues in HVM. (#214568) +- Default pae=1, otherwise 64 bit HVM does not work at all. + (#217160) + +------------------------------------------------------------------- +Fri Nov 17 11:30:16 MST 2006 - ccoffing@novell.com + +- Backport several HVM fixes. (#176171?) + +------------------------------------------------------------------- +Thu Nov 16 13:16:09 MST 2006 - ccoffing@novell.com + +- Fix some problems in the xen-hvm-default-bridge patch. (#219092) +- xmlrpc isn't 64-bit clean, causing xend to get exceptions when + PFN is > 2 GB. (#220418) + +------------------------------------------------------------------- +Mon Nov 13 20:40:09 MST 2006 - kallan@novell.com + +- Backport changesets 11847, 11888, 1189[6-9], 119[00-18], 11974, + 1203[0-2], and 12205 from xen-unstable so that the PV drivers + can compile on older kernels such as sles9 and rhel4 +- Fix netfront.c to fail the probe if it is called for an ioemu + type device. This allows both PV and FV drivers to exist at + same time in the FV guest. + +------------------------------------------------------------------- +Thu Nov 9 10:10:09 MST 2006 - ccoffing@novell.com + +- Add xen-vm-install. +- Default bridge correctly for HVM guests. (#219092) + +------------------------------------------------------------------- +Wed Nov 8 11:26:02 CET 2006 - aj@suse.de + +- Set correct permissions on man files. + +------------------------------------------------------------------- +Tue Nov 7 08:43:01 MST 2006 - ccoffing@novell.com + +- Update name of blktap.ko in xend init script. (#215384) +- Remove some extraneous bad chars in xm manpage. (#218440) +- Update logrotate.conf. +- Update spec file. + +------------------------------------------------------------------- +Wed Nov 01 11:16:05 MST 2006 - kallan@novell.com + +- Backport xen-unstable changesets 12040 to address spurious + interrupts with PV drivers in HVM guests. + +------------------------------------------------------------------- +Tue Oct 31 13:56:04 MST 2006 - ccoffing@novell.com + +- Backport xen-unstable changesets 1184[1-3] to address SVM + interrupt injection issues. Replaces earlier (broken) patches. + +------------------------------------------------------------------- +Mon Oct 30 15:19:02 MST 2006 - ccoffing@novell.com + +- /var/lib/xen/images should not be world readable. (#214638) +- Update to xen-3.0.3-0 (changeset 11774; no code changes). + +------------------------------------------------------------------- +Mon Oct 16 12:58:46 MDT 2006 - ccoffing@novell.com + +- Update to xen-3.0.3-testing changeset 11772 (rc5). +- Fix several possible type errors when running domUloader. +- Remove pygrub. Was broken on reiserfs and never had ext2 + support, so it is useless. (#173384) +- First attempt at moving domUloader to blktap. Still disabled + due to block-detach failing. + +------------------------------------------------------------------- +Fri Oct 13 10:29:18 MDT 2006 - ccoffing@novell.com + +- Update to xen-3.0.3-testing changeset 11760 (rc4). + +------------------------------------------------------------------- +Tue Oct 10 10:42:51 MDT 2006 - ccoffing@novell.com + +- Update to xen-3.0.3-testing changeset 11740 (rc3). +- Fix crash on PAE when specifying dom0_mem=4096M. (#211399) +- Make xend.balloon aware of kernel's memory floor, to fix + "Privileged domain did not balloon" errors. (#184727) + +------------------------------------------------------------------- +Mon Oct 9 09:20:46 MDT 2006 - ccoffing@novell.com + +- Include AMD's interrupt injection fix. + +------------------------------------------------------------------- +Wed Oct 4 13:00:09 MDT 2006 - ccoffing@novell.com + +- Imported keymap patch. (#203758) +- Account for minimum memory required by dom0 kernel. (#184727) +- Package /usr/include/xen/hvm/*.h + +------------------------------------------------------------------- +Tue Oct 3 11:51:34 MDT 2006 - ccoffing@novell.com + +- Update to xen-3.0.3-testing changeset 11686. + +------------------------------------------------------------------- +Tue Oct 3 10:36 MDT 2006 - kallan@novell.com + +- Updated README.SuSE to reflect the current method of handling + Xen network-bridging when using SuSEfirewall2. (#205092) + +------------------------------------------------------------------- +Sat Sep 30 10:21:42 CEST 2006 - aj@suse.de + +- Cleanup BuildRequires. + +------------------------------------------------------------------- +Thu Sep 28 11:18:17 MDT 2006 - ccoffing@novell.com + +- Only "eval" disks once in domUloader, to match current Xen. + +------------------------------------------------------------------- +Wed Sep 27 10:47:16 MDT 2006 - ccoffing@novell.com + +- Switch to xen-3.0.3-testing tree; changeset 11633. +- Update (but disable) paravirtualized framebuffer patches. + +------------------------------------------------------------------- +Tue Sep 26 09:07:41 MDT 2006 - ccoffing@novell.com + +- Update to xen-unstable changeset 11623. +- Fix domUloader typo introduced in last update. +- Build debug version of xen-pae. + +------------------------------------------------------------------- +Mon Sep 25 10:11:31 MDT 2006 - ccoffing@novell.com + +- Update to xen-unstable changeset 11616. + +------------------------------------------------------------------- +Tue Sep 12 16:14:51 MDT 2006 - ccoffing@novell.com + +- Update check_python script to identify Python 2.5 RCs as valid. + +------------------------------------------------------------------- +Mon Sep 11 12:04:23 MDT 2006 - ccoffing@novell.com + +- Update to xen-unstable changeset 11440. +- xen-tools conflicts with qemu. Do not package qemu.1 manpage. + (#204758) +- Include Jan's updated patch for #192150 (to preserve register + context when doing IO). + +------------------------------------------------------------------- +Tue Sep 5 15:27:57 MDT 2006 - ccoffing@novell.com + +- Update block-nbd and xmexample.nbd, and add block-iscsi and + xmexample.iscsi (from Kurt). + +------------------------------------------------------------------- +Thu Aug 31 09:45:11 MDT 2006 - ccoffing@novell.com + +- Automatically create/destroy virtual frame buffer viewer. Add + "sdl=1" to config file of a paravirtualized VM to get the viewer. +- Log files have moved to /var/log/xen. + +------------------------------------------------------------------- +Tue Aug 29 15:34:38 MDT 2006 - ccoffing@novell.com + +- xendomains does not actually save domains. (#201349) +- Update to xen-unstable changeset 11299. + +------------------------------------------------------------------- +Tue Aug 29 01:04:22 CEST 2006 - ccoffing@novell.com + +- Fix incorrect path on x86_64 for vncfb and sdlfb. + +------------------------------------------------------------------- +Thu Aug 17 09:09:48 MDT 2006 - ccoffing@novell.com + +- Improve xendomains init script, to handle unset sysconfig vars. +- Import virtual framebuffer patches. +- Drop reboot patch; resync patches. + +------------------------------------------------------------------- +Wed Aug 16 09:20:15 MDT 2006 - ccoffing@novell.com + +- Update to xen-unstable changeset 11134. +- Drop xen-reverse-10064.diff now that kernel is updated. + +------------------------------------------------------------------- +Tue Aug 8 15:44:08 MDT 2006 - ccoffing@novell.com + +- Re-enabled patch for #184175. +- Update to xen-unstable changeset 10986. +- Include Jan's patch to preserve register context when doing + IO. (#192150) + +------------------------------------------------------------------- +Fri Jul 28 14:36:59 MDT 2006 - ccoffing@novell.com + +- Add support to domUloader for "xm create --dry-run". Based on + patch from HP. + +------------------------------------------------------------------- +Thu Jul 27 10:30:26 MDT 2006 - ccoffing@novell.com + +- Add link for qemu-dm that is invariant across architectures, so + that VM config files can be simple key/value pairs parsable by + yast, and still be movable to another arch. (#193854) +- Add loop.ko to rescue image created by mk-xen-rescue-img, and + remove usbfs from image's /etc/fstab since USB isn't yet + supported, to avoid errors during boot. (#191627) + +------------------------------------------------------------------- +Mon Jul 17 11:40:01 MDT 2006 - ccoffing@novell.com + +- Update to xen-unstable changeset 10712. +- Update domUloader and rcxend to work with blktap. + +------------------------------------------------------------------- +Fri Jul 14 09:02:50 MDT 2006 - ccoffing@novell.com + +- When waiting for domains to shut down, must also wait for + loopback devices to be torn down, otherwise higher-level tools + may migrate a VM before the disk image is flushed. (#185557) +- More updates to the README. + +------------------------------------------------------------------- +Wed Jul 13 13:06:14 MDT 2006 - kallan@novell.com + +- Added for loop to retry the losetup -d in /etc/xen/scripts/block. + It is possible for the losetup -d to fail if another process is + examining the loopback devices e.g. losetup -a. (#151105) + +------------------------------------------------------------------- +Wed Jul 12 16:11:10 MDT 2006 - ccoffing@novell.com + +- Corrected and updated README. + +------------------------------------------------------------------- +Mon Jul 10 10:27:09 MDT 2006 - ccoffing@novell.com + +- Add Jeff Mahoney's block-sync.diff, to give control of + "losetup -y" to the user (and potentially yast). Defaults to + old async behavior. (#190869) + +------------------------------------------------------------------- +Thu Jul 6 15:48:35 MDT 2006 - ccoffing@novell.com + +- Update to xen-unstable tree. Revert changeset 10064, to maintain + backwards compatibility with SLES 10. + +------------------------------------------------------------------- +Wed Jul 5 12:10:04 MDT 2006 - ccoffing@novell.com + +- Do not open migration port by default. (#190170) +- Update patch for migration oops, to latest version in bug + #162865. + +------------------------------------------------------------------- +Mon Jul 3 19:58:01 CEST 2006 - okir@suse.de + +- xen-losetup-sync.diff: use the new "losetup -y" option to force + the loop device to use synchronous I/O (#189051) + +------------------------------------------------------------------- +Fri Jun 30 12:38:24 MDT 2006 - ccoffing@novell.com + +- Increase balloon timeout value. (#189815) +- Update to xen-3.0-testing tree, changeset 9762. + +------------------------------------------------------------------- +Thu Jun 29 12:42:25 MDT 2006 - ccoffing@novell.com + +- Fix some loopback races in domUloader. (#151105) + +------------------------------------------------------------------- +Tue Jun 27 13:47:32 MDT 2006 - ccoffing@novell.com + +- Add "max_para_memory" and "max_hvm_memory" to output of "xm info" + for bug #184727. +- Include Jan's patches for bug #184175. Improves PAE guest + support on HVM. + +------------------------------------------------------------------- +Mon Jun 26 11:21:49 MDT 2006 - ccoffing@novell.com + +- Include patch from HP to fix a domU migration failure ("Kernel + BUG at mm/mmap.c:1961"). Force L1/L2 page tables to be updated + at the end, to avoid them from being dirtied and not transferred. + (#162865) + +------------------------------------------------------------------- +Thu Jun 23 09:23:19 MDT 2006 - kallan@novell.com + +- Updated xen-bonding.diff to enable bonding again after the latest + patches to network-bridge etc. (#161888) + +------------------------------------------------------------------- +Wed Jun 21 15:16:47 MDT 2006 - ccoffing@novell.com + +- Clean up the useless "Nothing to flush" messages, from 'ip addr + flush', in /var/log/xen-hotplug.log +- Fix race condition in domUloader.py, when another process did + losetup -d while domUloader was running. This would result in + the mount failing, and so the VM would fail to start. + +------------------------------------------------------------------- +Tue Jun 20 14:42:28 MDT 2006 - ccoffing@novell.com + +- Revamp balloon.py to account for pages currently being + scrubbed. (#185135) + +------------------------------------------------------------------- +Mon Jun 19 09:55:04 MDT 2006 - ccoffing@novell.com + +- Update to xen-3.0-testing tree, changeset 9749. +- DomUs are getting starved for CPU (up to 40 seconds was seen) + when dom0 has a load. This can cause pathological behavior, and + can cause OCFS2 to fence (panic) the domain. (#179368, #178884) +- Import Gerd's fix to network-bridge script for bug #161888. + +------------------------------------------------------------------- +Wed Jun 14 13:24:25 MDT 2006 - ccoffing@novell.com + +- Pull out accidentally-included debugging code. +- Drop xenvers patch; this was for backwards compatibility for + some early internal builds. +- Update from Jan on the console patch. Not all graphics cards / + drivers properly reflect the state in the register being tested. + Improved the check, to prevent screen corruption. (#161541) + +------------------------------------------------------------------- +Tue Jun 13 10:28:36 MDT 2006 - ccoffing@novell.com + +- Resync with new tarball from xen-3.0-testing; changeset 9738. + +------------------------------------------------------------------- +Mon Jun 12 10:23:35 MDT 2006 - ccoffing@novell.com + +- Drop BUILD_BUG_ON and pirq-shared patches. Last week's pirq + sharing patch from upstream (for bug #152892) makes these patches + redundant. Dropping these makes our shared_info structure match + upstream again, which is needed for compatibility with other + paravirtualized guests. +- Import changeset 9734 from xen-3.0-testing. This fixes a hyper- + call (used by the pcifront driver) to work on MP guests. Without + this, the pciback driver can hang on MP. (#181467) +- Import changeset 9733 from xen-3.0-testing. This patch is + required to match the Linux kernel, since Linux always calls + this operation from VCPU0 during secondary VCPU bringup. + Without this, process run-time accounting on secondary CPUs is + completely wrong. +- Updated README: Documented work-around for bug #180058. + +------------------------------------------------------------------- +Fri Jun 9 09:23:04 MDT 2006 - ccoffing@novell.com + +- Include Jan's patch: "IOPL is ignored for VM86 mode port + accesses. Fix Xen emulation to match native behaivour." Fixes + some X lockup issues. (#179045) +- Include Keir's patch to allow reading from port 0x61, to avoid + an X server lockup. (#171087) +- Include xen-3.0-testing changeset 9726, which is needed to + support the latest kernel-xen. With this support, Linux will + only trigger unhandled IRQ path if IRQ is not shared across + multiple guests (another guest may have handled the interrupt). + This is more upstream work that goes with bug #152892. +- Add versioning to the Requires lines, to guard against mixing + binary incompatible versions. (#183292) +- I accidentially dropped part of Clyde's fix for bug #162244. + SMP support in HVM is working in xen-unstable, so upstream + dropped the HT CPUID masking code, which we then inheirited. + Re-add HT CPUID masking. (#162244) +- Updated README: VNC installations, known issues. + +------------------------------------------------------------------- +Thu Jun 8 11:38:34 MDT 2006 - ccoffing@novell.com + +- Drop our XCHG patch for the equivalent upstream patch, to fix + patch application order. No code change. + +------------------------------------------------------------------- +Wed Jun 7 12:19:16 MDT 2006 - ccoffing@novell.com + +- Updated README: HVM issues/tips, CDROM tips, known issues. +- Add patch from Intel to decode LODS/STOS instructions to fix + Windows installation. Only affects HVM. Xen changeset #9725 + consolidates this patch and xen-hvm-decode.diff; drop our 2 in + favor of the consolidated upstream patch. (#176717) + +------------------------------------------------------------------- +Tue Jun 6 10:08:19 MDT 2006 - ccoffing@novell.com + +- Drop xen-8-way-bios patch, because it breaks Windows HVM + installation. The patch was only necessary when running SMP HVM + with "acpi=0" on the kernel command line. (#181974) +- Include two patches from xen-3.0-testing that change the + interface between Xen and guests. Including these now to help + forward-compatibility: + + 9709: Changes interface for accessing %cr3 so that extra bits + (>4GB) for PAE pgdirs are placed in low-order bits of %cr3. + Kernels without support for this will still run fine. + + 9721: Use explicitly-sized types in the dom0_ops and privcmd + structures. +- Fix ability to change ISOs images for HVM guest. (#181895) +- Removed pointless whitespace changes from xen-removable.diff, for + better maintainability. Cut the patch size in half; no code + changes. + +------------------------------------------------------------------- +Mon Jun 5 10:19:27 MDT 2006 - ccoffing@novell.com + +- Include select patches from xen-3.0-testing: + + 9698: Official fix for bug #159001. Dropped our patch. + + 9702: Fix MMU_NORMAL_PT_UPDATE when passed a page that is no + longer of type page-table. + + 9703: Modification to fix for bug #159001; ignore empty PTEs. + + 9704: Fix for obvious typo in map_pages_to_xen: When replacing + a pte, free the page table pointed to by the old entry, not the + new entry. + + 9705: Jan's previous signed-ness patch (c/s 9695) was changed + when accepted upstream, which broke it; this changeset + attempts to fix the breakage. + + 9708: HVM: Fix a hang when doing an "xm destroy" of Windows VM. + + 9717: HVM: Interrupts must be kept disabled when entering Xen + for external interrupt processing. + +------------------------------------------------------------------- +Fri Jun 2 11:08:07 MDT 2006 - ccoffing@novell.com + +- Include xen-3.0-testing changeset 9693. This scales the + ballooning timeout with the amount of memory being requested + (necessary for large memory machines). This is a more proper fix + for Novell bug #175805, and addresses XenSource bug #650. + +------------------------------------------------------------------- +Thu Jun 1 14:40:23 MDT 2006 - ccoffing@novell.com + +- Update the README, regarding how to make the mouse work properly + with VNC in HVM. +- Update help text in mk-xen-rescue-img. + +------------------------------------------------------------------- +Wed May 31 14:53:43 MDT 2006 - ccoffing@novell.com + +- Jan's backport of xen-unstable changesets 9517, 9518, and 9529. + This allows Xen to boot on 4-node configurations without + crashing. (#150114) +- Include patch from Jun Nakajima at Intel to fix inability to + start XWindows after creating HVM guest. (#159001) +- Include select patches from xen-3.0-testing: + + 9697: Fix infinite recursion loop in get_page_type() error path +- Include xen-unstable changeset 9967, to improve Summagraphics + tablet emulation, to help mouse tracking in HVM. (#167187) +- Include 3 patches from AMD to fix SMP support in HVM. (#176171) +- Add CPUID masking patches from AMD and Intel for HVM. This + prevents the OS from seeing (and trying to use) various hardware + features that are not supported within the VM. (#180879) + +------------------------------------------------------------------- +Fri May 26 11:48:08 MDT 2006 - ccoffing@novell.com + +- Fix deadlock between xm and qemu. Qemu should not call xm; + issue xc commands directly. This deadlock was exposed when + making qemu exit nicely and clean up. (#176400) +- Include Gerd's update to his previous REP MOVS fix. Calculating + high_addr and low_addr is more complicated than previously + thought, and the count was wrong. (#165448). +- Drop previous patch that forcefully turns off Xen's console + logging to avoid video corruption; instead use Jan's patch which + only turns logging off when in graphical mode. (#161541) +- Include Jan's patch to call machine_halt rather than inline + assembly "hlt" when Xen crashes to sync display, disable watchdog + timers, etc. +- Tweak the auto-ballooning patch to limit the VM itself to the + requested amount of memory, don't include the overhead, as + suggested by Intel. Separate calls exist elsewhere to increase + the max as needed. (#149179) +- Include select patches from xen-3.0-testing: + + 9688, 9696: These remove some broken assembly string + functions. This is prep work from Jan for bug #160066. + + 9695: Updates in the hypervisor to EDI and ESI could be + incorrect, due to sign not being handled correctly. + +------------------------------------------------------------------- +Fri May 19 11:01:29 MDT 2006 - ccoffing@novell.com + +- Update from Intel to previous patch to fix installation of HVM + W2k. Adds decoding for two more instructions. (#176717) +- Updated the README. +- Included updated version of KY's patch to reserve some lowmem + for PAE, to avoid kernel BUG() during boot. The amounts of + memory reserved at various physical memory sizes have been + adjusted. (#175124) +- Include Intel's patch for unchecked allocations in shadow*.c. + (#149179) + +------------------------------------------------------------------- +Thu May 18 09:50:11 MDT 2006 - ccoffing@novell.com + +- Include Intel's patch to fix installation of HVM W2k. This patch + adds decoding for 'xor' and 'and' instructions. Without this, + the VM crashes when W2k attempts to install network components. + (#176717) +- While tidying xen-hvm-memory-check.diff for submission upstream, + I noticed an error in the patch (such that low-memory while + starting the HVM domain could still crash the physical machine.) + Now all uses of iopm are protected by the check. (#149179) +- Xen must always relinquish control of the VGA console once dom0 + has started. Otherwise, it could be over-writing dom0's memory, + causing screen or other memory corruption. Admin can use + "xm dmesg" to view Xen's log instead. (#161541) +- First send a SIGTERM, rather than SIGKILL, to qemu to give it a + chance to clean up. This fixes both mouse and CD-ROM issues + for fully virtualized VMs. This is a work-around; Ross is + still working on the proper fix. (#176400, #171258, #176157) +- Include select patches from xen-3.0-testing: + + 9682,9683: These patches only affect full virtualization on + AMD. Fixes register corruption, cleans up event injection, + cleans up IO handling. + + 9685,9686: This patch only affects full virtualization on + Intel. Fixes VM's segment base address, to avoid vmentry + failure. Also remove 32/64 differences in vmx reg store/load. + +------------------------------------------------------------------- +Wed May 17 14:45:46 MDT 2006 - ccoffing@novell.com + +- When auto-ballooning domain 0's memory for a new HVM domain, + all memory (including memory intended for overhead) was given + to the VM itself. So increasing the memory size calculations + did not actually free up any more memory. Now, treat the amount + to balloon and the amount to give to the VM as separate values. + (#149179) + +------------------------------------------------------------------- +Tue May 16 11:11:12 MDT 2006 - ccoffing@novell.com + +- Include Gerd's fix for HVM emulation of REP MOVS when the copy + spans a page. If the direction flag was set, the emulation code + broke. This caused the VM to freeze when configuring firewall + (#165448). +- Include KY's fix to default to reserving 16M of lowmem for PAE, + to avoid hitting kernel BUG() during boot (#175124). +- Don Dugger's (Intel) fix for HVM screen corruption (#164573). +- Increase maximum time auto-ballooning will wait for domain 0 to + respond, otherwise large VMs will fail to start from yast + (#175805). + +------------------------------------------------------------------- +Mon May 15 13:18:14 MDT 2006 - ccoffing@novell.com + +- Update memory size calculations when auto-ballooning for HVM + to make more stable (#149179). + +------------------------------------------------------------------- +Fri May 12 10:42:37 MDT 2006 - ccoffing@novell.com + +- Include select patches from xen-3.0-testing: + + 9674: xc_ptrace: Fix reversed conditional, which broke single- + stepping. + + 9675: xc_ptrace: Fix out-of-bounds memory-access for FPU state. + + 9678: Fix the performance issues of 2-level paging HVM guests + on the PAE Xen. +- Update man pages. + +------------------------------------------------------------------- +Wed May 10 12:38:14 MDT 2006 - brogers@novell.com + +- Fix loading of binary images which either require PAE or + dynamically support running on both PAE hypervisor and non-PAE + hypervisors. (#174080) + +------------------------------------------------------------------- +Wed May 10 12:36:23 MDT 2006 - carnold@novell.com + +- Handle memory failure when staring fully virtualized + guests to prevent reboot of the box (AMD) or + hanging the box (VT) (#149179). + +------------------------------------------------------------------- +Tue May 9 16:40:59 MDT 2006 - ccoffing@novell.com + +- Include select patches from xen-3.0-testing: + + 9665: Fix pciif parsing for compatibility variable. + + 9666: Fix HVM hang; was broken due to previous "hda lost + interrupt" patch. (#169146) + + 9667: Do not set GP fault in VMCS for VMX (no bug#; from Intel) + +------------------------------------------------------------------- +Thu May 4 20:53:21 MDT 2006 - cgriffin@novell.com + +- Update xen-3.0-testing tree, changeset 9664: + + Changesets 9663 and 9664 fix AMD fully virtualized + guests causing the system to reboot when + first starting up. (#169855) + +------------------------------------------------------------------- +Thu May 4 20:16:06 MDT 2006 - cgriffin@novell.com + +- With a Xen domain set up with a loop-mountable file as rootfs, + the "xm start " invocation fails. The cause is a bug + domUloader.py (#172586) + +------------------------------------------------------------------- +Thu May 4 12:52:32 MDT 2006 - rmaxfiel@novell.com + +- Added the ability to 'attach' and 'detach' removable media + devices to hvm guests. Also made cdrom eject when the eject + request comes from the hvm guest. (#159907) +- Fixed the loss of mouse when a SDL session ends with 'grab' + in effect. (#159001) + +------------------------------------------------------------------- +Thu May 4 10:42:32 MDT 2006 - cgriffin@novell.com + +- Update xen-3.0-testing tree, changeset 9661: + + Drop patches merged upstream + + Took Kier's official patches for dropped patches most + notably spurious interrupts (#152892) +- Took Intel's patch to fix screen corruption when + resizing the screen of windows hvm guests (#164573) + +------------------------------------------------------------------- +Wed May 03 11:14:40 MDT 2006 - kallan@novell.com + +- Added configuring network interfaces when using Xen bridging instructions + to the README.SuSE file as requested by bug #171533. + +------------------------------------------------------------------- +Mon May 01 09:42:25 MDT 2006 - tthomas@novell.com + +- Added message to xm save to indicate that save is not currently + supported for fully virtualized guests. (#161661) + +------------------------------------------------------------------- +Fri Apr 28 09:42:25 MDT 2006 - ccoffing@novell.com + +- Close fds before exec-ing vncviewer, so yast2-vm doesn't hang + when viewing fully-virtualized console (#168392). + +------------------------------------------------------------------- +Thu Apr 27 08:14:18 MDT 2006 - ccoffing@novell.com + +- Update xen-3.0-testing tree, changeset 9656: + + Drop patches merged upstream. + + Fix reboot on large SMP machines (IBM, no bug #). +- Integrate Jan's patches: + + Spurious interrupt roundup (#152892). + +------------------------------------------------------------------- +Mon Apr 24 15:32:32 MDT 2006 - ccoffing@novell.com + +- Integrate Jan's patches: + + FXSR patch (#135677). + + APIC option patch (work-around #150114). + + Protect against hypervisor crash (#169143). +- Update xen-3.0-testing tree, changeset 9649: + + Avoid spurious timer activations in hypervisor. + + Fix xen command line parsing (lapic / nolapic parsing). + + Fix inverted BUG_ON w.r.t. SiS APIC bug. + +------------------------------------------------------------------- +Fri Apr 21 08:56:29 MDT 2006 - ccoffing@novell.com + +- Update to 3.0.2-2 (xen-3.0-testing tree, changeset 9640): + + Fix for "hda lost interrupt" for PAE VMX. + + Increase L2 PDE to 1 GB; allows x86_64 to boot larger dom0. + + Fix for SVM booting 32pae-on-32pae. +- Drop upstream patches (SiS APIC bug, HTT, HVM interrupt race) +- Add Jan's port of spurious interrupt patch (#152892). +- Add /etc/xen/images link for convenience (#168070). +- Updated README. + +------------------------------------------------------------------- +Thu Apr 20 10:29:44 MDT 2006 - ccoffing@novell.com + +- SiS APIC bug patch (Jan Beulich, #116485). + +------------------------------------------------------------------- +Wed Apr 19 12:22:53 MDT 2006 - ccoffing@novell.com + +- Don't kill xenstored and xenconsoled when stopping xend. + (#158562, #156261) + +------------------------------------------------------------------- +Wed Apr 19 10:46:32 MDT 2006 - ccoffing@novell.com + +- Update to 3.0.2-2 (xen-3.0-testing tree, changeset 9629): + + Fix for SMP IA32 VMX guest booting. + + KY's SETMAXMEM fix. + +------------------------------------------------------------------- +Wed Apr 19 10:23:57 MDT 2006 - cgriffin@novell.com + +- Removed HTT bit from cpuid and set logical processor count to 1. + Also fixed logic problem in svm code where apic=0 was not + handled (#162244). + +------------------------------------------------------------------- +Wed Apr 19 16:41:32 CEST 2006 - agruen@suse.de + +- Create /boot symlinks in the %install section instead of in + %post so that they will end up in the package file list. + +------------------------------------------------------------------- +Tue Apr 18 15:40:41 MDT 2006 - ccoffing@novell.com + +- Add /etc/xen/vm to vm config file search path (#167208). + +------------------------------------------------------------------- +Fri Apr 14 11:05:40 MDT 2006 - kallan@novell.com + +- Add support for bonding in network-bridge. (#161678). + +------------------------------------------------------------------- +Fri Apr 14 09:27:40 MDT 2006 - ccoffing@novell.com + +- Update to 3.0.2-2 (xen-3.0-testing tree, changeset 9620): + + Fixes stack corruption in libxs (XenSource #411). + +------------------------------------------------------------------- +Thu Apr 13 09:55:02 MDT 2006 - rmaxfiel@novell.com + +- Fixed a problem in ioemu which exited when the cdrom line was + found in the guest def file but the cd device contained no media. + (#161210) + +------------------------------------------------------------------- +Wed Apr 12 12:57:23 MDT 2006 - ccoffing@novell.com + +- Auto-balloon domain 0 for HVM domains (#149179). +- Update to 3.0.2-1 (xen-3.0-testing tree, changeset 9612): + + Fixes xmlrpc issues. + + Fixes several emulated instructions for HVM. + + Fixes for x86_64 inline assembly. + +------------------------------------------------------------------- +Tue Apr 11 16:45:48 MDT 2006 - ccoffing@novell.com + +- Fix "jitter" and race in dom0's memory target calculation, which + could cause auto-ballooning to fail (#164714). + +------------------------------------------------------------------- +Tue Apr 11 05:03:34 MDT 2006 - brogers@novell.com + +- Fix problem where localtime=1 results in zombie domains after + they shutdown (#164960) + +------------------------------------------------------------------- +Mon Apr 10 09:54:49 MDT 2006 - ccoffing@novell.com + +- Update to hg 9598 (xen-3.0-testing tree; 3.0.2-rc). Discounting + Linux changes and patches we already carry, this update contains: + + Saner error handling in iret hypercall (x86/64). + + Make root page table sanity check on restore more generic. + + Additional sanity / compatability checks during guest build. + + IO-APIC update hypercall fixes. + +------------------------------------------------------------------- +Fri Apr 7 11:45:56 MDT 2006 - ccoffing@novell.com + +- Don't throw an exception if 'xm top' is run by non-root; print + error message instead (#164224). +- Change localtime patch to account for daylight savings time + (Bruce Rogers). +- Re-add patch to make tightvnc work. It was accidentally dropped + recently (#149556). + +------------------------------------------------------------------- +Thu Apr 6 09:59:03 MDT 2006 - ccoffing@novell.com + +- Update to hg 9590 (xen-3.0-testing tree; 3.0.2-rc). +- Fix type error in localtime patch for para (Bruce Rogers). +- Fix default localtime for full (Bruce Rogers). +- Fix path in mk-xen-resue-img.sh (#163622). +- Update README (pathnames, yast2-vm descriptions, terminology). + +------------------------------------------------------------------- +Tue Apr 4 01:24:01 CEST 2006 - garloff@suse.de + +- init script: Test for control_d in capabilities to determine dom0 + rather than privcmd. +- init script: Try loading netloop and backend modules. +- mk-xen-rescue-img.sh: Copy frontend drivers, remove stale files. +- example config files: provide commented out domUloader exmaples. + +------------------------------------------------------------------- +Mon Apr 3 10:13:38 MDT 2006 - ccoffing@novell.com + +- Update to hg 9514 (xen-unstable tree; 3.0.2-rc). +- Fix for rebooting (Jan Beulich; #160064). + +------------------------------------------------------------------- +Fri Mar 31 13:00:22 MST 2006 - ccoffing@novell.com + +- Update to hg 9502 (xen-unstable tree; 3.0.2-rc). +- Update man page (#162402). +- xen-tools requires python-xml (#161712). +- Include localtime patch to support NetWare (Bruce Rogers). + +------------------------------------------------------------------- +Thu Mar 30 08:56:52 MST 2006 - ccoffing@novell.com + +- Update to hg 9481 (xen-unstable tree; 3.0.2-rc). +- Correctly default XAUTHORITY if it is not set. This allows the + GUI to come up for fully virtualized guests (was especially + problematic when VM was started from YaST). (#142472) + +------------------------------------------------------------------- +Wed Mar 29 15:23:51 MST 2006 - ccoffing@novell.com + +- Fixed reversed "Do I have enough memory?" test when creating + new VMs (#156448). + +------------------------------------------------------------------- +Tue Mar 28 11:37:34 MST 2006 - ccoffing@novell.com + +- Pick up two critical fixes for AMD to fix full virtualization: + c/s 9453 & c/s 9456. + +------------------------------------------------------------------- +Thu Mar 23 14:23:32 MST 2006 - ccoffing@novell.com + +- Update to hg 9434 (xen-unstable tree; 3.0.2-rc). +- Fix /etc/xen/scripts/block to properly check if devices can be + shared. +- Default XENDOMAINS_AUTO_ONLY to true; previous setting + contradicts yast2-vm's claim that only VM's marked auto will be + auto-started. + +------------------------------------------------------------------- +Mon Mar 20 08:48:31 MST 2006 - ccoffing@novell.com + +- Update to hg 9329 (xen-unstable tree). + +------------------------------------------------------------------- +Wed Mar 15 12:20:38 MST 2006 - ccoffing@novell.com + +- Update to hg 9251 (xen-unstable tree). +- Update to latest versions of Intel's VNC patches: + patch-vga-sse2-0314.l, patch-vnc_loop-0314.l, + patch-vncmouse-0315.l +- Gather example files in /etc/xen/examples. + +------------------------------------------------------------------- +Tue Mar 14 11:00:00 MST 2006 - rmaxfiel@novell.com + +- Removed the intermediate sym-link between xen.gz and + xen--.gz. Grub 0.97 XFS can not handle a + double indirect to a file. (#151792) + +------------------------------------------------------------------- +Tue Mar 14 00:29:28 CET 2006 - garloff@suse.de + +- Update README.SuSE: Document limits (mem, cpu hotplug, max_loop), + more network troubleshooting, update security info. +- Be more tolerant against errors in ifdown/ifup to better coexist + with non-std network setups (e.g. ifplugd/NetworkManager). + +------------------------------------------------------------------- +Tue Mar 7 10:56:36 MST 2006 - ccoffing@novell.com + +- Update to hg 9172 (xen-unstable tree). +- Create new xen-libs package, split from xen-tools (#154473). +- Update mk-xen-rescume-img and xmexample.rescue to work with + current rescue image on CD (#152971). +- Include Kurt's patch to domUloader, to pass command line args. +- xendomains shouldn't try to migrate or save HVM domains, as this + isn't supported and will stall the shutdown (#155265). +- Create empty /etc/xen/vm directory for YaST to place config files + in, to avoid name collisions (#156322). +- Update and re-enable vga patch from Intel (Don Dugger). VGA + emul is faster and not corrupted. +- ifup is run to ensure IPs are assigned before rearranging for + xen, but this can fail with ifplugd; this should not kill the + whole script (Kirk Allan) (#154115). +- Make network-bridge script more robust, by checking /sys instead + of grep-ing. + +------------------------------------------------------------------- +Mon Mar 6 12:27:19 MST 2006 - ccoffing@novell.com + +- Update to hg 9148 (xen-unstable tree). Drop patches merged + upstream. +- More README improvements (#154134). +- Fix "vncviewer=1" to bring up vncviewer (#149556). + +------------------------------------------------------------------- +Mon Mar 6 09:58:24 MST 2006 - ccoffing@novell.com + +- Fix build of hvmloader and vmxassist by removing external + CFLAGS (XS changeset #9110). +- Fix build by forcing --prefix during installation of *.py. + +------------------------------------------------------------------- +Wed Mar 1 17:45:52 MST 2006 - ccoffing@novell.com + +- Update to hg 9029 (xen-unstable tree). Adds support for HVM on + 64 bit hardware. +- Update vncmouse diff to 20060301 from Intel; compensates for lack + of eager events in our LibVNCServer. +- Fix many bugs in lomount. +- Cap maximum value of "xm mem-set" for domain 0, based on size of + dom0's page tables (#152667). + +------------------------------------------------------------------- +Mon Feb 27 09:37:38 MST 2006 - ccoffing@novell.com + +- Update to hg 9015 (xen-unstable tree). More bug fixes. +- Update patch to better honor RPM_OPT_FLAGS. +- Updated README (#154134). +- Disable xen-vga-0213 patch; it speeds VGA updates but was + corrupting the display. +- Change max mouse polling time from 1ms to 10ms to reduce CPU + load (from Intel). + +------------------------------------------------------------------- +Thu Feb 23 13:26:07 MST 2006 - ccoffing@novell.com + +- Update to hg 8954 (xen-unstable tree). More bug fixes. +- Don't use a dummy IP of 1.2.3.4 for NFS server when booting domU + with DHCP. Seems to hang x86_64 Linux. +- Remove unnecessary x86_64 patch. +- Fix auto-ballooning of dom0 memory for HVM domUs (XenSource bug + 521). + +------------------------------------------------------------------- +Tue Feb 21 15:07:43 MST 2006 - ccoffing@novell.com + +- Update to hg 8920 (xen-unstable tree). Fixes instruction decode + for fully virtualized guests, fixing booting from CDs. +- Integrate 3 patches from Intel, to improve VNC performance. + +------------------------------------------------------------------- +Tue Feb 21 08:42:37 MST 2006 - ccoffing@novell.com + +- Update to hg 8910 (xen-unstable tree). + fixes 32 on 32, 32 pae on 32pae, 64 on 64, 32 on 64. + critical HVM fixes, for fully virtualized guests. + +------------------------------------------------------------------- +Fri Feb 17 08:27:11 MST 2006 - ccoffing@novell.com + +- Update to hg 8870 (xen-unstable tree). More HVM fixes. +- Remove duplicate balloon.free call. +- Add patch from Intel to fix dom0 crash on 64 bit SMP HVM. + +------------------------------------------------------------------- +Thu Feb 16 16:16:11 MST 2006 - carnold@novell.com + +- Update to hg 8858 (xen-unstable tree). + +------------------------------------------------------------------- +Wed Feb 15 08:31:19 MST 2006 - ccoffing@novell.com + +- Update to hg 8857 (xen-unstable tree). Syncs hypervisor core + with Linux 2.6.16, which may fix some ACPI issues. Fixes HVM. +- Fix uninitialized variable in xc_load_bin (from Bruce Rogers). +- Auto-balloon dom0 for fully virtualized domains (#149179). +- xen-doc-html was missing image files. + +------------------------------------------------------------------- +Mon Feb 13 12:20:03 MST 2006 - ccoffing@novell.com + +- Update to hg 8830 (xen-unstable tree). +- Restore cs 8783/8792 to match kernel. + +------------------------------------------------------------------- +Wed Feb 8 11:58:40 MST 2006 - ccoffing@novell.com + +- Update to hg 8800 (xen-unstable tree). +- Update BuildRequires. +- Add "max-free-memory" to "xm info", to support yast2-vm (#147612) +- Insserv xendomains, to support yast2-vm. +- Fix exit code of "xend stop". +- Revert cs 8783/8792 to allow xenstore to start (until kernel + catches up). +- Ensure eth0 aka veth0 really comes up in network-bridge. + +------------------------------------------------------------------- +Sat Feb 4 18:47:41 CET 2006 - mls@suse.de + +- converted neededforbuild to BuildRequires + +------------------------------------------------------------------- +Fri Jan 27 11:24:37 MST 2006 - ccoffing@novell.com + +- Update to hg 8728 (xen-unstable tree). +- Improve network-bridge: + + Ensure netdev really is up, to fix STARTMODE="manual". + + Stop ifplugd when doing ifdown, to fix STARTMODE="ifplugd". + + Improve check for whether bridge already exists. + + Improve defaults for netdev. +- Fix log rotate so xend moves to new log. +- xen-tools "Requires" python, et.al.; xen proper doesn't. +- Revamp mk-xen-rescue-img.sh (#118566). +- Revamp rcxendomains: improved output, error checking, return + values (#143754, #105677). + +------------------------------------------------------------------- +Tue Jan 24 14:49:09 MST 2006 - ccoffing@novell.com + +- Update to hg 8659 (xen-unstable tree). + +------------------------------------------------------------------- +Mon Jan 23 14:46:54 MST 2006 - ccoffing@novell.com + +- Correct return values and improve messages of init scripts. + +------------------------------------------------------------------- +Fri Jan 20 14:10:40 MST 2006 - ccoffing@novell.com + +- Use domUloader instead of pygrub. + +------------------------------------------------------------------- +Thu Jan 19 15:24:28 MST 2006 - carnold@novell.com + +- Build based on the xen-unstable.hg 8628 + +------------------------------------------------------------------- +Wed Jan 18 11:45:50 MST 2006 - carnold@novell.com + +- Update to hg 8646 xen-unstable-hvm.hg tree. + +------------------------------------------------------------------- +Fri Jan 13 11:05:06 MST 2006 - ccoffing@novell.com + +- Allow version string "XEN_VER=3.0" instead of just + "XEN_VER=xen-3.0" for backwards compatibility. +- Correctly set changeset in compile.h. + +------------------------------------------------------------------- +Thu Jan 12 15:39:00 MST 2006 - carnold@novell.com + +- Added two patches from AMD that apply to the 8513 changeset. + +------------------------------------------------------------------- +Thu Jan 12 11:39:17 CET 2006 - kukuk@suse.de + +- Add libreiserfs-devel to nfb. + +------------------------------------------------------------------- +Wed Jan 11 11:14:20 MST 2006 - carnold@novell.com + +- Update to hg 8513 xen-unstable-hvm.hg tree. + +------------------------------------------------------------------- +Tue Jan 10 13:13:24 MST 2006 - ccoffing@novell.com + +- Update to hg 8269 (xen-3.0-testing). +- Support try-restart in init scripts. +- Clean up installation of udev rules. + +------------------------------------------------------------------- +Wed Dec 14 13:05:07 MST 2005 - ccoffing@novell.com + +- Update to hg 8257 (xen-3.0-testing). +- Update documentation. +- Fix gcc 4.1 warnings. + +------------------------------------------------------------------- +Wed Dec 7 13:39:00 MST 2005 - ccoffing@novell.com + +- Update to hg 8241 (xen-3.0-testing). + +------------------------------------------------------------------- +Mon Nov 28 16:30:02 MST 2005 - ccoffing@novell.com + +- Update to hg 8073. +- Rationalize command names (eg, setsize -> xentrace-setsize). +- Fix gcc 4.1 warnings. + +------------------------------------------------------------------- +Wed Nov 16 13:40:03 MST 2005 - ccoffing@novell.com + +- Update to hg 7782. +- Honor RPM_OPT_FLAGS better. +- Include a few simple, obvious fixes from upstream. +- Build xm-test package. +- Update udev scripts. + +------------------------------------------------------------------- +Mon Nov 14 16:43:10 MST 2005 - ccoffing@novell.com + +- Includes upstream fixes to fix i586 save/restore. + +------------------------------------------------------------------- +Thu Nov 10 13:23:13 MST 2005 - ccoffing@novell.com + +- Include a few simple, obvious fixes: 7609, 7618, 7636, 7689, + 7690, 7692, 7696 + +------------------------------------------------------------------- +Thu Nov 3 10:26:32 MST 2005 - ccoffing@novell.com + +- Update to hg 7608. +- Fix warn_unused_result warnings. +- Drop some patches (merged upstream) +- Tidy README.SuSE. + +------------------------------------------------------------------- +Tue Nov 1 13:08:06 MST 2005 - ccoffing@novell.com + +- Update to hg 7583. + +------------------------------------------------------------------- +Thu Oct 20 21:16:07 CEST 2005 - ccoffing@novell.com + +- Don't mention unwritten man pages. +- Update xmexample* to match SUSE paths. +- Update xs-include patch. + +------------------------------------------------------------------- +Wed Oct 19 12:11:35 CEST 2005 - garloff@suse.de + +- Avoid race in watchdog functionality. +- Improve network-bridge script. + +------------------------------------------------------------------- +Tue Oct 18 22:34:41 CEST 2005 - garloff@suse.de + +- Ignore zombies in the xendomains shutdown procedure and have a + configurable timeout for the commands. Make xendomains status + report something useful. +- Make xendomains script comaptible to non-SUSE distros. + +------------------------------------------------------------------- +Mon Oct 17 23:38:58 CEST 2005 - garloff@suse.de + +- Update to hg 7398. + +------------------------------------------------------------------- +Mon Oct 17 15:41:07 CEST 2005 - garloff@suse.de + +- Create useful xendomains init script and sysconfig file. + +------------------------------------------------------------------- +Mon Oct 17 10:44:11 CEST 2005 - garloff@suse.de + +- Create symlinks also for -pae and -dbg hypervisor. +- Build doxygen documentation. +- Include block-nbd script and xen-nbd example config. +- Include patchset info. + +------------------------------------------------------------------- +Wed Oct 12 13:31:06 CEST 2005 - garloff@suse.de + +- Update docu. +- Enable xen-dbg hypervisor for gdbserver domU debugging. + +------------------------------------------------------------------- +Tue Oct 11 20:40:58 CEST 2005 - garloff@suse.de + +- Update docu. +- Update to hg 7313. +- Move libxenstore.so to xen-tools. + +------------------------------------------------------------------- +Tue Oct 11 12:09:24 CEST 2005 - garloff@suse.de + +- Fix buglet in /sbin/xen-vbd. + +------------------------------------------------------------------- +Mon Oct 10 13:18:20 CEST 2005 - garloff@suse.de + +- Downgrade to hg 7267. +- Add troubleshooting section to README.SUSE. + +------------------------------------------------------------------- +Mon Oct 10 11:14:43 CEST 2005 - garloff@suse.de + +- Fix typo in SrvDomain for mem-set operation. +- Workaround: write directly to balloon in dom0 setMemoryTarget. +- Kill xenconsoled and xenstored in rcxend stop. + +------------------------------------------------------------------- +Sun Oct 9 21:25:22 CEST 2005 - garloff@suse.de + +- Update to hg 7278. +- Provide udev rules to setup vifs and vbds in dom0 when domUs + boot (kraxel). +- Change default FS size for rescue images to 80MB. + +------------------------------------------------------------------- +Sat Sep 10 12:23:11 CEST 2005 - garloff@suse.de + +- Update to hg 6715. +- Fix network-bridge down. + +------------------------------------------------------------------- +Thu Sep 8 01:37:40 CEST 2005 - garloff@suse.de + +- Build PAE version along non-PAE version of Hypervisor. + +------------------------------------------------------------------- +Tue Sep 6 23:07:54 CEST 2005 - garloff@suse.de + +- Try to fix network bridge down issue. +- Document netowrking and firewalling caveats in README.SUSE. +- Enable PAE. + +------------------------------------------------------------------- +Tue Sep 6 22:53:08 CEST 2005 - garloff@suse.de + +- Update to hg 6644. + +------------------------------------------------------------------- +Sun Sep 4 23:03:12 CEST 2005 - garloff@suse.de + +- Update to hg 6610. +- Rename default name of xen-br0 to xenbr0. +- Fix pygrub installation. +- Use libreiserfs to support pygrub on reiser. + +------------------------------------------------------------------- +Mon Aug 29 21:39:58 CEST 2005 - ccoffing@novell.com + +- xen-bridge-net.diff: do not destroy domain 0's network setup + when starting xend. + +------------------------------------------------------------------- +Mon Aug 29 15:31:57 CEST 2005 - garloff@suse.de + +- Update to hg 6458. +- Drop privileged port check -- we use Unix dom sockets anyway + (#105178). +- init.xend: Fix linebreaks in PID list. +- Correctly assign insserv to xen-tools subpackage. + +------------------------------------------------------------------- +Thu Aug 25 18:10:15 CEST 2005 - garloff@suse.de + +- Add dirs /var/run/xenstored and /var/lib/xenstored. + +------------------------------------------------------------------- +Thu Aug 25 13:45:17 CEST 2005 - garloff@suse.de + +- Update to hg 6393. + +------------------------------------------------------------------- +Mon Aug 22 14:23:00 CEST 2005 - garloff@suse.de + +- Update to hg 6315. +- Include linux-public headers in xen-devel package. + +------------------------------------------------------------------- +Sun Aug 21 22:55:06 CEST 2005 - garloff@suse.de + +- Update to hg 6305. + +------------------------------------------------------------------- +Sun Aug 21 03:33:31 CEST 2005 - garloff@suse.de + +- Update to hg 6299. +- Enable VNC support (depending on LibVNCServer). + +------------------------------------------------------------------- +Sun Aug 21 02:41:34 CEST 2005 - garloff@suse.de + +- Split off xen-tools-ioemu for supporting unmodified guests. + +------------------------------------------------------------------- +Sat Aug 20 03:21:32 CEST 2005 - garloff@suse.de + +- Enable pygrub (at the cost of depending on e2fsprogs-devel) +- Enable VMX ioemu SDL support (at the cost of many dependencies) + +------------------------------------------------------------------- +Fri Aug 19 20:46:22 CEST 2005 - garloff@suse.de + +- Update to mercurial changeset 6223. +- Move /usr/libexec/xen/ to /usr/lib[64]/xen/bin/. +- Split off -tools package. + +------------------------------------------------------------------- +Mon Aug 15 15:24:05 CEST 2005 - garloff@suse.de + +- Create symlinks in %post. +- Update README.SUSE. +- Mark /etc/xen/ as %config(noreplace). +- Fix x86-64 build (movl -> mov, lib vs. lib64 inst dirs). +- Remove PYTHONOPTIMIZE. + +------------------------------------------------------------------- +Tue Aug 2 17:59:06 CEST 2005 - ccoffing@novell.com + +- Fix warn_unused_result warnings + +------------------------------------------------------------------- +Thu Jul 28 17:37:19 CEST 2005 - ccoffing@novell.com + +- Update to latest 3.0-unstable snapshot. + +------------------------------------------------------------------- +Wed Jul 13 20:41:06 CEST 2005 - ccoffing@novell.com + +- Fixed bug in glibc24 patch that caused erroneous "out of memory" + errors + +------------------------------------------------------------------- +Fri Jun 24 20:18:02 CEST 2005 - ccoffing@novell.com + +- Fix gcc4 patch that caused a panic in Xen at boot. + +------------------------------------------------------------------- +Fri Jun 24 16:11:20 CEST 2005 - ccoffing@novell.com + +- Fix xen-syms link. + +------------------------------------------------------------------- +Fri Jun 17 20:35:09 CEST 2005 - ccoffing@novell.com + +- Fix version-check in NetWare loader (0x336ec577 -> 0x326ec578). + +------------------------------------------------------------------- +Fri Jun 17 18:38:51 CEST 2005 - ccoffing@novell.com + +- Backport NetWare-friendly loader from Xen 3.0. + +------------------------------------------------------------------- +Thu Jun 16 23:18:30 CEST 2005 - ccoffing@novell.com + +- Destroy domains that failed to be fully created. + +------------------------------------------------------------------- +Fri Jun 10 15:42:00 CEST 2005 - garloff@suse.de + +- Update to latest 2.0-testing snapshot. +- Use RPM version and release no as xen version. + +------------------------------------------------------------------- +Wed Jun 8 02:13:40 CEST 2005 - garloff@suse.de + +- Update mk-xen-rescue-img.sh script: Handle SLES9 better. +- Export PYTHONOPTIMIZE in xend start script. + +------------------------------------------------------------------- +Tue Jun 7 00:59:47 CEST 2005 - garloff@suse.de + +- Merge _perform_err fixes. + +------------------------------------------------------------------- +Mon May 23 21:49:00 CEST 2005 - ccoffing@novell.com + +- update to 2.0.6 + +------------------------------------------------------------------- +Wed Apr 13 22:15:45 CEST 2005 - garloff@suse.de + +- More gcc4 and binutils related fixes. + +------------------------------------------------------------------- +Wed Apr 13 16:28:37 CEST 2005 - garloff@suse.de + +- Build fixes for gcc4. + +------------------------------------------------------------------- +Sun Apr 3 23:52:08 CEST 2005 - garloff@suse.de + +- Update xen: Various fixes (scheduling, memset, domain crash + handling) and enhancements (bg page scrubbing). + +------------------------------------------------------------------- +Thu Mar 24 15:36:39 CET 2005 - garloff@suse.de + +- xen-bridge-net.diff: Make sure bridge netdev is up after adding + addresses to it. + +------------------------------------------------------------------- +Wed Mar 23 15:59:27 CET 2005 - garloff@suse.de + +- xen-secure.diff: Check for privileged port before allowing + certain control operations. +- README.SUSE: Document this change. + +------------------------------------------------------------------- +Wed Mar 23 13:29:19 CET 2005 - garloff@suse.de + +- Require ports < 1024 to allow controlling VMs. + +------------------------------------------------------------------- +Mon Mar 21 19:54:38 CET 2005 - garloff@suse.de + +- Update xen. + +------------------------------------------------------------------- +Wed Mar 16 23:53:27 CET 2005 - garloff@suse.de + +- Update xen. +- Add /var/lib/xen/xen-db/ subdirs. + +------------------------------------------------------------------- +Sun Mar 13 12:24:14 CET 2005 - garloff@suse.de + +- Update to post-2.0.5 +- Make /usr/sbin/xm root:trusted 0750 +- Drop some patches (merged upstream) + +------------------------------------------------------------------- +Tue Mar 8 11:58:32 CET 2005 - garloff@suse.de + +- Update README with security notes. +- Update mk-xen-rescue-image.sh script allowing to specify the + kernel version to be used. +- Rather than busy-looping, exit console on a domain that has + shutdown. + +------------------------------------------------------------------- +Mon Mar 7 17:26:38 CET 2005 - garloff@suse.de + +- Update xen to latest snapshot. +- tgif not needed any more. + +------------------------------------------------------------------- +Tue Mar 1 20:32:39 CET 2005 - garloff@suse.de + +- Include serial-split from Charles Coffing. + +------------------------------------------------------------------- +Tue Mar 1 07:21:11 CET 2005 - garloff@suse.de + +- Update xen to latest snapshot. + +------------------------------------------------------------------- +Mon Feb 21 13:50:35 CET 2005 - garloff@suse.de + +- Update README.SuSE. +- Update xen to latest snapshot. + +------------------------------------------------------------------- +Sun Feb 13 17:09:03 CET 2005 - garloff@suse.de + +- Add init header to xendomains init script. +- Add bridge-utils dependency. +- Update config file and README. +- Activate xend init script on installation. + +------------------------------------------------------------------- +Thu Feb 10 02:31:27 CET 2005 - ro@suse.de + +- remove te_etex and te_pdf from neededforbuild. + +------------------------------------------------------------------- +Thu Feb 10 02:24:46 CET 2005 - garloff@suse.de + +- Update README about IDE dma. +- Default to dhcp. + +------------------------------------------------------------------- +Wed Feb 9 22:05:39 CET 2005 - garloff@suse.de + +- Update to xen post-2.0.4. +- Little bugfix for xen rescue install script. +- Update README.SUSE: Better explanation of root FS creation. + +------------------------------------------------------------------- +Mon Jan 24 03:09:50 CET 2005 - garloff@suse.de + +- Change some defaults to be more secure (xend only binds to + localhost, ip spoof protection on). +- Avoid ipv6 issue with xend network script. +- Extensive docu in README.SUSE now. +- mk-xen-rescue-img.sh creates a xen root fs image from the std + SUSE rescue image. +- Put boot.local script in root img to parse ip boot par. + +------------------------------------------------------------------- +Thu Jan 20 14:48:29 CET 2005 - garloff@suse.de + +- Update to newer snapshot. + +------------------------------------------------------------------- +Thu Jan 20 03:05:11 CET 2005 - garloff@suse.de + +- Update to xen-2.0-unstable (post 2.0.3). + +------------------------------------------------------------------- +Thu Dec 9 10:57:17 CET 2004 - garloff@suse.de + +- Initial creation of package xen, xen-doc-*. +- i686 only for now. + diff --git a/xen.libxl.dmmd.patch b/xen.libxl.dmmd.patch new file mode 100644 index 0000000..4d12172 --- /dev/null +++ b/xen.libxl.dmmd.patch @@ -0,0 +1,123 @@ +References: bsc#954872 + +--- + tools/libxl/libxl.c | 4 ++++ + tools/libxl/libxl_device.c | 3 ++- + tools/libxl/libxl_dm.c | 34 +++++++++++++++++++++++++++++----- + tools/libxl/libxlu_disk_l.l | 2 ++ + 4 files changed, 37 insertions(+), 6 deletions(-) + +Index: xen-4.18.0-testing/tools/libs/light/libxl_disk.c +=================================================================== +--- xen-4.18.0-testing.orig/tools/libs/light/libxl_disk.c ++++ xen-4.18.0-testing/tools/libs/light/libxl_disk.c +@@ -203,7 +203,7 @@ static int libxl__device_disk_setdefault + return rc; + } + +-static int libxl__device_from_disk(libxl__gc *gc, uint32_t domid, ++int libxl__device_from_disk(libxl__gc *gc, uint32_t domid, + const libxl_device_disk *disk, + libxl__device *device) + { +@@ -372,6 +372,10 @@ static void device_disk_add(libxl__egc * + rc = ERROR_FAIL; + goto out; + case LIBXL_DISK_BACKEND_QDISK: ++ if (disk->script) { ++ script = libxl__abs_path(gc, disk->script, libxl__xen_script_dir_path()); ++ flexarray_append_pair(back, "script", script); ++ } + flexarray_append(back, "params"); + flexarray_append(back, GCSPRINTF("%s:%s", + libxl__device_disk_string_of_format(disk->format), +Index: xen-4.18.0-testing/tools/libs/light/libxl_device.c +=================================================================== +--- xen-4.18.0-testing.orig/tools/libs/light/libxl_device.c ++++ xen-4.18.0-testing/tools/libs/light/libxl_device.c +@@ -333,7 +333,8 @@ static int disk_try_backend(disk_try_bac + return 0; + + case LIBXL_DISK_BACKEND_QDISK: +- if (a->disk->script) goto bad_script; ++ LOG(DEBUG, "Disk vdev=%s, uses script=%s on %s backend", ++ a->disk->vdev, a->disk->script, libxl_disk_backend_to_string(backend)); + return backend; + + case LIBXL_DISK_BACKEND_STANDALONE: +Index: xen-4.18.0-testing/tools/libs/light/libxl_dm.c +=================================================================== +--- xen-4.18.0-testing.orig/tools/libs/light/libxl_dm.c ++++ xen-4.18.0-testing/tools/libs/light/libxl_dm.c +@@ -1197,6 +1197,30 @@ out: + return rc; + } + ++static void libxl__suse_node_to_path(libxl__gc *gc, int domid, const libxl_device_disk *dp, const char **pdev_path) ++{ ++ libxl_ctx *ctx = libxl__gc_owner(gc); ++ char *be_path, *node; ++ libxl__device device; ++ libxl_device_disk disk; ++ int rc; ++ ++ disk = *dp; ++ rc = libxl__device_from_disk(gc, domid, &disk, &device); ++ if (rc) { ++ LIBXL__LOG(ctx, LIBXL__LOG_WARNING, "libxl__device_from_disk failed %d", rc); ++ return; ++ } ++ be_path = libxl__device_backend_path(gc, &device); ++ ++ node = libxl__xs_read(gc, XBT_NULL, libxl__sprintf(gc, "%s/node", be_path)); ++ if (!node) ++ return; ++ ++ LIBXL__LOG(ctx, LIBXL__LOG_WARNING, "replacing '%s' with '%s' from %s/node, just for qemu-xen", *pdev_path, node, be_path); ++ *pdev_path = node; ++} ++ + static int libxl__build_device_model_args_new(libxl__gc *gc, + const char *dm, int guest_domid, + const libxl_domain_config *guest_config, +@@ -1885,9 +1909,11 @@ static int libxl__build_device_model_arg + libxl__device_disk_dev_number(disks[i].vdev, &disk, &part); + const char *format; + char *drive; +- const char *target_path = NULL; ++ const char *target_path = disks[i].pdev_path; + int colo_mode; + ++ libxl__suse_node_to_path(gc, guest_domid, disks + i, &target_path); ++ + if (dev_number == -1) { + LOGD(WARN, guest_domid, "unable to determine"" disk number for %s", + disks[i].vdev); +Index: xen-4.18.0-testing/tools/libs/util/libxlu_disk_l.l +=================================================================== +--- xen-4.18.0-testing.orig/tools/libs/util/libxlu_disk_l.l ++++ xen-4.18.0-testing/tools/libs/util/libxlu_disk_l.l +@@ -253,6 +253,8 @@ target=.* { STRIP(','); SAVESTRING("targ + free(newscript); + } + ++dmmd:/.* { DPC->had_depr_prefix=1; DEPRECATE(0); } ++npiv:/.* { DPC->had_depr_prefix=1; DEPRECATE(0); } + tapdisk:/.* { DPC->had_depr_prefix=1; DEPRECATE(0); } + tap2?:/.* { DPC->had_depr_prefix=1; DEPRECATE(0); } + aio:/.* { DPC->had_depr_prefix=1; DEPRECATE(0); } +Index: xen-4.18.0-testing/tools/libs/light/libxl_internal.h +=================================================================== +--- xen-4.18.0-testing.orig/tools/libs/light/libxl_internal.h ++++ xen-4.18.0-testing/tools/libs/light/libxl_internal.h +@@ -2073,6 +2073,10 @@ _hidden char *libxl__object_to_json(libx + _hidden int libxl__cpuid_legacy(libxl_ctx *ctx, uint32_t domid, bool retore, + libxl_domain_build_info *info); + ++_hidden int libxl__device_from_disk(libxl__gc *gc, uint32_t domid, ++ const libxl_device_disk *disk, ++ libxl__device *device); ++ + /* Calls poll() again - useful to check whether a signaled condition + * is still true. Cannot fail. Returns currently-true revents. */ + _hidden short libxl__fd_poll_recheck(libxl__egc *egc, int fd, short events); diff --git a/xen.spec b/xen.spec new file mode 100644 index 0000000..d1043e9 --- /dev/null +++ b/xen.spec @@ -0,0 +1,1245 @@ +# +# spec file for package xen +# +# Copyright (c) 2023 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# +# needssslcertforbuild + + +#Compat macro for new _fillupdir macro introduced in Nov 2017 +%if ! %{defined _fillupdir} + %define _fillupdir /var/adm/fillup-templates +%endif + +# Tumbleweed now defines _libexecdir as /usr/libexec +# Keep it at the original location (/usr/lib) for backward compatibility +%define _libexecdir /usr/lib + +Name: xen +ExclusiveArch: %ix86 x86_64 aarch64 +%define xen_build_dir xen-4.18.0-testing +# +%define with_gdbsx 0 +%define with_dom0_support 0 +%ifarch x86_64 +%bcond_without xen_debug +%bcond_without xen_stubdom +%else +%bcond_with xen_debug +%bcond_with xen_stubdom +%endif +# +%define qemu_arch i386 +%ifarch x86_64 +%define with_gdbsx 1 +%define with_dom0_support 1 +%endif +# +%ifarch %arm aarch64 +%define with_dom0_support 1 +%define qemu_arch aarch64 +%endif +# +%define xen_install_suffix %{nil} +%ifarch x86_64 +%define xen_install_suffix .gz +%endif +# EFI requires gcc 4.6 or newer +# gcc46 is available in 12.1 or sles11sp2 +# gcc47 is available in sles11sp3 +# gcc48 is available in sles11sp4 +# 12.2+ have gcc 4.7 as default compiler +%define with_gcc47 0 +%define with_gcc48 0 +%define _fwdefdir /etc/sysconfig/SuSEfirewall2.d/services +%systemd_requires +BuildRequires: pkgconfig(libsystemd) +%define with_systemd_modules_load %{_prefix}/lib/modules-load.d +PreReq: %fillup_prereq +%ifarch %arm aarch64 +%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120200 ) +BuildRequires: libfdt-devel +%else +BuildRequires: libfdt1-devel +%endif +%endif +BuildRequires: bison +BuildRequires: fdupes +%if 0%{?suse_version} > 1315 +BuildRequires: figlet +%endif +BuildRequires: flex +BuildRequires: glib2-devel +BuildRequires: libaio-devel +BuildRequires: libbz2-devel +BuildRequires: libnl3-devel +BuildRequires: libpixman-1-0-devel +BuildRequires: libuuid-devel +BuildRequires: libxml2-devel +BuildRequires: libyajl-devel +%if %{with xen_stubdom} +%if 0%{?suse_version} < 1230 +BuildRequires: texinfo +%else +BuildRequires: makeinfo +%endif +%endif +BuildRequires: acpica +BuildRequires: ncurses-devel +BuildRequires: openssl-devel +BuildRequires: python3-devel +BuildRequires: xz-devel +BuildRequires: pkgconfig(systemd) +%ifarch x86_64 +BuildRequires: gcc-32bit +BuildRequires: gcc-c++ +%if %{?with_gcc47}0 +BuildRequires: gcc47 +%endif +%if %{?with_gcc48}0 +BuildRequires: gcc48 +%endif +BuildRequires: glibc-32bit +BuildRequires: glibc-devel-32bit +BuildRequires: makeinfo +%endif +%ifarch x86_64 +BuildRequires: pesign-obs-integration +%endif +Provides: installhint(reboot-needed) + +Version: 4.18.0_04 +Release: 0 +Summary: Xen Virtualization: Hypervisor (aka VMM aka Microkernel) +License: GPL-2.0-only +Group: System/Kernel +Source0: xen-4.18.0-testing-src.tar.bz2 +Source1: stubdom.tar.bz2 +Source2: mini-os.tar.bz2 +Source9: xen.changes +Source10: README.SUSE +Source11: boot.xen +Source12: boot.local.xenU +Source13: xen-supportconfig +Source14: logrotate.conf +Source21: block-npiv-common.sh +Source22: block-npiv +Source23: block-npiv-vport +Source24: block-dmmd +# Xen API remote authentication sources +Source30: etc_pam.d_xen-api +Source31: xenapiusers +# Init script and sysconf file for pciback +Source34: init.pciback +Source35: sysconfig.pciback +Source36: xen2libvirt.py +# Systemd service files +Source41: xencommons.service +Source42: xen-dom0-modules.service +Source10172: xendomains-wait-disks.sh +Source10173: xendomains-wait-disks.LICENSE +Source10174: xendomains-wait-disks.README.md +Source10183: xen_maskcalc.py +# For xen-libs +Source99: baselibs.conf +# Upstream patches +Patch1: 654370e2-x86-x2APIC-remove-ACPI_FADT_APIC_CLUSTER-use.patch +Patch2: 65437103-x86-i8259-dont-assume-IRQs-always-target-CPU0.patch +Patch3: 655b2ba9-fix-sched_move_domain.patch +# EMBARGOED security fixes +# libxc +Patch301: libxc-bitmap-long.patch +Patch302: libxc-sr-xl-migration-debug.patch +Patch303: libxc-sr-readv_exact.patch +Patch304: libxc-sr-save-show_transfer_rate.patch +Patch305: libxc-sr-save-mfns.patch +Patch306: libxc-sr-save-types.patch +Patch307: libxc-sr-save-errors.patch +Patch308: libxc-sr-save-iov.patch +Patch309: libxc-sr-save-rec_pfns.patch +Patch310: libxc-sr-save-guest_data.patch +Patch311: libxc-sr-save-local_pages.patch +Patch312: libxc-sr-restore-pfns.patch +Patch313: libxc-sr-restore-types.patch +Patch314: libxc-sr-restore-mfns.patch +Patch315: libxc-sr-restore-map_errs.patch +Patch316: libxc-sr-restore-populate_pfns-pfns.patch +Patch317: libxc-sr-restore-populate_pfns-mfns.patch +Patch318: libxc-sr-restore-read_record.patch +Patch319: libxc-sr-restore-handle_buffered_page_data.patch +Patch320: libxc-sr-restore-handle_incoming_page_data.patch +Patch321: libxc-sr-LIBXL_HAVE_DOMAIN_SUSPEND_PROPS.patch +Patch322: libxc-sr-precopy_policy.patch +Patch323: libxc-sr-max_iters.patch +Patch324: libxc-sr-min_remaining.patch +Patch325: libxc-sr-abort_if_busy.patch +Patch326: libxc-sr-xg_sr_bitmap.patch +Patch327: libxc-sr-xg_sr_bitmap-populated_pfns.patch +Patch328: libxc-sr-restore-hvm-legacy-superpage.patch +Patch329: libxc-sr-track-migration-time.patch +Patch330: libxc-sr-number-of-iterations.patch +# Our platform specific patches +Patch400: xen-destdir.patch +Patch401: vif-bridge-no-iptables.patch +Patch402: vif-bridge-tap-fix.patch +Patch403: xl-conf-default-bridge.patch +Patch404: xl-conf-disable-autoballoon.patch +Patch405: xen-arch-kconfig-nr_cpus.patch +Patch406: suse-xendomains-service.patch +Patch407: replace-obsolete-network-configuration-commands-in-s.patch +Patch408: ignore-ip-command-script-errors.patch +# Needs to go upstream +Patch420: suspend_evtchn_lock.patch +Patch421: vif-route.patch +# Other bug fixes or features +Patch450: xen.sysconfig-fillup.patch +Patch451: xenconsole-no-multiple-connections.patch +Patch452: hibernate.patch +Patch453: stdvga-cache.patch +Patch454: xl-save-pc.patch +Patch455: pygrub-boot-legacy-sles.patch +Patch456: pygrub-handle-one-line-menu-entries.patch +Patch461: libxl.max_event_channels.patch +Patch463: libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch +Patch464: xen.libxl.dmmd.patch +Patch465: xenstore-run-in-studomain.patch +Patch466: libxl.helper_done-crash.patch +Patch467: libxl.LIBXL_HOTPLUG_TIMEOUT.patch +# python3 conversion patches +Patch500: build-python3-conversion.patch +Patch501: migration-python3-conversion.patch +Patch502: bin-python3-conversion.patch +# Hypervisor and PV driver Patches +Patch600: xen.bug1026236.suse_vtsc_tolerance.patch +Patch601: x86-ioapic-ack-default.patch +Patch602: xenwatchdogd-restart.patch +Patch621: xen.build-compare.doc_html.patch +# Build patches +URL: http://www.cl.cam.ac.uk/Research/SRG/netos/xen/ +BuildRoot: %{_tmppath}/%{name}-%{version}-build +%define pyver %(python3 -c "import sys; print(sys.version.rpartition('.')[0])") + +%description +Xen is a virtual machine monitor for x86 that supports execution of +multiple guest operating systems with unprecedented levels of +performance and resource isolation. + +This package contains the Xen Hypervisor. (tm) + +[Hypervisor is a trademark of IBM] + +%package libs +Summary: Xen Virtualization: Libraries +License: GPL-2.0-only +Group: System/Kernel + +%description libs +Xen is a virtual machine monitor for x86 that supports execution of +multiple guest operating systems with unprecedented levels of +performance and resource isolation. + +This package contains the libraries used to interact with the Xen +virtual machine monitor. + +In addition to this package you need to install xen and xen-tools +to use Xen. + + +Authors: +-------- + Ian Pratt + + +%if %{?with_dom0_support}0 + +%package tools +Summary: Xen Virtualization: Control tools for domain 0 +License: GPL-2.0-only +Group: System/Kernel +%if 0%{?suse_version} > 1500 +BuildRequires: pam-devel +%endif +%ifarch x86_64 +%if 0%{?suse_version} >= 1315 +Requires: grub2-x86_64-xen +%endif +Recommends: qemu-ovmf-x86_64 +Requires: qemu-x86 +%endif +%ifarch %arm aarch64 +Requires: qemu-arm +%endif +Requires: %{name} = %{version}-%{release} +Requires: %{name}-libs = %{version}-%{release} +Recommends: multipath-tools +Requires: python3 +Requires: python3-curses +%ifarch %{ix86} x86_64 +Requires: qemu-seabios +%endif +# subpackage existed in 10.3 +Provides: xen-tools-ioemu = %{version} +Obsoletes: xen-tools-ioemu < %{version} +Conflicts: libvirt < 1.0.5 + +%description tools +Xen is a virtual machine monitor for x86 that supports execution of +multiple guest operating systems with unprecedented levels of +performance and resource isolation. + +This package contains the control tools that allow you to start, stop, +migrate, and manage virtual machines. + +In addition to this package you need to install xen and xen-libs +to use Xen. + + +Authors: +-------- + Ian Pratt + + +%ifarch x86_64 +%package tools-xendomains-wait-disk +Summary: Adds a new xendomains-wait-disks.service +License: GPL-3.0-or-later +Group: System/Kernel +Requires: %{name}-tools = %{version}-%{release} +Requires: coreutils +Requires: sed +Requires: vim +BuildArch: noarch + +%description tools-xendomains-wait-disk +This package adds a new service named xendomains-wait-disks.service, +that simply calls xendomains-wait-disks. xendomains-wait-disks script +loops checking for the presence of every disk used by domU that +xendomains.service will try to launch. The script returns when +all disks become available or xendomains-wait-disks.service expires. + +xendomains-wait-disks.service has the same dependencies as +xendomains.service, but it adds itself as a Wanted service for xendomains. +If xendomains-wait-disks.service fails, xendomains.service is launched anyway. + +https://github.com/luizluca/xen-tools-xendomains-wait-disk +%endif + +%endif + +%package tools-domU +Summary: Xen Virtualization: Control tools for domain U +License: GPL-2.0-only +Group: System/Kernel +Conflicts: %{name}-tools +Requires: %{name}-libs = %{version}-%{release} + +%description tools-domU +Xen is a virtual machine monitor for x86 that supports execution of +multiple guest operating systems with unprecedented levels of +performance and resource isolation. + +This package contains tools that allow unprivileged domains to query +the virtualized environment. + + + +Authors: +-------- + Ian Pratt + +%package devel +Summary: Xen Virtualization: Headers and libraries for development +License: GPL-2.0-only +Group: System/Kernel +Requires: %{name}-libs = %{version} +Requires: libuuid-devel + +%description devel +Xen is a virtual machine monitor for x86 that supports execution of +multiple guest operating systems with unprecedented levels of +performance and resource isolation. + +This package contains the libraries and header files needed to create +tools to control virtual machines. + + + +Authors: +-------- + Ian Pratt + +%if %{?with_dom0_support}0 + +%package doc-html +Summary: Xen Virtualization: HTML documentation +License: GPL-2.0-only +Group: Documentation/HTML + +%description doc-html +Xen is a virtual machine monitor for x86 that supports execution of +multiple guest operating systems with unprecedented levels of +performance and resource isolation. + +xen-doc-html contains the online documentation in HTML format. Point +your browser at file:/usr/share/doc/packages/xen/html/ + + + +Authors: +-------- + Ian Pratt +%endif + +%prep +%setup -q -n %xen_build_dir -a 1 -a 2 +%autosetup -D -T -n %xen_build_dir -p1 + +%build +%define _lto_cflags %{nil} + +# we control the version info of this package +# to gain control of filename of xen.gz +XEN_VERSION=%{version} +XEN_VERSION=${XEN_VERSION%%%%.*} +XEN_SUBVERSION=%{version} +XEN_SUBVERSION=${XEN_SUBVERSION#*.} +XEN_SUBVERSION=${XEN_SUBVERSION%%%%.*} +XEN_EXTRAVERSION="%version-%release" +XEN_EXTRAVERSION="${XEN_EXTRAVERSION#*.}" +XEN_EXTRAVERSION="${XEN_EXTRAVERSION#*.}" +# remove trailing B_CNT to reduce build-compare noise +XEN_EXTRAVERSION="${XEN_EXTRAVERSION%%.*}" +XEN_FULLVERSION="$XEN_VERSION.$XEN_SUBVERSION.$XEN_EXTRAVERSION" +XEN_BUILD_DATE="`date -u -d '1970-01-01'`" +XEN_BUILD_TIME="`date -u -d '1970-01-01' +%%T`" +SMBIOS_REL_DATE="`date -u -d '1970-01-01' +%%m/%%d/%%Y`" +RELDATE="`date -u -d '1970-01-01' '+%%d %%b %%Y'`" +if test -r %{S:9} +then + XEN_BUILD_DATE="` date -u -d \"$(sed -n '/@/{s/ - .*$//p;q}' %{S:9})\" `" + XEN_BUILD_TIME="` date -u -d \"$(sed -n '/@/{s/ - .*$//p;q}' %{S:9})\" +%%T`" + SMBIOS_REL_DATE="` date -u -d \"$(sed -n '/@/{s/ - .*$//p;q}' %{S:9})\" +%%m/%%d/%%Y`" + RELDATE="` date -u -d \"$(sed -n '/@/{s/ - .*$//p;q}' %{S:9})\" '+%%d %%b %%Y'`" +fi +cat > .our_xenversion <<_EOV_ +export WGET=$(type -P false) +export FTP=$(type -P false) +export GIT=$(type -P false) +%ifarch aarch64 +# GCC10+ enables outline-atomics option by default and breaks the build, so disable it +%if 0%{?suse_version} >= 1550 +export CFLAGS="%{optflags} -mno-outline-atomics" +%endif +%endif +export EXTRA_CFLAGS_XEN_TOOLS="%{optflags}" +export EXTRA_CFLAGS_QEMU_TRADITIONAL="%{optflags}" +export SMBIOS_REL_DATE="$SMBIOS_REL_DATE" +export RELDATE="$RELDATE" +XEN_VERSION=$XEN_VERSION +XEN_SUBVERSION=$XEN_SUBVERSION +XEN_EXTRAVERSION=$XEN_EXTRAVERSION +XEN_FULLVERSION=$XEN_FULLVERSION +_EOV_ +source ./.our_xenversion +sed -i~ " +s/XEN_VERSION[[:blank:]]*=.*/XEN_VERSION = $XEN_VERSION/ +s/XEN_SUBVERSION[[:blank:]]*=.*/XEN_SUBVERSION = $XEN_SUBVERSION/ +s/XEN_EXTRAVERSION[[:blank:]]*?=.*/XEN_EXTRAVERSION = .$XEN_EXTRAVERSION/ +s/XEN_FULLVERSION[[:blank:]]*=.*/XEN_FULLVERSION = $XEN_FULLVERSION/ +s/XEN_BUILD_DATE[[:blank:]]*?=.*/XEN_BUILD_DATE = $XEN_BUILD_DATE/ +s/XEN_BUILD_TIME[[:blank:]]*?=.*/XEN_BUILD_TIME = $XEN_BUILD_TIME/ +s/XEN_BUILD_HOST[[:blank:]]*?=.*/XEN_BUILD_HOST = buildhost/ +s/XEN_DOMAIN[[:blank:]]*?=.*/XEN_DOMAIN = suse.de/ +" xen/Makefile +if diff -u xen/Makefile~ xen/Makefile +then + : no changes? +fi + +configure_flags= +configure_flags="--with-system-qemu=%{_bindir}/qemu-system-%{qemu_arch}" +%if %{with xen_stubdom} +configure_flags="${configure_flags} --enable-stubdom" +%else +# change the/our default to daemon due to lack of stubdom +sed -i~ 's/ XENSTORETYPE=domain$/ XENSTORETYPE=daemon/' tools/hotplug/Linux/launch-xenstore.in +configure_flags="${configure_flags} --disable-stubdom" +%endif +export PYTHON="/usr/bin/python3" +configure_flags="${configure_flags} --disable-qemu-traditional" +./configure \ + --disable-xen \ + --disable-pvshim \ + --enable-tools \ + --enable-docs \ + --prefix=/usr \ + --exec_prefix=/usr \ + --bindir=%{_bindir} \ + --sbindir=%{_sbindir} \ + --libdir=%{_libdir} \ + --libexecdir=%{_libexecdir} \ + --with-libexec-leaf-dir=%{name} \ + --datadir=%{_datadir} \ + --mandir=%{_mandir} \ + --includedir=%{_includedir} \ + --docdir=%{_defaultdocdir}/xen \ + --with-initddir=%{_initddir} \ + --with-rundir=%{_rundir} \ + --enable-systemd \ + --with-systemd=%{_unitdir} \ + --with-systemd-modules-load=%{with_systemd_modules_load} \ + --with-system-ovmf=%{_datadir}/qemu/ovmf-x86_64-xen-4m.bin \ + --with-system-seabios=%{_datadir}/qemu/bios-256k.bin \ + ${configure_flags} +make -C tools/include/xen-foreign %{?_smp_mflags} +make %{?_smp_mflags} +# + +%install +source ./.our_xenversion +# tools +make \ + DESTDIR=%{buildroot} \ + SYSCONFIG_DIR=%{_fillupdir} \ + PKG_INSTALLDIR=%{_libdir}/pkgconfig \ + %{?_smp_mflags} \ + install +find %{buildroot} -ls +for i in %{buildroot}/%{_fillupdir}/* +do + mv -v $i ${i%%/*}/sysconfig.${i##*/} +done + +# +udev_rulesdir=%{buildroot}/%{_udevrulesdir} +tools_domU_dir=%{buildroot}/%{_libexecdir}/%{name}-tools-domU +mkdir -p ${udev_rulesdir} +mkdir -p ${tools_domU_dir} +# +tee ${udev_rulesdir}/80-%{name}-tools-domU.rules <<'_EOR_' +# XenSource, Inc. Xen Platform Device +SUBSYSTEM=="pci", ATTR{modalias}=="pci:v00005853d00000001sv00005853sd00000001bcFFsc80i00", TAG+="systemd", ENV{SYSTEMD_WANTS}+="%{name}-vcpu-watch.service" +_EOR_ +# +tee %{buildroot}/%{_unitdir}/%{name}-vcpu-watch.service <<'_EOS_' +[Unit] +Description=Listen to CPU online/offline events from dom0 toolstack + +[Service] +Type=simple +ExecStart=%{_libexecdir}/%{name}-tools-domU/%{name}-vcpu-watch.sh +Restart=always +RestartSec=2 +_EOS_ +# +tee %{buildroot}/%{_libexecdir}/%{name}-tools-domU/%{name}-vcpu-watch.sh <<'_EOS_' +#!/bin/bash +unset LANG +unset ${!LC_*} +echo "$0 starting" >&2 +xenstore-watch cpu | while read +do + : xenstore event: ${REPLY} + case "${REPLY}" in + cpu) + : just started + ;; + cpu/[0-9]/availability|cpu/[0-9][0-9]/availability) + vcpu="${REPLY%%/*}" + vcpu="${vcpu#*/}" + sysfs="/sys/devices/system/cpu/cpu${vcpu}/online" + if test -f "${sysfs}" + then + availability="`xenstore-read \"${REPLY}\"`" + case "${availability}" in + online|offline) + if test "${availability}" = "online" + then + new_sysfs_state=1 + else + new_sysfs_state=0 + fi + read cur_sysfs_state rest < "${sysfs}" + if test "${cur_sysfs_state}" = "${new_sysfs_state}" + then + : the vcpu "${vcpu}" already has state "${availability}" via "${sysfs}" + else + : setting vcpu "${vcpu}" to "${availability}" via "${sysfs}" + echo "setting vcpu ${vcpu} to ${availability}" >&2 + echo "${new_sysfs_state}" > "${sysfs}" + fi + ;; + esac + fi + ;; + *) + : unhandled + ;; + esac +done +exit 1 +_EOS_ +chmod 755 %{buildroot}/%{_libexecdir}/%{name}-tools-domU/%{name}-vcpu-watch.sh +# +tee ${udev_rulesdir}/60-persistent-xvd.rules <<'_EOR_' +ACTION=="remove", GOTO="xvd_aliases_end" +SUBSYSTEM!="block", GOTO="xvd_aliases_end" +KERNEL=="xvd*[!0-9]", IMPORT{program}=="%{name}-tools-domU.sh --devpath %%p --devtype $env{DEVTYPE}" +KERNEL=="xvd*[0-9]", IMPORT{program}=="%{name}-tools-domU.sh --devpath %%p --devtype $env{DEVTYPE}" +KERNEL=="xvd*[!0-9]", ENV{VBD_HD_SYMLINK}=="hd[a-d]", SYMLINK+="$env{VBD_HD_SYMLINK}" +KERNEL=="xvd*[0-9]", ENV{VBD_HD_SYMLINK}=="hd[a-d]", SYMLINK+="$env{VBD_HD_SYMLINK}%%n" +LABEL="xvd_aliases_end" +_EOR_ +# +tee ${udev_rulesdir}/80-%{name}-channel-setup.rules <<'_EOF_' +SUBSYSTEM=="xen", DEVPATH=="/devices/console-[0-9]", IMPORT{program}=="xen-channel-setup.sh $attr{nodename} %%n" + +SUBSYSTEM=="xen", DEVPATH=="/devices/console-[0-9]", ENV{XEN_CHANNEL_NAME}=="org.qemu.guest_agent.0", TAG+="systemd", ENV{SYSTEMD_WANTS}+="qemu-ga@hvc%%n.service" +_EOF_ +# +dracut_moduledir=%{buildroot}/usr/lib/dracut/modules.d/50%{name}-tools-domU +mkdir -p ${dracut_moduledir} +tee ${dracut_moduledir}/module-setup.sh <<'_EOS_' +#!/bin/bash +check() { + require_binaries xenstore-read || return 1 + return 0 +} + +depends() { + return 0 +} +install() { + inst_multiple xenstore-read + inst_multiple ${udevdir}/%{name}-tools-domU.sh + inst_rules 60-persistent-xvd.rules +} +_EOS_ +chmod 755 ${dracut_moduledir}/module-setup.sh +# +udev_programdir=%{buildroot}/usr/lib/udev +mkdir -p ${udev_programdir} +tee ${udev_programdir}/%{name}-tools-domU.sh <<'_EOS_' +#!/bin/bash +set -e +devpath= +devtype= +dev= +while test "$#" -gt 0 +do + : "$1" + case "$1" in + --devpath) devpath=$2 ; shift ;; + --devtype) devtype=$2 ; shift ;; + *) echo "$0: Unknown option $1" >&2 ; exit 1 ;; + esac + shift +done +test -n "${devpath}" || exit 1 +test -n "${devtype}" || exit 1 +cd "/sys/${devpath}" +case "${devtype}" in + partition) cd .. ;; +esac +cd -P device +d="${PWD##*/}" +d="${d/-/\/}" +backend="`xenstore-read device/${d}/backend`" +dev="`xenstore-read \"${backend}\"/dev`" +test -n "${dev}" && echo "VBD_HD_SYMLINK=${dev}" +_EOS_ +# +tee ${udev_programdir}/%{name}-channel-setup.sh <<'_EOF_' +#!/bin/bash + +if test "$#" -ne 2; then + exit 1 +fi + +channel_path="$1" +channel_num="$2" + +name="`xenstore-read \"$channel_path\"/name`" +test -z "$name" && exit 1 + +if test $name != "org.qemu.guest_agent.0"; then + exit 1 +fi + +mkdir -p /dev/xenchannel +devname=/dev/xenchannel/$name +# Xen's console devices are used for channels. See xen-pv-channel(7) +# for more details +ln -sfn /dev/hvc$channel_num $devname + +echo "XEN_CHANNEL_NAME=$name" +_EOF_ +chmod 755 ${udev_programdir}/*.sh + +# EFI +%if %{?with_dom0_support}0 +arch=`uname -m` +install_xen() +{ + local ext="" + find %{buildroot}/boot -ls + if [ -n "$1" ]; then + ext="-$1" + mv %{buildroot}/boot/xen-syms-${XEN_FULLVERSION} \ + %{buildroot}/boot/xen-syms${ext}-${XEN_FULLVERSION} + mv %{buildroot}/boot/xen-${XEN_FULLVERSION}%{xen_install_suffix} \ + %{buildroot}/boot/xen${ext}-${XEN_FULLVERSION}%{xen_install_suffix} + if test -d %{buildroot}/%{_libdir}/efi; then + mv %{buildroot}/%{_libdir}/efi/xen-${XEN_FULLVERSION}.efi %{buildroot}/%{_libdir}/efi/xen${ext}-${XEN_FULLVERSION}.efi + ln -sf xen${ext}-${XEN_FULLVERSION}.efi %{buildroot}/%{_libdir}/efi/xen${ext}-$XEN_VERSION.$XEN_SUBVERSION.efi + ln -sf xen${ext}-${XEN_FULLVERSION}.efi %{buildroot}/%{_libdir}/efi/xen${ext}-$XEN_VERSION.efi + ln -sf xen${ext}-${XEN_FULLVERSION}.efi %{buildroot}/%{_libdir}/efi/xen${ext}.efi + fi + elif test -d %{buildroot}/%{_libdir}/efi; then + # Move the efi files to /usr/share/efi/ (fate#326960) + mkdir -p %{buildroot}/%{_datadir}/efi/$arch + mv %{buildroot}/%{_libdir}/efi/xen*.efi %{buildroot}/%{_datadir}/efi/$arch/ + ln -s %{_datadir}/efi/$arch/xen-${XEN_FULLVERSION}.efi %{buildroot}/%{_libdir}/efi/xen.efi + fi + rm %{buildroot}/boot/xen-$XEN_VERSION.$XEN_SUBVERSION%{xen_install_suffix} + rm %{buildroot}/boot/xen-$XEN_VERSION%{xen_install_suffix} + rm %{buildroot}/boot/xen%{xen_install_suffix} + # Do not link to links; grub cannot follow. + ln -s xen${ext}-${XEN_FULLVERSION}%{xen_install_suffix} %{buildroot}/boot/xen${ext}-$XEN_VERSION.$XEN_SUBVERSION%{xen_install_suffix} + ln -s xen${ext}-${XEN_FULLVERSION}%{xen_install_suffix} %{buildroot}/boot/xen${ext}-$XEN_VERSION%{xen_install_suffix} + ln -s xen${ext}-${XEN_FULLVERSION}%{xen_install_suffix} %{buildroot}/boot/xen${ext}%{xen_install_suffix} + if test -f xen-syms${ext}-${XEN_FULLVERSION}; then + ln -sf xen-syms${ext}-${XEN_FULLVERSION} %{buildroot}/boot/xen-syms${ext} + fi + find %{buildroot}/boot -ls +} +export BRP_PESIGN_FILES="*.efi /lib/firmware" +CC=gcc +%if %{?with_gcc47}0 +CC=gcc-4.7 +%endif +%if %{?with_gcc48}0 +CC=gcc-4.8 +%endif +rm -fv xen/.config +echo CONFIG_REQUIRE_NX=y > xen/.config +echo CONFIG_DIT_DEFAULT=y >> xen/.config +%if %{with xen_debug} +echo CONFIG_DEBUG=y >> xen/.config +echo "CONFIG_DOM0_MEM=\"1G+10%%,max:64G\"" >> xen/.config +yes '' | make -C xen oldconfig +make -C xen install XEN_BUILD_DATE="$XEN_BUILD_DATE" XEN_BUILD_TIME="$XEN_BUILD_TIME" DEBUG_DIR=/boot DESTDIR=%{buildroot} CC=$CC %{?_smp_mflags} +install_xen dbg +make -C xen clean +%endif +echo CONFIG_DEBUG=n >> xen/.config +echo "CONFIG_DOM0_MEM=\"1G+10%%,max:64G\"" >> xen/.config +yes '' | make -C xen oldconfig +make -C xen install XEN_BUILD_DATE="$XEN_BUILD_DATE" XEN_BUILD_TIME="$XEN_BUILD_TIME" DEBUG_DIR=/boot DESTDIR=%{buildroot} CC=$CC %{?_smp_mflags} +install_xen +make -C xen clean +%endif + +# On x86_64, qemu-xen was installed as /usr/lib/xen/bin/qemu-system-i386 +# and advertised as the in libvirt capabilities. Tool such as +# virt-install include in domXML they produce, so we need to +# preserve the path. For x86_64, create a simple wrapper that invokes +# /usr/bin/qemu-system-i386 +# Using qemu-system-x86_64 will result in an incompatible VM +%ifarch x86_64 aarch64 +hardcoded_path_in_existing_domU_xml='%{_libexecdir}/%{name}/bin' +mkdir -vp %{buildroot}${hardcoded_path_in_existing_domU_xml} +tee %{buildroot}${hardcoded_path_in_existing_domU_xml}/qemu-system-%{qemu_arch} << 'EOF' +#!/bin/sh + +exec %{_bindir}/qemu-system-%{qemu_arch} "$@" +EOF +chmod 0755 %{buildroot}${hardcoded_path_in_existing_domU_xml}/qemu-system-%{qemu_arch} + +# +unit='%{_libexecdir}/%{name}/bin/xendomains-wait-disks' +mkdir -vp '%{buildroot}%{_libexecdir}/%{name}/bin' +cp -avL '%{SOURCE10172}' "%{buildroot}${unit}" +mkdir xendomains-wait-disk +cp -avL '%{SOURCE10173}' xendomains-wait-disk/LICENSE +cp -avL '%{SOURCE10174}' xendomains-wait-disk/README.md +tee %{buildroot}%{_unitdir}/xendomains-wait-disks.service <<_EOS_ +[Unit] +Description=Xendomains - for those machines that will start, wait for their disks to appear +Requires=proc-xen.mount xenstored.service +After=proc-xen.mount xenstored.service xenconsoled.service xen-init-dom0.service +After=network-online.target +After=remote-fs.target +Before=xendomains.service +ConditionPathExists=/proc/xen/capabilities + +[Service] +Type=oneshot +ExecStart=${unit} +TimeoutSec=5min + +[Install] +WantedBy=xendomains.service +_EOS_ +# +%endif + +# Stubdom +%if %{?with_dom0_support}0 +# Docs +mkdir -p %{buildroot}/%{_defaultdocdir}/xen/misc +for name in COPYING %SOURCE10 %SOURCE11 %SOURCE12; do + install -m 644 $name %{buildroot}/%{_defaultdocdir}/xen/ +done +for name in vtpm-platforms.txt crashdb.txt xenpaging.txt \ + xen-command-line.pandoc xenstore-paths.pandoc; do + install -m 644 docs/misc/$name %{buildroot}/%{_defaultdocdir}/xen/misc/ +done + +# Xen utilities +install -m755 %SOURCE36 %{buildroot}/usr/sbin/xen2libvirt +install -m755 %SOURCE10183 %{buildroot}/usr/sbin/xen_maskcalc + +rm -f %{buildroot}/etc/xen/README* +# Example config +mkdir -p %{buildroot}/etc/xen/{vm,examples,scripts} +mv %{buildroot}/etc/xen/xlexample* %{buildroot}/etc/xen/examples +rm -f %{buildroot}/etc/xen/examples/*nbd +install -m644 tools/xentrace/formats %{buildroot}/etc/xen/examples/xentrace_formats.txt + +# Scripts +rm -f %{buildroot}/etc/xen/scripts/block-*nbd +install -m755 %SOURCE21 %SOURCE22 %SOURCE23 %SOURCE24 %{buildroot}/etc/xen/scripts/ +mkdir -p %{buildroot}/usr/lib/supportconfig/plugins +install -m 755 %SOURCE13 %{buildroot}/usr/lib/supportconfig/plugins/xen + +# Xen API remote authentication files and Logrotate files +install -m644 %SOURCE31 %{buildroot}/etc/xen/ +%if 0%{?suse_version} > 1500 +mkdir -p %{buildroot}%{_distconfdir}/logrotate.d +install -m644 -D %SOURCE14 %{buildroot}%{_distconfdir}/logrotate.d/xen +install -d %{buildroot}%{_pam_vendordir} +install -m644 %SOURCE30 %{buildroot}/%{_pam_vendordir}/xen-api +%else +install -m644 -D %SOURCE14 %{buildroot}%{_sysconfdir}/logrotate.d/xen +install -d %{buildroot}/etc/pam.d +install -m644 %SOURCE30 %{buildroot}/etc/pam.d/xen-api +%endif + +# Directories +mkdir -p %{buildroot}/var/lib/xenstored +mkdir -p %{buildroot}/var/lib/xen/images +mkdir -p %{buildroot}/var/lib/xen/jobs +mkdir -p %{buildroot}/var/lib/xen/save +mkdir -p %{buildroot}/var/lib/xen/dump +mkdir -p %{buildroot}/var/log/xen +mkdir -p %{buildroot}/var/log/xen/console + +# Systemd +cp -bavL %{S:41} %{buildroot}/%{_unitdir} +bn=`basename %{S:42}` +cp -bavL %{S:42} %{buildroot}/%{_unitdir}/${bn} +mods="` +for conf in $(ls %{buildroot}/%{with_systemd_modules_load}/*.conf) +do + grep -v ^# $conf + echo -n > $conf +done +`" +> mods +for mod in $mods +do + # load by alias, if possible, to handle pvops and xenlinux + alias="$mod" + case "$mod" in + xen-evtchn) ;; + xen-gntdev) ;; + xen-gntalloc) ;; + xen-blkback) alias='xen-backend:vbd' ;; + xen-netback) alias='xen-backend:vif' ;; + xen-pciback) alias='xen-backend:pci' ;; + evtchn) unset alias ;; + gntdev) unset alias ;; + netbk) alias='xen-backend:vif' ;; + blkbk) alias='xen-backend:vbd' ;; + xen-scsibk) unset alias ;; + usbbk) unset alias ;; + pciback) alias='xen-backend:pci' ;; + xen-acpi-processor) ;; + blktap2) unset alias ;; + *) ;; + esac + if test -n "${alias}" + then + echo "ExecStart=-/bin/sh -c 'modprobe $alias || :'" >> mods + fi +done +sort -u mods | tee -a %{buildroot}/%{_unitdir}/${bn} +rm -rfv %{buildroot}/%{_initddir} +install -m644 %SOURCE35 %{buildroot}/%{_fillupdir}/sysconfig.pciback + +# Clean up unpackaged files +find %{buildroot} \( \ + -name .deps -o \ + -name README.blktap -o \ + -name README.xenmon -o \ + -name target-x86_64.conf -o \ + -name xen-mfndump -o \ + -name qcow-create -o \ + -name img2qcow -o \ + -name qcow2raw -o \ + -name qemu-bridge-helper -o \ + -name qemu-img-xen -o \ + -name qemu-nbd-xen -o \ + -name palcode-clipper -o \ + -name "*.dtb" -o \ + -name "openbios-*" -o \ + -name "petalogix*" -o \ + -name "ppc*" -o \ + -name "*.pyc" -o \ + -name "s390*" -o \ + -name "slof*" -o \ + -name "spapr*" -o \ + -name "*.egg-info" \) \ + -print -delete +# Wipe empty directories +if find %{buildroot}/usr -type d -print0 | xargs -0n1 rmdir -p 2>/dev/null +then + : +fi + +# "xl devd" has to be called manually in a driver domain +find %{buildroot} -name xendriverdomain.service -print -delete + +# Create hardlinks for 3 .txt files and 1 .py +%fdupes %{buildroot}/%{_prefix} +find %{buildroot} -type f -size 0 -delete -print + +%else +# !with_dom0_support + +# 32 bit hypervisor no longer supported. Remove dom0 tools. +rm -rf %{buildroot}/%{_datadir}/doc +rm -rf %{buildroot}/%{_datadir}/man +rm -rf %{buildroot}/%{_libexecdir}/%{name} +rm -rf %{buildroot}/%{_libdir}/python* +rm -rf %{buildroot}/%{_unitdir} +rm -rf %{buildroot}/%{_fillupdir} +rm -rf %{buildroot}/%{with_systemd_modules_load} +rm -rf %{buildroot}/usr/sbin +rm -rf %{buildroot}/etc/xen +rm -rf %{buildroot}/var +rm -f %{buildroot}/%{_sysconfdir}/bash_completion.d/xl +rm -f %{buildroot}/%{_sysconfdir}/init.d/xen* +rm -f %{buildroot}/%{_bindir}/*trace* +rm -f %{buildroot}/%{_bindir}/vchan-socket-proxy +rm -f %{buildroot}/%{_bindir}/xenalyze* +rm -f %{buildroot}/%{_bindir}/xenco* +rm -f %{buildroot}/%{_bindir}/xen-cpuid +rm -f %{buildroot}/%{_bindir}/pygrub +rm -f %{buildroot}/%{_bindir}/remus +rm -f %{buildroot}/usr/etc/qemu/target-x86_64.conf +rm -f %{buildroot}/usr/libexec/qemu-bridge-helper +%endif + +%if %{?with_dom0_support}0 + +%files +%defattr(-,root,root) +/boot/* +%{_libdir}/efi +%{_datadir}/efi + +%endif + +%files libs +%defattr(-,root,root) +%{_libdir}/xenfsimage/ +%{_libdir}/*.so.* + +%if %{?with_dom0_support}0 + +%files tools +%defattr(-,root,root) +/usr/bin/xenalyze +/usr/bin/xenstore* +/usr/bin/pygrub +/usr/bin/vchan-socket-proxy +/usr/bin/xencov_split +/usr/bin/xentrace_format +%ifarch x86_64 +/usr/bin/xen-cpuid +%endif +/usr/sbin/xenbaked +/usr/sbin/xenconsoled +/usr/sbin/xencov +/usr/sbin/xenlockprof +/usr/sbin/xenmon +/usr/sbin/xenperf +/usr/sbin/xenpm +/usr/sbin/xenpmd +/usr/sbin/xenstored +/usr/sbin/xentop +/usr/sbin/xentrace +/usr/sbin/xentrace_setmask +/usr/sbin/xentrace_setsize +/usr/sbin/xenwatchdogd +/usr/sbin/flask-get-bool +/usr/sbin/flask-getenforce +/usr/sbin/flask-label-pci +/usr/sbin/flask-loadpolicy +/usr/sbin/flask-set-bool +/usr/sbin/flask-setenforce +%if %{?with_gdbsx}0 +/usr/sbin/gdbsx +%endif +/usr/sbin/xl +/usr/sbin/xen2libvirt +/usr/sbin/xen-access +/usr/sbin/xen_maskcalc +%ifarch %ix86 x86_64 +/usr/sbin/xen-hptool +/usr/sbin/xen-hvmcrash +/usr/sbin/xen-hvmctx +/usr/sbin/xen-kdd +/usr/sbin/xen-lowmemd +/usr/sbin/xen-memshare +/usr/sbin/xen-ucode +/usr/sbin/xen-mceinj +/usr/sbin/xen-vmtrace +%endif +/usr/sbin/xenhypfs +/usr/sbin/xen-livepatch +/usr/sbin/xen-diag +%dir %attr(700,root,root) /etc/xen +%dir /etc/xen/scripts +/etc/xen/scripts/block* +/etc/xen/scripts/external-device-migrate +/etc/xen/scripts/hotplugpath.sh +/etc/xen/scripts/launch-xenstore +/etc/xen/scripts/locking.sh +/etc/xen/scripts/logging.sh +/etc/xen/scripts/vif-* +/etc/xen/scripts/vscsi +/etc/xen/scripts/xen-hotplug-* +/etc/xen/scripts/xen-network-common.sh +/etc/xen/scripts/xen-script-common.sh +/etc/xen/scripts/colo-proxy-setup +/etc/xen/scripts/remus-netbuf-setup +%dir /usr/lib/supportconfig +%dir /usr/lib/supportconfig/plugins +/usr/lib/supportconfig/plugins/xen +%dir %{_libexecdir}/%{name} +%{_libexecdir}/%{name}/bin +%exclude %{_libexecdir}/%{name}-tools-domU +%ifarch x86_64 +%{_libexecdir}/%{name}/boot +%exclude %{_libexecdir}/%{name}/bin/xendomains-wait-disks +%endif +%{_fillupdir}/sysconfig.pciback +%{_fillupdir}/sysconfig.xencommons +%{_fillupdir}/sysconfig.xendomains +%dir /var/lib/xen +%dir %attr(700,root,root) /var/lib/xen/images +%dir %attr(700,root,root) /var/lib/xen/save +%dir %attr(700,root,root) /var/lib/xen/dump +%ifarch %ix86 x86_64 +%dir %attr(700,root,root) /var/lib/xen/xenpaging +%endif +%dir /var/lib/xenstored +%dir /var/log/xen +%dir /var/log/xen/console +%if 0%{?suse_version} > 1500 +%{_distconfdir}/logrotate.d/xen +%{_pam_vendordir}/xen-api +%else +%config(noreplace) %{_sysconfdir}/logrotate.d/xen +%config /etc/pam.d/xen-api +%endif +/etc/xen/auto +%config /etc/xen/examples +%config /etc/xen/cpupool +%config /etc/xen/vm +%config(noreplace) /etc/xen/xenapiusers +%config(noreplace) /etc/xen/xl.conf +%config %{_unitdir} +%exclude %{_unitdir}/%{name}-vcpu-watch.service +%exclude %{_unitdir}/xendomains-wait-disks.service +%config %{with_systemd_modules_load} +/etc/bash_completion.d/xl +%dir %{_libdir}/python%{pyver}/site-packages/grub +%dir %{_libdir}/python%{pyver}/site-packages/xen +%dir %{_libdir}/python%{pyver}/site-packages/xen/lowlevel +%dir %{_libdir}/python%{pyver}/site-packages/xen/migration +%{_libdir}/python%{pyver}/site-packages/grub/* +%{_libdir}/python%{pyver}/site-packages/xen/util.py +%{_libdir}/python%{pyver}/site-packages/xen/lowlevel/* +%{_libdir}/python%{pyver}/site-packages/xen/migration/* +%{_libdir}/python%{pyver}/site-packages/*.so +%dir %{_defaultdocdir}/xen +%{_defaultdocdir}/xen/COPYING +%{_defaultdocdir}/xen/README.SUSE +%{_defaultdocdir}/xen/boot.local.xenU +%{_defaultdocdir}/xen/boot.xen +%{_mandir}/man*/* + +%ifarch x86_64 +%files tools-xendomains-wait-disk +%license xendomains-wait-disk/LICENSE +%doc xendomains-wait-disk/README.md +%config %{_unitdir}/xendomains-wait-disks.service +%config %attr(0755,root,root) %{_libexecdir}/%{name}/bin/xendomains-wait-disks +%endif +# with_dom0_support +%endif + +%posttrans -n %{name}-tools-domU +%{?regenerate_initrd_posttrans} + +%files tools-domU +%defattr(-,root,root) +%ifarch %ix86 x86_64 +/usr/bin/xen-detect +%exclude /usr/bin/xenstore-control +%endif +/usr/bin/xenstore* +%if %{?with_dom0_support}0 +%config %{_unitdir}/%{name}-vcpu-watch.service +%endif +%{_libexecdir}/%{name}-tools-domU +/usr/lib/udev +/usr/lib/dracut + +%files devel +%defattr(-,root,root) +%{_libdir}/*.a +%{_libdir}/*.so +/usr/include/* +%{_libdir}/pkgconfig/xenlight.pc +%{_libdir}/pkgconfig/xlutil.pc +%{_libdir}/pkgconfig/xencall.pc +%{_libdir}/pkgconfig/xencontrol.pc +%{_libdir}/pkgconfig/xendevicemodel.pc +%{_libdir}/pkgconfig/xenevtchn.pc +%{_libdir}/pkgconfig/xenforeignmemory.pc +%{_libdir}/pkgconfig/xengnttab.pc +%{_libdir}/pkgconfig/xenguest.pc +%{_libdir}/pkgconfig/xenhypfs.pc +%{_libdir}/pkgconfig/xenstat.pc +%{_libdir}/pkgconfig/xenstore.pc +%{_libdir}/pkgconfig/xentoolcore.pc +%{_libdir}/pkgconfig/xentoollog.pc +%{_libdir}/pkgconfig/xenvchan.pc + +%if %{?with_dom0_support}0 + +%files doc-html +%defattr(-,root,root) +%dir %{_defaultdocdir}/xen +%{_defaultdocdir}/xen/misc +%{_defaultdocdir}/xen/html + +%post +if [ -x /sbin/update-bootloader ]; then + /sbin/update-bootloader --refresh; exit 0 +fi + +%pre tools +%service_add_pre xencommons.service +%service_add_pre xendomains.service +%service_add_pre xen-watchdog.service +%service_add_pre xenstored.service +%service_add_pre xen-dom0-modules.service +%service_add_pre xenconsoled.service +%service_add_pre xen-init-dom0.service +%service_add_pre xen-qemu-dom0-disk-backend.service +%if 0%{?suse_version} > 1500 +# Prepare for migration to /usr/etc; save any old .rpmsave +for i in logrotate.d/xen pam.d/xen-api ; do + test -f %{_sysconfdir}/${i}.rpmsave && mv -v %{_sysconfdir}/${i}.rpmsave %{_sysconfdir}/${i}.rpmsave.old ||: +done +%endif + +%if 0%{?suse_version} > 1500 +%posttrans tools +# Migration to /usr/etc, restore just created .rpmsave +for i in logrotate.d/xen pam.d/xen-api ; do + test -f %{_sysconfdir}/${i}.rpmsave && mv -v %{_sysconfdir}/${i}.rpmsave %{_sysconfdir}/${i} ||: +done +%endif + +%post tools +%{fillup_only -n xencommons xencommons} +%{fillup_only -n xendomains xendomains} +%service_add_post xencommons.service +%service_add_post xendomains.service +%service_add_post xen-watchdog.service +%service_add_post xenstored.service +%service_add_post xen-dom0-modules.service +%service_add_post xenconsoled.service +%service_add_post xen-init-dom0.service +%service_add_post xen-qemu-dom0-disk-backend.service + +if [ -f /etc/default/grub ] && ! (/usr/bin/grep GRUB_CMDLINE_XEN /etc/default/grub >/dev/null); then + echo '# Xen boot parameters for all Xen boots' >> /etc/default/grub + echo 'GRUB_CMDLINE_XEN=""' >> /etc/default/grub + echo '# Xen boot parameters for non-recovery Xen boots (in addition to GRUB_CMDLINE_XEN)' >> /etc/default/grub + echo 'GRUB_CMDLINE_XEN_DEFAULT=""' >> /etc/default/grub +fi +if [ -f %{_datadir}/grub2/i386-xen/grub.xen ] && [ ! -f %{_libexecdir}/%{name}/boot/pvgrub32.bin ]; then + ln -sv %{_datadir}/grub2/i386-xen/grub.xen %{_libexecdir}/%{name}/boot/pvgrub32.bin +fi +if [ -f %{_datadir}/grub2/x86_64-xen/grub.xen ] && [ ! -f %{_libexecdir}/%{name}/boot/pvgrub64.bin ]; then + ln -sv %{_datadir}/grub2/x86_64-xen/grub.xen %{_libexecdir}/%{name}/boot/pvgrub64.bin +fi + +%preun tools +%service_del_preun xencommons.service +%service_del_preun xendomains.service +%service_del_preun xen-watchdog.service +%service_del_preun xenstored.service +%service_del_preun xen-dom0-modules.service +%service_del_preun xenconsoled.service +%service_del_preun xen-init-dom0.service +%service_del_preun xen-qemu-dom0-disk-backend.service + +%postun tools +%if %{defined service_del_postun_without_restart} +%service_del_postun_without_restart xencommons.service +%service_del_postun_without_restart xendomains.service +%service_del_postun_without_restart xen-watchdog.service +%service_del_postun_without_restart xenstored.service +%service_del_postun_without_restart xen-dom0-modules.service +%service_del_postun_without_restart xenconsoled.service +%service_del_postun_without_restart xen-init-dom0.service +%service_del_postun_without_restart xen-qemu-dom0-disk-backend.service +%else +export DISABLE_RESTART_ON_UPDATE=yes +%service_del_postun xencommons.service +%service_del_postun xendomains.service +%service_del_postun xen-watchdog.service +%service_del_postun xenstored.service +%service_del_postun xen-dom0-modules.service +%service_del_postun xenconsoled.service +%service_del_postun xen-init-dom0.service +%service_del_postun xen-qemu-dom0-disk-backend.service +%endif + +%endif + +%post libs -p /sbin/ldconfig + +%postun libs -p /sbin/ldconfig + +%changelog diff --git a/xen.sysconfig-fillup.patch b/xen.sysconfig-fillup.patch new file mode 100644 index 0000000..64904ad --- /dev/null +++ b/xen.sysconfig-fillup.patch @@ -0,0 +1,102 @@ +Fix xencommons for fillup + +The usage in xen.spec is like this: + %post tools + %{fillup_only -n xencommons xencommons} + +After fresh install, modify the key=value pairs as required, then +upgrade the package, the sysconfig file is broken and changes are lost: + + # rm /etc/sysconfig/xencommons + # zypper in --oldpackage xen-tools-4.12.4_02-3.30.1 + # echo XENSTORETYPE=domain >> /etc/sysconfig/xencommons + # echo XENSTORE_DOMAIN_SIZE=123 >> /etc/sysconfig/xencommons + # zypper in --oldpackage xen-tools-4.12.4_04-3.33.1 + # diff -u /var/adm/fillup-templates/sysconfig.xencommons /etc/sysconfig/xencommons + +Basically fillup removed all comments, and also the two added key=value lines. + +Prevent this by defining all keys, with empty values, so that consumers +of the values will continue to use the built-in defaults. +Index: xen-4.16.0-testing/tools/hotplug/Linux/init.d/sysconfig.xencommons.in +=================================================================== +--- xen-4.16.0-testing.orig/tools/hotplug/Linux/init.d/sysconfig.xencommons.in ++++ xen-4.16.0-testing/tools/hotplug/Linux/init.d/sysconfig.xencommons.in +@@ -3,7 +3,9 @@ + ## Default: "none" + # + # Log xenconsoled messages (cf xl dmesg) +-#XENCONSOLED_TRACE=[none|guest|hv|all] ++# One of [none|guest|hv|all] ++# ++XENCONSOLED_TRACE= + + ## Type: string + ## Default: daemon +@@ -16,10 +18,10 @@ + # + # Changing this requires a reboot to take effect. + # +-#XENSTORETYPE=daemon ++XENSTORETYPE= + + ## Type: string +-## Default: xenstored ++## Default: @XENSTORED@ + # + # Select xenstore implementation, this can be either + # of these below. +@@ -30,7 +32,7 @@ + # * @sbindir@/xenstored + # + # Changing this requires a reboot to take effect. +-#XENSTORED=@XENSTORED@ ++XENSTORED= + + ## Type: string + ## Default: unlimited +@@ -57,9 +59,10 @@ XENSTORED_ARGS= + ## Type: string + ## Default: Not defined, tracing off + # +-# Log xenstored messages ++# Log xenstored messages if a non-empty value is assigned. + # Only evaluated if XENSTORETYPE is "daemon". +-#XENSTORED_TRACE=[yes|on|1] ++# ++XENSTORED_TRACE= + + ## Type: integer + ## Default: 50 +@@ -75,14 +78,14 @@ XENSTORED_ARGS= + # + # xenstore domain kernel. + # Only evaluated if XENSTORETYPE is "domain". +-#XENSTORE_DOMAIN_KERNEL=@LIBEXEC@/boot/xenstore-stubdom.gz ++XENSTORE_DOMAIN_KERNEL= + + ## Type: integer + ## Default: 8 + # + # xenstore domain memory size in MiB. + # Only evaluated if XENSTORETYPE is "domain". +-#XENSTORE_DOMAIN_SIZE=8 ++XENSTORE_DOMAIN_SIZE= + + ## Type: string + ## Default: not set, no autoballooning of xenstore domain +@@ -93,7 +96,7 @@ XENSTORED_ARGS= + # - combination of both in form of : (e.g. 8:1/100), resulting + # value will be the higher of both specifications + # Only evaluated if XENSTORETYPE is "domain". +-#XENSTORE_MAX_DOMAIN_SIZE= ++XENSTORE_MAX_DOMAIN_SIZE= + + ## Type: string + ## Default: "" +@@ -106,4 +109,4 @@ XENSTORE_DOMAIN_ARGS= + #QEMU_XEN=@qemu_xen_path@ + + # Dom0 UUID +-#XEN_DOM0_UUID=00000000-0000-0000-0000-000000000000 ++XEN_DOM0_UUID= diff --git a/xen2libvirt.py b/xen2libvirt.py new file mode 100644 index 0000000..35845f4 --- /dev/null +++ b/xen2libvirt.py @@ -0,0 +1,137 @@ +#!/usr/bin/python3 +# +# Copyright (C) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library. If not, see +# . +# +# Authors: +# Jim Fehlig +# +# Read native Xen configuration format, convert to libvirt domXML, and +# import (virsh define ) into libvirt. + + +import sys +import os +import argparse +import re +from xml.etree import ElementTree + +try: + import libvirt +except ImportError: + print('Unable to import the libvirt module. Is libvirt-python installed?') + sys.exit(1) + +parser = argparse.ArgumentParser(description='Import Xen domain configuration into libvirt') +parser.add_argument('-c', '--convert-only', help='Convert Xen domain configuration into libvirt domXML, but do not import into libvirt', action='store_true', dest='convert_only') +parser.add_argument('-r', '--recursive', help='Operate recursivelly on all Xen domain configuration rooted at path', action='store_true') +parser.add_argument('-f', '--format', help='Format of Xen domain configuration. Supported formats are xm and sexpr', choices=['xm', 'sexpr'], default=None) +parser.add_argument('-v', '--verbose', help='Print information about the import process', action='store_true') +parser.add_argument('path', help='Path to Xen domain configuration') + + +def print_verbose(msg): + if args.verbose: + print(msg) + + +def check_config(path, config): + isbinary = os.system('file -b ' + path + ' | grep text > /dev/null') + + if isbinary: + print('Skipping %s (not a valid Xen configuration file)' % path) + return 'unknown' + + for line in config.splitlines(): + if len(line) == 0 or line.startswith('#'): + continue + if line.startswith('. + +import argparse +import sys +import os + + +EAX1_MATCH = '0x00000001 0x00:' +EAX7_MATCH = '0x00000007 0x00:' +EXP_LINELN = 76 + +libxl_names_ecx1 = [] +libxl_names_edx1 = [] +libvirt_names_ecx1 = [] +libvirt_names_edx1 = [] + +libxl_names_ebx7 = [] +libxl_names_ecx7 = [] +libvirt_names_ebx7 = [] +libvirt_names_ecx7 = [] + +def fill_ecx1(bit, libxl, libvirt): + if libxl_names_ecx1[bit]: + print("ecx bit %s already set: libxl %s libvirt %s. Ignoring %s/%s\n" % (bit, libxl_names_ecx1[bit], libvirt_names_ecx1[bit], libxl, libvirt)) + return + libxl_names_ecx1[bit] = libxl + libvirt_names_ecx1[bit] = libvirt + +def fill_edx1(bit, libxl, libvirt): + if libxl_names_edx1[bit]: + print("edx bit %s already set: libxl %s libvirt %s. Ignoring %s/%s\n" % (bit, libxl_names_edx1[bit], libvirt_names_edx1[bit], libxl, libvirt)) + return + libxl_names_edx1[bit] = libxl + libvirt_names_edx1[bit] = libvirt + +def fill_ebx7(bit, libxl, libvirt): + if libxl_names_ebx7[bit]: + print("edx bit %s already set: libxl %s libvirt %s. Ignoring %s/%s\n" % (bit, libxl_names_ebx7[bit], libvirt_names_ebx7[bit], libxl, libvirt)) + return + libxl_names_ebx7[bit] = libxl + libvirt_names_ebx7[bit] = libvirt + +def fill_ecx7(bit, libxl, libvirt): + if libxl_names_ecx7[bit]: + print("ecx bit %s already set: libxl %s libvirt %s. Ignoring %s/%s\n" % (bit, libxl_names_ecx7[bit], libvirt_names_ecx7[bit], libxl, libvirt)) + return + libxl_names_ecx7[bit] = libxl + libvirt_names_ecx7[bit] = libvirt + +def fill_bit_names(): + for i in range(0,32): + libxl_names_ecx1.append(None) + libxl_names_edx1.append(None) + libxl_names_ebx7.append(None) + libxl_names_ecx7.append(None) + libvirt_names_ecx1.append(None) + libvirt_names_edx1.append(None) + libvirt_names_ebx7.append(None) + libvirt_names_ecx7.append(None) + + fill_ecx1(0, "sse3", "pni") + fill_ecx1(1, "pclmulqdq", "pclmuldq") + fill_ecx1(2, "dtes64", "dtes64") + fill_ecx1(3, "monitor", "monitor") + fill_ecx1(4, "dscpl", "ds_cpl") + fill_ecx1(5, "vmx", "vmx") + fill_ecx1(6, "smx", "smx") + fill_ecx1(7, "est", "est") + fill_ecx1(8, "tm2", "tm2") + fill_ecx1(9, "ssse3", "ssse3") + fill_ecx1(10, "cntxid", "cid") + fill_ecx1(12, "fma", "fma") + fill_ecx1(13, "cmpxchg16", "cx16") + fill_ecx1(14, "xtpr", "xtpr") + fill_ecx1(15, "pdcm", "pdcm") + fill_ecx1(17, "pcid", "pcid") + fill_ecx1(18, "dca", "dca") + fill_ecx1(19, "sse4_1", "sse4.1") + fill_ecx1(20, "sse4_2", "sse4.2") + fill_ecx1(21, "x2apic", "x2apic") + fill_ecx1(22, "movbe", "movbe") + fill_ecx1(23, "popcnt", "popcnt") + fill_ecx1(24, "tsc-deadline", "tsc-deadline") + fill_ecx1(25, "aes", "aes") + fill_ecx1(26, "xsave", "xsave") + fill_ecx1(27, "osxsave", "osxsave") + fill_ecx1(28, "avx", "avx") + fill_ecx1(29, "f16c", "f16c") + fill_ecx1(30, "rdrand", "rdrand") + fill_ecx1(31, "hypervisor", "hypervisor") + + fill_edx1(0, "fpu", "fpu") + fill_edx1(1, "vme", "vme") + fill_edx1(2, "de", "de") + fill_edx1(3, "pse", "pse") + fill_edx1(4, "tsc", "tsc") + fill_edx1(5, "msr", "msr") + fill_edx1(6, "pae", "pae") + fill_edx1(7, "mce", "mce") + fill_edx1(8, "cmpxchg8", "cx8") + fill_edx1(9, "apic", "apic") + fill_edx1(11, "sysenter", "sep") + fill_edx1(12, "mtrr", "mtrr") + fill_edx1(13, "pge", "pge") + fill_edx1(14, "mca", "mca") + fill_edx1(15, "cmov", "cmov") + fill_edx1(16, "pat", "pat") + fill_edx1(17, "pse36", "pse36") + fill_edx1(18, "psn", "pn") + fill_edx1(19, "clfsh", "clflush") + fill_edx1(21, "ds", "ds") + fill_edx1(22, "acpi", "acpi") + fill_edx1(23, "mmx", "mmx") + fill_edx1(24, "fxsr", "fxsr") + fill_edx1(25, "sse", "sse") + fill_edx1(26, "sse2", "sse2") + fill_edx1(27, "ss", "ss") + fill_edx1(28, "htt", "ht") + fill_edx1(29, "tm", "tm") + fill_edx1(30, "ia64", "ia64") + fill_edx1(31, "pbe", "pbe") + + fill_ebx7(0, "fsgsbase", "fsgsbase") + fill_ebx7(1, "tsc_adjust", "tsc_adjust") + fill_ebx7(3, "bmi1", "bmi1") + fill_ebx7(4, "hle", "hle") + fill_ebx7(5, "avx2", "avx2") + fill_ebx7(7, "smep", "smep") + fill_ebx7(8, "bmi2", "bmi2") + fill_ebx7(9, "erms", "erms") + fill_ebx7(10, "invpcid", "invpcid") + fill_ebx7(11, "rtm", "rtm") + fill_ebx7(12, "cmt", "cmt") + fill_ebx7(14, "mpx", "mpx") + fill_ebx7(16, "avx512f", "avx512f") + fill_ebx7(17, "avx512dq", "avx512dq") + fill_ebx7(18, "rdseed", "rdseed") + fill_ebx7(19, "adx", "adx") + fill_ebx7(20, "smap", "smap") + fill_ebx7(21, "avx512-ifma", "avx512-ifma") + fill_ebx7(23, "clflushopt", "clflushopt") + fill_ebx7(24, "clwb", "clwb") + fill_ebx7(26, "avx512pf", "avx512pf") + fill_ebx7(27, "avx512er", "avx512er") + fill_ebx7(28, "avx512cd", "avx512cd") + fill_ebx7(29, "sha", "sha") + fill_ebx7(30, "avx512bw", "avx512bw") + fill_ebx7(31, "avx512vl", "avx512vl") + + fill_ecx7(0, "prefetchwt1", "prefetchwt1") + fill_ecx7(1, "avx512-vbmi", "avx512-vbmi") + fill_ecx7(2, "umip", "umip") + fill_ecx7(3, "pku", "pku") + fill_ecx7(4, "ospke", "ospke") + fill_ecx7(6, "avx512-vbmi2", "avx512-vbmi2") + fill_ecx7(8, "gfni", "gfni") + fill_ecx7(9, "vaes", "vaes") + fill_ecx7(10, "vpclmulqdq", "vpclmulqdq") + fill_ecx7(11, "avx512-vnni", "avx512-vnni") + fill_ecx7(12, "avx512-bitalg", "avx512-bitalg") + fill_ecx7(14, "avx512-vpopcntdq", "avx512-vpopcntdq") + fill_ecx7(22, "rdpid", "rdpid") + fill_ecx7(25, "cldemote", "cldemote") + + +def get_register_mask(regs): + """ Take a list of register values and return the calculated mask """ + reg_n = len(regs) + mask = '' + for idx in range(32): + counter = 0 + for reg in regs: + counter += 1 if (reg & (1 << idx) > 0) else 0 + # if we have all 1s or all 0s we don't mask the bit + if counter == reg_n or counter == 0: + mask = mask + 'x' + else: + mask = mask + '0' + # we calculated the mask in reverse, so we reverse it again + return mask[::-1] + + +def print_xl_masking_config(nodes): + """ Take a dictionary of nodes containing their registers and print out CPUID masking configuration for xl """ + nomasking = 'x' * 32 + libxl = [] + libvirt = [] + eax1_ecx_regs = [] + eax1_edx_regs = [] + eax7_ebx_regs = [] + eax7_ecx_regs = [] + for node in nodes: + eax1_ecx_regs.append(nodes[node]['eax1_ecx']) + eax1_edx_regs.append(nodes[node]['eax1_edx']) + eax7_ebx_regs.append(nodes[node]['eax7_ebx']) + eax7_ecx_regs.append(nodes[node]['eax7_ecx']) + # Get masks for the EAX1 and EAX7 registers + eax1_ecx_mask = get_register_mask(eax1_ecx_regs) + eax1_edx_mask = get_register_mask(eax1_edx_regs) + eax7_ebx_mask = get_register_mask(eax7_ebx_regs) + eax7_ecx_mask = get_register_mask(eax7_ecx_regs) + # Build the xl CPUID config + cpuid_config = 'cpuid = [\n "0x00000001:ecx=' + eax1_ecx_mask + if eax1_edx_mask != nomasking: + cpuid_config += ',edx=' + eax1_edx_mask + cpuid_config += '",\n' + cpuid_config += ' "0x00000007,0x00:ebx=' + eax7_ebx_mask + if eax7_ecx_mask != nomasking: + cpuid_config += ',ecx=' + eax7_ecx_mask + cpuid_config += '"\n' + cpuid_config += ']' + print(cpuid_config) + + bitnum = len(eax1_ecx_mask) + while bitnum > 0: + bitnum -= 1 + bitval = eax1_ecx_mask[len(eax1_ecx_mask) - 1 - bitnum] + if bitval == "0" and libxl_names_ecx1[bitnum]: + libxl.append(libxl_names_ecx1[bitnum] + "=0") + libvirt.append(libvirt_names_ecx1[bitnum]) + + bitnum = len(eax1_edx_mask) + while bitnum > 0: + bitnum -= 1 + bitval = eax1_edx_mask[len(eax1_edx_mask) - 1 - bitnum] + if bitval == "0" and libxl_names_edx1[bitnum]: + libxl.append(libxl_names_edx1[bitnum] + "=0") + libvirt.append(libvirt_names_edx1[bitnum]) + + bitnum = len(eax7_ebx_mask) + while bitnum > 0: + bitnum -= 1 + bitval = eax7_ebx_mask[len(eax7_ebx_mask) - 1 - bitnum] + if bitval == "0" and libxl_names_ebx7[bitnum]: + libxl.append(libxl_names_ebx7[bitnum] + "=0") + libvirt.append(libvirt_names_ebx7[bitnum]) + + bitnum = len(eax7_ecx_mask) + while bitnum > 0: + bitnum -= 1 + bitval = eax7_ecx_mask[len(eax7_ecx_mask) - 1 - bitnum] + if bitval == "0" and libxl_names_ecx7[bitnum]: + libxl.append(libxl_names_ecx7[bitnum] + "=0") + libvirt.append(libvirt_names_ecx7[bitnum]) + + if len(libxl) > 0: + output = "cpuid = [ host" + for i in libxl: + output += "," + i + output += " ]" + print(output) + + print("") + print(" ") + for i in libvirt: + print(" " % i) + print(" ") + print("") + + +def print_verbose_masking_info(nodes): + """ Take a dictionary of nodes containing their registers and print out verbose mask derivation information """ + eax1_ecx_regs = [] + eax1_edx_regs = [] + eax7_ebx_regs = [] + eax7_ecx_regs = [] + for node in nodes: + eax1_ecx_regs.append(nodes[node]['eax1_ecx']) + eax1_edx_regs.append(nodes[node]['eax1_edx']) + eax7_ebx_regs.append(nodes[node]['eax7_ebx']) + eax7_ecx_regs.append(nodes[node]['eax7_ecx']) + + print("") + print('== Detailed mask derivation info ==') + print("") + + print('EAX1 ECX registers:') + for reg in eax1_ecx_regs: + print('{0:032b}'.format(reg)) + print('================================') + print(get_register_mask(eax1_ecx_regs)) + + print("") + print('EAX1 EDX registers:') + for reg in eax1_edx_regs: + print('{0:032b}'.format(reg)) + print('================================') + print(get_register_mask(eax1_edx_regs)) + + print("") + print('EAX7,0 EBX registers:') + for reg in eax7_ebx_regs: + print('{0:032b}'.format(reg)) + print('================================') + print(get_register_mask(eax7_ebx_regs)) + + print("") + print('EAX7,0 ECX registers:') + for reg in eax7_ecx_regs: + print('{0:032b}'.format(reg)) + print('================================') + print(get_register_mask(eax7_ecx_regs)) + + +if __name__ == '__main__': + epilog = """The individual 'node_files' are generated with 'cpuid -1r': + server1~$ cpuid -1r > node1 + server2~$ cpuid -1r > node2 + server3~$ cpuid -1r > node3 + + ~$ {0} node1 node2 node3 + + Use 'zypper install cpuid' to install the cpuid.rpm. + +Note: Run 'cpuid' with NATIVE boot instead of dom0 to get the complete cpid value. +Xen hides some bits from dom0! + """.format(sys.argv[0]) + parser = argparse.ArgumentParser( + formatter_class=argparse.RawDescriptionHelpFormatter, + description='A utility that calculates a XEN CPUID difference mask', + epilog=epilog + ) + parser.add_argument('node_files', nargs='*', help='Filenames of XEN node CPUID outputs') + parser.add_argument('-v', '--verbose', action='store_true', help='Get detailed mask derivation information') + args = parser.parse_args() + if len(args.node_files) < 2: + print('Need at least 2 files to do the comparison!') + parser.print_help() + sys.exit(1) + + fill_bit_names() + nodes = dict() + for node in args.node_files: + if os.path.isfile(node): + try: + f = open(node) + except IOError as e: + print("I/O error({0}): {1}".format(e.errno, e.strerror)) + sys.exit(1) + else: + lines = [line.strip() for line in f] + eax1 = '' + eax7 = '' + # try to match the lines containing interesting registers + # EAX1 - Processor Info and Feature Bits + # EAX7 - Extended features + for line in lines: + if line.startswith(EAX1_MATCH): + eax1 = line + elif line.startswith(EAX7_MATCH): + eax7 = line + # if we get garbled data we should probably just give up + if len(eax1) < EXP_LINELN or len(eax7) < EXP_LINELN: + print('ERROR: invalid data format in file : ' + node) + sys.exit(1) + + # check if we can actually parse the strings into integers + try: + eax1_ecx = int(eax1.split()[4].split('=')[1], 0) + eax1_edx = int(eax1.split()[5].split('=')[1], 0) + eax7_ebx = int(eax7.split()[3].split('=')[1], 0) + eax7_ecx = int(eax7.split()[4].split('=')[1], 0) + except ValueError: + print('ERROR: invalid data format in file: ' + node) + sys.exit(1) + + nodes[node] = dict() + nodes[node]['eax1_ecx'] = eax1_ecx + nodes[node]['eax1_edx'] = eax1_edx + nodes[node]['eax7_ebx'] = eax7_ebx + nodes[node]['eax7_ecx'] = eax7_ecx + f.close() + else: + print('File not found: ' + node) + sys.exit(1) + + print_xl_masking_config(nodes) + if args.verbose: + print_verbose_masking_info(nodes) diff --git a/xenapiusers b/xenapiusers new file mode 100644 index 0000000..20fd8bb --- /dev/null +++ b/xenapiusers @@ -0,0 +1 @@ +root diff --git a/xencommons.service b/xencommons.service new file mode 100644 index 0000000..f3ad5ef --- /dev/null +++ b/xencommons.service @@ -0,0 +1,36 @@ +[Unit] +Description=xencommons +ConditionPathExists=/proc/xen/capabilities + +# Avoid errors from systemd-modules-load.service +Requires=xen-dom0-modules.service +After=xen-dom0-modules.service + +# Pull in all upstream service files +Requires=proc-xen.mount +After=proc-xen.mount +Requires=xenstored.service +After=xenstored.service +Requires=xenconsoled.service +After=xenconsoled.service +Requires=xen-init-dom0.service +After=xen-init-dom0.service +Requires=xen-qemu-dom0-disk-backend.service +After=xen-qemu-dom0-disk-backend.service + +# Make sure network (for bridge) and remote mounts (for xendomains) are available ... +After=network-online.target +After=remote-fs.target + +# ... for libvirt and xendomains +Before=xendomains.service libvirtd.service + +[Service] +Type=oneshot +RemainAfterExit=true +ExecStartPre=/bin/grep -q control_d /proc/xen/capabilities +ExecStart=/usr/bin/xenstore-ls -f +ExecStartPost=/bin/sh -c 'mv -vf /var/log/xen/xen-boot.log /var/log/xen/xen-boot.prev.log ; /usr/sbin/xl dmesg > /var/log/xen/xen-boot.log' + +[Install] +WantedBy=multi-user.target diff --git a/xenconsole-no-multiple-connections.patch b/xenconsole-no-multiple-connections.patch new file mode 100644 index 0000000..dbdeb7d --- /dev/null +++ b/xenconsole-no-multiple-connections.patch @@ -0,0 +1,27 @@ +Index: xen-4.18.0-testing/tools/console/client/main.c +=================================================================== +--- xen-4.18.0-testing.orig/tools/console/client/main.c ++++ xen-4.18.0-testing/tools/console/client/main.c +@@ -101,6 +101,7 @@ static int get_pty_fd(struct xs_handle * + * Assumes there is already a watch set in the store for this path. */ + { + struct timeval tv; ++ struct flock lock; + fd_set watch_fdset; + int xs_fd = xs_fileno(xs), pty_fd = -1; + time_t start, now; +@@ -124,6 +125,14 @@ static int get_pty_fd(struct xs_handle * + pty_fd = open(pty_path, O_RDWR | O_NOCTTY); + if (pty_fd == -1) + warn("Could not open tty `%s'", pty_path); ++ else { ++ memset(&lock, 0, sizeof(lock)); ++ lock.l_type = F_WRLCK; ++ lock.l_whence = SEEK_SET; ++ if (fcntl(pty_fd, F_SETLK, &lock) != 0) ++ err(errno, "Could not lock tty '%s'", ++ pty_path); ++ } + } + free(pty_path); + } diff --git a/xendomains-wait-disks.LICENSE b/xendomains-wait-disks.LICENSE new file mode 100644 index 0000000..48fa45a --- /dev/null +++ b/xendomains-wait-disks.LICENSE @@ -0,0 +1,674 @@ + GNU GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The GNU General Public License is a free, copyleft license for +software and other kinds of works. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +the GNU General Public License is intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. We, the Free Software Foundation, use the +GNU General Public License for most of our software; it applies also to +any other work released this way by its authors. You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + + To protect your rights, we need to prevent others from denying you +these rights or asking you to surrender the rights. Therefore, you have +certain responsibilities if you distribute copies of the software, or if +you modify it: responsibilities to respect the freedom of others. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must pass on to the recipients the same +freedoms that you received. You must make sure that they, too, receive +or can get the source code. And you must show them these terms so they +know their rights. + + Developers that use the GNU GPL protect your rights with two steps: +(1) assert copyright on the software, and (2) offer you this License +giving you legal permission to copy, distribute and/or modify it. + + For the developers' and authors' protection, the GPL clearly explains +that there is no warranty for this free software. For both users' and +authors' sake, the GPL requires that modified versions be marked as +changed, so that their problems will not be attributed erroneously to +authors of previous versions. + + Some devices are designed to deny users access to install or run +modified versions of the software inside them, although the manufacturer +can do so. This is fundamentally incompatible with the aim of +protecting users' freedom to change the software. The systematic +pattern of such abuse occurs in the area of products for individuals to +use, which is precisely where it is most unacceptable. Therefore, we +have designed this version of the GPL to prohibit the practice for those +products. If such problems arise substantially in other domains, we +stand ready to extend this provision to those domains in future versions +of the GPL, as needed to protect the freedom of users. + + Finally, every program is threatened constantly by software patents. +States should not allow patents to restrict development and use of +software on general-purpose computers, but in those that do, we wish to +avoid the special danger that patents applied to a free program could +make it effectively proprietary. To prevent this, the GPL assures that +patents cannot be used to render the program non-free. + + The precise terms and conditions for copying, distribution and +modification follow. + + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Use with the GNU Affero General Public License. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU Affero General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the special requirements of the GNU Affero General Public License, +section 13, concerning interaction through a network will apply to the +combination as such. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +state the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + {one line to give the program's name and a brief idea of what it does.} + Copyright (C) {year} {name of author} + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . + +Also add information on how to contact you by electronic and paper mail. + + If the program does terminal interaction, make it output a short +notice like this when it starts in an interactive mode: + + {project} Copyright (C) {year} {fullname} + This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, your program's commands +might be different; for a GUI interface, you would use an "about box". + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU GPL, see +. + + The GNU General Public License does not permit incorporating your program +into proprietary programs. If your program is a subroutine library, you +may consider it more useful to permit linking proprietary applications with +the library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. But first, please read +. diff --git a/xendomains-wait-disks.README.md b/xendomains-wait-disks.README.md new file mode 100644 index 0000000..ed87ba1 --- /dev/null +++ b/xendomains-wait-disks.README.md @@ -0,0 +1,28 @@ +# xen-tools-xendomains-wait-disk + +[xendomains.service](https://github.com/xen-project/xen/blob/RELEASE-4.13.0/tools/hotplug/Linux/systemd/xendomains.service.in) has problems +with disks that appear only later in boot process (or even after booting is complete). This project creates a service that +loops over all disks that domU will use and wait for them to appear. + +xendomains-wait-disk.service launches a script that reads both /etc/xen/auto/ configurations and /var/lib/xen/save/ dumps. +From those files, it extracts which disks are needed for all domU that will be started (respecting /etc/sysconfig/xendomains +settings). After that, it simply loops waiting for those disks to appear. There is a timeout (5 min) configured in +xendomains-wait-disk.service that prevents it to block booting process forever. + +There are two known cases where this project is useful: + +## degraded mdadm RAID + +mdadm RAID are assembled by [udev rules](https://github.com/neilbrown/mdadm/blob/master/udev-md-raid-assembly.rules). +However, it is only assembled when it is healthy. When a member is still missing, it starts a [timer](https://github.com/neilbrown/mdadm/blob/master/systemd/mdadm-last-resort%40.timer) that will try to assemble the RAID anyway after 30s, even if degraded. This timer does not block xendomains to be started. So, if a domU is depending on a MD RAID that is degraded (i.e. RAID 1 missing one disk), xendomains.service will be started before those 30s passed and that domU will fail. + +An alternative solution would be to add extra hard dependencies to xendomains.service for each required disk (Require=xxx.device). However, this solution introduces another bigger problem. Before, if a single RAID is degraded, only the domU that depends on it will fail. With Require=xxx.device, xendomains will never start if +a RAID could not be assembled even after 30s (i.e. RAID5 with two missing disks). + +With xendomains-wait-disk.service, xendomains.service will be blocked up to 5 min waiting for those MD RAID used by domUs. If it fails, xendomains.service +continues anyway. + +## iSCSI disks + +domU that uses iSCSI disk (mapped by host OS) also fails to start during boot. open-iscsi.service returns before it connect to the remote target and rescan +iscsi disks. As in mdadm RAID case, xendomains.service is started and domU that depends on iSCSI disks will fail. diff --git a/xendomains-wait-disks.sh b/xendomains-wait-disks.sh new file mode 100644 index 0000000..b6668e3 --- /dev/null +++ b/xendomains-wait-disks.sh @@ -0,0 +1,199 @@ +#!/bin/bash +# +# Generates xendomains unit +# + +read_conf_from_file() { + ${sbindir}/xl create --quiet --dryrun --defconfig "$1" +} + +big2littleendian_32bit(){ + echo ${1:6:2}${1:4:2}${1:2:2}${1:0:2} +} + +read_hex() { + local out_var=$1; shift + local input=$1; shift + local pos_var=$1; shift + local length=$1; shift + local hex=$(dd bs=1 skip=${!pos_var} count=$length status=none <$input | xxd -p -c$length -l$length) + read -r $pos_var <<<"$((${!pos_var} + $length))" + read -r $out_var <<<"$hex" +} + +hex2dec() { + local hex=$1; shift + local little_endian=$1; shift + if $little_endian; then + hex=$(big2littleendian_32bit $hex) + fi + echo $((0x$hex)) +} + +read_conf_from_image(){ + local pos=0 length=0 + + local magic_header byte_order mandatory_flags optional_flags optional_data_len config_len config_json + + read_hex magic_header $1 pos 32 + # "Xen saved domain, xl format\n \0 \r" + if [ "$magic_header" != "58656e20736176656420646f6d61696e2c20786c20666f726d61740a2000200d" ]; then + log $err "Unknown file format in $1. Wrong magic header: '0x$magic_header'" + return 1 + fi + + read_hex byte_order $1 pos 4 + case "$byte_order" in + 04030201) little_endian=true;; + 01020304) little_endian=false;; + *) log $err "Unknown byte order 0x$byte_order in $1"; return 1;; + esac + + #define XL_MANDATORY_FLAG_JSON (1U << 0) /* config data is in JSON format */ + #define XL_MANDATORY_FLAG_STREAMv2 (1U << 1) /* stream is v2 */ + read_hex mandatory_flags $1 pos 4 + if [ "$(($(hex2dec $mandatory_flags $little_endian) & 0x3))" -ne 3 ]; then + log $err "Unknown config format or stream version. Mandatory flags are 0x$mandatory_flag" + return 1 + fi + + read_hex optional_flags $1 pos 4 + read_hex optional_data_len $1 pos 4 + optional_data_len=$(hex2dec $optional_data_len $little_endian) + + # I'll not use but saved memory dump will begin at $((pos+optional_data_len)) + read_hex config_len $1 pos 4 + config_len=$(hex2dec $config_len $little_endian) + + # null terminated string + read_hex config_json $1 pos $config_len + xxd -p -r <<<"$config_json" +} + +log() { + local msg_loglevel=$1; shift + if [ "$msg_loglevel" -gt "$LOGLEVEL" ]; then + return 0 + fi + echo "$@" >&2 +} + + +emerg=0; alert=1; crit=2; err=3 +warning=4; notice=5; info=6; debug=7 +LOGLEVEL=${LOGLEVEL:-4} +if [ "$SYSTEMD_LOG_LEVEL" ]; then + LOGLEVEL=${!SYSTEMD_LOG_LEVEL} +fi +log $debug "Using loglevel $LOGLEVEL" +trap "log $err Error on \$LINENO: \$(caller)" ERR + +log $debug "loading /etc/xen/scripts/hotplugpath.sh..." +. /etc/xen/scripts/hotplugpath.sh + +#log $debug "testing for ${sbindir}/xl..." +#CMD=${sbindir}/xl +#if ! $CMD list &> /dev/null; then +# log $err "${sbindir}/xl list failed!" +# log $err "$($CMD list &>&1)" +# exit $? +#fi +#log $debug "${sbindir}/xl list OK!" + +log $debug "loading /etc/sysconfig/xendomains..." +XENDOM_CONFIG=/etc/sysconfig/xendomains +if ! test -r $XENDOM_CONFIG; then + echo "$XENDOM_CONFIG not existing" >&2; + exit 6 +fi + +. $XENDOM_CONFIG + +doms_conf=() +doms_restore=() +doms_source=() + +log $debug "Reading saved domains..." +if [ "$XENDOMAINS_RESTORE" = "true" ] && [ -d "$XENDOMAINS_SAVE" ]; then + for dom in $XENDOMAINS_SAVE/*; do + log $debug "Trying $dom..." + if ! [ -r $dom ] ; then + log $debug "Not readable $dom..." + continue + fi + + log $debug "Reading conf from $dom..." + if ! dom_conf=$(read_conf_from_image $dom); then + log $error "Cannot read conf from $dom" + continue + fi + + log $debug "Adding $dom to the list" + doms_conf+=("$dom_conf") + doms_restore+=(true) + doms_source+=("$dom") + done +fi + +log $debug "Reading auto domains..." +if [ -d "$XENDOMAINS_AUTO" ]; then + for dom in $XENDOMAINS_AUTO/*; do + log $debug "Trying $dom..." + if ! [ -r $dom ] ; then + log $debug "Not readable $dom..." + continue + fi + + log $debug "Reading conf from $dom..." + if ! dom_conf=$(read_conf_from_file $dom); then + echo 123 + log $error "Cannot read conf from $dom" + continue + fi + + log $debug "Adding $dom to the list" + doms_conf+=("$dom_conf") + doms_restore+=(false) + doms_source+=("$dom") + done +fi + +log $debug "We have ${#doms_conf[*]} to check" +for i in ${!doms_conf[*]}; do + log $debug "Doing dom $i..." + + dom_conf="${doms_conf[i]}" + dom_restore="${doms_restore[i]}" + dom_source="${doms_source[i]}" + + dom_name=$(sed -n 's/^.*(name \(.*\))$/\1/p;s/^.*"name": "\(.*\)",$/\1/p' <<<"$dom_conf") + readarray -t required_disks <<<"$(sed -n -e '/^ "disks": \[/,/ \],/{ /"pdev_path":/ { s/.*"pdev_path": "//;s/".*//p } }' <<<"$dom_conf")" + + log $debug "dom $i is named $dom_name..." + for disk in "${required_disks[@]}"; do + disk_control_var=control_$(tr -d -c '[a-zA-Z0-9_]' <<<"$disk") + if [ "${!disk_control_var:-0}" -eq 1 ]; then + log $debug "$disk for $dom_name is already being checked" + continue + fi + declare $disk_control_var=1 + log $debug "waiting for $disk for $dom_name" + ( + j=0 found_loglevel=$debug + while true; do + if [ -e "$disk" ]; then + log $found_loglevel "disk $disk found (after $j seconds)" + exit 0 + fi + if [ "$(( j++ % 5))" -eq 0 ]; then + log $warning "still waiting for $disk for $dom_name..." + found_loglevel=$warning + fi + sleep 1 + done + ) & + done +done + +wait +log $debug "Exiting normally" diff --git a/xenstore-run-in-studomain.patch b/xenstore-run-in-studomain.patch new file mode 100644 index 0000000..ab701f9 --- /dev/null +++ b/xenstore-run-in-studomain.patch @@ -0,0 +1,54 @@ +References: fate#323663 - Run Xenstore in stubdomain + +--- a/tools/hotplug/Linux/init.d/sysconfig.xencommons.in ++++ b/tools/hotplug/Linux/init.d/sysconfig.xencommons.in +@@ -8,7 +8,7 @@ + XENCONSOLED_TRACE= + + ## Type: string +-## Default: daemon ++## Default: domain + # + # Select type of xentore service. + # +@@ -81,14 +81,14 @@ XENSTORED_TRACE= + XENSTORE_DOMAIN_KERNEL= + + ## Type: integer +-## Default: 8 ++## Default: 32 + # + # xenstore domain memory size in MiB. + # Only evaluated if XENSTORETYPE is "domain". + XENSTORE_DOMAIN_SIZE= + + ## Type: string +-## Default: not set, no autoballooning of xenstore domain ++## Default: 1/100 + # + # Maximum xenstore domain memory size. Can be specified as: + # - plain integer value for max size in MiB +--- a/tools/hotplug/Linux/launch-xenstore.in ++++ b/tools/hotplug/Linux/launch-xenstore.in +@@ -48,7 +48,7 @@ test_xenstore && exit 0 + + test -f @CONFIG_DIR@/@CONFIG_LEAF_DIR@/xencommons && . @CONFIG_DIR@/@CONFIG_LEAF_DIR@/xencommons + +-[ "$XENSTORETYPE" = "" ] && XENSTORETYPE=daemon ++[ "$XENSTORETYPE" = "" ] && XENSTORETYPE=domain + + /bin/mkdir -p @XEN_RUN_DIR@ + +@@ -95,9 +95,10 @@ test -f @CONFIG_DIR@/@CONFIG_LEAF_DIR@/x + [ "$XENSTORETYPE" = "domain" ] && { + [ -z "$XENSTORE_DOMAIN_KERNEL" ] && XENSTORE_DOMAIN_KERNEL=@LIBEXEC@/boot/xenstore-stubdom.gz + XENSTORE_DOMAIN_ARGS="$XENSTORE_DOMAIN_ARGS --kernel $XENSTORE_DOMAIN_KERNEL" +- [ -z "$XENSTORE_DOMAIN_SIZE" ] && XENSTORE_DOMAIN_SIZE=8 ++ [ -z "$XENSTORE_DOMAIN_SIZE" ] && XENSTORE_DOMAIN_SIZE=32 + XENSTORE_DOMAIN_ARGS="$XENSTORE_DOMAIN_ARGS --memory $XENSTORE_DOMAIN_SIZE" +- [ -z "$XENSTORE_MAX_DOMAIN_SIZE" ] || XENSTORE_DOMAIN_ARGS="$XENSTORE_DOMAIN_ARGS --maxmem $XENSTORE_MAX_DOMAIN_SIZE" ++ [ -z "$XENSTORE_MAX_DOMAIN_SIZE" ] && XENSTORE_MAX_DOMAIN_SIZE="1/100" ++ XENSTORE_DOMAIN_ARGS="$XENSTORE_DOMAIN_ARGS --maxmem $XENSTORE_MAX_DOMAIN_SIZE" + + echo -n Starting $XENSTORE_DOMAIN_KERNEL... + ${LIBEXEC_BIN}/init-xenstore-domain $XENSTORE_DOMAIN_ARGS || exit 1 diff --git a/xenwatchdogd-restart.patch b/xenwatchdogd-restart.patch new file mode 100644 index 0000000..f019cc0 --- /dev/null +++ b/xenwatchdogd-restart.patch @@ -0,0 +1,108 @@ +References: bsc#1178736 + +Allow restart of xenwatchdogd in case it terminated unexpectetly. +Index: xen-4.14.0-testing/tools/misc/xenwatchdogd.c +=================================================================== +--- xen-4.14.0-testing.orig/tools/misc/xenwatchdogd.c ++++ xen-4.14.0-testing/tools/misc/xenwatchdogd.c +@@ -9,12 +9,16 @@ + #include + #include + #include ++#include ++#include + + xc_interface *h; + int id = 0; ++static const char id_file[] = "/run/xenwatchdog_id.txt"; + +-void daemonize(void) ++static void daemonize(const char *str) + { ++ const char *err_str = ""; + switch (fork()) { + case -1: + err(1, "fork"); +@@ -23,7 +27,9 @@ void daemonize(void) + default: + exit(0); + } +- umask(0); ++#define err(x,s) do { err_str = (s); goto out; } while (0) ++ openlog(str, LOG_CONS, LOG_DAEMON); ++ umask(~(S_IRUSR|S_IWUSR)); + if (setsid() < 0) + err(1, "setsid"); + if (chdir("/") < 0) +@@ -34,6 +40,10 @@ void daemonize(void) + err(1, "reopen stdout"); + if(freopen("/dev/null", "w", stderr) == NULL) + err(1, "reopen stderr"); ++ return; ++out: ++ syslog(LOG_ERR, "%s: %m", err_str); ++ exit(1); + } + + void catch_exit(int sig) +@@ -47,18 +57,21 @@ void catch_usr1(int sig) + { + if (id) + xc_watchdog(h, id, 0); ++ unlink(id_file); + exit(0); + } + + int main(int argc, char **argv) + { ++ FILE *f; + int t, s; + int ret; ++ const char *err_str = ""; + + if (argc < 2) + errx(1, "usage: %s ", argv[0]); + +- daemonize(); ++ daemonize(basename(argv[0])); + + h = xc_interface_open(NULL, NULL, 0); + if (h == NULL) +@@ -86,9 +99,25 @@ int main(int argc, char **argv) + if (signal(SIGUSR1, &catch_usr1) == SIG_ERR) + err(1, "signal"); + +- id = xc_watchdog(h, 0, t); +- if (id <= 0) +- err(1, "xc_watchdog setup"); ++ f = fopen(id_file, "r"); ++ if (f) { ++ if (fscanf(f, "%d", &id) != 1) ++ id = -1; ++ if (id <= 0) ++ err(1, "xc_watchdog setup"); ++ syslog(LOG_INFO, "reusing id %d", id); ++ fclose(f); ++ } else { ++ id = xc_watchdog(h, 0, t); ++ syslog(LOG_INFO, "obtained id %d", id); ++ if (id <= 0) ++ err(1, "xc_watchdog setup"); ++ f = fopen(id_file, "w"); ++ if (f) { ++ fprintf(f, "%d\n", id); ++ fclose(f); ++ } ++ } + + for (;;) { + sleep(s); +@@ -96,4 +125,8 @@ int main(int argc, char **argv) + if (ret != 0) + err(1, "xc_watchdog"); + } ++ ++out: ++ syslog(LOG_ERR, "%s: %m", err_str); ++ exit(1); + } diff --git a/xl-conf-default-bridge.patch b/xl-conf-default-bridge.patch new file mode 100644 index 0000000..381cbdb --- /dev/null +++ b/xl-conf-default-bridge.patch @@ -0,0 +1,13 @@ +Index: xen-4.14.0-testing/tools/examples/xl.conf +=================================================================== +--- xen-4.14.0-testing.orig/tools/examples/xl.conf ++++ xen-4.14.0-testing/tools/examples/xl.conf +@@ -34,7 +34,7 @@ + #vif.default.script="vif-bridge" + + # default bridge device to use with vif-bridge hotplug scripts +-#vif.default.bridge="xenbr0" ++vif.default.bridge="br0" + + # Reserve a claim of memory when launching a guest. This guarantees immediate + # feedback whether the guest can be launched due to memory exhaustion diff --git a/xl-conf-disable-autoballoon.patch b/xl-conf-disable-autoballoon.patch new file mode 100644 index 0000000..649417a --- /dev/null +++ b/xl-conf-disable-autoballoon.patch @@ -0,0 +1,13 @@ +Index: xen-4.14.0-testing/tools/examples/xl.conf +=================================================================== +--- xen-4.14.0-testing.orig/tools/examples/xl.conf ++++ xen-4.14.0-testing/tools/examples/xl.conf +@@ -7,7 +7,7 @@ + # Control whether dom0 is ballooned down when xen doesn't have enough + # free memory to create a domain. "auto" means only balloon if dom0 + # starts with all the host's memory. +-#autoballoon="auto" ++autoballoon="off" + + # full path of the lockfile used by xl during domain creation + #lockfile="/var/lock/xl" diff --git a/xl-save-pc.patch b/xl-save-pc.patch new file mode 100644 index 0000000..3b76dfd --- /dev/null +++ b/xl-save-pc.patch @@ -0,0 +1,180 @@ +References: bug#1176189 + +Usage of xl save -p|-c will suspend the domU. +As a result the monitoring xl process with get a LIBXL_EVENT_TYPE_DOMAIN_SHUTDOWN/LIBXL_SHUTDOWN_REASON_SUSPEND event. +This will cause it to exit because it does not know the -p/-c flags were used to keep the domU active. +As a result the final shutdown will not destroy the domU. + +Write a flag to xenstore to let the monitoring process know about the usage of -p/-c. +Remove the flag once the suspend is done. + +Recognize the flag in the monitoring process. +Keep going if the flag is seen. +Watch again for @releaseDomain events. +Keep going if the event type and shutdown reason remains the same. +--- + tools/xl/Makefile | 3 ++- + tools/xl/xl.h | 1 + + tools/xl/xl_saverestore.c | 15 ++++++++++++ + tools/xl/xl_vmcontrol.c | 48 +++++++++++++++++++++++++++++++++++++++ + 4 files changed, 66 insertions(+), 1 deletion(-) + +--- a/tools/xl/Makefile ++++ b/tools/xl/Makefile +@@ -26,6 +26,7 @@ XL_OBJS += xl_vmcontrol.o xl_saverestore + XL_OBJS += xl_vdispl.o xl_vsnd.o xl_vkb.o + + $(XL_OBJS): CFLAGS += $(CFLAGS_libxentoollog) ++$(XL_OBJS): CFLAGS += $(CFLAGS_libxenstore) + $(XL_OBJS): CFLAGS += $(CFLAGS_XL) + $(XL_OBJS): CFLAGS += -include $(XEN_ROOT)/tools/config.h # libxl_json.h needs it. + +@@ -33,7 +34,7 @@ $(XL_OBJS): CFLAGS += -include $(XEN_ROO + all: xl + + xl: $(XL_OBJS) +- $(CC) $(LDFLAGS) -o $@ $(XL_OBJS) $(LDLIBS_libxenutil) $(LDLIBS_libxenlight) $(LDLIBS_libxentoollog) -lyajl $(APPEND_LDFLAGS) ++ $(CC) $(LDFLAGS) -o $@ $(XL_OBJS) $(LDLIBS_libxenutil) $(LDLIBS_libxenlight) $(LDLIBS_libxentoollog) $(LDLIBS_libxenstore) -lyajl $(APPEND_LDFLAGS) + + .PHONY: install + install: all +--- a/tools/xl/xl.h ++++ b/tools/xl/xl.h +@@ -303,6 +303,7 @@ typedef enum { + DOMAIN_RESTART_SOFT_RESET, /* Soft reset should be performed */ + } domain_restart_type; + ++#define XL_SAVE_PAUSE_CHECKPOINT "suse-xl-save-pc" + extern void printf_info_sexp(int domid, libxl_domain_config *d_config, FILE *fh); + extern void apply_global_affinity_masks(libxl_domain_type type, + libxl_bitmap *vcpu_affinity_array, +--- a/tools/xl/xl_saverestore.c ++++ b/tools/xl/xl_saverestore.c +@@ -21,6 +21,7 @@ + #include + #include + ++#include + #include + #include + #include +@@ -127,6 +128,8 @@ static int save_domain(uint32_t domid, i + const char *filename, int checkpoint, + int leavepaused, const char *override_config_file) + { ++ struct xs_handle *xsh = NULL; ++ char path[80]; + int fd; + uint8_t *config_data; + int config_len; +@@ -144,12 +147,24 @@ static int save_domain(uint32_t domid, i + fprintf(stderr, "Failed to open temp file %s for writing\n", filename); + exit(EXIT_FAILURE); + } ++ if (leavepaused || checkpoint) ++ { ++ snprintf(path, sizeof(path), "/libxl/%u/" XL_SAVE_PAUSE_CHECKPOINT, domid); ++ xsh = xs_open(0); ++ if (xsh) ++ xs_write(xsh, XBT_NULL, path, leavepaused ? "p" : "c", 1); ++ } + + save_domain_core_writeconfig(fd, filename, config_data, config_len); + + int rc = libxl_domain_suspend_suse(ctx, domid, fd, &props, NULL); + close(fd); + ++ if (xsh) { ++ xs_rm(xsh, XBT_NULL, path); ++ xs_close(xsh); ++ } ++ + if (rc < 0) { + fprintf(stderr, "Failed to save domain, resuming domain\n"); + libxl_domain_resume(ctx, domid, 1, 0); +--- a/tools/xl/xl_vmcontrol.c ++++ b/tools/xl/xl_vmcontrol.c +@@ -22,6 +22,7 @@ + #include + #include + ++#include + #include + #include + #include +@@ -668,6 +669,10 @@ int create_domain(struct domain_create * + int migrate_fd = dom_info->migrate_fd; + bool config_in_json; + ++ libxl_event_type type = 0; ++ uint8_t shutdown_reason = 0; ++ bool is_in_suspend = false; ++ + int i; + int need_daemon = daemonize; + int ret, rc; +@@ -1034,6 +1039,24 @@ start: + ret = domain_wait_event(domid, &event); + if (ret) goto out; + ++ if (is_in_suspend) { ++ if ( type == event->type && event->u.domain_shutdown.shutdown_reason == shutdown_reason) { ++ struct timespec req = { .tv_nsec = 123456789, }; ++ libxl_evdisable_domain_death(ctx, deathw); ++ deathw = NULL; ++ ret = libxl_evenable_domain_death(ctx, domid, 0, &deathw); ++ if (ret) goto out; ++ libxl_event_free(ctx, event); ++ LOG("Domain %u still suspended", domid); ++ nanosleep(&req, NULL); ++ continue; ++ } ++ is_in_suspend = false; ++ LOG("Domain %u left suspend state", domid); ++ } ++ type = event->type; ++ shutdown_reason = event->u.domain_shutdown.shutdown_reason; ++ + switch (event->type) { + + case LIBXL_EVENT_TYPE_DOMAIN_SHUTDOWN: +@@ -1095,14 +1118,39 @@ start: + goto start; + + case DOMAIN_RESTART_NONE: ++ { ++ struct xs_handle *xsh = xs_open(0); ++ ++ if (xsh) { ++ char path[80]; ++ unsigned int len = 0; ++ char *val; ++ ++ snprintf(path, sizeof(path), "/libxl/%u/" XL_SAVE_PAUSE_CHECKPOINT, domid); ++ val = xs_read(xsh, XBT_NULL, path, &len); ++ xs_close(xsh); ++ LOG("Got %p '%s' from %s, len %u", val, val ?:"", path, len); ++ free(val); ++ if (val) ++ { ++ is_in_suspend = true; ++ libxl_evdisable_domain_death(ctx, deathw); ++ deathw = NULL; ++ ret = libxl_evenable_domain_death(ctx, domid, 0, &deathw); ++ if (ret) goto out; ++ break; ++ } ++ } + LOG("Done. Exiting now"); + libxl_event_free(ctx, event); + ret = 0; + goto out; ++ } + + default: + abort(); + } ++ break; + + case LIBXL_EVENT_TYPE_DOMAIN_DEATH: + LOG("Domain %u has been destroyed.", domid);