diff --git a/0001-libxc-Rework-extra-module-initialisation.patch b/0001-libxc-Rework-extra-module-initialisation.patch deleted file mode 100644 index 7c84b79..0000000 --- a/0001-libxc-Rework-extra-module-initialisation.patch +++ /dev/null @@ -1,185 +0,0 @@ -From 270b8e85b5379fe93192f36966384ff07400fe7b Mon Sep 17 00:00:00 2001 -From: Anthony PERARD -Date: Mon, 14 Mar 2016 17:55:36 +0000 -Subject: [PATCH 01/15] libxc: Rework extra module initialisation - -This patch use xc_dom_alloc_segment() to allocate the memory space for the -ACPI modules and the SMBIOS modules. This is to replace the arbitrary -placement of 1MB after the hvmloader image. - -In later patches, while trying to load a firmware such as OVMF, the later -could easily be loaded past the address 4MB (OVMF is a 2MB binary), but -hvmloader use a range of memory from 4MB to 8MB to perform tests and in the -process, clear the memory, before loading the modules. - -Signed-off-by: Anthony PERARD ---- - tools/libxc/xc_dom_hvmloader.c | 131 ++++++++++++----------------------------- - 1 file changed, 38 insertions(+), 93 deletions(-) - -Index: xen-4.7.0-testing/tools/libxc/xc_dom_hvmloader.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxc/xc_dom_hvmloader.c -+++ xen-4.7.0-testing/tools/libxc/xc_dom_hvmloader.c -@@ -129,98 +129,52 @@ static elf_errorstatus xc_dom_parse_hvm_ - return rc; - } - --static int modules_init(struct xc_dom_image *dom, -- uint64_t vend, struct elf_binary *elf, -- uint64_t *mstart_out, uint64_t *mend_out) -+static int module_init_one(struct xc_dom_image *dom, -+ struct xc_hvm_firmware_module *module, -+ char *name) - { --#define MODULE_ALIGN 1UL << 7 --#define MB_ALIGN 1UL << 20 --#define MKALIGN(x, a) (((uint64_t)(x) + (a) - 1) & ~(uint64_t)((a) - 1)) -- uint64_t total_len = 0, offset1 = 0; -- -- if ( dom->acpi_module.length == 0 && dom->smbios_module.length == 0 ) -- return 0; -- -- /* Find the total length for the firmware modules with a reasonable large -- * alignment size to align each the modules. -- */ -- total_len = MKALIGN(dom->acpi_module.length, MODULE_ALIGN); -- offset1 = total_len; -- total_len += MKALIGN(dom->smbios_module.length, MODULE_ALIGN); -- -- /* Want to place the modules 1Mb+change behind the loader image. */ -- *mstart_out = MKALIGN(elf->pend, MB_ALIGN) + (MB_ALIGN); -- *mend_out = *mstart_out + total_len; -- -- if ( *mend_out > vend ) -- return -1; -- -- if ( dom->acpi_module.length != 0 ) -- dom->acpi_module.guest_addr_out = *mstart_out; -- if ( dom->smbios_module.length != 0 ) -- dom->smbios_module.guest_addr_out = *mstart_out + offset1; -+ struct xc_dom_seg seg; -+ void *dest; -+ -+ if ( module->length ) -+ { -+ if ( xc_dom_alloc_segment(dom, &seg, name, 0, module->length) ) -+ goto err; -+ dest = xc_dom_seg_to_ptr(dom, &seg); -+ if ( dest == NULL ) -+ { -+ DOMPRINTF("%s: xc_dom_seg_to_ptr(dom, &seg) => NULL", -+ __FUNCTION__); -+ goto err; -+ } -+ memcpy(dest, module->data, module->length); -+ module->guest_addr_out = seg.vstart; -+ if ( module->guest_addr_out > UINT32_MAX || -+ module->guest_addr_out + module->length > UINT32_MAX ) -+ { -+ DOMPRINTF("%s: Module %s would be loaded abrove 4GB", -+ __FUNCTION__, name); -+ goto err; -+ } -+ } - - return 0; -+err: -+ return -1; - } - --static int loadmodules(struct xc_dom_image *dom, -- uint64_t mstart, uint64_t mend, -- uint32_t domid) -+static int modules_init(struct xc_dom_image *dom) - { -- privcmd_mmap_entry_t *entries = NULL; -- unsigned long pfn_start; -- unsigned long pfn_end; -- size_t pages; -- uint32_t i; -- uint8_t *dest; -- int rc = -1; -- xc_interface *xch = dom->xch; -- -- if ( mstart == 0 || mend == 0 ) -- return 0; -- -- pfn_start = (unsigned long)(mstart >> PAGE_SHIFT); -- pfn_end = (unsigned long)((mend + PAGE_SIZE - 1) >> PAGE_SHIFT); -- pages = pfn_end - pfn_start; -+ int rc; - -- /* Map address space for module list. */ -- entries = calloc(pages, sizeof(privcmd_mmap_entry_t)); -- if ( entries == NULL ) -- goto error_out; -+ rc = module_init_one(dom, &dom->acpi_module, "acpi module"); -+ if ( rc ) goto err; -+ rc = module_init_one(dom, &dom->smbios_module, "smbios module"); -+ if ( rc ) goto err; - -- for ( i = 0; i < pages; i++ ) -- entries[i].mfn = (mstart >> PAGE_SHIFT) + i; -- -- dest = xc_map_foreign_ranges( -- xch, domid, pages << PAGE_SHIFT, PROT_READ | PROT_WRITE, 1 << PAGE_SHIFT, -- entries, pages); -- if ( dest == NULL ) -- goto error_out; -- -- /* Zero the range so padding is clear between modules */ -- memset(dest, 0, pages << PAGE_SHIFT); -- -- /* Load modules into range */ -- if ( dom->acpi_module.length != 0 ) -- { -- memcpy(dest, -- dom->acpi_module.data, -- dom->acpi_module.length); -- } -- if ( dom->smbios_module.length != 0 ) -- { -- memcpy(dest + (dom->smbios_module.guest_addr_out - mstart), -- dom->smbios_module.data, -- dom->smbios_module.length); -- } -- -- munmap(dest, pages << PAGE_SHIFT); -- rc = 0; -- -- error_out: -- free(entries); -- -- return rc; -+ return 0; -+err: -+ return -1; - } - - static elf_errorstatus xc_dom_load_hvm_kernel(struct xc_dom_image *dom) -@@ -229,7 +183,6 @@ static elf_errorstatus xc_dom_load_hvm_k - privcmd_mmap_entry_t *entries = NULL; - size_t pages = (elf->pend - elf->pstart + PAGE_SIZE - 1) >> PAGE_SHIFT; - elf_errorstatus rc; -- uint64_t m_start = 0, m_end = 0; - int i; - - /* Map address space for initial elf image. */ -@@ -262,15 +215,7 @@ static elf_errorstatus xc_dom_load_hvm_k - - munmap(elf->dest_base, elf->dest_size); - -- rc = modules_init(dom, dom->total_pages << PAGE_SHIFT, elf, &m_start, -- &m_end); -- if ( rc != 0 ) -- { -- DOMPRINTF("%s: insufficient space to load modules.", __func__); -- goto error; -- } -- -- rc = loadmodules(dom, m_start, m_end, dom->guest_domid); -+ rc = modules_init(dom); - if ( rc != 0 ) - { - DOMPRINTF("%s: unable to load modules.", __func__); diff --git a/0001-net-move-the-tap-buffer-into-TAPState.patch b/0001-net-move-the-tap-buffer-into-TAPState.patch deleted file mode 100644 index 78f80e2..0000000 --- a/0001-net-move-the-tap-buffer-into-TAPState.patch +++ /dev/null @@ -1,59 +0,0 @@ -From: Mark McLoughlin -Date: Mon, 18 May 2009 12:05:44 +0100 -Subject: net: move the tap buffer into TAPState -Patch-mainline: v0.11.0-rc0 -Git-commit: 5b01e886d9eb4d5e94384a79634dcb43848e7bbf -References: bnc#840196 - -KVM uses a 64k buffer for reading from tapfd (for GSO support) -and allocates the buffer with TAPState rather than on the stack. - -Not allocating it on the stack probably makes sense for qemu -anyway, so merge it in advance of GSO support. - -Signed-off-by: Mark McLoughlin -Signed-off-by: Michal Kubecek ---- - tools/qemu-xen-traditional-dir-remote/net.c | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -diff --git a/tools/qemu-xen-traditional-dir-remote/net.c b/tools/qemu-xen-traditional-dir-remote/net.c -index 0e7c77c..2ca85a3 100644 ---- a/tools/qemu-xen-traditional-dir-remote/net.c -+++ b/tools/qemu-xen-traditional-dir-remote/net.c -@@ -700,6 +700,7 @@ typedef struct TAPState { - char down_script[1024]; - char down_script_arg[128]; - char script_arg[1024]; -+ uint8_t buf[4096]; - } TAPState; - - #ifndef CONFIG_STUBDOM -@@ -735,20 +736,19 @@ static void tap_receive(void *opaque, const uint8_t *buf, int size) - static void tap_send(void *opaque) - { - TAPState *s = opaque; -- uint8_t buf[4096]; - int size; - - #ifdef __sun__ - struct strbuf sbuf; - int f = 0; -- sbuf.maxlen = sizeof(buf); -- sbuf.buf = buf; -+ sbuf.maxlen = sizeof(s->buf); -+ sbuf.buf = s->buf; - size = getmsg(s->fd, NULL, &sbuf, &f) >=0 ? sbuf.len : -1; - #else -- size = read(s->fd, buf, sizeof(buf)); -+ size = read(s->fd, s->buf, sizeof(s->buf)); - #endif - if (size > 0) { -- qemu_send_packet(s->vc, buf, size); -+ qemu_send_packet(s->vc, s->buf, size); - } - } - --- -1.8.1.4 - diff --git a/0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch b/0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch deleted file mode 100644 index c2b8b53..0000000 --- a/0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch +++ /dev/null @@ -1,261 +0,0 @@ -From 34cd9218de8579722240d1acdcaae4e4278f667e Mon Sep 17 00:00:00 2001 -From: Anthony PERARD -Date: Mon, 14 Mar 2016 17:55:37 +0000 -Subject: [PATCH 02/15] libxc: Prepare a start info structure for hvmloader - -... and load BIOS into guest memory. - -This adds a new firmware module, bios_module. It is -loaded in the guest memory and final location is provided to hvmloader -via the hvm_start_info struct. - -This patch create the hvm_start_info struct for HVM guest that have a -device model, so this is now common code with HVM guest without device -model. - -Signed-off-by: Anthony PERARD ---- - tools/libxc/include/xc_dom.h | 3 + - tools/libxc/xc_dom_hvmloader.c | 2 + - tools/libxc/xc_dom_x86.c | 132 ++++++++++++++++++++++++++++------------- - xen/include/public/xen.h | 2 +- - 4 files changed, 96 insertions(+), 43 deletions(-) - -Index: xen-4.7.0-testing/tools/libxc/include/xc_dom.h -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxc/include/xc_dom.h -+++ xen-4.7.0-testing/tools/libxc/include/xc_dom.h -@@ -209,6 +209,9 @@ struct xc_dom_image { - /* If unset disables the setup of the IOREQ pages. */ - bool device_model; - -+ /* BIOS passed to HVMLOADER */ -+ struct xc_hvm_firmware_module bios_module; -+ - /* Extra ACPI tables passed to HVMLOADER */ - struct xc_hvm_firmware_module acpi_module; - -Index: xen-4.7.0-testing/tools/libxc/xc_dom_hvmloader.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxc/xc_dom_hvmloader.c -+++ xen-4.7.0-testing/tools/libxc/xc_dom_hvmloader.c -@@ -167,6 +167,8 @@ static int modules_init(struct xc_dom_im - { - int rc; - -+ rc = module_init_one(dom, &dom->bios_module, "bios module"); -+ if ( rc ) goto err; - rc = module_init_one(dom, &dom->acpi_module, "acpi module"); - if ( rc ) goto err; - rc = module_init_one(dom, &dom->smbios_module, "smbios module"); -Index: xen-4.7.0-testing/tools/libxc/xc_dom_x86.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxc/xc_dom_x86.c -+++ xen-4.7.0-testing/tools/libxc/xc_dom_x86.c -@@ -69,6 +69,9 @@ - #define round_up(addr, mask) ((addr) | (mask)) - #define round_pg_up(addr) (((addr) + PAGE_SIZE_X86 - 1) & ~(PAGE_SIZE_X86 - 1)) - -+#define HVMLOADER_MODULE_MAX_COUNT 1 -+#define HVMLOADER_MODULE_NAME_SIZE 10 -+ - struct xc_dom_params { - unsigned levels; - xen_vaddr_t vaddr_mask; -@@ -590,6 +593,7 @@ static int alloc_magic_pages_hvm(struct - xen_pfn_t special_array[X86_HVM_NR_SPECIAL_PAGES]; - xen_pfn_t ioreq_server_array[NR_IOREQ_SERVER_PAGES]; - xc_interface *xch = dom->xch; -+ size_t start_info_size = sizeof(struct hvm_start_info); - - /* Allocate and clear special pages. */ - for ( i = 0; i < X86_HVM_NR_SPECIAL_PAGES; i++ ) -@@ -624,8 +628,6 @@ static int alloc_magic_pages_hvm(struct - - if ( !dom->device_model ) - { -- size_t start_info_size = sizeof(struct hvm_start_info); -- - if ( dom->cmdline ) - { - dom->cmdline_size = ROUNDUP(strlen(dom->cmdline) + 1, 8); -@@ -635,17 +637,26 @@ static int alloc_magic_pages_hvm(struct - /* Limited to one module. */ - if ( dom->ramdisk_blob ) - start_info_size += sizeof(struct hvm_modlist_entry); -- -- rc = xc_dom_alloc_segment(dom, &dom->start_info_seg, -- "HVMlite start info", 0, start_info_size); -- if ( rc != 0 ) -- { -- DOMPRINTF("Unable to reserve memory for the start info"); -- goto out; -- } - } - else - { -+ start_info_size += -+ sizeof(struct hvm_modlist_entry) * HVMLOADER_MODULE_MAX_COUNT; -+ /* Add extra space to write modules name */ -+ start_info_size += -+ HVMLOADER_MODULE_NAME_SIZE * HVMLOADER_MODULE_MAX_COUNT; -+ } -+ -+ rc = xc_dom_alloc_segment(dom, &dom->start_info_seg, -+ "HVMlite start info", 0, start_info_size); -+ if ( rc != 0 ) -+ { -+ DOMPRINTF("Unable to reserve memory for the start info"); -+ goto out; -+ } -+ -+ if ( dom->device_model ) -+ { - /* - * Allocate and clear additional ioreq server pages. The default - * server will use the IOREQ and BUFIOREQ special pages above. -@@ -1689,39 +1700,68 @@ static int alloc_pgtables_hvm(struct xc_ - return 0; - } - -+static void add_module_to_list(struct xc_dom_image *dom, -+ struct xc_hvm_firmware_module *module, -+ const char *name, -+ struct hvm_modlist_entry *modlist, -+ struct hvm_start_info *start_info) -+{ -+ uint32_t index = start_info->nr_modules; -+ if ( module->length == 0 ) -+ return; -+ -+ assert(start_info->nr_modules < HVMLOADER_MODULE_MAX_COUNT); -+ assert(strnlen(name, HVMLOADER_MODULE_NAME_SIZE) -+ < HVMLOADER_MODULE_NAME_SIZE); -+ -+ modlist[index].paddr = module->guest_addr_out; -+ modlist[index].size = module->length; -+ strncpy((char*)(modlist + HVMLOADER_MODULE_MAX_COUNT) -+ + HVMLOADER_MODULE_NAME_SIZE * index, -+ name, HVMLOADER_MODULE_NAME_SIZE); -+ modlist[index].cmdline_paddr = -+ (dom->start_info_seg.pfn << PAGE_SHIFT) + -+ ((uintptr_t)modlist - (uintptr_t)start_info) + -+ sizeof(struct hvm_modlist_entry) * HVMLOADER_MODULE_MAX_COUNT + -+ HVMLOADER_MODULE_NAME_SIZE * index; -+ -+ start_info->nr_modules++; -+} -+ - static int bootlate_hvm(struct xc_dom_image *dom) - { - uint32_t domid = dom->guest_domid; - xc_interface *xch = dom->xch; -+ struct hvm_start_info *start_info; -+ size_t start_info_size; -+ void *start_page; -+ struct hvm_modlist_entry *modlist; - -- if ( !dom->device_model ) -- { -- struct hvm_start_info *start_info; -- size_t start_info_size; -- void *start_page; -- -- start_info_size = sizeof(*start_info) + dom->cmdline_size; -- if ( dom->ramdisk_blob ) -- start_info_size += sizeof(struct hvm_modlist_entry); -+ start_info_size = sizeof(*start_info) + dom->cmdline_size; -+ if ( dom->ramdisk_blob ) -+ start_info_size += sizeof(struct hvm_modlist_entry); - -- if ( start_info_size > -- dom->start_info_seg.pages << XC_DOM_PAGE_SHIFT(dom) ) -- { -- DOMPRINTF("Trying to map beyond start_info_seg"); -- return -1; -- } -+ if ( start_info_size > -+ dom->start_info_seg.pages << XC_DOM_PAGE_SHIFT(dom) ) -+ { -+ DOMPRINTF("Trying to map beyond start_info_seg"); -+ return -1; -+ } - -- start_page = xc_map_foreign_range(xch, domid, start_info_size, -- PROT_READ | PROT_WRITE, -- dom->start_info_seg.pfn); -- if ( start_page == NULL ) -- { -- DOMPRINTF("Unable to map HVM start info page"); -- return -1; -- } -+ start_page = xc_map_foreign_range(xch, domid, start_info_size, -+ PROT_READ | PROT_WRITE, -+ dom->start_info_seg.pfn); -+ if ( start_page == NULL ) -+ { -+ DOMPRINTF("Unable to map HVM start info page"); -+ return -1; -+ } - -- start_info = start_page; -+ start_info = start_page; -+ modlist = start_page + sizeof(*start_info) + dom->cmdline_size; - -+ if ( !dom->device_model ) -+ { - if ( dom->cmdline ) - { - char *cmdline = start_page + sizeof(*start_info); -@@ -1733,22 +1773,30 @@ static int bootlate_hvm(struct xc_dom_im - - if ( dom->ramdisk_blob ) - { -- struct hvm_modlist_entry *modlist = -- start_page + sizeof(*start_info) + dom->cmdline_size; - - modlist[0].paddr = dom->ramdisk_seg.vstart - dom->parms.virt_base; - modlist[0].size = dom->ramdisk_seg.vend - dom->ramdisk_seg.vstart; -- start_info->modlist_paddr = (dom->start_info_seg.pfn << PAGE_SHIFT) + -- ((uintptr_t)modlist - (uintptr_t)start_info); - start_info->nr_modules = 1; - } -- -- start_info->magic = XEN_HVM_START_MAGIC_VALUE; -- -- munmap(start_page, start_info_size); - } - else - { -+ add_module_to_list(dom, &dom->bios_module, "bios", -+ modlist, start_info); -+ } -+ -+ if ( start_info->nr_modules ) -+ { -+ start_info->modlist_paddr = (dom->start_info_seg.pfn << PAGE_SHIFT) + -+ ((uintptr_t)modlist - (uintptr_t)start_info); -+ } -+ -+ start_info->magic = XEN_HVM_START_MAGIC_VALUE; -+ -+ munmap(start_page, start_info_size); -+ -+ if ( dom->device_model ) -+ { - void *hvm_info_page; - - if ( (hvm_info_page = xc_map_foreign_range( -Index: xen-4.7.0-testing/xen/include/public/xen.h -=================================================================== ---- xen-4.7.0-testing.orig/xen/include/public/xen.h -+++ xen-4.7.0-testing/xen/include/public/xen.h -@@ -814,7 +814,7 @@ struct start_info { - typedef struct start_info start_info_t; - - /* -- * Start of day structure passed to PVH guests in %ebx. -+ * Start of day structure passed to PVH guests and to HVM guests in %ebx. - * - * NOTE: nothing will be loaded at physical address 0, so a 0 value in any - * of the address fields should be treated as not present. diff --git a/0002-net-increase-tap-buffer-size.patch b/0002-net-increase-tap-buffer-size.patch deleted file mode 100644 index 7ed57ab..0000000 --- a/0002-net-increase-tap-buffer-size.patch +++ /dev/null @@ -1,47 +0,0 @@ -From: Michal Kubecek -Date: Fri, 27 Sep 2013 19:05:45 +0200 -Subject: net: increase tap buffer size -Patch-mainline: v0.12.0-rc0 -Git-commit: 8e0f8e5bf8fd483dd28329055336cf895b74c89f (partial) -References: bnc#840196 - -Increase size of buffere embedded in struct TAPState to allow -jumbo frames longer then 4096 bytes. - -Part of upstream qemu commit - - 8e0f8e5b net: enable IFF_VNET_HDR on tap fds if available - -Signed-off-by: Michal Kubecek ---- - tools/qemu-xen-traditional-dir-remote/net.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/tools/qemu-xen-traditional-dir-remote/net.c b/tools/qemu-xen-traditional-dir-remote/net.c -index 2ca85a3..502a691 100644 ---- a/tools/qemu-xen-traditional-dir-remote/net.c -+++ b/tools/qemu-xen-traditional-dir-remote/net.c -@@ -693,6 +693,11 @@ static void vmchannel_read(void *opaque, const uint8_t *buf, int size) - - #if !defined(_WIN32) - -+/* Maximum GSO packet size (64k) plus plenty of room for -+ * the ethernet and virtio_net headers -+ */ -+#define TAP_BUFSIZE (4096 + 65536) -+ - typedef struct TAPState { - VLANClientState *vc; - int fd; -@@ -700,7 +705,7 @@ typedef struct TAPState { - char down_script[1024]; - char down_script_arg[128]; - char script_arg[1024]; -- uint8_t buf[4096]; -+ uint8_t buf[TAP_BUFSIZE]; - } TAPState; - - #ifndef CONFIG_STUBDOM --- -1.8.1.4 - diff --git a/0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch b/0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch deleted file mode 100644 index 4eb2c61..0000000 --- a/0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch +++ /dev/null @@ -1,38 +0,0 @@ -From d12d422d347ca3a8fd8181b78ee2736561cd0e57 Mon Sep 17 00:00:00 2001 -From: Anthony PERARD -Date: Mon, 14 Mar 2016 17:55:38 +0000 -Subject: [PATCH 03/15] configure: #define SEABIOS_PATH and OVMF_PATH - -Those paths are to be used by libxl, in order to load the firmware in -memory. If a system path is not define via --with-system-seabios or ---with-system-ovmf, then this default to the Xen firmware directory. - -Signed-off-by: Anthony PERARD ---- - tools/configure.ac | 6 ++++++ - 1 file changed, 6 insertions(+) - -Index: xen-4.7.0-testing/tools/configure.ac -=================================================================== ---- xen-4.7.0-testing.orig/tools/configure.ac -+++ xen-4.7.0-testing/tools/configure.ac -@@ -218,6 +218,9 @@ AC_ARG_WITH([system-seabios], - esac - ],[]) - AC_SUBST(seabios_path) -+AC_DEFINE_UNQUOTED([SEABIOS_PATH], -+ ["${seabios_path:-$XENFIRMWAREDIR/seabios.bin}"], -+ [SeaBIOS path]) - - AC_ARG_WITH([system-ovmf], - AS_HELP_STRING([--with-system-ovmf@<:@=PATH@:>@], -@@ -229,6 +232,9 @@ AC_ARG_WITH([system-ovmf], - esac - ],[]) - AC_SUBST(ovmf_path) -+AC_DEFINE_UNQUOTED([OVMF_PATH], -+ ["${ovmf_path:-$XENFIRMWAREDIR/ovmf.bin}"], -+ [OVMF path]) - - AC_ARG_WITH([extra-qemuu-configure-args], - AS_HELP_STRING([--with-extra-qemuu-configure-args@<:@="--ARG1 ..."@:>@], diff --git a/0003-e1000-fix-access-4-bytes-beyond-buffer-end.patch b/0003-e1000-fix-access-4-bytes-beyond-buffer-end.patch deleted file mode 100644 index c0472d5..0000000 --- a/0003-e1000-fix-access-4-bytes-beyond-buffer-end.patch +++ /dev/null @@ -1,41 +0,0 @@ -From: "Michael S. Tsirkin" -Date: Mon, 12 Jul 2010 20:24:59 +0300 -Subject: e1000: fix access 4 bytes beyond buffer end -Patch-mainline: v0.13.0-rc0 -Git-commit: b0b900070c7cb29bbefb732ec00397abe5de6d73 -References: bnc#840196 - -We do range check for size, and get size as buffer, -but copy size + 4 bytes (4 is for FCS). -Let's copy size bytes but put size + 4 in length. - -Signed-off-by: Michael S. Tsirkin -Acked-by: Michal Kubecek ---- - tools/qemu-xen-traditional-dir-remote/hw/e1000.c | 3 +-- - 1 file changed, 1 insertion(+), 2 deletions(-) - -diff --git a/tools/qemu-xen-traditional-dir-remote/hw/e1000.c b/tools/qemu-xen-traditional-dir-remote/hw/e1000.c -index c75bc5e..9b062db 100644 ---- a/tools/qemu-xen-traditional-dir-remote/hw/e1000.c -+++ b/tools/qemu-xen-traditional-dir-remote/hw/e1000.c -@@ -659,7 +659,6 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) - } - - rdh_start = s->mac_reg[RDH]; -- size += 4; // for the header - do { - if (s->mac_reg[RDH] == s->mac_reg[RDT] && s->check_rxov) { - set_ics(s, 0, E1000_ICS_RXO); -@@ -673,7 +672,7 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) - if (desc.buffer_addr) { - cpu_physical_memory_write(le64_to_cpu(desc.buffer_addr), - (void *)(buf + vlan_offset), size); -- desc.length = cpu_to_le16(size); -+ desc.length = cpu_to_le16(size + 4 /* for FCS */); - desc.status |= E1000_RXD_STAT_EOP|E1000_RXD_STAT_IXSM; - } else // as per intel docs; skip descriptors with null buf addr - DBGOUT(RX, "Null RX descriptor!!\n"); --- -1.8.1.4 - diff --git a/0004-e1000-secrc-support.patch b/0004-e1000-secrc-support.patch deleted file mode 100644 index a64786e..0000000 --- a/0004-e1000-secrc-support.patch +++ /dev/null @@ -1,47 +0,0 @@ -From: "Michael S. Tsirkin" -Date: Mon, 12 Jul 2010 20:41:02 +0300 -Subject: e1000: secrc support -Patch-mainline: v0.13.0-rc0 -Git-commit: 55e8d1ce6b09300cc5f3adcd9a705156d168381d -References: bnc#840196 - -Add support for secrc field. Reportedly needed by old RHEL guests. - -Signed-off-by: Michael S. Tsirkin -Acked-by: Michal Kubecek ---- - tools/qemu-xen-traditional-dir-remote/hw/e1000.c | 11 ++++++++++- - 1 file changed, 10 insertions(+), 1 deletion(-) - -diff --git a/tools/qemu-xen-traditional-dir-remote/hw/e1000.c b/tools/qemu-xen-traditional-dir-remote/hw/e1000.c -index 9b062db..07e681d 100644 ---- a/tools/qemu-xen-traditional-dir-remote/hw/e1000.c -+++ b/tools/qemu-xen-traditional-dir-remote/hw/e1000.c -@@ -338,6 +338,15 @@ is_vlan_txd(uint32_t txd_lower) - return ((txd_lower & E1000_TXD_CMD_VLE) != 0); - } - -+/* FCS aka Ethernet CRC-32. We don't get it from backends and can't -+ * fill it in, just pad descriptor length by 4 bytes unless guest -+ * told us to trip it off the packet. */ -+static inline int -+fcs_len(E1000State *s) -+{ -+ return (s->mac_reg[RCTL] & E1000_RCTL_SECRC) ? 0 : 4; -+} -+ - static void - xmit_seg(E1000State *s) - { -@@ -672,7 +681,7 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) - if (desc.buffer_addr) { - cpu_physical_memory_write(le64_to_cpu(desc.buffer_addr), - (void *)(buf + vlan_offset), size); -- desc.length = cpu_to_le16(size + 4 /* for FCS */); -+ desc.length = cpu_to_le16(size + fcs_len(s)); - desc.status |= E1000_RXD_STAT_EOP|E1000_RXD_STAT_IXSM; - } else // as per intel docs; skip descriptors with null buf addr - DBGOUT(RX, "Null RX descriptor!!\n"); --- -1.8.1.4 - diff --git a/0004-firmware-makefile-install-BIOS-blob.patch b/0004-firmware-makefile-install-BIOS-blob.patch deleted file mode 100644 index 623e126..0000000 --- a/0004-firmware-makefile-install-BIOS-blob.patch +++ /dev/null @@ -1,43 +0,0 @@ -From b44077cb7b2844d083ddae0d2174d4ae8a5101b6 Mon Sep 17 00:00:00 2001 -From: Anthony PERARD -Date: Mon, 14 Mar 2016 17:55:39 +0000 -Subject: [PATCH 04/15] firmware/makefile: install BIOS blob ... - -... into the firmware directory, along with hvmloader. - -Signed-off-by: Anthony PERARD ---- - tools/firmware/Makefile | 13 +++++++++++++ - 1 file changed, 13 insertions(+) - -Index: xen-4.7.0-testing/tools/firmware/Makefile -=================================================================== ---- xen-4.7.0-testing.orig/tools/firmware/Makefile -+++ xen-4.7.0-testing/tools/firmware/Makefile -@@ -19,6 +19,9 @@ SUBDIRS-y += hvmloader - - LD32BIT-$(CONFIG_FreeBSD) := LD32BIT_FLAG=-melf_i386_fbsd - -+SEABIOS_ROM := seabios-dir/out/bios.bin -+OVMF_ROM := ovmf-dir/ovmf.bin -+ - ovmf-dir: - GIT=$(GIT) $(XEN_ROOT)/scripts/git-checkout.sh $(OVMF_UPSTREAM_URL) $(OVMF_UPSTREAM_REVISION) ovmf-dir - cp ovmf-makefile ovmf-dir/Makefile; -@@ -45,6 +48,16 @@ endif - install: all - [ -d $(INST_DIR) ] || $(INSTALL_DIR) $(INST_DIR) - [ ! -e $(TARGET) ] || $(INSTALL_DATA) $(TARGET) $(INST_DIR) -+ifeq ($(CONFIG_SEABIOS),y) -+ifeq ($(SEABIOS_PATH),) -+ $(INSTALL_DATA) $(SEABIOS_ROM) $(INST_DIR)/seabios.bin -+endif -+endif -+ifeq ($(CONFIG_OVMF),y) -+ifeq ($(OVMF_PATH),) -+ $(INSTALL_DATA) $(OVMF_ROM) $(INST_DIR)/ovmf.bin -+endif -+endif - - .PHONY: clean - clean: subdirs-clean diff --git a/0005-e1000-multi-buffer-packet-support.patch b/0005-e1000-multi-buffer-packet-support.patch deleted file mode 100644 index 5b28828..0000000 --- a/0005-e1000-multi-buffer-packet-support.patch +++ /dev/null @@ -1,104 +0,0 @@ -From: "Michael S. Tsirkin" -Date: Tue, 15 Feb 2011 18:27:48 +0200 -Subject: e1000: multi-buffer packet support -Patch-mainline: v0.15.0-rc0 -Git-commit: b19487e27ed3009df7f555998a454ba19aefd4b8 -References: bnc#840196 - -e1000 supports multi-buffer packets larger than rxbuf_size. - -This fixes the following (on linux): -- in guest: ifconfig eth1 mtu 16110 -- in host: ifconfig tap0 mtu 16110 - ping -s 16082 - -Signed-off-by: Michael S. Tsirkin -Reviewed-by: Stefan Hajnoczi -Acked-by: Alex Williamson -Acked-by: Kevin Wolf -Signed-off-by: Aurelien Jarno -Signed-off-by: Michal Kubecek ---- - tools/qemu-xen-traditional-dir-remote/hw/e1000.c | 39 +++++++++++++++++------- - 1 file changed, 28 insertions(+), 11 deletions(-) - -diff --git a/tools/qemu-xen-traditional-dir-remote/hw/e1000.c b/tools/qemu-xen-traditional-dir-remote/hw/e1000.c -index 07e681d..34818e0 100644 ---- a/tools/qemu-xen-traditional-dir-remote/hw/e1000.c -+++ b/tools/qemu-xen-traditional-dir-remote/hw/e1000.c -@@ -632,16 +632,13 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) - uint32_t rdh_start; - uint16_t vlan_special = 0; - uint8_t vlan_status = 0, vlan_offset = 0; -+ size_t desc_offset; -+ size_t desc_size; -+ size_t total_size; - - if (!(s->mac_reg[RCTL] & E1000_RCTL_EN)) - return; - -- if (size > s->rxbuf_size) { -- DBGOUT(RX, "packet too large for buffers (%d > %d)\n", size, -- s->rxbuf_size); -- return; -- } -- - /* Discard oversized packets if !LPE and !SBP. */ - if ((size > MAXIMUM_ETHERNET_LPE_SIZE || - (size > MAXIMUM_ETHERNET_VLAN_SIZE -@@ -668,8 +665,16 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) - } - - rdh_start = s->mac_reg[RDH]; -+ desc_offset = 0; -+ total_size = size + fcs_len(s); - do { -+ desc_size = total_size - desc_offset; -+ if (desc_size > s->rxbuf_size) { -+ desc_size = s->rxbuf_size; -+ } - if (s->mac_reg[RDH] == s->mac_reg[RDT] && s->check_rxov) { -+ /* Discard all data written so far */ -+ s->mac_reg[RDH] = rdh_start; - set_ics(s, 0, E1000_ICS_RXO); - return; - } -@@ -679,10 +684,22 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) - desc.special = vlan_special; - desc.status |= (vlan_status | E1000_RXD_STAT_DD); - if (desc.buffer_addr) { -- cpu_physical_memory_write(le64_to_cpu(desc.buffer_addr), -- (void *)(buf + vlan_offset), size); -- desc.length = cpu_to_le16(size + fcs_len(s)); -- desc.status |= E1000_RXD_STAT_EOP|E1000_RXD_STAT_IXSM; -+ if (desc_offset < size) { -+ size_t copy_size = size - desc_offset; -+ if (copy_size > s->rxbuf_size) { -+ copy_size = s->rxbuf_size; -+ } -+ cpu_physical_memory_write(le64_to_cpu(desc.buffer_addr), -+ (void *)(buf + desc_offset + vlan_offset), -+ copy_size); -+ } -+ desc_offset += desc_size; -+ if (desc_offset >= total_size) { -+ desc.length = cpu_to_le16(desc_size); -+ desc.status |= E1000_RXD_STAT_EOP | E1000_RXD_STAT_IXSM; -+ } else { -+ desc.length = cpu_to_le16(desc_size); -+ } - } else // as per intel docs; skip descriptors with null buf addr - DBGOUT(RX, "Null RX descriptor!!\n"); - cpu_physical_memory_write(base, (void *)&desc, sizeof(desc)); -@@ -697,7 +714,7 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) - set_ics(s, 0, E1000_ICS_RXO); - return; - } -- } while (desc.buffer_addr == 0); -+ } while (desc_offset < total_size); - - s->mac_reg[GPRC]++; - s->mac_reg[TPR]++; --- -1.8.1.4 - diff --git a/0005-libxl-Load-guest-BIOS-from-file.patch b/0005-libxl-Load-guest-BIOS-from-file.patch deleted file mode 100644 index f421001..0000000 --- a/0005-libxl-Load-guest-BIOS-from-file.patch +++ /dev/null @@ -1,212 +0,0 @@ -From a8eef037b010662e73428907af761b6d2aef4eae Mon Sep 17 00:00:00 2001 -From: Anthony PERARD -Date: Mon, 14 Mar 2016 17:55:40 +0000 -Subject: [PATCH 05/15] libxl: Load guest BIOS from file - -The path to the BIOS blob can be override by the xl's bios_override option, -or provided by u.hvm.bios_firmware in the domain_build_info struct by other -libxl user. - -Signed-off-by: Anthony PERARD ---- - docs/man/xl.cfg.pod.5 | 9 +++++++ - tools/libxl/libxl.h | 8 +++++++ - tools/libxl/libxl_dom.c | 57 ++++++++++++++++++++++++++++++++++++++++++++ - tools/libxl/libxl_internal.h | 2 ++ - tools/libxl/libxl_paths.c | 10 ++++++++ - tools/libxl/libxl_types.idl | 1 + - tools/libxl/xl_cmdimpl.c | 11 ++++++--- - 7 files changed, 95 insertions(+), 3 deletions(-) - -Index: xen-4.7.0-testing/docs/man/xl.cfg.pod.5 -=================================================================== ---- xen-4.7.0-testing.orig/docs/man/xl.cfg.pod.5 -+++ xen-4.7.0-testing/docs/man/xl.cfg.pod.5 -@@ -1268,6 +1268,15 @@ Requires device_model_version=qemu-xen. - - =back - -+=item B -+ -+Override the path to the blob to be used as BIOS. The blob provided here MUST -+be consistent with the `bios` which you have specified. You should not normally -+need to specify this option. -+ -+This options does not have any effect if using bios="rombios" or -+device_model_version="qemu-xen-traditional". -+ - =item B - - Hide or expose the IA32 Physical Address Extensions. These extensions -Index: xen-4.7.0-testing/tools/libxl/libxl.h -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl.h -+++ xen-4.7.0-testing/tools/libxl/libxl.h -@@ -947,6 +947,14 @@ void libxl_mac_copy(libxl_ctx *ctx, libx - #define LIBXL_HAVE_CHECKPOINTED_STREAM 1 - - /* -+ * LIBXL_HAVE_BUILDINFO_HVM_BIOS_FIRMWARE -+ * -+ * libxl_domain_build_info has u.hvm.bios_firmware field which can be use -+ * to provide a different bios blob (like SeaBIOS or OVMF). -+ */ -+#define LIBXL_HAVE_BUILDINFO_HVM_BIOS_FIRMWARE -+ -+/* - * ERROR_REMUS_XXX error code only exists from Xen 4.5, Xen 4.6 and it - * is changed to ERROR_CHECKPOINT_XXX in Xen 4.7 - */ -Index: xen-4.7.0-testing/tools/libxl/libxl_dom.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_dom.c -+++ xen-4.7.0-testing/tools/libxl/libxl_dom.c -@@ -860,6 +860,38 @@ err: - return ret; - } - -+static int libxl__load_hvm_firmware_module(libxl__gc *gc, -+ const char *filename, -+ const char *what, -+ struct xc_hvm_firmware_module *m) -+{ -+ int datalen = 0; -+ void *data = NULL; -+ int e; -+ -+ LOG(DEBUG, "Loading %s: %s", what, filename); -+ e = libxl_read_file_contents(CTX, filename, &data, &datalen); -+ if (e) { -+ /* -+ * Print a message only on ENOENT, other error are logged by the -+ * function libxl_read_file_contents(). -+ */ -+ if (e == ENOENT) -+ LOGEV(ERROR, e, "failed to read %s file", what); -+ return ERROR_FAIL; -+ } -+ libxl__ptr_add(gc, data); -+ if (datalen) { -+ /* Only accept non-empty files */ -+ m->data = data; -+ m->length = datalen; -+ } else { -+ LOG(ERROR, "file %s for %s is empty", filename, what); -+ return ERROR_INVAL; -+ } -+ return 0; -+} -+ - static int libxl__domain_firmware(libxl__gc *gc, - libxl_domain_build_info *info, - struct xc_dom_image *dom) -@@ -869,6 +901,7 @@ static int libxl__domain_firmware(libxl_ - int e, rc; - int datalen = 0; - void *data; -+ const char *bios_filename = NULL; - - if (info->u.hvm.firmware) - firmware = info->u.hvm.firmware; -@@ -912,6 +945,30 @@ static int libxl__domain_firmware(libxl_ - goto out; - } - -+ if (info->device_model_version == LIBXL_DEVICE_MODEL_VERSION_QEMU_XEN) { -+ if (info->u.hvm.bios_firmware) { -+ bios_filename = info->u.hvm.bios_firmware; -+ } else { -+ switch (info->u.hvm.bios) { -+ case LIBXL_BIOS_TYPE_SEABIOS: -+ bios_filename = libxl__seabios_path(); -+ break; -+ case LIBXL_BIOS_TYPE_OVMF: -+ bios_filename = libxl__ovmf_path(); -+ break; -+ case LIBXL_BIOS_TYPE_ROMBIOS: -+ default: -+ abort(); -+ } -+ } -+ } -+ -+ if (bios_filename) { -+ rc = libxl__load_hvm_firmware_module(gc, bios_filename, "BIOS", -+ &dom->bios_module); -+ if (rc) goto out; -+ } -+ - if (info->u.hvm.smbios_firmware) { - data = NULL; - e = libxl_read_file_contents(ctx, info->u.hvm.smbios_firmware, -Index: xen-4.7.0-testing/tools/libxl/libxl_internal.h -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_internal.h -+++ xen-4.7.0-testing/tools/libxl/libxl_internal.h -@@ -2317,6 +2317,8 @@ _hidden const char *libxl__xen_config_di - _hidden const char *libxl__xen_script_dir_path(void); - _hidden const char *libxl__lock_dir_path(void); - _hidden const char *libxl__run_dir_path(void); -+_hidden const char *libxl__seabios_path(void); -+_hidden const char *libxl__ovmf_path(void); - - /*----- subprocess execution with timeout -----*/ - -Index: xen-4.7.0-testing/tools/libxl/libxl_paths.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_paths.c -+++ xen-4.7.0-testing/tools/libxl/libxl_paths.c -@@ -35,6 +35,16 @@ const char *libxl__run_dir_path(void) - return XEN_RUN_DIR; - } - -+const char *libxl__seabios_path(void) -+{ -+ return SEABIOS_PATH; -+} -+ -+const char *libxl__ovmf_path(void) -+{ -+ return OVMF_PATH; -+} -+ - /* - * Local variables: - * mode: C -Index: xen-4.7.0-testing/tools/libxl/libxl_types.idl -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_types.idl -+++ xen-4.7.0-testing/tools/libxl/libxl_types.idl -@@ -513,6 +513,7 @@ libxl_domain_build_info = Struct("domain - ("timer_mode", libxl_timer_mode), - ("nested_hvm", libxl_defbool), - ("altp2m", libxl_defbool), -+ ("bios_firmware", string), - ("smbios_firmware", string), - ("acpi_firmware", string), - ("hdtype", libxl_hdtype), -Index: xen-4.7.0-testing/tools/libxl/xl_cmdimpl.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/xl_cmdimpl.c -+++ xen-4.7.0-testing/tools/libxl/xl_cmdimpl.c -@@ -1562,12 +1562,17 @@ static void parse_config_data(const char - - xlu_cfg_replace_string (config, "firmware_override", - &b_info->u.hvm.firmware, 0); -- if (!xlu_cfg_get_string(config, "bios", &buf, 0) && -- libxl_bios_type_from_string(buf, &b_info->u.hvm.bios)) { -+ xlu_cfg_replace_string (config, "bios_override", -+ &b_info->u.hvm.bios_firmware, 0); -+ if (!xlu_cfg_get_string(config, "bios", &buf, 0)) { -+ if (libxl_bios_type_from_string(buf, &b_info->u.hvm.bios)) { - fprintf(stderr, "ERROR: invalid value \"%s\" for \"bios\"\n", - buf); - exit (1); -- } -+ } -+ } else if (b_info->u.hvm.bios_firmware) -+ fprintf(stderr, "WARNING: " -+ "bios_override given without specific bios name\n"); - - xlu_cfg_get_defbool(config, "pae", &b_info->u.hvm.pae, 0); - xlu_cfg_get_defbool(config, "apic", &b_info->u.hvm.apic, 0); diff --git a/0006-e1000-clear-EOP-for-multi-buffer-descriptors.patch b/0006-e1000-clear-EOP-for-multi-buffer-descriptors.patch deleted file mode 100644 index 9219e0e..0000000 --- a/0006-e1000-clear-EOP-for-multi-buffer-descriptors.patch +++ /dev/null @@ -1,55 +0,0 @@ -From: "Michael S. Tsirkin" -Date: Tue, 15 Feb 2011 18:27:52 +0200 -Subject: e1000: clear EOP for multi-buffer descriptors -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit -Patch-mainline: v0.15.0-rc0 -Git-commit: ee912ccfa007351a62ba42bd60499769f6c02c1e -References: bnc#840196 - -The e1000 spec says: if software statically allocates -buffers, and uses memory read to check for completed descriptors, it -simply has to zero the status byte in the descriptor to make it ready -for reuse by hardware. This is not a hardware requirement (moving the -hardware tail pointer is), but is necessary for performing an in–memory -scan. - -Thus the guest does not have to clear the status byte. In case it -doesn't we need to clear EOP for all descriptors -except the last. While I don't know of any such guests, -it's probably a good idea to stick to the spec. - -Signed-off-by: Michael S. Tsirkin -Reported-by: Juan Quintela -Acked-by: Alex Williamson -Acked-by: Kevin Wolf -Signed-off-by: Aurelien Jarno -Acked-by: Michal Kubecek ---- - tools/qemu-xen-traditional-dir-remote/hw/e1000.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/tools/qemu-xen-traditional-dir-remote/hw/e1000.c b/tools/qemu-xen-traditional-dir-remote/hw/e1000.c -index 34818e0..7e791dc 100644 ---- a/tools/qemu-xen-traditional-dir-remote/hw/e1000.c -+++ b/tools/qemu-xen-traditional-dir-remote/hw/e1000.c -@@ -694,11 +694,13 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) - copy_size); - } - desc_offset += desc_size; -+ desc.length = cpu_to_le16(desc_size); - if (desc_offset >= total_size) { -- desc.length = cpu_to_le16(desc_size); - desc.status |= E1000_RXD_STAT_EOP | E1000_RXD_STAT_IXSM; - } else { -- desc.length = cpu_to_le16(desc_size); -+ /* Guest zeroing out status is not a hardware requirement. -+ Clear EOP in case guest didn't do it. */ -+ desc.status &= ~E1000_RXD_STAT_EOP; - } - } else // as per intel docs; skip descriptors with null buf addr - DBGOUT(RX, "Null RX descriptor!!\n"); --- -1.8.1.4 - diff --git a/0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch b/0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch deleted file mode 100644 index 8f85ca8..0000000 --- a/0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch +++ /dev/null @@ -1,99 +0,0 @@ -From b920bea09b69c1cdd5bb4c5964ce20d0bf7ced8b Mon Sep 17 00:00:00 2001 -From: Anthony PERARD -Date: Mon, 14 Mar 2016 17:55:41 +0000 -Subject: [PATCH 06/15] xen: Move the hvm_start_info C representation from - libxc to public/xen.h - -Instead of having several representation of hvm_start_info in C, define -it in public/xen.h so both libxc and hvmloader can use it. - -Signed-off-by: Anthony PERARD ---- - tools/libxc/include/xc_dom.h | 31 ------------------------------- - xen/include/public/xen.h | 31 +++++++++++++++++++++++++++++++ - 2 files changed, 31 insertions(+), 31 deletions(-) - -Index: xen-4.7.0-testing/tools/libxc/include/xc_dom.h -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxc/include/xc_dom.h -+++ xen-4.7.0-testing/tools/libxc/include/xc_dom.h -@@ -219,37 +219,6 @@ struct xc_dom_image { - struct xc_hvm_firmware_module smbios_module; - }; - --#if defined(__i386__) || defined(__x86_64__) --/* C representation of the x86/HVM start info layout. -- * -- * The canonical definition of this layout resides in public/xen.h, this -- * is just a way to represent the layout described there using C types. -- * -- * NB: the packed attribute is not really needed, but it helps us enforce -- * the fact this this is just a representation, and it might indeed -- * be required in the future if there are alignment changes. -- */ --struct hvm_start_info { -- uint32_t magic; /* Contains the magic value 0x336ec578 */ -- /* ("xEn3" with the 0x80 bit of the "E" set).*/ -- uint32_t version; /* Version of this structure. */ -- uint32_t flags; /* SIF_xxx flags. */ -- uint32_t nr_modules; /* Number of modules passed to the kernel. */ -- uint64_t modlist_paddr; /* Physical address of an array of */ -- /* hvm_modlist_entry. */ -- uint64_t cmdline_paddr; /* Physical address of the command line. */ -- uint64_t rsdp_paddr; /* Physical address of the RSDP ACPI data */ -- /* structure. */ --} __attribute__((packed)); -- --struct hvm_modlist_entry { -- uint64_t paddr; /* Physical address of the module. */ -- uint64_t size; /* Size of the module in bytes. */ -- uint64_t cmdline_paddr; /* Physical address of the command line. */ -- uint64_t reserved; --} __attribute__((packed)); --#endif /* x86 */ -- - /* --- pluggable kernel loader ------------------------------------- */ - - struct xc_dom_loader { -Index: xen-4.7.0-testing/xen/include/public/xen.h -=================================================================== ---- xen-4.7.0-testing.orig/xen/include/public/xen.h -+++ xen-4.7.0-testing/xen/include/public/xen.h -@@ -859,6 +859,37 @@ typedef struct start_info start_info_t; - */ - #define XEN_HVM_START_MAGIC_VALUE 0x336ec578 - -+#if defined(__i386__) || defined(__x86_64__) -+/* C representation of the x86/HVM start info layout. -+ * -+ * The canonical definition of this layout resides in public/xen.h, this -+ * is just a way to represent the layout described there using C types. -+ * -+ * NB: the packed attribute is not really needed, but it helps us enforce -+ * the fact this this is just a representation, and it might indeed -+ * be required in the future if there are alignment changes. -+ */ -+struct hvm_start_info { -+ uint32_t magic; /* Contains the magic value 0x336ec578 */ -+ /* ("xEn3" with the 0x80 bit of the "E" set).*/ -+ uint32_t version; /* Version of this structure. */ -+ uint32_t flags; /* SIF_xxx flags. */ -+ uint32_t nr_modules; /* Number of modules passed to the kernel. */ -+ uint64_t modlist_paddr; /* Physical address of an array of */ -+ /* hvm_modlist_entry. */ -+ uint64_t cmdline_paddr; /* Physical address of the command line. */ -+ uint64_t rsdp_paddr; /* Physical address of the RSDP ACPI data */ -+ /* structure. */ -+} __attribute__((packed)); -+ -+struct hvm_modlist_entry { -+ uint64_t paddr; /* Physical address of the module. */ -+ uint64_t size; /* Size of the module in bytes. */ -+ uint64_t cmdline_paddr; /* Physical address of the command line. */ -+ uint64_t reserved; -+} __attribute__((packed)); -+#endif /* x86 */ -+ - /* New console union for dom0 introduced in 0x00030203. */ - #if __XEN_INTERFACE_VERSION__ < 0x00030203 - #define console_mfn console.domU.mfn diff --git a/0007-e1000-verify-we-have-buffers-upfront.patch b/0007-e1000-verify-we-have-buffers-upfront.patch deleted file mode 100644 index b118140..0000000 --- a/0007-e1000-verify-we-have-buffers-upfront.patch +++ /dev/null @@ -1,83 +0,0 @@ -From: "Michael S. Tsirkin" -Date: Tue, 15 Feb 2011 18:27:55 +0200 -Subject: e1000: verify we have buffers, upfront -Patch-mainline: v0.15.0-rc0 -Git-commit: 322fd48afbed1ef7b834ac343a0c8687bcb33695 -References: bnc#840196 - -The spec says: Any descriptor with a non-zero status byte has been -processed by the hardware, and is ready to be handled by the software. - -Thus, once we change a descriptor status to non-zero we should -never move the head backwards and try to reuse this -descriptor from hardware. - -This actually happened with a multibuffer packet -that arrives when we don't have enough buffers. - -Fix by checking that we have enough buffers upfront -so we never need to discard the packet midway through. - -Signed-off-by: Michael S. Tsirkin -Acked-by: Alex Williamson -Acked-by: Kevin Wolf -Signed-off-by: Aurelien Jarno -Acked-by: Michal Kubecek ---- - tools/qemu-xen-traditional-dir-remote/hw/e1000.c | 28 +++++++++++++++++++----- - 1 file changed, 22 insertions(+), 6 deletions(-) - -diff --git a/tools/qemu-xen-traditional-dir-remote/hw/e1000.c b/tools/qemu-xen-traditional-dir-remote/hw/e1000.c -index 7e791dc..18d7597 100644 ---- a/tools/qemu-xen-traditional-dir-remote/hw/e1000.c -+++ b/tools/qemu-xen-traditional-dir-remote/hw/e1000.c -@@ -622,6 +622,24 @@ e1000_can_receive(void *opaque) - return (s->mac_reg[RCTL] & E1000_RCTL_EN && s->mac_reg[RDLEN] != 0); - } - -+static bool e1000_has_rxbufs(E1000State *s, size_t total_size) -+{ -+ int bufs; -+ /* Fast-path short packets */ -+ if (total_size <= s->rxbuf_size) { -+ return s->mac_reg[RDH] != s->mac_reg[RDT] || !s->check_rxov; -+ } -+ if (s->mac_reg[RDH] < s->mac_reg[RDT]) { -+ bufs = s->mac_reg[RDT] - s->mac_reg[RDH]; -+ } else if (s->mac_reg[RDH] > s->mac_reg[RDT] || !s->check_rxov) { -+ bufs = s->mac_reg[RDLEN] / sizeof(struct e1000_rx_desc) + -+ s->mac_reg[RDT] - s->mac_reg[RDH]; -+ } else { -+ return false; -+ } -+ return total_size <= bufs * s->rxbuf_size; -+} -+ - static void - e1000_receive(void *opaque, const uint8_t *buf, int size) - { -@@ -667,17 +685,15 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) - rdh_start = s->mac_reg[RDH]; - desc_offset = 0; - total_size = size + fcs_len(s); -+ if (!e1000_has_rxbufs(s, total_size)) { -+ set_ics(s, 0, E1000_ICS_RXO); -+ return; -+ } - do { - desc_size = total_size - desc_offset; - if (desc_size > s->rxbuf_size) { - desc_size = s->rxbuf_size; - } -- if (s->mac_reg[RDH] == s->mac_reg[RDT] && s->check_rxov) { -- /* Discard all data written so far */ -- s->mac_reg[RDH] = rdh_start; -- set_ics(s, 0, E1000_ICS_RXO); -- return; -- } - base = ((uint64_t)s->mac_reg[RDBAH] << 32) + s->mac_reg[RDBAL] + - sizeof(desc) * s->mac_reg[RDH]; - cpu_physical_memory_read(base, (void *)&desc, sizeof(desc)); --- -1.8.1.4 - diff --git a/0007-hvmloader-Grab-the-hvm_start_info-pointer.patch b/0007-hvmloader-Grab-the-hvm_start_info-pointer.patch deleted file mode 100644 index 4c9b546..0000000 --- a/0007-hvmloader-Grab-the-hvm_start_info-pointer.patch +++ /dev/null @@ -1,55 +0,0 @@ -From e3d13cec19a919b06dea49edd64a50c68e1094a7 Mon Sep 17 00:00:00 2001 -From: Anthony PERARD -Date: Mon, 14 Mar 2016 17:55:42 +0000 -Subject: [PATCH 07/15] hvmloader: Grab the hvm_start_info pointer - -Signed-off-by: Anthony PERARD ---- - tools/firmware/hvmloader/hvmloader.c | 5 +++++ - tools/firmware/hvmloader/util.h | 3 +++ - 2 files changed, 8 insertions(+) - -Index: xen-4.7.0-testing/tools/firmware/hvmloader/hvmloader.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/firmware/hvmloader/hvmloader.c -+++ xen-4.7.0-testing/tools/firmware/hvmloader/hvmloader.c -@@ -29,6 +29,8 @@ - #include - #include - -+const struct hvm_start_info *hvm_start_info; -+ - asm ( - " .text \n" - " .globl _start \n" -@@ -46,6 +48,8 @@ asm ( - " ljmp $"STR(SEL_CODE32)",$1f \n" - "1: movl $stack_top,%esp \n" - " movl %esp,%ebp \n" -+ /* store HVM start info ptr */ -+ " mov %ebx, hvm_start_info \n" - " call main \n" - /* Relocate real-mode trampoline to 0x0. */ - " mov $trampoline_start,%esi \n" -@@ -258,6 +262,7 @@ int main(void) - memset((void *)HYPERCALL_PHYSICAL_ADDRESS, 0xc3 /* RET */, PAGE_SIZE); - - printf("HVM Loader\n"); -+ BUG_ON(hvm_start_info->magic != XEN_HVM_START_MAGIC_VALUE); - - init_hypercalls(); - -Index: xen-4.7.0-testing/tools/firmware/hvmloader/util.h -=================================================================== ---- xen-4.7.0-testing.orig/tools/firmware/hvmloader/util.h -+++ xen-4.7.0-testing/tools/firmware/hvmloader/util.h -@@ -158,6 +158,9 @@ static inline void cpu_relax(void) - struct hvm_info_table *get_hvm_info_table(void) __attribute__ ((const)); - #define hvm_info (get_hvm_info_table()) - -+/* HVM start info */ -+extern const struct hvm_start_info *hvm_start_info; -+ - /* String and memory functions */ - int strcmp(const char *cs, const char *ct); - int strncmp(const char *s1, const char *s2, uint32_t n); diff --git a/0008-e1000-check-buffer-availability.patch b/0008-e1000-check-buffer-availability.patch deleted file mode 100644 index 1518459..0000000 --- a/0008-e1000-check-buffer-availability.patch +++ /dev/null @@ -1,55 +0,0 @@ -From: "Michael S. Tsirkin" -Date: Sun, 27 Mar 2011 13:37:35 +0200 -Subject: e1000: check buffer availability -Patch-mainline: v0.15.0-rc0 -Git-commit: 6cdfab2868dd593902e2b7db3ba9f49f2cc03e3f -References: bnc#840196 - -Reduce spurious packet drops on RX ring empty -by verifying that we have at least 1 buffer -ahead of the time. - -Signed-off-by: Michael S. Tsirkin -Acked-by: Michal Kubecek ---- - tools/qemu-xen-traditional-dir-remote/hw/e1000.c | 17 +++++++++-------- - 1 file changed, 9 insertions(+), 8 deletions(-) - -diff --git a/tools/qemu-xen-traditional-dir-remote/hw/e1000.c b/tools/qemu-xen-traditional-dir-remote/hw/e1000.c -index 18d7597..b07c6cb 100644 ---- a/tools/qemu-xen-traditional-dir-remote/hw/e1000.c -+++ b/tools/qemu-xen-traditional-dir-remote/hw/e1000.c -@@ -614,14 +614,6 @@ e1000_set_link_status(VLANClientState *vc) - set_ics(s, 0, E1000_ICR_LSC); - } - --static int --e1000_can_receive(void *opaque) --{ -- E1000State *s = opaque; -- -- return (s->mac_reg[RCTL] & E1000_RCTL_EN && s->mac_reg[RDLEN] != 0); --} -- - static bool e1000_has_rxbufs(E1000State *s, size_t total_size) - { - int bufs; -@@ -640,6 +632,15 @@ static bool e1000_has_rxbufs(E1000State *s, size_t total_size) - return total_size <= bufs * s->rxbuf_size; - } - -+static int -+e1000_can_receive(void *opaque) -+{ -+ E1000State *s = opaque; -+ -+ return (s->mac_reg[RCTL] & E1000_RCTL_EN) && (s->mac_reg[RDLEN] != 0) && -+ e1000_has_rxbufs(s, 1); -+} -+ - static void - e1000_receive(void *opaque, const uint8_t *buf, int size) - { --- -1.8.1.4 - diff --git a/0008-hvmloader-Locate-the-BIOS-blob.patch b/0008-hvmloader-Locate-the-BIOS-blob.patch deleted file mode 100644 index 848350f..0000000 --- a/0008-hvmloader-Locate-the-BIOS-blob.patch +++ /dev/null @@ -1,139 +0,0 @@ -From 463aedc4fd6e09518b4711e931048bf932b6ee39 Mon Sep 17 00:00:00 2001 -From: Anthony PERARD -Date: Mon, 14 Mar 2016 17:55:43 +0000 -Subject: [PATCH 08/15] hvmloader: Locate the BIOS blob - -The BIOS can be found an entry called "bios" of the modlist of the -hvm_start_info struct. - -The found BIOS blob is not loaded by this patch, but only passed as -argument to bios_load() function. It is going to be used by the next few -patches. - -Signed-off-by: Anthony PERARD ---- - tools/firmware/hvmloader/config.h | 2 +- - tools/firmware/hvmloader/hvmloader.c | 42 ++++++++++++++++++++++++++++++++++-- - tools/firmware/hvmloader/ovmf.c | 3 ++- - tools/firmware/hvmloader/rombios.c | 3 ++- - tools/firmware/hvmloader/util.h | 2 ++ - 5 files changed, 47 insertions(+), 5 deletions(-) - -Index: xen-4.7.0-testing/tools/firmware/hvmloader/config.h -=================================================================== ---- xen-4.7.0-testing.orig/tools/firmware/hvmloader/config.h -+++ xen-4.7.0-testing/tools/firmware/hvmloader/config.h -@@ -22,7 +22,7 @@ struct bios_config { - /* ROMS */ - void (*load_roms)(void); - -- void (*bios_load)(const struct bios_config *config); -+ void (*bios_load)(const struct bios_config *config, void *addr, uint32_t size); - - void (*bios_info_setup)(void); - void (*bios_info_finish)(void); -Index: xen-4.7.0-testing/tools/firmware/hvmloader/hvmloader.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/firmware/hvmloader/hvmloader.c -+++ xen-4.7.0-testing/tools/firmware/hvmloader/hvmloader.c -@@ -253,10 +253,40 @@ static void acpi_enable_sci(void) - BUG_ON(!(pm1a_cnt_val & ACPI_PM1C_SCI_EN)); - } - -+const struct hvm_modlist_entry *get_module_entry( -+ const struct hvm_start_info *info, -+ const char *name) -+{ -+ const struct hvm_modlist_entry *modlist = -+ (struct hvm_modlist_entry *)((uintptr_t)info->modlist_paddr); -+ unsigned int i; -+ -+ if ( !modlist ) -+ return NULL; -+ -+ for ( i = 0; i < info->nr_modules; i++ ) -+ { -+ uint32_t module_name = modlist[i].cmdline_paddr; -+ -+ BUG_ON(!modlist[i].cmdline_paddr || -+ modlist[i].cmdline_paddr > UINT_MAX); -+ -+ if ( !strcmp(name, (char*)module_name) ) -+ { -+ BUG_ON(!modlist[i].paddr || modlist[i].paddr > UINT_MAX || -+ modlist[i].size > UINT_MAX); -+ return &modlist[i]; -+ } -+ } -+ -+ return NULL; -+} -+ - int main(void) - { - const struct bios_config *bios; - int acpi_enabled; -+ const struct hvm_modlist_entry *bios_module; - - /* Initialise hypercall stubs with RET, rendering them no-ops. */ - memset((void *)HYPERCALL_PHYSICAL_ADDRESS, 0xc3 /* RET */, PAGE_SIZE); -@@ -292,8 +322,16 @@ int main(void) - } - - printf("Loading %s ...\n", bios->name); -- if ( bios->bios_load ) -- bios->bios_load(bios); -+ bios_module = get_module_entry(hvm_start_info, "bios"); -+ if ( bios_module && bios->bios_load ) -+ { -+ uint32_t paddr = bios_module->paddr; -+ bios->bios_load(bios, (void*)paddr, bios_module->size); -+ } -+ else if ( bios->bios_load ) -+ { -+ bios->bios_load(bios, 0, 0); -+ } - else - { - BUG_ON(bios->bios_address + bios->image_size > -Index: xen-4.7.0-testing/tools/firmware/hvmloader/ovmf.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/firmware/hvmloader/ovmf.c -+++ xen-4.7.0-testing/tools/firmware/hvmloader/ovmf.c -@@ -93,7 +93,8 @@ static void ovmf_finish_bios_info(void) - info->checksum = -checksum; - } - --static void ovmf_load(const struct bios_config *config) -+static void ovmf_load(const struct bios_config *config, -+ void *bios_addr, uint32_t bios_length) - { - xen_pfn_t mfn; - uint64_t addr = OVMF_BEGIN; -Index: xen-4.7.0-testing/tools/firmware/hvmloader/rombios.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/firmware/hvmloader/rombios.c -+++ xen-4.7.0-testing/tools/firmware/hvmloader/rombios.c -@@ -121,7 +121,8 @@ static void rombios_load_roms(void) - option_rom_phys_addr + option_rom_sz - 1); - } - --static void rombios_load(const struct bios_config *config) -+static void rombios_load(const struct bios_config *config, -+ void *unused_addr, uint32_t unused_size) - { - uint32_t bioshigh; - struct rombios_info *info; -Index: xen-4.7.0-testing/tools/firmware/hvmloader/util.h -=================================================================== ---- xen-4.7.0-testing.orig/tools/firmware/hvmloader/util.h -+++ xen-4.7.0-testing/tools/firmware/hvmloader/util.h -@@ -34,6 +34,8 @@ enum { - #undef NULL - #define NULL ((void*)0) - -+#define UINT_MAX (~0U) -+ - void __assert_failed(char *assertion, char *file, int line) - __attribute__((noreturn)); - #define ASSERT(p) \ diff --git a/0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch b/0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch deleted file mode 100644 index 3d04772..0000000 --- a/0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch +++ /dev/null @@ -1,44 +0,0 @@ -From c3f4c5bcf0d8d93b5116f3e368c4739abe2dc06d Mon Sep 17 00:00:00 2001 -From: Anthony PERARD -Date: Mon, 14 Mar 2016 17:55:44 +0000 -Subject: [PATCH 09/15] hvmloader: Check modules whereabouts in perform_tests - -As perform_tests() is going to clear memory past 4MB, we check that the -memory can be use or we skip the tests. - -Signed-off-by: Anthony PERARD ---- - tools/firmware/hvmloader/tests.c | 20 ++++++++++++++++++++ - 1 file changed, 20 insertions(+) - -Index: xen-4.7.0-testing/tools/firmware/hvmloader/tests.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/firmware/hvmloader/tests.c -+++ xen-4.7.0-testing/tools/firmware/hvmloader/tests.c -@@ -210,6 +210,26 @@ void perform_tests(void) - return; - } - -+ /* Check that tests does not use memory where modules are stored */ -+ if ( ((uint32_t)hvm_start_info + sizeof(struct hvm_start_info)) > 4 << 20 -+ && (uint32_t)hvm_start_info < 8 << 20 ) -+ { -+ printf("Skipping tests due to memory used by hvm_start_info\n"); -+ return; -+ } -+ for ( unsigned i = 0; i < hvm_start_info->nr_modules; i++ ) -+ { -+ const struct hvm_modlist_entry *modlist = -+ (struct hvm_modlist_entry *)((uintptr_t)hvm_start_info->modlist_paddr); -+ if ( modlist[i].paddr -+ && modlist[i].paddr + modlist[i].size > 4ul << 20 -+ && modlist[i].paddr < 8ul << 20 ) -+ { -+ printf("Skipping tests due to memory used by a module\n"); -+ return; -+ } -+ } -+ - passed = skipped = 0; - for ( i = 0; tests[i].test; i++ ) - { diff --git a/0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch b/0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch deleted file mode 100644 index f1a5528..0000000 --- a/0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch +++ /dev/null @@ -1,112 +0,0 @@ -From df9fdafcfc38c931181dae1de3e6a9eee28829d4 Mon Sep 17 00:00:00 2001 -From: Anthony PERARD -Date: Mon, 14 Mar 2016 17:55:45 +0000 -Subject: [PATCH 10/15] hvmloader: Load SeaBIOS from hvm_start_info modules - -... and do not include the SeaBIOS ROM into hvmloader anymore. - -This also fix the dependency on roms.inc, hvmloader.o does not include it. - -Signed-off-by: Anthony PERARD ---- - tools/firmware/hvmloader/Makefile | 15 +-------------- - tools/firmware/hvmloader/seabios.c | 24 ++++++++++++++---------- - 2 files changed, 15 insertions(+), 24 deletions(-) - -Index: xen-4.7.0-testing/tools/firmware/hvmloader/Makefile -=================================================================== ---- xen-4.7.0-testing.orig/tools/firmware/hvmloader/Makefile -+++ xen-4.7.0-testing/tools/firmware/hvmloader/Makefile -@@ -45,7 +45,6 @@ CIRRUSVGA_DEBUG ?= n - - OVMF_DIR := ../ovmf-dir - ROMBIOS_DIR := ../rombios --SEABIOS_DIR := ../seabios-dir - - ifeq ($(CONFIG_ROMBIOS),y) - STDVGA_ROM := ../vgabios/VGABIOS-lgpl-latest.bin -@@ -80,19 +79,13 @@ endif - ifeq ($(CONFIG_SEABIOS),y) - OBJS += seabios.o - CFLAGS += -DENABLE_SEABIOS --ifeq ($(SEABIOS_PATH),) -- SEABIOS_ROM := $(SEABIOS_DIR)/out/bios.bin --else -- SEABIOS_ROM := $(SEABIOS_PATH) --endif --ROMS += $(SEABIOS_ROM) - endif - - .PHONY: all - all: subdirs-all - $(MAKE) hvmloader - --ovmf.o rombios.o seabios.o hvmloader.o: roms.inc -+ovmf.o rombios.o: roms.inc - smbios.o: CFLAGS += -D__SMBIOS_DATE__="\"$(SMBIOS_REL_DATE)\"" - - hvmloader: $(OBJS) acpi/acpi.a -@@ -109,12 +102,6 @@ ifneq ($(ROMBIOS_ROM),) - echo "#endif" >> $@.new - endif - --ifneq ($(SEABIOS_ROM),) -- echo "#ifdef ROM_INCLUDE_SEABIOS" >> $@.new -- sh ./mkhex seabios $(SEABIOS_ROM) >> $@.new -- echo "#endif" >> $@.new --endif -- - ifneq ($(OVMF_ROM),) - echo "#ifdef ROM_INCLUDE_OVMF" >> $@.new - sh ./mkhex ovmf $(OVMF_ROM) >> $@.new -Index: xen-4.7.0-testing/tools/firmware/hvmloader/seabios.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/firmware/hvmloader/seabios.c -+++ xen-4.7.0-testing/tools/firmware/hvmloader/seabios.c -@@ -27,9 +27,6 @@ - #include "smbios_types.h" - #include "acpi/acpi2_0.h" - --#define ROM_INCLUDE_SEABIOS --#include "roms.inc" -- - extern unsigned char dsdt_anycpu_qemu_xen[]; - extern int dsdt_anycpu_qemu_xen_len; - -@@ -127,22 +124,29 @@ static void seabios_setup_e820(void) - struct e820entry *e820 = scratch_alloc(sizeof(struct e820entry)*16, 0); - info->e820 = (uint32_t)e820; - -+ BUG_ON(seabios_config.bios_address < 0xc0000 || seabios_config.bios_address >= 0x100000); - /* SeaBIOS reserves memory in e820 as necessary so no low reservation. */ -- info->e820_nr = build_e820_table(e820, 0, 0x100000-sizeof(seabios)); -+ info->e820_nr = build_e820_table(e820, 0, seabios_config.bios_address); - dump_e820_table(e820, info->e820_nr); - } - --struct bios_config seabios_config = { -- .name = "SeaBIOS", -+static void seabios_load(const struct bios_config *bios, -+ void *bios_addr, uint32_t bios_length) -+{ -+ unsigned int bios_dest = 0x100000 - bios_length; - -- .image = seabios, -- .image_size = sizeof(seabios), -+ BUG_ON(bios_dest + bios_length > HVMLOADER_PHYSICAL_ADDRESS); -+ memcpy((void *)bios_dest, bios_addr, bios_length); -+ seabios_config.bios_address = bios_dest; -+ seabios_config.image_size = bios_length; -+} - -- .bios_address = 0x100000 - sizeof(seabios), -+struct bios_config seabios_config = { -+ .name = "SeaBIOS", - - .load_roms = NULL, - -- .bios_load = NULL, -+ .bios_load = seabios_load, - - .bios_info_setup = seabios_setup_bios_info, - .bios_info_finish = seabios_finish_bios_info, diff --git a/0011-hvmloader-Load-OVMF-from-modules.patch b/0011-hvmloader-Load-OVMF-from-modules.patch deleted file mode 100644 index 18f45e1..0000000 --- a/0011-hvmloader-Load-OVMF-from-modules.patch +++ /dev/null @@ -1,131 +0,0 @@ -From 009fef2fc4bdffd1c9e5caf557157b4949d3842b Mon Sep 17 00:00:00 2001 -From: Anthony PERARD -Date: Mon, 14 Mar 2016 17:55:46 +0000 -Subject: [PATCH 11/15] hvmloader: Load OVMF from modules - -... and do not include the OVMF ROM into hvmloader anymore. - -Signed-off-by: Anthony PERARD ---- - tools/firmware/hvmloader/Makefile | 15 +-------------- - tools/firmware/hvmloader/ovmf.c | 30 +++++++++++++----------------- - 2 files changed, 14 insertions(+), 31 deletions(-) - -Index: xen-4.7.0-testing/tools/firmware/hvmloader/Makefile -=================================================================== ---- xen-4.7.0-testing.orig/tools/firmware/hvmloader/Makefile -+++ xen-4.7.0-testing/tools/firmware/hvmloader/Makefile -@@ -43,7 +43,6 @@ endif - - CIRRUSVGA_DEBUG ?= n - --OVMF_DIR := ../ovmf-dir - ROMBIOS_DIR := ../rombios - - ifeq ($(CONFIG_ROMBIOS),y) -@@ -61,12 +60,6 @@ ROMS := - ifeq ($(CONFIG_OVMF),y) - OBJS += ovmf.o - CFLAGS += -DENABLE_OVMF --ifeq ($(OVMF_PATH),) -- OVMF_ROM := $(OVMF_DIR)/ovmf.bin --else -- OVMF_ROM := $(OVMF_PATH) --endif --ROMS += $(OVMF_ROM) - endif - - ifeq ($(CONFIG_ROMBIOS),y) -@@ -85,7 +78,7 @@ endif - all: subdirs-all - $(MAKE) hvmloader - --ovmf.o rombios.o: roms.inc -+rombios.o: roms.inc - smbios.o: CFLAGS += -D__SMBIOS_DATE__="\"$(SMBIOS_REL_DATE)\"" - - hvmloader: $(OBJS) acpi/acpi.a -@@ -102,12 +95,6 @@ ifneq ($(ROMBIOS_ROM),) - echo "#endif" >> $@.new - endif - --ifneq ($(OVMF_ROM),) -- echo "#ifdef ROM_INCLUDE_OVMF" >> $@.new -- sh ./mkhex ovmf $(OVMF_ROM) >> $@.new -- echo "#endif" >> $@.new --endif -- - ifneq ($(STDVGA_ROM),) - echo "#ifdef ROM_INCLUDE_VGABIOS" >> $@.new - sh ./mkhex vgabios_stdvga $(STDVGA_ROM) >> $@.new -Index: xen-4.7.0-testing/tools/firmware/hvmloader/ovmf.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/firmware/hvmloader/ovmf.c -+++ xen-4.7.0-testing/tools/firmware/hvmloader/ovmf.c -@@ -34,17 +34,10 @@ - #include - #include - --#define ROM_INCLUDE_OVMF --#include "roms.inc" -- --#define OVMF_SIZE (sizeof(ovmf)) - #define OVMF_MAXOFFSET 0x000FFFFFULL --#define OVMF_BEGIN (0x100000000ULL - ((OVMF_SIZE + OVMF_MAXOFFSET) & ~OVMF_MAXOFFSET)) --#define OVMF_END (OVMF_BEGIN + OVMF_SIZE) - #define LOWCHUNK_BEGIN 0x000F0000 - #define LOWCHUNK_SIZE 0x00010000 - #define LOWCHUNK_MAXOFFSET 0x0000FFFF --#define LOWCHUNK_END (OVMF_BEGIN + OVMF_SIZE) - #define OVMF_INFO_PHYSICAL_ADDRESS 0x00001000 - - extern unsigned char dsdt_anycpu_qemu_xen[]; -@@ -97,24 +90,31 @@ static void ovmf_load(const struct bios_ - void *bios_addr, uint32_t bios_length) - { - xen_pfn_t mfn; -- uint64_t addr = OVMF_BEGIN; -+ uint64_t addr = 0x100000000ULL -+ - ((bios_length + OVMF_MAXOFFSET) & ~OVMF_MAXOFFSET); -+ uint64_t ovmf_end = addr + bios_length; -+ -+ ovmf_config.bios_address = addr; -+ ovmf_config.image_size = bios_length; - - /* Copy low-reset vector portion. */ -- memcpy((void *) LOWCHUNK_BEGIN, (uint8_t *) config->image -- + OVMF_SIZE -- - LOWCHUNK_SIZE, -+ memcpy((void *) LOWCHUNK_BEGIN, -+ (uint8_t *) bios_addr + bios_length - LOWCHUNK_SIZE, - LOWCHUNK_SIZE); - - /* Ensure we have backing page prior to moving FD. */ -- while ( (addr >> PAGE_SHIFT) != (OVMF_END >> PAGE_SHIFT) ) -+ while ( (addr >> PAGE_SHIFT) != (ovmf_end >> PAGE_SHIFT) ) - { - mfn = (uint32_t) (addr >> PAGE_SHIFT); - addr += PAGE_SIZE; - mem_hole_populate_ram(mfn, 1); - } - -+ /* Check that source and destination does not overlaps. */ -+ BUG_ON(addr + bios_length > (unsigned)bios_addr -+ && addr < (unsigned)bios_addr + bios_length); - /* Copy FD. */ -- memcpy((void *) OVMF_BEGIN, config->image, OVMF_SIZE); -+ memcpy((void *) ovmf_config.bios_address, bios_addr, bios_length); - } - - static void ovmf_acpi_build_tables(void) -@@ -151,10 +151,6 @@ static void ovmf_setup_e820(void) - struct bios_config ovmf_config = { - .name = "OVMF", - -- .image = ovmf, -- .image_size = sizeof(ovmf), -- -- .bios_address = OVMF_BEGIN, - .bios_load = ovmf_load, - - .load_roms = 0, diff --git a/0012-hvmloader-Specific-bios_load-function-required.patch b/0012-hvmloader-Specific-bios_load-function-required.patch deleted file mode 100644 index 6b57635..0000000 --- a/0012-hvmloader-Specific-bios_load-function-required.patch +++ /dev/null @@ -1,51 +0,0 @@ -From 258c5050f08bdf69394dd8790398b6dfe453886e Mon Sep 17 00:00:00 2001 -From: Anthony PERARD -Date: Mon, 14 Mar 2016 17:55:47 +0000 -Subject: [PATCH 12/15] hvmloader: Specific bios_load function required - -All BIOS but ROMBIOS needs to be loaded via modules. - -ROMBIOS is handled as a special case. - -Signed-off-by: Anthony PERARD -Acked-by: Jan Beulich ---- - tools/firmware/hvmloader/hvmloader.c | 16 ++++++++++------ - 1 file changed, 10 insertions(+), 6 deletions(-) - -Index: xen-4.7.0-testing/tools/firmware/hvmloader/hvmloader.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/firmware/hvmloader/hvmloader.c -+++ xen-4.7.0-testing/tools/firmware/hvmloader/hvmloader.c -@@ -323,21 +323,25 @@ int main(void) - - printf("Loading %s ...\n", bios->name); - bios_module = get_module_entry(hvm_start_info, "bios"); -- if ( bios_module && bios->bios_load ) -+ if ( bios_module ) - { - uint32_t paddr = bios_module->paddr; - bios->bios_load(bios, (void*)paddr, bios_module->size); - } -- else if ( bios->bios_load ) -+#ifdef ENABLE_ROMBIOS -+ else if ( bios == &rombios_config ) - { - bios->bios_load(bios, 0, 0); - } -+#endif - else - { -- BUG_ON(bios->bios_address + bios->image_size > -- HVMLOADER_PHYSICAL_ADDRESS); -- memcpy((void *)bios->bios_address, bios->image, -- bios->image_size); -+ /* -+ * If there is no BIOS module supplied and if there is no embeded BIOS -+ * image, then we failed. Only rombios might have an embedded bios blob. -+ */ -+ printf("no BIOS ROM image found\n"); -+ BUG(); - } - - if ( (hvm_info->nr_vcpus > 1) || hvm_info->apic_mode ) diff --git a/0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch b/0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch deleted file mode 100644 index 0808125..0000000 --- a/0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch +++ /dev/null @@ -1,65 +0,0 @@ -From e7497ead178f01fd5c94cfb8506d31b77cc38c94 Mon Sep 17 00:00:00 2001 -From: Anthony PERARD -Date: Mon, 14 Mar 2016 17:55:48 +0000 -Subject: [PATCH 13/15] hvmloader: Always build-in SeaBIOS and OVMF loader - -Signed-off-by: Anthony PERARD -Acked-by: Jan Beulich ---- - tools/firmware/hvmloader/Makefile | 11 +---------- - tools/firmware/hvmloader/hvmloader.c | 4 ---- - 2 files changed, 1 insertion(+), 14 deletions(-) - -Index: xen-4.7.0-testing/tools/firmware/hvmloader/Makefile -=================================================================== ---- xen-4.7.0-testing.orig/tools/firmware/hvmloader/Makefile -+++ xen-4.7.0-testing/tools/firmware/hvmloader/Makefile -@@ -37,6 +37,7 @@ OBJS = hvmloader.o mp_tables.o util.o s - OBJS += smp.o cacheattr.o xenbus.o vnuma.o - OBJS += e820.o pci.o pir.o ctype.o - OBJS += hvm_param.o -+OBJS += ovmf.o seabios.o - ifeq ($(debug),y) - OBJS += tests.o - endif -@@ -57,11 +58,6 @@ endif - - ROMS := - --ifeq ($(CONFIG_OVMF),y) --OBJS += ovmf.o --CFLAGS += -DENABLE_OVMF --endif -- - ifeq ($(CONFIG_ROMBIOS),y) - OBJS += optionroms.o 32bitbios_support.o rombios.o - CFLAGS += -DENABLE_ROMBIOS -@@ -69,11 +65,6 @@ ROMBIOS_ROM := $(ROMBIOS_DIR)/BIOS-bochs - ROMS += $(ROMBIOS_ROM) $(STDVGA_ROM) $(CIRRUSVGA_ROM) $(ETHERBOOT_ROMS) - endif - --ifeq ($(CONFIG_SEABIOS),y) --OBJS += seabios.o --CFLAGS += -DENABLE_SEABIOS --endif -- - .PHONY: all - all: subdirs-all - $(MAKE) hvmloader -Index: xen-4.7.0-testing/tools/firmware/hvmloader/hvmloader.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/firmware/hvmloader/hvmloader.c -+++ xen-4.7.0-testing/tools/firmware/hvmloader/hvmloader.c -@@ -209,12 +209,8 @@ struct bios_info { - #ifdef ENABLE_ROMBIOS - { "rombios", &rombios_config, }, - #endif --#ifdef ENABLE_SEABIOS - { "seabios", &seabios_config, }, --#endif --#ifdef ENABLE_OVMF - { "ovmf", &ovmf_config, }, --#endif - { NULL, NULL } - }; - diff --git a/0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch b/0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch deleted file mode 100644 index e0c9b56..0000000 --- a/0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch +++ /dev/null @@ -1,84 +0,0 @@ -From d42d9e59472e2c637776245db8e80de0b907d46b Mon Sep 17 00:00:00 2001 -From: Anthony PERARD -Date: Mon, 14 Mar 2016 17:55:49 +0000 -Subject: [PATCH 14/15] configure: do not depend on SEABIOS_PATH or OVMF_PATH - ... - -... to compile SeaBIOS and OVMF. Only depends on CONFIG_*. - -If --with-system-* configure option is used, then set *_CONFIG=n to not -compile SEABIOS and OVMF. - -Signed-off-by: Anthony PERARD ---- - tools/configure.ac | 6 ++++-- - tools/firmware/Makefile | 8 -------- - 2 files changed, 4 insertions(+), 10 deletions(-) - -Index: xen-4.7.0-testing/tools/configure.ac -=================================================================== ---- xen-4.7.0-testing.orig/tools/configure.ac -+++ xen-4.7.0-testing/tools/configure.ac -@@ -212,12 +212,13 @@ AC_ARG_WITH([system-seabios], - AS_HELP_STRING([--with-system-seabios@<:@=PATH@:>@], - [Use system supplied seabios PATH instead of building and installing - our own version]),[ -+ # Disable compilation of SeaBIOS. -+ seabios=n - case $withval in - no) seabios_path= ;; - *) seabios_path=$withval ;; - esac - ],[]) --AC_SUBST(seabios_path) - AC_DEFINE_UNQUOTED([SEABIOS_PATH], - ["${seabios_path:-$XENFIRMWAREDIR/seabios.bin}"], - [SeaBIOS path]) -@@ -226,12 +227,13 @@ AC_ARG_WITH([system-ovmf], - AS_HELP_STRING([--with-system-ovmf@<:@=PATH@:>@], - [Use system supplied OVMF PATH instead of building and installing - our own version]),[ -+ # Disable compilation of OVMF. -+ ovmf=n - case $withval in - no) ovmf_path= ;; - *) ovmf_path=$withval ;; - esac - ],[]) --AC_SUBST(ovmf_path) - AC_DEFINE_UNQUOTED([OVMF_PATH], - ["${ovmf_path:-$XENFIRMWAREDIR/ovmf.bin}"], - [OVMF path]) -Index: xen-4.7.0-testing/tools/firmware/Makefile -=================================================================== ---- xen-4.7.0-testing.orig/tools/firmware/Makefile -+++ xen-4.7.0-testing/tools/firmware/Makefile -@@ -6,12 +6,8 @@ TARGET := hvmloader/hvmloader - INST_DIR := $(DESTDIR)$(XENFIRMWAREDIR) - - SUBDIRS-y := --ifeq ($(OVMF_PATH),) - SUBDIRS-$(CONFIG_OVMF) += ovmf-dir --endif --ifeq ($(SEABIOS_PATH),) - SUBDIRS-$(CONFIG_SEABIOS) += seabios-dir --endif - SUBDIRS-$(CONFIG_ROMBIOS) += rombios - SUBDIRS-$(CONFIG_ROMBIOS) += vgabios - SUBDIRS-$(CONFIG_ROMBIOS) += etherboot -@@ -49,15 +45,11 @@ install: all - [ -d $(INST_DIR) ] || $(INSTALL_DIR) $(INST_DIR) - [ ! -e $(TARGET) ] || $(INSTALL_DATA) $(TARGET) $(INST_DIR) - ifeq ($(CONFIG_SEABIOS),y) --ifeq ($(SEABIOS_PATH),) - $(INSTALL_DATA) $(SEABIOS_ROM) $(INST_DIR)/seabios.bin - endif --endif - ifeq ($(CONFIG_OVMF),y) --ifeq ($(OVMF_PATH),) - $(INSTALL_DATA) $(OVMF_ROM) $(INST_DIR)/ovmf.bin - endif --endif - - .PHONY: clean - clean: subdirs-clean diff --git a/57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch b/57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch deleted file mode 100644 index 566bb27..0000000 --- a/57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch +++ /dev/null @@ -1,144 +0,0 @@ -References: bsc#900418 - -# Commit cd42ccb27f4e364b6e75b6fecb06bb99ad8da988 -# Date 2016-06-08 14:12:45 +0200 -# Author Jan Beulich -# Committer Jan Beulich -kexec: allow relaxed placement specification via command line - -Rather than just allowing a fixed address or fully automatic placement, -also allow for specifying an upper bound. Especially on EFI systems, -where firmware memory use is commonly less predictable than on legacy -BIOS ones, this makes success of the reservation more likely when -automatic placement is not an option (e.g. because of special DMA -restrictions of devices involved in actually carrying out the dump). - -Also take the opportunity to actually add text to the "crashkernel" -entry in the command line option doc. - -Signed-off-by: Jan Beulich -Reviewed-by: Andrew Cooper -Reviewed-by: David Vrabel -Reviewed-by: Daniel Kiper - ---- a/docs/misc/xen-command-line.markdown -+++ b/docs/misc/xen-command-line.markdown -@@ -458,7 +458,18 @@ Specify the maximum address to allocate - combination with the `low_crashinfo` command line option. - - ### crashkernel --> `= :[,...][@]` -+> `= :[,...][{@,<}]` -+> `= [{@,<}]` -+ -+Specify sizes and optionally placement of the crash kernel reservation -+area. The `:` pairs indicate how much memory to -+set aside for a crash kernel (``) for a given range of installed -+RAM (``). Each `` is of the form -+`-[]`. -+ -+A trailing `@` specifies the exact address this area should be -+placed at, whereas `<` in place of `@` just specifies an upper bound of -+the address range the area should fall into. - - ### credit2\_balance\_over - > `= ` ---- a/xen/arch/x86/setup.c -+++ b/xen/arch/x86/setup.c -@@ -1044,13 +1044,23 @@ void __init noreturn __start_xen(unsigne - } - - #ifdef CONFIG_KEXEC -- /* Don't overlap with modules. */ -- e = consider_modules(s, e, PAGE_ALIGN(kexec_crash_area.size), -- mod, mbi->mods_count, -1); -- if ( !kexec_crash_area.start && (s < e) ) -+ /* -+ * Looking backwards from the crash area limit, find a large -+ * enough range that does not overlap with modules. -+ */ -+ while ( !kexec_crash_area.start ) - { -- e = (e - kexec_crash_area.size) & PAGE_MASK; -- kexec_crash_area.start = e; -+ /* Don't overlap with modules. */ -+ e = consider_modules(s, e, PAGE_ALIGN(kexec_crash_area.size), -+ mod, mbi->mods_count, -1); -+ if ( s >= e ) -+ break; -+ if ( e > kexec_crash_area_limit ) -+ { -+ e = kexec_crash_area_limit & PAGE_MASK; -+ continue; -+ } -+ kexec_crash_area.start = (e - kexec_crash_area.size) & PAGE_MASK; - } - #endif - } ---- a/xen/common/kexec.c -+++ b/xen/common/kexec.c -@@ -60,6 +60,7 @@ static unsigned char vmcoreinfo_data[VMC - static size_t vmcoreinfo_size = 0; - - xen_kexec_reserve_t kexec_crash_area; -+paddr_t __initdata kexec_crash_area_limit = ~(paddr_t)0; - static struct { - u64 start, end; - unsigned long size; -@@ -86,7 +87,7 @@ static void *crash_heap_current = NULL, - /* - * Parse command lines in the format - * -- * crashkernel=:[,...][@] -+ * crashkernel=:[,...][{@,<}
] - * - * with being of form - * -@@ -94,7 +95,7 @@ static void *crash_heap_current = NULL, - * - * as well as the legacy ones in the format - * -- * crashkernel=[@] -+ * crashkernel=[{@,<}
] - */ - static void __init parse_crashkernel(const char *str) - { -@@ -109,7 +110,7 @@ static void __init parse_crashkernel(con - { - printk(XENLOG_WARNING "crashkernel: too many ranges\n"); - cur = NULL; -- str = strchr(str, '@'); -+ str = strpbrk(str, "@<"); - break; - } - -@@ -154,9 +155,16 @@ static void __init parse_crashkernel(con - } - else - kexec_crash_area.size = parse_size_and_unit(cur = str, &str); -- if ( cur != str && *str == '@' ) -- kexec_crash_area.start = parse_size_and_unit(cur = str + 1, &str); -- if ( cur == str ) -+ if ( cur != str ) -+ { -+ if ( *str == '@' ) -+ kexec_crash_area.start = parse_size_and_unit(cur = str + 1, &str); -+ else if ( *str == '<' ) -+ kexec_crash_area_limit = parse_size_and_unit(cur = str + 1, &str); -+ else -+ printk(XENLOG_WARNING "crashkernel: '%s' ignored\n", str); -+ } -+ if ( cur && cur == str ) - printk(XENLOG_WARNING "crashkernel: memory value expected\n"); - } - custom_param("crashkernel", parse_crashkernel); ---- a/xen/include/xen/kexec.h -+++ b/xen/include/xen/kexec.h -@@ -14,6 +14,7 @@ typedef struct xen_kexec_reserve { - } xen_kexec_reserve_t; - - extern xen_kexec_reserve_t kexec_crash_area; -+extern paddr_t kexec_crash_area_limit; - - extern bool_t kexecing; - diff --git a/575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch b/575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch deleted file mode 100644 index 0604975..0000000 --- a/575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch +++ /dev/null @@ -1,62 +0,0 @@ -# Commit 5e02972646132ad98c365ebfcfcb43b40a0dde36 -# Date 2016-06-13 12:44:32 +0100 -# Author Euan Harris -# Committer Andrew Cooper -nested vmx: Validate host VMX MSRs before accessing them - -Some VMX MSRs may not exist on certain processor models, or may -be disabled because of configuration settings. It is only safe to -access these MSRs if configuration flags in other MSRs are set. These -prerequisites are listed in the Intel 64 and IA-32 Architectures -Software Developer’s Manual, Vol 3, Appendix A. - -nvmx_msr_read_intercept() does not check the prerequisites before -accessing MSR_IA32_VMX_PROCBASED_CTLS2, MSR_IA32_VMX_EPT_VPID_CAP, -MSR_IA32_VMX_VMFUNC on the host. Accessing these MSRs from a nested -VMX guest running on a host which does not support them will cause -Xen to crash with a GPF. - -Signed-off-by: Euan Harris -Acked-by: Kevin Tian -Reviewed-by: Jan Beulich -Reviewed-by: Andrew Cooper - ---- a/xen/arch/x86/hvm/vmx/vvmx.c -+++ b/xen/arch/x86/hvm/vmx/vvmx.c -@@ -1820,11 +1820,22 @@ int nvmx_msr_read_intercept(unsigned int - return 0; - - /* -- * Those MSRs are available only when bit 55 of -- * MSR_IA32_VMX_BASIC is set. -+ * These MSRs are only available when flags in other MSRs are set. -+ * These prerequisites are listed in the Intel 64 and IA-32 -+ * Architectures Software Developer’s Manual, Vol 3, Appendix A. - */ - switch ( msr ) - { -+ case MSR_IA32_VMX_PROCBASED_CTLS2: -+ if ( !cpu_has_vmx_secondary_exec_control ) -+ return 0; -+ break; -+ -+ case MSR_IA32_VMX_EPT_VPID_CAP: -+ if ( !(cpu_has_vmx_ept || cpu_has_vmx_vpid) ) -+ return 0; -+ break; -+ - case MSR_IA32_VMX_TRUE_PINBASED_CTLS: - case MSR_IA32_VMX_TRUE_PROCBASED_CTLS: - case MSR_IA32_VMX_TRUE_EXIT_CTLS: -@@ -1832,6 +1843,11 @@ int nvmx_msr_read_intercept(unsigned int - if ( !(vmx_basic_msr & VMX_BASIC_DEFAULT1_ZERO) ) - return 0; - break; -+ -+ case MSR_IA32_VMX_VMFUNC: -+ if ( !cpu_has_vmx_vmfunc ) -+ return 0; -+ break; - } - - rdmsrl(msr, host_data); diff --git a/576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch b/576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch deleted file mode 100644 index ab84ab5..0000000 --- a/576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch +++ /dev/null @@ -1,50 +0,0 @@ -References: bsc#970135 - -# Commit b64438c7c1495a7580d1bb9d8ba644f3705e1ffb -# Date 2016-06-14 15:08:47 +0200 -# Author Jan Beulich -# Committer Jan Beulich -x86/time: use correct (local) time stamp in constant-TSC calibration fast path - -This looks like a copy and paste mistake in commit 1b6a99892d ("x86: -Simpler time handling when TSC is constant across all power saving -states"), responsible for occasional many-microsecond cross-CPU skew of -what NOW() returns. - -Also improve the correlation between local TSC and stime stamps -obtained at the end of the two calibration handlers: Compute the stime -one from the TSC one, instead of doing another rdtsc() for that -compuation. - -Signed-off-by: Jan Beulich -Reviewed-by: Andrew Cooper - ---- a/xen/arch/x86/time.c -+++ b/xen/arch/x86/time.c -@@ -998,7 +998,7 @@ static void local_time_calibration(void) - /* Atomically read cpu_calibration struct and write cpu_time struct. */ - local_irq_disable(); - t->local_tsc_stamp = c->local_tsc_stamp; -- t->stime_local_stamp = c->stime_master_stamp; -+ t->stime_local_stamp = c->stime_local_stamp; - t->stime_master_stamp = c->stime_master_stamp; - local_irq_enable(); - update_vcpu_system_time(current); -@@ -1275,7 +1275,7 @@ static void time_calibration_tsc_rendezv - } - - c->local_tsc_stamp = rdtsc(); -- c->stime_local_stamp = get_s_time(); -+ c->stime_local_stamp = get_s_time_fixed(c->local_tsc_stamp); - c->stime_master_stamp = r->master_stime; - - raise_softirq(TIME_CALIBRATE_SOFTIRQ); -@@ -1305,7 +1305,7 @@ static void time_calibration_std_rendezv - } - - c->local_tsc_stamp = rdtsc(); -- c->stime_local_stamp = get_s_time(); -+ c->stime_local_stamp = get_s_time_fixed(c->local_tsc_stamp); - c->stime_master_stamp = r->master_stime; - - raise_softirq(TIME_CALIBRATE_SOFTIRQ); diff --git a/57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch b/57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch deleted file mode 100644 index 5eac44b..0000000 --- a/57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch +++ /dev/null @@ -1,32 +0,0 @@ -# Commit 9dec2c47406f4ef31711656722f5f70d758d6160 -# Date 2016-06-17 15:08:08 +0100 -# Author Dario Faggioli -# Committer George Dunlap -xen: sched: use default scheduler upon an invalid "sched=" - -instead of just the first scheduler we find in the array. - -In fact, right now, if someone makes a typo when passing -the "sched=" command line option to Xen, we (with all -schedulers configured in) pick ARINC653, which is most -likely not what one would expect. - -Go for the default scheduler instead. - -Signed-off-by: Dario Faggioli -Acked-by: George Dunlap -Reviewed-by: Andrew Cooper -Reviewed-By: Jonathan Creekmore - ---- a/xen/common/schedule.c -+++ b/xen/common/schedule.c -@@ -1625,7 +1625,8 @@ void __init scheduler_init(void) - { - printk("Could not find scheduler: %s\n", opt_sched); - for ( i = 0; i < NUM_SCHEDULERS; i++ ) -- if ( schedulers[i] ) -+ if ( schedulers[i] && -+ !strcmp(schedulers[i]->opt_name, CONFIG_SCHED_DEFAULT) ) - { - ops = *schedulers[i]; - break; diff --git a/5769106e-x86-generate-assembler-equates-for-synthesized.patch b/5769106e-x86-generate-assembler-equates-for-synthesized.patch deleted file mode 100644 index 467ab3d..0000000 --- a/5769106e-x86-generate-assembler-equates-for-synthesized.patch +++ /dev/null @@ -1,133 +0,0 @@ -References: bsc#970135 - -# Commit 06f083c826836a098f793db821845b313ad88a7f -# Date 2016-06-21 12:01:18 +0200 -# Author Jan Beulich -# Committer Jan Beulich -x86: also generate assembler usable equates for synthesized features - -... to make it possible to base alternative instruction patching upon -such. - -Signed-off-by: Jan Beulich -Tested-by: Dario Faggioli -Reviewed-by: Andrew Cooper - ---- a/xen/arch/x86/sysctl.c -+++ b/xen/arch/x86/sysctl.c -@@ -219,7 +219,8 @@ long arch_do_sysctl( - } - - /* Clip the number of entries. */ -- nr = min(sysctl->u.cpu_featureset.nr_features, FSCAPINTS); -+ nr = min_t(unsigned int, sysctl->u.cpu_featureset.nr_features, -+ FSCAPINTS); - - /* Look up requested featureset. */ - if ( sysctl->u.cpu_featureset.index < ARRAY_SIZE(featureset_table) ) ---- a/xen/include/asm-x86/cpufeature.h -+++ b/xen/include/asm-x86/cpufeature.h -@@ -3,8 +3,23 @@ - * - * Defines x86 CPU feature bits - */ -+#if defined(XEN_CPUFEATURE) - --#ifndef __ASM_I386_CPUFEATURE_H -+/* Other features, Xen-defined mapping. */ -+/* This range is used for feature bits which conflict or are synthesized */ -+XEN_CPUFEATURE(CONSTANT_TSC, (FSCAPINTS+0)*32+ 0) /* TSC ticks at a constant rate */ -+XEN_CPUFEATURE(NONSTOP_TSC, (FSCAPINTS+0)*32+ 1) /* TSC does not stop in C states */ -+XEN_CPUFEATURE(ARAT, (FSCAPINTS+0)*32+ 2) /* Always running APIC timer */ -+XEN_CPUFEATURE(ARCH_PERFMON, (FSCAPINTS+0)*32+ 3) /* Intel Architectural PerfMon */ -+XEN_CPUFEATURE(TSC_RELIABLE, (FSCAPINTS+0)*32+ 4) /* TSC is known to be reliable */ -+XEN_CPUFEATURE(XTOPOLOGY, (FSCAPINTS+0)*32+ 5) /* cpu topology enum extensions */ -+XEN_CPUFEATURE(CPUID_FAULTING, (FSCAPINTS+0)*32+ 6) /* cpuid faulting */ -+XEN_CPUFEATURE(CLFLUSH_MONITOR, (FSCAPINTS+0)*32+ 7) /* clflush reqd with monitor */ -+XEN_CPUFEATURE(APERFMPERF, (FSCAPINTS+0)*32+ 8) /* APERFMPERF */ -+ -+#define NCAPINTS (FSCAPINTS + 1) /* N 32-bit words worth of info */ -+ -+#elif !defined(__ASM_I386_CPUFEATURE_H) - #ifndef X86_FEATURES_ONLY - #define __ASM_I386_CPUFEATURE_H - #endif -@@ -12,20 +27,6 @@ - #include - #include - --#define NCAPINTS (FSCAPINTS + 1) /* N 32-bit words worth of info */ -- --/* Other features, Xen-defined mapping. */ --/* This range is used for feature bits which conflict or are synthesized */ --#define X86_FEATURE_CONSTANT_TSC ((FSCAPINTS+0)*32+ 0) /* TSC ticks at a constant rate */ --#define X86_FEATURE_NONSTOP_TSC ((FSCAPINTS+0)*32+ 1) /* TSC does not stop in C states */ --#define X86_FEATURE_ARAT ((FSCAPINTS+0)*32+ 2) /* Always running APIC timer */ --#define X86_FEATURE_ARCH_PERFMON ((FSCAPINTS+0)*32+ 3) /* Intel Architectural PerfMon */ --#define X86_FEATURE_TSC_RELIABLE ((FSCAPINTS+0)*32+ 4) /* TSC is known to be reliable */ --#define X86_FEATURE_XTOPOLOGY ((FSCAPINTS+0)*32+ 5) /* cpu topology enum extensions */ --#define X86_FEATURE_CPUID_FAULTING ((FSCAPINTS+0)*32+ 6) /* cpuid faulting */ --#define X86_FEATURE_CLFLUSH_MONITOR ((FSCAPINTS+0)*32+ 7) /* clflush reqd with monitor */ --#define X86_FEATURE_APERFMPERF ((FSCAPINTS+0)*32+ 8) /* APERFMPERF */ -- - #define cpufeat_word(idx) ((idx) / 32) - #define cpufeat_bit(idx) ((idx) % 32) - #define cpufeat_mask(idx) (_AC(1, U) << cpufeat_bit(idx)) ---- a/xen/include/asm-x86/cpufeatureset.h -+++ b/xen/include/asm-x86/cpufeatureset.h -@@ -3,19 +3,25 @@ - - #ifndef __ASSEMBLY__ - -+#include -+ - #define XEN_CPUFEATURE(name, value) X86_FEATURE_##name = value, - enum { - #include -+#include - }; - #undef XEN_CPUFEATURE - --#define XEN_CPUFEATURE(name, value) asm (".equ X86_FEATURE_" #name ", " #value); -+#define XEN_CPUFEATURE(name, value) asm (".equ X86_FEATURE_" #name ", " \ -+ __stringify(value)); - #include -+#include - - #else /* !__ASSEMBLY__ */ - - #define XEN_CPUFEATURE(name, value) .equ X86_FEATURE_##name, value - #include -+#include - - #endif /* __ASSEMBLY__ */ - ---- a/xen/include/asm-x86/cpuid.h -+++ b/xen/include/asm-x86/cpuid.h -@@ -1,12 +1,13 @@ - #ifndef __X86_CPUID_H__ - #define __X86_CPUID_H__ - --#include - #include --#include - - #define FSCAPINTS FEATURESET_NR_ENTRIES - -+#include -+#include -+ - #define FEATURESET_1d 0 /* 0x00000001.edx */ - #define FEATURESET_1c 1 /* 0x00000001.ecx */ - #define FEATURESET_e1d 2 /* 0x80000001.edx */ ---- a/xen/tools/gen-cpuid.py -+++ b/xen/tools/gen-cpuid.py -@@ -291,7 +291,7 @@ def write_results(state): - - state.output.write( - """ --#define FEATURESET_NR_ENTRIES %sU -+#define FEATURESET_NR_ENTRIES %s - - #define CPUID_COMMON_1D_FEATURES %s - diff --git a/57973099-have-schedulers-revise-initial-placement.patch b/57973099-have-schedulers-revise-initial-placement.patch deleted file mode 100644 index 4e3d6d0..0000000 --- a/57973099-have-schedulers-revise-initial-placement.patch +++ /dev/null @@ -1,94 +0,0 @@ -References: bsc#991934 - -# Commit 9f358ddd69463fa8fb65cf67beb5f6f0d3350e32 -# Date 2016-07-26 10:42:49 +0100 -# Author George Dunlap -# Committer George Dunlap -xen: Have schedulers revise initial placement - -The generic domain creation logic in -xen/common/domctl.c:default_vcpu0_location() attempts to try to do -initial placement load-balancing by placing vcpu 0 on the least-busy -non-primary hyperthread available. Unfortunately, the logic can end -up picking a pcpu that's not in the online mask. When this is passed -to a scheduler such which assumes that the initial assignment is -valid, it causes a null pointer dereference looking up the runqueue. - -Furthermore, this initial placement doesn't take into account hard or -soft affinity, or any scheduler-specific knowledge (such as historic -runqueue load, as in credit2). - -To solve this, when inserting a vcpu, always call the per-scheduler -"pick" function to revise the initial placement. This will -automatically take all knowledge the scheduler has into account. - -csched2_cpu_pick ASSERTs that the vcpu's pcpu scheduler lock has been -taken. Grab and release the lock to minimize time spend with irqs -disabled. - -Signed-off-by: George Dunlap -Reviewed-by: Meng Xu -Reviwed-by: Dario Faggioli - ---- a/xen/common/sched_credit.c -+++ b/xen/common/sched_credit.c -@@ -994,6 +994,9 @@ csched_vcpu_insert(const struct schedule - - BUG_ON( is_idle_vcpu(vc) ); - -+ /* This is safe because vc isn't yet being scheduled */ -+ vc->processor = csched_cpu_pick(ops, vc); -+ - lock = vcpu_schedule_lock_irq(vc); - - if ( !__vcpu_on_runq(svc) && vcpu_runnable(vc) && !vc->is_running ) ---- a/xen/common/sched_credit2.c -+++ b/xen/common/sched_credit2.c -@@ -318,6 +318,8 @@ struct csched2_dom { - uint16_t nr_vcpus; - }; - -+static int csched2_cpu_pick(const struct scheduler *ops, struct vcpu *vc); -+ - /* - * When a hard affinity change occurs, we may not be able to check some - * (any!) of the other runqueues, when looking for the best new processor -@@ -956,9 +958,16 @@ csched2_vcpu_insert(const struct schedul - - BUG_ON(is_idle_vcpu(vc)); - -- /* Add vcpu to runqueue of initial processor */ -+ /* csched2_cpu_pick() expects the pcpu lock to be held */ - lock = vcpu_schedule_lock_irq(vc); - -+ vc->processor = csched2_cpu_pick(ops, vc); -+ -+ spin_unlock_irq(lock); -+ -+ lock = vcpu_schedule_lock_irq(vc); -+ -+ /* Add vcpu to runqueue of initial processor */ - runq_assign(ops, vc); - - vcpu_schedule_unlock_irq(lock, vc); ---- a/xen/common/sched_rt.c -+++ b/xen/common/sched_rt.c -@@ -203,6 +203,8 @@ struct rt_dom { - struct domain *dom; /* pointer to upper domain */ - }; - -+static int rt_cpu_pick(const struct scheduler *ops, struct vcpu *vc); -+ - /* - * Useful inline functions - */ -@@ -845,6 +847,9 @@ rt_vcpu_insert(const struct scheduler *o - - BUG_ON( is_idle_vcpu(vc) ); - -+ /* This is safe because vc isn't yet being scheduled */ -+ vc->processor = rt_cpu_pick(ops, vc); -+ - lock = vcpu_schedule_lock_irq(vc); - - now = NOW(); diff --git a/579730e6-remove-buggy-initial-placement-algorithm.patch b/579730e6-remove-buggy-initial-placement-algorithm.patch deleted file mode 100644 index cae6d6d..0000000 --- a/579730e6-remove-buggy-initial-placement-algorithm.patch +++ /dev/null @@ -1,84 +0,0 @@ -References: bsc#991934 - -# Commit d5438accceecc8172db2d37d98b695eb8bc43afc -# Date 2016-07-26 10:44:06 +0100 -# Author George Dunlap -# Committer George Dunlap -xen: Remove buggy initial placement algorithm - -The initial placement algorithm sometimes picks cpus outside of the -mask it's given, does a lot of unnecessary bitmasking, does its own -separate load calculation, and completely ignores vcpu hard and soft -affinities. Just get rid of it and rely on the schedulers to do -initial placement. - -Signed-off-by: George Dunlap -Reviewed-by: Dario Faggioli -Acked-by: Andrew Cooper - ---- a/xen/common/domctl.c -+++ b/xen/common/domctl.c -@@ -217,54 +217,6 @@ void getdomaininfo(struct domain *d, str - memcpy(info->handle, d->handle, sizeof(xen_domain_handle_t)); - } - --static unsigned int default_vcpu0_location(cpumask_t *online) --{ -- struct domain *d; -- struct vcpu *v; -- unsigned int i, cpu, nr_cpus, *cnt; -- cpumask_t cpu_exclude_map; -- -- /* Do an initial CPU placement. Pick the least-populated CPU. */ -- nr_cpus = cpumask_last(&cpu_online_map) + 1; -- cnt = xzalloc_array(unsigned int, nr_cpus); -- if ( cnt ) -- { -- rcu_read_lock(&domlist_read_lock); -- for_each_domain ( d ) -- for_each_vcpu ( d, v ) -- if ( !(v->pause_flags & VPF_down) -- && ((cpu = v->processor) < nr_cpus) ) -- cnt[cpu]++; -- rcu_read_unlock(&domlist_read_lock); -- } -- -- /* -- * If we're on a HT system, we only auto-allocate to a non-primary HT. We -- * favour high numbered CPUs in the event of a tie. -- */ -- cpumask_copy(&cpu_exclude_map, per_cpu(cpu_sibling_mask, 0)); -- cpu = cpumask_first(&cpu_exclude_map); -- i = cpumask_next(cpu, &cpu_exclude_map); -- if ( i < nr_cpu_ids ) -- cpu = i; -- for_each_cpu(i, online) -- { -- if ( cpumask_test_cpu(i, &cpu_exclude_map) ) -- continue; -- if ( (i == cpumask_first(per_cpu(cpu_sibling_mask, i))) && -- (cpumask_next(i, per_cpu(cpu_sibling_mask, i)) < nr_cpu_ids) ) -- continue; -- cpumask_or(&cpu_exclude_map, &cpu_exclude_map, -- per_cpu(cpu_sibling_mask, i)); -- if ( !cnt || cnt[i] <= cnt[cpu] ) -- cpu = i; -- } -- -- xfree(cnt); -- -- return cpu; --} -- - bool_t domctl_lock_acquire(void) - { - /* -@@ -691,7 +643,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe - continue; - - cpu = (i == 0) ? -- default_vcpu0_location(online) : -+ cpumask_any(online) : - cpumask_cycle(d->vcpu[i-1]->processor, online); - - if ( alloc_vcpu(d, i, cpu) == NULL ) diff --git a/57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch b/57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch deleted file mode 100644 index 0de2967..0000000 --- a/57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch +++ /dev/null @@ -1,94 +0,0 @@ -References: bsc#988675 CVE-2016-6258 XSA-182 - -# Commit e1bff4c2ea3b32464510ac00c320bba28a8dbcca -# Date 2016-07-26 14:06:59 +0100 -# Author Andrew Cooper -# Committer Andrew Cooper -x86/pv: Remove unsafe bits from the mod_l?_entry() fastpath - -All changes in writeability and cacheability must go through full -re-validation. - -Rework the logic as a whitelist, to make it clearer to follow. - -This is XSA-182 - -Reported-by: Jérémie Boutoille -Signed-off-by: Andrew Cooper -Reviewed-by: Tim Deegan - ---- a/xen/arch/x86/mm.c -+++ b/xen/arch/x86/mm.c -@@ -1852,6 +1852,14 @@ static inline int update_intpte(intpte_t - _t ## e_get_intpte(_o), _t ## e_get_intpte(_n), \ - (_m), (_v), (_ad)) - -+/* -+ * PTE flags that a guest may change without re-validating the PTE. -+ * All other bits affect translation, caching, or Xen's safety. -+ */ -+#define FASTPATH_FLAG_WHITELIST \ -+ (_PAGE_NX_BIT | _PAGE_AVAIL_HIGH | _PAGE_AVAIL | _PAGE_GLOBAL | \ -+ _PAGE_DIRTY | _PAGE_ACCESSED | _PAGE_USER) -+ - /* Update the L1 entry at pl1e to new value nl1e. */ - static int mod_l1_entry(l1_pgentry_t *pl1e, l1_pgentry_t nl1e, - unsigned long gl1mfn, int preserve_ad, -@@ -1891,9 +1899,8 @@ static int mod_l1_entry(l1_pgentry_t *pl - nl1e = l1e_from_pfn(page_to_mfn(page), l1e_get_flags(nl1e)); - } - -- /* Fast path for identical mapping, r/w, presence, and cachability. */ -- if ( !l1e_has_changed(ol1e, nl1e, -- PAGE_CACHE_ATTRS | _PAGE_RW | _PAGE_PRESENT) ) -+ /* Fast path for sufficiently-similar mappings. */ -+ if ( !l1e_has_changed(ol1e, nl1e, ~FASTPATH_FLAG_WHITELIST) ) - { - adjust_guest_l1e(nl1e, pt_dom); - rc = UPDATE_ENTRY(l1, pl1e, ol1e, nl1e, gl1mfn, pt_vcpu, -@@ -1970,11 +1977,8 @@ static int mod_l2_entry(l2_pgentry_t *pl - return -EINVAL; - } - -- /* Fast path for identical mapping and presence. */ -- if ( !l2e_has_changed(ol2e, nl2e, -- unlikely(opt_allow_superpage) -- ? _PAGE_PSE | _PAGE_RW | _PAGE_PRESENT -- : _PAGE_PRESENT) ) -+ /* Fast path for sufficiently-similar mappings. */ -+ if ( !l2e_has_changed(ol2e, nl2e, ~FASTPATH_FLAG_WHITELIST) ) - { - adjust_guest_l2e(nl2e, d); - if ( UPDATE_ENTRY(l2, pl2e, ol2e, nl2e, pfn, vcpu, preserve_ad) ) -@@ -2039,8 +2043,8 @@ static int mod_l3_entry(l3_pgentry_t *pl - return -EINVAL; - } - -- /* Fast path for identical mapping and presence. */ -- if ( !l3e_has_changed(ol3e, nl3e, _PAGE_PRESENT) ) -+ /* Fast path for sufficiently-similar mappings. */ -+ if ( !l3e_has_changed(ol3e, nl3e, ~FASTPATH_FLAG_WHITELIST) ) - { - adjust_guest_l3e(nl3e, d); - rc = UPDATE_ENTRY(l3, pl3e, ol3e, nl3e, pfn, vcpu, preserve_ad); -@@ -2103,8 +2107,8 @@ static int mod_l4_entry(l4_pgentry_t *pl - return -EINVAL; - } - -- /* Fast path for identical mapping and presence. */ -- if ( !l4e_has_changed(ol4e, nl4e, _PAGE_PRESENT) ) -+ /* Fast path for sufficiently-similar mappings. */ -+ if ( !l4e_has_changed(ol4e, nl4e, ~FASTPATH_FLAG_WHITELIST) ) - { - adjust_guest_l4e(nl4e, d); - rc = UPDATE_ENTRY(l4, pl4e, ol4e, nl4e, pfn, vcpu, preserve_ad); ---- a/xen/include/asm-x86/page.h -+++ b/xen/include/asm-x86/page.h -@@ -313,6 +313,7 @@ void efi_update_l4_pgtable(unsigned int - #define _PAGE_AVAIL2 _AC(0x800,U) - #define _PAGE_AVAIL _AC(0xE00,U) - #define _PAGE_PSE_PAT _AC(0x1000,U) -+#define _PAGE_AVAIL_HIGH (_AC(0x7ff, U) << 12) - #define _PAGE_NX (cpu_has_nx ? _PAGE_NX_BIT : 0) - /* non-architectural flags */ - #define _PAGE_PAGED 0x2000U diff --git a/57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch b/57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch deleted file mode 100644 index 1b16898..0000000 --- a/57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch +++ /dev/null @@ -1,61 +0,0 @@ -References: bsc#988676 CVE-2016-6259 XSA-183 - -# Commit 9f1441487aa215193a7c00fd9cb80b335542465e -# Date 2016-07-26 14:07:04 +0100 -# Author Andrew Cooper -# Committer Andrew Cooper -x86/entry: Avoid SMAP violation in compat_create_bounce_frame() - -A 32bit guest kernel might be running on user mappings. -compat_create_bounce_frame() must whitelist its guest accesses to avoid -risking a SMAP violation. - -For both variants of create_bounce_frame(), re-blacklist user accesses if -execution exits via an exception table redirection. - -This is XSA-183 / CVE-2016-6259 - -Signed-off-by: Andrew Cooper -Reviewed-by: George Dunlap -Reviewed-by: Jan Beulich - ---- a/xen/arch/x86/x86_64/compat/entry.S -+++ b/xen/arch/x86/x86_64/compat/entry.S -@@ -318,6 +318,7 @@ ENTRY(compat_int80_direct_trap) - compat_create_bounce_frame: - ASSERT_INTERRUPTS_ENABLED - mov %fs,%edi -+ ASM_STAC - testb $2,UREGS_cs+8(%rsp) - jz 1f - /* Push new frame at registered guest-OS stack base. */ -@@ -364,6 +365,7 @@ compat_create_bounce_frame: - movl TRAPBOUNCE_error_code(%rdx),%eax - .Lft8: movl %eax,%fs:(%rsi) # ERROR CODE - 1: -+ ASM_CLAC - /* Rewrite our stack frame and return to guest-OS mode. */ - /* IA32 Ref. Vol. 3: TF, VM, RF and NT flags are cleared on trap. */ - andl $~(X86_EFLAGS_VM|X86_EFLAGS_RF|\ -@@ -403,6 +405,7 @@ compat_crash_page_fault_4: - addl $4,%esi - compat_crash_page_fault: - .Lft14: mov %edi,%fs -+ ASM_CLAC - movl %esi,%edi - call show_page_walk - jmp dom_crash_sync_extable ---- a/xen/arch/x86/x86_64/entry.S -+++ b/xen/arch/x86/x86_64/entry.S -@@ -420,9 +420,11 @@ domain_crash_page_fault_16: - domain_crash_page_fault_8: - addq $8,%rsi - domain_crash_page_fault: -+ ASM_CLAC - movq %rsi,%rdi - call show_page_walk - ENTRY(dom_crash_sync_extable) -+ ASM_CLAC - # Get out of the guest-save area of the stack. - GET_STACK_END(ax) - leaq STACK_CPUINFO_FIELD(guest_cpu_user_regs)(%rax),%rsp diff --git a/57a1e603-x86-time-adjust-local-system-time-initialization.patch b/57a1e603-x86-time-adjust-local-system-time-initialization.patch deleted file mode 100644 index 90bf101..0000000 --- a/57a1e603-x86-time-adjust-local-system-time-initialization.patch +++ /dev/null @@ -1,123 +0,0 @@ -References: bsc#970135 - -# Commit bb49fd3092a84ce151f5528794c0e612eeb4961a -# Date 2016-08-03 14:39:31 +0200 -# Author Jan Beulich -# Committer Jan Beulich -x86/time: adjust local system time initialization - -Using the bare return value from read_platform_stime() is not suitable -when local_time_calibration() is going to use its fast path: Divergence -of several dozen microseconds between NOW() return values on different -CPUs results when platform and local time don't stay in close sync. - -Latch local and platform time on the CPU initiating AP bringup, such -that the AP can use these values to seed its stime_local_stamp with as -little of an error as possible. The boot CPU, otoh, can simply -calculate the correct initial value (other CPUs could do so too with -even greater accuracy than the approach being introduced, but that can -work only if all CPUs' TSCs start ticking at the same time, which -generally can't be assumed to be the case on multi-socket systems). - -This slightly defers init_percpu_time() (moved ahead by commit -dd2658f966 ["x86/time: initialise time earlier during -start_secondary()"]) in order to reduce as much as possible the gap -between populating the stamps and consuming them. - -Signed-off-by: Jan Beulich -Tested-by: Dario Faggioli -Tested-by: Joao Martins -Reviewed-by: Andrew Cooper - ---- a/xen/arch/x86/smpboot.c -+++ b/xen/arch/x86/smpboot.c -@@ -328,12 +328,12 @@ void start_secondary(void *unused) - - percpu_traps_init(); - -- init_percpu_time(); -- - cpu_init(); - - smp_callin(); - -+ init_percpu_time(); -+ - setup_secondary_APIC_clock(); - - /* -@@ -996,6 +996,8 @@ int __cpu_up(unsigned int cpu) - if ( (ret = do_boot_cpu(apicid, cpu)) != 0 ) - return ret; - -+ time_latch_stamps(); -+ - set_cpu_state(CPU_STATE_ONLINE); - while ( !cpu_online(cpu) ) - { ---- a/xen/arch/x86/time.c -+++ b/xen/arch/x86/time.c -@@ -1328,21 +1328,52 @@ static void time_calibration(void *unuse - &r, 1); - } - -+static struct { -+ s_time_t local_stime, master_stime; -+} ap_bringup_ref; -+ -+void time_latch_stamps(void) -+{ -+ unsigned long flags; -+ u64 tsc; -+ -+ local_irq_save(flags); -+ ap_bringup_ref.master_stime = read_platform_stime(); -+ tsc = rdtsc(); -+ local_irq_restore(flags); -+ -+ ap_bringup_ref.local_stime = get_s_time_fixed(tsc); -+} -+ - void init_percpu_time(void) - { - struct cpu_time *t = &this_cpu(cpu_time); - unsigned long flags; -+ u64 tsc; - s_time_t now; - - /* Initial estimate for TSC rate. */ - t->tsc_scale = per_cpu(cpu_time, 0).tsc_scale; - - local_irq_save(flags); -- t->local_tsc_stamp = rdtsc(); - now = read_platform_stime(); -+ tsc = rdtsc(); - local_irq_restore(flags); - - t->stime_master_stamp = now; -+ /* -+ * To avoid a discontinuity (TSC and platform clock can't be expected -+ * to be in perfect sync), initialization here needs to match up with -+ * local_time_calibration()'s decision whether to use its fast path. -+ */ -+ if ( boot_cpu_has(X86_FEATURE_CONSTANT_TSC) ) -+ { -+ if ( system_state < SYS_STATE_smp_boot ) -+ now = get_s_time_fixed(tsc); -+ else -+ now += ap_bringup_ref.local_stime - ap_bringup_ref.master_stime; -+ } -+ t->local_tsc_stamp = tsc; - t->stime_local_stamp = now; - } - ---- a/xen/include/asm-x86/time.h -+++ b/xen/include/asm-x86/time.h -@@ -40,6 +40,7 @@ int time_suspend(void); - int time_resume(void); - - void init_percpu_time(void); -+void time_latch_stamps(void); - - struct ioreq; - int hwdom_pit_access(struct ioreq *ioreq); diff --git a/57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch b/57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch deleted file mode 100644 index 2dcd232..0000000 --- a/57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch +++ /dev/null @@ -1,231 +0,0 @@ -References: bsc#970135 - -# Commit fa74e70500fd73dd2fc441c7dc00b190fb37cee5 -# Date 2016-08-03 14:40:44 +0200 -# Author Jan Beulich -# Committer Jan Beulich -x86/time: introduce and use rdtsc_ordered() - -Matching Linux commit 03b9730b76 ("x86/asm/tsc: Add rdtsc_ordered() and -use it in trivial call sites") and earlier ones it builds upon, let's -make sure timing loops don't have their rdtsc()-s re-ordered, as that -would harm precision of the result (values were observed to be several -hundred clocks off without this adjustment). - -Signed-off-by: Jan Beulich -Tested-by: Dario Faggioli -Reviewed-by: Andrew Cooper -Tested-by: Joao Martins - -# Commit 7fb0a87d97201f9c3639f85615eacd93110dc1c5 -# Date 2016-08-05 18:00:45 +0200 -# Author Jan Beulich -# Committer Jan Beulich -x86/time: also use rdtsc_ordered() in check_tsc_warp() - -This really was meant to be added in a v2 of what became commit -fa74e70500 ("x86/time: introduce and use rdtsc_ordered()"). - -Signed-off-by: Jan Beulich -Reviewed-by: Andrew Cooper - ---- a/xen/arch/x86/apic.c -+++ b/xen/arch/x86/apic.c -@@ -1137,7 +1137,7 @@ static int __init calibrate_APIC_clock(v - /* - * We wrapped around just now. Let's start: - */ -- t1 = rdtsc(); -+ t1 = rdtsc_ordered(); - tt1 = apic_read(APIC_TMCCT); - - /* -@@ -1147,7 +1147,7 @@ static int __init calibrate_APIC_clock(v - wait_8254_wraparound(); - - tt2 = apic_read(APIC_TMCCT); -- t2 = rdtsc(); -+ t2 = rdtsc_ordered(); - - /* - * The APIC bus clock counter is 32 bits only, it ---- a/xen/arch/x86/cpu/amd.c -+++ b/xen/arch/x86/cpu/amd.c -@@ -541,6 +541,9 @@ static void init_amd(struct cpuinfo_x86 - wrmsr_amd_safe(0xc001100d, l, h & ~1); - } - -+ /* MFENCE stops RDTSC speculation */ -+ __set_bit(X86_FEATURE_MFENCE_RDTSC, c->x86_capability); -+ - switch(c->x86) - { - case 0xf ... 0x17: ---- a/xen/arch/x86/delay.c -+++ b/xen/arch/x86/delay.c -@@ -21,10 +21,10 @@ void __udelay(unsigned long usecs) - unsigned long ticks = usecs * (cpu_khz / 1000); - unsigned long s, e; - -- s = rdtsc(); -+ s = rdtsc_ordered(); - do - { - rep_nop(); -- e = rdtsc(); -+ e = rdtsc_ordered(); - } while ((e-s) < ticks); - } ---- a/xen/arch/x86/smpboot.c -+++ b/xen/arch/x86/smpboot.c -@@ -123,7 +123,7 @@ static void synchronize_tsc_master(unsig - - for ( i = 1; i <= 5; i++ ) - { -- tsc_value = rdtsc(); -+ tsc_value = rdtsc_ordered(); - wmb(); - atomic_inc(&tsc_count); - while ( atomic_read(&tsc_count) != (i<<1) ) ---- a/xen/arch/x86/time.c -+++ b/xen/arch/x86/time.c -@@ -257,10 +257,10 @@ static u64 init_pit_and_calibrate_tsc(vo - outb(CALIBRATE_LATCH & 0xff, PIT_CH2); /* LSB of count */ - outb(CALIBRATE_LATCH >> 8, PIT_CH2); /* MSB of count */ - -- start = rdtsc(); -+ start = rdtsc_ordered(); - for ( count = 0; (inb(0x61) & 0x20) == 0; count++ ) - continue; -- end = rdtsc(); -+ end = rdtsc_ordered(); - - /* Error if the CTC doesn't behave itself. */ - if ( count == 0 ) -@@ -760,7 +760,7 @@ s_time_t get_s_time_fixed(u64 at_tsc) - if ( at_tsc ) - tsc = at_tsc; - else -- tsc = rdtsc(); -+ tsc = rdtsc_ordered(); - delta = tsc - t->local_tsc_stamp; - now = t->stime_local_stamp + scale_delta(delta, &t->tsc_scale); - -@@ -933,7 +933,7 @@ int cpu_frequency_change(u64 freq) - /* TSC-extrapolated time may be bogus after frequency change. */ - /*t->stime_local_stamp = get_s_time();*/ - t->stime_local_stamp = t->stime_master_stamp; -- curr_tsc = rdtsc(); -+ curr_tsc = rdtsc_ordered(); - t->local_tsc_stamp = curr_tsc; - set_time_scale(&t->tsc_scale, freq); - local_irq_enable(); -@@ -1124,16 +1124,13 @@ static void local_time_calibration(void) - */ - static void check_tsc_warp(unsigned long tsc_khz, unsigned long *max_warp) - { --#define rdtsc_barrier() mb() - static DEFINE_SPINLOCK(sync_lock); - static cycles_t last_tsc; - - cycles_t start, now, prev, end; - int i; - -- rdtsc_barrier(); -- start = get_cycles(); -- rdtsc_barrier(); -+ start = rdtsc_ordered(); - - /* The measurement runs for 20 msecs: */ - end = start + tsc_khz * 20ULL; -@@ -1148,9 +1145,7 @@ static void check_tsc_warp(unsigned long - */ - spin_lock(&sync_lock); - prev = last_tsc; -- rdtsc_barrier(); -- now = get_cycles(); -- rdtsc_barrier(); -+ now = rdtsc_ordered(); - last_tsc = now; - spin_unlock(&sync_lock); - -@@ -1248,7 +1243,7 @@ static void time_calibration_tsc_rendezv - if ( r->master_stime == 0 ) - { - r->master_stime = read_platform_stime(); -- r->master_tsc_stamp = rdtsc(); -+ r->master_tsc_stamp = rdtsc_ordered(); - } - atomic_inc(&r->semaphore); - -@@ -1274,7 +1269,7 @@ static void time_calibration_tsc_rendezv - } - } - -- c->local_tsc_stamp = rdtsc(); -+ c->local_tsc_stamp = rdtsc_ordered(); - c->stime_local_stamp = get_s_time_fixed(c->local_tsc_stamp); - c->stime_master_stamp = r->master_stime; - -@@ -1304,7 +1299,7 @@ static void time_calibration_std_rendezv - mb(); /* receive signal /then/ read r->master_stime */ - } - -- c->local_tsc_stamp = rdtsc(); -+ c->local_tsc_stamp = rdtsc_ordered(); - c->stime_local_stamp = get_s_time_fixed(c->local_tsc_stamp); - c->stime_master_stamp = r->master_stime; - -@@ -1339,7 +1334,7 @@ void time_latch_stamps(void) - - local_irq_save(flags); - ap_bringup_ref.master_stime = read_platform_stime(); -- tsc = rdtsc(); -+ tsc = rdtsc_ordered(); - local_irq_restore(flags); - - ap_bringup_ref.local_stime = get_s_time_fixed(tsc); -@@ -1357,7 +1352,7 @@ void init_percpu_time(void) - - local_irq_save(flags); - now = read_platform_stime(); -- tsc = rdtsc(); -+ tsc = rdtsc_ordered(); - local_irq_restore(flags); - - t->stime_master_stamp = now; ---- a/xen/include/asm-x86/cpufeature.h -+++ b/xen/include/asm-x86/cpufeature.h -@@ -16,6 +16,7 @@ XEN_CPUFEATURE(XTOPOLOGY, (FSCAPIN - XEN_CPUFEATURE(CPUID_FAULTING, (FSCAPINTS+0)*32+ 6) /* cpuid faulting */ - XEN_CPUFEATURE(CLFLUSH_MONITOR, (FSCAPINTS+0)*32+ 7) /* clflush reqd with monitor */ - XEN_CPUFEATURE(APERFMPERF, (FSCAPINTS+0)*32+ 8) /* APERFMPERF */ -+XEN_CPUFEATURE(MFENCE_RDTSC, (FSCAPINTS+0)*32+ 9) /* MFENCE synchronizes RDTSC */ - - #define NCAPINTS (FSCAPINTS + 1) /* N 32-bit words worth of info */ - ---- a/xen/include/asm-x86/msr.h -+++ b/xen/include/asm-x86/msr.h -@@ -80,6 +80,22 @@ static inline uint64_t rdtsc(void) - return ((uint64_t)high << 32) | low; - } - -+static inline uint64_t rdtsc_ordered(void) -+{ -+ /* -+ * The RDTSC instruction is not ordered relative to memory access. -+ * The Intel SDM and the AMD APM are both vague on this point, but -+ * empirically an RDTSC instruction can be speculatively executed -+ * before prior loads. An RDTSC immediately after an appropriate -+ * barrier appears to be ordered as a normal load, that is, it -+ * provides the same ordering guarantees as reading from a global -+ * memory location that some other imaginary CPU is updating -+ * continuously with a time stamp. -+ */ -+ alternative("lfence", "mfence", X86_FEATURE_MFENCE_RDTSC); -+ return rdtsc(); -+} -+ - #define __write_tsc(val) wrmsrl(MSR_IA32_TSC, val) - #define write_tsc(val) ({ \ - /* Reliable TSCs are in lockstep across all CPUs. We should \ diff --git a/57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch b/57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch deleted file mode 100644 index 7f366cd..0000000 --- a/57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch +++ /dev/null @@ -1,298 +0,0 @@ -References: bsc#970135 - -# Commit 93340297802b8e743b6ce66b0bc366af1ad51f39 -# Date 2016-08-04 10:02:52 +0200 -# Author Jan Beulich -# Committer Jan Beulich -x86/time: calibrate TSC against platform timer - -... instead of unconditionally against the PIT. This allows for local -and master system times to remain in better sync (which matters even -when, on any modern system, the master time is really used only during -secondary CPU bringup, as the error between the two is in fact -noticable in cross-CPU NOW() invocation monotonicity). - -This involves moving the init_platform_timer() invocation into -early_time_init(), splitting out the few things which really need to be -done in init_xen_time(). That in turn allows dropping the open coded -PIT initialization from init_IRQ() (it was needed for APIC clock -calibration, which runs between early_time_init() and init_xen_time()). - -In the course of this re-ordering also set the timer channel 2 gate low -after having finished calibration. This should be benign to overall -system operation, but appears to be the more clean state. - -Also do away with open coded 8254 register manipulation from 8259 code. - -Signed-off-by: Jan Beulich -Reviewed-by: Andrew Cooper - ---- a/xen/arch/x86/i8259.c -+++ b/xen/arch/x86/i8259.c -@@ -359,13 +359,6 @@ void __init init_IRQ(void) - - apic_intr_init(); - -- /* Set the clock to HZ Hz */ --#define CLOCK_TICK_RATE 1193182 /* crystal freq (Hz) */ --#define LATCH (((CLOCK_TICK_RATE)+(HZ/2))/HZ) -- outb_p(0x34, PIT_MODE); /* binary, mode 2, LSB/MSB, ch 0 */ -- outb_p(LATCH & 0xff, PIT_CH0); /* LSB */ -- outb(LATCH >> 8, PIT_CH0); /* MSB */ -- - setup_irq(2, 0, &cascade); - } - ---- a/xen/arch/x86/time.c -+++ b/xen/arch/x86/time.c -@@ -59,7 +59,7 @@ struct platform_timesource { - char *name; - u64 frequency; - u64 (*read_counter)(void); -- int (*init)(struct platform_timesource *); -+ s64 (*init)(struct platform_timesource *); - void (*resume)(struct platform_timesource *); - int counter_bits; - }; -@@ -224,49 +224,18 @@ static struct irqaction __read_mostly ir - timer_interrupt, "timer", NULL - }; - --/* ------ Calibrate the TSC ------- -- * Return processor ticks per second / CALIBRATE_FRAC. -- */ -- - #define CLOCK_TICK_RATE 1193182 /* system crystal frequency (Hz) */ - #define CALIBRATE_FRAC 20 /* calibrate over 50ms */ --#define CALIBRATE_LATCH ((CLOCK_TICK_RATE+(CALIBRATE_FRAC/2))/CALIBRATE_FRAC) -+#define CALIBRATE_VALUE(freq) (((freq) + CALIBRATE_FRAC / 2) / CALIBRATE_FRAC) - --static u64 init_pit_and_calibrate_tsc(void) -+static void preinit_pit(void) - { -- u64 start, end; -- unsigned long count; -- - /* Set PIT channel 0 to HZ Hz. */ - #define LATCH (((CLOCK_TICK_RATE)+(HZ/2))/HZ) - outb_p(0x34, PIT_MODE); /* binary, mode 2, LSB/MSB, ch 0 */ - outb_p(LATCH & 0xff, PIT_CH0); /* LSB */ - outb(LATCH >> 8, PIT_CH0); /* MSB */ -- -- /* Set the Gate high, disable speaker */ -- outb((inb(0x61) & ~0x02) | 0x01, 0x61); -- -- /* -- * Now let's take care of CTC channel 2 -- * -- * Set the Gate high, program CTC channel 2 for mode 0, (interrupt on -- * terminal count mode), binary count, load 5 * LATCH count, (LSB and MSB) -- * to begin countdown. -- */ -- outb(0xb0, PIT_MODE); /* binary, mode 0, LSB/MSB, Ch 2 */ -- outb(CALIBRATE_LATCH & 0xff, PIT_CH2); /* LSB of count */ -- outb(CALIBRATE_LATCH >> 8, PIT_CH2); /* MSB of count */ -- -- start = rdtsc_ordered(); -- for ( count = 0; (inb(0x61) & 0x20) == 0; count++ ) -- continue; -- end = rdtsc_ordered(); -- -- /* Error if the CTC doesn't behave itself. */ -- if ( count == 0 ) -- return 0; -- -- return ((end - start) * (u64)CALIBRATE_FRAC); -+#undef LATCH - } - - void set_time_scale(struct time_scale *ts, u64 ticks_per_sec) -@@ -327,10 +296,49 @@ static u64 read_pit_count(void) - return count32; - } - --static int __init init_pit(struct platform_timesource *pts) -+static s64 __init init_pit(struct platform_timesource *pts) - { -+ u8 portb = inb(0x61); -+ u64 start, end; -+ unsigned long count; -+ - using_pit = 1; -- return 1; -+ -+ /* Set the Gate high, disable speaker. */ -+ outb((portb & ~0x02) | 0x01, 0x61); -+ -+ /* -+ * Now let's take care of CTC channel 2: mode 0, (interrupt on -+ * terminal count mode), binary count, load CALIBRATE_LATCH count, -+ * (LSB and MSB) to begin countdown. -+ */ -+#define CALIBRATE_LATCH CALIBRATE_VALUE(CLOCK_TICK_RATE) -+ outb(0xb0, PIT_MODE); /* binary, mode 0, LSB/MSB, Ch 2 */ -+ outb(CALIBRATE_LATCH & 0xff, PIT_CH2); /* LSB of count */ -+ outb(CALIBRATE_LATCH >> 8, PIT_CH2); /* MSB of count */ -+#undef CALIBRATE_LATCH -+ -+ start = rdtsc_ordered(); -+ for ( count = 0; !(inb(0x61) & 0x20); ++count ) -+ continue; -+ end = rdtsc_ordered(); -+ -+ /* Set the Gate low, disable speaker. */ -+ outb(portb & ~0x03, 0x61); -+ -+ /* Error if the CTC doesn't behave itself. */ -+ if ( count == 0 ) -+ return 0; -+ -+ return (end - start) * CALIBRATE_FRAC; -+} -+ -+static void resume_pit(struct platform_timesource *pts) -+{ -+ /* Set CTC channel 2 to mode 0 again; initial value does not matter. */ -+ outb(0xb0, PIT_MODE); /* binary, mode 0, LSB/MSB, Ch 2 */ -+ outb(0, PIT_CH2); /* LSB of count */ -+ outb(0, PIT_CH2); /* MSB of count */ - } - - static struct platform_timesource __initdata plt_pit = -@@ -340,7 +348,8 @@ static struct platform_timesource __init - .frequency = CLOCK_TICK_RATE, - .read_counter = read_pit_count, - .counter_bits = 32, -- .init = init_pit -+ .init = init_pit, -+ .resume = resume_pit, - }; - - /************************************************************ -@@ -352,15 +361,26 @@ static u64 read_hpet_count(void) - return hpet_read32(HPET_COUNTER); - } - --static int __init init_hpet(struct platform_timesource *pts) -+static s64 __init init_hpet(struct platform_timesource *pts) - { -- u64 hpet_rate = hpet_setup(); -+ u64 hpet_rate = hpet_setup(), start; -+ u32 count, target; - - if ( hpet_rate == 0 ) - return 0; - - pts->frequency = hpet_rate; -- return 1; -+ -+ count = hpet_read32(HPET_COUNTER); -+ start = rdtsc_ordered(); -+ target = count + CALIBRATE_VALUE(hpet_rate); -+ if ( target < count ) -+ while ( hpet_read32(HPET_COUNTER) >= count ) -+ continue; -+ while ( hpet_read32(HPET_COUNTER) < target ) -+ continue; -+ -+ return (rdtsc_ordered() - start) * CALIBRATE_FRAC; - } - - static void resume_hpet(struct platform_timesource *pts) -@@ -392,12 +412,24 @@ static u64 read_pmtimer_count(void) - return inl(pmtmr_ioport); - } - --static int __init init_pmtimer(struct platform_timesource *pts) -+static s64 __init init_pmtimer(struct platform_timesource *pts) - { -+ u64 start; -+ u32 count, target, mask = 0xffffff; -+ - if ( pmtmr_ioport == 0 ) - return 0; - -- return 1; -+ count = inl(pmtmr_ioport) & mask; -+ start = rdtsc_ordered(); -+ target = count + CALIBRATE_VALUE(ACPI_PM_FREQUENCY); -+ if ( target < count ) -+ while ( (inl(pmtmr_ioport) & mask) >= count ) -+ continue; -+ while ( (inl(pmtmr_ioport) & mask) < target ) -+ continue; -+ -+ return (rdtsc_ordered() - start) * CALIBRATE_FRAC; - } - - static struct platform_timesource __initdata plt_pmtimer = -@@ -533,14 +565,15 @@ static void resume_platform_timer(void) - plt_stamp = plt_src.read_counter(); - } - --static void __init init_platform_timer(void) -+static u64 __init init_platform_timer(void) - { - static struct platform_timesource * __initdata plt_timers[] = { - &plt_hpet, &plt_pmtimer, &plt_pit - }; - - struct platform_timesource *pts = NULL; -- int i, rc = -1; -+ unsigned int i; -+ s64 rc = -1; - - if ( opt_clocksource[0] != '\0' ) - { -@@ -578,15 +611,12 @@ static void __init init_platform_timer(v - - plt_overflow_period = scale_delta( - 1ull << (pts->counter_bits-1), &plt_scale); -- init_timer(&plt_overflow_timer, plt_overflow, NULL, 0); - plt_src = *pts; -- plt_overflow(NULL); -- -- platform_timer_stamp = plt_stamp64; -- stime_platform_stamp = NOW(); - - printk("Platform timer is %s %s\n", - freq_string(pts->frequency), pts->name); -+ -+ return rc; - } - - u64 stime2tsc(s_time_t stime) -@@ -1474,7 +1504,11 @@ int __init init_xen_time(void) - /* NB. get_cmos_time() can take over one second to execute. */ - do_settime(get_cmos_time(), 0, NOW()); - -- init_platform_timer(); -+ /* Finish platform timer initialization. */ -+ init_timer(&plt_overflow_timer, plt_overflow, NULL, 0); -+ plt_overflow(NULL); -+ platform_timer_stamp = plt_stamp64; -+ stime_platform_stamp = NOW(); - - init_percpu_time(); - -@@ -1489,7 +1523,10 @@ int __init init_xen_time(void) - void __init early_time_init(void) - { - struct cpu_time *t = &this_cpu(cpu_time); -- u64 tmp = init_pit_and_calibrate_tsc(); -+ u64 tmp; -+ -+ preinit_pit(); -+ tmp = init_platform_timer(); - - set_time_scale(&t->tsc_scale, tmp); - t->local_tsc_stamp = boot_tsc_stamp; -@@ -1598,7 +1635,7 @@ int time_suspend(void) - - int time_resume(void) - { -- init_pit_and_calibrate_tsc(); -+ preinit_pit(); - - resume_platform_timer(); - diff --git a/57a30261-x86-support-newer-Intel-CPU-models.patch b/57a30261-x86-support-newer-Intel-CPU-models.patch deleted file mode 100644 index e05ad75..0000000 --- a/57a30261-x86-support-newer-Intel-CPU-models.patch +++ /dev/null @@ -1,200 +0,0 @@ -# Commit 350bc1a9d4ebc03b18a43cdafcb626618caace55 -# Date 2016-08-04 10:52:49 +0200 -# Author Jan Beulich -# Committer Jan Beulich -x86: support newer Intel CPU models - -... as per the June 2016 edition of the SDM. - -Also remove a couple of dead break statements as well as unused -*MSR_PM_LASTBRANCH* #define-s. - -Signed-off-by: Jan Beulich -Acked-by: Andrew Cooper -Acked-by: Kevin Tian - ---- a/xen/arch/x86/acpi/cpu_idle.c -+++ b/xen/arch/x86/acpi/cpu_idle.c -@@ -61,14 +61,14 @@ - - #define GET_HW_RES_IN_NS(msr, val) \ - do { rdmsrl(msr, val); val = tsc_ticks2ns(val); } while( 0 ) --#define GET_MC6_RES(val) GET_HW_RES_IN_NS(0x664, val) /* Atom E3000 only */ -+#define GET_MC6_RES(val) GET_HW_RES_IN_NS(0x664, val) - #define GET_PC2_RES(val) GET_HW_RES_IN_NS(0x60D, val) /* SNB onwards */ - #define GET_PC3_RES(val) GET_HW_RES_IN_NS(0x3F8, val) - #define GET_PC6_RES(val) GET_HW_RES_IN_NS(0x3F9, val) - #define GET_PC7_RES(val) GET_HW_RES_IN_NS(0x3FA, val) --#define GET_PC8_RES(val) GET_HW_RES_IN_NS(0x630, val) /* some Haswells only */ --#define GET_PC9_RES(val) GET_HW_RES_IN_NS(0x631, val) /* some Haswells only */ --#define GET_PC10_RES(val) GET_HW_RES_IN_NS(0x632, val) /* some Haswells only */ -+#define GET_PC8_RES(val) GET_HW_RES_IN_NS(0x630, val) -+#define GET_PC9_RES(val) GET_HW_RES_IN_NS(0x631, val) -+#define GET_PC10_RES(val) GET_HW_RES_IN_NS(0x632, val) - #define GET_CC1_RES(val) GET_HW_RES_IN_NS(0x660, val) /* Silvermont only */ - #define GET_CC3_RES(val) GET_HW_RES_IN_NS(0x3FC, val) - #define GET_CC6_RES(val) GET_HW_RES_IN_NS(0x3FD, val) -@@ -142,6 +142,8 @@ static void do_get_hw_residencies(void * - { - /* 4th generation Intel Core (Haswell) */ - case 0x45: -+ /* Xeon E5/E7 v4 (Broadwell) */ -+ case 0x4F: - GET_PC8_RES(hw_res->pc8); - GET_PC9_RES(hw_res->pc9); - GET_PC10_RES(hw_res->pc10); -@@ -158,10 +160,11 @@ static void do_get_hw_residencies(void * - case 0x46: - /* Broadwell */ - case 0x3D: -- case 0x4F: -+ case 0x47: - case 0x56: -- /* future */ -+ /* Skylake */ - case 0x4E: -+ case 0x5E: - GET_PC2_RES(hw_res->pc2); - GET_CC7_RES(hw_res->cc7); - /* fall through */ -@@ -198,18 +201,28 @@ static void do_get_hw_residencies(void * - break; - /* Silvermont */ - case 0x37: -- GET_MC6_RES(hw_res->mc6); -- /* fall through */ - case 0x4A: - case 0x4D: - case 0x5A: - case 0x5D: - /* Airmont */ - case 0x4C: -+ GET_MC6_RES(hw_res->mc6); - GET_PC7_RES(hw_res->pc6); /* abusing GET_PC7_RES */ - GET_CC1_RES(hw_res->cc1); - GET_CC6_RES(hw_res->cc6); - break; -+ /* Goldmont */ -+ case 0x5C: -+ case 0x5F: -+ GET_PC2_RES(hw_res->pc2); -+ GET_PC3_RES(hw_res->pc3); -+ GET_PC6_RES(hw_res->pc6); -+ GET_PC10_RES(hw_res->pc10); -+ GET_CC1_RES(hw_res->cc1); -+ GET_CC3_RES(hw_res->cc3); -+ GET_CC6_RES(hw_res->cc6); -+ break; - } - } - ---- a/xen/arch/x86/hvm/vmx/vmx.c -+++ b/xen/arch/x86/hvm/vmx/vmx.c -@@ -2526,6 +2526,14 @@ static const struct lbr_info { - { MSR_P4_LASTBRANCH_0_FROM_LIP, NUM_MSR_P4_LASTBRANCH_FROM_TO }, - { MSR_P4_LASTBRANCH_0_TO_LIP, NUM_MSR_P4_LASTBRANCH_FROM_TO }, - { 0, 0 } -+}, sk_lbr[] = { -+ { MSR_IA32_LASTINTFROMIP, 1 }, -+ { MSR_IA32_LASTINTTOIP, 1 }, -+ { MSR_SKL_LASTBRANCH_TOS, 1 }, -+ { MSR_SKL_LASTBRANCH_0_FROM_IP, NUM_MSR_SKL_LASTBRANCH }, -+ { MSR_SKL_LASTBRANCH_0_TO_IP, NUM_MSR_SKL_LASTBRANCH }, -+ { MSR_SKL_LASTBRANCH_0_INFO, NUM_MSR_SKL_LASTBRANCH }, -+ { 0, 0 } - }, at_lbr[] = { - { MSR_IA32_LASTINTFROMIP, 1 }, - { MSR_IA32_LASTINTTOIP, 1 }, -@@ -2533,6 +2541,13 @@ static const struct lbr_info { - { MSR_C2_LASTBRANCH_0_FROM_IP, NUM_MSR_ATOM_LASTBRANCH_FROM_TO }, - { MSR_C2_LASTBRANCH_0_TO_IP, NUM_MSR_ATOM_LASTBRANCH_FROM_TO }, - { 0, 0 } -+}, gm_lbr[] = { -+ { MSR_IA32_LASTINTFROMIP, 1 }, -+ { MSR_IA32_LASTINTTOIP, 1 }, -+ { MSR_GM_LASTBRANCH_TOS, 1 }, -+ { MSR_GM_LASTBRANCH_0_FROM_IP, NUM_MSR_GM_LASTBRANCH_FROM_TO }, -+ { MSR_GM_LASTBRANCH_0_TO_IP, NUM_MSR_GM_LASTBRANCH_FROM_TO }, -+ { 0, 0 } - }; - - static const struct lbr_info *last_branch_msr_get(void) -@@ -2547,7 +2562,6 @@ static const struct lbr_info *last_branc - /* Enhanced Core */ - case 23: - return c2_lbr; -- break; - /* Nehalem */ - case 26: case 30: case 31: case 46: - /* Westmere */ -@@ -2559,11 +2573,13 @@ static const struct lbr_info *last_branc - /* Haswell */ - case 60: case 63: case 69: case 70: - /* Broadwell */ -- case 61: case 79: case 86: -- /* future */ -- case 78: -+ case 61: case 71: case 79: case 86: - return nh_lbr; -- break; -+ /* Skylake */ -+ case 78: case 94: -+ /* future */ -+ case 142: case 158: -+ return sk_lbr; - /* Atom */ - case 28: case 38: case 39: case 53: case 54: - /* Silvermont */ -@@ -2573,7 +2589,9 @@ static const struct lbr_info *last_branc - /* Airmont */ - case 76: - return at_lbr; -- break; -+ /* Goldmont */ -+ case 92: case 95: -+ return gm_lbr; - } - break; - -@@ -2583,7 +2601,6 @@ static const struct lbr_info *last_branc - /* Pentium4/Xeon with em64t */ - case 3: case 4: case 6: - return p4_lbr; -- break; - } - break; - } ---- a/xen/include/asm-x86/msr-index.h -+++ b/xen/include/asm-x86/msr-index.h -@@ -458,11 +458,6 @@ - #define MSR_P4_LASTBRANCH_0_TO_LIP 0x000006c0 - #define NUM_MSR_P4_LASTBRANCH_FROM_TO 16 - --/* Pentium M (and Core) last-branch recording */ --#define MSR_PM_LASTBRANCH_TOS 0x000001c9 --#define MSR_PM_LASTBRANCH_0 0x00000040 --#define NUM_MSR_PM_LASTBRANCH 8 -- - /* Core 2 and Atom last-branch recording */ - #define MSR_C2_LASTBRANCH_TOS 0x000001c9 - #define MSR_C2_LASTBRANCH_0_FROM_IP 0x00000040 -@@ -470,6 +465,19 @@ - #define NUM_MSR_C2_LASTBRANCH_FROM_TO 4 - #define NUM_MSR_ATOM_LASTBRANCH_FROM_TO 8 - -+/* Skylake (and newer) last-branch recording */ -+#define MSR_SKL_LASTBRANCH_TOS 0x000001c9 -+#define MSR_SKL_LASTBRANCH_0_FROM_IP 0x00000680 -+#define MSR_SKL_LASTBRANCH_0_TO_IP 0x000006c0 -+#define MSR_SKL_LASTBRANCH_0_INFO 0x00000dc0 -+#define NUM_MSR_SKL_LASTBRANCH 32 -+ -+/* Goldmont last-branch recording */ -+#define MSR_GM_LASTBRANCH_TOS 0x000001c9 -+#define MSR_GM_LASTBRANCH_0_FROM_IP 0x00000680 -+#define MSR_GM_LASTBRANCH_0_TO_IP 0x000006c0 -+#define NUM_MSR_GM_LASTBRANCH_FROM_TO 32 -+ - /* Intel Core-based CPU performance counters */ - #define MSR_CORE_PERF_FIXED_CTR0 0x00000309 - #define MSR_CORE_PERF_FIXED_CTR1 0x0000030a diff --git a/57ac6316-don-t-restrict-DMA-heap-to-node-0.patch b/57ac6316-don-t-restrict-DMA-heap-to-node-0.patch deleted file mode 100644 index d4b6881..0000000 --- a/57ac6316-don-t-restrict-DMA-heap-to-node-0.patch +++ /dev/null @@ -1,102 +0,0 @@ -References: bsc#992224 - -# Commit d0d6597d3d682f324b6a79e3278e6f5bb6bad153 -# Date 2016-08-11 13:35:50 +0200 -# Author Jan Beulich -# Committer Jan Beulich -page-alloc/x86: don't restrict DMA heap to node 0 - -When node zero has no memory, the DMA bit width will end up getting set -to 9, which is obviously not helpful to hold back a reasonable amount -of low enough memory for Dom0 to use for DMA purposes. Find the lowest -node with memory below 4Gb instead. - -Introduce arch_get_dma_bitsize() to keep this arch-specific logic out -of common code. - -Also adjust the original calculation: I think the subtraction of 1 -should have been part of the flsl() argument rather than getting -applied to its result. And while previously the division by 4 was valid -to be done on the flsl() result, this now also needs to be converted, -as is should only be applied to the spanned pages value. - -Signed-off-by: Jan Beulich -Acked-by: Julien Grall -Reviewed-by: Andrew Cooper - ---- a/xen/arch/x86/numa.c -+++ b/xen/arch/x86/numa.c -@@ -355,11 +355,25 @@ void __init init_cpu_to_node(void) - } - } - --EXPORT_SYMBOL(cpu_to_node); --EXPORT_SYMBOL(node_to_cpumask); --EXPORT_SYMBOL(memnode_shift); --EXPORT_SYMBOL(memnodemap); --EXPORT_SYMBOL(node_data); -+unsigned int __init arch_get_dma_bitsize(void) -+{ -+ unsigned int node; -+ -+ for_each_online_node(node) -+ if ( node_spanned_pages(node) && -+ !(node_start_pfn(node) >> (32 - PAGE_SHIFT)) ) -+ break; -+ if ( node >= MAX_NUMNODES ) -+ panic("No node with memory below 4Gb"); -+ -+ /* -+ * Try to not reserve the whole node's memory for DMA, but dividing -+ * its spanned pages by (arbitrarily chosen) 4. -+ */ -+ return min_t(unsigned int, -+ flsl(node_start_pfn(node) + node_spanned_pages(node) / 4 - 1) -+ + PAGE_SHIFT, 32); -+} - - static void dump_numa(unsigned char key) - { ---- a/xen/common/page_alloc.c -+++ b/xen/common/page_alloc.c -@@ -1368,16 +1368,7 @@ void __init end_boot_allocator(void) - init_heap_pages(virt_to_page(bootmem_region_list), 1); - - if ( !dma_bitsize && (num_online_nodes() > 1) ) -- { --#ifdef CONFIG_X86 -- dma_bitsize = min_t(unsigned int, -- flsl(NODE_DATA(0)->node_spanned_pages) - 1 -- + PAGE_SHIFT - 2, -- 32); --#else -- dma_bitsize = 32; --#endif -- } -+ dma_bitsize = arch_get_dma_bitsize(); - - printk("Domain heap initialised"); - if ( dma_bitsize ) ---- a/xen/include/asm-arm/numa.h -+++ b/xen/include/asm-arm/numa.h -@@ -17,6 +17,11 @@ static inline __attribute__((pure)) node - #define node_start_pfn(nid) (pdx_to_pfn(frametable_base_pdx)) - #define __node_distance(a, b) (20) - -+static inline unsigned int arch_get_dma_bitsize(void) -+{ -+ return 32; -+} -+ - #endif /* __ARCH_ARM_NUMA_H */ - /* - * Local variables: ---- a/xen/include/asm-x86/numa.h -+++ b/xen/include/asm-x86/numa.h -@@ -86,5 +86,6 @@ extern int valid_numa_range(u64 start, u - - void srat_parse_regions(u64 addr); - extern u8 __node_distance(nodeid_t a, nodeid_t b); -+unsigned int arch_get_dma_bitsize(void); - - #endif diff --git a/57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch b/57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch deleted file mode 100644 index 2b19a6e..0000000 --- a/57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch +++ /dev/null @@ -1,48 +0,0 @@ -References: bsc#978755 bsc#983697 - -# Commit c5b4805bcd6bc749a8717e7406faa4a0e95468b4 -# Date 2016-08-19 17:03:33 +0200 -# Author Jan Beulich -# Committer Jan Beulich -x86/EFI: don't apply relocations to l{2,3}_bootmap - -Other than claimed in commit 2ce5963727's ("x86: construct the -{l2,l3}_bootmap at compile time") the initialization of the two page -tables doesn't take care of everything without furher adjustment: The -compile time initialization obviously requires base relocations, and -those get processed after efi_arch_memory_setup(). Hence without -additional care the correctly initialized values may then get wrongly -"adjusted" again. Except the two table from being subject to base -relocation. - -Signed-off-by: Jan Beulich -Reviewed-by: Andrew Cooper - ---- a/xen/arch/x86/efi/efi-boot.h -+++ b/xen/arch/x86/efi/efi-boot.h -@@ -47,11 +47,23 @@ static void __init efi_arch_relocate_ima - - for ( base_relocs = __base_relocs_start; base_relocs < __base_relocs_end; ) - { -- unsigned int i, n; -+ unsigned int i = 0, n; - - n = (base_relocs->size - sizeof(*base_relocs)) / - sizeof(*base_relocs->entries); -- for ( i = 0; i < n; ++i ) -+ -+ /* -+ * Relevant l{2,3}_bootmap entries get initialized explicitly in -+ * efi_arch_memory_setup(), so we must not apply relocations there. -+ * l2_identmap's first slot, otoh, should be handled normally, as -+ * efi_arch_memory_setup() won't touch it (xen_phys_start should -+ * never be zero). -+ */ -+ if ( xen_phys_start + base_relocs->rva == (unsigned long)l3_bootmap || -+ xen_phys_start + base_relocs->rva == (unsigned long)l2_bootmap ) -+ i = n; -+ -+ for ( ; i < n; ++i ) - { - unsigned long addr = xen_phys_start + base_relocs->rva + - (base_relocs->entries[i] & 0xfff); diff --git a/57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch b/57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch deleted file mode 100644 index 5c1d27c..0000000 --- a/57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch +++ /dev/null @@ -1,52 +0,0 @@ -# Commit 2a99aa99fc84a45f505f84802af56b006d14c52e -# Date 2016-08-19 18:40:11 +0100 -# Author Andrew Cooper -# Committer Andrew Cooper -xen/physmap: Do not permit a guest to populate PoD pages for itself - -PoD is supposed to be entirely transparent to guest, but this interface has -been left exposed for a long time. - -The use of PoD requires careful co-ordination by the toolstack with the -XENMEM_{get,set}_pod_target hypercalls, and xenstore ballooning target. The -best a guest can do without toolstack cooperation crash. - -Furthermore, there are combinations of features (e.g. c/s c63868ff "libxl: -disallow PCI device assignment for HVM guest when PoD is enabled") which a -toolstack might wish to explicitly prohibit (in this case, because the two -simply don't function in combination). In such cases, the guest mustn't be -able to subvert the configuration chosen by the toolstack. - -Signed-off-by: Andrew Cooper -Acked-by: Jan Beulich - ---- a/xen/common/memory.c -+++ b/xen/common/memory.c -@@ -140,14 +140,14 @@ static void populate_physmap(struct memo - struct page_info *page; - unsigned int i, j; - xen_pfn_t gpfn, mfn; -- struct domain *d = a->domain; -+ struct domain *d = a->domain, *curr_d = current->domain; - - if ( !guest_handle_subrange_okay(a->extent_list, a->nr_done, - a->nr_extents-1) ) - return; - - if ( a->extent_order > (a->memflags & MEMF_populate_on_demand ? MAX_ORDER : -- max_order(current->domain)) ) -+ max_order(curr_d)) ) - return; - - for ( i = a->nr_done; i < a->nr_extents; i++ ) -@@ -163,6 +163,10 @@ static void populate_physmap(struct memo - - if ( a->memflags & MEMF_populate_on_demand ) - { -+ /* Disallow populating PoD pages on oneself. */ -+ if ( d == curr_d ) -+ goto out; -+ - if ( guest_physmap_mark_populate_on_demand(d, gpfn, - a->extent_order) < 0 ) - goto out; diff --git a/57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch b/57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch deleted file mode 100644 index 69015db..0000000 --- a/57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch +++ /dev/null @@ -1,25 +0,0 @@ -# Commit 81caac0cd0f56b0052a7884e6bd99e3a652ddd59 -# Date 2016-08-29 16:05:31 +0200 -# Author Suravee Suthikulpanit -# Committer Jan Beulich -x86/HVM: add guarding logic for VMX specific code - -The struct hvm_domain.vmx is defined in a union along with the svm. -This can causes issue for SVM since this code is used in the common -scheduling code for x86. The logic must check for cpu_has_vmx before -accessing the hvm_domain.vmx sturcture. - -Signed-off-by: Suravee Suthikulpanit -Acked-by: Jan Beulich - ---- a/xen/include/asm-x86/hvm/hvm.h -+++ b/xen/include/asm-x86/hvm/hvm.h -@@ -611,7 +611,7 @@ unsigned long hvm_cr4_guest_reserved_bit - struct vcpu *v_ = (v); \ - struct domain *d_ = v_->domain; \ - if ( has_hvm_container_domain(d_) && \ -- d_->arch.hvm_domain.vmx.vcpu_block ) \ -+ (cpu_has_vmx && d_->arch.hvm_domain.vmx.vcpu_block) ) \ - d_->arch.hvm_domain.vmx.vcpu_block(v_); \ - }) - diff --git a/57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch b/57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch deleted file mode 100644 index 3e7d4ad..0000000 --- a/57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch +++ /dev/null @@ -1,30 +0,0 @@ -# Commit 9daed8321b44c3ca82e412eb130f84e6b6c17dc5 -# Date 2016-08-30 13:43:31 +0100 -# Author Juergen Gross -# Committer Wei Liu -libxc: correct max_pfn calculation for saving domain - -Commit 91e204d37f44913913776d0a89279721694f8b32 ("libxc: try to find -last used pfn when migrating") introduced a bug for the case of a -domain supporting the virtual mapped linear p2m list: the maximum pfn -of the domain calculated from the p2m memory allocation might be too -low. - -Correct this. - -Reported-by: Stefan Bader -Signed-off-by: Juergen Gross -Tested-by: Stefan Bader -Acked-by: Wei Liu - ---- a/tools/libxc/xc_sr_save_x86_pv.c -+++ b/tools/libxc/xc_sr_save_x86_pv.c -@@ -430,6 +430,8 @@ static int map_p2m_list(struct xc_sr_con - - if ( level == 2 ) - { -+ if ( saved_idx == idx_end ) -+ saved_idx++; - max_pfn = ((xen_pfn_t)saved_idx << 9) * fpp - 1; - if ( max_pfn < ctx->x86_pv.max_pfn ) - { diff --git a/57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch b/57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch deleted file mode 100644 index d033379..0000000 --- a/57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch +++ /dev/null @@ -1,51 +0,0 @@ -# Commit 3b7cac5232012e167b284aba738fef1eceda33f8 -# Date 2016-09-01 11:41:03 +0100 -# Author Andrew Cooper -# Committer Andrew Cooper -x86/levelling: Restrict non-architectural OSXSAVE handling to emulated CPUID - -There is no need to extend the workaround to the faulted CPUID view, as -Linux's dependence on the workaround is stricly via the emulated view. - -This causes a guest kernel faulted CPUID to observe architectural behaviour -with respect to its CR4.OSXSAVE setting. - -Signed-off-by: Andrew Cooper -Reviewed-by: Jan Beulich - ---- a/xen/arch/x86/traps.c -+++ b/xen/arch/x86/traps.c -@@ -972,6 +972,8 @@ void pv_cpuid(struct cpu_user_regs *regs - * - * Therefore, the leaking of Xen's OSXSAVE setting has become a - * defacto part of the PV ABI and can't reasonably be corrected. -+ * It can however be restricted to only the enlightened CPUID -+ * view, as seen by the guest kernel. - * - * The following situations and logic now applies: - * -@@ -985,14 +987,18 @@ void pv_cpuid(struct cpu_user_regs *regs - * - * - Enlightened CPUID or CPUID faulting available: - * Xen can fully control what is seen here. Guest kernels need -- * to see the leaked OSXSAVE, but guest userspace is given -- * architectural behaviour, to reflect the guest kernels -- * intentions. -+ * to see the leaked OSXSAVE via the enlightened path, but -+ * guest userspace and the native is given architectural -+ * behaviour. -+ * -+ * Emulated vs Faulted CPUID is distinguised based on whether a -+ * #UD or #GP is currently being serviced. - */ - /* OSXSAVE cleared by pv_featureset. Fast-forward CR4 back in. */ -- if ( (guest_kernel_mode(curr, regs) && -- (read_cr4() & X86_CR4_OSXSAVE)) || -- (curr->arch.pv_vcpu.ctrlreg[4] & X86_CR4_OSXSAVE) ) -+ if ( (curr->arch.pv_vcpu.ctrlreg[4] & X86_CR4_OSXSAVE) || -+ (regs->entry_vector == TRAP_invalid_op && -+ guest_kernel_mode(curr, regs) && -+ (read_cr4() & X86_CR4_OSXSAVE)) ) - c |= cpufeat_mask(X86_FEATURE_OSXSAVE); - - /* diff --git a/57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch b/57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch deleted file mode 100644 index c8821e7..0000000 --- a/57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch +++ /dev/null @@ -1,80 +0,0 @@ -# Commit 33b23e5ab319a6bf9bfd38c4d9268fa6d9d072c6 -# Date 2016-09-01 11:41:05 +0100 -# Author Andrew Cooper -# Committer Andrew Cooper -x86/levelling: Pass a vcpu rather than a domain to ctxt_switch_levelling() - -A subsequent change needs to special-case OSXSAVE handling, which is per-vcpu -rather than per-domain. - -No functional change. - -Signed-off-by: Andrew Cooper -Reviewed-by: Jan Beulich - ---- a/xen/arch/x86/cpu/amd.c -+++ b/xen/arch/x86/cpu/amd.c -@@ -203,9 +203,10 @@ static void __init noinline probe_maskin - * used to context switch to the default host state (by the cpu bringup-code, - * crash path, etc). - */ --static void amd_ctxt_switch_levelling(const struct domain *nextd) -+static void amd_ctxt_switch_levelling(const struct vcpu *next) - { - struct cpuidmasks *these_masks = &this_cpu(cpuidmasks); -+ const struct domain *nextd = next ? next->domain : NULL; - const struct cpuidmasks *masks = - (nextd && is_pv_domain(nextd) && nextd->arch.pv_domain.cpuidmasks) - ? nextd->arch.pv_domain.cpuidmasks : &cpuidmask_defaults; ---- a/xen/arch/x86/cpu/common.c -+++ b/xen/arch/x86/cpu/common.c -@@ -90,11 +90,11 @@ static const struct cpu_dev default_cpu - }; - static const struct cpu_dev *this_cpu = &default_cpu; - --static void default_ctxt_switch_levelling(const struct domain *nextd) -+static void default_ctxt_switch_levelling(const struct vcpu *next) - { - /* Nop */ - } --void (* __read_mostly ctxt_switch_levelling)(const struct domain *nextd) = -+void (* __read_mostly ctxt_switch_levelling)(const struct vcpu *next) = - default_ctxt_switch_levelling; - - bool_t opt_cpu_info; ---- a/xen/arch/x86/cpu/intel.c -+++ b/xen/arch/x86/cpu/intel.c -@@ -151,9 +151,10 @@ static void __init probe_masking_msrs(vo - * used to context switch to the default host state (by the cpu bringup-code, - * crash path, etc). - */ --static void intel_ctxt_switch_levelling(const struct domain *nextd) -+static void intel_ctxt_switch_levelling(const struct vcpu *next) - { - struct cpuidmasks *these_masks = &this_cpu(cpuidmasks); -+ const struct domain *nextd = next ? next->domain : NULL; - const struct cpuidmasks *masks; - - if (cpu_has_cpuid_faulting) { ---- a/xen/arch/x86/domain.c -+++ b/xen/arch/x86/domain.c -@@ -2107,7 +2107,7 @@ void context_switch(struct vcpu *prev, s - load_segments(next); - } - -- ctxt_switch_levelling(nextd); -+ ctxt_switch_levelling(next); - } - - context_saved(prev); ---- a/xen/include/asm-x86/processor.h -+++ b/xen/include/asm-x86/processor.h -@@ -211,7 +211,7 @@ extern struct cpuinfo_x86 boot_cpu_data; - extern struct cpuinfo_x86 cpu_data[]; - #define current_cpu_data cpu_data[smp_processor_id()] - --extern void (*ctxt_switch_levelling)(const struct domain *nextd); -+extern void (*ctxt_switch_levelling)(const struct vcpu *next); - - extern u64 host_pat; - extern bool_t opt_cpu_info; diff --git a/57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch b/57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch deleted file mode 100644 index c8a9982..0000000 --- a/57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch +++ /dev/null @@ -1,164 +0,0 @@ -# Commit 08e7738ec3644350fbac0325085baac6b3c7cd11 -# Date 2016-09-01 11:41:07 +0100 -# Author Andrew Cooper -# Committer Andrew Cooper -x86/levelling: Provide architectural OSXSAVE handling to masked native CPUID - -Contrary to c/s b2507fe7 "x86/domctl: Update PV domain cpumasks when setting -cpuid policy", Intel CPUID masks are applied after fast forwarding hardware -state, rather than before. (All behaviour in this regard appears completely -undocumented by both Intel and AMD). - -Therefore, a set bit in the MSR causes hardware to be fast-forwarded, while a -clear bit forces the guests view to 0, even if Xen's CR4.OSXSAVE is actually -set. - -This allows Xen to provide an architectural view of a guest kernels -CR4.OSXSAVE setting to any native CPUID instruction issused by guest kernel or -userspace, even when masking is used. - -The masking value defaults to 1 (if the guest has XSAVE available) to cause -fast-forwarding to occur for the HVM and idle vcpus. - -When setting the MSRs, a PV guest kernel's choice of OXSAVE is taken into -account, and clobbered from the MSR if not set. This causes the -fast-forwarding of Xen's CR4 state not to happen. - -As a side effect however, levelling potentially need updating on all PV CR4 -changes. - -Reported-by: Jan Beulich -Signed-off-by: Andrew Cooper -Reviewed-by: Jan Beulich - -# Commit 1461504ce3c414fc5dc717ce16f039d0742b455a -# Date 2016-09-02 08:12:29 +0200 -# Author Andrew Cooper -# Committer Jan Beulich -x86/levelling: fix breakage on older Intel boxes from c/s 08e7738 - -cpufeat_mask() yields an unsigned integer constant. As a result, taking its -complement causes zero extention rather than sign extention. - -The result is that, when a guest OS has OXSAVE disabled, all features in 1d -are hidden from native CPUID. Amongst other things, this causes the early -code in Linux to find no LAPIC, but for everything to appear fine later when -userspace is up and running. - -Signed-off-by: Andrew Cooper -Tested-by: Jan Beulich - ---- a/xen/arch/x86/cpu/amd.c -+++ b/xen/arch/x86/cpu/amd.c -@@ -211,6 +211,24 @@ static void amd_ctxt_switch_levelling(co - (nextd && is_pv_domain(nextd) && nextd->arch.pv_domain.cpuidmasks) - ? nextd->arch.pv_domain.cpuidmasks : &cpuidmask_defaults; - -+ if ((levelling_caps & LCAP_1cd) == LCAP_1cd) { -+ uint64_t val = masks->_1cd; -+ -+ /* -+ * OSXSAVE defaults to 1, which causes fast-forwarding of -+ * Xen's real setting. Clobber it if disabled by the guest -+ * kernel. -+ */ -+ if (next && is_pv_vcpu(next) && !is_idle_vcpu(next) && -+ !(next->arch.pv_vcpu.ctrlreg[4] & X86_CR4_OSXSAVE)) -+ val &= ~((uint64_t)cpufeat_mask(X86_FEATURE_OSXSAVE) << 32); -+ -+ if (unlikely(these_masks->_1cd != val)) { -+ wrmsr_amd(MSR_K8_FEATURE_MASK, val); -+ these_masks->_1cd = val; -+ } -+ } -+ - #define LAZY(cap, msr, field) \ - ({ \ - if (unlikely(these_masks->field != masks->field) && \ -@@ -221,7 +239,6 @@ static void amd_ctxt_switch_levelling(co - } \ - }) - -- LAZY(LCAP_1cd, MSR_K8_FEATURE_MASK, _1cd); - LAZY(LCAP_e1cd, MSR_K8_EXT_FEATURE_MASK, e1cd); - LAZY(LCAP_7ab0, MSR_AMD_L7S0_FEATURE_MASK, _7ab0); - LAZY(LCAP_6c, MSR_AMD_THRM_FEATURE_MASK, _6c); ---- a/xen/arch/x86/cpu/intel.c -+++ b/xen/arch/x86/cpu/intel.c -@@ -182,6 +182,24 @@ static void intel_ctxt_switch_levelling( - masks = (nextd && is_pv_domain(nextd) && nextd->arch.pv_domain.cpuidmasks) - ? nextd->arch.pv_domain.cpuidmasks : &cpuidmask_defaults; - -+ if (msr_basic) { -+ uint64_t val = masks->_1cd; -+ -+ /* -+ * OSXSAVE defaults to 1, which causes fast-forwarding of -+ * Xen's real setting. Clobber it if disabled by the guest -+ * kernel. -+ */ -+ if (next && is_pv_vcpu(next) && !is_idle_vcpu(next) && -+ !(next->arch.pv_vcpu.ctrlreg[4] & X86_CR4_OSXSAVE)) -+ val &= ~(uint64_t)cpufeat_mask(X86_FEATURE_OSXSAVE); -+ -+ if (unlikely(these_masks->_1cd != val)) { -+ wrmsrl(msr_basic, val); -+ these_masks->_1cd = val; -+ } -+ } -+ - #define LAZY(msr, field) \ - ({ \ - if (unlikely(these_masks->field != masks->field) && \ -@@ -192,7 +210,6 @@ static void intel_ctxt_switch_levelling( - } \ - }) - -- LAZY(msr_basic, _1cd); - LAZY(msr_ext, e1cd); - LAZY(msr_xsave, Da1); - -@@ -218,6 +235,11 @@ static void __init noinline intel_init_l - ecx &= opt_cpuid_mask_ecx; - edx &= opt_cpuid_mask_edx; - -+ /* Fast-forward bits - Must be set. */ -+ if (ecx & cpufeat_mask(X86_FEATURE_XSAVE)) -+ ecx |= cpufeat_mask(X86_FEATURE_OSXSAVE); -+ edx |= cpufeat_mask(X86_FEATURE_APIC); -+ - cpuidmask_defaults._1cd &= ((u64)edx << 32) | ecx; - } - ---- a/xen/arch/x86/domctl.c -+++ b/xen/arch/x86/domctl.c -@@ -110,10 +110,18 @@ static void update_domain_cpuid_info(str - case X86_VENDOR_INTEL: - /* - * Intel masking MSRs are documented as AND masks. -- * Experimentally, they are applied before OSXSAVE and APIC -+ * Experimentally, they are applied after OSXSAVE and APIC - * are fast-forwarded from real hardware state. - */ - mask &= ((uint64_t)edx << 32) | ecx; -+ -+ if ( ecx & cpufeat_mask(X86_FEATURE_XSAVE) ) -+ ecx = cpufeat_mask(X86_FEATURE_OSXSAVE); -+ else -+ ecx = 0; -+ edx = cpufeat_mask(X86_FEATURE_APIC); -+ -+ mask |= ((uint64_t)edx << 32) | ecx; - break; - - case X86_VENDOR_AMD: ---- a/xen/arch/x86/traps.c -+++ b/xen/arch/x86/traps.c -@@ -2696,6 +2696,7 @@ static int emulate_privileged_op(struct - case 4: /* Write CR4 */ - v->arch.pv_vcpu.ctrlreg[4] = pv_guest_cr4_fixup(v, *reg); - write_cr4(pv_guest_cr4_to_real_cr4(v)); -+ ctxt_switch_levelling(v); - break; - - default: diff --git a/57c82be2-x86-32on64-adjust-call-gate-emulation.patch b/57c82be2-x86-32on64-adjust-call-gate-emulation.patch deleted file mode 100644 index 08ffc46..0000000 --- a/57c82be2-x86-32on64-adjust-call-gate-emulation.patch +++ /dev/null @@ -1,48 +0,0 @@ -# Commit ee1cc4bfdca84d526805c4c72302c026f5e9cd94 -# Date 2016-09-01 15:23:46 +0200 -# Author Jan Beulich -# Committer Jan Beulich -x86/32on64: misc adjustments to call gate emulation - -- There's no 32-bit displacement in 16-bit addressing mode. -- It is wrong to ASSERT() anything on parts of an instruction fetched - from guest memory. -- The two scaling bits of a SIB byte don't affect whether there is a - scaled index register or not. - -Signed-off-by: Jan Beulich -Reviewed-by: Andrew Cooper - ---- a/xen/arch/x86/traps.c -+++ b/xen/arch/x86/traps.c -@@ -3176,7 +3176,7 @@ static void emulate_gate_op(struct cpu_u - sib = insn_fetch(u8, base, eip, limit); - - modrm = (modrm & ~7) | (sib & 7); -- if ( (sib >>= 3) != 4 ) -+ if ( ((sib >>= 3) & 7) != 4 ) - opnd_off = *(unsigned long *) - decode_register(sib & 7, regs, 0); - opnd_off <<= sib >> 3; -@@ -3236,7 +3236,10 @@ static void emulate_gate_op(struct cpu_u - opnd_off += insn_fetch(s8, base, eip, limit); - break; - case 0x80: -- opnd_off += insn_fetch(s32, base, eip, limit); -+ if ( ad_bytes > 2 ) -+ opnd_off += insn_fetch(s32, base, eip, limit); -+ else -+ opnd_off += insn_fetch(s16, base, eip, limit); - break; - } - if ( ad_bytes == 4 ) -@@ -3273,8 +3276,7 @@ static void emulate_gate_op(struct cpu_u - #define ad_default ad_bytes - opnd_sel = insn_fetch(u16, base, opnd_off, limit); - #undef ad_default -- ASSERT((opnd_sel & ~3) == regs->error_code); -- if ( dpl < (opnd_sel & 3) ) -+ if ( (opnd_sel & ~3) != regs->error_code || dpl < (opnd_sel & 3) ) - { - do_guest_trap(TRAP_gp_fault, regs, 1); - return; diff --git a/57c93e52-fix-error-in-libxl_device_usbdev_list.patch b/57c93e52-fix-error-in-libxl_device_usbdev_list.patch deleted file mode 100644 index 1c6edce..0000000 --- a/57c93e52-fix-error-in-libxl_device_usbdev_list.patch +++ /dev/null @@ -1,27 +0,0 @@ -References: bsc#989679 - -Subject: libxl: fix libxl_device_usbdev_list() -From: Juergen Gross jgross@suse.com Fri Sep 2 10:16:14 2016 +0200 -Date: Fri Sep 2 09:54:42 2016 +0100: -Git: 74157a2f9886b55cd45714e58c80035bfe3e080c - -Commit 03814de1d2ecdabedabceb8e728d934a632a43b9 ("libxl: Do not trust -frontend for vusb") introduced an error in libxl_device_usbdev_list(). -Fix it. - -Signed-off-by: Juergen Gross -Acked-by: Wei Liu - -Index: xen-4.7.0-testing/tools/libxl/libxl_pvusb.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_pvusb.c -+++ xen-4.7.0-testing/tools/libxl/libxl_pvusb.c -@@ -732,7 +732,7 @@ libxl_device_usbdev_list(libxl_ctx *ctx, - *num = 0; - - libxl_vusbs_path = GCSPRINTF("%s/device/vusb", -- libxl__xs_libxl_path(gc, !domid)); -+ libxl__xs_libxl_path(gc, domid)); - usbctrls = libxl__xs_directory(gc, XBT_NULL, libxl_vusbs_path, &nc); - - for (i = 0; i < nc; i++) { diff --git a/57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch b/57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch deleted file mode 100644 index 2492a12..0000000 --- a/57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch +++ /dev/null @@ -1,146 +0,0 @@ -References: bsc#991934 - -# Commit 9109bf55084398c4547b8956906410c158eb9a17 -# Date 2016-09-02 14:17:55 +0200 -# Author Dario Faggioli -# Committer Jan Beulich -credit1: fix a race when picking initial pCPU for a vCPU - -In the Credit1 hunk of 9f358ddd69463 ("xen: Have -schedulers revise initial placement") csched_cpu_pick() -is called without taking the runqueue lock of the -(temporary) pCPU that the vCPU has been assigned to -(e.g., in XEN_DOMCTL_max_vcpus). - -However, although 'hidden' in the IS_RUNQ_IDLE() macro, -that function does access the runq (for doing load -balancing calculations). Two scenarios are possible: - 1) we are on cpu X, and IS_RUNQ_IDLE() peeks at cpu's - X own runq; - 2) we are on cpu X, but IS_RUNQ_IDLE() peeks at some - other cpu's runq. - -Scenario 2) absolutely requies that the appropriate -runq lock is taken. Scenario 1) works even without -taking the cpu's own runq lock. That is actually what -happens when when _csched_pick_cpu() is called from -csched_vcpu_acct() (in turn, called by csched_tick()). - -Races have been observed and reported (by both XenServer -own testing and OSSTest [1]), in the form of -IS_RUNQ_IDLE() falling over LIST_POISON, because we're -not currently holding the proper lock, in -csched_vcpu_insert(), when scenario 1) occurs. - -However, for better robustness, from now on we always -ask for the proper runq lock to be held when calling -IS_RUNQ_IDLE() (which is also becoming a static inline -function instead of macro). - -In order to comply with that, we take the lock around -the call to _csched_cpu_pick() in csched_vcpu_acct(). - -[1] https://lists.xen.org/archives/html/xen-devel/2016-08/msg02144.html - -Reported-by: Andrew Cooper -Signed-off-by: Dario Faggioli -Reviewed-by: George Dunlap - ---- a/xen/common/sched_credit.c -+++ b/xen/common/sched_credit.c -@@ -84,9 +84,6 @@ - #define CSCHED_VCPU(_vcpu) ((struct csched_vcpu *) (_vcpu)->sched_priv) - #define CSCHED_DOM(_dom) ((struct csched_dom *) (_dom)->sched_priv) - #define RUNQ(_cpu) (&(CSCHED_PCPU(_cpu)->runq)) --/* Is the first element of _cpu's runq its idle vcpu? */ --#define IS_RUNQ_IDLE(_cpu) (list_empty(RUNQ(_cpu)) || \ -- is_idle_vcpu(__runq_elem(RUNQ(_cpu)->next)->vcpu)) - - - /* -@@ -248,6 +245,18 @@ __runq_elem(struct list_head *elem) - return list_entry(elem, struct csched_vcpu, runq_elem); - } - -+/* Is the first element of cpu's runq (if any) cpu's idle vcpu? */ -+static inline bool_t is_runq_idle(unsigned int cpu) -+{ -+ /* -+ * We're peeking at cpu's runq, we must hold the proper lock. -+ */ -+ ASSERT(spin_is_locked(per_cpu(schedule_data, cpu).schedule_lock)); -+ -+ return list_empty(RUNQ(cpu)) || -+ is_idle_vcpu(__runq_elem(RUNQ(cpu)->next)->vcpu); -+} -+ - static inline void - __runq_insert(struct csched_vcpu *svc) - { -@@ -767,7 +776,7 @@ _csched_cpu_pick(const struct scheduler - * runnable vcpu on cpu, we add cpu to the idlers. - */ - cpumask_and(&idlers, &cpu_online_map, CSCHED_PRIV(ops)->idlers); -- if ( vc->processor == cpu && IS_RUNQ_IDLE(cpu) ) -+ if ( vc->processor == cpu && is_runq_idle(cpu) ) - __cpumask_set_cpu(cpu, &idlers); - cpumask_and(&cpus, &cpus, &idlers); - -@@ -947,21 +956,33 @@ csched_vcpu_acct(struct csched_private * - /* - * Put this VCPU and domain back on the active list if it was - * idling. -- * -- * If it's been active a while, check if we'd be better off -- * migrating it to run elsewhere (see multi-core and multi-thread -- * support in csched_cpu_pick()). - */ - if ( list_empty(&svc->active_vcpu_elem) ) - { - __csched_vcpu_acct_start(prv, svc); - } -- else if ( _csched_cpu_pick(ops, current, 0) != cpu ) -+ else - { -- SCHED_VCPU_STAT_CRANK(svc, migrate_r); -- SCHED_STAT_CRANK(migrate_running); -- set_bit(_VPF_migrating, ¤t->pause_flags); -- cpu_raise_softirq(cpu, SCHEDULE_SOFTIRQ); -+ unsigned int new_cpu; -+ unsigned long flags; -+ spinlock_t *lock = vcpu_schedule_lock_irqsave(current, &flags); -+ -+ /* -+ * If it's been active a while, check if we'd be better off -+ * migrating it to run elsewhere (see multi-core and multi-thread -+ * support in csched_cpu_pick()). -+ */ -+ new_cpu = _csched_cpu_pick(ops, current, 0); -+ -+ vcpu_schedule_unlock_irqrestore(lock, flags, current); -+ -+ if ( new_cpu != cpu ) -+ { -+ SCHED_VCPU_STAT_CRANK(svc, migrate_r); -+ SCHED_STAT_CRANK(migrate_running); -+ set_bit(_VPF_migrating, ¤t->pause_flags); -+ cpu_raise_softirq(cpu, SCHEDULE_SOFTIRQ); -+ } - } - } - -@@ -994,9 +1015,13 @@ csched_vcpu_insert(const struct schedule - - BUG_ON( is_idle_vcpu(vc) ); - -- /* This is safe because vc isn't yet being scheduled */ -+ /* csched_cpu_pick() looks in vc->processor's runq, so we need the lock. */ -+ lock = vcpu_schedule_lock_irq(vc); -+ - vc->processor = csched_cpu_pick(ops, vc); - -+ spin_unlock_irq(lock); -+ - lock = vcpu_schedule_lock_irq(vc); - - if ( !__vcpu_on_runq(svc) && vcpu_runnable(vc) && !vc->is_running ) diff --git a/57c96e2c-x86-correct-PT_NOTE-file-position.patch b/57c96e2c-x86-correct-PT_NOTE-file-position.patch deleted file mode 100644 index 765e4e3..0000000 --- a/57c96e2c-x86-correct-PT_NOTE-file-position.patch +++ /dev/null @@ -1,25 +0,0 @@ -# Commit f8f185dc4359a1cd8e7896dfbcacb54b473436c8 -# Date 2016-09-02 14:18:52 +0200 -# Author Jan Beulich -# Committer Jan Beulich -x86: correct PT_NOTE file position - -Program and section headers disagreed about the file offset at which -the build ID note lives. - -Reported-by: Sylvain Munaut -Signed-off-by: Jan Beulich -Reviewed-by: Konrad Rzeszutek Wilk -Reviewed-by: Andrew Cooper - ---- a/xen/arch/x86/boot/mkelf32.c -+++ b/xen/arch/x86/boot/mkelf32.c -@@ -394,7 +394,7 @@ int main(int argc, char **argv) - note_phdr.p_paddr = note_base; - note_phdr.p_filesz = note_sz; - note_phdr.p_memsz = note_sz; -- note_phdr.p_offset = offset; -+ note_phdr.p_offset = RAW_OFFSET + offset; - - /* Tack on the .note\0 */ - out_shdr[2].sh_size += sizeof(out_shstrtab_extra); diff --git a/57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch b/57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch deleted file mode 100644 index 2770441..0000000 --- a/57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch +++ /dev/null @@ -1,146 +0,0 @@ -# Commit 68eb1a4d92be58e26bd11d02b8e0317bd56294ac -# Date 2016-09-07 12:34:43 +0200 -# Author Jan Beulich -# Committer Jan Beulich -VMX: correct feature checks for MPX and XSAVES - -Their VMCS fields aren't tied to the respective base CPU feature flags -but instead to VMX specific ones. - -Note that while the VMCS GUEST_BNDCFGS field exists if either of the -two respective features is available, MPX continues to get exposed to -guests only with both features present. - -Also add the so far missing handling of -- GUEST_BNDCFGS in construct_vmcs() -- MSR_IA32_BNDCFGS in vmx_msr_{read,write}_intercept() -and mirror the extra correctness checks during MSR write to -vmx_load_msr(). - -Reported-by: "Rockosov, Dmitry" -Signed-off-by: Jan Beulich -Tested-by: "Rockosov, Dmitry" -Reviewed-by: Andrew Cooper - ---- a/xen/arch/x86/cpuid.c -+++ b/xen/arch/x86/cpuid.c -@@ -168,8 +168,7 @@ static void __init calculate_hvm_feature - */ - if ( cpu_has_vmx ) - { -- if ( !(vmx_vmexit_control & VM_EXIT_CLEAR_BNDCFGS) || -- !(vmx_vmentry_control & VM_ENTRY_LOAD_BNDCFGS) ) -+ if ( !cpu_has_vmx_mpx ) - __clear_bit(X86_FEATURE_MPX, hvm_featureset); - - if ( !cpu_has_vmx_xsaves ) ---- a/xen/arch/x86/hvm/vmx/vmcs.c -+++ b/xen/arch/x86/hvm/vmx/vmcs.c -@@ -1281,6 +1281,8 @@ static int construct_vmcs(struct vcpu *v - __vmwrite(HOST_PAT, host_pat); - __vmwrite(GUEST_PAT, guest_pat); - } -+ if ( cpu_has_vmx_mpx ) -+ __vmwrite(GUEST_BNDCFGS, 0); - if ( cpu_has_vmx_xsaves ) - __vmwrite(XSS_EXIT_BITMAP, 0); - ---- a/xen/arch/x86/hvm/vmx/vmx.c -+++ b/xen/arch/x86/hvm/vmx/vmx.c -@@ -786,14 +786,15 @@ static int vmx_load_vmcs_ctxt(struct vcp - - static unsigned int __init vmx_init_msr(void) - { -- return !!cpu_has_mpx + !!cpu_has_xsaves; -+ return (cpu_has_mpx && cpu_has_vmx_mpx) + -+ (cpu_has_xsaves && cpu_has_vmx_xsaves); - } - - static void vmx_save_msr(struct vcpu *v, struct hvm_msr *ctxt) - { - vmx_vmcs_enter(v); - -- if ( cpu_has_mpx ) -+ if ( cpu_has_mpx && cpu_has_vmx_mpx ) - { - __vmread(GUEST_BNDCFGS, &ctxt->msr[ctxt->count].val); - if ( ctxt->msr[ctxt->count].val ) -@@ -802,7 +803,7 @@ static void vmx_save_msr(struct vcpu *v, - - vmx_vmcs_exit(v); - -- if ( cpu_has_xsaves ) -+ if ( cpu_has_xsaves && cpu_has_vmx_xsaves ) - { - ctxt->msr[ctxt->count].val = v->arch.hvm_vcpu.msr_xss; - if ( ctxt->msr[ctxt->count].val ) -@@ -822,13 +823,15 @@ static int vmx_load_msr(struct vcpu *v, - switch ( ctxt->msr[i].index ) - { - case MSR_IA32_BNDCFGS: -- if ( cpu_has_mpx ) -+ if ( cpu_has_mpx && cpu_has_vmx_mpx && -+ is_canonical_address(ctxt->msr[i].val) && -+ !(ctxt->msr[i].val & IA32_BNDCFGS_RESERVED) ) - __vmwrite(GUEST_BNDCFGS, ctxt->msr[i].val); - else if ( ctxt->msr[i].val ) - err = -ENXIO; - break; - case MSR_IA32_XSS: -- if ( cpu_has_xsaves ) -+ if ( cpu_has_xsaves && cpu_has_vmx_xsaves ) - v->arch.hvm_vcpu.msr_xss = ctxt->msr[i].val; - else - err = -ENXIO; -@@ -2640,6 +2643,11 @@ static int vmx_msr_read_intercept(unsign - case MSR_IA32_DEBUGCTLMSR: - __vmread(GUEST_IA32_DEBUGCTL, msr_content); - break; -+ case MSR_IA32_BNDCFGS: -+ if ( !cpu_has_mpx || !cpu_has_vmx_mpx ) -+ goto gp_fault; -+ __vmread(GUEST_BNDCFGS, msr_content); -+ break; - case IA32_FEATURE_CONTROL_MSR: - case MSR_IA32_VMX_BASIC...MSR_IA32_VMX_VMFUNC: - if ( !nvmx_msr_read_intercept(msr, msr_content) ) -@@ -2866,6 +2874,13 @@ static int vmx_msr_write_intercept(unsig - - break; - } -+ case MSR_IA32_BNDCFGS: -+ if ( !cpu_has_mpx || !cpu_has_vmx_mpx || -+ !is_canonical_address(msr_content) || -+ (msr_content & IA32_BNDCFGS_RESERVED) ) -+ goto gp_fault; -+ __vmwrite(GUEST_BNDCFGS, msr_content); -+ break; - case IA32_FEATURE_CONTROL_MSR: - case MSR_IA32_VMX_BASIC...MSR_IA32_VMX_TRUE_ENTRY_CTLS: - if ( !nvmx_msr_write_intercept(msr, msr_content) ) ---- a/xen/include/asm-x86/hvm/vmx/vmcs.h -+++ b/xen/include/asm-x86/hvm/vmx/vmcs.h -@@ -375,6 +375,9 @@ extern u64 vmx_ept_vpid_cap; - (vmx_secondary_exec_control & SECONDARY_EXEC_ENABLE_VIRT_EXCEPTIONS) - #define cpu_has_vmx_pml \ - (vmx_secondary_exec_control & SECONDARY_EXEC_ENABLE_PML) -+#define cpu_has_vmx_mpx \ -+ ((vmx_vmexit_control & VM_EXIT_CLEAR_BNDCFGS) && \ -+ (vmx_vmentry_control & VM_ENTRY_LOAD_BNDCFGS)) - #define cpu_has_vmx_xsaves \ - (vmx_secondary_exec_control & SECONDARY_EXEC_XSAVES) - #define cpu_has_vmx_tsc_scaling \ ---- a/xen/include/asm-x86/msr-index.h -+++ b/xen/include/asm-x86/msr-index.h -@@ -56,7 +56,10 @@ - #define MSR_IA32_DS_AREA 0x00000600 - #define MSR_IA32_PERF_CAPABILITIES 0x00000345 - --#define MSR_IA32_BNDCFGS 0x00000D90 -+#define MSR_IA32_BNDCFGS 0x00000d90 -+#define IA32_BNDCFGS_ENABLE 0x00000001 -+#define IA32_BNDCFGS_PRESERVE 0x00000002 -+#define IA32_BNDCFGS_RESERVED 0x00000ffc - - #define MSR_IA32_XSS 0x00000da0 - diff --git a/57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch b/57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch deleted file mode 100644 index 4eb32e7..0000000 --- a/57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch +++ /dev/null @@ -1,33 +0,0 @@ -References: bsc#995785 CVE-2016-7092 XSA-185 - -# Commit c844d637d92a75854ea5c8d4e5ca34302a9f623c -# Date 2016-09-08 14:14:53 +0200 -# Author Jan Beulich -# Committer Jan Beulich -x86/32on64: don't allow recursive page tables from L3 - -L3 entries are special in PAE mode, and hence can't reasonably be used -for setting up recursive (and hence linear) page table mappings. Since -abuse is possible when the guest in fact gets run on 4-level page -tables, this needs to be excluded explicitly. - -This is XSA-185 / CVE-2016-7092. - -Reported-by: Jérémie Boutoille -Reported-by: "栾尚聪(好风)" -Signed-off-by: Jan Beulich -Reviewed-by: Andrew Cooper - ---- a/xen/arch/x86/mm.c -+++ b/xen/arch/x86/mm.c -@@ -1123,7 +1123,9 @@ get_page_from_l3e( - - rc = get_page_and_type_from_pagenr( - l3e_get_pfn(l3e), PGT_l2_page_table, d, partial, 1); -- if ( unlikely(rc == -EINVAL) && get_l3_linear_pagetable(l3e, pfn, d) ) -+ if ( unlikely(rc == -EINVAL) && -+ !is_pv_32bit_domain(d) && -+ get_l3_linear_pagetable(l3e, pfn, d) ) - rc = 0; - - return rc; diff --git a/57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch b/57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch deleted file mode 100644 index 0bcb0da..0000000 --- a/57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch +++ /dev/null @@ -1,67 +0,0 @@ -References: bsc#995789 CVE-2016-7093 XSA-186 - -# Commit e9575f980df81aeb0e5b6139f485fd6f7bb7f5b6 -# Date 2016-09-08 14:15:53 +0200 -# Author Andrew Cooper -# Committer Jan Beulich -x86/emulate: Correct boundary interactions of emulated instructions - -This reverts most of c/s 0640ffb6 "x86emul: fix rIP handling". - -Experimentally, in long mode processors will execute an instruction stream -which crosses the 64bit -1 -> 0 virtual boundary, whether the instruction -boundary is aligned on the virtual boundary, or is misaligned. - -In compatibility mode, Intel processors will execute an instruction stream -which crosses the 32bit -1 -> 0 virtual boundary, while AMD processors raise a -segmentation fault. Xen's segmentation behaviour matches AMD. - -For 16bit code, hardware does not ever truncated %ip. %eip is always used and -behaves normally as a 32bit register, including in 16bit protected mode -segments, as well as in Real and Unreal mode. - -This is XSA-186 / CVE-2016-7093. - -Reported-by: Brian Marcotte -Signed-off-by: Andrew Cooper -Reviewed-by: Jan Beulich - ---- a/xen/arch/x86/x86_emulate/x86_emulate.c -+++ b/xen/arch/x86/x86_emulate/x86_emulate.c -@@ -1538,10 +1538,6 @@ x86_emulate( - #endif - } - -- /* Truncate rIP to def_ad_bytes (2 or 4) if necessary. */ -- if ( def_ad_bytes < sizeof(_regs.eip) ) -- _regs.eip &= (1UL << (def_ad_bytes * 8)) - 1; -- - /* Prefix bytes. */ - for ( ; ; ) - { -@@ -3843,21 +3839,11 @@ x86_emulate( - - /* Commit shadow register state. */ - _regs.eflags &= ~EFLG_RF; -- switch ( __builtin_expect(def_ad_bytes, sizeof(_regs.eip)) ) -- { -- uint16_t ip; - -- case 2: -- ip = _regs.eip; -- _regs.eip = ctxt->regs->eip; -- *(uint16_t *)&_regs.eip = ip; -- break; --#ifdef __x86_64__ -- case 4: -- _regs.rip = _regs._eip; -- break; --#endif -- } -+ /* Zero the upper 32 bits of %rip if not in long mode. */ -+ if ( def_ad_bytes < sizeof(_regs.eip) ) -+ _regs.eip = (uint32_t)_regs.eip; -+ - *ctxt->regs = _regs; - - done: diff --git a/57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch b/57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch deleted file mode 100644 index 6f8e8fe..0000000 --- a/57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch +++ /dev/null @@ -1,47 +0,0 @@ -References: bsc#995792 CVE-2016-7094 XSA-187 - -# Commit a9f3b3bad17d91e2067fc00d51b0302349570d08 -# Date 2016-09-08 14:16:26 +0200 -# Author Andrew Cooper -# Committer Jan Beulich -x86/shadow: Avoid overflowing sh_ctxt->seg_reg[] - -hvm_get_seg_reg() does not perform a range check on its input segment, calls -hvm_get_segment_register() and writes straight into sh_ctxt->seg_reg[]. - -x86_seg_none is outside the bounds of sh_ctxt->seg_reg[], and will hit a BUG() -in {vmx,svm}_get_segment_register(). - -HVM guests running with shadow paging can end up performing a virtual to -linear translation with x86_seg_none. This is used for addresses which are -already linear. However, none of this is a legitimate pagetable update, so -fail the emulation in such a case. - -This is XSA-187 / CVE-2016-7094. - -Reported-by: Andrew Cooper -Signed-off-by: Andrew Cooper -Reviewed-by: Tim Deegan - ---- a/xen/arch/x86/mm/shadow/common.c -+++ b/xen/arch/x86/mm/shadow/common.c -@@ -140,9 +140,18 @@ static int hvm_translate_linear_addr( - struct sh_emulate_ctxt *sh_ctxt, - unsigned long *paddr) - { -- struct segment_register *reg = hvm_get_seg_reg(seg, sh_ctxt); -+ struct segment_register *reg; - int okay; - -+ /* -+ * Can arrive here with non-user segments. However, no such cirucmstance -+ * is part of a legitimate pagetable update, so fail the emulation. -+ */ -+ if ( !is_x86_user_segment(seg) ) -+ return X86EMUL_UNHANDLEABLE; -+ -+ reg = hvm_get_seg_reg(seg, sh_ctxt); -+ - okay = hvm_virtual_to_linear_addr( - seg, reg, offset, bytes, access_type, sh_ctxt->ctxt.addr_size, paddr); - diff --git a/57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch b/57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch deleted file mode 100644 index 9ad283b..0000000 --- a/57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch +++ /dev/null @@ -1,32 +0,0 @@ -References: bsc#995789 - -# Commit 7b5cee79dad24e7006059667b02bd7de685d8ee5 -# Date 2016-09-08 16:39:46 +0100 -# Author Andrew Cooper -# Committer Andrew Cooper -hvm/fep: Allow testing of instructions crossing the -1 -> 0 virtual boundary - -The Force Emulation Prefix is named to follow its PV counterpart for cpuid or -rdtsc, but isn't really an instruction prefix. It behaves as a break-out into -Xen, with the purpose of emulating the next instruction in the current state. - -It is important to be able to test legal situations which occur in real -hardware, including instruction which cross certain boundaries, and -instructions starting at 0. - -Signed-off-by: Andrew Cooper -Reviewed-by: Jan Beulich - ---- a/xen/arch/x86/hvm/hvm.c -+++ b/xen/arch/x86/hvm/hvm.c -@@ -3905,6 +3905,10 @@ void hvm_ud_intercept(struct cpu_user_re - { - regs->eip += sizeof(sig); - regs->eflags &= ~X86_EFLAGS_RF; -+ -+ /* Zero the upper 32 bits of %rip if not in long mode. */ -+ if ( !(hvm_long_mode_enabled(cur) && cs.attr.fields.l) ) -+ regs->eip = regs->_eip; - } - } - diff --git a/57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch b/57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch deleted file mode 100644 index 03b4fec..0000000 --- a/57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch +++ /dev/null @@ -1,203 +0,0 @@ -References: bsc#995792 - -# Commit 4fa0105d95be6e7145a1f6fd1036ccd43976228c -# Date 2016-09-08 16:39:46 +0100 -# Author Andrew Cooper -# Committer Andrew Cooper -x86/segment: Bounds check accesses to emulation ctxt->seg_reg[] - -HVM HAP codepaths have space for all segment registers in the seg_reg[] -cache (with x86_seg_none still risking an array overrun), while the shadow -codepaths only have space for the user segments. - -Range check the input segment of *_get_seg_reg() against the size of the array -used to cache the results, to avoid overruns in the case that the callers -don't filter their input suitably. - -Subsume the is_x86_user_segment(seg) checks from the shadow code, which were -an incomplete attempt at range checking, and are now superceeded. Make -hvm_get_seg_reg() static, as it is not used outside of shadow/common.c - -No functional change, but far easier to reason that no overflow is possible. - -Reported-by: Andrew Cooper -Signed-off-by: Andrew Cooper -Acked-by: Tim Deegan -Acked-by: Jan Beulich - -# Commit 4c47c47938ea24c73d9459f9f0b6923513772b5d -# Date 2016-09-09 15:31:01 +0100 -# Author Andrew Cooper -# Committer Andrew Cooper -xen/x86: Fix build with clang following c/s 4fa0105 - -https://travis-ci.org/xen-project/xen/jobs/158494027#L2344 - -Clang complains: - - emulate.c:2016:14: error: comparison of unsigned enum expression < 0 - is always false [-Werror,-Wtautological-compare] - if ( seg < 0 || seg >= ARRAY_SIZE(hvmemul_ctxt->seg_reg) ) - ~~~ ^ ~ - -Clang is wrong to raise a warning like this. The signed-ness of an enum is -implementation defined in C, and robust code must not assume the choices made -by the compiler. - -In this case, dropping the < 0 check creates a latent bug which would result -in an array underflow when compiled with a compiler which chooses a signed -enum. - -Work around the bug by explicitly pulling seg into an unsigned integer, and -only perform the upper bounds check. - -No functional change. - -Signed-off-by: Andrew Cooper -Reviewed-by: Jan Beulich -Reviewed-by: George Dunlap - ---- a/xen/arch/x86/hvm/emulate.c -+++ b/xen/arch/x86/hvm/emulate.c -@@ -534,6 +534,8 @@ static int hvmemul_virtual_to_linear( - *reps = min_t(unsigned long, *reps, max_reps); - - reg = hvmemul_get_seg_reg(seg, hvmemul_ctxt); -+ if ( IS_ERR(reg) ) -+ return -PTR_ERR(reg); - - if ( (hvmemul_ctxt->ctxt.regs->eflags & X86_EFLAGS_DF) && (*reps > 1) ) - { -@@ -1369,6 +1371,10 @@ static int hvmemul_read_segment( - struct hvm_emulate_ctxt *hvmemul_ctxt = - container_of(ctxt, struct hvm_emulate_ctxt, ctxt); - struct segment_register *sreg = hvmemul_get_seg_reg(seg, hvmemul_ctxt); -+ -+ if ( IS_ERR(sreg) ) -+ return -PTR_ERR(sreg); -+ - memcpy(reg, sreg, sizeof(struct segment_register)); - return X86EMUL_OKAY; - } -@@ -1382,6 +1388,9 @@ static int hvmemul_write_segment( - container_of(ctxt, struct hvm_emulate_ctxt, ctxt); - struct segment_register *sreg = hvmemul_get_seg_reg(seg, hvmemul_ctxt); - -+ if ( IS_ERR(sreg) ) -+ return -PTR_ERR(sreg); -+ - memcpy(sreg, reg, sizeof(struct segment_register)); - __set_bit(seg, &hvmemul_ctxt->seg_reg_dirty); - -@@ -1934,13 +1943,22 @@ void hvm_emulate_writeback( - } - } - -+/* -+ * Callers which pass a known in-range x86_segment can rely on the return -+ * pointer being valid. Other callers must explicitly check for errors. -+ */ - struct segment_register *hvmemul_get_seg_reg( - enum x86_segment seg, - struct hvm_emulate_ctxt *hvmemul_ctxt) - { -- if ( !__test_and_set_bit(seg, &hvmemul_ctxt->seg_reg_accessed) ) -- hvm_get_segment_register(current, seg, &hvmemul_ctxt->seg_reg[seg]); -- return &hvmemul_ctxt->seg_reg[seg]; -+ unsigned int idx = seg; -+ -+ if ( idx >= ARRAY_SIZE(hvmemul_ctxt->seg_reg) ) -+ return ERR_PTR(-X86EMUL_UNHANDLEABLE); -+ -+ if ( !__test_and_set_bit(idx, &hvmemul_ctxt->seg_reg_accessed) ) -+ hvm_get_segment_register(current, idx, &hvmemul_ctxt->seg_reg[idx]); -+ return &hvmemul_ctxt->seg_reg[idx]; - } - - static const char *guest_x86_mode_to_str(int mode) ---- a/xen/arch/x86/mm/shadow/common.c -+++ b/xen/arch/x86/mm/shadow/common.c -@@ -123,12 +123,22 @@ __initcall(shadow_audit_key_init); - /* x86 emulator support for the shadow code - */ - --struct segment_register *hvm_get_seg_reg( -+/* -+ * Callers which pass a known in-range x86_segment can rely on the return -+ * pointer being valid. Other callers must explicitly check for errors. -+ */ -+static struct segment_register *hvm_get_seg_reg( - enum x86_segment seg, struct sh_emulate_ctxt *sh_ctxt) - { -- struct segment_register *seg_reg = &sh_ctxt->seg_reg[seg]; -- if ( !__test_and_set_bit(seg, &sh_ctxt->valid_seg_regs) ) -- hvm_get_segment_register(current, seg, seg_reg); -+ unsigned int idx = seg; -+ struct segment_register *seg_reg; -+ -+ if ( idx >= ARRAY_SIZE(sh_ctxt->seg_reg) ) -+ return ERR_PTR(-X86EMUL_UNHANDLEABLE); -+ -+ seg_reg = &sh_ctxt->seg_reg[idx]; -+ if ( !__test_and_set_bit(idx, &sh_ctxt->valid_seg_regs) ) -+ hvm_get_segment_register(current, idx, seg_reg); - return seg_reg; - } - -@@ -143,14 +153,9 @@ static int hvm_translate_linear_addr( - struct segment_register *reg; - int okay; - -- /* -- * Can arrive here with non-user segments. However, no such cirucmstance -- * is part of a legitimate pagetable update, so fail the emulation. -- */ -- if ( !is_x86_user_segment(seg) ) -- return X86EMUL_UNHANDLEABLE; -- - reg = hvm_get_seg_reg(seg, sh_ctxt); -+ if ( IS_ERR(reg) ) -+ return -PTR_ERR(reg); - - okay = hvm_virtual_to_linear_addr( - seg, reg, offset, bytes, access_type, sh_ctxt->ctxt.addr_size, paddr); -@@ -253,9 +258,6 @@ hvm_emulate_write(enum x86_segment seg, - unsigned long addr; - int rc; - -- if ( !is_x86_user_segment(seg) ) -- return X86EMUL_UNHANDLEABLE; -- - /* How many emulations could we save if we unshadowed on stack writes? */ - if ( seg == x86_seg_ss ) - perfc_incr(shadow_fault_emulate_stack); -@@ -283,7 +285,7 @@ hvm_emulate_cmpxchg(enum x86_segment seg - unsigned long addr, old, new; - int rc; - -- if ( !is_x86_user_segment(seg) || bytes > sizeof(long) ) -+ if ( bytes > sizeof(long) ) - return X86EMUL_UNHANDLEABLE; - - rc = hvm_translate_linear_addr( ---- a/xen/arch/x86/mm/shadow/private.h -+++ b/xen/arch/x86/mm/shadow/private.h -@@ -740,8 +740,6 @@ const struct x86_emulate_ops *shadow_ini - struct sh_emulate_ctxt *sh_ctxt, struct cpu_user_regs *regs); - void shadow_continue_emulation( - struct sh_emulate_ctxt *sh_ctxt, struct cpu_user_regs *regs); --struct segment_register *hvm_get_seg_reg( -- enum x86_segment seg, struct sh_emulate_ctxt *sh_ctxt); - - #if (SHADOW_OPTIMIZATIONS & SHOPT_VIRTUAL_TLB) - /**************************************************************************/ ---- a/xen/include/asm-x86/hvm/emulate.h -+++ b/xen/include/asm-x86/hvm/emulate.h -@@ -13,6 +13,7 @@ - #define __ASM_X86_HVM_EMULATE_H__ - - #include -+#include - #include - #include - diff --git a/CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch b/CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch deleted file mode 100644 index 12a942e..0000000 --- a/CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch +++ /dev/null @@ -1,49 +0,0 @@ -References: bsc#964644 CVE-2013-4533 - -Subject: pxa2xx: avoid buffer overrun on incoming migration -From: Michael S. Tsirkin mst@redhat.com Thu Apr 3 19:51:57 2014 +0300 -Date: Mon May 5 22:15:02 2014 +0200: -Git: caa881abe0e01f9931125a0977ec33c5343e4aa7 - -CVE-2013-4533 - -s->rx_level is read from the wire and used to determine how many bytes -to subsequently read into s->rx_fifo[]. If s->rx_level exceeds the -length of s->rx_fifo[] the buffer can be overrun with arbitrary data -from the wire. - -Fix this by validating rx_level against the size of s->rx_fifo. - -Cc: Don Koch -Reported-by: Michael Roth -Signed-off-by: Michael S. Tsirkin -Reviewed-by: Peter Maydell -Reviewed-by: Don Koch -Signed-off-by: Juan Quintela - -Index: xen-4.6.0-testing/tools/qemu-xen-traditional-dir-remote/hw/pxa2xx.c -=================================================================== ---- xen-4.6.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/pxa2xx.c -+++ xen-4.6.0-testing/tools/qemu-xen-traditional-dir-remote/hw/pxa2xx.c -@@ -847,7 +847,7 @@ static void pxa2xx_ssp_save(QEMUFile *f, - static int pxa2xx_ssp_load(QEMUFile *f, void *opaque, int version_id) - { - struct pxa2xx_ssp_s *s = (struct pxa2xx_ssp_s *) opaque; -- int i; -+ int i, v; - - s->enable = qemu_get_be32(f); - -@@ -861,7 +861,11 @@ static int pxa2xx_ssp_load(QEMUFile *f, - qemu_get_8s(f, &s->ssrsa); - qemu_get_8s(f, &s->ssacd); - -- s->rx_level = qemu_get_byte(f); -+ v = qemu_get_byte(f); -+ if (v < 0 || v > ARRAY_SIZE(s->rx_fifo)) { -+ return -EINVAL; -+ } -+ s->rx_level = v; - s->rx_start = 0; - for (i = 0; i < s->rx_level; i ++) - s->rx_fifo[i] = qemu_get_byte(f); diff --git a/CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch b/CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch deleted file mode 100644 index ec9761a..0000000 --- a/CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch +++ /dev/null @@ -1,56 +0,0 @@ -References: bsc#964452 CVE-2013-4534 - -Subject: openpic: avoid buffer overrun on incoming migration -From: Michael Roth mdroth@linux.vnet.ibm.com Mon Apr 28 16:08:17 2014 +0300 -Date: Mon May 5 22:15:03 2014 +0200: -Git: 73d963c0a75cb99c6aaa3f6f25e427aa0b35a02e - -CVE-2013-4534 - -opp->nb_cpus is read from the wire and used to determine how many -IRQDest elements to read into opp->dst[]. If the value exceeds the -length of opp->dst[], MAX_CPU, opp->dst[] can be overrun with arbitrary -data from the wire. - -Fix this by failing migration if the value read from the wire exceeds -MAX_CPU. - -Signed-off-by: Michael Roth -Reviewed-by: Alexander Graf -Signed-off-by: Michael S. Tsirkin -Signed-off-by: Juan Quintela - -Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/openpic.c -=================================================================== ---- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/openpic.c -+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/openpic.c -@@ -36,6 +36,7 @@ - #include "ppc_mac.h" - #include "pci.h" - #include "openpic.h" -+#include "qemu/qerror.h" - - //#define DEBUG_OPENPIC - -@@ -1132,7 +1133,7 @@ static void openpic_load_IRQ_queue(QEMUF - static int openpic_load(QEMUFile* f, void *opaque, int version_id) - { - openpic_t *opp = (openpic_t *)opaque; -- unsigned int i; -+ unsigned int i, nb_cpus; - - if (version_id != 1) - return -EINVAL; -@@ -1153,7 +1154,11 @@ static int openpic_load(QEMUFile* f, voi - qemu_get_sbe32s(f, &opp->src[i].pending); - } - -- qemu_get_sbe32s(f, &opp->nb_cpus); -+ qemu_get_be32s(f, &nb_cpus); -+ if (opp->nb_cpus != nb_cpus) { -+ return -EINVAL; -+ } -+ assert(nb_cpus > 0 && nb_cpus <= MAX_CPU); - - for (i = 0; i < opp->nb_cpus; i++) { - qemu_get_be32s(f, &opp->dst[i].tfrr); diff --git a/CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch b/CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch deleted file mode 100644 index eb266aa..0000000 --- a/CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch +++ /dev/null @@ -1,39 +0,0 @@ -References: bsc#962642 CVE-2013-4537 - -Subject: ssi-sd: fix buffer overrun on invalid state load -From: Michael S. Tsirkin mst@redhat.com Mon Apr 28 16:08:14 2014 +0300 -Date: Mon May 5 22:15:03 2014 +0200: -Git: a9c380db3b8c6af19546a68145c8d1438a09c92b - -CVE-2013-4537 - -s->arglen is taken from wire and used as idx -in ssi_sd_transfer(). - -Validate it before access. - -Signed-off-by: Michael S. Tsirkin -Signed-off-by: Juan Quintela - -Index: xen-4.6.0-testing/tools/qemu-xen-traditional-dir-remote/hw/ssi-sd.c -=================================================================== ---- xen-4.6.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/ssi-sd.c -+++ xen-4.6.0-testing/tools/qemu-xen-traditional-dir-remote/hw/ssi-sd.c -@@ -221,8 +221,17 @@ static int ssi_sd_load(QEMUFile *f, void - for (i = 0; i < 5; i++) - s->response[i] = qemu_get_be32(f); - s->arglen = qemu_get_be32(f); -+ if (s->mode == SSI_SD_CMDARG && -+ (s->arglen < 0 || s->arglen >= ARRAY_SIZE(s->cmdarg))) { -+ return -EINVAL; -+ } - s->response_pos = qemu_get_be32(f); - s->stopping = qemu_get_be32(f); -+ if (s->mode == SSI_SD_RESPONSE && -+ (s->response_pos < 0 || s->response_pos >= ARRAY_SIZE(s->response) || -+ (!s->stopping && s->arglen > ARRAY_SIZE(s->response)))) { -+ return -EINVAL; -+ } - - return 0; - } diff --git a/CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch b/CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch deleted file mode 100644 index 73fb2b8..0000000 --- a/CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch +++ /dev/null @@ -1,28 +0,0 @@ -References: bsc#962335 CVE-2013-4538 - -s->cmd_len used as index in ssd0323_transfer() to store 32-bit field. -Possible this field might then be supplied by guest to overwrite a -return addr somewhere. Same for row/col fields, which are indicies into -framebuffer array. - -To fix validate after load. - -Signed-off-by: Michael S. Tsirkin ---- - hw/display/ssd0323.c | 3 +++ - 1 file changed, 3 insertions(+) - -Index: xen-4.6.0-testing/tools/qemu-xen-traditional-dir-remote/hw/ssd0323.c -=================================================================== ---- xen-4.6.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/ssd0323.c -+++ xen-4.6.0-testing/tools/qemu-xen-traditional-dir-remote/hw/ssd0323.c -@@ -304,6 +304,9 @@ static int ssd0323_load(QEMUFile *f, voi - return -EINVAL; - - s->cmd_len = qemu_get_be32(f); -+ if (s->cmd_len < 0 || s->cmd_len > ARRAY_SIZE(s->cmd_data)) { -+ return -EINVAL; -+ } - s->cmd = qemu_get_be32(f); - for (i = 0; i < 8; i++) - s->cmd_data[i] = qemu_get_be32(f); diff --git a/CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch b/CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch deleted file mode 100644 index 3f98e9d..0000000 --- a/CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch +++ /dev/null @@ -1,43 +0,0 @@ -Subject: tsc210x: fix buffer overrun on invalid state load -From: Michael S. Tsirkin mst@redhat.com Thu Apr 3 19:52:09 2014 +0300 -Date: Mon May 5 22:15:02 2014 +0200: -Git: 5193be3be35f29a35bc465036cd64ad60d43385f - -CVE-2013-4539 - -s->precision, nextprecision, function and nextfunction -come from wire and are used -as idx into resolution[] in TSC_CUT_RESOLUTION. - -Validate after load to avoid buffer overrun. - -Cc: Andreas Färber -Signed-off-by: Michael S. Tsirkin -Signed-off-by: Juan Quintela - -Index: xen-4.6.0-testing/tools/qemu-xen-traditional-dir-remote/hw/tsc210x.c -=================================================================== ---- xen-4.6.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/tsc210x.c -+++ xen-4.6.0-testing/tools/qemu-xen-traditional-dir-remote/hw/tsc210x.c -@@ -1077,9 +1077,21 @@ static int tsc210x_load(QEMUFile *f, voi - s->enabled = qemu_get_byte(f); - s->host_mode = qemu_get_byte(f); - s->function = qemu_get_byte(f); -+ if (s->function < 0 || s->function >= ARRAY_SIZE(mode_regs)) { -+ return -EINVAL; -+ } - s->nextfunction = qemu_get_byte(f); -+ if (s->nextfunction < 0 || s->nextfunction >= ARRAY_SIZE(mode_regs)) { -+ return -EINVAL; -+ } - s->precision = qemu_get_byte(f); -+ if (s->precision < 0 || s->precision >= ARRAY_SIZE(resolution)) { -+ return -EINVAL; -+ } - s->nextprecision = qemu_get_byte(f); -+ if (s->nextprecision < 0 || s->nextprecision >= ARRAY_SIZE(resolution)) { -+ return -EINVAL; -+ } - s->filter = qemu_get_byte(f); - s->pin_func = qemu_get_byte(f); - s->ref = qemu_get_byte(f); diff --git a/CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch b/CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch deleted file mode 100644 index 45a526a..0000000 --- a/CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch +++ /dev/null @@ -1,38 +0,0 @@ -References: bsc#964925 - -Subject: qcow1: Validate L2 table size (CVE-2014-0222) -From: Kevin Wolf kwolf@redhat.com Thu May 15 16:10:11 2014 +0200 -Date: Mon May 19 11:36:49 2014 +0200: -Git: 42eb58179b3b215bb507da3262b682b8a2ec10b5 - -Too large L2 table sizes cause unbounded allocations. Images actually -created by qemu-img only have 512 byte or 4k L2 tables. - -To keep things consistent with cluster sizes, allow ranges between 512 -bytes and 64k (in fact, down to 1 entry = 8 bytes is technically -working, but L2 table sizes smaller than a cluster don't make a lot of -sense). - -This also means that the number of bytes on the virtual disk that are -described by the same L2 table is limited to at most 8k * 64k or 2^29, -preventively avoiding any integer overflows. - -Cc: qemu-stable@nongnu.org -Signed-off-by: Kevin Wolf -Reviewed-by: Benoit Canet - -Index: xen-4.6.0-testing/tools/blktap2/drivers/block-qcow.c -=================================================================== ---- xen-4.6.0-testing.orig/tools/blktap2/drivers/block-qcow.c -+++ xen-4.6.0-testing/tools/blktap2/drivers/block-qcow.c -@@ -909,6 +909,10 @@ int tdqcow_open (td_driver_t *driver, co - - if (header.size <= 1 || header.cluster_bits < 9) - goto fail; -+ /* l2_bits specifies number of entries; storing a uint64_t in each entry, -+ * so bytes = num_entries << 3. */ -+ if (header.l2_bits < 9 - 3 || header.l2_bits > 16 - 3) -+ goto fail; - if (header.crypt_method > QCOW_CRYPT_AES) - goto fail; - s->crypt_method_header = header.crypt_method; diff --git a/CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch b/CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch deleted file mode 100644 index 0882de3..0000000 --- a/CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch +++ /dev/null @@ -1,38 +0,0 @@ -References: bsc#877642 - -Subject: qcow1: Validate L2 table size (CVE-2014-0222) -From: Kevin Wolf kwolf@redhat.com Thu May 15 16:10:11 2014 +0200 -Date: Mon May 19 11:36:49 2014 +0200: -Git: 42eb58179b3b215bb507da3262b682b8a2ec10b5 - -Too large L2 table sizes cause unbounded allocations. Images actually -created by qemu-img only have 512 byte or 4k L2 tables. - -To keep things consistent with cluster sizes, allow ranges between 512 -bytes and 64k (in fact, down to 1 entry = 8 bytes is technically -working, but L2 table sizes smaller than a cluster don't make a lot of -sense). - -This also means that the number of bytes on the virtual disk that are -described by the same L2 table is limited to at most 8k * 64k or 2^29, -preventively avoiding any integer overflows. - -Cc: qemu-stable@nongnu.org -Signed-off-by: Kevin Wolf -Reviewed-by: Benoit Canet - -Index: xen-4.5.1-testing/tools/qemu-xen-traditional-dir-remote/block-qcow.c -=================================================================== ---- xen-4.5.1-testing.orig/tools/qemu-xen-traditional-dir-remote/block-qcow.c -+++ xen-4.5.1-testing/tools/qemu-xen-traditional-dir-remote/block-qcow.c -@@ -126,6 +126,10 @@ static int qcow_open(BlockDriverState *b - goto fail; - if (header.size <= 1 || header.cluster_bits < 9) - goto fail; -+ /* l2_bits specifies number of entries; storing a uint64_t in each entry, -+ * so bytes = num_entries << 3. */ -+ if (header.l2_bits < 9 - 3 || header.l2_bits > 16 - 3) -+ goto fail; - if (header.crypt_method > QCOW_CRYPT_AES) - goto fail; - s->crypt_method_header = header.crypt_method; diff --git a/CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch b/CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch deleted file mode 100644 index 1959a4d..0000000 --- a/CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch +++ /dev/null @@ -1,36 +0,0 @@ -Subject: slirp: udp: fix NULL pointer dereference because of uninitialized socket -From: Petr Matousek pmatouse@redhat.com Thu Sep 18 08:35:37 2014 +0200 -Date: Tue Sep 23 19:15:05 2014 +0100: -Git: 01f7cecf0037997cb0e58ec0d56bf9b5a6f7cb2a - -When guest sends udp packet with source port and source addr 0, -uninitialized socket is picked up when looking for matching and already -created udp sockets, and later passed to sosendto() where NULL pointer -dereference is hit during so->slirp->vnetwork_mask.s_addr access. - -Fix this by checking that the socket is not just a socket stub. - -This is CVE-2014-3640. - -Signed-off-by: Petr Matousek -Reported-by: Xavier Mehrenberger -Reported-by: Stephane Duverger -Reviewed-by: Jan Kiszka -Reviewed-by: Michael S. Tsirkin -Reviewed-by: Michael Tokarev -Message-id: 20140918063537.GX9321@dhcp-25-225.brq.redhat.com -Signed-off-by: Peter Maydell - -Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/slirp/udp.c -=================================================================== ---- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/slirp/udp.c -+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/slirp/udp.c -@@ -168,7 +168,7 @@ udp_input(m, iphlen) - * Locate pcb for datagram. - */ - so = udp_last_so; -- if (so->so_lport != uh->uh_sport || -+ if (so == &slirp->udb || so->so_lport != uh->uh_sport || - so->so_laddr.s_addr != ip->ip_src.s_addr) { - struct socket *tmp; - diff --git a/CVE-2015-4037-qemut-smb-config-dir-name.patch b/CVE-2015-4037-qemut-smb-config-dir-name.patch deleted file mode 100644 index dd2cd71..0000000 --- a/CVE-2015-4037-qemut-smb-config-dir-name.patch +++ /dev/null @@ -1,39 +0,0 @@ -References: bsc#932267 - -Subject: slirp: use less predictable directory name in /tmp for smb config (CVE-2015-4037) -From: Michael Tokarev mjt@tls.msk.ru Thu May 28 14:12:26 2015 +0300 -Date: Wed Jun 3 14:21:45 2015 +0300: -Git: 8b8f1c7e9ddb2e88a144638f6527bf70e32343e3 - -In this version I used mkdtemp(3) which is: - - _BSD_SOURCE - || /* Since glibc 2.10: */ - (_POSIX_C_SOURCE >= 200809L || _XOPEN_SOURCE >= 700) - -(POSIX.1-2008), so should be available on systems we care about. - -While at it, reset the resulting directory name within smb structure -on error so cleanup function wont try to remove directory which we -failed to create. - -Signed-off-by: Michael Tokarev -Reviewed-by: Markus Armbruster - -Index: xen-4.5.1-testing/tools/qemu-xen-traditional-dir-remote/net.c -=================================================================== ---- xen-4.5.1-testing.orig/tools/qemu-xen-traditional-dir-remote/net.c -+++ xen-4.5.1-testing/tools/qemu-xen-traditional-dir-remote/net.c -@@ -624,9 +624,10 @@ void net_slirp_smb(const char *exported_ - } - - /* XXX: better tmp dir construction */ -- snprintf(smb_dir, sizeof(smb_dir), "/tmp/qemu-smb.%d", getpid()); -- if (mkdir(smb_dir, 0700) < 0) { -+ snprintf(smb_dir, sizeof(smb_dir), "/tmp/qemu-smb.XXXXXX"); -+ if (!mkdtemp(smb_dir)) { - fprintf(stderr, "qemu: could not create samba server dir '%s'\n", smb_dir); -+ smb_dir[0] = 0; - exit(1); - } - snprintf(smb_conf, sizeof(smb_conf), "%s/%s", smb_dir, "smb.conf"); diff --git a/CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch b/CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch deleted file mode 100644 index 4b0fe54..0000000 --- a/CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch +++ /dev/null @@ -1,54 +0,0 @@ -Subject: ATAPI: STARTSTOPUNIT only eject/load media if powercondition is 0 -From: Ronnie Sahlberg ronniesahlberg@gmail.com Tue Jul 31 11:28:26 2012 +1000 -Date: Wed Sep 12 15:50:09 2012 +0200: -Git: ce560dcf20c14194db5ef3b9fc1ea592d4e68109 - -The START STOP UNIT command will only eject/load media if -power condition is zero. - -If power condition is !0 then LOEJ and START will be ignored. - -From MMC (sbc contains similar wordings too) - The Power Conditions field requests the block device to be placed - in the power condition defined in - Table 558. If this field has a value other than 0h then the Start - and LoEj bits shall be ignored. - -Signed-off-by: Ronnie Sahlberg -Signed-off-by: Kevin Wolf - -From aa851d30acfbb9580098ac1dc82885530cb8b3c1 Mon Sep 17 00:00:00 2001 -From: Kevin Wolf -Date: Wed, 3 Jun 2015 14:17:46 +0200 -Subject: [PATCH 2/3] ide/atapi: Fix START STOP UNIT command completion - -The command must be completed on all code paths. START STOP UNIT with -pwrcnd set should succeed without doing anything. - -Signed-off-by: Kevin Wolf ---- - hw/ide/atapi.c | 1 + - 1 file changed, 1 insertion(+) - -Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/ide.c -=================================================================== ---- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/ide.c -+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/ide.c -@@ -2098,9 +2098,16 @@ static void ide_atapi_cmd(IDEState *s) - break; - case GPCMD_START_STOP_UNIT: - { -- int start, eject; -+ int start, eject, pwrcnd; - start = packet[4] & 1; - eject = (packet[4] >> 1) & 1; -+ pwrcnd = buf[4] & 0xf0; -+ -+ if (pwrcnd) { -+ /* eject/load only happens for power condition == 0 */ -+ ide_atapi_cmd_ok(s); -+ return; -+ } - - if (eject && !start) { - /* eject the disk */ diff --git a/CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch b/CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch deleted file mode 100644 index c4d72df..0000000 --- a/CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch +++ /dev/null @@ -1,30 +0,0 @@ -References: bsc#964947 CVE-2015-5278 - -Subject: net: avoid infinite loop when receiving packets(CVE-2015-5278) -From: P J P pjp@fedoraproject.org Tue Sep 15 16:46:59 2015 +0530 -Date: Tue Sep 15 12:51:14 2015 +0100: -Git: 737d2b3c41d59eb8f94ab7eb419b957938f24943 - -Ne2000 NIC uses ring buffer of NE2000_MEM_SIZE(49152) -bytes to process network packets. While receiving packets -via ne2000_receive() routine, a local 'index' variable -could exceed the ring buffer size, leading to an infinite -loop situation. - -Reported-by: Qinghao Tang -Signed-off-by: P J P -Signed-off-by: Stefan Hajnoczi - -Index: xen-4.6.0-testing/tools/qemu-xen-traditional-dir-remote/hw/ne2000.c -=================================================================== ---- xen-4.6.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/ne2000.c -+++ xen-4.6.0-testing/tools/qemu-xen-traditional-dir-remote/hw/ne2000.c -@@ -328,7 +328,7 @@ static void ne2000_receive(void *opaque, - if (index <= s->stop) - avail = s->stop - index; - else -- avail = 0; -+ break; - len = size; - if (len > avail) - len = avail; diff --git a/CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch b/CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch deleted file mode 100644 index b9e79a8..0000000 --- a/CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch +++ /dev/null @@ -1,31 +0,0 @@ -References: bsc#944697 - -From: P J P - -While processing transmit descriptors, it could lead to an infinite -loop if 'bytes' was to become zero; Add a check to avoid it. - -[The guest can force 'bytes' to 0 by setting the hdr_len and mss -descriptor fields to 0. ---Stefan] - -Signed-off-by: P J P -Signed-off-by: Stefan Hajnoczi ---- - hw/net/e1000.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/e1000.c -=================================================================== ---- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/e1000.c -+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/e1000.c -@@ -470,7 +470,8 @@ process_tx_desc(E1000State *s, struct e1 - memmove(tp->data, tp->header, hdr); - tp->size = hdr; - } -- } while (split_size -= bytes); -+ split_size -= bytes; -+ } while (bytes && split_size); - } else if (!tp->tse && tp->cptse) { - // context descriptor TSE is not set, while data descriptor TSE is set - DBGOUT(TXERR, "TCP segmentaion Error\n"); diff --git a/CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch b/CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch deleted file mode 100644 index 1bb2603..0000000 --- a/CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch +++ /dev/null @@ -1,30 +0,0 @@ -References: bsc#962360 CVE-2015-7512 - -Backends could provide a packet whose length is greater than buffer -size. Check for this and truncate the packet to avoid rx buffer -overflow in this case. - -Cc: Prasad J Pandit -Cc: address@hidden -Signed-off-by: Jason Wang ---- - hw/net/pcnet.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -Index: xen-4.6.0-testing/tools/qemu-xen-traditional-dir-remote/hw/pcnet.c -=================================================================== ---- xen-4.6.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/pcnet.c -+++ xen-4.6.0-testing/tools/qemu-xen-traditional-dir-remote/hw/pcnet.c -@@ -1133,6 +1133,12 @@ static void pcnet_receive(void *opaque, - int pktcount = 0; - - if (!s->looptest) { -+ if (size > 4092) { -+#ifdef PCNET_DEBUG_RMD -+ fprintf(stderr, "pcnet: truncates rx packet.\n"); -+#endif -+ size = 4092; -+ } - memcpy(src, buf, size); - /* no need to compute the CRC */ - src[size] = 0; diff --git a/CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch b/CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch deleted file mode 100644 index d15b45b..0000000 --- a/CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch +++ /dev/null @@ -1,59 +0,0 @@ -References: bsc#956832 CVE-2015-8345 - -Subject: eepro100: Prevent two endless loops -From: Stefan Weil sw@weilnetz.de Fri Nov 20 08:42:33 2015 +0100 -Date: Fri Nov 27 10:39:55 2015 +0800: -Git: 00837731d254908a841d69298a4f9f077babaf24 - -http://lists.nongnu.org/archive/html/qemu-devel/2015-11/msg04592.html -shows an example how an endless loop in function action_command can -be achieved. - -During my code review, I noticed a 2nd case which can result in an -endless loop. - -Reported-by: Qinghao Tang -Signed-off-by: Stefan Weil -Signed-off-by: Jason Wang - -Index: xen-4.6.0-testing/tools/qemu-xen-traditional-dir-remote/hw/eepro100.c -=================================================================== ---- xen-4.6.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/eepro100.c -+++ xen-4.6.0-testing/tools/qemu-xen-traditional-dir-remote/hw/eepro100.c -@@ -657,6 +657,10 @@ static void eepro100_cu_command(EEPRO100 - { - eepro100_tx_t tx; - uint32_t cb_address; -+ /* The loop below won't stop if it gets special handcrafted data. -+ Therefore we limit the number of iterations. */ -+ unsigned max_loop_count = 16; -+ - switch (val) { - case CU_NOP: - /* No operation. */ -@@ -685,6 +689,13 @@ static void eepro100_cu_command(EEPRO100 - bool bit_nc = ((command & 0x0010) != 0); - //~ bool bit_sf = ((command & 0x0008) != 0); - uint16_t cmd = command & 0x0007; -+ -+ if (max_loop_count-- == 0) { -+ /* Prevent an endless loop. (see goto next_command) */ -+ logout("loop in %s:%u\n", __FILE__, __LINE__); -+ break; -+ } -+ - s->cu_offset = le32_to_cpu(tx.link); - switch (cmd) { - case CmdNOp: -@@ -726,6 +737,11 @@ static void eepro100_cu_command(EEPRO100 - uint32_t tx_buffer_address = ldl_phys(tbd_address); - uint16_t tx_buffer_size = lduw_phys(tbd_address + 4); - //~ uint16_t tx_buffer_el = lduw_phys(tbd_address + 6); -+ if (tx_buffer_size == 0) { -+ /* Prevent an endless loop. */ -+ logout("loop in %s:%u\n", __FILE__, __LINE__); -+ break; -+ } - tbd_address += 8; - logout - ("TBD (simplified mode): buffer address 0x%08x, size 0x%04x\n", diff --git a/CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch b/CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch deleted file mode 100644 index 2b047db..0000000 --- a/CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch +++ /dev/null @@ -1,25 +0,0 @@ -References: bsc#958493 CVE-2015-8504 - -Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/vnc.c -=================================================================== ---- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/vnc.c -+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/vnc.c -@@ -1644,15 +1644,15 @@ static void set_pixel_format(VncState *v - } - - vs->clientds = vs->serverds; -- vs->clientds.pf.rmax = red_max; -+ vs->clientds.pf.rmax = red_max ? red_max : 0xFF; - count_bits(vs->clientds.pf.rbits, red_max); - vs->clientds.pf.rshift = red_shift; - vs->clientds.pf.rmask = red_max << red_shift; -- vs->clientds.pf.gmax = green_max; -+ vs->clientds.pf.gmax = green_max ? green_max : 0xFF; - count_bits(vs->clientds.pf.gbits, green_max); - vs->clientds.pf.gshift = green_shift; - vs->clientds.pf.gmask = green_max << green_shift; -- vs->clientds.pf.bmax = blue_max; -+ vs->clientds.pf.bmax = blue_max ? blue_max : 0xFF; - count_bits(vs->clientds.pf.bbits, blue_max); - vs->clientds.pf.bshift = blue_shift; - vs->clientds.pf.bmask = blue_max << blue_shift; diff --git a/CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch b/CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch deleted file mode 100644 index 1868582..0000000 --- a/CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch +++ /dev/null @@ -1,47 +0,0 @@ -Reference: bsc#961692 CVE-2016-1714 - -When processing firmware configurations, an OOB r/w access occurs -if 's->cur_entry' is set to be invalid(FW_CFG_INVALID=0xffff). -Add a check to validate 's->cur_entry' to avoid such access. - -Reported-by: Donghai Zdh -Signed-off-by: Prasad J Pandit ---- - hw/nvram/fw_cfg.c | 12 ++++++++---- - 1 file changed, 8 insertions(+), 4 deletions(-) - -Updated as per review in - -> https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg00398.html - -Index: xen-4.6.0-testing/tools/qemu-xen-traditional-dir-remote/hw/fw_cfg.c -=================================================================== ---- xen-4.6.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/fw_cfg.c -+++ xen-4.6.0-testing/tools/qemu-xen-traditional-dir-remote/hw/fw_cfg.c -@@ -54,11 +54,15 @@ typedef struct _FWCfgState { - static void fw_cfg_write(FWCfgState *s, uint8_t value) - { - int arch = !!(s->cur_entry & FW_CFG_ARCH_LOCAL); -- FWCfgEntry *e = &s->entries[arch][s->cur_entry & FW_CFG_ENTRY_MASK]; -+ FWCfgEntry *e = (s->cur_entry == FW_CFG_INVALID) ? NULL : -+ &s->entries[arch][s->cur_entry & FW_CFG_ENTRY_MASK]; - - FW_CFG_DPRINTF("write %d\n", value); - -- if (s->cur_entry & FW_CFG_WRITE_CHANNEL && s->cur_offset < e->len) { -+ if (s->cur_entry & FW_CFG_WRITE_CHANNEL -+ && e != NULL -+ && e->callback -+ && s->cur_offset < e->len) { - e->data[s->cur_offset++] = value; - if (s->cur_offset == e->len) { - e->callback(e->callback_opaque, e->data); -@@ -88,7 +92,8 @@ static int fw_cfg_select(FWCfgState *s, - static uint8_t fw_cfg_read(FWCfgState *s) - { - int arch = !!(s->cur_entry & FW_CFG_ARCH_LOCAL); -- FWCfgEntry *e = &s->entries[arch][s->cur_entry & FW_CFG_ENTRY_MASK]; -+ FWCfgEntry *e = (s->cur_entry == FW_CFG_INVALID) ? NULL : -+ &s->entries[arch][s->cur_entry & FW_CFG_ENTRY_MASK]; - uint8_t ret; - - if (s->cur_entry == FW_CFG_INVALID || !e->data || s->cur_offset >= e->len) diff --git a/CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch b/CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch deleted file mode 100644 index ca96162..0000000 --- a/CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch +++ /dev/null @@ -1,94 +0,0 @@ -The start_xmit() and e1000_receive_iov() functions implement DMA transfers -iterating over a set of descriptors that the guest's e1000 driver -prepares: - -- the TDLEN and RDLEN registers store the total size of the descriptor - area, - -- while the TDH and RDH registers store the offset (in whole tx / rx - descriptors) into the area where the transfer is supposed to start. - -Each time a descriptor is processed, the TDH and RDH register is bumped -(as appropriate for the transfer direction). - -QEMU already contains logic to deal with bogus transfers submitted by the -guest: - -- Normally, the transmit case wants to increase TDH from its initial value - to TDT. (TDT is allowed to be numerically smaller than the initial TDH - value; wrapping at or above TDLEN bytes to zero is normal.) The failsafe - that QEMU currently has here is a check against reaching the original - TDH value again -- a complete wraparound, which should never happen. - -- In the receive case RDH is increased from its initial value until - "total_size" bytes have been received; preferably in a single step, or - in "s->rxbuf_size" byte steps, if the latter is smaller. However, null - RX descriptors are skipped without receiving data, while RDH is - incremented just the same. QEMU tries to prevent an infinite loop - (processing only null RX descriptors) by detecting whether RDH assumes - its original value during the loop. (Again, wrapping from RDLEN to 0 is - normal.) - -What both directions miss is that the guest could program TDLEN and RDLEN -so low, and the initial TDH and RDH so high, that these registers will -immediately be truncated to zero, and then never reassume their initial -values in the loop -- a full wraparound will never occur. - -The condition that expresses this is: - - xdh_start >= s->mac_reg[XDLEN] / sizeof(desc) - -i.e., TDH or RDH start out after the last whole rx or tx descriptor that -fits into the TDLEN or RDLEN sized area. - -This condition could be checked before we enter the loops, but -pci_dma_read() / pci_dma_write() knows how to fill in buffers safely for -bogus DMA addresses, so we just extend the existing failsafes with the -above condition. - -Cc: "Michael S. Tsirkin" -Cc: Petr Matousek -Cc: Stefano Stabellini -Cc: Prasad Pandit -Cc: Michael Roth -Cc: Jason Wang -RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1296044 -Signed-off-by: Laszlo Ersek -Reviewed-by: Jason Wang ---- - -Notes: - Regarding the public posting: we made an honest effort to vet this - vulnerability, and the impact seems low -- no host side reads/writes, - "just" a DoS (infinite loop). We decided the patch could be posted - publicly, for the usual review process. Jason and Prasad checked the - patch in the internal discussion already, but comments, improvements - etc. are clearly welcome. The CVE request is underway. Thanks. - - hw/net/e1000.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/e1000.c -=================================================================== ---- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/e1000.c -+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/e1000.c -@@ -538,7 +538,8 @@ start_xmit(E1000State *s) - * bogus values to TDT/TDLEN. - * there's nothing too intelligent we could do about this. - */ -- if (s->mac_reg[TDH] == tdh_start) { -+ if (s->mac_reg[TDH] == tdh_start || -+ tdh_start >= s->mac_reg[TDLEN] / sizeof(desc)) { - DBGOUT(TXERR, "TDH wraparound @%x, TDT %x, TDLEN %x\n", - tdh_start, s->mac_reg[TDT], s->mac_reg[TDLEN]); - break; -@@ -728,7 +729,8 @@ e1000_receive(void *opaque, const uint8_ - s->mac_reg[RDH] = 0; - s->check_rxov = 1; - /* see comment in start_xmit; same here */ -- if (s->mac_reg[RDH] == rdh_start) { -+ if (s->mac_reg[RDH] == rdh_start || -+ rdh_start >= s->mac_reg[RDLEN] / sizeof(desc)) { - DBGOUT(RXERR, "RDH wraparound @%x, RDT %x, RDLEN %x\n", - rdh_start, s->mac_reg[RDT], s->mac_reg[RDLEN]); - set_ics(s, 0, E1000_ICS_RXO); diff --git a/CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch b/CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch deleted file mode 100644 index efe86c2..0000000 --- a/CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch +++ /dev/null @@ -1,54 +0,0 @@ -References: bsc#967101 CVE-2016-2391 - -From d1b07becc481e09225cfe905ec357807ae07f095 Mon Sep 17 00:00:00 2001 -From: Gerd Hoffmann -Date: Tue, 16 Feb 2016 15:15:04 +0100 -Subject: [PATCH] ohci timer fix - -Signed-off-by: Gerd Hoffmann ---- - hw/usb/hcd-ohci.c | 31 +++++-------------------------- - 1 file changed, 5 insertions(+), 26 deletions(-) - -Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/usb-ohci.c -=================================================================== ---- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/usb-ohci.c -+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/usb-ohci.c -@@ -1139,16 +1139,6 @@ static void ohci_frame_boundary(void *op - */ - static int ohci_bus_start(OHCIState *ohci) - { -- ohci->eof_timer = qemu_new_timer(vm_clock, -- ohci_frame_boundary, -- ohci); -- -- if (ohci->eof_timer == NULL) { -- fprintf(stderr, "usb-ohci: %s: qemu_new_timer failed\n", ohci->name); -- /* TODO: Signal unrecoverable error */ -- return 0; -- } -- - dprintf("usb-ohci: %s: USB Operational\n", ohci->name); - - ohci_sof(ohci); -@@ -1159,9 +1149,7 @@ static int ohci_bus_start(OHCIState *ohc - /* Stop sending SOF tokens on the bus */ - static void ohci_bus_stop(OHCIState *ohci) - { -- if (ohci->eof_timer) -- qemu_del_timer(ohci->eof_timer); -- ohci->eof_timer = NULL; -+ qemu_del_timer(ohci->eof_timer); - } - - /* Sets a flag in a port status register but only set it if the port is -@@ -1654,6 +1642,9 @@ static void usb_ohci_init(OHCIState *ohc - ohci->async_td = 0; - qemu_register_reset(ohci_reset, ohci); - ohci_reset(ohci); -+ -+ ohci->eof_timer = qemu_new_timer(vm_clock, -+ ohci_frame_boundary, ohci); - } - - typedef struct { diff --git a/CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch b/CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch deleted file mode 100644 index a81b6d3..0000000 --- a/CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch +++ /dev/null @@ -1,34 +0,0 @@ -References: bsc#969351 CVE-2016-2841 - -From: Prasad J Pandit - -Ne2000 NIC uses ring buffer of NE2000_MEM_SIZE(49152) -bytes to process network packets. Registers PSTART & PSTOP -define ring buffer size & location. Setting these registers -to invalid values could lead to infinite loop or OOB r/w -access issues. Add check to avoid it. - -Reported-by: Yang Hongke -Signed-off-by: Prasad J Pandit ---- - hw/net/ne2000.c | 4 ++++ - 1 file changed, 4 insertions(+) - -Update per review: - -> https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg05522.html - -Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/ne2000.c -=================================================================== ---- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/ne2000.c -+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/ne2000.c -@@ -202,6 +202,10 @@ static int ne2000_buffer_full(NE2000Stat - { - int avail, index, boundary; - -+ if (s->stop <= s->start) { -+ return 1; -+ } -+ - index = s->curpag << 8; - boundary = s->boundary << 8; - if (index < boundary) diff --git a/CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch b/CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch deleted file mode 100644 index 6fb4c8a..0000000 --- a/CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch +++ /dev/null @@ -1,33 +0,0 @@ -References: bsc#980716 CVE-2016-4439 - -The 53C9X Fast SCSI Controller(FSC) comes with an internal 16-byte -FIFO buffer. It is used to handle command and data transfer. While -writing to this command buffer 's->cmdbuf[TI_BUFSZ=16]', a check -was missing to validate input length. Add check to avoid OOB write -access. - -Fixes CVE-2016-4439 -Reported-by: Li Qiang - -Signed-off-by: Prasad J Pandit ---- - hw/scsi/esp.c | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -Index: xen-4.4.4-testing/tools/qemu-xen-traditional-dir-remote/hw/esp.c -=================================================================== ---- xen-4.4.4-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/esp.c -+++ xen-4.4.4-testing/tools/qemu-xen-traditional-dir-remote/hw/esp.c -@@ -471,7 +471,11 @@ static void esp_mem_writeb(void *opaque, - break; - case ESP_FIFO: - if (s->do_cmd) { -- s->cmdbuf[s->cmdlen++] = val & 0xff; -+ if (s->cmdlen < TI_BUFSZ) { -+ s->cmdbuf[s->cmdlen++] = val & 0xff; -+ } else { -+ ESP_ERROR("fifo overrun\n"); -+ } - } else if (s->ti_size == TI_BUFSZ - 1) { - ESP_ERROR("fifo overrun\n"); - } else { diff --git a/CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch b/CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch deleted file mode 100644 index 118050c..0000000 --- a/CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch +++ /dev/null @@ -1,56 +0,0 @@ -References: bsc#980724 CVE-2016-4441 - -The 53C9X Fast SCSI Controller(FSC) comes with an internal 16-byte -FIFO buffer. It is used to handle command and data transfer. -Routine get_cmd() uses DMA to read scsi commands into this buffer. -Add check to validate DMA length against buffer size to avoid any -overrun. - -Fixes CVE-2016-4441 -Reported-by: Li Qiang - -Signed-off-by: Prasad J Pandit ---- - hw/scsi/esp.c | 11 +++++++---- - 1 file changed, 7 insertions(+), 4 deletions(-) - -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/esp.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/esp.c -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/esp.c -@@ -162,7 +162,7 @@ static void esp_lower_irq(ESPState *s) - } - } - --static uint32_t get_cmd(ESPState *s, uint8_t *buf) -+static uint32_t get_cmd(ESPState *s, uint8_t *buf, uint8_t buflen) - { - uint32_t dmalen; - int target; -@@ -170,6 +170,9 @@ static uint32_t get_cmd(ESPState *s, uin - target = s->wregs[ESP_WBUSID] & BUSID_DID; - if (s->dma) { - dmalen = s->rregs[ESP_TCLO] | (s->rregs[ESP_TCMID] << 8); -+ if (dmalen > buflen) { -+ return 0; -+ } - s->dma_memory_read(s->dma_opaque, buf, dmalen); - } else { - dmalen = s->ti_size; -@@ -231,14 +234,14 @@ static void handle_satn(ESPState *s) - uint8_t buf[32]; - int len; - -- len = get_cmd(s, buf); -+ len = get_cmd(s, buf, sizeof(buf)); - if (len) - do_cmd(s, buf); - } - - static void handle_satn_stop(ESPState *s) - { -- s->cmdlen = get_cmd(s, s->cmdbuf); -+ s->cmdlen = get_cmd(s, s->cmdbuf, sizeof(s->cmdbuf)); - if (s->cmdlen) { - DPRINTF("Set ATN & Stop: cmdlen %d\n", s->cmdlen); - s->do_cmd = 1; diff --git a/CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch b/CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch deleted file mode 100644 index b506174..0000000 --- a/CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch +++ /dev/null @@ -1,37 +0,0 @@ -References: bsc#982960 CVE-2016-5238 - -The 53C9X Fast SCSI Controller(FSC) comes with an internal 16-byte -FIFO buffer. It is used to handle command and data transfer. -Routine get_cmd() in non-DMA mode, uses 'ti_size' to read scsi -command into a buffer. Add check to validate command length against -buffer size to avoid any overrun. - -Reported-by: Li Qiang -Signed-off-by: Prasad J Pandit ---- - hw/scsi/esp.c | 3 +++ - 1 file changed, 3 insertions(+) - -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/esp.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/esp.c -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/esp.c -@@ -176,6 +176,9 @@ static uint32_t get_cmd(ESPState *s, uin - s->dma_memory_read(s->dma_opaque, buf, dmalen); - } else { - dmalen = s->ti_size; -+ if (dmalen > TI_BUFSZ) { -+ return 0; -+ } - memcpy(buf, s->ti_buf, dmalen); - buf[0] = 0; - } -@@ -265,7 +268,7 @@ static void write_response(ESPState *s) - } else { - s->ti_size = 2; - s->ti_rptr = 0; -- s->ti_wptr = 0; -+ s->ti_wptr = 2; - s->rregs[ESP_RFLAGS] = 2; - } - esp_raise_irq(s); diff --git a/CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch b/CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch deleted file mode 100644 index 5d034a3..0000000 --- a/CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch +++ /dev/null @@ -1,65 +0,0 @@ -References: bsc#983984 CVE-2016-5338 - -The 53C9X Fast SCSI Controller(FSC) comes with internal 16-byte -FIFO buffers. One is used to handle commands and other is for -information transfer. Three control variables 'ti_rptr', -'ti_wptr' and 'ti_size' are used to control r/w access to the -information transfer buffer ti_buf[TI_BUFSZ=16]. In that, - -'ti_rptr' is used as read index, where read occurs. -'ti_wptr' is a write index, where write would occur. -'ti_size' indicates total bytes to be read from the buffer. - -While reading/writing to this buffer, index could exceed its -size. Add check to avoid OOB r/w access. - -Reported-by: Huawei PSIRT -Reported-by: Li Qiang -Signed-off-by: Prasad J Pandit ---- - hw/scsi/esp.c | 20 +++++++++----------- - 1 file changed, 9 insertions(+), 11 deletions(-) - -Update as per: - -> https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg01326.html - -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/esp.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/esp.c -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/esp.c -@@ -435,18 +435,17 @@ static uint32_t esp_mem_readb(void *opaq - DPRINTF("read reg[%d]: 0x%2.2x\n", saddr, s->rregs[saddr]); - switch (saddr) { - case ESP_FIFO: -- if (s->ti_size > 0) { -+ if ((s->rregs[ESP_RSTAT] & STAT_PIO_MASK) == 0) { -+ /* Data out. */ -+ ESP_ERROR("PIO data read not implemented\n"); -+ s->rregs[ESP_FIFO] = 0; -+ esp_raise_irq(s); -+ } else if (s->ti_rptr < s->ti_wptr) { - s->ti_size--; -- if ((s->rregs[ESP_RSTAT] & STAT_PIO_MASK) == 0) { -- /* Data out. */ -- ESP_ERROR("PIO data read not implemented\n"); -- s->rregs[ESP_FIFO] = 0; -- } else { -- s->rregs[ESP_FIFO] = s->ti_buf[s->ti_rptr++]; -- } -+ s->rregs[ESP_FIFO] = s->ti_buf[s->ti_rptr++]; - esp_raise_irq(s); - } -- if (s->ti_size == 0) { -+ if (s->ti_rptr == s->ti_wptr) { - s->ti_rptr = 0; - s->ti_wptr = 0; - } -@@ -482,7 +481,7 @@ static void esp_mem_writeb(void *opaque, - } else { - ESP_ERROR("fifo overrun\n"); - } -- } else if (s->ti_size == TI_BUFSZ - 1) { -+ } else if (s->ti_wptr == TI_BUFSZ - 1) { - ESP_ERROR("fifo overrun\n"); - } else { - s->ti_size++; diff --git a/CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch b/CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch deleted file mode 100644 index 2565bb7..0000000 --- a/CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch +++ /dev/null @@ -1,73 +0,0 @@ -References: bsc#990843 CVE-2016-6351 - -Subject: scsi: esp: make cmdbuf big enough for maximum CDB size -From: Prasad J Pandit pjp@fedoraproject.org Thu Jun 16 00:22:35 2016 +0200 -Date: Thu Jun 16 18:39:05 2016 +0200: -Git: 926cde5f3e4d2504ed161ed0cb771ac7cad6fd11 - -While doing DMA read into ESP command buffer 's->cmdbuf', it could -write past the 's->cmdbuf' area, if it was transferring more than 16 -bytes. Increase the command buffer size to 32, which is maximum when -'s->do_cmd' is set, and add a check on 'len' to avoid OOB access. - -Reported-by: Li Qiang -Signed-off-by: Prasad J Pandit -Signed-off-by: Paolo Bonzini - -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/esp.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/esp.c -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/esp.c -@@ -26,6 +26,8 @@ - #include "scsi-disk.h" - #include "scsi.h" - -+#include -+ - /* debug ESP card */ - //#define DEBUG_ESP - -@@ -49,6 +51,7 @@ do { printf("ESP ERROR: %s: " fmt, __fun - - #define ESP_REGS 16 - #define TI_BUFSZ 16 -+#define ESP_CMDBUF_SZ 32 - - typedef struct ESPState ESPState; - -@@ -64,7 +67,7 @@ struct ESPState { - uint32_t dma; - SCSIDevice *scsi_dev[ESP_MAX_DEVS]; - SCSIDevice *current_dev; -- uint8_t cmdbuf[TI_BUFSZ]; -+ uint8_t cmdbuf[ESP_CMDBUF_SZ]; - uint32_t cmdlen; - uint32_t do_cmd; - -@@ -294,6 +297,8 @@ static void esp_do_dma(ESPState *s) - len = s->dma_left; - if (s->do_cmd) { - DPRINTF("command len %d + %d\n", s->cmdlen, len); -+ assert (s->cmdlen <= sizeof(s->cmdbuf) && -+ len <= sizeof(s->cmdbuf) - s->cmdlen); - s->dma_memory_read(s->dma_opaque, &s->cmdbuf[s->cmdlen], len); - s->ti_size = 0; - s->cmdlen = 0; -@@ -382,7 +387,7 @@ static void handle_ti(ESPState *s) - s->dma_counter = dmalen; - - if (s->do_cmd) -- minlen = (dmalen < 32) ? dmalen : 32; -+ minlen = (dmalen < ESP_CMDBUF_SZ) ? dmalen : ESP_CMDBUF_SZ; - else if (s->ti_size < 0) - minlen = (dmalen < -s->ti_size) ? dmalen : -s->ti_size; - else -@@ -476,7 +481,7 @@ static void esp_mem_writeb(void *opaque, - break; - case ESP_FIFO: - if (s->do_cmd) { -- if (s->cmdlen < TI_BUFSZ) { -+ if (s->cmdlen < ESP_CMDBUF_SZ) { - s->cmdbuf[s->cmdlen++] = val & 0xff; - } else { - ESP_ERROR("fifo overrun\n"); diff --git a/README.SUSE b/README.SUSE index 1aa23e0..06b30b6 100644 --- a/README.SUSE +++ b/README.SUSE @@ -527,6 +527,64 @@ the amount of memory assigned to dom0. Reboot the host for these changes to take effect. +Adjusting LIBXL_HOTPLUG_TIMEOUT at runtime +------------------------------------------ +A domU with a large amount of disks may run into the hardcoded +LIBXL_HOTPLUG_TIMEOUT limit, which is 40 seconds. This happens if the +preparation for each disk takes an unexpected large amount of time. Then +the sum of all configured disks and the individual preparation time will +be larger than 40 seconds. The hotplug script which does the preparation +takes a lock before doing the actual preparation. Since the hotplug +scripts for each disk are spawned at nearly the same time, each one has +to wait for the lock. Due to this contention, the total execution time +of a script can easily exceed the timeout. In this case libxl will +terminate the script because it has to assume an error condition. + +Example: +10 configured disks, each one takes 3 seconds within the critital +section. The total execution time will be 30 seconds, which is still +within the limit. With 5 additional configured disks, the total +execution time will be 45 seconds, which would trigger the timeout. + +To handle such setup without a recompile of libxl, a special key/value +has to be created in xenstore prior domain creation. This can be done +either manually, or at system startup. A dedicated systemd service file +exists to set the required value. To enable it, run these commands: + +/etc/systemd/system # systemctl enable xen-LIBXL_HOTPLUG_TIMEOUT.service +/etc/systemd/system # systemctl start xen-LIBXL_HOTPLUG_TIMEOUT.service + + +In case the value in this service file needs to be changed, a copy with +the exact same name must be created in the /etc/systemd/system directory: + +/etc/systemd/system # cat xen-LIBXL_HOTPLUG_TIMEOUT.service +[Unit] +Description=set global LIBXL_HOTPLUG_TIMEOUT +ConditionPathExists=/proc/xen/capabilities + +Requires=xenstored.service +After=xenstored.service +Requires=xen-init-dom0.service +After=xen-init-dom0.service +Before=xencommons.service + +[Service] +Type=oneshot +RemainAfterExit=true +ExecStartPre=/bin/grep -q control_d /proc/xen/capabilities +ExecStart=/usr/bin/xenstore-write /libxl/suse/per-device-LIBXL_HOTPLUG_TIMEOUT 10 + +[Install] +WantedBy=multi-user.target + +In this example the per-device value will be set to 10 seconds. + +The change for libxl which handles this xenstore value will enable +additional logging if the key is found. That extra logging will show how +the execution time of each script. + + Troubleshooting --------------- First try to get Linux running on bare metal before trying with Xen. @@ -639,7 +697,7 @@ please report it back to the xen-devel list: xen-devel@lists.xen.org If you find issues with the packaging or setup done by SUSE, please report it through bugzilla: - https://bugzilla.novell.com + https://bugzilla.suse.com ENJOY! diff --git a/VNC-Support-for-ExtendedKeyEvent-client-message.patch b/VNC-Support-for-ExtendedKeyEvent-client-message.patch deleted file mode 100644 index 6a1cfe8..0000000 --- a/VNC-Support-for-ExtendedKeyEvent-client-message.patch +++ /dev/null @@ -1,157 +0,0 @@ -From 9ca313aa0824f2d350a7a6c9b1ef6c47e0408f1d Mon Sep 17 00:00:00 2001 -From: aliguori -Date: Sat, 23 Aug 2008 23:27:37 +0000 -Subject: [PATCH] VNC: Support for ExtendedKeyEvent client message - -This patch adds support for the ExtendedKeyEvent client message. This message -allows a client to send raw scan codes directly to the server. If the client -and server are using the same keymap, then it's unnecessary to use the '-k' -option with QEMU when this extension is supported. - -This is extension is currently only implemented by gtk-vnc based clients -(gvncviewer, virt-manager, vinagre, etc.). - -Signed-off-by: Anthony Liguori - - - -git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5076 c046a42c-6fe2-441c-8c8c-71466251a162 ---- - vnc.c | 59 ++++++++++++++++++++++++++++++++++++++++++++++++++--------- - 1 files changed, 50 insertions(+), 9 deletions(-) - -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/vnc.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/vnc.c -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/vnc.c -@@ -1285,35 +1285,22 @@ static void press_key_altgr_down(VncStat - } - } - --static void do_key_event(VncState *vs, int down, uint32_t sym) -+static void do_key_event(VncState *vs, int down, int keycode, int sym, int shift) - { -- int keycode; - int shift_keys = 0; -- int shift = 0; - int keypad = 0; - int altgr = 0; - int altgr_keys = 0; - - if (is_graphic_console()) { -- if (sym >= 'A' && sym <= 'Z') { -- sym = sym - 'A' + 'a'; -- shift = 1; -- } -- else { -+ if (!shift) - shift = keysym_is_shift(vs->kbd_layout, sym & 0xFFFF); -- } - - altgr = keysym_is_altgr(vs->kbd_layout, sym & 0xFFFF); - } - shift_keys = vs->modifiers_state[0x2a] | vs->modifiers_state[0x36]; - altgr_keys = vs->modifiers_state[0xb8]; - -- keycode = keysym2scancode(vs->kbd_layout, sym & 0xFFFF); -- if (keycode == 0) { -- fprintf(stderr, "Key lost : keysym=0x%x(%d)\n", sym, sym); -- return; -- } -- - /* QEMU console switch */ - switch(keycode) { - case 0x2a: /* Left Shift */ -@@ -1445,7 +1432,25 @@ static void do_key_event(VncState *vs, i - - static void key_event(VncState *vs, int down, uint32_t sym) - { -- do_key_event(vs, down, sym); -+ int keycode; -+ int shift = 0; -+ -+ if (sym >= 'A' && sym <= 'Z' && is_graphic_console()) { -+ sym = sym - 'A' + 'a'; -+ shift = 1; -+ } -+ keycode = keysym2scancode(vs->kbd_layout, sym & 0xFFFF); -+ do_key_event(vs, down, keycode, sym, shift); -+} -+ -+static void ext_key_event(VncState *vs, int down, -+ uint32_t sym, uint16_t keycode) -+{ -+ /* if the user specifies a keyboard layout, always use it */ -+ if (keyboard_layout) -+ key_event(vs, down, sym); -+ else -+ do_key_event(vs, down, keycode, sym, 0); - } - - static void framebuffer_set_updated(VncState *vs, int x, int y, int w, int h) -@@ -1534,6 +1539,15 @@ static void framebuffer_update_request(V - qemu_mod_timer(vs->timer, qemu_get_clock(rt_clock)); - } - -+static void send_ext_key_event_ack(VncState *vs) -+{ -+ vnc_write_u8(vs, 0); -+ vnc_write_u8(vs, 0); -+ vnc_write_u16(vs, 1); -+ vnc_framebuffer_update(vs, 0, 0, ds_get_width(vs->ds), ds_get_height(vs->ds), -258); -+ vnc_flush(vs); -+} -+ - static void set_encodings(VncState *vs, int32_t *encodings, size_t n_encodings) - { - int i; -@@ -1562,6 +1576,9 @@ static void set_encodings(VncState *vs, - case -257: - vs->has_pointer_type_change = 1; - break; -+ case -258: -+ send_ext_key_event_ack(vs); -+ break; - case 0x574D5669: - vs->has_WMVi = 1; - default: -@@ -1790,6 +1807,24 @@ static int protocol_client_msg(VncState - - client_cut_text(vs, read_u32(data, 4), (char *)(data + 8)); - break; -+ case 255: -+ if (len == 1) -+ return 2; -+ -+ switch (read_u8(data, 1)) { -+ case 0: -+ if (len == 2) -+ return 12; -+ -+ ext_key_event(vs, read_u16(data, 2), -+ read_u32(data, 4), read_u32(data, 8)); -+ break; -+ default: -+ printf("Msg: %d\n", read_u16(data, 0)); -+ vnc_client_error(vs); -+ break; -+ } -+ break; - default: - printf("Msg: %d\n", data[0]); - vnc_client_error(vs); -@@ -2486,10 +2521,11 @@ void vnc_display_init(DisplayState *ds) - - vs->ds = ds; - -- if (!keyboard_layout) -- keyboard_layout = "en-us"; -+ if (keyboard_layout) -+ vs->kbd_layout = init_keyboard_layout(keyboard_layout); -+ else -+ vs->kbd_layout = init_keyboard_layout("en-us"); - -- vs->kbd_layout = init_keyboard_layout(keyboard_layout); - if (!vs->kbd_layout) - exit(1); - vs->modifiers_state[0x45] = 1; /* NumLock on - on boot */ diff --git a/aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch b/aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch deleted file mode 100644 index 0baa686..0000000 --- a/aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 98abe3b337e69371678859c4cfd19df61aebb0d9 Mon Sep 17 00:00:00 2001 -From: Olaf Hering -Date: Sun, 2 Feb 2014 20:42:42 +0100 -Subject: aarch64: rename PSR_MODE_ELxx to match linux headers - -https://bugs.launchpad.net/linaro-aarch64/+bug/1169164 - -Signed-off-by: Olaf Hering ---- - xen/include/public/arch-arm.h | 14 +++++++------- - 1 file changed, 7 insertions(+), 7 deletions(-) - -Index: xen-4.7.0-testing/xen/include/public/arch-arm.h -=================================================================== ---- xen-4.7.0-testing.orig/xen/include/public/arch-arm.h -+++ xen-4.7.0-testing/xen/include/public/arch-arm.h -@@ -362,13 +362,13 @@ typedef uint64_t xen_callback_t; - - /* 64 bit modes */ - #define PSR_MODE_BIT 0x10 /* Set iff AArch32 */ --#define PSR_MODE_EL3h 0x0d --#define PSR_MODE_EL3t 0x0c --#define PSR_MODE_EL2h 0x09 --#define PSR_MODE_EL2t 0x08 --#define PSR_MODE_EL1h 0x05 --#define PSR_MODE_EL1t 0x04 --#define PSR_MODE_EL0t 0x00 -+#define PSR_MODE_EL3h 0x0000000d -+#define PSR_MODE_EL3t 0x0000000c -+#define PSR_MODE_EL2h 0x00000009 -+#define PSR_MODE_EL2t 0x00000008 -+#define PSR_MODE_EL1h 0x00000005 -+#define PSR_MODE_EL1t 0x00000004 -+#define PSR_MODE_EL0t 0x00000000 - - #define PSR_GUEST32_INIT (PSR_ABT_MASK|PSR_FIQ_MASK|PSR_IRQ_MASK|PSR_MODE_SVC) - #define PSR_GUEST64_INIT (PSR_ABT_MASK|PSR_FIQ_MASK|PSR_IRQ_MASK|PSR_MODE_EL1h) diff --git a/altgr_2.patch b/altgr_2.patch deleted file mode 100644 index f320c37..0000000 --- a/altgr_2.patch +++ /dev/null @@ -1,45 +0,0 @@ -When access domU from Windows VNC client, spanish keyboard altgr key -doesn't work. According to log info, we found that the keycodes passed -from vncclient to qemu vncserver have something wrong. When altgr and "2" -pressed, keycodes vncserver receives are: -ALT_R down, -CTRL_L down, -CTRL_L up, -ATL_R up, -"2" down, -"2" up, -... -Since when send "2" down, there is no altgr modifier, the char displayed -on screen will be "2" but not "@". - -To solve this problem, there is another patch applied by upstream which -sends an additional altgr modifier before "2" down in the above case. -It works well when domU is windows, but on sles10 sp3 domU, sometimes it -display "@" and sometimes it still displays "2", especially when press -altgr+2 continuously. - -For the sles10 sp3 domU problem, maybe because there are two many alt_r (same -keycode as altgr on "es") up and down events and the domU OS couldn't handle -it well. - -To furtherly solve this problem, I write this patch, when vncserver -is "es" and receives a alt_r keysym (this is already abnormal since "es" has -no alt_r), then treat the alt_r as alt_l. This can avoid too many altgr -keycodes up and down events and make sure the intentionally added altgr keycode can take effect. - -Signed-off by Chunyan Liu (cyliu@novell.com) - -Index: xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/vnc.c -=================================================================== ---- xen-4.2.0-testing.orig/tools/qemu-xen-traditional-dir-remote/vnc.c -+++ xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/vnc.c -@@ -1440,6 +1440,9 @@ static void key_event(VncState *vs, int - int keycode; - int shift = 0; - -+ if ( sym == 0xffea && keyboard_layout && !strcmp(keyboard_layout,"es") ) -+ sym = 0xffe9; -+ - if (sym >= 'A' && sym <= 'Z' && is_graphic_console()) { - sym = sym - 'A' + 'a'; - shift = 1; diff --git a/bdrv_default_rwflag.patch b/bdrv_default_rwflag.patch deleted file mode 100644 index fae27e9..0000000 --- a/bdrv_default_rwflag.patch +++ /dev/null @@ -1,32 +0,0 @@ -Subject: modify default read/write flag in bdrv_init. -Signed-off by Chunyan Liu - -Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/vl.c -=================================================================== ---- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/vl.c -+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/vl.c -@@ -2626,6 +2626,8 @@ int drive_init(struct drive_opt *arg, in - strncpy(drives_table[nb_drives].serial, serial, sizeof(serial)); - nb_drives++; - -+ bdrv_flags = BDRV_O_RDWR; -+ - switch(type) { - case IF_IDE: - case IF_XEN: -@@ -2639,6 +2641,7 @@ int drive_init(struct drive_opt *arg, in - break; - case MEDIA_CDROM: - bdrv_set_type_hint(bdrv, BDRV_TYPE_CDROM); -+ bdrv_flags &= ~BDRV_O_RDWR; - break; - } - break; -@@ -2659,7 +2662,6 @@ int drive_init(struct drive_opt *arg, in - } - if (!file[0]) - return -2; -- bdrv_flags = 0; - if (snapshot) { - bdrv_flags |= BDRV_O_SNAPSHOT; - cache = 2; /* always use write-back with snapshot */ diff --git a/bdrv_open2_fix_flags.patch b/bdrv_open2_fix_flags.patch deleted file mode 100644 index e3fc2e6..0000000 --- a/bdrv_open2_fix_flags.patch +++ /dev/null @@ -1,129 +0,0 @@ -Index: xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/block.c -=================================================================== ---- xen-4.2.0-testing.orig/tools/qemu-xen-traditional-dir-remote/block.c -+++ xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/block.c -@@ -350,7 +350,7 @@ int bdrv_file_open(BlockDriverState **pb - - int bdrv_open(BlockDriverState *bs, const char *filename, int flags) - { -- return bdrv_open2(bs, filename, flags, NULL); -+ return bdrv_open2(bs, filename, flags|BDRV_O_RDWR, NULL); - } - - int bdrv_open2(BlockDriverState *bs, const char *filename, int flags, -@@ -419,12 +419,13 @@ int bdrv_open2(BlockDriverState *bs, con - } - bs->drv = drv; - bs->opaque = qemu_mallocz(drv->instance_size); -- /* Note: for compatibility, we open disk image files as RDWR, and -- RDONLY as fallback */ - if (!(flags & BDRV_O_FILE)) -- open_flags = (flags & BDRV_O_ACCESS) | (flags & BDRV_O_CACHE_MASK); -+ open_flags = flags; - else - open_flags = flags & ~(BDRV_O_FILE | BDRV_O_SNAPSHOT); -+ if (!(open_flags & BDRV_O_RDWR)) -+ bs->read_only = 1; -+ - ret = drv->bdrv_open(bs, filename, open_flags); - if ((ret == -EACCES || ret == -EPERM) && !(flags & BDRV_O_FILE)) { - ret = drv->bdrv_open(bs, filename, open_flags & ~BDRV_O_RDWR); -Index: xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/hw/usb-msd.c -=================================================================== ---- xen-4.2.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/usb-msd.c -+++ xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/hw/usb-msd.c -@@ -551,7 +551,7 @@ USBDevice *usb_msd_init(const char *file - s = qemu_mallocz(sizeof(MSDState)); - - bdrv = bdrv_new("usb"); -- if (bdrv_open2(bdrv, filename, 0, drv) < 0) -+ if (bdrv_open2(bdrv, filename, BDRV_O_RDWR, drv) < 0) - goto fail; - s->bs = bdrv; - *pbs = bdrv; -Index: xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/qemu-img.c -=================================================================== ---- xen-4.2.0-testing.orig/tools/qemu-xen-traditional-dir-remote/qemu-img.c -+++ xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/qemu-img.c -@@ -32,7 +32,7 @@ - #endif - - /* Default to cache=writeback as data integrity is not important for qemu-tcg. */ --#define BRDV_O_FLAGS BDRV_O_CACHE_WB -+#define BDRV_O_FLAGS BDRV_O_CACHE_WB - - static void QEMU_NORETURN error(const char *fmt, ...) - { -@@ -185,7 +185,7 @@ static int read_password(char *buf, int - #endif - - static BlockDriverState *bdrv_new_open(const char *filename, -- const char *fmt) -+ const char *fmt, int flags) - { - BlockDriverState *bs; - BlockDriver *drv; -@@ -201,7 +201,7 @@ static BlockDriverState *bdrv_new_open(c - } else { - drv = &bdrv_raw; - } -- if (bdrv_open2(bs, filename, BRDV_O_FLAGS, drv) < 0) { -+ if (bdrv_open2(bs, filename, flags, drv) < 0) { - error("Could not open '%s'", filename); - } - if (bdrv_is_encrypted(bs)) { -@@ -253,7 +253,7 @@ static int img_create(int argc, char **a - size = 0; - if (base_filename) { - BlockDriverState *bs; -- bs = bdrv_new_open(base_filename, NULL); -+ bs = bdrv_new_open(base_filename, NULL, BDRV_O_RDWR); - bdrv_get_geometry(bs, &size); - size *= 512; - bdrv_delete(bs); -@@ -332,7 +332,7 @@ static int img_commit(int argc, char **a - } else { - drv = NULL; - } -- if (bdrv_open2(bs, filename, BRDV_O_FLAGS, drv) < 0) { -+ if (bdrv_open2(bs, filename, BDRV_O_RDWR, drv) < 0) { - error("Could not open '%s'", filename); - } - ret = bdrv_commit(bs); -@@ -455,7 +455,8 @@ static int img_convert(int argc, char ** - - total_sectors = 0; - for (bs_i = 0; bs_i < bs_n; bs_i++) { -- bs[bs_i] = bdrv_new_open(argv[optind + bs_i], fmt); -+ bs[bs_i] = bdrv_new_open(argv[optind + bs_i], fmt, -+ BDRV_O_CACHE_WB|BDRV_O_RDONLY); - if (!bs[bs_i]) - error("Could not open '%s'", argv[optind + bs_i]); - bdrv_get_geometry(bs[bs_i], &bs_sectors); -@@ -483,7 +484,7 @@ static int img_convert(int argc, char ** - } - } - -- out_bs = bdrv_new_open(out_filename, out_fmt); -+ out_bs = bdrv_new_open(out_filename, out_fmt, BDRV_O_CACHE_WB|BDRV_O_RDWR); - - bs_i = 0; - bs_offset = 0; -@@ -706,7 +707,7 @@ static int img_info(int argc, char **arg - } else { - drv = NULL; - } -- if (bdrv_open2(bs, filename, BRDV_O_FLAGS, drv) < 0) { -+ if (bdrv_open2(bs, filename, BDRV_O_FLAGS|BDRV_O_RDWR, drv) < 0) { - error("Could not open '%s'", filename); - } - bdrv_get_format(bs, fmt_name, sizeof(fmt_name)); -@@ -810,7 +811,7 @@ static void img_snapshot(int argc, char - if (!bs) - error("Not enough memory"); - -- if (bdrv_open2(bs, filename, 0, NULL) < 0) { -+ if (bdrv_open2(bs, filename, BDRV_O_RDWR, NULL) < 0) { - error("Could not open '%s'", filename); - } - diff --git a/bdrv_open2_flags_2.patch b/bdrv_open2_flags_2.patch deleted file mode 100644 index f173858..0000000 --- a/bdrv_open2_flags_2.patch +++ /dev/null @@ -1,51 +0,0 @@ -Index: xen-4.5.0-testing/tools/qemu-xen-traditional-dir-remote/xenstore.c -=================================================================== ---- xen-4.5.0-testing.orig/tools/qemu-xen-traditional-dir-remote/xenstore.c -+++ xen-4.5.0-testing/tools/qemu-xen-traditional-dir-remote/xenstore.c -@@ -134,7 +134,8 @@ static void insert_media(void *opaque) - else - format = &bdrv_raw; - -- bdrv_open2(bs, media_filename[i], 0, format); -+ /* Temporary BDRV_O_RDWR */ -+ bdrv_open2(bs, media_filename[i], BDRV_O_RDWR, format); - #ifdef CONFIG_STUBDOM - { - char *buf, *backend, *params_path, *params; -@@ -509,7 +510,8 @@ void xenstore_parse_domain_config(int hv - } - - for (i = 0; i < num; i++) { -- format = NULL; /* don't know what the format is yet */ -+ flags = 0; -+ format = NULL; /* don't know what the format is yet */ - /* read the backend path */ - xenstore_get_backend_path(&bpath, "vbd", danger_path, hvm_domid, e_danger[i]); - if (bpath == NULL) -@@ -595,6 +597,17 @@ void xenstore_parse_domain_config(int hv - format = &bdrv_raw; - } - -+ /* read the mode of the device */ -+ if (pasprintf(&buf, "%s/mode", bpath) == -1) -+ continue; -+ free(mode); -+ mode = xs_read(xsh, XBT_NULL, buf, &len); -+ -+ if (!strcmp(mode, "r") || !strcmp(mode, "ro")) -+ flags |= BDRV_O_RDONLY; -+ if (!strcmp(mode, "w") || !strcmp(mode, "rw")) -+ flags |= BDRV_O_RDWR; -+ - #if 0 - /* Phantom VBDs are disabled because the use of paths - * from guest-controlled areas in xenstore is unsafe. -@@ -662,7 +675,7 @@ void xenstore_parse_domain_config(int hv - #ifdef CONFIG_STUBDOM - if (pasprintf(&danger_buf, "%s/device/vbd/%s", danger_path, e_danger[i]) == -1) - continue; -- if (bdrv_open2(bs, danger_buf, BDRV_O_CACHE_WB /* snapshot and write-back */, &bdrv_raw) == 0) { -+ if (bdrv_open2(bs, danger_buf, flags|BDRV_O_CACHE_WB /* snapshot and write-back */, &bdrv_raw) == 0) { - if (pasprintf(&buf, "%s/params", bpath) == -1) - continue; - free(params); diff --git a/blktap.patch b/blktap.patch deleted file mode 100644 index b44e8d6..0000000 --- a/blktap.patch +++ /dev/null @@ -1,42 +0,0 @@ -bug #239173 -bug #242953 - -Index: xen-4.6.0-testing/tools/qemu-xen-traditional-dir-remote/xenstore.c -=================================================================== ---- xen-4.6.0-testing.orig/tools/qemu-xen-traditional-dir-remote/xenstore.c -+++ xen-4.6.0-testing/tools/qemu-xen-traditional-dir-remote/xenstore.c -@@ -447,9 +447,9 @@ void xenstore_parse_domain_config(int hv - { - char **e_danger = NULL; - char *buf = NULL; -- char *fpath = NULL, *bpath = NULL, -+ char *fpath = NULL, *bpath = NULL, *btype = NULL, - *dev = NULL, *params = NULL, *drv = NULL; -- int i, ret; -+ int i, ret, is_tap; - unsigned int len, num, hd_index, pci_devid = 0; - BlockDriverState *bs; - BlockDriver *format; -@@ -486,6 +486,14 @@ void xenstore_parse_domain_config(int hv - e_danger[i]); - if (bpath == NULL) - continue; -+ /* check to see if type is tap or not */ -+ if (pasprintf(&buf, "%s/type", bpath) == -1) -+ continue; -+ free(btype); -+ btype = xs_read(xsh, XBT_NULL, buf, &len); -+ if (btype == NULL) -+ continue; -+ is_tap = !strncmp(btype, "tap", 3); - /* read the name of the device */ - if (pasprintf(&buf, "%s/dev", bpath) == -1) - continue; -@@ -760,6 +768,7 @@ void xenstore_parse_domain_config(int hv - free(mode); - free(params); - free(dev); -+ free(btype); - free(bpath); - free(buf); - free(danger_buf); diff --git a/blktap2-no-uninit.patch b/blktap2-no-uninit.patch deleted file mode 100644 index b362fa9..0000000 --- a/blktap2-no-uninit.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- xen-4.5.0-testing/tools/blktap2/drivers/Makefile.orig 2015-04-08 11:25:54.974241326 +0200 -+++ xen-4.5.0-testing/tools/blktap2/drivers/Makefile 2015-04-08 11:26:10.150411238 +0200 -@@ -11,6 +11,7 @@ - - CFLAGS += -Werror - CFLAGS += -Wno-unused -+CFLAGS += -Wno-error=array-bounds - CFLAGS += -fno-strict-aliasing - CFLAGS += -I$(BLKTAP_ROOT)/include -I$(BLKTAP_ROOT)/drivers - CFLAGS += $(CFLAGS_libxenctrl) diff --git a/block-dmmd b/block-dmmd index f9cfb67..7694778 100644 --- a/block-dmmd +++ b/block-dmmd @@ -2,20 +2,34 @@ # Usage: block-dmmd [add args | remove args] # -# the dmmd device syntax (in xm/xl commands/configs) is something like: -# dmmd:md;/dev/md0;md;/dev/md1;lvm;/dev/vg1/lv1 +# the dmmd device syntax (in xl commands/configs) is something like: +# script=block-dmmd,md;/dev/md0;md;/dev/md1;lvm;/dev/vg1/lv1 # or -# dmmd:lvm;/dev/vg1/lv1;lvm;/dev/vg1/lv2;md;/dev/md0 +# script=block-dmmd,lvm;/dev/vg1/lv1;lvm;/dev/vg1/lv2;md;/dev/md0 # device pairs (type;dev) are processed in order, with the last device # assigned to the VM # +# Note - When using the libxl stack, the "script=block-dmmd" option +# is required. See man xl-disk-configuration(5) for more information. +# # md devices can optionally: # specify a config file through: # md;/dev/md100(/var/xen/config/mdadm.conf) # use an array name (mdadm -N option): -# dmmd:md;My-MD-name;lvm;/dev/vg1/lv1 +# md;My-MD-name;lvm;/dev/vg1/lv1 # +# Completely expressive syntax should be similar to: +# "format=raw, vdev=xvdb, access=rw, script=block-dmmd, \ +# target=md;/dev/md0(/etc/mdadm.conf);lvm;/dev/vg1/lv1" +# +## # History: +# 2017-07-10, mlatimer@suse.com: +# Modification to use syslog for progress messages by ldevulder@suse.com +# 2017-06-12, mlatimer@suse.com: +# Merge LVM improvements by loic.devulder@mpsa.com +# Document libxl "script=block-dmmd" syntax in examples +# Remove xm/xend references (e.g. parsed_timeout from xend-config.sxp) # 2016-05-27, mlatimer@suse.com: # Merge improvements by loic.devulder@mpsa.com. Highlights include: # - Re-write and simplification to speed up the script! @@ -51,16 +65,27 @@ typeset -rx LVCHANGE_BIN=/sbin/lvchange typeset -rx PVSCAN_BIN=/sbin/pvscan typeset -rx VGSCAN_BIN=/sbin/vgscan typeset -rx VGCHANGE_BIN=/sbin/vgchange -typeset -rx DATE_LOG="date +%F_%T.%N" +typeset -rx CLVMD_BIN=/usr/sbin/clvmd typeset -rx DATE_SEC="date +%s" -# Uncomment for debugging purposes -# exec >> /tmp/block-dmmd-$(${DATE_LOG}).log 2>&1 -# echo shell-flags: $- - # We check for errors ourselves set +e +function reload_clvm() +{ + # If we are in cluster mode + if ps -e | grep -q [c]lvmd 2>/dev/null; then + # Logging message + log info "Synchronizing cLVM..." + + # Synchronize cLVM + ${CLVMD_BIN} -R > /dev/null 2>&1 \ + || return 1 + fi + + return 0 +} + function run_mdadm() { local mdadm_cmd=$1 @@ -114,25 +139,26 @@ function activate_md() fi # Logging message - echo "[$(${DATE_LOG})] activate MD device ${dev}..." >&2 + log info "Activating MD device ${dev}..." # Is MD device already active? # We need to use full path name, aliase is not possible... - if [ -e $dev_path/${dev##*/} ]; then - ${MDADM_BIN} -Q -D $dev_path/${dev##*/} 2>/dev/null \ + if [ -e ${dev_path}/${dev##*/} ]; then + ${MDADM_BIN} -Q -D ${dev_path}/${dev##*/} 2>/dev/null \ | grep -iq state.*\:.*inactive || return 0 fi # Activate MD device run_mdadm "-A ${mdadm_opts} ${dev} ${cfg}" rc=$? + # A return code of 2 can indicate the array configuration was incorrect if [[ ${rc} == 2 ]]; then # Logging message - echo "[$(${DATE_LOG})] verifying MD device ${dev} activation..." >&2 + log info "Verifying MD device ${dev} activation..." # If the array is active, return 0, otherwise return an error - ${MDADM_BIN} -Q -D $dev_path/${dev##*/} &>/dev/null && return 0 \ + ${MDADM_BIN} -Q -D ${dev_path}/${dev##*/} &>/dev/null && return 0 \ || return 1 fi @@ -159,7 +185,7 @@ function deactivate_md() fi # Logging message - echo "[$(${DATE_LOG})] deactivate MD device ${dev}..." >&2 + log info "Deactivating MD device ${dev}..." # We need the device name only while deactivating ${MDADM_BIN} -S ${dev_path}/${dev##*/} > /dev/null 2>&1 @@ -167,46 +193,52 @@ function deactivate_md() return $? } -function activate_lvm() +function lvm_action() { + local action=$1 + local dev=$2 local run_timeout=90 - local parsed_timeout local end_time - # If /etc/xen/xend-config.sxp exists (e.g. SLES11), use - # device-create-timeout, instead of the default setting - if [[ -f /etc/xen/xend-config.sxp ]]; then - parsed_timeout=$(grep -v "^[ \t]*#.*" /etc/xen/xend-config.sxp \ - |sed -n 's/(device-create-timeout \+\([0-9]\+\))/\1/p') - if [[ ! -z $parsed_timeout ]]; then - run_timeout=$((${parsed_timeout}*9/10)) - fi - fi - - # First scan for PVs and VGs - # We need this for using MD device as PV - ${PVSCAN_BIN} > /dev/null 2>&1 -# ${VGSCAN_BIN} --mknodes > /dev/null 2>&1 - # Logging message - echo "[$(${DATE_LOG})] activate LVM device ${dev}..." >&2 + log info "${action} LVM device ${dev}..." # Set end_time for the loop (( end_time = $(${DATE_SEC}) + run_timeout )) while true; do - ${LVCHANGE_BIN} -aey $1 > /dev/null 2>&1 + # Action depends of what the user asks + if [[ ${action} == activate ]]; then + # First scan for PVs and VGs + # We need this for using MD device as PV + ${PVSCAN_BIN} > /dev/null 2>&1 - if [ $? -eq 0 -a -e $1 ]; then - return 0 + ${LVCHANGE_BIN} -aey ${dev} > /dev/null 2>&1 \ + && [[ -e ${dev} ]] \ + && return 0 + elif [[ ${action} == deactivate ]]; then + ${LVCHANGE_BIN} -aen ${dev} > /dev/null 2>&1 \ + && return 0 + + # If the LV is already deactivated we may be in an infinite loop + # So we need to test if the LV is still present + [[ -e ${dev} ]] || return 0 fi - sleep 0.1 + # It seems that we had a problem during lvchange + # If we are in a cluster the problem may be due to a cLVM locking bug, + # so try to reload it + reload_clvm + # If it takes too long we need to return an error if (( $(${DATE_SEC}) >= end_time )); then - log err "Failed to activate $1 within ${run_timeout} seconds" + log err "Failed to ${action} $1 within ${run_timeout} seconds" return 1 fi + + # Briefly sleep before restarting the loop + sleep 0.1 + done # Normally we should not get here, but if this happens @@ -214,23 +246,6 @@ function activate_lvm() return 1 } -function deactivate_lvm() -{ - # Logging message - echo "[$(${DATE_LOG})] deactivate LVM device ${dev}..." >&2 - - ${LVCHANGE_BIN} -aen $1 > /dev/null 2>&1 - - if [ $? -eq 0 ]; then - # We may have to deactivate the VG now, but can ignore errors: -# ${VGCHANGE_BIN} -an ${1%/*} || : - # Maybe we need to cleanup the LVM cache: -# ${VGSCAN_BIN} --mknodes || : - return 0 - fi - return 1 -} - # Variables typeset command=$1 typeset BP=100 @@ -265,7 +280,7 @@ function activate_dmmd() return $? ;; "lvm") - activate_lvm $2 + lvm_action activate $2 return $? ;; esac @@ -283,7 +298,7 @@ function deactivate_dmmd() return $? ;; "lvm") - deactivate_lvm $2 + lvm_action deactivate $2 return $? ;; esac diff --git a/build-python3-conversion.patch b/build-python3-conversion.patch new file mode 100644 index 0000000..76e3240 --- /dev/null +++ b/build-python3-conversion.patch @@ -0,0 +1,138 @@ +Index: xen-4.19.0-testing/Config.mk +=================================================================== +--- xen-4.19.0-testing.orig/Config.mk ++++ xen-4.19.0-testing/Config.mk +@@ -77,7 +77,7 @@ EXTRA_INCLUDES += $(EXTRA_PREFIX)/includ + EXTRA_LIB += $(EXTRA_PREFIX)/lib + endif + +-PYTHON ?= python ++PYTHON ?= python3 + PYTHON_PREFIX_ARG ?= --prefix="$(prefix)" + # The above requires that prefix contains *no spaces*. This variable is here + # to permit the user to set PYTHON_PREFIX_ARG to '' to workaround this bug: +Index: xen-4.19.0-testing/tools/configure +=================================================================== +--- xen-4.19.0-testing.orig/tools/configure ++++ xen-4.19.0-testing/tools/configure +@@ -8297,15 +8297,15 @@ if test x"${PYTHONPATH}" = x"no" + then + as_fn_error $? "Unable to find $PYTHON, please install $PYTHON" "$LINENO" 5 + fi +-{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for python version >= 2.7 " >&5 +-printf %s "checking for python version >= 2.7 ... " >&6; } +-`$PYTHON -c 'import sys; sys.exit(eval("sys.version_info < (2, 7)"))'` ++{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for python version >= 3.0 " >&5 ++printf %s "checking for python version >= 3.0 ... " >&6; } ++`$PYTHON -c 'import sys; sys.exit(eval("sys.version_info < (3, 0)"))'` + if test "$?" != "0" + then + python_version=`$PYTHON -V 2>&1` + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 + printf "%s\n" "no" >&6; } +- as_fn_error $? "$python_version is too old, minimum required version is 2.7" "$LINENO" 5 ++ as_fn_error $? "$python_version is too old, minimum required version is 3.0" "$LINENO" 5 + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 + printf "%s\n" "yes" >&6; } +Index: xen-4.19.0-testing/tools/libs/light/idl.py +=================================================================== +--- xen-4.19.0-testing.orig/tools/libs/light/idl.py ++++ xen-4.19.0-testing/tools/libs/light/idl.py +@@ -271,7 +271,7 @@ class KeyedUnion(Aggregate): + if not isinstance(keyvar_type, Enumeration): + raise ValueError + +- kv_kwargs = dict([(x.lstrip('keyvar_'),y) for (x,y) in kwargs.items() if x.startswith('keyvar_')]) ++ kv_kwargs = dict([(x.lstrip('keyvar_'),y) for (x,y) in list(kwargs.items()) if x.startswith('keyvar_')]) + + self.keyvar = Field(keyvar_type, keyvar_name, **kv_kwargs) + +@@ -317,7 +317,7 @@ class Array(Type): + kwargs.setdefault('json_parse_type', 'JSON_ARRAY') + Type.__init__(self, namespace=elem_type.namespace, typename=elem_type.rawname + " *", **kwargs) + +- lv_kwargs = dict([(x.lstrip('lenvar_'),y) for (x,y) in kwargs.items() if x.startswith('lenvar_')]) ++ lv_kwargs = dict([(x.lstrip('lenvar_'),y) for (x,y) in list(kwargs.items()) if x.startswith('lenvar_')]) + + self.lenvar = Field(integer, lenvar_name, **lv_kwargs) + self.elem_type = elem_type +@@ -353,7 +353,7 @@ def parse(f): + globs = {} + locs = OrderedDict() + +- for n,t in globals().items(): ++ for n,t in list(globals().items()): + if isinstance(t, Type): + globs[n] = t + elif isinstance(t,type(object)) and issubclass(t, Type): +Index: xen-4.19.0-testing/tools/libs/light/gentest.py +=================================================================== +--- xen-4.19.0-testing.orig/tools/libs/light/gentest.py ++++ xen-4.19.0-testing/tools/libs/light/gentest.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/python ++#!/usr/bin/python3 + + from __future__ import print_function + +Index: xen-4.19.0-testing/tools/libs/light/gentypes.py +=================================================================== +--- xen-4.19.0-testing.orig/tools/libs/light/gentypes.py ++++ xen-4.19.0-testing/tools/libs/light/gentypes.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/python ++#!/usr/bin/python3 + + from __future__ import print_function + +Index: xen-4.19.0-testing/tools/include/xen-foreign/mkheader.py +=================================================================== +--- xen-4.19.0-testing.orig/tools/include/xen-foreign/mkheader.py ++++ xen-4.19.0-testing/tools/include/xen-foreign/mkheader.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/python ++#!/usr/bin/python3 + + from __future__ import print_function + +Index: xen-4.19.0-testing/tools/include/xen-foreign/mkchecker.py +=================================================================== +--- xen-4.19.0-testing.orig/tools/include/xen-foreign/mkchecker.py ++++ xen-4.19.0-testing/tools/include/xen-foreign/mkchecker.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/python ++#!/usr/bin/python3 + + import sys; + from structs import structs, compat_arches; +Index: xen-4.19.0-testing/xen/tools/gen-cpuid.py +=================================================================== +--- xen-4.19.0-testing.orig/xen/tools/gen-cpuid.py ++++ xen-4.19.0-testing/xen/tools/gen-cpuid.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/python3 + # -*- coding: utf-8 -*- + + import sys, os, re +Index: xen-4.19.0-testing/xen/tools/compat-build-source.py +=================================================================== +--- xen-4.19.0-testing.orig/xen/tools/compat-build-source.py ++++ xen-4.19.0-testing/xen/tools/compat-build-source.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/python3 + + import re,sys + +Index: xen-4.19.0-testing/xen/tools/compat-build-header.py +=================================================================== +--- xen-4.19.0-testing.orig/xen/tools/compat-build-header.py ++++ xen-4.19.0-testing/xen/tools/compat-build-header.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/python3 + + import re,sys + diff --git a/capslock_enable.patch b/capslock_enable.patch deleted file mode 100644 index 796c79c..0000000 --- a/capslock_enable.patch +++ /dev/null @@ -1,16 +0,0 @@ -Index: xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/vnc.c -=================================================================== ---- xen-4.2.0-testing.orig/tools/qemu-xen-traditional-dir-remote/vnc.c -+++ xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/vnc.c -@@ -1329,6 +1329,11 @@ static void do_key_event(VncState *vs, i - } - break; - case 0x3a: /* CapsLock */ -+ if(!down){ -+ vs->modifiers_state[keycode] ^= 1; -+ kbd_put_keycode(keycode | 0x80); -+ } -+ return; - case 0x45: /* NumLock */ - if (down) { - kbd_put_keycode(keycode & 0x7f); diff --git a/cdrom-removable.patch b/cdrom-removable.patch deleted file mode 100644 index b4c5917..0000000 --- a/cdrom-removable.patch +++ /dev/null @@ -1,97 +0,0 @@ -Index: xen-4.6.0-testing/tools/qemu-xen-traditional-dir-remote/xenstore.c -=================================================================== ---- xen-4.6.0-testing.orig/tools/qemu-xen-traditional-dir-remote/xenstore.c -+++ xen-4.6.0-testing/tools/qemu-xen-traditional-dir-remote/xenstore.c -@@ -18,6 +18,7 @@ - #include "exec-all.h" - #include "sysemu.h" - -+#include "console.h" - #include "hw.h" - #include "pci.h" - #include "qemu-timer.h" -@@ -604,6 +605,21 @@ void xenstore_parse_domain_config(int hv - #endif - - bs = bdrv_new(dev); -+ -+ /* if cdrom physical put a watch on media-present */ -+ if (bdrv_get_type_hint(bs) == BDRV_TYPE_CDROM) { -+ if (drv && !strcmp(drv, "phy")) { -+ if (pasprintf(&buf, "%s/media-present", bpath) != -1) { -+ if (bdrv_is_inserted(bs)) -+ xs_write(xsh, XBT_NULL, buf, "1", strlen("1")); -+ else { -+ xs_write(xsh, XBT_NULL, buf, "0", strlen("0")); -+ } -+ xs_watch(xsh, buf, "media-present"); -+ } -+ } -+ } -+ - /* check if it is a cdrom */ - if (danger_type && !strcmp(danger_type, "cdrom")) { - bdrv_set_type_hint(bs, BDRV_TYPE_CDROM); -@@ -1083,6 +1099,50 @@ static void xenstore_process_vcpu_set_ev - return; - } - -+static void xenstore_process_media_change_event(char **vec) -+{ -+ char *media_present = NULL; -+ unsigned int len; -+ -+ media_present = xs_read(xsh, XBT_NULL, vec[XS_WATCH_PATH], &len); -+ -+ if (media_present) { -+ BlockDriverState *bs; -+ char *buf = NULL, *cp = NULL, *path = NULL, *dev = NULL; -+ -+ path = strdup(vec[XS_WATCH_PATH]); -+ cp = strstr(path, "media-present"); -+ if (cp){ -+ *(cp-1) = '\0'; -+ pasprintf(&buf, "%s/dev", path); -+ dev = xs_read(xsh, XBT_NULL, buf, &len); -+ if (dev) { -+ if ( !strncmp(dev, "xvd", 3)) { -+ memmove(dev, dev+1, strlen(dev)); -+ dev[0] = 'h'; -+ dev[1] = 'd'; -+ } -+ bs = bdrv_find(dev); -+ if (!bs) { -+ term_printf("device not found\n"); -+ return; -+ } -+ if (strcmp(media_present, "0") == 0 && bs) { -+ bdrv_close(bs); -+ } -+ else if (strcmp(media_present, "1") == 0 && -+ bs != NULL && bs->drv == NULL) { -+ if (bdrv_open(bs, bs->filename, 0 /* snapshot */) < 0) { -+ fprintf(logfile, "%s() qemu: could not open cdrom disk '%s'\n", -+ __func__, bs->filename); -+ } -+ bs->media_changed = 1; -+ } -+ } -+ } -+ } -+} -+ - void xenstore_process_event(void *opaque) - { - char **vec, *offset, *bpath = NULL, *buf = NULL, *drv = NULL, *image = NULL; -@@ -1118,6 +1178,11 @@ void xenstore_process_event(void *opaque - xenstore_watch_callbacks[i].cb(vec[XS_WATCH_TOKEN], - xenstore_watch_callbacks[i].opaque); - -+ if (!strcmp(vec[XS_WATCH_TOKEN], "media-present")) { -+ xenstore_process_media_change_event(vec); -+ goto out; -+ } -+ - hd_index = drive_name_to_index(vec[XS_WATCH_TOKEN]); - if (hd_index == -1) { - fprintf(stderr,"medium change watch on `%s' -" diff --git a/hibernate.patch b/hibernate.patch index 047ea4a..4eab8da 100644 --- a/hibernate.patch +++ b/hibernate.patch @@ -1,8 +1,8 @@ -Index: xen-4.6.0-testing/tools/firmware/hvmloader/acpi/ssdt_s3.asl +Index: xen-4.18.0-testing/tools/libacpi/ssdt_s3.asl =================================================================== ---- xen-4.6.0-testing.orig/tools/firmware/hvmloader/acpi/ssdt_s3.asl -+++ xen-4.6.0-testing/tools/firmware/hvmloader/acpi/ssdt_s3.asl -@@ -19,13 +19,9 @@ +--- xen-4.18.0-testing.orig/tools/libacpi/ssdt_s3.asl ++++ xen-4.18.0-testing/tools/libacpi/ssdt_s3.asl +@@ -7,13 +7,9 @@ DefinitionBlock ("SSDT_S3.aml", "SSDT", 2, "Xen", "HVM", 0) { @@ -20,11 +20,11 @@ Index: xen-4.6.0-testing/tools/firmware/hvmloader/acpi/ssdt_s3.asl + */ } -Index: xen-4.6.0-testing/tools/firmware/hvmloader/acpi/ssdt_s4.asl +Index: xen-4.18.0-testing/tools/libacpi/ssdt_s4.asl =================================================================== ---- xen-4.6.0-testing.orig/tools/firmware/hvmloader/acpi/ssdt_s4.asl -+++ xen-4.6.0-testing/tools/firmware/hvmloader/acpi/ssdt_s4.asl -@@ -19,13 +19,9 @@ +--- xen-4.18.0-testing.orig/tools/libacpi/ssdt_s4.asl ++++ xen-4.18.0-testing/tools/libacpi/ssdt_s4.asl +@@ -7,13 +7,9 @@ DefinitionBlock ("SSDT_S4.aml", "SSDT", 2, "Xen", "HVM", 0) { diff --git a/ignore-ip-command-script-errors.patch b/ignore-ip-command-script-errors.patch new file mode 100644 index 0000000..76a632a --- /dev/null +++ b/ignore-ip-command-script-errors.patch @@ -0,0 +1,54 @@ +References: bsc#1172356 +The bug is that virt-manager reports a failure when in fact +the host and guest have added the network interface. The Xen +scripts are failing with an error when in fact that command +is succeeding. + +The 'ip' commands seem to abort the script due to a 'set -e' in +xen-script-common.sh with what appears to be an error condition. +However, the command actually succeeds when checked from the +host console or also by inserting a sleep before each ip command +and executing it manually at the command line. This seems to be +an artifact of using 'set -e' everywhere. + +Index: xen-4.15.0-testing/tools/hotplug/Linux/xen-network-common.sh +=================================================================== +--- xen-4.15.0-testing.orig/tools/hotplug/Linux/xen-network-common.sh ++++ xen-4.15.0-testing/tools/hotplug/Linux/xen-network-common.sh +@@ -90,7 +90,7 @@ _setup_bridge_port() { + local virtual="$2" + + # take interface down ... +- ip link set dev ${dev} down ++ (ip link set dev ${dev} down || true) + + if [ $virtual -ne 0 ] ; then + # Initialise a dummy MAC address. We choose the numerically +@@ -101,7 +101,7 @@ _setup_bridge_port() { + fi + + # ... and configure it +- ip address flush dev ${dev} ++ (ip address flush dev ${dev} || true) + } + + setup_physical_bridge_port() { +@@ -136,15 +136,15 @@ add_to_bridge () { + if [ ! -e "/sys/class/net/${bridge}/brif/${dev}" ]; then + log debug "adding $dev to bridge $bridge" + if which brctl >&/dev/null; then +- brctl addif ${bridge} ${dev} ++ (brctl addif ${bridge} ${dev} || true) + else +- ip link set ${dev} master ${bridge} ++ (ip link set ${dev} master ${bridge} || true) + fi + else + log debug "$dev already on bridge $bridge" + fi + +- ip link set dev ${dev} up ++ (ip link set dev ${dev} up || true) + } + + remove_from_bridge () { diff --git a/init.xen_loop b/init.xen_loop deleted file mode 100644 index a2fca04..0000000 --- a/init.xen_loop +++ /dev/null @@ -1,2 +0,0 @@ -# Increase the number of loopback devices available for vm creation -options loop max_loop=64 diff --git a/ioemu-7615-qcow2-fix-alloc_cluster_link_l2.patch b/ioemu-7615-qcow2-fix-alloc_cluster_link_l2.patch deleted file mode 100644 index 99e520b..0000000 --- a/ioemu-7615-qcow2-fix-alloc_cluster_link_l2.patch +++ /dev/null @@ -1,32 +0,0 @@ -qcow2 corruption: Fix alloc_cluster_link_l2 (Kevin Wolf) - -This patch fixes a qcow2 corruption bug introduced in SVN Rev 5861. L2 tables -are big endian, so entries must be converted before being passed to functions. - -This bug is easy to trigger. The following script will create and destroy a -qcow2 image (the header is gone after three loop iterations): - - #!/bin/bash - qemu-img create -f qcow2 test.qcow 1M - for i in $(seq 1 10); do - qemu-system-x86_64 -hda test.qcow -monitor stdio > /dev/null 2>&1 < - -Index: xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/block-qcow2.c -=================================================================== ---- xen-4.2.0-testing.orig/tools/qemu-xen-traditional-dir-remote/block-qcow2.c -+++ xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/block-qcow2.c -@@ -916,7 +916,7 @@ static int alloc_cluster_link_l2(BlockDr - goto err; - - for (i = 0; i < j; i++) -- free_any_clusters(bs, old_cluster[i], 1); -+ free_any_clusters(bs, be64_to_cpu(old_cluster[i]) & ~QCOW_OFLAG_COPIED, 1); - - ret = 0; - err: diff --git a/ioemu-disable-emulated-ide-if-pv.patch b/ioemu-disable-emulated-ide-if-pv.patch deleted file mode 100644 index 789c5bd..0000000 --- a/ioemu-disable-emulated-ide-if-pv.patch +++ /dev/null @@ -1,76 +0,0 @@ -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/qemu-xen.h -=================================================================== ---- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/qemu-xen.h -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/qemu-xen.h -@@ -1,6 +1,8 @@ - #ifndef QEMU_XEN_H - #define QEMU_XEN_H - -+#include "hw/boards.h" -+ - /* vl.c */ - extern int restore; - extern int vga_ram_size; -@@ -65,7 +67,7 @@ void handle_buffered_pio(void); - /* xenstore.c */ - void xenstore_init(void); - uint32_t xenstore_read_target(void); --void xenstore_parse_domain_config(int domid); -+void xenstore_parse_domain_config(int domid, QEMUMachine *machine); - int xenstore_parse_disable_pf_config(void); - int xenstore_fd(void); - void xenstore_process_event(void *opaque); -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/vl.c -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c -@@ -5907,9 +5907,9 @@ int main(int argc, char **argv, char **e - if ((msg = xenbus_read(XBT_NIL, "domid", &domid_s))) - fprintf(stderr,"Can not read our own domid: %s\n", msg); - else -- xenstore_parse_domain_config(atoi(domid_s)); -+ xenstore_parse_domain_config(atoi(domid_s), machine); - #else -- xenstore_parse_domain_config(domid); -+ xenstore_parse_domain_config(domid, machine); - #endif /* CONFIG_STUBDOM */ - } - -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/xenstore.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/xenstore.c -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/xenstore.c -@@ -445,7 +445,7 @@ void xenstore_init(void) - } - } - --void xenstore_parse_domain_config(int hvm_domid) -+void xenstore_parse_domain_config(int hvm_domid, QEMUMachine *machine) - { - char **e_danger = NULL; - char *buf = NULL; -@@ -739,11 +739,19 @@ void xenstore_parse_domain_config(int hv - - #endif - -- drives_table[nb_drives].bdrv = bs; -- drives_table[nb_drives].used = 1; -- media_filename[nb_drives] = strdup(bs->filename); -- nb_drives++; -- -+ if (machine == &xenfv_machine) { -+ drives_table[nb_drives].bdrv = bs; -+ drives_table[nb_drives].used = 1; -+#ifdef CONFIG_STUBDOM -+ media_filename[nb_drives] = strdup(danger_buf); -+#else -+ media_filename[nb_drives] = strdup(bs->filename); -+#endif -+ nb_drives++; -+ } else { -+ qemu_aio_flush(); -+ bdrv_close(bs); -+ } - } - - #ifdef CONFIG_STUBDOM diff --git a/ioemu-disable-scsi.patch b/ioemu-disable-scsi.patch deleted file mode 100644 index eced8c5..0000000 --- a/ioemu-disable-scsi.patch +++ /dev/null @@ -1,98 +0,0 @@ ---- - tools/qemu-xen-traditional-dir-remote/hw/pci.c | 44 ++++++++++++++++ - tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c | 2 - tools/qemu-xen-traditional-dir-remote/qemu-xen.h | 1 - 3 files changed, 47 insertions(+) - -Index: xen-4.4.0-testing/tools/qemu-xen-traditional-dir-remote/hw/pci.c -=================================================================== ---- xen-4.4.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/pci.c -+++ xen-4.4.0-testing/tools/qemu-xen-traditional-dir-remote/hw/pci.c -@@ -871,6 +871,50 @@ void pci_unplug_netifs(void) - } - } - -+void pci_unplug_scsi(void) -+{ -+ PCIBus *bus; -+ PCIDevice *dev; -+ PCIIORegion *region; -+ int x; -+ int i; -+ -+ /* We only support one PCI bus */ -+ for (bus = first_bus; bus; bus = NULL) { -+ for (x = 0; x < 256; x++) { -+ dev = bus->devices[x]; -+ if (dev && -+ dev->config[0xa] == 0 && -+ dev->config[0xb] == 1 -+#ifdef CONFIG_PASSTHROUGH -+ && test_pci_devfn(x) != 1 -+#endif -+ ) { -+ /* Found a scsi disk. Remove it from the bus. Note that -+ we don't free it here, since there could still be -+ references to it floating around. There are only -+ ever one or two structures leaked, and it's not -+ worth finding them all. */ -+ bus->devices[x] = NULL; -+ for (i = 0; i < PCI_NUM_REGIONS; i++) { -+ region = &dev->io_regions[i]; -+ if (region->addr == (uint32_t)-1 || -+ region->size == 0) -+ continue; -+ fprintf(logfile, "region type %d at [%x,%x).\n", -+ region->type, region->addr, -+ region->addr+region->size); -+ if (region->type == PCI_ADDRESS_SPACE_IO) { -+ isa_unassign_ioport(region->addr, region->size); -+ } else if (region->type == PCI_ADDRESS_SPACE_MEM) { -+ unregister_iomem(region->addr); -+ } -+ } -+ } -+ } -+ } -+} -+ - typedef struct { - PCIDevice dev; - PCIBus *bus; -Index: xen-4.4.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c -=================================================================== ---- xen-4.4.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c -+++ xen-4.4.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c -@@ -156,8 +156,10 @@ static void platform_fixed_ioport_write2 - /* Unplug devices. Value is a bitmask of which devices to - unplug, with bit 0 the IDE devices, bit 1 the network - devices, and bit 2 the non-primary-master IDE devices. */ -- if (val & UNPLUG_ALL_IDE_DISKS) -+ if (val & UNPLUG_ALL_IDE_DISKS) { - ide_unplug_harddisks(); -+ pci_unplug_scsi(); -+ } - if (val & UNPLUG_ALL_NICS) { - pci_unplug_netifs(); - net_tap_shutdown_all(); -@@ -364,6 +364,8 @@ static void suse_platform_ioport_write(v - * If it controlled just disk or just LAN, it would use 8 below. */ - fprintf(logfile, "Disconnect IDE hard disk...\n"); - ide_unplug_harddisks(); -+ fprintf(logfile, "Disconnect SCSI hard disk...\n"); -+ pci_unplug_scsi(); - fprintf(logfile, "Disconnect netifs...\n"); - pci_unplug_netifs(); - fprintf(logfile, "Shutdown taps...\n"); -Index: xen-4.4.0-testing/tools/qemu-xen-traditional-dir-remote/qemu-xen.h -=================================================================== ---- xen-4.4.0-testing.orig/tools/qemu-xen-traditional-dir-remote/qemu-xen.h -+++ xen-4.4.0-testing/tools/qemu-xen-traditional-dir-remote/qemu-xen.h -@@ -47,6 +47,7 @@ void unset_vram_mapping(void *opaque); - #endif - - void pci_unplug_netifs(void); -+void pci_unplug_scsi(void); - void destroy_hvm_domain(void); - void unregister_iomem(target_phys_addr_t start); - diff --git a/ioemu-hvm-pv-support.patch b/ioemu-hvm-pv-support.patch deleted file mode 100644 index fdbe136..0000000 --- a/ioemu-hvm-pv-support.patch +++ /dev/null @@ -1,84 +0,0 @@ ---- - tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c | 46 ++++++++++++++++ - 1 file changed, 46 insertions(+) - -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/xen-hooks.mak -=================================================================== ---- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/xen-hooks.mak -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/xen-hooks.mak -@@ -2,6 +2,9 @@ CPPFLAGS+= -I$(XEN_ROOT)/tools/libs/tool - CPPFLAGS+= -I$(XEN_ROOT)/tools/libs/evtchn/include - CPPFLAGS+= -I$(XEN_ROOT)/tools/libs/gnttab/include - CPPFLAGS+= -DXC_WANT_COMPAT_MAP_FOREIGN_API -+CPPFLAGS+= -I$(XEN_ROOT)/tools/libxc -+CPPFLAGS+= -I$(XEN_ROOT)/tools/libs/call/include -+CPPFLAGS+= -I$(XEN_ROOT)/tools/libs/foreignmemory/include - CPPFLAGS+= -I$(XEN_ROOT)/tools/libxc/include - CPPFLAGS+= -I$(XEN_ROOT)/tools/xenstore/include - CPPFLAGS+= -I$(XEN_ROOT)/tools/include -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c -@@ -30,6 +30,8 @@ - #include "qemu-xen.h" - #include "net.h" - #include "xen_platform.h" -+#include "sysemu.h" -+#include - - #include - #include -@@ -335,8 +337,52 @@ static void xen_platform_ioport_writeb(v - } - } - -+static uint32_t ioport_base; -+ -+static void suse_platform_ioport_write(void *opaque, uint32_t addr, uint32_t val) -+{ -+ DECLARE_DOMCTL; -+ int rc; -+ -+ if (val == 0) -+ qemu_invalidate_map_cache(); -+ -+ switch (addr - ioport_base) { -+ case 0: -+ /* FIXME Unknown who makes use of this code! */ -+ fprintf(logfile, "Init hypercall page %x, addr %x.\n", val, addr); -+ domctl.domain = (domid_t)domid; -+ domctl.u.hypercall_init.gmfn = val; -+ domctl.cmd = XEN_DOMCTL_hypercall_init; -+ rc = xc_domctl(xc_handle, &domctl); -+ fprintf(logfile, "result -> %d.\n", rc); -+ break; -+ case 4: -+ /* xen-kmp used this since xen-3.0.4, instead the official protocol from xen-3.3+ -+ * pre vmdp 1.7 made use of 4 and 8 depending on how vmdp was configured. -+ * If vmdp was to control both disk and LAN it would use 4. -+ * If it controlled just disk or just LAN, it would use 8 below. */ -+ fprintf(logfile, "Disconnect IDE hard disk...\n"); -+ ide_unplug_harddisks(); -+ fprintf(logfile, "Disconnect netifs...\n"); -+ pci_unplug_netifs(); -+ fprintf(logfile, "Shutdown taps...\n"); -+ net_tap_shutdown_all(); -+ fprintf(logfile, "Done.\n"); -+ break; -+ default: -+ fprintf(logfile, "Write %x to bad port %x (base %x) on evtchn device.\n", -+ val, addr, ioport_base); -+ break; -+ } -+} -+ - static void platform_ioport_map(PCIDevice *pci_dev, int region_num, uint32_t addr, uint32_t size, int type) - { -+ ioport_base = addr; -+ -+ register_ioport_write(addr, 16, 4, suse_platform_ioport_write, NULL); -+ - PCIXenPlatformState *d = (PCIXenPlatformState *)pci_dev; - register_ioport_write(addr, size, 1, xen_platform_ioport_writeb, d); - register_ioport_read(addr, size, 1, xen_platform_ioport_readb, d); diff --git a/ioemu-vnc-resize.patch b/ioemu-vnc-resize.patch deleted file mode 100644 index db12ea6..0000000 --- a/ioemu-vnc-resize.patch +++ /dev/null @@ -1,30 +0,0 @@ -Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/vnc.c -=================================================================== ---- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/vnc.c -+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/vnc.c -@@ -1761,6 +1761,25 @@ static int protocol_client_msg(VncState - } - - set_encodings(vs, (int32_t *)(data + 4), limit); -+ -+ /* -+ * The initialization of a VNC connection can race with xenfb changing -+ * the resolution. This happens when the VNC connection is already -+ * established, but the client has not yet advertised has_resize, so it -+ * won't get notified of the switch. -+ * -+ * Therefore we resend the resolution as soon as the client has sent its -+ * encodings. -+ */ -+ if (vs->has_resize) { -+ /* Resize the VNC window */ -+ vnc_write_u8(vs, 0); /* msg id */ -+ vnc_write_u8(vs, 0); -+ vnc_write_u16(vs, 1); /* number of rects */ -+ vnc_framebuffer_update(vs, 0, 0, vs->serverds.width, vs->serverds.height, -223); -+ -+ vnc_flush(vs); -+ } - break; - case 3: - if (len == 1) diff --git a/ioemu-watchdog-ib700-timer.patch b/ioemu-watchdog-ib700-timer.patch deleted file mode 100644 index de0e813..0000000 --- a/ioemu-watchdog-ib700-timer.patch +++ /dev/null @@ -1,34 +0,0 @@ - -Subject: qdev: convert watchdogs -From: Markus Armbruster armbru@redhat.com Fri Aug 21 10:31:34 2009 +0200 -Date: Thu Aug 27 20:35:24 2009 -0500: -Git: 09aaa1602f9381c0e0fb539390b1793e51bdfc7b - -* THIS IS ONLY THE BUG FIX PART OF THE UPSTREAM PATCH * - -Fixes ib700 not to use vm_clock before it is initialized: in -wdt_ib700_init(), called from register_watchdogs(), which runs before -init_timers(). The bug made ib700_write_enable_reg() crash in -qemu_del_timer(). - -Signed-off-by: Markus Armbruster -Signed-off-by: Anthony Liguori - -Index: xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/hw/wdt_ib700.c -=================================================================== ---- xen-4.2.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/wdt_ib700.c -+++ xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/hw/wdt_ib700.c -@@ -93,6 +93,7 @@ static int ib700_load(QEMUFile *f, void - /* Create and initialize a virtual IB700 during PC creation. */ - static void ib700_pc_init(PCIBus *unused) - { -+ timer = qemu_new_timer(vm_clock, ib700_timer_expired, NULL); - register_savevm("ib700_wdt", -1, 0, ib700_save, ib700_load, NULL); - - register_ioport_write(0x441, 2, 1, ib700_write_disable_reg, NULL); -@@ -108,5 +109,4 @@ static WatchdogTimerModel model = { - void wdt_ib700_init(void) - { - watchdog_add_model(&model); -- timer = qemu_new_timer(vm_clock, ib700_timer_expired, NULL); - } diff --git a/ioemu-watchdog-linkage.patch b/ioemu-watchdog-linkage.patch deleted file mode 100644 index eedd81b..0000000 --- a/ioemu-watchdog-linkage.patch +++ /dev/null @@ -1,72 +0,0 @@ - -Subject: Move watchdog, watchdog_action, give them internal linkage -From: Markus Armbruster armbru@redhat.com Fri Aug 21 10:31:32 2009 +0200 -Date: Thu Aug 27 20:30:23 2009 -0500: -Git: 88b3be201acf64e0bd19782bebd533901c951c87 - -Signed-off-by: Markus Armbruster -Signed-off-by: Anthony Liguori - -Index: xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.c -=================================================================== ---- xen-4.2.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/watchdog.c -+++ xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.c -@@ -26,6 +26,16 @@ - #include "sysemu.h" - #include "hw/watchdog.h" - -+/* Possible values for action parameter. */ -+#define WDT_RESET 1 /* Hard reset. */ -+#define WDT_SHUTDOWN 2 /* Shutdown. */ -+#define WDT_POWEROFF 3 /* Quit. */ -+#define WDT_PAUSE 4 /* Pause. */ -+#define WDT_DEBUG 5 /* Prints a message and continues running. */ -+#define WDT_NONE 6 /* Do nothing. */ -+ -+static WatchdogTimerModel *watchdog; -+static int watchdog_action = WDT_RESET; - static LIST_HEAD(watchdog_list, WatchdogTimerModel) watchdog_list; - - void watchdog_add_model(WatchdogTimerModel *model) -Index: xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.h -=================================================================== ---- xen-4.2.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/watchdog.h -+++ xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.h -@@ -27,13 +27,6 @@ - extern void wdt_i6300esb_init(void); - extern void wdt_ib700_init(void); - --/* Possible values for action parameter. */ --#define WDT_RESET 1 /* Hard reset. */ --#define WDT_SHUTDOWN 2 /* Shutdown. */ --#define WDT_POWEROFF 3 /* Quit. */ --#define WDT_PAUSE 4 /* Pause. */ --#define WDT_DEBUG 5 /* Prints a message and continues running. */ --#define WDT_NONE 6 /* Do nothing. */ - - struct WatchdogTimerModel { - LIST_ENTRY(WatchdogTimerModel) entry; -@@ -50,10 +43,6 @@ struct WatchdogTimerModel { - }; - typedef struct WatchdogTimerModel WatchdogTimerModel; - --/* in vl.c */ --extern WatchdogTimerModel *watchdog; --extern int watchdog_action; -- - /* in hw/watchdog.c */ - extern int select_watchdog(const char *p); - extern int select_watchdog_action(const char *action); -Index: xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c -=================================================================== ---- xen-4.2.0-testing.orig/tools/qemu-xen-traditional-dir-remote/vl.c -+++ xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c -@@ -250,8 +250,6 @@ int no_shutdown = 0; - int cursor_hide = 1; - int graphic_rotate = 0; - int daemonize = 0; --WatchdogTimerModel *watchdog = NULL; --int watchdog_action = WDT_RESET; - const char *option_rom[MAX_OPTION_ROMS]; - int nb_option_roms; - int semihosting_enabled = 0; diff --git a/ioemu-watchdog-support.patch b/ioemu-watchdog-support.patch deleted file mode 100644 index 4e9a530..0000000 --- a/ioemu-watchdog-support.patch +++ /dev/null @@ -1,963 +0,0 @@ - -Subject: Hardware watchdog -From: Richard W.M. Jones rjones@redhat.com Sat Apr 25 13:56:19 2009 +0100 -Date: Fri May 1 09:44:11 2009 -0500: -Git: 9dd986ccf68f142aaafe543d80cf877716d91d4e - -Here is an updated hardware watchdog patch, which should fix -everything that was raised about the previous version ... - -Signed-off-by: Richard W.M. Jones -Signed-off-by: Anthony Liguori - -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/Makefile.target -=================================================================== ---- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/Makefile.target -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/Makefile.target -@@ -580,6 +580,10 @@ OBJS += e1000.o - # Serial mouse - OBJS += msmouse.o - -+# Generic watchdog support and some watchdog devices -+OBJS += watchdog.o -+OBJS += wdt_ib700.o wdt_i6300esb.o -+ - ifeq ($(TARGET_BASE_ARCH), i386) - # Hardware support - ifdef CONFIG_AUDIO -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/pc.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/pc.c -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/pc.c -@@ -41,6 +41,7 @@ - #include "virtio-balloon.h" - #include "virtio-console.h" - #include "hpet_emul.h" -+#include "watchdog.h" - - #ifdef CONFIG_PASSTHROUGH - #include "pass-through.h" -@@ -1047,6 +1048,8 @@ vga_bios_error: - } - } - -+ watchdog_pc_init(pci_bus); -+ - for(i = 0; i < nb_nics; i++) { - NICInfo *nd = &nd_table[i]; - -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.c -=================================================================== ---- /dev/null -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.c -@@ -0,0 +1,136 @@ -+/* -+ * Virtual hardware watchdog. -+ * -+ * Copyright (C) 2009 Red Hat Inc. -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public License -+ * as published by the Free Software Foundation; either version 2 -+ * of the License, or (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, -+ * USA. -+ * -+ * By Richard W.M. Jones (rjones@redhat.com). -+ */ -+ -+#include "qemu-common.h" -+#include "sys-queue.h" -+#include "sysemu.h" -+#include "hw/watchdog.h" -+ -+static LIST_HEAD(watchdog_list, WatchdogTimerModel) watchdog_list; -+ -+void watchdog_add_model(WatchdogTimerModel *model) -+{ -+ LIST_INSERT_HEAD(&watchdog_list, model, entry); -+} -+ -+/* Returns: -+ * 0 = continue -+ * 1 = exit program with error -+ * 2 = exit program without error -+ */ -+int select_watchdog(const char *p) -+{ -+ WatchdogTimerModel *model; -+ -+ if (watchdog) { -+ fprintf(stderr, -+ "qemu: only one watchdog option may be given\n"); -+ return 1; -+ } -+ -+ /* -watchdog ? lists available devices and exits cleanly. */ -+ if (strcmp(p, "?") == 0) { -+ LIST_FOREACH(model, &watchdog_list, entry) { -+ fprintf(stderr, "\t%s\t%s\n", -+ model->wdt_name, model->wdt_description); -+ } -+ return 2; -+ } -+ -+ LIST_FOREACH(model, &watchdog_list, entry) { -+ if (strcasecmp(model->wdt_name, p) == 0) { -+ watchdog = model; -+ return 0; -+ } -+ } -+ -+ fprintf(stderr, "Unknown -watchdog device. Supported devices are:\n"); -+ LIST_FOREACH(model, &watchdog_list, entry) { -+ fprintf(stderr, "\t%s\t%s\n", -+ model->wdt_name, model->wdt_description); -+ } -+ return 1; -+} -+ -+int select_watchdog_action(const char *p) -+{ -+ if (strcasecmp(p, "reset") == 0) -+ watchdog_action = WDT_RESET; -+ else if (strcasecmp(p, "shutdown") == 0) -+ watchdog_action = WDT_SHUTDOWN; -+ else if (strcasecmp(p, "poweroff") == 0) -+ watchdog_action = WDT_POWEROFF; -+ else if (strcasecmp(p, "pause") == 0) -+ watchdog_action = WDT_PAUSE; -+ else if (strcasecmp(p, "debug") == 0) -+ watchdog_action = WDT_DEBUG; -+ else if (strcasecmp(p, "none") == 0) -+ watchdog_action = WDT_NONE; -+ else -+ return -1; -+ -+ return 0; -+} -+ -+/* This actually performs the "action" once a watchdog has expired, -+ * ie. reboot, shutdown, exit, etc. -+ */ -+void watchdog_perform_action(void) -+{ -+ switch(watchdog_action) { -+ case WDT_RESET: /* same as 'system_reset' in monitor */ -+ qemu_system_reset_request(); -+ break; -+ -+ case WDT_SHUTDOWN: /* same as 'system_powerdown' in monitor */ -+ qemu_system_powerdown_request(); -+ break; -+ -+ case WDT_POWEROFF: /* same as 'quit' command in monitor */ -+ exit(0); -+ break; -+ -+ case WDT_PAUSE: /* same as 'stop' command in monitor */ -+ vm_stop(0); -+ break; -+ -+ case WDT_DEBUG: -+ fprintf(stderr, "watchdog: timer fired\n"); -+ break; -+ -+ case WDT_NONE: -+ break; -+ } -+} -+ -+void watchdog_pc_init(PCIBus *pci_bus) -+{ -+ if (watchdog) -+ watchdog->wdt_pc_init(pci_bus); -+} -+ -+void register_watchdogs(void) -+{ -+ wdt_ib700_init(); -+ wdt_i6300esb_init(); -+} -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.h -=================================================================== ---- /dev/null -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.h -@@ -0,0 +1,65 @@ -+/* -+ * Virtual hardware watchdog. -+ * -+ * Copyright (C) 2009 Red Hat Inc. -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public License -+ * as published by the Free Software Foundation; either version 2 -+ * of the License, or (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, -+ * USA. -+ * -+ * By Richard W.M. Jones (rjones@redhat.com). -+ */ -+ -+#ifndef QEMU_WATCHDOG_H -+#define QEMU_WATCHDOG_H -+ -+extern void wdt_i6300esb_init(void); -+extern void wdt_ib700_init(void); -+ -+/* Possible values for action parameter. */ -+#define WDT_RESET 1 /* Hard reset. */ -+#define WDT_SHUTDOWN 2 /* Shutdown. */ -+#define WDT_POWEROFF 3 /* Quit. */ -+#define WDT_PAUSE 4 /* Pause. */ -+#define WDT_DEBUG 5 /* Prints a message and continues running. */ -+#define WDT_NONE 6 /* Do nothing. */ -+ -+struct WatchdogTimerModel { -+ LIST_ENTRY(WatchdogTimerModel) entry; -+ -+ /* Short name of the device - used to select it on the command line. */ -+ const char *wdt_name; -+ /* Longer description (eg. manufacturer and full model number). */ -+ const char *wdt_description; -+ -+ /* This callback should create/register the device. It is called -+ * indirectly from hw/pc.c when the virtual PC is being set up. -+ */ -+ void (*wdt_pc_init)(PCIBus *pci_bus); -+}; -+typedef struct WatchdogTimerModel WatchdogTimerModel; -+ -+/* in vl.c */ -+extern WatchdogTimerModel *watchdog; -+extern int watchdog_action; -+ -+/* in hw/watchdog.c */ -+extern int select_watchdog(const char *p); -+extern int select_watchdog_action(const char *action); -+extern void watchdog_add_model(WatchdogTimerModel *model); -+extern void watchdog_perform_action(void); -+extern void watchdog_pc_init(PCIBus *pci_bus); -+extern void register_watchdogs(void); -+ -+#endif /* QEMU_WATCHDOG_H */ -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/wdt_i6300esb.c -=================================================================== ---- /dev/null -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/wdt_i6300esb.c -@@ -0,0 +1,470 @@ -+/* -+ * Virtual hardware watchdog. -+ * -+ * Copyright (C) 2009 Red Hat Inc. -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public License -+ * as published by the Free Software Foundation; either version 2 -+ * of the License, or (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, -+ * USA. -+ * -+ * By Richard W.M. Jones (rjones@redhat.com). -+ */ -+ -+#include -+ -+#include "qemu-common.h" -+#include "qemu-timer.h" -+#include "watchdog.h" -+#include "hw.h" -+#include "isa.h" -+#include "pc.h" -+#include "pci.h" -+ -+/*#define I6300ESB_DEBUG 1*/ -+ -+#ifdef I6300ESB_DEBUG -+#define i6300esb_debug(fs,...) \ -+ fprintf(stderr,"i6300esb: %s: "fs,__func__,##__VA_ARGS__) -+#else -+#define i6300esb_debug(fs,...) -+#endif -+ -+#ifndef PCI_DEVICE_ID_INTEL_ESB_9 -+#define PCI_DEVICE_ID_INTEL_ESB_9 0x25ab -+#endif -+ -+/* PCI configuration registers */ -+#define ESB_CONFIG_REG 0x60 /* Config register */ -+#define ESB_LOCK_REG 0x68 /* WDT lock register */ -+ -+/* Memory mapped registers (offset from base address) */ -+#define ESB_TIMER1_REG 0x00 /* Timer1 value after each reset */ -+#define ESB_TIMER2_REG 0x04 /* Timer2 value after each reset */ -+#define ESB_GINTSR_REG 0x08 /* General Interrupt Status Register */ -+#define ESB_RELOAD_REG 0x0c /* Reload register */ -+ -+/* Lock register bits */ -+#define ESB_WDT_FUNC (0x01 << 2) /* Watchdog functionality */ -+#define ESB_WDT_ENABLE (0x01 << 1) /* Enable WDT */ -+#define ESB_WDT_LOCK (0x01 << 0) /* Lock (nowayout) */ -+ -+/* Config register bits */ -+#define ESB_WDT_REBOOT (0x01 << 5) /* Enable reboot on timeout */ -+#define ESB_WDT_FREQ (0x01 << 2) /* Decrement frequency */ -+#define ESB_WDT_INTTYPE (0x11 << 0) /* Interrupt type on timer1 timeout */ -+ -+/* Reload register bits */ -+#define ESB_WDT_RELOAD (0x01 << 8) /* prevent timeout */ -+ -+/* Magic constants */ -+#define ESB_UNLOCK1 0x80 /* Step 1 to unlock reset registers */ -+#define ESB_UNLOCK2 0x86 /* Step 2 to unlock reset registers */ -+ -+/* Device state. */ -+struct I6300State { -+ PCIDevice dev; /* PCI device state, must be first field. */ -+ -+ int reboot_enabled; /* "Reboot" on timer expiry. The real action -+ * performed depends on the -watchdog-action -+ * param passed on QEMU command line. -+ */ -+ int clock_scale; /* Clock scale. */ -+#define CLOCK_SCALE_1KHZ 0 -+#define CLOCK_SCALE_1MHZ 1 -+ -+ int int_type; /* Interrupt type generated. */ -+#define INT_TYPE_IRQ 0 /* APIC 1, INT 10 */ -+#define INT_TYPE_SMI 2 -+#define INT_TYPE_DISABLED 3 -+ -+ int free_run; /* If true, reload timer on expiry. */ -+ int locked; /* If true, enabled field cannot be changed. */ -+ int enabled; /* If true, watchdog is enabled. */ -+ -+ QEMUTimer *timer; /* The actual watchdog timer. */ -+ -+ uint32_t timer1_preload; /* Values preloaded into timer1, timer2. */ -+ uint32_t timer2_preload; -+ int stage; /* Stage (1 or 2). */ -+ -+ int unlock_state; /* Guest writes 0x80, 0x86 to unlock the -+ * registers, and we transition through -+ * states 0 -> 1 -> 2 when this happens. -+ */ -+ -+ int previous_reboot_flag; /* If the watchdog caused the previous -+ * reboot, this flag will be set. -+ */ -+}; -+ -+typedef struct I6300State I6300State; -+ -+/* This function is called when the watchdog has either been enabled -+ * (hence it starts counting down) or has been keep-alived. -+ */ -+static void i6300esb_restart_timer(I6300State *d, int stage) -+{ -+ int64_t timeout; -+ -+ if (!d->enabled) -+ return; -+ -+ d->stage = stage; -+ -+ if (d->stage <= 1) -+ timeout = d->timer1_preload; -+ else -+ timeout = d->timer2_preload; -+ -+ if (d->clock_scale == CLOCK_SCALE_1KHZ) -+ timeout <<= 15; -+ else -+ timeout <<= 5; -+ -+ /* Get the timeout in units of ticks_per_sec. */ -+ timeout = ticks_per_sec * timeout / 33000000; -+ -+ i6300esb_debug("stage %d, timeout %" PRIi64 "\n", d->stage, timeout); -+ -+ qemu_mod_timer(d->timer, qemu_get_clock(vm_clock) + timeout); -+} -+ -+/* This is called when the guest disables the watchdog. */ -+static void i6300esb_disable_timer(I6300State *d) -+{ -+ i6300esb_debug("timer disabled\n"); -+ -+ qemu_del_timer(d->timer); -+} -+ -+static void i6300esb_reset(I6300State *d) -+{ -+ /* XXX We should probably reset other parts of the state here, -+ * but we should also reset our state on general machine reset -+ * too. For now just disable the timer so it doesn't fire -+ * again after the reboot. -+ */ -+ i6300esb_disable_timer(d); -+} -+ -+/* This function is called when the watchdog expires. Note that -+ * the hardware has two timers, and so expiry happens in two stages. -+ * If d->stage == 1 then we perform the first stage action (usually, -+ * sending an interrupt) and then restart the timer again for the -+ * second stage. If the second stage expires then the watchdog -+ * really has run out. -+ */ -+static void i6300esb_timer_expired(void *vp) -+{ -+ I6300State *d = (I6300State *) vp; -+ -+ i6300esb_debug("stage %d\n", d->stage); -+ -+ if (d->stage == 1) { -+ /* What to do at the end of stage 1? */ -+ switch (d->int_type) { -+ case INT_TYPE_IRQ: -+ fprintf(stderr, "i6300esb_timer_expired: I would send APIC 1 INT 10 here if I knew how (XXX)\n"); -+ break; -+ case INT_TYPE_SMI: -+ fprintf(stderr, "i6300esb_timer_expired: I would send SMI here if I knew how (XXX)\n"); -+ break; -+ } -+ -+ /* Start the second stage. */ -+ i6300esb_restart_timer(d, 2); -+ } else { -+ /* Second stage expired, reboot for real. */ -+ if (d->reboot_enabled) { -+ d->previous_reboot_flag = 1; -+ watchdog_perform_action(); /* This reboots, exits, etc */ -+ i6300esb_reset(d); -+ } -+ -+ /* In "free running mode" we start stage 1 again. */ -+ if (d->free_run) -+ i6300esb_restart_timer(d, 1); -+ } -+} -+ -+static void i6300esb_config_write(PCIDevice *dev, uint32_t addr, -+ uint32_t data, int len) -+{ -+ I6300State *d = (I6300State *) dev; -+ int old; -+ -+ i6300esb_debug("addr = %x, data = %x, len = %d\n", addr, data, len); -+ -+ if (addr == ESB_CONFIG_REG && len == 2) { -+ d->reboot_enabled = (data & ESB_WDT_REBOOT) == 0; -+ d->clock_scale = -+ (data & ESB_WDT_FREQ) != 0 ? CLOCK_SCALE_1MHZ : CLOCK_SCALE_1KHZ; -+ d->int_type = (data & ESB_WDT_INTTYPE); -+ } else if (addr == ESB_LOCK_REG && len == 1) { -+ if (!d->locked) { -+ d->locked = (data & ESB_WDT_LOCK) != 0; -+ d->free_run = (data & ESB_WDT_FUNC) != 0; -+ old = d->enabled; -+ d->enabled = (data & ESB_WDT_ENABLE) != 0; -+ if (!old && d->enabled) /* Enabled transitioned from 0 -> 1 */ -+ i6300esb_restart_timer(d, 1); -+ else if (!d->enabled) -+ i6300esb_disable_timer(d); -+ } -+ } else { -+ pci_default_write_config(dev, addr, data, len); -+ } -+} -+ -+static uint32_t i6300esb_config_read(PCIDevice *dev, uint32_t addr, int len) -+{ -+ I6300State *d = (I6300State *) dev; -+ uint32_t data; -+ -+ i6300esb_debug ("addr = %x, len = %d\n", addr, len); -+ -+ if (addr == ESB_CONFIG_REG && len == 2) { -+ data = -+ (d->reboot_enabled ? 0 : ESB_WDT_REBOOT) | -+ (d->clock_scale == CLOCK_SCALE_1MHZ ? ESB_WDT_FREQ : 0) | -+ d->int_type; -+ return data; -+ } else if (addr == ESB_LOCK_REG && len == 1) { -+ data = -+ (d->free_run ? ESB_WDT_FUNC : 0) | -+ (d->locked ? ESB_WDT_LOCK : 0) | -+ (d->enabled ? ESB_WDT_ENABLE : 0); -+ return data; -+ } else { -+ return pci_default_read_config(dev, addr, len); -+ } -+} -+ -+static uint32_t i6300esb_mem_readb(void *vp, target_phys_addr_t addr) -+{ -+ i6300esb_debug ("addr = %x\n", (int) addr); -+ -+ return 0; -+} -+ -+static uint32_t i6300esb_mem_readw(void *vp, target_phys_addr_t addr) -+{ -+ uint32_t data = 0; -+ I6300State *d = (I6300State *) vp; -+ -+ i6300esb_debug("addr = %x\n", (int) addr); -+ -+ if (addr == 0xc) { -+ /* The previous reboot flag is really bit 9, but there is -+ * a bug in the Linux driver where it thinks it's bit 12. -+ * Set both. -+ */ -+ data = d->previous_reboot_flag ? 0x1200 : 0; -+ } -+ -+ return data; -+} -+ -+static uint32_t i6300esb_mem_readl(void *vp, target_phys_addr_t addr) -+{ -+ i6300esb_debug("addr = %x\n", (int) addr); -+ -+ return 0; -+} -+ -+static void i6300esb_mem_writeb(void *vp, target_phys_addr_t addr, uint32_t val) -+{ -+ I6300State *d = (I6300State *) vp; -+ -+ i6300esb_debug("addr = %x, val = %x\n", (int) addr, val); -+ -+ if (addr == 0xc && val == 0x80) -+ d->unlock_state = 1; -+ else if (addr == 0xc && val == 0x86 && d->unlock_state == 1) -+ d->unlock_state = 2; -+} -+ -+static void i6300esb_mem_writew(void *vp, target_phys_addr_t addr, uint32_t val) -+{ -+ I6300State *d = (I6300State *) vp; -+ -+ i6300esb_debug("addr = %x, val = %x\n", (int) addr, val); -+ -+ if (addr == 0xc && val == 0x80) -+ d->unlock_state = 1; -+ else if (addr == 0xc && val == 0x86 && d->unlock_state == 1) -+ d->unlock_state = 2; -+ else { -+ if (d->unlock_state == 2) { -+ if (addr == 0xc) { -+ if ((val & 0x100) != 0) -+ /* This is the "ping" from the userspace watchdog in -+ * the guest ... -+ */ -+ i6300esb_restart_timer(d, 1); -+ -+ /* Setting bit 9 resets the previous reboot flag. -+ * There's a bug in the Linux driver where it sets -+ * bit 12 instead. -+ */ -+ if ((val & 0x200) != 0 || (val & 0x1000) != 0) { -+ d->previous_reboot_flag = 0; -+ } -+ } -+ -+ d->unlock_state = 0; -+ } -+ } -+} -+ -+static void i6300esb_mem_writel(void *vp, target_phys_addr_t addr, uint32_t val) -+{ -+ I6300State *d = (I6300State *) vp; -+ -+ i6300esb_debug ("addr = %x, val = %x\n", (int) addr, val); -+ -+ if (addr == 0xc && val == 0x80) -+ d->unlock_state = 1; -+ else if (addr == 0xc && val == 0x86 && d->unlock_state == 1) -+ d->unlock_state = 2; -+ else { -+ if (d->unlock_state == 2) { -+ if (addr == 0) -+ d->timer1_preload = val & 0xfffff; -+ else if (addr == 4) -+ d->timer2_preload = val & 0xfffff; -+ -+ d->unlock_state = 0; -+ } -+ } -+} -+ -+static void i6300esb_map(PCIDevice *dev, int region_num, -+ uint32_t addr, uint32_t size, int type) -+{ -+ static CPUReadMemoryFunc *mem_read[3] = { -+ i6300esb_mem_readb, -+ i6300esb_mem_readw, -+ i6300esb_mem_readl, -+ }; -+ static CPUWriteMemoryFunc *mem_write[3] = { -+ i6300esb_mem_writeb, -+ i6300esb_mem_writew, -+ i6300esb_mem_writel, -+ }; -+ I6300State *d = (I6300State *) dev; -+ int io_mem; -+ -+ i6300esb_debug("addr = %x, size = %x, type = %d\n", addr, size, type); -+ -+ io_mem = cpu_register_io_memory (0, mem_read, mem_write, d); -+ cpu_register_physical_memory (addr, 0x10, io_mem); -+ /* qemu_register_coalesced_mmio (addr, 0x10); ? */ -+} -+ -+static void i6300esb_save(QEMUFile *f, void *vp) -+{ -+ I6300State *d = (I6300State *) vp; -+ -+ pci_device_save(&d->dev, f); -+ qemu_put_be32(f, d->reboot_enabled); -+ qemu_put_be32(f, d->clock_scale); -+ qemu_put_be32(f, d->int_type); -+ qemu_put_be32(f, d->free_run); -+ qemu_put_be32(f, d->locked); -+ qemu_put_be32(f, d->enabled); -+ qemu_put_timer(f, d->timer); -+ qemu_put_be32(f, d->timer1_preload); -+ qemu_put_be32(f, d->timer2_preload); -+ qemu_put_be32(f, d->stage); -+ qemu_put_be32(f, d->unlock_state); -+ qemu_put_be32(f, d->previous_reboot_flag); -+} -+ -+static int i6300esb_load(QEMUFile *f, void *vp, int version) -+{ -+ I6300State *d = (I6300State *) vp; -+ -+ if (version != sizeof (I6300State)) -+ return -EINVAL; -+ -+ pci_device_load(&d->dev, f); -+ d->reboot_enabled = qemu_get_be32(f); -+ d->clock_scale = qemu_get_be32(f); -+ d->int_type = qemu_get_be32(f); -+ d->free_run = qemu_get_be32(f); -+ d->locked = qemu_get_be32(f); -+ d->enabled = qemu_get_be32(f); -+ qemu_get_timer(f, d->timer); -+ d->timer1_preload = qemu_get_be32(f); -+ d->timer2_preload = qemu_get_be32(f); -+ d->stage = qemu_get_be32(f); -+ d->unlock_state = qemu_get_be32(f); -+ d->previous_reboot_flag = qemu_get_be32(f); -+ -+ return 0; -+} -+ -+/* Create and initialize a virtual Intel 6300ESB during PC creation. */ -+static void i6300esb_pc_init(PCIBus *pci_bus) -+{ -+ I6300State *d; -+ uint8_t *pci_conf; -+ -+ if (!pci_bus) { -+ fprintf(stderr, "wdt_i6300esb: no PCI bus in this machine\n"); -+ return; -+ } -+ -+ d = (I6300State *) -+ pci_register_device (pci_bus, "i6300esb_wdt", sizeof (I6300State), -+ -1, -+ i6300esb_config_read, i6300esb_config_write); -+ -+ d->reboot_enabled = 1; -+ d->clock_scale = CLOCK_SCALE_1KHZ; -+ d->int_type = INT_TYPE_IRQ; -+ d->free_run = 0; -+ d->locked = 0; -+ d->enabled = 0; -+ d->timer = qemu_new_timer(vm_clock, i6300esb_timer_expired, d); -+ d->timer1_preload = 0xfffff; -+ d->timer2_preload = 0xfffff; -+ d->stage = 1; -+ d->unlock_state = 0; -+ d->previous_reboot_flag = 0; -+ -+ pci_conf = d->dev.config; -+ pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_INTEL); -+ pci_config_set_device_id(pci_conf, PCI_DEVICE_ID_INTEL_ESB_9); -+ pci_config_set_class(pci_conf, PCI_CLASS_SYSTEM_OTHER); -+ pci_conf[0x0e] = 0x00; -+ -+ pci_register_io_region(&d->dev, 0, 0x10, -+ PCI_ADDRESS_SPACE_MEM, i6300esb_map); -+ -+ register_savevm("i6300esb_wdt", -1, sizeof(I6300State), -+ i6300esb_save, i6300esb_load, d); -+} -+ -+static WatchdogTimerModel model = { -+ .wdt_name = "i6300esb", -+ .wdt_description = "Intel 6300ESB", -+ .wdt_pc_init = i6300esb_pc_init, -+}; -+ -+void wdt_i6300esb_init(void) -+{ -+ watchdog_add_model(&model); -+} -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/wdt_ib700.c -=================================================================== ---- /dev/null -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/wdt_ib700.c -@@ -0,0 +1,112 @@ -+/* -+ * Virtual hardware watchdog. -+ * -+ * Copyright (C) 2009 Red Hat Inc. -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public License -+ * as published by the Free Software Foundation; either version 2 -+ * of the License, or (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, -+ * USA. -+ * -+ * By Richard W.M. Jones (rjones@redhat.com). -+ */ -+ -+#include "qemu-common.h" -+#include "qemu-timer.h" -+#include "watchdog.h" -+#include "hw.h" -+#include "isa.h" -+#include "pc.h" -+ -+/*#define IB700_DEBUG 1*/ -+ -+#ifdef IB700_DEBUG -+#define ib700_debug(fs,...) \ -+ fprintf(stderr,"ib700: %s: "fs,__func__,##__VA_ARGS__) -+#else -+#define ib700_debug(fs,...) -+#endif -+ -+/* This is the timer. We use a global here because the watchdog -+ * code ensures there is only one watchdog (it is located at a fixed, -+ * unchangable IO port, so there could only ever be one anyway). -+ */ -+static QEMUTimer *timer = NULL; -+ -+/* A write to this register enables the timer. */ -+static void ib700_write_enable_reg(void *vp, uint32_t addr, uint32_t data) -+{ -+ static int time_map[] = { -+ 30, 28, 26, 24, 22, 20, 18, 16, -+ 14, 12, 10, 8, 6, 4, 2, 0 -+ }; -+ int64 timeout; -+ -+ ib700_debug("addr = %x, data = %x\n", addr, data); -+ -+ timeout = (int64_t) time_map[data & 0xF] * ticks_per_sec; -+ qemu_mod_timer(timer, qemu_get_clock (vm_clock) + timeout); -+} -+ -+/* A write (of any value) to this register disables the timer. */ -+static void ib700_write_disable_reg(void *vp, uint32_t addr, uint32_t data) -+{ -+ ib700_debug("addr = %x, data = %x\n", addr, data); -+ -+ qemu_del_timer(timer); -+} -+ -+/* This is called when the watchdog expires. */ -+static void ib700_timer_expired(void *vp) -+{ -+ ib700_debug("watchdog expired\n"); -+ -+ watchdog_perform_action(); -+ qemu_del_timer(timer); -+} -+ -+static void ib700_save(QEMUFile *f, void *vp) -+{ -+ qemu_put_timer(f, timer); -+} -+ -+static int ib700_load(QEMUFile *f, void *vp, int version) -+{ -+ if (version != 0) -+ return -EINVAL; -+ -+ qemu_get_timer(f, timer); -+ -+ return 0; -+} -+ -+/* Create and initialize a virtual IB700 during PC creation. */ -+static void ib700_pc_init(PCIBus *unused) -+{ -+ register_savevm("ib700_wdt", -1, 0, ib700_save, ib700_load, NULL); -+ -+ register_ioport_write(0x441, 2, 1, ib700_write_disable_reg, NULL); -+ register_ioport_write(0x443, 2, 1, ib700_write_enable_reg, NULL); -+} -+ -+static WatchdogTimerModel model = { -+ .wdt_name = "ib700", -+ .wdt_description = "iBASE 700", -+ .wdt_pc_init = ib700_pc_init, -+}; -+ -+void wdt_ib700_init(void) -+{ -+ watchdog_add_model(&model); -+ timer = qemu_new_timer(vm_clock, ib700_timer_expired, NULL); -+} -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/monitor.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/monitor.c -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/monitor.c -@@ -26,6 +26,7 @@ - #include "hw/pcmcia.h" - #include "hw/pc.h" - #include "hw/pci.h" -+#include "hw/watchdog.h" - #include "gdbstub.h" - #include "net.h" - #include "qemu-char.h" -@@ -531,6 +532,13 @@ static void do_gdbserver(const char *por - } - #endif - -+static void do_watchdog_action(const char *action) -+{ -+ if (select_watchdog_action(action) == -1) { -+ qemu_printf("Unknown watchdog action '%s'\n", action); -+ } -+} -+ - static void term_printc(int c) - { - term_printf("'"); -@@ -1605,6 +1613,8 @@ static const term_cmd_t term_cmds[] = { - "target", "request VM to change it's memory allocation (in MB)" }, - { "set_link", "ss", do_set_link, - "name [up|down]", "change the link status of a network adapter" }, -+ { "watchdog_action", "s", do_watchdog_action, -+ "[reset|shutdown|poweroff|pause|debug|none]", "change watchdog action" }, - { "cpu_set", "is", do_cpu_set_nr, - "cpu [online|offline]", "change cpu state" }, - { NULL, NULL, }, -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/vl.c -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c -@@ -30,6 +30,7 @@ - #include "hw/isa.h" - #include "hw/baum.h" - #include "hw/bt.h" -+#include "hw/watchdog.h" - #include "net.h" - #include "console.h" - #include "sysemu.h" -@@ -249,6 +250,8 @@ int no_shutdown = 0; - int cursor_hide = 1; - int graphic_rotate = 0; - int daemonize = 0; -+WatchdogTimerModel *watchdog = NULL; -+int watchdog_action = WDT_RESET; - const char *option_rom[MAX_OPTION_ROMS]; - int nb_option_roms; - int semihosting_enabled = 0; -@@ -4222,6 +4225,10 @@ static void help(int exitcode) - "-startdate select initial date of the clock\n" - "-icount [N|auto]\n" - " enable virtual instruction counter with 2^N clock ticks per instruction\n" -+ "-watchdog i6300esb|ib700\n" -+ " enable virtual hardware watchdog [default=none]\n" -+ "-watchdog-action reset|shutdown|poweroff|pause|debug|none\n" -+ " action when watchdog fires [default=reset]\n" - "-echr chr set terminal escape character instead of ctrl-a\n" - "-virtioconsole c\n" - " set virtio console\n" -@@ -4369,6 +4376,8 @@ enum { - QEMU_OPTION_localtime, - QEMU_OPTION_startdate, - QEMU_OPTION_icount, -+ QEMU_OPTION_watchdog, -+ QEMU_OPTION_watchdog_action, - QEMU_OPTION_echr, - QEMU_OPTION_virtiocon, - QEMU_OPTION_show_cursor, -@@ -4495,6 +4504,8 @@ static const QEMUOption qemu_options[] = - { "localtime", 0, QEMU_OPTION_localtime }, - { "startdate", HAS_ARG, QEMU_OPTION_startdate }, - { "icount", HAS_ARG, QEMU_OPTION_icount }, -+ { "watchdog", HAS_ARG, QEMU_OPTION_watchdog }, -+ { "watchdog-action", HAS_ARG, QEMU_OPTION_watchdog_action }, - { "echr", HAS_ARG, QEMU_OPTION_echr }, - { "virtioconsole", HAS_ARG, QEMU_OPTION_virtiocon }, - { "show-cursor", 0, QEMU_OPTION_show_cursor }, -@@ -4996,6 +5007,8 @@ int main(int argc, char **argv, char **e - tb_size = 0; - autostart= 1; - -+ register_watchdogs(); -+ - optind = 1; - for(;;) { - if (optind >= argc) -@@ -5370,6 +5383,17 @@ int main(int argc, char **argv, char **e - serial_devices[serial_device_index] = optarg; - serial_device_index++; - break; -+ case QEMU_OPTION_watchdog: -+ i = select_watchdog(optarg); -+ if (i > 0) -+ exit (i == 1 ? 1 : 0); -+ break; -+ case QEMU_OPTION_watchdog_action: -+ if (select_watchdog_action(optarg) == -1) { -+ fprintf(stderr, "Unknown -watchdog-action parameter\n"); -+ exit(1); -+ } -+ break; - case QEMU_OPTION_virtiocon: - if (virtio_console_index >= MAX_VIRTIO_CONSOLES) { - fprintf(stderr, "qemu: too many virtio consoles\n"); diff --git a/ipxe-enable-nics.patch b/ipxe-enable-nics.patch deleted file mode 100644 index 4306289..0000000 --- a/ipxe-enable-nics.patch +++ /dev/null @@ -1,9 +0,0 @@ -Index: xen-4.2.0-testing/tools/firmware/etherboot/Config -=================================================================== ---- xen-4.2.0-testing.orig/tools/firmware/etherboot/Config -+++ xen-4.2.0-testing/tools/firmware/etherboot/Config -@@ -1,3 +1,4 @@ -+NICS = rtl8139 8086100e eepro100 e1000 pcnet32 10ec8029 - - CFLAGS += -UPXE_DHCP_STRICT - CFLAGS += -DPXE_DHCP_STRICT diff --git a/ipxe-no-error-logical-not-parentheses.patch b/ipxe-no-error-logical-not-parentheses.patch deleted file mode 100644 index ee8fd7b..0000000 --- a/ipxe-no-error-logical-not-parentheses.patch +++ /dev/null @@ -1,25 +0,0 @@ -Index: xen-4.6.0-testing/tools/firmware/etherboot/patches/ipxe-no-error-logical-not-parentheses.patch -=================================================================== ---- /dev/null -+++ xen-4.6.0-testing/tools/firmware/etherboot/patches/ipxe-no-error-logical-not-parentheses.patch -@@ -0,0 +1,11 @@ -+--- ipxe/src/Makefile.housekeeping.orig 2015-03-12 12:15:50.054891858 +0000 -++++ ipxe/src/Makefile.housekeeping 2015-03-12 12:16:05.978071221 +0000 -+@@ -415,7 +415,7 @@ -+ # Inhibit -Werror if NO_WERROR is specified on make command line -+ # -+ ifneq ($(NO_WERROR),1) -+-CFLAGS += -Werror -++CFLAGS += -Werror -Wno-logical-not-parentheses -+ ASFLAGS += --fatal-warnings -+ endif -+ -Index: xen-4.6.0-testing/tools/firmware/etherboot/patches/series -=================================================================== ---- xen-4.6.0-testing.orig/tools/firmware/etherboot/patches/series -+++ xen-4.6.0-testing/tools/firmware/etherboot/patches/series -@@ -4,3 +4,4 @@ build_fix_2.patch - build_fix_3.patch - build-compare.patch - build_fix_4.patch -+ipxe-no-error-logical-not-parentheses.patch diff --git a/ipxe-use-rpm-opt-flags.patch b/ipxe-use-rpm-opt-flags.patch deleted file mode 100644 index b76be22..0000000 --- a/ipxe-use-rpm-opt-flags.patch +++ /dev/null @@ -1,27 +0,0 @@ -References: bsc#969377 - xen does not build with GCC 6 - -Index: xen-4.6.1-testing/tools/firmware/etherboot/patches/ipxe-use-rpm-opt-flags.patch -=================================================================== ---- /dev/null -+++ xen-4.6.1-testing/tools/firmware/etherboot/patches/ipxe-use-rpm-opt-flags.patch -@@ -0,0 +1,11 @@ -+--- ipxe/src/Makefile.orig 2016-03-04 15:48:15.000000000 -0700 -++++ ipxe/src/Makefile 2016-03-04 15:48:40.000000000 -0700 -+@@ -4,7 +4,7 @@ -+ # -+ -+ CLEANUP := -+-CFLAGS := -++CFLAGS := $(RPM_OPT_FLAGS) -Wno-error=array-bounds -Wno-nonnull-compare -Wno-unused-const-variable -Wno-misleading-indentation -Wno-shift-negative-value -+ ASFLAGS := -+ LDFLAGS := -+ MAKEDEPS := Makefile -Index: xen-4.6.1-testing/tools/firmware/etherboot/patches/series -=================================================================== ---- xen-4.6.1-testing.orig/tools/firmware/etherboot/patches/series -+++ xen-4.6.1-testing/tools/firmware/etherboot/patches/series -@@ -5,3 +5,4 @@ build_fix_3.patch - build-compare.patch - build_fix_4.patch - ipxe-no-error-logical-not-parentheses.patch -+ipxe-use-rpm-opt-flags.patch diff --git a/ipxe.tar.bz2 b/ipxe.tar.bz2 deleted file mode 100644 index 1f0b3a3..0000000 --- a/ipxe.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:9e738814a69408e6fd725adaebfe61f17013520b46852204ad0c7f3c7ced142f -size 2877771 diff --git a/kernel-boot-hvm.patch b/kernel-boot-hvm.patch deleted file mode 100644 index 4e47a0d..0000000 --- a/kernel-boot-hvm.patch +++ /dev/null @@ -1,244 +0,0 @@ -Direct kernel boot to HVM guests has regression from xen-3.3 to xen-4.0. -Foreport this feature to latest qemu-xen. Make a fake boot sector with given -kernel and initrd, which could be accessed by hvmloader. - -Signed-off-by: Chunyan Liu - -Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/block.c -=================================================================== ---- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/block.c -+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/block.c -@@ -596,6 +596,16 @@ int bdrv_read(BlockDriverState *bs, int6 - - if (bdrv_check_request(bs, sector_num, nb_sectors)) - return -EIO; -+ -+ if (sector_num == 0 && bs->boot_sector_enabled && nb_sectors > 0) { -+ memcpy(buf, bs->boot_sector_data, 512); -+ sector_num++; -+ nb_sectors--; -+ buf += 512; -+ if (nb_sectors == 0) -+ return 0; -+ } -+ - if (drv->bdrv_pread) { - int ret, len; - len = nb_sectors * 512; -@@ -631,6 +641,10 @@ int bdrv_write(BlockDriverState *bs, int - if (bdrv_check_request(bs, sector_num, nb_sectors)) - return -EIO; - -+ if (sector_num == 0 && bs->boot_sector_enabled && nb_sectors > 0) { -+ memcpy(bs->boot_sector_data, buf, 512); -+ } -+ - if (drv->bdrv_pwrite) { - int ret, len, count = 0; - len = nb_sectors * 512; -@@ -934,6 +948,16 @@ void bdrv_guess_geometry(BlockDriverStat - } - } - -+/* force a given boot sector. */ -+void bdrv_set_boot_sector(BlockDriverState *bs, const uint8_t *data, int size) -+{ -+ bs->boot_sector_enabled = 1; -+ if (size > 512) -+ size = 512; -+ memcpy(bs->boot_sector_data, data, size); -+ memset(bs->boot_sector_data + size, 0, 512 - size); -+} -+ - void bdrv_set_geometry_hint(BlockDriverState *bs, - int cyls, int heads, int secs) - { -@@ -1464,6 +1488,14 @@ BlockDriverAIOCB *bdrv_aio_read(BlockDri - if (bdrv_check_request(bs, sector_num, nb_sectors)) - return NULL; - -+ /* XXX: we assume that nb_sectors == 0 is suppored by the async read */ -+ if (sector_num == 0 && bs->boot_sector_enabled && nb_sectors > 0) { -+ memcpy(buf, bs->boot_sector_data, 512); -+ sector_num++; -+ nb_sectors--; -+ buf += 512; -+ } -+ - ret = drv->bdrv_aio_read(bs, sector_num, buf, nb_sectors, cb, opaque); - - if (ret) { -@@ -1489,6 +1521,10 @@ BlockDriverAIOCB *bdrv_aio_write(BlockDr - if (bdrv_check_request(bs, sector_num, nb_sectors)) - return NULL; - -+ if (sector_num == 0 && bs->boot_sector_enabled && nb_sectors > 0) { -+ memcpy(bs->boot_sector_data, buf, 512); -+ } -+ - ret = drv->bdrv_aio_write(bs, sector_num, buf, nb_sectors, cb, opaque); - - if (ret) { -Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/block_int.h -=================================================================== ---- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/block_int.h -+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/block_int.h -@@ -122,6 +122,9 @@ struct BlockDriverState { - BlockDriver *drv; /* NULL means no media */ - void *opaque; - -+ int boot_sector_enabled; -+ uint8_t boot_sector_data[512]; -+ - char filename[1024]; - char backing_file[1024]; /* if non zero, the image is a diff of - this file image */ -Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/pc.c -=================================================================== ---- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/pc.c -+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/pc.c -@@ -473,45 +473,28 @@ static void bochs_bios_init(void) - - /* Generate an initial boot sector which sets state and jump to - a specified vector */ --static void generate_bootsect(uint8_t *option_rom, -- uint32_t gpr[8], uint16_t segs[6], uint16_t ip) -+static void generate_bootsect(uint32_t gpr[8], uint16_t segs[6], uint16_t ip) - { -- uint8_t rom[512], *p, *reloc; -- uint8_t sum; -+ uint8_t bootsect[512], *p; - int i; -+ int hda; - -- memset(rom, 0, sizeof(rom)); -+ hda = drive_get_index(IF_IDE, 0, 0); -+ if (hda == -1) { -+ fprintf(stderr, "A disk image must be given for 'hda' when booting " -+ "a Linux kernel\n(if you really don't want it, use /dev/zero)\n"); -+ exit(1); -+ } -+ memset(bootsect, 0, sizeof(bootsect)); - -- p = rom; -- /* Make sure we have an option rom signature */ -- *p++ = 0x55; -- *p++ = 0xaa; -- -- /* ROM size in sectors*/ -- *p++ = 1; -- -- /* Hook int19 */ -- -- *p++ = 0x50; /* push ax */ -- *p++ = 0x1e; /* push ds */ -- *p++ = 0x31; *p++ = 0xc0; /* xor ax, ax */ -- *p++ = 0x8e; *p++ = 0xd8; /* mov ax, ds */ -- -- *p++ = 0xc7; *p++ = 0x06; /* movvw _start,0x64 */ -- *p++ = 0x64; *p++ = 0x00; -- reloc = p; -- *p++ = 0x00; *p++ = 0x00; -- -- *p++ = 0x8c; *p++ = 0x0e; /* mov cs,0x66 */ -- *p++ = 0x66; *p++ = 0x00; -- -- *p++ = 0x1f; /* pop ds */ -- *p++ = 0x58; /* pop ax */ -- *p++ = 0xcb; /* lret */ -- -- /* Actual code */ -- *reloc = (p - rom); -+ /* Copy the MSDOS partition table if possible */ -+ bdrv_read(drives_table[hda].bdrv, 0, bootsect, 1); -+ /* Make sure we have a partition signature */ -+ bootsect[510] = 0x55; -+ bootsect[511] = 0xaa; - -+ /* Actual code */ -+ p = bootsect; - *p++ = 0xfa; /* CLI */ - *p++ = 0xfc; /* CLD */ - -@@ -541,13 +524,7 @@ static void generate_bootsect(uint8_t *o - *p++ = segs[1]; /* CS */ - *p++ = segs[1] >> 8; - -- /* sign rom */ -- sum = 0; -- for (i = 0; i < (sizeof(rom) - 1); i++) -- sum += rom[i]; -- rom[sizeof(rom) - 1] = -sum; -- -- memcpy(option_rom, rom, sizeof(rom)); -+ bdrv_set_boot_sector(drives_table[hda].bdrv, bootsect, sizeof(bootsect)); - } - - static long get_file_size(FILE *f) -@@ -564,8 +541,7 @@ static long get_file_size(FILE *f) - return size; - } - --static void load_linux(uint8_t *option_rom, -- const char *kernel_filename, -+static void load_linux(const char *kernel_filename, - const char *initrd_filename, - const char *kernel_cmdline) - { -@@ -631,7 +607,9 @@ static void load_linux(uint8_t *option_r - - /* Special pages are placed at end of low RAM: pick an arbitrary one and - * subtract a suitably large amount of padding (64kB) to skip BIOS data. */ -- xc_get_hvm_param(xc_handle, domid, HVM_PARAM_BUFIOREQ_PFN, &end_low_ram); -+ //xc_get_hvm_param(xc_handle, domid, HVM_PARAM_BUFIOREQ_PFN, &end_low_ram); -+ /* BUFIO Page beyond last_pfn, use 0x7ffc instead. Fix ME. */ -+ end_low_ram = 0x7ffc; - end_low_ram = (end_low_ram << 12) - (64*1024); - - /* highest address for loading the initrd */ -@@ -720,7 +698,7 @@ static void load_linux(uint8_t *option_r - memset(gpr, 0, sizeof gpr); - gpr[4] = cmdline_addr-real_addr-16; /* SP (-16 is paranoia) */ - -- generate_bootsect(option_rom, gpr, seg, 0); -+ generate_bootsect(gpr, seg, 0); - #endif - } - -@@ -930,14 +908,6 @@ vga_bios_error: - int size, offset; - - offset = 0; -- if (linux_boot) { -- option_rom_offset = qemu_ram_alloc(TARGET_PAGE_SIZE); -- load_linux(phys_ram_base + option_rom_offset, -- kernel_filename, initrd_filename, kernel_cmdline); -- cpu_register_physical_memory(0xd0000, TARGET_PAGE_SIZE, -- option_rom_offset | IO_MEM_ROM); -- offset = TARGET_PAGE_SIZE; -- } - - for (i = 0; i < nb_option_roms; i++) { - size = get_image_size(option_rom[i]); -@@ -971,6 +941,9 @@ vga_bios_error: - - bochs_bios_init(); - -+ if (linux_boot) -+ load_linux(kernel_filename, initrd_filename, kernel_cmdline); -+ - i8259 = i8259_init(NULL); - ferr_irq = i8259[13]; - -Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/block.h -=================================================================== ---- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/block.h -+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/block.h -@@ -82,6 +82,7 @@ int64_t bdrv_getlength(BlockDriverState - void bdrv_get_geometry(BlockDriverState *bs, uint64_t *nb_sectors_ptr); - void bdrv_guess_geometry(BlockDriverState *bs, int *pcyls, int *pheads, int *psecs); - int bdrv_commit(BlockDriverState *bs); -+void bdrv_set_boot_sector(BlockDriverState *bs, const uint8_t *data, int size); - /* async block I/O */ - typedef struct BlockDriverAIOCB BlockDriverAIOCB; - typedef void BlockDriverCompletionFunc(void *opaque, int ret); diff --git a/kmp_filelist b/kmp_filelist deleted file mode 100644 index 01cfbf2..0000000 --- a/kmp_filelist +++ /dev/null @@ -1,2 +0,0 @@ -%defattr (-,root,root) -/lib/modules/%2-%1 diff --git a/libxc-bitmap-long.patch b/libxc-bitmap-long.patch new file mode 100644 index 0000000..f70cb9a --- /dev/null +++ b/libxc-bitmap-long.patch @@ -0,0 +1,64 @@ +From: Olaf Hering +Date: Wed, 9 Dec 2020 16:40:00 +0100 +Subject: libxc sr bitmap long + +tools: add API to work with sevaral bits at once + +Introduce new API to test if a fixed number of bits is clear or set, +and clear or set them all at once. + +The caller has to make sure the input bitnumber is a multiple of BITS_PER_LONG. + +This API avoids the loop over each bit in a known range just to see +if all of them are either clear or set. + +Signed-off-by: Olaf Hering + +v02: +- change return type from int to bool (jgross) +--- + tools/libs/ctrl/xc_bitops.h | 28 ++++++++++++++++++++++++++++ + 1 file changed, 28 insertions(+) + +--- a/tools/libs/ctrl/xc_bitops.h ++++ b/tools/libs/ctrl/xc_bitops.h +@@ -3,6 +3,7 @@ + + /* bitmap operations for single threaded access */ + ++#include + #include + #include + +@@ -81,4 +82,31 @@ static inline void bitmap_or(void *_dst, + dst[i] |= other[i]; + } + ++static inline bool test_bit_long_set(unsigned long nr_base, const void *_addr) ++{ ++ const unsigned long *addr = _addr; ++ unsigned long val = addr[nr_base / BITS_PER_LONG]; ++ ++ return val == ~0; ++} ++ ++static inline bool test_bit_long_clear(unsigned long nr_base, const void *_addr) ++{ ++ const unsigned long *addr = _addr; ++ unsigned long val = addr[nr_base / BITS_PER_LONG]; ++ ++ return val == 0; ++} ++ ++static inline void clear_bit_long(unsigned long nr_base, void *_addr) ++{ ++ unsigned long *addr = _addr; ++ addr[nr_base / BITS_PER_LONG] = 0; ++} ++ ++static inline void set_bit_long(unsigned long nr_base, void *_addr) ++{ ++ unsigned long *addr = _addr; ++ addr[nr_base / BITS_PER_LONG] = ~0; ++} + #endif /* XC_BITOPS_H */ diff --git a/libxc-sr-LIBXL_HAVE_DOMAIN_SUSPEND_PROPS.patch b/libxc-sr-LIBXL_HAVE_DOMAIN_SUSPEND_PROPS.patch new file mode 100644 index 0000000..8ac74e6 --- /dev/null +++ b/libxc-sr-LIBXL_HAVE_DOMAIN_SUSPEND_PROPS.patch @@ -0,0 +1,144 @@ +From: Olaf Hering +Date: Thu, 7 Jan 2021 15:58:30 +0100 +Subject: libxc sr LIBXL_HAVE_DOMAIN_SUSPEND_PROPS + +tools: adjust libxl_domain_suspend to receive a struct props + +Upcoming changes will pass more knobs down to xc_domain_save. +Adjust the libxl_domain_suspend API to allow easy adding of additional knobs. + +No change in behavior intented. + +Signed-off-by: Olaf Hering +Acked-by: Christian Lindig +--- + tools/include/libxl.h | 26 +++++++++++++++++++++++--- + tools/libs/light/libxl_domain.c | 7 ++++--- + tools/xl/xl_migrate.c | 9 ++++++--- + tools/xl/xl_saverestore.c | 3 ++- + 4 files changed, 35 insertions(+), 10 deletions(-) + +--- a/tools/include/libxl.h ++++ b/tools/include/libxl.h +@@ -1855,13 +1855,28 @@ static inline int libxl_retrieve_domain_ + libxl_retrieve_domain_configuration_0x041200 + #endif + +-int libxl_domain_suspend(libxl_ctx *ctx, uint32_t domid, int fd, +- int flags, /* LIBXL_SUSPEND_* */ +- const libxl_asyncop_how *ao_how) +- LIBXL_EXTERNAL_CALLERS_ONLY; ++/* ++ * LIBXL_HAVE_DOMAIN_SUSPEND_PROPS indicates that the ++ * libxl_domain_suspend_props() function takes a props struct. ++ */ ++#define LIBXL_HAVE_DOMAIN_SUSPEND_PROPS 1 ++ ++typedef struct { ++ uint32_t flags; /* LIBXL_SUSPEND_* */ ++} libxl_domain_suspend_suse_properties; + #define LIBXL_SUSPEND_DEBUG 1 + #define LIBXL_SUSPEND_LIVE 2 + ++#define LIBXL_HAVE_DOMAIN_SUSPEND_SUSE ++int libxl_domain_suspend_suse(libxl_ctx *ctx, uint32_t domid, int fd, ++ const libxl_domain_suspend_suse_properties *props, /* optional */ ++ const libxl_asyncop_how *ao_how) ++ LIBXL_EXTERNAL_CALLERS_ONLY; ++ ++int libxl_domain_suspend(libxl_ctx *ctx, uint32_t domid, int fd, int flags, ++ const libxl_asyncop_how *ao_how) ++ LIBXL_EXTERNAL_CALLERS_ONLY; ++ + /* + * Only suspend domain, do not save its state to file, do not destroy it. + * Suspended domain can be resumed with libxl_domain_resume() +--- a/tools/libs/light/libxl_domain.c ++++ b/tools/libs/light/libxl_domain.c +@@ -502,7 +502,8 @@ static void domain_suspend_cb(libxl__egc + + } + +-int libxl_domain_suspend(libxl_ctx *ctx, uint32_t domid, int fd, int flags, ++static int do_libxl_domain_suspend(libxl_ctx *ctx, uint32_t domid, int fd, ++ const libxl_domain_suspend_suse_properties *props, + const libxl_asyncop_how *ao_how) + { + AO_CREATE(ctx, domid, ao_how); +@@ -523,8 +524,8 @@ int libxl_domain_suspend(libxl_ctx *ctx, + dss->domid = domid; + dss->fd = fd; + dss->type = type; +- dss->live = flags & LIBXL_SUSPEND_LIVE; +- dss->debug = flags & LIBXL_SUSPEND_DEBUG; ++ dss->live = props->flags & LIBXL_SUSPEND_LIVE; ++ dss->debug = props->flags & LIBXL_SUSPEND_DEBUG; + dss->checkpointed_stream = LIBXL_CHECKPOINTED_STREAM_NONE; + + rc = libxl__fd_flags_modify_save(gc, dss->fd, +@@ -539,6 +540,21 @@ int libxl_domain_suspend(libxl_ctx *ctx, + return AO_CREATE_FAIL(rc); + } + ++int libxl_domain_suspend_suse(libxl_ctx *ctx, uint32_t domid, int fd, ++ const libxl_domain_suspend_suse_properties *props, ++ const libxl_asyncop_how *ao_how) ++{ ++ return do_libxl_domain_suspend(ctx, domid, fd, props, ao_how); ++} ++ ++int libxl_domain_suspend(libxl_ctx *ctx, uint32_t domid, int fd, int flags, ++ const libxl_asyncop_how *ao_how) ++{ ++ libxl_domain_suspend_suse_properties props = { .flags = flags }; ++ ++ return do_libxl_domain_suspend(ctx, domid, fd, &props, ao_how); ++} ++ + static void domain_suspend_empty_cb(libxl__egc *egc, + libxl__domain_suspend_state *dss, int rc) + { +--- a/tools/xl/xl_migrate.c ++++ b/tools/xl/xl_migrate.c +@@ -186,7 +186,10 @@ static void migrate_domain(uint32_t domi + char *away_domname; + char rc_buf; + uint8_t *config_data; +- int config_len, flags = LIBXL_SUSPEND_LIVE; ++ int config_len; ++ libxl_domain_suspend_suse_properties props = { ++ .flags = LIBXL_SUSPEND_LIVE, ++ }; + + save_domain_core_begin(domid, preserve_domid, override_config_file, + &config_data, &config_len); +@@ -205,8 +208,8 @@ static void migrate_domain(uint32_t domi + xtl_stdiostream_adjust_flags(logger, XTL_STDIOSTREAM_HIDE_PROGRESS, 0); + + if (debug) +- flags |= LIBXL_SUSPEND_DEBUG; +- rc = libxl_domain_suspend(ctx, domid, send_fd, flags, NULL); ++ props.flags |= LIBXL_SUSPEND_DEBUG; ++ rc = libxl_domain_suspend_suse(ctx, domid, send_fd, &props, NULL); + if (rc) { + fprintf(stderr, "migration sender: libxl_domain_suspend failed" + " (rc=%d)\n", rc); +--- a/tools/xl/xl_saverestore.c ++++ b/tools/xl/xl_saverestore.c +@@ -130,6 +130,7 @@ static int save_domain(uint32_t domid, i + int fd; + uint8_t *config_data; + int config_len; ++ libxl_domain_suspend_suse_properties props = {}; + + save_domain_core_begin(domid, preserve_domid, override_config_file, + &config_data, &config_len); +@@ -146,7 +147,7 @@ static int save_domain(uint32_t domid, i + + save_domain_core_writeconfig(fd, filename, config_data, config_len); + +- int rc = libxl_domain_suspend(ctx, domid, fd, 0, NULL); ++ int rc = libxl_domain_suspend_suse(ctx, domid, fd, &props, NULL); + close(fd); + + if (rc < 0) { diff --git a/libxc-sr-abort_if_busy.patch b/libxc-sr-abort_if_busy.patch new file mode 100644 index 0000000..64c4062 --- /dev/null +++ b/libxc-sr-abort_if_busy.patch @@ -0,0 +1,238 @@ +From: Olaf Hering +Date: Thu, 7 Jan 2021 20:25:28 +0100 +Subject: libxc sr abort_if_busy + +tools: add --abort_if_busy to libxl_domain_suspend + +Provide a knob to the host admin to abort the live migration of a +running domU if the downtime during final transit will be too long +for the workload within domU. + +Adjust error reporting. Add ERROR_MIGRATION_ABORTED to allow callers of +libxl_domain_suspend to distinguish between errors and the requested +constraint. + +Adjust precopy_policy to simplify reporting of remaining dirty pages. +The loop in send_memory_live populates ->dirty_count in a different +place than ->iteration. Let it proceeed one more time to provide the +desired information before leaving the loop. + +This patch adjusts xl(1) and the libxl API. +External users check LIBXL_HAVE_DOMAIN_SUSPEND_PROPS for the availibility +of the new .abort_if_busy property. + +Signed-off-by: Olaf Hering +--- + docs/man/xl.1.pod.in | 8 +++++++ + tools/include/libxl.h | 1 + + tools/libs/light/libxl_dom_save.c | 7 ++++++- + tools/libs/light/libxl_domain.c | 1 + + tools/libs/light/libxl_internal.h | 2 ++ + tools/libs/light/libxl_stream_write.c | 9 +++++++- + tools/libs/light/libxl_types.idl | 1 + + tools/xl/xl_cmdtable.c | 6 +++++- + tools/xl/xl_migrate.c | 30 ++++++++++++++++++++------- + 9 files changed, 55 insertions(+), 10 deletions(-) + +--- a/docs/man/xl.1.pod.in ++++ b/docs/man/xl.1.pod.in +@@ -513,6 +513,14 @@ low, the guest is suspended and the domU + This allows the host admin to control for how long the domU will likely + be suspended during transit. + ++=item B<--abort_if_busy> ++ ++Abort migration instead of doing final suspend/move/resume if the ++guest produced more than I dirty pages during th number ++of I iterations. ++This avoids long periods of time where the guest is suspended, which ++may confuse the workload within domU. ++ + =back + + =item B [I] I I +--- a/tools/include/libxl.h ++++ b/tools/include/libxl.h +@@ -1868,6 +1868,7 @@ typedef struct { + } libxl_domain_suspend_suse_properties; + #define LIBXL_SUSPEND_DEBUG 1 + #define LIBXL_SUSPEND_LIVE 2 ++#define LIBXL_SUSPEND_ABORT_IF_BUSY 4 + + #define LIBXL_HAVE_DOMAIN_SUSPEND_SUSE + int libxl_domain_suspend_suse(libxl_ctx *ctx, uint32_t domid, int fd, +--- a/tools/libs/light/libxl_dom_save.c ++++ b/tools/libs/light/libxl_dom_save.c +@@ -383,11 +383,16 @@ static int libxl__domain_save_precopy_po + stats.iteration, stats.dirty_count, stats.total_written); + if (stats.dirty_count >= 0 && stats.dirty_count < dss->min_remaining) + goto stop_copy; +- if (stats.iteration >= dss->max_iters) ++ if (stats.dirty_count >= 0 && stats.iteration >= dss->max_iters) + goto stop_copy; + return XGS_POLICY_CONTINUE_PRECOPY; + + stop_copy: ++ if (dss->abort_if_busy) ++ { ++ dss->remaining_dirty_pages = stats.dirty_count; ++ return XGS_POLICY_ABORT; ++ } + return XGS_POLICY_STOP_AND_COPY; + } + +--- a/tools/libs/light/libxl_domain.c ++++ b/tools/libs/light/libxl_domain.c +@@ -526,6 +526,7 @@ static int do_libxl_domain_suspend(libxl + dss->type = type; + dss->max_iters = props->max_iters ?: LIBXL_XGS_POLICY_MAX_ITERATIONS; + dss->min_remaining = props->min_remaining ?: LIBXL_XGS_POLICY_TARGET_DIRTY_COUNT; ++ dss->abort_if_busy = props->flags & LIBXL_SUSPEND_ABORT_IF_BUSY; + dss->live = props->flags & LIBXL_SUSPEND_LIVE; + dss->debug = props->flags & LIBXL_SUSPEND_DEBUG; + dss->checkpointed_stream = LIBXL_CHECKPOINTED_STREAM_NONE; +--- a/tools/libs/light/libxl_internal.h ++++ b/tools/libs/light/libxl_internal.h +@@ -3651,9 +3651,11 @@ struct libxl__domain_save_state { + libxl_domain_type type; + int live; + int debug; ++ int abort_if_busy; + int checkpointed_stream; + uint32_t max_iters; + uint32_t min_remaining; ++ long remaining_dirty_pages; + const libxl_domain_remus_info *remus; + /* private */ + int rc; +--- a/tools/libs/light/libxl_stream_write.c ++++ b/tools/libs/light/libxl_stream_write.c +@@ -344,11 +344,18 @@ void libxl__xc_domain_save_done(libxl__e + goto err; + + if (retval) { ++ if (dss->remaining_dirty_pages) { ++ LOGD(NOTICE, dss->domid, "saving domain: aborted," ++ " %ld remaining dirty pages.", dss->remaining_dirty_pages); ++ } else { + LOGEVD(ERROR, errnoval, dss->domid, "saving domain: %s", + dss->dsps.guest_responded ? + "domain responded to suspend request" : + "domain did not respond to suspend request"); +- if (!dss->dsps.guest_responded) ++ } ++ if (dss->remaining_dirty_pages) ++ rc = ERROR_MIGRATION_ABORTED; ++ else if(!dss->dsps.guest_responded) + rc = ERROR_GUEST_TIMEDOUT; + else if (dss->rc) + rc = dss->rc; +--- a/tools/libs/light/libxl_types.idl ++++ b/tools/libs/light/libxl_types.idl +@@ -76,6 +76,7 @@ libxl_error = Enumeration("error", [ + (-30, "QMP_DEVICE_NOT_ACTIVE"), # a device has failed to be become active + (-31, "QMP_DEVICE_NOT_FOUND"), # the requested device has not been found + (-32, "QEMU_API"), # QEMU's replies don't contains expected members ++ (-33, "MIGRATION_ABORTED"), + ], value_namespace = "") + + libxl_domain_type = Enumeration("domain_type", [ +--- a/tools/xl/xl_cmdtable.c ++++ b/tools/xl/xl_cmdtable.c +@@ -177,7 +177,11 @@ const struct cmd_spec cmd_table[] = { + "-p Do not unpause domain after migrating it.\n" + "-D Preserve the domain id\n" + "--max_iters N Number of copy iterations before final stop+move\n" +- "--min_remaining N Number of remaining dirty pages before final stop+move" ++ "--min_remaining N Number of remaining dirty pages before final stop+move\n" ++ "--abort_if_busy Abort migration instead of doing final stop+move,\n" ++ " if the number of dirty pages is higher than \n" ++ " after iterations. Otherwise the amount of memory\n" ++ " to be transfered would exceed maximum allowed domU downtime." + }, + { "restore", + &main_restore, 0, 1, +--- a/tools/xl/xl_migrate.c ++++ b/tools/xl/xl_migrate.c +@@ -177,7 +177,7 @@ static void migrate_do_preamble(int send + } + + static void migrate_domain(uint32_t domid, int preserve_domid, +- const char *rune, int debug, ++ const char *rune, int debug, int abort_if_busy, + uint32_t max_iters, + uint32_t min_remaining, + const char *override_config_file) +@@ -213,14 +213,20 @@ static void migrate_domain(uint32_t domi + + if (debug) + props.flags |= LIBXL_SUSPEND_DEBUG; ++ if (abort_if_busy) ++ props.flags |= LIBXL_SUSPEND_ABORT_IF_BUSY; + rc = libxl_domain_suspend_suse(ctx, domid, send_fd, &props, NULL); + if (rc) { + fprintf(stderr, "migration sender: libxl_domain_suspend failed" + " (rc=%d)\n", rc); +- if (rc == ERROR_GUEST_TIMEDOUT) +- goto failed_suspend; +- else +- goto failed_resume; ++ switch (rc) { ++ case ERROR_GUEST_TIMEDOUT: ++ goto failed_suspend; ++ case ERROR_MIGRATION_ABORTED: ++ goto failed_busy; ++ default: ++ goto failed_resume; ++ } + } + + //fprintf(stderr, "migration sender: Transfer complete.\n"); +@@ -302,6 +308,12 @@ static void migrate_domain(uint32_t domi + fprintf(stderr, "Migration failed, failed to suspend at sender.\n"); + exit(EXIT_FAILURE); + ++ failed_busy: ++ close(send_fd); ++ migration_child_report(recv_fd); ++ fprintf(stderr, "Migration aborted as requested, domain is too busy.\n"); ++ exit(EXIT_FAILURE); ++ + failed_resume: + close(send_fd); + migration_child_report(recv_fd); +@@ -545,13 +557,14 @@ int main_migrate(int argc, char **argv) + char *rune = NULL; + char *host; + int opt, daemonize = 1, monitor = 1, debug = 0, pause_after_migration = 0; +- int preserve_domid = 0; ++ int preserve_domid = 0, abort_if_busy = 0; + uint32_t max_iters = 0; + uint32_t min_remaining = 0; + static struct option opts[] = { + {"debug", 0, 0, 0x100}, + {"max_iters", 1, 0, 0x101}, + {"min_remaining", 1, 0, 0x102}, ++ {"abort_if_busy", 0, 0, 0x103}, + {"live", 0, 0, 0x200}, + COMMON_LONG_OPTS + }; +@@ -585,6 +598,9 @@ int main_migrate(int argc, char **argv) + case 0x102: /* --min_remaining */ + min_remaining = atoi(optarg); + break; ++ case 0x103: /* --abort_if_busy */ ++ abort_if_busy = 1; ++ break; + case 0x200: /* --live */ + /* ignored for compatibility with xm */ + break; +@@ -619,7 +635,7 @@ int main_migrate(int argc, char **argv) + pause_after_migration ? " -p" : ""); + } + +- migrate_domain(domid, preserve_domid, rune, debug, ++ migrate_domain(domid, preserve_domid, rune, debug, abort_if_busy, + max_iters, min_remaining, config_filename); + return EXIT_SUCCESS; + } diff --git a/libxc-sr-max_iters.patch b/libxc-sr-max_iters.patch new file mode 100644 index 0000000..21acc02 --- /dev/null +++ b/libxc-sr-max_iters.patch @@ -0,0 +1,148 @@ +From: Olaf Hering +Date: Sat, 9 Jan 2021 11:32:17 +0100 +Subject: libxc sr max_iters + +tools: add --max_iters to libxl_domain_suspend + +Migrating a large, and potentially busy, domU will take more +time than neccessary due to excessive number of copying iterations. + +Allow to host admin to control the number of iterations which +copy cumulated domU dirty pages to the target host. + +The default remains 5, which means one initial iteration to copy the +entire domU memory, and up to 4 additional iterations to copy dirty +memory from the still running domU. After the given number of iterations +the domU is suspended, remaining dirty memory is copied and the domU is +finally moved to the target host. + +This patch adjusts xl(1) and the libxl API. +External users check LIBXL_HAVE_DOMAIN_SUSPEND_PROPS for the availibility +of the new .max_iters property. + +Signed-off-by: Olaf Hering +--- + docs/man/xl.1.pod.in | 4 ++++ + tools/include/libxl.h | 1 + + tools/libs/light/libxl_dom_save.c | 2 +- + tools/libs/light/libxl_domain.c | 1 + + tools/libs/light/libxl_internal.h | 1 + + tools/xl/xl_cmdtable.c | 3 ++- + tools/xl/xl_migrate.c | 10 +++++++++- + 7 files changed, 19 insertions(+), 3 deletions(-) + +--- a/docs/man/xl.1.pod.in ++++ b/docs/man/xl.1.pod.in +@@ -501,6 +501,10 @@ such that it will be identical on the de + configuration is overridden using the B<-C> option. Note that it is not + possible to use this option for a 'localhost' migration. + ++=item B<--max_iters> I ++ ++Number of copy iterations before final suspend+move (default: 5) ++ + =back + + =item B [I] I I +--- a/tools/include/libxl.h ++++ b/tools/include/libxl.h +@@ -1863,6 +1863,7 @@ static inline int libxl_retrieve_domain_ + + typedef struct { + uint32_t flags; /* LIBXL_SUSPEND_* */ ++ uint32_t max_iters; + } libxl_domain_suspend_suse_properties; + #define LIBXL_SUSPEND_DEBUG 1 + #define LIBXL_SUSPEND_LIVE 2 +--- a/tools/libs/light/libxl_dom_save.c ++++ b/tools/libs/light/libxl_dom_save.c +@@ -383,7 +383,7 @@ static int libxl__domain_save_precopy_po + stats.iteration, stats.dirty_count, stats.total_written); + if (stats.dirty_count >= 0 && stats.dirty_count < LIBXL_XGS_POLICY_TARGET_DIRTY_COUNT) + goto stop_copy; +- if (stats.iteration >= LIBXL_XGS_POLICY_MAX_ITERATIONS) ++ if (stats.iteration >= dss->max_iters) + goto stop_copy; + return XGS_POLICY_CONTINUE_PRECOPY; + +--- a/tools/libs/light/libxl_domain.c ++++ b/tools/libs/light/libxl_domain.c +@@ -524,6 +524,7 @@ static int do_libxl_domain_suspend(libxl + dss->domid = domid; + dss->fd = fd; + dss->type = type; ++ dss->max_iters = props->max_iters ?: LIBXL_XGS_POLICY_MAX_ITERATIONS; + dss->live = props->flags & LIBXL_SUSPEND_LIVE; + dss->debug = props->flags & LIBXL_SUSPEND_DEBUG; + dss->checkpointed_stream = LIBXL_CHECKPOINTED_STREAM_NONE; +--- a/tools/libs/light/libxl_internal.h ++++ b/tools/libs/light/libxl_internal.h +@@ -3652,6 +3652,7 @@ struct libxl__domain_save_state { + int live; + int debug; + int checkpointed_stream; ++ uint32_t max_iters; + const libxl_domain_remus_info *remus; + /* private */ + int rc; +--- a/tools/xl/xl_cmdtable.c ++++ b/tools/xl/xl_cmdtable.c +@@ -175,7 +175,8 @@ const struct cmd_spec cmd_table[] = { + " of the domain.\n" + "--debug Enable verification mode.\n" + "-p Do not unpause domain after migrating it.\n" +- "-D Preserve the domain id" ++ "-D Preserve the domain id\n" ++ "--max_iters N Number of copy iterations before final stop+move" + }, + { "restore", + &main_restore, 0, 1, +--- a/tools/xl/xl_migrate.c ++++ b/tools/xl/xl_migrate.c +@@ -178,6 +178,7 @@ static void migrate_do_preamble(int send + + static void migrate_domain(uint32_t domid, int preserve_domid, + const char *rune, int debug, ++ uint32_t max_iters, + const char *override_config_file) + { + pid_t child = -1; +@@ -189,6 +190,7 @@ static void migrate_domain(uint32_t domi + int config_len; + libxl_domain_suspend_suse_properties props = { + .flags = LIBXL_SUSPEND_LIVE, ++ .max_iters = max_iters, + }; + + save_domain_core_begin(domid, preserve_domid, override_config_file, +@@ -542,8 +544,10 @@ int main_migrate(int argc, char **argv) + char *host; + int opt, daemonize = 1, monitor = 1, debug = 0, pause_after_migration = 0; + int preserve_domid = 0; ++ uint32_t max_iters = 0; + static struct option opts[] = { + {"debug", 0, 0, 0x100}, ++ {"max_iters", 1, 0, 0x101}, + {"live", 0, 0, 0x200}, + COMMON_LONG_OPTS + }; +@@ -571,6 +575,9 @@ int main_migrate(int argc, char **argv) + case 0x100: /* --debug */ + debug = 1; + break; ++ case 0x101: /* --max_iters */ ++ max_iters = atoi(optarg); ++ break; + case 0x200: /* --live */ + /* ignored for compatibility with xm */ + break; +@@ -605,7 +612,8 @@ int main_migrate(int argc, char **argv) + pause_after_migration ? " -p" : ""); + } + +- migrate_domain(domid, preserve_domid, rune, debug, config_filename); ++ migrate_domain(domid, preserve_domid, rune, debug, ++ max_iters, config_filename); + return EXIT_SUCCESS; + } + diff --git a/libxc-sr-min_remaining.patch b/libxc-sr-min_remaining.patch new file mode 100644 index 0000000..b64768c --- /dev/null +++ b/libxc-sr-min_remaining.patch @@ -0,0 +1,173 @@ +From: Olaf Hering +Date: Thu, 7 Jan 2021 19:39:28 +0100 +Subject: libxc sr min_remaining + +tools: add --min_remaining to libxl_domain_suspend + +The decision to stop+move a domU to the new host must be based on two factors: +- the available network bandwidth for the migration stream +- the maximum time a workload within a domU can be savely suspended + +Both values define how many dirty pages a workload may produce prior the +final stop+move. + +The default value of 50 pages is much too low with todays network bandwidths. +On an idle 1GiB link these 200K will be transferred within ~2ms. + +Give the admin a knob to adjust the point when the final stop+move will +be done, so he can base this decision on his own needs. + +This patch adjusts xl(1) and the libxl API. +External users check LIBXL_HAVE_DOMAIN_SUSPEND_PROPS for the availibility +of the new .min_remaining property. + +Signed-off-by: Olaf Hering +--- + docs/man/xl.1.pod.in | 8 ++++++++ + tools/include/libxl.h | 1 + + tools/libs/light/libxl_dom_save.c | 2 +- + tools/libs/light/libxl_domain.c | 1 + + tools/libs/light/libxl_internal.h | 1 + + tools/xl/xl_cmdtable.c | 23 ++++++++++++----------- + tools/xl/xl_migrate.c | 9 ++++++++- + 7 files changed, 32 insertions(+), 13 deletions(-) + +--- a/docs/man/xl.1.pod.in ++++ b/docs/man/xl.1.pod.in +@@ -505,6 +505,14 @@ possible to use this option for a 'local + + Number of copy iterations before final suspend+move (default: 5) + ++=item B<--min_remaing> I ++ ++Number of remaining dirty pages. If the number of dirty pages drops that ++low, the guest is suspended and the domU will finally be moved to I. ++ ++This allows the host admin to control for how long the domU will likely ++be suspended during transit. ++ + =back + + =item B [I] I I +--- a/tools/include/libxl.h ++++ b/tools/include/libxl.h +@@ -1864,6 +1864,7 @@ static inline int libxl_retrieve_domain_ + typedef struct { + uint32_t flags; /* LIBXL_SUSPEND_* */ + uint32_t max_iters; ++ uint32_t min_remaining; + } libxl_domain_suspend_suse_properties; + #define LIBXL_SUSPEND_DEBUG 1 + #define LIBXL_SUSPEND_LIVE 2 +--- a/tools/libs/light/libxl_dom_save.c ++++ b/tools/libs/light/libxl_dom_save.c +@@ -381,7 +381,7 @@ static int libxl__domain_save_precopy_po + + LOGD(DEBUG, shs->domid, "iteration %u dirty_count %ld total_written %lu", + stats.iteration, stats.dirty_count, stats.total_written); +- if (stats.dirty_count >= 0 && stats.dirty_count < LIBXL_XGS_POLICY_TARGET_DIRTY_COUNT) ++ if (stats.dirty_count >= 0 && stats.dirty_count < dss->min_remaining) + goto stop_copy; + if (stats.iteration >= dss->max_iters) + goto stop_copy; +--- a/tools/libs/light/libxl_domain.c ++++ b/tools/libs/light/libxl_domain.c +@@ -525,6 +525,7 @@ static int do_libxl_domain_suspend(libxl + dss->fd = fd; + dss->type = type; + dss->max_iters = props->max_iters ?: LIBXL_XGS_POLICY_MAX_ITERATIONS; ++ dss->min_remaining = props->min_remaining ?: LIBXL_XGS_POLICY_TARGET_DIRTY_COUNT; + dss->live = props->flags & LIBXL_SUSPEND_LIVE; + dss->debug = props->flags & LIBXL_SUSPEND_DEBUG; + dss->checkpointed_stream = LIBXL_CHECKPOINTED_STREAM_NONE; +--- a/tools/libs/light/libxl_internal.h ++++ b/tools/libs/light/libxl_internal.h +@@ -3653,6 +3653,7 @@ struct libxl__domain_save_state { + int debug; + int checkpointed_stream; + uint32_t max_iters; ++ uint32_t min_remaining; + const libxl_domain_remus_info *remus; + /* private */ + int rc; +--- a/tools/xl/xl_cmdtable.c ++++ b/tools/xl/xl_cmdtable.c +@@ -166,17 +166,18 @@ const struct cmd_spec cmd_table[] = { + &main_migrate, 0, 1, + "Migrate a domain to another host", + "[options] ", +- "-h Print this help.\n" +- "-C Send instead of config file from creation.\n" +- "-s Use instead of ssh. String will be passed\n" +- " to sh. If empty, run instead of ssh xl\n" +- " migrate-receive [-d -e]\n" +- "-e Do not wait in the background (on ) for the death\n" +- " of the domain.\n" +- "--debug Enable verification mode.\n" +- "-p Do not unpause domain after migrating it.\n" +- "-D Preserve the domain id\n" +- "--max_iters N Number of copy iterations before final stop+move" ++ "-h Print this help.\n" ++ "-C Send instead of config file from creation.\n" ++ "-s Use instead of ssh. String will be passed\n" ++ " to sh. If empty, run instead of ssh xl\n" ++ " migrate-receive [-d -e]\n" ++ "-e Do not wait in the background (on ) for the death\n" ++ " of the domain.\n" ++ "--debug Enable verification mode.\n" ++ "-p Do not unpause domain after migrating it.\n" ++ "-D Preserve the domain id\n" ++ "--max_iters N Number of copy iterations before final stop+move\n" ++ "--min_remaining N Number of remaining dirty pages before final stop+move" + }, + { "restore", + &main_restore, 0, 1, +--- a/tools/xl/xl_migrate.c ++++ b/tools/xl/xl_migrate.c +@@ -179,6 +179,7 @@ static void migrate_do_preamble(int send + static void migrate_domain(uint32_t domid, int preserve_domid, + const char *rune, int debug, + uint32_t max_iters, ++ uint32_t min_remaining, + const char *override_config_file) + { + pid_t child = -1; +@@ -191,6 +192,7 @@ static void migrate_domain(uint32_t domi + libxl_domain_suspend_suse_properties props = { + .flags = LIBXL_SUSPEND_LIVE, + .max_iters = max_iters, ++ .min_remaining = min_remaining, + }; + + save_domain_core_begin(domid, preserve_domid, override_config_file, +@@ -545,9 +547,11 @@ int main_migrate(int argc, char **argv) + int opt, daemonize = 1, monitor = 1, debug = 0, pause_after_migration = 0; + int preserve_domid = 0; + uint32_t max_iters = 0; ++ uint32_t min_remaining = 0; + static struct option opts[] = { + {"debug", 0, 0, 0x100}, + {"max_iters", 1, 0, 0x101}, ++ {"min_remaining", 1, 0, 0x102}, + {"live", 0, 0, 0x200}, + COMMON_LONG_OPTS + }; +@@ -578,6 +582,9 @@ int main_migrate(int argc, char **argv) + case 0x101: /* --max_iters */ + max_iters = atoi(optarg); + break; ++ case 0x102: /* --min_remaining */ ++ min_remaining = atoi(optarg); ++ break; + case 0x200: /* --live */ + /* ignored for compatibility with xm */ + break; +@@ -613,7 +620,7 @@ int main_migrate(int argc, char **argv) + } + + migrate_domain(domid, preserve_domid, rune, debug, +- max_iters, config_filename); ++ max_iters, min_remaining, config_filename); + return EXIT_SUCCESS; + } + diff --git a/libxc-sr-number-of-iterations.patch b/libxc-sr-number-of-iterations.patch new file mode 100644 index 0000000..4f11558 --- /dev/null +++ b/libxc-sr-number-of-iterations.patch @@ -0,0 +1,24 @@ +From: Olaf Hering +Date: Mon, 4 Jan 2021 20:58:42 +0200 +Subject: libxc sr number of iterations + +Reduce default value of --max_iters from 5 to 1. +The workload within domU will continue to produce dirty pages. +It is unreasonable to expect any slowdown during migration. +Now there is one initial copy of all memory, one instead of five +iterations for dirty memory, and a final copy iteration prior move. +--- + tools/libs/light/libxl_internal.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/tools/libs/light/libxl_internal.h ++++ b/tools/libs/light/libxl_internal.h +@@ -125,7 +125,7 @@ + #define DOMID_XS_PATH "domid" + #define PVSHIM_BASENAME "xen-shim" + #define PVSHIM_CMDLINE "pv-shim console=xen,pv" +-#define LIBXL_XGS_POLICY_MAX_ITERATIONS 5 ++#define LIBXL_XGS_POLICY_MAX_ITERATIONS 1 + #define LIBXL_XGS_POLICY_TARGET_DIRTY_COUNT 50 + + #define DIV_ROUNDUP(n, d) (((n) + (d) - 1) / (d)) diff --git a/libxc-sr-precopy_policy.patch b/libxc-sr-precopy_policy.patch new file mode 100644 index 0000000..5fc286e --- /dev/null +++ b/libxc-sr-precopy_policy.patch @@ -0,0 +1,90 @@ +From: Olaf Hering +Date: Fri, 8 Jan 2021 18:19:49 +0100 +Subject: libxc sr precopy_policy + +tools: add callback to libxl for precopy_policy and precopy_stats + +This duplicates simple_precopy_policy. To recap its purpose: +- do up to 5 iterations of copying dirty domU memory to target, + including the initial copying of all domU memory, excluding + the final copying while the domU is suspended +- do fewer iterations in case the domU dirtied less than 50 pages + +Take the opportunity to also move xen_pfn_t into qw(). + +Signed-off-by: Olaf Hering + +v02: +- use plain struct precopy_stats instead of inventing + a new precopy_stats_t (anthony) +--- + tools/libs/light/libxl_dom_save.c | 19 +++++++++++++++++++ + tools/libs/light/libxl_internal.h | 2 ++ + tools/libs/light/libxl_save_msgs_gen.pl | 3 ++- + 3 files changed, 23 insertions(+), 1 deletion(-) + +--- a/tools/libs/light/libxl_dom_save.c ++++ b/tools/libs/light/libxl_dom_save.c +@@ -373,6 +373,24 @@ int libxl__save_emulator_xenstore_data(l + return rc; + } + ++static int libxl__domain_save_precopy_policy(struct precopy_stats stats, void *user) ++{ ++ libxl__save_helper_state *shs = user; ++ libxl__domain_save_state *dss = shs->caller_state; ++ STATE_AO_GC(dss->ao); ++ ++ LOGD(DEBUG, shs->domid, "iteration %u dirty_count %ld total_written %lu", ++ stats.iteration, stats.dirty_count, stats.total_written); ++ if (stats.dirty_count >= 0 && stats.dirty_count < LIBXL_XGS_POLICY_TARGET_DIRTY_COUNT) ++ goto stop_copy; ++ if (stats.iteration >= LIBXL_XGS_POLICY_MAX_ITERATIONS) ++ goto stop_copy; ++ return XGS_POLICY_CONTINUE_PRECOPY; ++ ++stop_copy: ++ return XGS_POLICY_STOP_AND_COPY; ++} ++ + /*----- main code for saving, in order of execution -----*/ + + void libxl__domain_save(libxl__egc *egc, libxl__domain_save_state *dss) +@@ -430,6 +448,7 @@ void libxl__domain_save(libxl__egc *egc, + callbacks->suspend = libxl__domain_suspend_callback; + + callbacks->switch_qemu_logdirty = libxl__domain_suspend_common_switch_qemu_logdirty; ++ callbacks->precopy_policy = libxl__domain_save_precopy_policy; + + dss->sws.ao = dss->ao; + dss->sws.dss = dss; +--- a/tools/libs/light/libxl_internal.h ++++ b/tools/libs/light/libxl_internal.h +@@ -125,6 +125,8 @@ + #define DOMID_XS_PATH "domid" + #define PVSHIM_BASENAME "xen-shim" + #define PVSHIM_CMDLINE "pv-shim console=xen,pv" ++#define LIBXL_XGS_POLICY_MAX_ITERATIONS 5 ++#define LIBXL_XGS_POLICY_TARGET_DIRTY_COUNT 50 + + #define DIV_ROUNDUP(n, d) (((n) + (d) - 1) / (d)) + +--- a/tools/libs/light/libxl_save_msgs_gen.pl ++++ b/tools/libs/light/libxl_save_msgs_gen.pl +@@ -23,6 +23,7 @@ our @msgs = ( + STRING doing_what), + 'unsigned long', 'done', + 'unsigned long', 'total'] ], ++ [ 'scxW', "precopy_policy", ['struct precopy_stats', 'stats'] ], + [ 'srcxA', "suspend", [] ], + [ 'srcxA', "postcopy", [] ], + [ 'srcxA', "checkpoint", [] ], +@@ -142,7 +143,7 @@ static void bytes_put(unsigned char *con + + END + +-foreach my $simpletype (qw(int uint16_t uint32_t unsigned), 'unsigned long', 'xen_pfn_t') { ++foreach my $simpletype (qw(int uint16_t uint32_t unsigned xen_pfn_t), 'struct precopy_stats', 'unsigned long') { + my $typeid = typeid($simpletype); + $out_body{'callout'} .= < +Date: Wed, 28 Oct 2020 12:07:36 +0100 +Subject: libxc sr readv_exact + +tools: add readv_exact to libxenctrl + +Read a batch of iovec's. + +Short reads are the common case, finish the trailing iov with read_exact. + +Signed-off-by: Olaf Hering + +v2: +- add comment to short-read handling +--- + tools/libs/ctrl/xc_private.c | 57 +++++++++++++++++++++++++++++++++++- + tools/libs/ctrl/xc_private.h | 1 + + 2 files changed, 57 insertions(+), 1 deletion(-) + +--- a/tools/libs/ctrl/xc_private.c ++++ b/tools/libs/ctrl/xc_private.c +@@ -633,8 +633,23 @@ int write_exact(int fd, const void *data + + #if defined(__MINIOS__) + /* +- * MiniOS's libc doesn't know about writev(). Implement it as multiple write()s. ++ * MiniOS's libc doesn't know about readv/writev(). ++ * Implement it as multiple read/write()s. + */ ++int readv_exact(int fd, const struct iovec *iov, int iovcnt) ++{ ++ int rc, i; ++ ++ for ( i = 0; i < iovcnt; ++i ) ++ { ++ rc = read_exact(fd, iov[i].iov_base, iov[i].iov_len); ++ if ( rc ) ++ return rc; ++ } ++ ++ return 0; ++} ++ + int writev_exact(int fd, const struct iovec *iov, int iovcnt) + { + int rc, i; +@@ -649,6 +664,46 @@ int writev_exact(int fd, const struct io + return 0; + } + #else ++int readv_exact(int fd, const struct iovec *iov, int iovcnt) ++{ ++ int rc = 0, idx = 0; ++ ssize_t len; ++ ++ while ( idx < iovcnt ) ++ { ++ len = readv(fd, &iov[idx], min(iovcnt - idx, IOV_MAX)); ++ if ( len == -1 && errno == EINTR ) ++ continue; ++ if ( len <= 0 ) ++ { ++ rc = -1; ++ goto out; ++ } ++ ++ /* Finish a potential short read in the last iov */ ++ while ( len > 0 && idx < iovcnt ) ++ { ++ if ( len >= iov[idx].iov_len ) ++ { ++ len -= iov[idx].iov_len; ++ } ++ else ++ { ++ void *p = iov[idx].iov_base + len; ++ size_t l = iov[idx].iov_len - len; ++ ++ rc = read_exact(fd, p, l); ++ if ( rc ) ++ goto out; ++ len = 0; ++ } ++ idx++; ++ } ++ } ++out: ++ return rc; ++} ++ + int writev_exact(int fd, const struct iovec *iov, int iovcnt) + { + struct iovec *local_iov = NULL; +--- a/tools/libs/ctrl/xc_private.h ++++ b/tools/libs/ctrl/xc_private.h +@@ -382,6 +382,7 @@ int xc_flush_mmu_updates(xc_interface *x + + /* Return 0 on success; -1 on error setting errno. */ + int read_exact(int fd, void *data, size_t size); /* EOF => -1, errno=0 */ ++int readv_exact(int fd, const struct iovec *iov, int iovcnt); + int write_exact(int fd, const void *data, size_t size); + int writev_exact(int fd, const struct iovec *iov, int iovcnt); + diff --git a/libxc-sr-restore-handle_buffered_page_data.patch b/libxc-sr-restore-handle_buffered_page_data.patch new file mode 100644 index 0000000..c695f73 --- /dev/null +++ b/libxc-sr-restore-handle_buffered_page_data.patch @@ -0,0 +1,435 @@ +From: Olaf Hering +Date: Tue, 27 Oct 2020 19:21:50 +0100 +Subject: libxc sr restore handle_buffered_page_data + +tools: restore: split handle_page_data + +handle_page_data must be able to read directly into mapped guest memory. +This will avoid unneccesary memcpy calls for data that can be consumed verbatim. + +Split the various steps of record processing: +- move processing to handle_buffered_page_data +- adjust xenforeignmemory_map to set errno in case of failure +- adjust verify mode to set errno in case of failure + +This change is preparation for future changes in handle_page_data, +no change in behavior is intended. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 4 + + tools/libs/guest/xg_sr_restore.c | 320 ++++++++++++++++++++----------- + 2 files changed, 207 insertions(+), 117 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -262,6 +262,10 @@ struct xc_sr_context + int *map_errs; + xen_pfn_t *pp_pfns; + xen_pfn_t *pp_mfns; ++ void **guest_data; ++ ++ void *guest_mapping; ++ uint32_t nr_mapped_pages; + + int send_back_fd; + unsigned long p2m_size; +--- a/tools/libs/guest/xg_sr_restore.c ++++ b/tools/libs/guest/xg_sr_restore.c +@@ -183,121 +183,18 @@ int populate_pfns(struct xc_sr_context * + return rc; + } + +-/* +- * Given a list of pfns, their types, and a block of page data from the +- * stream, populate and record their types, map the relevant subset and copy +- * the data into the guest. +- */ +-static int process_page_data(struct xc_sr_context *ctx, unsigned int count, +- xen_pfn_t *pfns, uint32_t *types, void *page_data) ++static int handle_static_data_end_v2(struct xc_sr_context *ctx) + { +- xc_interface *xch = ctx->xch; +- int rc; +- void *mapping = NULL, *guest_page = NULL; +- unsigned int i, /* i indexes the pfns from the record. */ +- j, /* j indexes the subset of pfns we decide to map. */ +- nr_pages = 0; +- +- rc = populate_pfns(ctx, count, pfns, types); +- if ( rc ) +- { +- ERROR("Failed to populate pfns for batch of %u pages", count); +- goto err; +- } +- +- for ( i = 0; i < count; ++i ) +- { +- ctx->restore.ops.set_page_type(ctx, pfns[i], types[i]); +- +- if ( page_type_has_stream_data(types[i]) ) +- ctx->restore.mfns[nr_pages++] = ctx->restore.ops.pfn_to_gfn(ctx, pfns[i]); +- } +- +- /* Nothing to do? */ +- if ( nr_pages == 0 ) +- goto done; +- +- mapping = guest_page = xenforeignmemory_map( +- xch->fmem, ctx->domid, PROT_READ | PROT_WRITE, +- nr_pages, ctx->restore.mfns, ctx->restore.map_errs); +- if ( !mapping ) +- { +- rc = -1; +- PERROR("Unable to map %u mfns for %u pages of data", +- nr_pages, count); +- goto err; +- } +- +- for ( i = 0, j = 0; i < count; ++i ) +- { +- if ( !page_type_has_stream_data(types[i]) ) +- continue; +- +- if ( ctx->restore.map_errs[j] ) +- { +- rc = -1; +- ERROR("Mapping pfn %#"PRIpfn" (mfn %#"PRIpfn", type %#"PRIx32") failed with %d", +- pfns[i], ctx->restore.mfns[j], types[i], ctx->restore.map_errs[j]); +- goto err; +- } +- +- /* Undo page normalisation done by the saver. */ +- rc = ctx->restore.ops.localise_page(ctx, types[i], page_data); +- if ( rc ) +- { +- ERROR("Failed to localise pfn %#"PRIpfn" (type %#"PRIx32")", +- pfns[i], types[i] >> XEN_DOMCTL_PFINFO_LTAB_SHIFT); +- goto err; +- } +- +- if ( ctx->restore.verify ) +- { +- /* Verify mode - compare incoming data to what we already have. */ +- if ( memcmp(guest_page, page_data, PAGE_SIZE) ) +- ERROR("verify pfn %#"PRIpfn" failed (type %#"PRIx32")", +- pfns[i], types[i] >> XEN_DOMCTL_PFINFO_LTAB_SHIFT); +- } +- else +- { +- /* Regular mode - copy incoming data into place. */ +- memcpy(guest_page, page_data, PAGE_SIZE); +- } +- +- ++j; +- guest_page += PAGE_SIZE; +- page_data += PAGE_SIZE; +- } +- +- done: +- rc = 0; +- +- err: +- if ( mapping ) +- xenforeignmemory_unmap(xch->fmem, mapping, nr_pages); +- +- return rc; +-} ++ int rc = 0; + +-/* +- * Validate a PAGE_DATA record from the stream, and pass the results to +- * process_page_data() to actually perform the legwork. +- */ +-static int handle_page_data(struct xc_sr_context *ctx, struct xc_sr_record *rec) +-{ ++#if defined(__i386__) || defined(__x86_64__) + xc_interface *xch = ctx->xch; +- struct xc_sr_rec_page_data_header *pages = rec->data; +- unsigned int i, pages_of_data = 0; +- int rc = -1; +- +- xen_pfn_t pfn; +- uint32_t type; +- + /* + * v2 compatibility only exists for x86 streams. This is a bit of a + * bodge, but it is less bad than duplicating handle_page_data() between + * different architectures. + */ +-#if defined(__i386__) || defined(__x86_64__) ++ + /* v2 compat. Infer the position of STATIC_DATA_END. */ + if ( ctx->restore.format_version < 3 && !ctx->restore.seen_static_data_end ) + { +@@ -315,12 +212,26 @@ static int handle_page_data(struct xc_sr + ERROR("No STATIC_DATA_END seen"); + goto err; + } ++ ++ rc = 0; ++err: + #endif + +- if ( rec->length < sizeof(*pages) ) ++ return rc; ++} ++ ++static bool verify_rec_page_hdr(struct xc_sr_context *ctx, uint32_t rec_length, ++ struct xc_sr_rec_page_data_header *pages) ++{ ++ xc_interface *xch = ctx->xch; ++ bool ret = false; ++ ++ errno = EINVAL; ++ ++ if ( rec_length < sizeof(*pages) ) + { + ERROR("PAGE_DATA record truncated: length %u, min %zu", +- rec->length, sizeof(*pages)); ++ rec_length, sizeof(*pages)); + goto err; + } + +@@ -330,13 +241,28 @@ static int handle_page_data(struct xc_sr + goto err; + } + +- if ( rec->length < sizeof(*pages) + (pages->count * sizeof(uint64_t)) ) ++ if ( rec_length < sizeof(*pages) + (pages->count * sizeof(uint64_t)) ) + { + ERROR("PAGE_DATA record (length %u) too short to contain %u" +- " pfns worth of information", rec->length, pages->count); ++ " pfns worth of information", rec_length, pages->count); + goto err; + } + ++ ret = true; ++ ++err: ++ return ret; ++} ++ ++static bool verify_rec_page_pfns(struct xc_sr_context *ctx, uint32_t rec_length, ++ struct xc_sr_rec_page_data_header *pages) ++{ ++ xc_interface *xch = ctx->xch; ++ uint32_t i, pages_of_data = 0; ++ xen_pfn_t pfn; ++ uint32_t type; ++ bool ret = false; ++ + for ( i = 0; i < pages->count; ++i ) + { + pfn = pages->pfn[i] & PAGE_DATA_PFN_MASK; +@@ -363,19 +289,177 @@ static int handle_page_data(struct xc_sr + ctx->restore.types[i] = type; + } + +- if ( rec->length != (sizeof(*pages) + ++ if ( rec_length != (sizeof(*pages) + + (sizeof(uint64_t) * pages->count) + + (PAGE_SIZE * pages_of_data)) ) + { + ERROR("PAGE_DATA record wrong size: length %u, expected " +- "%zu + %zu + %lu", rec->length, sizeof(*pages), ++ "%zu + %zu + %lu", rec_length, sizeof(*pages), + (sizeof(uint64_t) * pages->count), (PAGE_SIZE * pages_of_data)); + goto err; + } + +- rc = process_page_data(ctx, pages->count, ctx->restore.pfns, +- ctx->restore.types, &pages->pfn[pages->count]); ++ ret = true; ++ ++err: ++ return ret; ++} ++ ++/* ++ * Populate pfns, if required ++ * Fill guest_data with either mapped address or NULL ++ * The caller must unmap guest_mapping ++ */ ++static int map_guest_pages(struct xc_sr_context *ctx, ++ struct xc_sr_rec_page_data_header *pages) ++{ ++ xc_interface *xch = ctx->xch; ++ uint32_t i, p; ++ int rc; ++ ++ rc = populate_pfns(ctx, pages->count, ctx->restore.pfns, ctx->restore.types); ++ if ( rc ) ++ { ++ ERROR("Failed to populate pfns for batch of %u pages", pages->count); ++ goto err; ++ } ++ ++ ctx->restore.nr_mapped_pages = 0; ++ ++ for ( i = 0; i < pages->count; i++ ) ++ { ++ ctx->restore.ops.set_page_type(ctx, ctx->restore.pfns[i], ctx->restore.types[i]); ++ ++ if ( page_type_has_stream_data(ctx->restore.types[i]) == false ) ++ { ++ ctx->restore.guest_data[i] = NULL; ++ continue; ++ } ++ ++ ctx->restore.mfns[ctx->restore.nr_mapped_pages++] = ctx->restore.ops.pfn_to_gfn(ctx, ctx->restore.pfns[i]); ++ } ++ ++ /* Nothing to do? */ ++ if ( ctx->restore.nr_mapped_pages == 0 ) ++ goto done; ++ ++ ctx->restore.guest_mapping = xenforeignmemory_map(xch->fmem, ctx->domid, ++ PROT_READ | PROT_WRITE, ctx->restore.nr_mapped_pages, ++ ctx->restore.mfns, ctx->restore.map_errs); ++ if ( !ctx->restore.guest_mapping ) ++ { ++ rc = -1; ++ PERROR("Unable to map %u mfns for %u pages of data", ++ ctx->restore.nr_mapped_pages, pages->count); ++ goto err; ++ } ++ ++ /* Verify mapping, and assign address to pfn data */ ++ for ( i = 0, p = 0; i < pages->count; i++ ) ++ { ++ if ( !page_type_has_stream_data(ctx->restore.types[i]) ) ++ continue; ++ ++ if ( ctx->restore.map_errs[p] == 0 ) ++ { ++ ctx->restore.guest_data[i] = ctx->restore.guest_mapping + (p * PAGE_SIZE); ++ p++; ++ continue; ++ } ++ ++ errno = ctx->restore.map_errs[p]; ++ rc = -1; ++ PERROR("Mapping pfn %#"PRIpfn" (mfn %#"PRIpfn", type %#"PRIx32") failed", ++ ctx->restore.pfns[i], ctx->restore.mfns[p], ctx->restore.types[i]); ++ goto err; ++ } ++ ++done: ++ rc = 0; ++ ++err: ++ return rc; ++} ++ ++/* ++ * Handle PAGE_DATA record from an existing buffer ++ * Given a list of pfns, their types, and a block of page data from the ++ * stream, populate and record their types, map the relevant subset and copy ++ * the data into the guest. ++ */ ++static int handle_buffered_page_data(struct xc_sr_context *ctx, ++ struct xc_sr_record *rec) ++{ ++ xc_interface *xch = ctx->xch; ++ struct xc_sr_rec_page_data_header *pages = rec->data; ++ void *p; ++ uint32_t i; ++ int rc = -1, idx; ++ ++ rc = handle_static_data_end_v2(ctx); ++ if ( rc ) ++ goto err; ++ ++ /* First read and verify the header */ ++ if ( !verify_rec_page_hdr(ctx, rec->length, pages) ) ++ { ++ rc = -1; ++ goto err; ++ } ++ ++ /* Then read and verify the pfn numbers */ ++ if ( !verify_rec_page_pfns(ctx, rec->length, pages) ) ++ { ++ rc = -1; ++ goto err; ++ } ++ ++ /* Map the target pfn */ ++ rc = map_guest_pages(ctx, pages); ++ if ( rc ) ++ goto err; ++ ++ for ( i = 0, idx = 0; i < pages->count; i++ ) ++ { ++ if ( !ctx->restore.guest_data[i] ) ++ continue; ++ ++ p = &pages->pfn[pages->count] + (idx * PAGE_SIZE); ++ rc = ctx->restore.ops.localise_page(ctx, ctx->restore.types[i], p); ++ if ( rc ) ++ { ++ ERROR("Failed to localise pfn %#"PRIpfn" (type %#"PRIx32")", ++ ctx->restore.pfns[i], ctx->restore.types[i] >> XEN_DOMCTL_PFINFO_LTAB_SHIFT); ++ goto err; ++ ++ } ++ ++ if ( ctx->restore.verify ) ++ { ++ if ( memcmp(ctx->restore.guest_data[i], p, PAGE_SIZE) ) ++ { ++ errno = EIO; ++ ERROR("verify pfn %#"PRIpfn" failed (type %#"PRIx32")", ++ ctx->restore.pfns[i], ctx->restore.types[i] >> XEN_DOMCTL_PFINFO_LTAB_SHIFT); ++ goto err; ++ } ++ } ++ else ++ { ++ memcpy(ctx->restore.guest_data[i], p, PAGE_SIZE); ++ } ++ ++ idx++; ++ } ++ ++ rc = 0; ++ + err: ++ if ( ctx->restore.guest_mapping ) ++ { ++ xenforeignmemory_unmap(xch->fmem, ctx->restore.guest_mapping, ctx->restore.nr_mapped_pages); ++ ctx->restore.guest_mapping = NULL; ++ } + return rc; + } + +@@ -623,7 +707,7 @@ static int process_buffered_record(struc + break; + + case REC_TYPE_PAGE_DATA: +- rc = handle_page_data(ctx, rec); ++ rc = handle_buffered_page_data(ctx, rec); + break; + + case REC_TYPE_VERIFY: +@@ -703,9 +787,10 @@ static int setup(struct xc_sr_context *c + ctx->restore.map_errs = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.map_errs)); + ctx->restore.pp_pfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pp_pfns)); + ctx->restore.pp_mfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pp_mfns)); ++ ctx->restore.guest_data = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.guest_data)); + if ( !ctx->restore.pfns || !ctx->restore.types || !ctx->restore.mfns || + !ctx->restore.map_errs || !ctx->restore.pp_pfns || +- !ctx->restore.pp_mfns ) ++ !ctx->restore.pp_mfns || !ctx->restore.guest_data ) + { + ERROR("Unable to allocate memory"); + rc = -1; +@@ -742,6 +827,7 @@ static void cleanup(struct xc_sr_context + + free(ctx->restore.buffered_records); + free(ctx->restore.populated_pfns); ++ free(ctx->restore.guest_data); + free(ctx->restore.pp_mfns); + free(ctx->restore.pp_pfns); + free(ctx->restore.map_errs); diff --git a/libxc-sr-restore-handle_incoming_page_data.patch b/libxc-sr-restore-handle_incoming_page_data.patch new file mode 100644 index 0000000..7f58b48 --- /dev/null +++ b/libxc-sr-restore-handle_incoming_page_data.patch @@ -0,0 +1,230 @@ +From: Olaf Hering +Date: Thu, 29 Oct 2020 16:13:10 +0100 +Subject: libxc sr restore handle_incoming_page_data + +tools: restore: write data directly into guest + +Read incoming migration stream directly into the guest memory. +This avoids the memory allocation and copying, and the resulting +performance penalty. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 3 + + tools/libs/guest/xg_sr_restore.c | 155 ++++++++++++++++++++++++++++++- + 2 files changed, 153 insertions(+), 5 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -263,6 +263,8 @@ struct xc_sr_context + xen_pfn_t *pp_pfns; + xen_pfn_t *pp_mfns; + void **guest_data; ++ struct iovec *iov; ++ struct xc_sr_rec_page_data_header *pages; + + void *guest_mapping; + uint32_t nr_mapped_pages; +@@ -311,6 +313,7 @@ struct xc_sr_context + + /* Sender has invoked verify mode on the stream. */ + bool verify; ++ void *verify_buf; + } restore; + }; + +--- a/tools/libs/guest/xg_sr_restore.c ++++ b/tools/libs/guest/xg_sr_restore.c +@@ -382,6 +382,129 @@ err: + } + + /* ++ * Handle PAGE_DATA record from the stream. ++ * Given a list of pfns, their types, and a block of page data from the ++ * stream, populate and record their types, map the relevant subset and copy ++ * the data into the guest. ++ */ ++static int handle_incoming_page_data(struct xc_sr_context *ctx, ++ struct xc_sr_rhdr *rhdr) ++{ ++ xc_interface *xch = ctx->xch; ++ struct xc_sr_rec_page_data_header *pages = ctx->restore.pages; ++ uint64_t *pfn_nums = &pages->pfn[0]; ++ uint32_t i; ++ int rc, iov_idx; ++ ++ rc = handle_static_data_end_v2(ctx); ++ if ( rc ) ++ goto err; ++ ++ /* First read and verify the header */ ++ rc = read_exact(ctx->fd, pages, sizeof(*pages)); ++ if ( rc ) ++ { ++ PERROR("Could not read rec_pfn header"); ++ goto err; ++ } ++ ++ if ( !verify_rec_page_hdr(ctx, rhdr->length, pages) ) ++ { ++ rc = -1; ++ goto err; ++ } ++ ++ /* Then read and verify the incoming pfn numbers */ ++ rc = read_exact(ctx->fd, pfn_nums, sizeof(*pfn_nums) * pages->count); ++ if ( rc ) ++ { ++ PERROR("Could not read rec_pfn data"); ++ goto err; ++ } ++ ++ if ( !verify_rec_page_pfns(ctx, rhdr->length, pages) ) ++ { ++ rc = -1; ++ goto err; ++ } ++ ++ /* Finally read and verify the incoming pfn data */ ++ rc = map_guest_pages(ctx, pages); ++ if ( rc ) ++ goto err; ++ ++ /* Prepare read buffers, either guest or throw-away memory */ ++ for ( i = 0, iov_idx = 0; i < pages->count; i++ ) ++ { ++ struct iovec *iov; ++ ++ if ( !ctx->restore.guest_data[i] ) ++ continue; ++ ++ iov = &ctx->restore.iov[iov_idx]; ++ iov->iov_len = PAGE_SIZE; ++ if ( ctx->restore.verify ) ++ iov->iov_base = ctx->restore.verify_buf + (i * PAGE_SIZE); ++ else ++ iov->iov_base = ctx->restore.guest_data[i]; ++ iov_idx++; ++ } ++ ++ if ( !iov_idx ) ++ goto done; ++ ++ rc = readv_exact(ctx->fd, ctx->restore.iov, iov_idx); ++ if ( rc ) ++ { ++ PERROR("read of %d pages failed", iov_idx); ++ goto err; ++ } ++ ++ /* Post-processing of pfn data */ ++ for ( i = 0, iov_idx = 0; i < pages->count; i++ ) ++ { ++ void *addr; ++ ++ if ( !ctx->restore.guest_data[i] ) ++ continue; ++ ++ addr = ctx->restore.iov[iov_idx].iov_base; ++ rc = ctx->restore.ops.localise_page(ctx, ctx->restore.types[i], addr); ++ if ( rc ) ++ { ++ ERROR("Failed to localise pfn %#"PRIpfn" (type %#"PRIx32")", ++ ctx->restore.pfns[i], ++ ctx->restore.types[i] >> XEN_DOMCTL_PFINFO_LTAB_SHIFT); ++ goto err; ++ ++ } ++ ++ if ( ctx->restore.verify ) ++ { ++ if ( memcmp(ctx->restore.guest_data[i], addr, PAGE_SIZE) ) ++ { ++ ERROR("verify pfn %#"PRIpfn" failed (type %#"PRIx32")", ++ ctx->restore.pfns[i], ++ ctx->restore.types[i] >> XEN_DOMCTL_PFINFO_LTAB_SHIFT); ++ } ++ } ++ ++ iov_idx++; ++ } ++ ++done: ++ rc = 0; ++ ++err: ++ if ( ctx->restore.guest_mapping ) ++ { ++ xenforeignmemory_unmap(xch->fmem, ctx->restore.guest_mapping, ctx->restore.nr_mapped_pages); ++ ctx->restore.guest_mapping = NULL; ++ } ++ return rc; ++} ++ ++/* + * Handle PAGE_DATA record from an existing buffer + * Given a list of pfns, their types, and a block of page data from the + * stream, populate and record their types, map the relevant subset and copy +@@ -713,6 +836,15 @@ static int process_buffered_record(struc + case REC_TYPE_VERIFY: + DPRINTF("Verify mode enabled"); + ctx->restore.verify = true; ++ if ( !ctx->restore.verify_buf ) ++ { ++ ctx->restore.verify_buf = malloc(MAX_BATCH_SIZE * PAGE_SIZE); ++ if ( !ctx->restore.verify_buf ) ++ { ++ PERROR("Unable to allocate verify_buf"); ++ rc = -1; ++ } ++ } + break; + + case REC_TYPE_CHECKPOINT: +@@ -739,11 +871,19 @@ static int process_incoming_record_heade + struct xc_sr_record rec; + int rc; + +- rc = read_record_data(ctx, ctx->fd, rhdr, &rec); +- if ( rc ) +- return rc; ++ switch ( rhdr->type ) ++ { ++ case REC_TYPE_PAGE_DATA: ++ rc = handle_incoming_page_data(ctx, rhdr); ++ break; ++ default: ++ rc = read_record_data(ctx, ctx->fd, rhdr, &rec); ++ if ( rc == 0 ) ++ rc = process_buffered_record(ctx, &rec);; ++ break; ++ } + +- return process_buffered_record(ctx, &rec); ++ return rc; + } + + +@@ -788,9 +928,12 @@ static int setup(struct xc_sr_context *c + ctx->restore.pp_pfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pp_pfns)); + ctx->restore.pp_mfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pp_mfns)); + ctx->restore.guest_data = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.guest_data)); ++ ctx->restore.iov = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.iov)); ++ ctx->restore.pages = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pages->pfn) + sizeof(*ctx->restore.pages)); + if ( !ctx->restore.pfns || !ctx->restore.types || !ctx->restore.mfns || + !ctx->restore.map_errs || !ctx->restore.pp_pfns || +- !ctx->restore.pp_mfns || !ctx->restore.guest_data ) ++ !ctx->restore.pp_mfns || !ctx->restore.guest_data || ++ !ctx->restore.iov || !ctx->restore.pages ) + { + ERROR("Unable to allocate memory"); + rc = -1; +@@ -827,6 +970,8 @@ static void cleanup(struct xc_sr_context + + free(ctx->restore.buffered_records); + free(ctx->restore.populated_pfns); ++ free(ctx->restore.pages); ++ free(ctx->restore.iov); + free(ctx->restore.guest_data); + free(ctx->restore.pp_mfns); + free(ctx->restore.pp_pfns); diff --git a/libxc-sr-restore-hvm-legacy-superpage.patch b/libxc-sr-restore-hvm-legacy-superpage.patch new file mode 100644 index 0000000..d4f2cd6 --- /dev/null +++ b/libxc-sr-restore-hvm-legacy-superpage.patch @@ -0,0 +1,701 @@ +From: Olaf Hering +Date: Mon, 7 Aug 2017 12:58:02 +0000 +Subject: libxc sr restore hvm legacy superpage + +tools: use superpages during restore of HVM guest + +bsc#1035231 - migration of HVM domU does not use superpages on destination dom0 +bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored + +During creating of a HVM domU meminit_hvm() tries to map superpages. +After save/restore or migration this mapping is lost, everything is +allocated in single pages. This causes a performance degradation after +migration. + +Add neccessary code to preallocate a superpage for an incoming chunk of +pfns. In case a pfn was not populated on the sending side, it must be +freed on the receiving side to avoid over-allocation. + +The existing code for x86_pv is moved unmodified into its own file. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_dom_x86.c | 5 - + tools/libs/guest/xg_private.h | 5 + + tools/libs/guest/xg_sr_common.h | 28 +- + tools/libs/guest/xg_sr_restore.c | 60 +--- + tools/libs/guest/xg_sr_restore_x86_hvm.c | 381 ++++++++++++++++++++++- + tools/libs/guest/xg_sr_restore_x86_pv.c | 61 +++- + 6 files changed, 467 insertions(+), 73 deletions(-) + +--- a/tools/libs/guest/xg_dom_x86.c ++++ b/tools/libs/guest/xg_dom_x86.c +@@ -44,11 +44,6 @@ + + #define SUPERPAGE_BATCH_SIZE 512 + +-#define SUPERPAGE_2MB_SHIFT 9 +-#define SUPERPAGE_2MB_NR_PFNS (1UL << SUPERPAGE_2MB_SHIFT) +-#define SUPERPAGE_1GB_SHIFT 18 +-#define SUPERPAGE_1GB_NR_PFNS (1UL << SUPERPAGE_1GB_SHIFT) +- + #define X86_CR0_PE 0x01 + #define X86_CR0_ET 0x10 + +--- a/tools/libs/guest/xg_private.h ++++ b/tools/libs/guest/xg_private.h +@@ -180,4 +180,9 @@ struct xc_cpu_policy { + }; + #endif /* x86 */ + ++#define SUPERPAGE_2MB_SHIFT 9 ++#define SUPERPAGE_2MB_NR_PFNS (1UL << SUPERPAGE_2MB_SHIFT) ++#define SUPERPAGE_1GB_SHIFT 18 ++#define SUPERPAGE_1GB_NR_PFNS (1UL << SUPERPAGE_1GB_SHIFT) ++ + #endif /* XG_PRIVATE_H */ +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -208,6 +208,16 @@ struct xc_sr_restore_ops + int (*setup)(struct xc_sr_context *ctx); + + /** ++ * Populate PFNs ++ * ++ * Given a set of pfns, obtain memory from Xen to fill the physmap for the ++ * unpopulated subset. ++ */ ++ int (*populate_pfns)(struct xc_sr_context *ctx, unsigned count, ++ const xen_pfn_t *original_pfns, const uint32_t *types); ++ ++ ++ /** + * Process an individual record from the stream. The caller shall take + * care of processing common records (e.g. END, PAGE_DATA). + * +@@ -338,6 +348,8 @@ struct xc_sr_context + + int send_back_fd; + unsigned long p2m_size; ++ unsigned long max_pages; ++ unsigned long tot_pages; + xc_hypercall_buffer_t dirty_bitmap_hbuf; + + /* From Image Header. */ +@@ -471,6 +483,14 @@ struct xc_sr_context + { + /* HVM context blob. */ + struct xc_sr_blob context; ++ ++ /* Bitmap of currently allocated PFNs during restore. */ ++ struct sr_bitmap attempted_1g; ++ struct sr_bitmap attempted_2m; ++ struct sr_bitmap allocated_pfns; ++ xen_pfn_t prev_populated_pfn; ++ xen_pfn_t iteration_tracker_pfn; ++ unsigned long iteration; + } restore; + }; + } hvm; +@@ -535,14 +555,6 @@ int read_record_header(struct xc_sr_cont + int read_record_data(struct xc_sr_context *ctx, int fd, struct xc_sr_rhdr *rhdr, + struct xc_sr_record *rec); + +-/* +- * This would ideally be private in restore.c, but is needed by +- * x86_pv_localise_page() if we receive pagetables frames ahead of the +- * contents of the frames they point at. +- */ +-int populate_pfns(struct xc_sr_context *ctx, unsigned int count, +- const xen_pfn_t *original_pfns, const uint32_t *types); +- + /* Handle a STATIC_DATA_END record. */ + int handle_static_data_end(struct xc_sr_context *ctx); + +--- a/tools/libs/guest/xg_sr_restore.c ++++ b/tools/libs/guest/xg_sr_restore.c +@@ -71,60 +71,6 @@ static int read_headers(struct xc_sr_con + return 0; + } + +-/* +- * Given a set of pfns, obtain memory from Xen to fill the physmap for the +- * unpopulated subset. If types is NULL, no page type checking is performed +- * and all unpopulated pfns are populated. +- */ +-int populate_pfns(struct xc_sr_context *ctx, unsigned int count, +- const xen_pfn_t *original_pfns, const uint32_t *types) +-{ +- xc_interface *xch = ctx->xch; +- unsigned int i, nr_pfns = 0; +- int rc = -1; +- +- for ( i = 0; i < count; ++i ) +- { +- if ( (!types || page_type_to_populate(types[i])) && +- !pfn_is_populated(ctx, original_pfns[i]) ) +- { +- rc = pfn_set_populated(ctx, original_pfns[i]); +- if ( rc ) +- goto err; +- ctx->restore.pp_pfns[nr_pfns] = ctx->restore.pp_mfns[nr_pfns] = original_pfns[i]; +- ++nr_pfns; +- } +- } +- +- if ( nr_pfns ) +- { +- rc = xc_domain_populate_physmap_exact( +- xch, ctx->domid, nr_pfns, 0, 0, ctx->restore.pp_mfns); +- if ( rc ) +- { +- PERROR("Failed to populate physmap"); +- goto err; +- } +- +- for ( i = 0; i < nr_pfns; ++i ) +- { +- if ( ctx->restore.pp_mfns[i] == INVALID_MFN ) +- { +- ERROR("Populate physmap failed for pfn %u", i); +- rc = -1; +- goto err; +- } +- +- ctx->restore.ops.set_gfn(ctx, ctx->restore.pp_pfns[i], ctx->restore.pp_mfns[i]); +- } +- } +- +- rc = 0; +- +- err: +- return rc; +-} +- + static int handle_static_data_end_v2(struct xc_sr_context *ctx) + { + int rc = 0; +@@ -259,7 +205,8 @@ static int map_guest_pages(struct xc_sr_ + uint32_t i, p; + int rc; + +- rc = populate_pfns(ctx, pages->count, ctx->restore.pfns, ctx->restore.types); ++ rc = ctx->restore.ops.populate_pfns(ctx, pages->count, ctx->restore.pfns, ++ ctx->restore.types); + if ( rc ) + { + ERROR("Failed to populate pfns for batch of %u pages", pages->count); +@@ -1074,6 +1021,9 @@ int xc_domain_restore(xc_interface *xch, + return -1; + } + ++ /* See xc_domain_getinfo */ ++ ctx.restore.max_pages = ctx.dominfo.max_pages; ++ ctx.restore.tot_pages = ctx.dominfo.tot_pages; + ctx.restore.p2m_size = nr_pfns; + ctx.restore.ops = hvm ? restore_ops_x86_hvm : restore_ops_x86_pv; + +--- a/tools/libs/guest/xg_sr_restore_x86_hvm.c ++++ b/tools/libs/guest/xg_sr_restore_x86_hvm.c +@@ -130,6 +130,33 @@ static int x86_hvm_localise_page(struct + return 0; + } + ++static bool x86_hvm_expand_sp_bitmaps(struct xc_sr_context *ctx, unsigned long max_pfn) ++{ ++ struct sr_bitmap *bm; ++ ++ bm = &ctx->x86.hvm.restore.attempted_1g; ++ if ( !sr_bitmap_expand(bm, max_pfn >> SUPERPAGE_1GB_SHIFT) ) ++ return false; ++ ++ bm = &ctx->x86.hvm.restore.attempted_2m; ++ if ( !sr_bitmap_expand(bm, max_pfn >> SUPERPAGE_2MB_SHIFT) ) ++ return false; ++ ++ bm = &ctx->x86.hvm.restore.allocated_pfns; ++ if ( !sr_bitmap_expand(bm, max_pfn) ) ++ return false; ++ ++ return true; ++} ++ ++static void x86_hvm_no_superpage(struct xc_sr_context *ctx, unsigned long addr) ++{ ++ unsigned long pfn = addr >> XC_PAGE_SHIFT; ++ ++ sr_set_bit(pfn >> SUPERPAGE_1GB_SHIFT, &ctx->x86.hvm.restore.attempted_1g); ++ sr_set_bit(pfn >> SUPERPAGE_2MB_SHIFT, &ctx->x86.hvm.restore.attempted_2m); ++} ++ + /* + * restore_ops function. Confirms the stream matches the domain. + */ +@@ -164,12 +191,24 @@ static int x86_hvm_setup(struct xc_sr_co + + max_pfn = max(ctx->restore.p2m_size, max_pages); + if ( !sr_bitmap_expand(&ctx->restore.populated_pfns, max_pfn) ) +- { +- PERROR("Unable to allocate memory for populated_pfns bitmap"); +- return -1; +- } ++ goto out; ++ ++ if ( !x86_hvm_expand_sp_bitmaps(ctx, max_pfn) ) ++ goto out; ++ ++ /* FIXME: distinguish between PVH and HVM */ ++ /* No superpage in 1st 2MB due to VGA hole */ ++ x86_hvm_no_superpage(ctx, 0xA0000u); ++#define LAPIC_BASE_ADDRESS 0xfee00000u ++#define ACPI_INFO_PHYSICAL_ADDRESS 0xfc000000u ++ x86_hvm_no_superpage(ctx, LAPIC_BASE_ADDRESS); ++ x86_hvm_no_superpage(ctx, ACPI_INFO_PHYSICAL_ADDRESS); + + return 0; ++ ++out: ++ PERROR("Unable to allocate memory for pfn bitmaps"); ++ return -1; + } + + /* +@@ -250,6 +289,9 @@ static int x86_hvm_stream_complete(struc + static int x86_hvm_cleanup(struct xc_sr_context *ctx) + { + sr_bitmap_free(&ctx->restore.populated_pfns); ++ sr_bitmap_free(&ctx->x86.hvm.restore.attempted_1g); ++ sr_bitmap_free(&ctx->x86.hvm.restore.attempted_2m); ++ sr_bitmap_free(&ctx->x86.hvm.restore.allocated_pfns); + free(ctx->x86.hvm.restore.context.ptr); + + free(ctx->x86.restore.cpuid.ptr); +@@ -258,6 +300,336 @@ static int x86_hvm_cleanup(struct xc_sr_ + return 0; + } + ++/* ++ * Set a range of pfns as allocated ++ */ ++static void pfn_set_long_allocated(struct xc_sr_context *ctx, xen_pfn_t base_pfn) ++{ ++ sr_set_long_bit(base_pfn, &ctx->x86.hvm.restore.allocated_pfns); ++} ++ ++static void pfn_set_allocated(struct xc_sr_context *ctx, xen_pfn_t pfn) ++{ ++ sr_set_bit(pfn, &ctx->x86.hvm.restore.allocated_pfns); ++} ++ ++struct x86_hvm_sp { ++ xen_pfn_t pfn; ++ xen_pfn_t base_pfn; ++ unsigned long index; ++ unsigned long count; ++}; ++ ++/* ++ * Try to allocate a 1GB page for this pfn, but avoid Over-allocation. ++ * If this succeeds, mark the range of 2MB pages as busy. ++ */ ++static bool x86_hvm_alloc_1g(struct xc_sr_context *ctx, struct x86_hvm_sp *sp) ++{ ++ xc_interface *xch = ctx->xch; ++ unsigned int order; ++ int i, done; ++ xen_pfn_t extent; ++ ++ /* Only one attempt to avoid overlapping allocation */ ++ if ( sr_test_and_set_bit(sp->index, &ctx->x86.hvm.restore.attempted_1g) ) ++ return false; ++ ++ order = SUPERPAGE_1GB_SHIFT; ++ sp->count = SUPERPAGE_1GB_NR_PFNS; ++ ++ /* Allocate only if there is room for another superpage */ ++ if ( ctx->restore.tot_pages + sp->count > ctx->restore.max_pages ) ++ return false; ++ ++ extent = sp->base_pfn = (sp->pfn >> order) << order; ++ done = xc_domain_populate_physmap(xch, ctx->domid, 1, order, 0, &extent); ++ if ( done < 0 ) { ++ PERROR("populate_physmap failed."); ++ return false; ++ } ++ if ( done == 0 ) ++ return false; ++ ++ DPRINTF("1G %" PRI_xen_pfn "\n", sp->base_pfn); ++ ++ /* Mark all 2MB pages as done to avoid overlapping allocation */ ++ for ( i = 0; i < (SUPERPAGE_1GB_NR_PFNS/SUPERPAGE_2MB_NR_PFNS); i++ ) ++ sr_set_bit((sp->base_pfn >> SUPERPAGE_2MB_SHIFT) + i, &ctx->x86.hvm.restore.attempted_2m); ++ ++ return true; ++} ++ ++/* Allocate a 2MB page if x86_hvm_alloc_1g failed, avoid Over-allocation. */ ++static bool x86_hvm_alloc_2m(struct xc_sr_context *ctx, struct x86_hvm_sp *sp) ++{ ++ xc_interface *xch = ctx->xch; ++ unsigned int order; ++ int done; ++ xen_pfn_t extent; ++ ++ /* Only one attempt to avoid overlapping allocation */ ++ if ( sr_test_and_set_bit(sp->index, &ctx->x86.hvm.restore.attempted_2m) ) ++ return false; ++ ++ order = SUPERPAGE_2MB_SHIFT; ++ sp->count = SUPERPAGE_2MB_NR_PFNS; ++ ++ /* Allocate only if there is room for another superpage */ ++ if ( ctx->restore.tot_pages + sp->count > ctx->restore.max_pages ) ++ return false; ++ ++ extent = sp->base_pfn = (sp->pfn >> order) << order; ++ done = xc_domain_populate_physmap(xch, ctx->domid, 1, order, 0, &extent); ++ if ( done < 0 ) { ++ PERROR("populate_physmap failed."); ++ return false; ++ } ++ if ( done == 0 ) ++ return false; ++ ++ DPRINTF("2M %" PRI_xen_pfn "\n", sp->base_pfn); ++ return true; ++} ++ ++/* Allocate a single page if x86_hvm_alloc_2m failed. */ ++static bool x86_hvm_alloc_4k(struct xc_sr_context *ctx, struct x86_hvm_sp *sp) ++{ ++ xc_interface *xch = ctx->xch; ++ unsigned int order; ++ int done; ++ xen_pfn_t extent; ++ ++ order = 0; ++ sp->count = 1UL; ++ ++ /* Allocate only if there is room for another page */ ++ if ( ctx->restore.tot_pages + sp->count > ctx->restore.max_pages ) { ++ errno = E2BIG; ++ return false; ++ } ++ ++ extent = sp->base_pfn = (sp->pfn >> order) << order; ++ done = xc_domain_populate_physmap(xch, ctx->domid, 1, order, 0, &extent); ++ if ( done < 0 ) { ++ PERROR("populate_physmap failed."); ++ return false; ++ } ++ if ( done == 0 ) { ++ errno = ENOMEM; ++ return false; ++ } ++ ++ DPRINTF("4K %" PRI_xen_pfn "\n", sp->base_pfn); ++ return true; ++} ++/* ++ * Attempt to allocate a superpage where the pfn resides. ++ */ ++static int x86_hvm_allocate_pfn(struct xc_sr_context *ctx, xen_pfn_t pfn) ++{ ++ bool success; ++ unsigned long idx_1g, idx_2m; ++ struct x86_hvm_sp sp = { ++ .pfn = pfn ++ }; ++ ++ if ( sr_test_bit(pfn, &ctx->x86.hvm.restore.allocated_pfns) ) ++ return 0; ++ ++ idx_1g = pfn >> SUPERPAGE_1GB_SHIFT; ++ idx_2m = pfn >> SUPERPAGE_2MB_SHIFT; ++ ++ sp.index = idx_1g; ++ success = x86_hvm_alloc_1g(ctx, &sp); ++ ++ if ( success == false ) { ++ sp.index = idx_2m; ++ success = x86_hvm_alloc_2m(ctx, &sp); ++ } ++ ++ if ( success == false ) { ++ sp.index = 0; ++ success = x86_hvm_alloc_4k(ctx, &sp); ++ } ++ ++ if ( success == false ) ++ return -1; ++ ++ do { ++ if ( sp.count >= BITS_PER_LONG && (sp.count % BITS_PER_LONG) == 0 ) { ++ sp.count -= BITS_PER_LONG; ++ ctx->restore.tot_pages += BITS_PER_LONG; ++ pfn_set_long_allocated(ctx, sp.base_pfn + sp.count); ++ } else { ++ sp.count--; ++ ctx->restore.tot_pages++; ++ pfn_set_allocated(ctx, sp.base_pfn + sp.count); ++ } ++ } while ( sp.count ); ++ ++ return 0; ++} ++ ++/* ++ * Deallocate memory. ++ * There was likely an optimistic superpage allocation. ++ * This means more pages may have been allocated past gap_end. ++ * This range is not freed now. Incoming higher pfns will release it. ++ */ ++static int x86_hvm_punch_hole(struct xc_sr_context *ctx, ++ xen_pfn_t gap_start, xen_pfn_t gap_end) ++{ ++ xc_interface *xch = ctx->xch; ++ xen_pfn_t _pfn, pfn; ++ uint32_t domid, freed = 0; ++ int rc; ++ ++ pfn = gap_start >> SUPERPAGE_1GB_SHIFT; ++ do ++ { ++ sr_set_bit(pfn, &ctx->x86.hvm.restore.attempted_1g); ++ } while (++pfn <= gap_end >> SUPERPAGE_1GB_SHIFT); ++ ++ pfn = gap_start >> SUPERPAGE_2MB_SHIFT; ++ do ++ { ++ sr_set_bit(pfn, &ctx->x86.hvm.restore.attempted_2m); ++ } while (++pfn <= gap_end >> SUPERPAGE_2MB_SHIFT); ++ ++ pfn = gap_start; ++ ++ while ( pfn <= gap_end ) ++ { ++ if ( sr_test_and_clear_bit(pfn, &ctx->x86.hvm.restore.allocated_pfns) ) ++ { ++ domid = ctx->domid; ++ _pfn = pfn; ++ rc = xc_domain_decrease_reservation_exact(xch, domid, 1, 0, &_pfn); ++ if ( rc ) ++ { ++ PERROR("Failed to release pfn %" PRI_xen_pfn, pfn); ++ return -1; ++ } ++ ctx->restore.tot_pages--; ++ freed++; ++ } ++ pfn++; ++ } ++ if ( freed ) ++ DPRINTF("freed %u between %" PRI_xen_pfn " %" PRI_xen_pfn "\n", ++ freed, gap_start, gap_end); ++ return 0; ++} ++ ++static int x86_hvm_unpopulate_page(struct xc_sr_context *ctx, xen_pfn_t pfn) ++{ ++ sr_clear_bit(pfn, &ctx->restore.populated_pfns); ++ return x86_hvm_punch_hole(ctx, pfn, pfn); ++} ++ ++static int x86_hvm_populate_page(struct xc_sr_context *ctx, xen_pfn_t pfn) ++{ ++ xen_pfn_t gap_start, gap_end; ++ bool has_gap, first_iteration; ++ int rc; ++ ++ /* ++ * Check for a gap between the previous populated pfn and this pfn. ++ * In case a gap exists, it is required to punch a hole to release memory, ++ * starting after the previous pfn and before this pfn. ++ * ++ * But: this can be done only during the first iteration, which is the ++ * only place where superpage allocations are attempted. All following ++ * iterations lack the info to properly maintain prev_populated_pfn. ++ */ ++ has_gap = ctx->x86.hvm.restore.prev_populated_pfn + 1 < pfn; ++ first_iteration = ctx->x86.hvm.restore.iteration == 0; ++ if ( has_gap && first_iteration ) ++ { ++ gap_start = ctx->x86.hvm.restore.prev_populated_pfn + 1; ++ gap_end = pfn - 1; ++ ++ rc = x86_hvm_punch_hole(ctx, gap_start, gap_end); ++ if ( rc ) ++ goto err; ++ } ++ ++ rc = x86_hvm_allocate_pfn(ctx, pfn); ++ if ( rc ) ++ goto err; ++ pfn_set_populated(ctx, pfn); ++ ctx->x86.hvm.restore.prev_populated_pfn = pfn; ++ ++ rc = 0; ++err: ++ return rc; ++} ++ ++/* ++ * Try to allocate superpages. ++ * This works without memory map because the pfns arrive in incremental order. ++ * All pfn numbers and their type are submitted. ++ * Only pfns with data will have also pfn content transmitted. ++ */ ++static int x86_hvm_populate_pfns(struct xc_sr_context *ctx, unsigned count, ++ const xen_pfn_t *original_pfns, ++ const uint32_t *types) ++{ ++ xc_interface *xch = ctx->xch; ++ xen_pfn_t pfn, min_pfn, max_pfn; ++ bool to_populate, populated; ++ unsigned i = count; ++ int rc = 0; ++ ++ min_pfn = count ? original_pfns[0] : 0; ++ max_pfn = count ? original_pfns[count - 1] : 0; ++ DPRINTF("batch of %u pfns between %" PRI_xen_pfn " %" PRI_xen_pfn "\n", ++ count, min_pfn, max_pfn); ++ ++ if ( !x86_hvm_expand_sp_bitmaps(ctx, max_pfn) ) ++ { ++ ERROR("Unable to allocate memory for pfn bitmaps"); ++ return -1; ++ } ++ ++ /* ++ * There is no indicator for a new iteration. ++ * Simulate it by checking if a lower pfn is coming in. ++ * In the end it matters only to know if this iteration is the first one. ++ */ ++ if ( min_pfn < ctx->x86.hvm.restore.iteration_tracker_pfn ) ++ ctx->x86.hvm.restore.iteration++; ++ ctx->x86.hvm.restore.iteration_tracker_pfn = min_pfn; ++ ++ for ( i = 0; i < count; ++i ) ++ { ++ pfn = original_pfns[i]; ++ ++ to_populate = page_type_to_populate(types[i]); ++ populated = pfn_is_populated(ctx, pfn); ++ ++ /* ++ * page has data, pfn populated: nothing to do ++ * page has data, pfn not populated: likely never seen before ++ * page has no data, pfn populated: likely ballooned out during migration ++ * page has no data, pfn not populated: nothing to do ++ */ ++ if ( to_populate && !populated ) ++ { ++ rc = x86_hvm_populate_page(ctx, pfn); ++ } else if ( !to_populate && populated ) ++ { ++ rc = x86_hvm_unpopulate_page(ctx, pfn); ++ } ++ if ( rc ) ++ break; ++ } ++ ++ return rc; ++} ++ ++ + struct xc_sr_restore_ops restore_ops_x86_hvm = + { + .pfn_is_valid = x86_hvm_pfn_is_valid, +@@ -266,6 +638,7 @@ struct xc_sr_restore_ops restore_ops_x86 + .set_page_type = x86_hvm_set_page_type, + .localise_page = x86_hvm_localise_page, + .setup = x86_hvm_setup, ++ .populate_pfns = x86_hvm_populate_pfns, + .process_record = x86_hvm_process_record, + .static_data_complete = x86_static_data_complete, + .stream_complete = x86_hvm_stream_complete, +--- a/tools/libs/guest/xg_sr_restore_x86_pv.c ++++ b/tools/libs/guest/xg_sr_restore_x86_pv.c +@@ -960,6 +960,64 @@ static void x86_pv_set_gfn(struct xc_sr_ + } + + /* ++ * Given a set of pfns, obtain memory from Xen to fill the physmap for the ++ * unpopulated subset. If types is NULL, no page type checking is performed ++ * and all unpopulated pfns are populated. ++ */ ++static int x86_pv_populate_pfns(struct xc_sr_context *ctx, unsigned count, ++ const xen_pfn_t *original_pfns, ++ const uint32_t *types) ++{ ++ xc_interface *xch = ctx->xch; ++ xen_pfn_t *mfns = ctx->restore.pp_mfns, ++ *pfns = ctx->restore.pp_pfns; ++ unsigned int i, nr_pfns = 0; ++ int rc = -1; ++ ++ for ( i = 0; i < count; ++i ) ++ { ++ if ( (!types || ++ (types && page_type_has_stream_data(types[i]) == true)) && ++ !pfn_is_populated(ctx, original_pfns[i]) ) ++ { ++ rc = pfn_set_populated(ctx, original_pfns[i]); ++ if ( rc ) ++ goto err; ++ pfns[nr_pfns] = mfns[nr_pfns] = original_pfns[i]; ++ ++nr_pfns; ++ } ++ } ++ ++ if ( nr_pfns ) ++ { ++ rc = xc_domain_populate_physmap_exact( ++ xch, ctx->domid, nr_pfns, 0, 0, mfns); ++ if ( rc ) ++ { ++ PERROR("Failed to populate physmap"); ++ goto err; ++ } ++ ++ for ( i = 0; i < nr_pfns; ++i ) ++ { ++ if ( mfns[i] == INVALID_MFN ) ++ { ++ ERROR("Populate physmap failed for pfn %u", i); ++ rc = -1; ++ goto err; ++ } ++ ++ ctx->restore.ops.set_gfn(ctx, pfns[i], mfns[i]); ++ } ++ } ++ ++ rc = 0; ++ ++ err: ++ return rc; ++} ++ ++/* + * restore_ops function. Convert pfns back to mfns in pagetables. Possibly + * needs to populate new frames if a PTE is found referring to a frame which + * hasn't yet been seen from PAGE_DATA records. +@@ -1003,7 +1061,7 @@ static int x86_pv_localise_page(struct x + } + } + +- if ( to_populate && populate_pfns(ctx, to_populate, pfns, NULL) ) ++ if ( to_populate && x86_pv_populate_pfns(ctx, to_populate, pfns, NULL) ) + return -1; + + for ( i = 0; i < (PAGE_SIZE / sizeof(uint64_t)); ++i ) +@@ -1200,6 +1258,7 @@ struct xc_sr_restore_ops restore_ops_x86 + .set_gfn = x86_pv_set_gfn, + .localise_page = x86_pv_localise_page, + .setup = x86_pv_setup, ++ .populate_pfns = x86_pv_populate_pfns, + .process_record = x86_pv_process_record, + .static_data_complete = x86_static_data_complete, + .stream_complete = x86_pv_stream_complete, diff --git a/libxc-sr-restore-map_errs.patch b/libxc-sr-restore-map_errs.patch new file mode 100644 index 0000000..e81d8b1 --- /dev/null +++ b/libxc-sr-restore-map_errs.patch @@ -0,0 +1,101 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 14:44:09 +0200 +Subject: libxc sr restore map_errs + +tools: restore: preallocate map_errs array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in an incoming batch. +Allocate the space once. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 1 + + tools/libs/guest/xg_sr_restore.c | 22 +++++++--------------- + 2 files changed, 8 insertions(+), 15 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -259,6 +259,7 @@ struct xc_sr_context + xen_pfn_t *pfns; + uint32_t *types; + xen_pfn_t *mfns; ++ int *map_errs; + + int send_back_fd; + unsigned long p2m_size; +--- a/tools/libs/guest/xg_sr_restore.c ++++ b/tools/libs/guest/xg_sr_restore.c +@@ -204,21 +204,12 @@ static int process_page_data(struct xc_s + xen_pfn_t *pfns, uint32_t *types, void *page_data) + { + xc_interface *xch = ctx->xch; +- int *map_errs = malloc(count * sizeof(*map_errs)); + int rc; + void *mapping = NULL, *guest_page = NULL; + unsigned int i, /* i indexes the pfns from the record. */ + j, /* j indexes the subset of pfns we decide to map. */ + nr_pages = 0; + +- if ( !map_errs ) +- { +- rc = -1; +- ERROR("Failed to allocate %zu bytes to process page data", +- count * sizeof(*map_errs)); +- goto err; +- } +- + rc = populate_pfns(ctx, count, pfns, types); + if ( rc ) + { +@@ -240,7 +231,7 @@ static int process_page_data(struct xc_s + + mapping = guest_page = xenforeignmemory_map( + xch->fmem, ctx->domid, PROT_READ | PROT_WRITE, +- nr_pages, ctx->restore.mfns, map_errs); ++ nr_pages, ctx->restore.mfns, ctx->restore.map_errs); + if ( !mapping ) + { + rc = -1; +@@ -254,11 +245,11 @@ static int process_page_data(struct xc_s + if ( !page_type_has_stream_data(types[i]) ) + continue; + +- if ( map_errs[j] ) ++ if ( ctx->restore.map_errs[j] ) + { + rc = -1; + ERROR("Mapping pfn %#"PRIpfn" (mfn %#"PRIpfn", type %#"PRIx32") failed with %d", +- pfns[i], ctx->restore.mfns[j], types[i], map_errs[j]); ++ pfns[i], ctx->restore.mfns[j], types[i], ctx->restore.map_errs[j]); + goto err; + } + +@@ -296,8 +287,6 @@ static int process_page_data(struct xc_s + if ( mapping ) + xenforeignmemory_unmap(xch->fmem, mapping, nr_pages); + +- free(map_errs); +- + return rc; + } + +@@ -704,7 +693,9 @@ static int setup(struct xc_sr_context *c + ctx->restore.pfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pfns)); + ctx->restore.types = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.types)); + ctx->restore.mfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.mfns)); +- if ( !ctx->restore.pfns || !ctx->restore.types || !ctx->restore.mfns ) ++ ctx->restore.map_errs = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.map_errs)); ++ if ( !ctx->restore.pfns || !ctx->restore.types || !ctx->restore.mfns || ++ !ctx->restore.map_errs ) + { + ERROR("Unable to allocate memory"); + rc = -1; +@@ -741,6 +732,7 @@ static void cleanup(struct xc_sr_context + + free(ctx->restore.buffered_records); + free(ctx->restore.populated_pfns); ++ free(ctx->restore.map_errs); + free(ctx->restore.mfns); + free(ctx->restore.types); + free(ctx->restore.pfns); diff --git a/libxc-sr-restore-mfns.patch b/libxc-sr-restore-mfns.patch new file mode 100644 index 0000000..afdd637 --- /dev/null +++ b/libxc-sr-restore-mfns.patch @@ -0,0 +1,103 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 14:42:19 +0200 +Subject: libxc sr restore mfns + +tools: restore: preallocate mfns array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in an incoming batch. +Allocate the space once. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 1 + + tools/libs/guest/xg_sr_restore.c | 16 ++++++++-------- + 2 files changed, 9 insertions(+), 8 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -258,6 +258,7 @@ struct xc_sr_context + struct restore_callbacks *callbacks; + xen_pfn_t *pfns; + uint32_t *types; ++ xen_pfn_t *mfns; + + int send_back_fd; + unsigned long p2m_size; +--- a/tools/libs/guest/xg_sr_restore.c ++++ b/tools/libs/guest/xg_sr_restore.c +@@ -204,7 +204,6 @@ static int process_page_data(struct xc_s + xen_pfn_t *pfns, uint32_t *types, void *page_data) + { + xc_interface *xch = ctx->xch; +- xen_pfn_t *mfns = malloc(count * sizeof(*mfns)); + int *map_errs = malloc(count * sizeof(*map_errs)); + int rc; + void *mapping = NULL, *guest_page = NULL; +@@ -212,11 +211,11 @@ static int process_page_data(struct xc_s + j, /* j indexes the subset of pfns we decide to map. */ + nr_pages = 0; + +- if ( !mfns || !map_errs ) ++ if ( !map_errs ) + { + rc = -1; + ERROR("Failed to allocate %zu bytes to process page data", +- count * (sizeof(*mfns) + sizeof(*map_errs))); ++ count * sizeof(*map_errs)); + goto err; + } + +@@ -232,7 +231,7 @@ static int process_page_data(struct xc_s + ctx->restore.ops.set_page_type(ctx, pfns[i], types[i]); + + if ( page_type_has_stream_data(types[i]) ) +- mfns[nr_pages++] = ctx->restore.ops.pfn_to_gfn(ctx, pfns[i]); ++ ctx->restore.mfns[nr_pages++] = ctx->restore.ops.pfn_to_gfn(ctx, pfns[i]); + } + + /* Nothing to do? */ +@@ -241,7 +240,7 @@ static int process_page_data(struct xc_s + + mapping = guest_page = xenforeignmemory_map( + xch->fmem, ctx->domid, PROT_READ | PROT_WRITE, +- nr_pages, mfns, map_errs); ++ nr_pages, ctx->restore.mfns, map_errs); + if ( !mapping ) + { + rc = -1; +@@ -259,7 +258,7 @@ static int process_page_data(struct xc_s + { + rc = -1; + ERROR("Mapping pfn %#"PRIpfn" (mfn %#"PRIpfn", type %#"PRIx32") failed with %d", +- pfns[i], mfns[j], types[i], map_errs[j]); ++ pfns[i], ctx->restore.mfns[j], types[i], map_errs[j]); + goto err; + } + +@@ -298,7 +297,6 @@ static int process_page_data(struct xc_s + xenforeignmemory_unmap(xch->fmem, mapping, nr_pages); + + free(map_errs); +- free(mfns); + + return rc; + } +@@ -705,7 +703,8 @@ static int setup(struct xc_sr_context *c + + ctx->restore.pfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pfns)); + ctx->restore.types = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.types)); +- if ( !ctx->restore.pfns || !ctx->restore.types ) ++ ctx->restore.mfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.mfns)); ++ if ( !ctx->restore.pfns || !ctx->restore.types || !ctx->restore.mfns ) + { + ERROR("Unable to allocate memory"); + rc = -1; +@@ -742,6 +741,7 @@ static void cleanup(struct xc_sr_context + + free(ctx->restore.buffered_records); + free(ctx->restore.populated_pfns); ++ free(ctx->restore.mfns); + free(ctx->restore.types); + free(ctx->restore.pfns); + diff --git a/libxc-sr-restore-pfns.patch b/libxc-sr-restore-pfns.patch new file mode 100644 index 0000000..9fba250 --- /dev/null +++ b/libxc-sr-restore-pfns.patch @@ -0,0 +1,108 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 14:39:30 +0200 +Subject: libxc sr restore pfns + +tools: restore: preallocate pfns array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in an incoming batch. +Allocate the space once. + +Adjust the verification for page count. It must be at least one page, +but not more than MAX_BATCH_SIZE. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 1 + + tools/libs/guest/xg_sr_restore.c | 23 +++++++++++++++-------- + 2 files changed, 16 insertions(+), 8 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -256,6 +256,7 @@ struct xc_sr_context + { + struct xc_sr_restore_ops ops; + struct restore_callbacks *callbacks; ++ xen_pfn_t *pfns; + + int send_back_fd; + unsigned long p2m_size; +--- a/tools/libs/guest/xg_sr_restore.c ++++ b/tools/libs/guest/xg_sr_restore.c +@@ -314,7 +314,7 @@ static int handle_page_data(struct xc_sr + unsigned int i, pages_of_data = 0; + int rc = -1; + +- xen_pfn_t *pfns = NULL, pfn; ++ xen_pfn_t pfn; + uint32_t *types = NULL, type; + + /* +@@ -349,9 +349,9 @@ static int handle_page_data(struct xc_sr + goto err; + } + +- if ( pages->count < 1 ) ++ if ( !pages->count || pages->count > MAX_BATCH_SIZE ) + { +- ERROR("Expected at least 1 pfn in PAGE_DATA record"); ++ ERROR("Unexpected pfn count %u in PAGE_DATA record", pages->count); + goto err; + } + +@@ -362,9 +362,8 @@ static int handle_page_data(struct xc_sr + goto err; + } + +- pfns = malloc(pages->count * sizeof(*pfns)); + types = malloc(pages->count * sizeof(*types)); +- if ( !pfns || !types ) ++ if ( !types ) + { + ERROR("Unable to allocate enough memory for %u pfns", + pages->count); +@@ -393,7 +392,7 @@ static int handle_page_data(struct xc_sr + * have a page worth of data in the record. */ + pages_of_data++; + +- pfns[i] = pfn; ++ ctx->restore.pfns[i] = pfn; + types[i] = type; + } + +@@ -407,11 +406,10 @@ static int handle_page_data(struct xc_sr + goto err; + } + +- rc = process_page_data(ctx, pages->count, pfns, types, ++ rc = process_page_data(ctx, pages->count, ctx->restore.pfns, types, + &pages->pfn[pages->count]); + err: + free(types); +- free(pfns); + + return rc; + } +@@ -715,6 +713,14 @@ static int setup(struct xc_sr_context *c + goto err; + } + ++ ctx->restore.pfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pfns)); ++ if ( !ctx->restore.pfns ) ++ { ++ ERROR("Unable to allocate memory"); ++ rc = -1; ++ goto err; ++ } ++ + ctx->restore.buffered_records = malloc( + DEFAULT_BUF_RECORDS * sizeof(struct xc_sr_record)); + if ( !ctx->restore.buffered_records ) +@@ -745,6 +751,7 @@ static void cleanup(struct xc_sr_context + + free(ctx->restore.buffered_records); + free(ctx->restore.populated_pfns); ++ free(ctx->restore.pfns); + + if ( ctx->restore.ops.cleanup(ctx) ) + PERROR("Failed to clean up"); diff --git a/libxc-sr-restore-populate_pfns-mfns.patch b/libxc-sr-restore-populate_pfns-mfns.patch new file mode 100644 index 0000000..06aaa94 --- /dev/null +++ b/libxc-sr-restore-populate_pfns-mfns.patch @@ -0,0 +1,111 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 14:54:12 +0200 +Subject: libxc sr restore populate_pfns mfns + +tools: restore: preallocate populate_pfns mfns array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in an incoming batch. +Allocate the space once. + +Use some prefix to avoid conflict with an array used in handle_page_data. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 1 + + tools/libs/guest/xg_sr_restore.c | 23 ++++++++--------------- + 2 files changed, 9 insertions(+), 15 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -261,6 +261,7 @@ struct xc_sr_context + xen_pfn_t *mfns; + int *map_errs; + xen_pfn_t *pp_pfns; ++ xen_pfn_t *pp_mfns; + + int send_back_fd; + unsigned long p2m_size; +--- a/tools/libs/guest/xg_sr_restore.c ++++ b/tools/libs/guest/xg_sr_restore.c +@@ -138,17 +138,9 @@ int populate_pfns(struct xc_sr_context * + const xen_pfn_t *original_pfns, const uint32_t *types) + { + xc_interface *xch = ctx->xch; +- xen_pfn_t *mfns = malloc(count * sizeof(*mfns)); + unsigned int i, nr_pfns = 0; + int rc = -1; + +- if ( !mfns ) +- { +- ERROR("Failed to allocate %zu bytes for populating the physmap", +- 2 * count * sizeof(*mfns)); +- goto err; +- } +- + for ( i = 0; i < count; ++i ) + { + if ( (!types || page_type_to_populate(types[i])) && +@@ -157,7 +149,7 @@ int populate_pfns(struct xc_sr_context * + rc = pfn_set_populated(ctx, original_pfns[i]); + if ( rc ) + goto err; +- ctx->restore.pp_pfns[nr_pfns] = mfns[nr_pfns] = original_pfns[i]; ++ ctx->restore.pp_pfns[nr_pfns] = ctx->restore.pp_mfns[nr_pfns] = original_pfns[i]; + ++nr_pfns; + } + } +@@ -165,7 +157,7 @@ int populate_pfns(struct xc_sr_context * + if ( nr_pfns ) + { + rc = xc_domain_populate_physmap_exact( +- xch, ctx->domid, nr_pfns, 0, 0, mfns); ++ xch, ctx->domid, nr_pfns, 0, 0, ctx->restore.pp_mfns); + if ( rc ) + { + PERROR("Failed to populate physmap"); +@@ -174,22 +166,20 @@ int populate_pfns(struct xc_sr_context * + + for ( i = 0; i < nr_pfns; ++i ) + { +- if ( mfns[i] == INVALID_MFN ) ++ if ( ctx->restore.pp_mfns[i] == INVALID_MFN ) + { + ERROR("Populate physmap failed for pfn %u", i); + rc = -1; + goto err; + } + +- ctx->restore.ops.set_gfn(ctx, ctx->restore.pp_pfns[i], mfns[i]); ++ ctx->restore.ops.set_gfn(ctx, ctx->restore.pp_pfns[i], ctx->restore.pp_mfns[i]); + } + } + + rc = 0; + + err: +- free(mfns); +- + return rc; + } + +@@ -693,8 +683,10 @@ static int setup(struct xc_sr_context *c + ctx->restore.mfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.mfns)); + ctx->restore.map_errs = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.map_errs)); + ctx->restore.pp_pfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pp_pfns)); ++ ctx->restore.pp_mfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pp_mfns)); + if ( !ctx->restore.pfns || !ctx->restore.types || !ctx->restore.mfns || +- !ctx->restore.map_errs || !ctx->restore.pp_pfns ) ++ !ctx->restore.map_errs || !ctx->restore.pp_pfns || ++ !ctx->restore.pp_mfns ) + { + ERROR("Unable to allocate memory"); + rc = -1; +@@ -731,6 +723,7 @@ static void cleanup(struct xc_sr_context + + free(ctx->restore.buffered_records); + free(ctx->restore.populated_pfns); ++ free(ctx->restore.pp_mfns); + free(ctx->restore.pp_pfns); + free(ctx->restore.map_errs); + free(ctx->restore.mfns); diff --git a/libxc-sr-restore-populate_pfns-pfns.patch b/libxc-sr-restore-populate_pfns-pfns.patch new file mode 100644 index 0000000..e0f8678 --- /dev/null +++ b/libxc-sr-restore-populate_pfns-pfns.patch @@ -0,0 +1,89 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 14:58:53 +0200 +Subject: libxc sr restore populate_pfns pfns + +tools: restore: preallocate populate_pfns pfns array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in an incoming batch. +Allocate the space once. + +Use some prefix to avoid conflict with an array used in handle_page_data. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 1 + + tools/libs/guest/xg_sr_restore.c | 14 +++++++------- + 2 files changed, 8 insertions(+), 7 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -260,6 +260,7 @@ struct xc_sr_context + uint32_t *types; + xen_pfn_t *mfns; + int *map_errs; ++ xen_pfn_t *pp_pfns; + + int send_back_fd; + unsigned long p2m_size; +--- a/tools/libs/guest/xg_sr_restore.c ++++ b/tools/libs/guest/xg_sr_restore.c +@@ -138,12 +138,11 @@ int populate_pfns(struct xc_sr_context * + const xen_pfn_t *original_pfns, const uint32_t *types) + { + xc_interface *xch = ctx->xch; +- xen_pfn_t *mfns = malloc(count * sizeof(*mfns)), +- *pfns = malloc(count * sizeof(*pfns)); ++ xen_pfn_t *mfns = malloc(count * sizeof(*mfns)); + unsigned int i, nr_pfns = 0; + int rc = -1; + +- if ( !mfns || !pfns ) ++ if ( !mfns ) + { + ERROR("Failed to allocate %zu bytes for populating the physmap", + 2 * count * sizeof(*mfns)); +@@ -158,7 +157,7 @@ int populate_pfns(struct xc_sr_context * + rc = pfn_set_populated(ctx, original_pfns[i]); + if ( rc ) + goto err; +- pfns[nr_pfns] = mfns[nr_pfns] = original_pfns[i]; ++ ctx->restore.pp_pfns[nr_pfns] = mfns[nr_pfns] = original_pfns[i]; + ++nr_pfns; + } + } +@@ -182,14 +181,13 @@ int populate_pfns(struct xc_sr_context * + goto err; + } + +- ctx->restore.ops.set_gfn(ctx, pfns[i], mfns[i]); ++ ctx->restore.ops.set_gfn(ctx, ctx->restore.pp_pfns[i], mfns[i]); + } + } + + rc = 0; + + err: +- free(pfns); + free(mfns); + + return rc; +@@ -694,8 +692,9 @@ static int setup(struct xc_sr_context *c + ctx->restore.types = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.types)); + ctx->restore.mfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.mfns)); + ctx->restore.map_errs = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.map_errs)); ++ ctx->restore.pp_pfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pp_pfns)); + if ( !ctx->restore.pfns || !ctx->restore.types || !ctx->restore.mfns || +- !ctx->restore.map_errs ) ++ !ctx->restore.map_errs || !ctx->restore.pp_pfns ) + { + ERROR("Unable to allocate memory"); + rc = -1; +@@ -732,6 +731,7 @@ static void cleanup(struct xc_sr_context + + free(ctx->restore.buffered_records); + free(ctx->restore.populated_pfns); ++ free(ctx->restore.pp_pfns); + free(ctx->restore.map_errs); + free(ctx->restore.mfns); + free(ctx->restore.types); diff --git a/libxc-sr-restore-read_record.patch b/libxc-sr-restore-read_record.patch new file mode 100644 index 0000000..35557fa --- /dev/null +++ b/libxc-sr-restore-read_record.patch @@ -0,0 +1,272 @@ +From: Olaf Hering +Date: Mon, 26 Oct 2020 12:19:17 +0100 +Subject: libxc sr restore read_record + +tools: restore: split record processing + +handle_page_data must be able to read directly into mapped guest memory. +This will avoid unneccesary memcpy calls for data which can be consumed verbatim. + +Rearrange the code to allow decisions based on the incoming record. + +This change is preparation for future changes in handle_page_data, +no change in behavior is intended. + +Signed-off-by: Olaf Hering +Reviewed-by: Juergen Gross +--- + tools/libs/guest/xg_sr_common.c | 33 ++++++++++++--------- + tools/libs/guest/xg_sr_common.h | 4 ++- + tools/libs/guest/xg_sr_restore.c | 49 ++++++++++++++++++++++---------- + tools/libs/guest/xg_sr_save.c | 7 ++++- + 4 files changed, 63 insertions(+), 30 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.c ++++ b/tools/libs/guest/xg_sr_common.c +@@ -91,26 +91,33 @@ int write_split_record(struct xc_sr_cont + return -1; + } + +-int read_record(struct xc_sr_context *ctx, int fd, struct xc_sr_record *rec) ++int read_record_header(struct xc_sr_context *ctx, int fd, struct xc_sr_rhdr *rhdr) + { + xc_interface *xch = ctx->xch; +- struct xc_sr_rhdr rhdr; +- size_t datasz; + +- if ( read_exact(fd, &rhdr, sizeof(rhdr)) ) ++ if ( read_exact(fd, rhdr, sizeof(*rhdr)) ) + { + PERROR("Failed to read Record Header from stream"); + return -1; + } + +- if ( rhdr.length > REC_LENGTH_MAX ) ++ if ( rhdr->length > REC_LENGTH_MAX ) + { +- ERROR("Record (0x%08x, %s) length %#x exceeds max (%#x)", rhdr.type, +- rec_type_to_str(rhdr.type), rhdr.length, REC_LENGTH_MAX); ++ ERROR("Record (0x%08x, %s) length %#x exceeds max (%#x)", rhdr->type, ++ rec_type_to_str(rhdr->type), rhdr->length, REC_LENGTH_MAX); + return -1; + } + +- datasz = ROUNDUP(rhdr.length, REC_ALIGN_ORDER); ++ return 0; ++} ++ ++int read_record_data(struct xc_sr_context *ctx, int fd, struct xc_sr_rhdr *rhdr, ++ struct xc_sr_record *rec) ++{ ++ xc_interface *xch = ctx->xch; ++ size_t datasz; ++ ++ datasz = ROUNDUP(rhdr->length, REC_ALIGN_ORDER); + + if ( datasz ) + { +@@ -119,7 +126,7 @@ int read_record(struct xc_sr_context *ct + if ( !rec->data ) + { + ERROR("Unable to allocate %zu bytes for record data (0x%08x, %s)", +- datasz, rhdr.type, rec_type_to_str(rhdr.type)); ++ datasz, rhdr->type, rec_type_to_str(rhdr->type)); + return -1; + } + +@@ -128,18 +135,18 @@ int read_record(struct xc_sr_context *ct + free(rec->data); + rec->data = NULL; + PERROR("Failed to read %zu bytes of data for record (0x%08x, %s)", +- datasz, rhdr.type, rec_type_to_str(rhdr.type)); ++ datasz, rhdr->type, rec_type_to_str(rhdr->type)); + return -1; + } + } + else + rec->data = NULL; + +- rec->type = rhdr.type; +- rec->length = rhdr.length; ++ rec->type = rhdr->type; ++ rec->length = rhdr->length; + + return 0; +-}; ++} + + static void __attribute__((unused)) build_assertions(void) + { +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -458,7 +458,9 @@ static inline int write_record(struct xc + * + * On failure, the contents of the record structure are undefined. + */ +-int read_record(struct xc_sr_context *ctx, int fd, struct xc_sr_record *rec); ++int read_record_header(struct xc_sr_context *ctx, int fd, struct xc_sr_rhdr *rhdr); ++int read_record_data(struct xc_sr_context *ctx, int fd, struct xc_sr_rhdr *rhdr, ++ struct xc_sr_record *rec); + + /* + * This would ideally be private in restore.c, but is needed by +--- a/tools/libs/guest/xg_sr_restore.c ++++ b/tools/libs/guest/xg_sr_restore.c +@@ -453,7 +453,7 @@ static int send_checkpoint_dirty_pfn_lis + return rc; + } + +-static int process_record(struct xc_sr_context *ctx, struct xc_sr_record *rec); ++static int process_buffered_record(struct xc_sr_context *ctx, struct xc_sr_record *rec); + static int handle_checkpoint(struct xc_sr_context *ctx) + { + xc_interface *xch = ctx->xch; +@@ -492,7 +492,7 @@ static int handle_checkpoint(struct xc_s + + for ( i = 0; i < ctx->restore.buffered_rec_num; i++ ) + { +- rc = process_record(ctx, &ctx->restore.buffered_records[i]); ++ rc = process_buffered_record(ctx, &ctx->restore.buffered_records[i]); + if ( rc ) + goto err; + } +@@ -553,10 +553,11 @@ static int handle_checkpoint(struct xc_s + return rc; + } + +-static int buffer_record(struct xc_sr_context *ctx, struct xc_sr_record *rec) ++static int buffer_record(struct xc_sr_context *ctx, struct xc_sr_rhdr *rhdr) + { + xc_interface *xch = ctx->xch; + unsigned int new_alloc_num; ++ struct xc_sr_record rec; + struct xc_sr_record *p; + + if ( ctx->restore.buffered_rec_num >= ctx->restore.allocated_rec_num ) +@@ -574,8 +575,13 @@ static int buffer_record(struct xc_sr_co + ctx->restore.allocated_rec_num = new_alloc_num; + } + ++ if ( read_record_data(ctx, ctx->fd, rhdr, &rec) ) ++ { ++ return -1; ++ } ++ + memcpy(&ctx->restore.buffered_records[ctx->restore.buffered_rec_num++], +- rec, sizeof(*rec)); ++ &rec, sizeof(rec)); + + return 0; + } +@@ -606,7 +612,7 @@ int handle_static_data_end(struct xc_sr_ + return rc; + } + +-static int process_record(struct xc_sr_context *ctx, struct xc_sr_record *rec) ++static int process_buffered_record(struct xc_sr_context *ctx, struct xc_sr_record *rec) + { + xc_interface *xch = ctx->xch; + int rc = 0; +@@ -644,6 +650,19 @@ static int process_record(struct xc_sr_c + return rc; + } + ++static int process_incoming_record_header(struct xc_sr_context *ctx, struct xc_sr_rhdr *rhdr) ++{ ++ struct xc_sr_record rec; ++ int rc; ++ ++ rc = read_record_data(ctx, ctx->fd, rhdr, &rec); ++ if ( rc ) ++ return rc; ++ ++ return process_buffered_record(ctx, &rec); ++} ++ ++ + static int setup(struct xc_sr_context *ctx) + { + xc_interface *xch = ctx->xch; +@@ -740,7 +759,7 @@ static void cleanup(struct xc_sr_context + static int restore(struct xc_sr_context *ctx) + { + xc_interface *xch = ctx->xch; +- struct xc_sr_record rec; ++ struct xc_sr_rhdr rhdr; + int rc, saved_rc = 0, saved_errno = 0; + + IPRINTF("Restoring domain"); +@@ -751,7 +770,7 @@ static int restore(struct xc_sr_context + + do + { +- rc = read_record(ctx, ctx->fd, &rec); ++ rc = read_record_header(ctx, ctx->fd, &rhdr); + if ( rc ) + { + if ( ctx->restore.buffer_all_records ) +@@ -761,25 +780,25 @@ static int restore(struct xc_sr_context + } + + if ( ctx->restore.buffer_all_records && +- rec.type != REC_TYPE_END && +- rec.type != REC_TYPE_CHECKPOINT ) ++ rhdr.type != REC_TYPE_END && ++ rhdr.type != REC_TYPE_CHECKPOINT ) + { +- rc = buffer_record(ctx, &rec); ++ rc = buffer_record(ctx, &rhdr); + if ( rc ) + goto err; + } + else + { +- rc = process_record(ctx, &rec); ++ rc = process_incoming_record_header(ctx, &rhdr); + if ( rc == RECORD_NOT_PROCESSED ) + { +- if ( rec.type & REC_TYPE_OPTIONAL ) ++ if ( rhdr.type & REC_TYPE_OPTIONAL ) + DPRINTF("Ignoring optional record %#x (%s)", +- rec.type, rec_type_to_str(rec.type)); ++ rhdr.type, rec_type_to_str(rhdr.type)); + else + { + ERROR("Mandatory record %#x (%s) not handled", +- rec.type, rec_type_to_str(rec.type)); ++ rhdr.type, rec_type_to_str(rhdr.type)); + rc = -1; + goto err; + } +@@ -790,7 +809,7 @@ static int restore(struct xc_sr_context + goto err; + } + +- } while ( rec.type != REC_TYPE_END ); ++ } while ( rhdr.type != REC_TYPE_END ); + + remus_failover: + if ( ctx->stream_type == XC_STREAM_COLO ) +--- a/tools/libs/guest/xg_sr_save.c ++++ b/tools/libs/guest/xg_sr_save.c +@@ -590,6 +590,7 @@ static int send_memory_live(struct xc_sr + static int colo_merge_secondary_dirty_bitmap(struct xc_sr_context *ctx) + { + xc_interface *xch = ctx->xch; ++ struct xc_sr_rhdr rhdr; + struct xc_sr_record rec; + uint64_t *pfns = NULL; + uint64_t pfn; +@@ -598,7 +599,11 @@ static int colo_merge_secondary_dirty_bi + DECLARE_HYPERCALL_BUFFER_SHADOW(unsigned long, dirty_bitmap, + &ctx->save.dirty_bitmap_hbuf); + +- rc = read_record(ctx, ctx->save.recv_fd, &rec); ++ rc = read_record_header(ctx, ctx->save.recv_fd, &rhdr); ++ if ( rc ) ++ goto err; ++ ++ rc = read_record_data(ctx, ctx->save.recv_fd, &rhdr, &rec); + if ( rc ) + goto err; + diff --git a/libxc-sr-restore-types.patch b/libxc-sr-restore-types.patch new file mode 100644 index 0000000..5e793f3 --- /dev/null +++ b/libxc-sr-restore-types.patch @@ -0,0 +1,93 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 14:39:31 +0200 +Subject: libxc sr restore types + +tools: restore: preallocate types array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in an incoming batch. +Allocate the space once. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 1 + + tools/libs/guest/xg_sr_restore.c | 22 +++++++--------------- + 2 files changed, 8 insertions(+), 15 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -257,6 +257,7 @@ struct xc_sr_context + struct xc_sr_restore_ops ops; + struct restore_callbacks *callbacks; + xen_pfn_t *pfns; ++ uint32_t *types; + + int send_back_fd; + unsigned long p2m_size; +--- a/tools/libs/guest/xg_sr_restore.c ++++ b/tools/libs/guest/xg_sr_restore.c +@@ -315,7 +315,7 @@ static int handle_page_data(struct xc_sr + int rc = -1; + + xen_pfn_t pfn; +- uint32_t *types = NULL, type; ++ uint32_t type; + + /* + * v2 compatibility only exists for x86 streams. This is a bit of a +@@ -362,14 +362,6 @@ static int handle_page_data(struct xc_sr + goto err; + } + +- types = malloc(pages->count * sizeof(*types)); +- if ( !types ) +- { +- ERROR("Unable to allocate enough memory for %u pfns", +- pages->count); +- goto err; +- } +- + for ( i = 0; i < pages->count; ++i ) + { + pfn = pages->pfn[i] & PAGE_DATA_PFN_MASK; +@@ -393,7 +385,7 @@ static int handle_page_data(struct xc_sr + pages_of_data++; + + ctx->restore.pfns[i] = pfn; +- types[i] = type; ++ ctx->restore.types[i] = type; + } + + if ( rec->length != (sizeof(*pages) + +@@ -406,11 +398,9 @@ static int handle_page_data(struct xc_sr + goto err; + } + +- rc = process_page_data(ctx, pages->count, ctx->restore.pfns, types, +- &pages->pfn[pages->count]); ++ rc = process_page_data(ctx, pages->count, ctx->restore.pfns, ++ ctx->restore.types, &pages->pfn[pages->count]); + err: +- free(types); +- + return rc; + } + +@@ -714,7 +704,8 @@ static int setup(struct xc_sr_context *c + } + + ctx->restore.pfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pfns)); +- if ( !ctx->restore.pfns ) ++ ctx->restore.types = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.types)); ++ if ( !ctx->restore.pfns || !ctx->restore.types ) + { + ERROR("Unable to allocate memory"); + rc = -1; +@@ -751,6 +742,7 @@ static void cleanup(struct xc_sr_context + + free(ctx->restore.buffered_records); + free(ctx->restore.populated_pfns); ++ free(ctx->restore.types); + free(ctx->restore.pfns); + + if ( ctx->restore.ops.cleanup(ctx) ) diff --git a/libxc-sr-save-errors.patch b/libxc-sr-save-errors.patch new file mode 100644 index 0000000..4f6d362 --- /dev/null +++ b/libxc-sr-save-errors.patch @@ -0,0 +1,109 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 11:26:05 +0200 +Subject: libxc sr save errors + +tools: save: preallocate errors array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in a batch. +Allocate the space once. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 1 + + tools/libs/guest/xg_sr_save.c | 20 ++++++++++---------- + 2 files changed, 11 insertions(+), 10 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -246,6 +246,7 @@ struct xc_sr_context + xen_pfn_t *batch_pfns; + xen_pfn_t *mfns; + xen_pfn_t *types; ++ int *errors; + unsigned int nr_batch_pfns; + unsigned long *deferred_pages; + unsigned long nr_deferred_pages; +--- a/tools/libs/guest/xg_sr_save.c ++++ b/tools/libs/guest/xg_sr_save.c +@@ -91,7 +91,7 @@ static int write_batch(struct xc_sr_cont + void *guest_mapping = NULL; + void **guest_data = NULL; + void **local_pages = NULL; +- int *errors = NULL, rc = -1; ++ int rc = -1; + unsigned int i, p, nr_pages = 0, nr_pages_mapped = 0; + unsigned int nr_pfns = ctx->save.nr_batch_pfns; + void *page, *orig_page; +@@ -104,8 +104,6 @@ static int write_batch(struct xc_sr_cont + + assert(nr_pfns != 0); + +- /* Errors from attempting to map the gfns. */ +- errors = malloc(nr_pfns * sizeof(*errors)); + /* Pointers to page data to send. Mapped gfns or local allocations. */ + guest_data = calloc(nr_pfns, sizeof(*guest_data)); + /* Pointers to locally allocated pages. Need freeing. */ +@@ -113,7 +111,7 @@ static int write_batch(struct xc_sr_cont + /* iovec[] for writev(). */ + iov = malloc((nr_pfns + 4) * sizeof(*iov)); + +- if ( !errors || !guest_data || !local_pages || !iov ) ++ if ( !guest_data || !local_pages || !iov ) + { + ERROR("Unable to allocate arrays for a batch of %u pages", + nr_pfns); +@@ -158,8 +156,8 @@ static int write_batch(struct xc_sr_cont + + if ( nr_pages > 0 ) + { +- guest_mapping = xenforeignmemory_map( +- xch->fmem, ctx->domid, PROT_READ, nr_pages, ctx->save.mfns, errors); ++ guest_mapping = xenforeignmemory_map(xch->fmem, ctx->domid, PROT_READ, ++ nr_pages, ctx->save.mfns, ctx->save.errors); + if ( !guest_mapping ) + { + PERROR("Failed to map guest pages"); +@@ -172,10 +170,11 @@ static int write_batch(struct xc_sr_cont + if ( !page_type_has_stream_data(ctx->save.types[i]) ) + continue; + +- if ( errors[p] ) ++ if ( ctx->save.errors[p] ) + { + ERROR("Mapping of pfn %#"PRIpfn" (mfn %#"PRIpfn") failed %d", +- ctx->save.batch_pfns[i], ctx->save.mfns[p], errors[p]); ++ ctx->save.batch_pfns[i], ctx->save.mfns[p], ++ ctx->save.errors[p]); + goto err; + } + +@@ -271,7 +270,6 @@ static int write_batch(struct xc_sr_cont + free(iov); + free(local_pages); + free(guest_data); +- free(errors); + + return rc; + } +@@ -846,10 +844,11 @@ static int setup(struct xc_sr_context *c + sizeof(*ctx->save.batch_pfns)); + ctx->save.mfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.mfns)); + ctx->save.types = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.types)); ++ ctx->save.errors = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.errors)); + ctx->save.deferred_pages = bitmap_alloc(ctx->save.p2m_size); + + if ( !ctx->save.batch_pfns || !ctx->save.mfns || !ctx->save.types || +- !dirty_bitmap || !ctx->save.deferred_pages ) ++ !ctx->save.errors || !dirty_bitmap || !ctx->save.deferred_pages ) + { + ERROR("Unable to allocate memory for dirty bitmaps, batch pfns and" + " deferred pages"); +@@ -880,6 +879,7 @@ static void cleanup(struct xc_sr_context + xc_hypercall_buffer_free_pages(xch, dirty_bitmap, + NRPAGES(bitmap_size(ctx->save.p2m_size))); + free(ctx->save.deferred_pages); ++ free(ctx->save.errors); + free(ctx->save.types); + free(ctx->save.mfns); + free(ctx->save.batch_pfns); diff --git a/libxc-sr-save-guest_data.patch b/libxc-sr-save-guest_data.patch new file mode 100644 index 0000000..bf3e464 --- /dev/null +++ b/libxc-sr-save-guest_data.patch @@ -0,0 +1,123 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 11:40:45 +0200 +Subject: libxc sr save guest_data + +tools: save: preallocate guest_data array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in a batch. +Allocate the space once. + +Because this was allocated with calloc: +Adjust the loop to clear unused entries as needed. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 1 + + tools/libs/guest/xg_sr_save.c | 20 +++++++++++--------- + 2 files changed, 12 insertions(+), 9 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -249,6 +249,7 @@ struct xc_sr_context + int *errors; + struct iovec *iov; + uint64_t *rec_pfns; ++ void **guest_data; + unsigned int nr_batch_pfns; + unsigned long *deferred_pages; + unsigned long nr_deferred_pages; +--- a/tools/libs/guest/xg_sr_save.c ++++ b/tools/libs/guest/xg_sr_save.c +@@ -89,7 +89,6 @@ static int write_batch(struct xc_sr_cont + { + xc_interface *xch = ctx->xch; + void *guest_mapping = NULL; +- void **guest_data = NULL; + void **local_pages = NULL; + int rc = -1; + unsigned int i, p, nr_pages = 0, nr_pages_mapped = 0; +@@ -103,12 +102,10 @@ static int write_batch(struct xc_sr_cont + + assert(nr_pfns != 0); + +- /* Pointers to page data to send. Mapped gfns or local allocations. */ +- guest_data = calloc(nr_pfns, sizeof(*guest_data)); + /* Pointers to locally allocated pages. Need freeing. */ + local_pages = calloc(nr_pfns, sizeof(*local_pages)); + +- if ( !guest_data || !local_pages ) ++ if ( !local_pages ) + { + ERROR("Unable to allocate arrays for a batch of %u pages", + nr_pfns); +@@ -165,7 +162,10 @@ static int write_batch(struct xc_sr_cont + for ( i = 0, p = 0; i < nr_pfns; ++i ) + { + if ( !page_type_has_stream_data(ctx->save.types[i]) ) ++ { ++ ctx->save.guest_data[i] = NULL; + continue; ++ } + + if ( ctx->save.errors[p] ) + { +@@ -183,6 +183,7 @@ static int write_batch(struct xc_sr_cont + + if ( rc ) + { ++ ctx->save.guest_data[i] = NULL; + if ( rc == -1 && errno == EAGAIN ) + { + set_bit(ctx->save.batch_pfns[i], ctx->save.deferred_pages); +@@ -194,7 +195,7 @@ static int write_batch(struct xc_sr_cont + goto err; + } + else +- guest_data[i] = page; ++ ctx->save.guest_data[i] = page; + + rc = -1; + ++p; +@@ -232,9 +233,9 @@ static int write_batch(struct xc_sr_cont + { + for ( i = 0; i < nr_pfns; ++i ) + { +- if ( guest_data[i] ) ++ if ( ctx->save.guest_data[i] ) + { +- ctx->save.iov[iovcnt].iov_base = guest_data[i]; ++ ctx->save.iov[iovcnt].iov_base = ctx->save.guest_data[i]; + ctx->save.iov[iovcnt].iov_len = PAGE_SIZE; + iovcnt++; + --nr_pages; +@@ -258,7 +259,6 @@ static int write_batch(struct xc_sr_cont + for ( i = 0; local_pages && i < nr_pfns; ++i ) + free(local_pages[i]); + free(local_pages); +- free(guest_data); + + return rc; + } +@@ -836,11 +836,12 @@ static int setup(struct xc_sr_context *c + ctx->save.errors = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.errors)); + ctx->save.iov = malloc((4 + MAX_BATCH_SIZE) * sizeof(*ctx->save.iov)); + ctx->save.rec_pfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.rec_pfns)); ++ ctx->save.guest_data = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.guest_data)); + ctx->save.deferred_pages = bitmap_alloc(ctx->save.p2m_size); + + if ( !ctx->save.batch_pfns || !ctx->save.mfns || !ctx->save.types || + !ctx->save.errors || !ctx->save.iov || !ctx->save.rec_pfns || +- !dirty_bitmap || !ctx->save.deferred_pages ) ++ !ctx->save.guest_data ||!dirty_bitmap || !ctx->save.deferred_pages ) + { + ERROR("Unable to allocate memory for dirty bitmaps, batch pfns and" + " deferred pages"); +@@ -871,6 +872,7 @@ static void cleanup(struct xc_sr_context + xc_hypercall_buffer_free_pages(xch, dirty_bitmap, + NRPAGES(bitmap_size(ctx->save.p2m_size))); + free(ctx->save.deferred_pages); ++ free(ctx->save.guest_data); + free(ctx->save.rec_pfns); + free(ctx->save.iov); + free(ctx->save.errors); diff --git a/libxc-sr-save-iov.patch b/libxc-sr-save-iov.patch new file mode 100644 index 0000000..aff908b --- /dev/null +++ b/libxc-sr-save-iov.patch @@ -0,0 +1,124 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 11:30:41 +0200 +Subject: libxc sr save iov + +tools: save: preallocate iov array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in a batch. +Allocate the space once. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 1 + + tools/libs/guest/xg_sr_save.c | 34 ++++++++++++++++----------------- + 2 files changed, 18 insertions(+), 17 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -247,6 +247,7 @@ struct xc_sr_context + xen_pfn_t *mfns; + xen_pfn_t *types; + int *errors; ++ struct iovec *iov; + unsigned int nr_batch_pfns; + unsigned long *deferred_pages; + unsigned long nr_deferred_pages; +--- a/tools/libs/guest/xg_sr_save.c ++++ b/tools/libs/guest/xg_sr_save.c +@@ -96,7 +96,7 @@ static int write_batch(struct xc_sr_cont + unsigned int nr_pfns = ctx->save.nr_batch_pfns; + void *page, *orig_page; + uint64_t *rec_pfns = NULL; +- struct iovec *iov = NULL; int iovcnt = 0; ++ int iovcnt = 0; + struct xc_sr_rec_page_data_header hdr = { 0 }; + struct xc_sr_record rec = { + .type = REC_TYPE_PAGE_DATA, +@@ -108,10 +108,8 @@ static int write_batch(struct xc_sr_cont + guest_data = calloc(nr_pfns, sizeof(*guest_data)); + /* Pointers to locally allocated pages. Need freeing. */ + local_pages = calloc(nr_pfns, sizeof(*local_pages)); +- /* iovec[] for writev(). */ +- iov = malloc((nr_pfns + 4) * sizeof(*iov)); + +- if ( !guest_data || !local_pages || !iov ) ++ if ( !guest_data || !local_pages ) + { + ERROR("Unable to allocate arrays for a batch of %u pages", + nr_pfns); +@@ -221,17 +219,17 @@ static int write_batch(struct xc_sr_cont + for ( i = 0; i < nr_pfns; ++i ) + rec_pfns[i] = ((uint64_t)(ctx->save.types[i]) << 32) | ctx->save.batch_pfns[i]; + +- iov[0].iov_base = &rec.type; +- iov[0].iov_len = sizeof(rec.type); ++ ctx->save.iov[0].iov_base = &rec.type; ++ ctx->save.iov[0].iov_len = sizeof(rec.type); + +- iov[1].iov_base = &rec.length; +- iov[1].iov_len = sizeof(rec.length); ++ ctx->save.iov[1].iov_base = &rec.length; ++ ctx->save.iov[1].iov_len = sizeof(rec.length); + +- iov[2].iov_base = &hdr; +- iov[2].iov_len = sizeof(hdr); ++ ctx->save.iov[2].iov_base = &hdr; ++ ctx->save.iov[2].iov_len = sizeof(hdr); + +- iov[3].iov_base = rec_pfns; +- iov[3].iov_len = nr_pfns * sizeof(*rec_pfns); ++ ctx->save.iov[3].iov_base = rec_pfns; ++ ctx->save.iov[3].iov_len = nr_pfns * sizeof(*rec_pfns); + + iovcnt = 4; + ctx->save.pages_sent += nr_pages; +@@ -243,15 +241,15 @@ static int write_batch(struct xc_sr_cont + { + if ( guest_data[i] ) + { +- iov[iovcnt].iov_base = guest_data[i]; +- iov[iovcnt].iov_len = PAGE_SIZE; ++ ctx->save.iov[iovcnt].iov_base = guest_data[i]; ++ ctx->save.iov[iovcnt].iov_len = PAGE_SIZE; + iovcnt++; + --nr_pages; + } + } + } + +- if ( writev_exact(ctx->fd, iov, iovcnt) ) ++ if ( writev_exact(ctx->fd, ctx->save.iov, iovcnt) ) + { + PERROR("Failed to write page data to stream"); + goto err; +@@ -267,7 +265,6 @@ static int write_batch(struct xc_sr_cont + xenforeignmemory_unmap(xch->fmem, guest_mapping, nr_pages_mapped); + for ( i = 0; local_pages && i < nr_pfns; ++i ) + free(local_pages[i]); +- free(iov); + free(local_pages); + free(guest_data); + +@@ -845,10 +842,12 @@ static int setup(struct xc_sr_context *c + ctx->save.mfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.mfns)); + ctx->save.types = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.types)); + ctx->save.errors = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.errors)); ++ ctx->save.iov = malloc((4 + MAX_BATCH_SIZE) * sizeof(*ctx->save.iov)); + ctx->save.deferred_pages = bitmap_alloc(ctx->save.p2m_size); + + if ( !ctx->save.batch_pfns || !ctx->save.mfns || !ctx->save.types || +- !ctx->save.errors || !dirty_bitmap || !ctx->save.deferred_pages ) ++ !ctx->save.errors || !ctx->save.iov || !dirty_bitmap || ++ !ctx->save.deferred_pages ) + { + ERROR("Unable to allocate memory for dirty bitmaps, batch pfns and" + " deferred pages"); +@@ -879,6 +878,7 @@ static void cleanup(struct xc_sr_context + xc_hypercall_buffer_free_pages(xch, dirty_bitmap, + NRPAGES(bitmap_size(ctx->save.p2m_size))); + free(ctx->save.deferred_pages); ++ free(ctx->save.iov); + free(ctx->save.errors); + free(ctx->save.types); + free(ctx->save.mfns); diff --git a/libxc-sr-save-local_pages.patch b/libxc-sr-save-local_pages.patch new file mode 100644 index 0000000..3956b38 --- /dev/null +++ b/libxc-sr-save-local_pages.patch @@ -0,0 +1,218 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 12:47:56 +0200 +Subject: libxc sr save local_pages + +tools: save: preallocate local_pages array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in a batch. +Allocate the space once. + +Adjust the code to use the unmodified src page in case of HVM. +In case of PV the page may need to be normalised, use a private memory +area for this purpose. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 22 ++++++++++--------- + tools/libs/guest/xg_sr_save.c | 26 ++++------------------ + tools/libs/guest/xg_sr_save_x86_hvm.c | 5 +++-- + tools/libs/guest/xg_sr_save_x86_pv.c | 31 ++++++++++++++++++--------- + 4 files changed, 40 insertions(+), 44 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -33,16 +33,12 @@ struct xc_sr_save_ops + * Optionally transform the contents of a page from being specific to the + * sending environment, to being generic for the stream. + * +- * The page of data at the end of 'page' may be a read-only mapping of a +- * running guest; it must not be modified. If no transformation is +- * required, the callee should leave '*pages' untouched. ++ * The page of data '*src' may be a read-only mapping of a running guest; ++ * it must not be modified. If no transformation is required, the callee ++ * should leave '*src' untouched, and return it via '**ptr'. + * +- * If a transformation is required, the callee should allocate themselves +- * a local page using malloc() and return it via '*page'. +- * +- * The caller shall free() '*page' in all cases. In the case that the +- * callee encounters an error, it should *NOT* free() the memory it +- * allocated for '*page'. ++ * If a transformation is required, the callee should provide the ++ * transformed page in a private buffer and return it via '**ptr'. + * + * It is valid to fail with EAGAIN if the transformation is not able to be + * completed at this point. The page shall be retried later. +@@ -50,7 +46,7 @@ struct xc_sr_save_ops + * @returns 0 for success, -1 for failure, with errno appropriately set. + */ + int (*normalise_page)(struct xc_sr_context *ctx, xen_pfn_t type, +- void **page); ++ void *src, unsigned int idx, void **ptr); + + /** + * Set up local environment to save a domain. (Typically querying +@@ -359,6 +355,12 @@ struct xc_sr_context + { + struct + { ++ /* Used by write_batch for modified pages. */ ++ void *normalised_pages; ++ } save; ++ ++ struct ++ { + /* State machine for the order of received records. */ + bool seen_pv_info; + +--- a/tools/libs/guest/xg_sr_save.c ++++ b/tools/libs/guest/xg_sr_save.c +@@ -89,11 +89,10 @@ static int write_batch(struct xc_sr_cont + { + xc_interface *xch = ctx->xch; + void *guest_mapping = NULL; +- void **local_pages = NULL; + int rc = -1; + unsigned int i, p, nr_pages = 0, nr_pages_mapped = 0; + unsigned int nr_pfns = ctx->save.nr_batch_pfns; +- void *page, *orig_page; ++ void *src; + int iovcnt = 0; + struct xc_sr_rec_page_data_header hdr = { 0 }; + struct xc_sr_record rec = { +@@ -102,16 +101,6 @@ static int write_batch(struct xc_sr_cont + + assert(nr_pfns != 0); + +- /* Pointers to locally allocated pages. Need freeing. */ +- local_pages = calloc(nr_pfns, sizeof(*local_pages)); +- +- if ( !local_pages ) +- { +- ERROR("Unable to allocate arrays for a batch of %u pages", +- nr_pfns); +- goto err; +- } +- + for ( i = 0; i < nr_pfns; ++i ) + { + ctx->save.types[i] = ctx->save.mfns[i] = ctx->save.ops.pfn_to_gfn(ctx, +@@ -175,11 +164,9 @@ static int write_batch(struct xc_sr_cont + goto err; + } + +- orig_page = page = guest_mapping + (p * PAGE_SIZE); +- rc = ctx->save.ops.normalise_page(ctx, ctx->save.types[i], &page); +- +- if ( orig_page != page ) +- local_pages[i] = page; ++ src = guest_mapping + (p * PAGE_SIZE); ++ rc = ctx->save.ops.normalise_page(ctx, ctx->save.types[i], src, i, ++ &ctx->save.guest_data[i]); + + if ( rc ) + { +@@ -194,8 +181,6 @@ static int write_batch(struct xc_sr_cont + else + goto err; + } +- else +- ctx->save.guest_data[i] = page; + + rc = -1; + ++p; +@@ -256,9 +241,6 @@ static int write_batch(struct xc_sr_cont + err: + if ( guest_mapping ) + xenforeignmemory_unmap(xch->fmem, guest_mapping, nr_pages_mapped); +- for ( i = 0; local_pages && i < nr_pfns; ++i ) +- free(local_pages[i]); +- free(local_pages); + + return rc; + } +--- a/tools/libs/guest/xg_sr_save_x86_hvm.c ++++ b/tools/libs/guest/xg_sr_save_x86_hvm.c +@@ -129,9 +129,10 @@ static xen_pfn_t x86_hvm_pfn_to_gfn(cons + return pfn; + } + +-static int x86_hvm_normalise_page(struct xc_sr_context *ctx, +- xen_pfn_t type, void **page) ++static int x86_hvm_normalise_page(struct xc_sr_context *ctx, xen_pfn_t type, ++ void *src, unsigned int idx, void **ptr) + { ++ *ptr = src; + return 0; + } + +--- a/tools/libs/guest/xg_sr_save_x86_pv.c ++++ b/tools/libs/guest/xg_sr_save_x86_pv.c +@@ -999,29 +999,31 @@ static xen_pfn_t x86_pv_pfn_to_gfn(const + * save_ops function. Performs pagetable normalisation on appropriate pages. + */ + static int x86_pv_normalise_page(struct xc_sr_context *ctx, xen_pfn_t type, +- void **page) ++ void *src, unsigned int idx, void **ptr) + { + xc_interface *xch = ctx->xch; +- void *local_page; ++ void *dst; + int rc; + + type &= XEN_DOMCTL_PFINFO_LTABTYPE_MASK; + + if ( type < XEN_DOMCTL_PFINFO_L1TAB || type > XEN_DOMCTL_PFINFO_L4TAB ) ++ { ++ *ptr = src; + return 0; ++ } + +- local_page = malloc(PAGE_SIZE); +- if ( !local_page ) ++ if ( idx >= MAX_BATCH_SIZE ) + { +- ERROR("Unable to allocate scratch page"); +- rc = -1; +- goto out; ++ ERROR("idx %u out of range", idx); ++ errno = ERANGE; ++ return -1; + } + +- rc = normalise_pagetable(ctx, *page, local_page, type); +- *page = local_page; ++ dst = ctx->x86.pv.save.normalised_pages + (idx * PAGE_SIZE); ++ rc = normalise_pagetable(ctx, src, dst, type); ++ *ptr = dst; + +- out: + return rc; + } + +@@ -1031,8 +1033,16 @@ static int x86_pv_normalise_page(struct + */ + static int x86_pv_setup(struct xc_sr_context *ctx) + { ++ xc_interface *xch = ctx->xch; + int rc; + ++ ctx->x86.pv.save.normalised_pages = malloc(MAX_BATCH_SIZE * PAGE_SIZE); ++ if ( !ctx->x86.pv.save.normalised_pages ) ++ { ++ PERROR("Failed to allocate normalised_pages"); ++ return -1; ++ } ++ + rc = x86_pv_domain_info(ctx); + if ( rc ) + return rc; +@@ -1118,6 +1128,7 @@ static int x86_pv_check_vm_state(struct + + static int x86_pv_cleanup(struct xc_sr_context *ctx) + { ++ free(ctx->x86.pv.save.normalised_pages); + free(ctx->x86.pv.p2m_pfns); + + if ( ctx->x86.pv.p2m ) diff --git a/libxc-sr-save-mfns.patch b/libxc-sr-save-mfns.patch new file mode 100644 index 0000000..585ccf7 --- /dev/null +++ b/libxc-sr-save-mfns.patch @@ -0,0 +1,132 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 11:20:36 +0200 +Subject: libxc sr save mfns + +tools: save: preallocate mfns array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in a batch, see add_to_batch. +Allocate the space once. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 1 + + tools/libs/guest/xg_sr_save.c | 25 +++++++++++++------------ + 2 files changed, 14 insertions(+), 12 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -244,6 +244,7 @@ struct xc_sr_context + struct precopy_stats stats; + + xen_pfn_t *batch_pfns; ++ xen_pfn_t *mfns; + unsigned int nr_batch_pfns; + unsigned long *deferred_pages; + unsigned long nr_deferred_pages; +--- a/tools/libs/guest/xg_sr_save.c ++++ b/tools/libs/guest/xg_sr_save.c +@@ -88,7 +88,7 @@ static int write_checkpoint_record(struc + static int write_batch(struct xc_sr_context *ctx) + { + xc_interface *xch = ctx->xch; +- xen_pfn_t *mfns = NULL, *types = NULL; ++ xen_pfn_t *types = NULL; + void *guest_mapping = NULL; + void **guest_data = NULL; + void **local_pages = NULL; +@@ -105,8 +105,6 @@ static int write_batch(struct xc_sr_cont + + assert(nr_pfns != 0); + +- /* Mfns of the batch pfns. */ +- mfns = malloc(nr_pfns * sizeof(*mfns)); + /* Types of the batch pfns. */ + types = malloc(nr_pfns * sizeof(*types)); + /* Errors from attempting to map the gfns. */ +@@ -118,7 +116,7 @@ static int write_batch(struct xc_sr_cont + /* iovec[] for writev(). */ + iov = malloc((nr_pfns + 4) * sizeof(*iov)); + +- if ( !mfns || !types || !errors || !guest_data || !local_pages || !iov ) ++ if ( !types || !errors || !guest_data || !local_pages || !iov ) + { + ERROR("Unable to allocate arrays for a batch of %u pages", + nr_pfns); +@@ -127,11 +125,11 @@ static int write_batch(struct xc_sr_cont + + for ( i = 0; i < nr_pfns; ++i ) + { +- types[i] = mfns[i] = ctx->save.ops.pfn_to_gfn(ctx, ++ types[i] = ctx->save.mfns[i] = ctx->save.ops.pfn_to_gfn(ctx, + ctx->save.batch_pfns[i]); + + /* Likely a ballooned page. */ +- if ( mfns[i] == INVALID_MFN ) ++ if ( ctx->save.mfns[i] == INVALID_MFN ) + { + set_bit(ctx->save.batch_pfns[i], ctx->save.deferred_pages); + ++ctx->save.nr_deferred_pages; +@@ -150,20 +148,21 @@ static int write_batch(struct xc_sr_cont + { + if ( !is_known_page_type(types[i]) ) + { +- ERROR("Unknown type %#"PRIpfn" for pfn %#"PRIpfn, types[i], mfns[i]); ++ ERROR("Unknown type %#"PRIpfn" for pfn %#"PRIpfn, ++ types[i], ctx->save.mfns[i]); + goto err; + } + + if ( !page_type_has_stream_data(types[i]) ) + continue; + +- mfns[nr_pages++] = mfns[i]; ++ ctx->save.mfns[nr_pages++] = ctx->save.mfns[i]; + } + + if ( nr_pages > 0 ) + { + guest_mapping = xenforeignmemory_map( +- xch->fmem, ctx->domid, PROT_READ, nr_pages, mfns, errors); ++ xch->fmem, ctx->domid, PROT_READ, nr_pages, ctx->save.mfns, errors); + if ( !guest_mapping ) + { + PERROR("Failed to map guest pages"); +@@ -179,7 +178,7 @@ static int write_batch(struct xc_sr_cont + if ( errors[p] ) + { + ERROR("Mapping of pfn %#"PRIpfn" (mfn %#"PRIpfn") failed %d", +- ctx->save.batch_pfns[i], mfns[p], errors[p]); ++ ctx->save.batch_pfns[i], ctx->save.mfns[p], errors[p]); + goto err; + } + +@@ -277,7 +276,6 @@ static int write_batch(struct xc_sr_cont + free(guest_data); + free(errors); + free(types); +- free(mfns); + + return rc; + } +@@ -850,9 +848,11 @@ static int setup(struct xc_sr_context *c + xch, dirty_bitmap, NRPAGES(bitmap_size(ctx->save.p2m_size))); + ctx->save.batch_pfns = malloc(MAX_BATCH_SIZE * + sizeof(*ctx->save.batch_pfns)); ++ ctx->save.mfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.mfns)); + ctx->save.deferred_pages = bitmap_alloc(ctx->save.p2m_size); + +- if ( !ctx->save.batch_pfns || !dirty_bitmap || !ctx->save.deferred_pages ) ++ if ( !ctx->save.batch_pfns || !ctx->save.mfns || ++ !dirty_bitmap || !ctx->save.deferred_pages ) + { + ERROR("Unable to allocate memory for dirty bitmaps, batch pfns and" + " deferred pages"); +@@ -883,6 +883,7 @@ static void cleanup(struct xc_sr_context + xc_hypercall_buffer_free_pages(xch, dirty_bitmap, + NRPAGES(bitmap_size(ctx->save.p2m_size))); + free(ctx->save.deferred_pages); ++ free(ctx->save.mfns); + free(ctx->save.batch_pfns); + } + diff --git a/libxc-sr-save-rec_pfns.patch b/libxc-sr-save-rec_pfns.patch new file mode 100644 index 0000000..f0958e2 --- /dev/null +++ b/libxc-sr-save-rec_pfns.patch @@ -0,0 +1,110 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 11:34:00 +0200 +Subject: libxc sr save rec_pfns + +tools: save: preallocate rec_pfns array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in a batch. +Allocate the space once. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 1 + + tools/libs/guest/xg_sr_save.c | 28 +++++++++++----------------- + 2 files changed, 12 insertions(+), 17 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -248,6 +248,7 @@ struct xc_sr_context + xen_pfn_t *types; + int *errors; + struct iovec *iov; ++ uint64_t *rec_pfns; + unsigned int nr_batch_pfns; + unsigned long *deferred_pages; + unsigned long nr_deferred_pages; +--- a/tools/libs/guest/xg_sr_save.c ++++ b/tools/libs/guest/xg_sr_save.c +@@ -95,7 +95,6 @@ static int write_batch(struct xc_sr_cont + unsigned int i, p, nr_pages = 0, nr_pages_mapped = 0; + unsigned int nr_pfns = ctx->save.nr_batch_pfns; + void *page, *orig_page; +- uint64_t *rec_pfns = NULL; + int iovcnt = 0; + struct xc_sr_rec_page_data_header hdr = { 0 }; + struct xc_sr_record rec = { +@@ -202,22 +201,15 @@ static int write_batch(struct xc_sr_cont + } + } + +- rec_pfns = malloc(nr_pfns * sizeof(*rec_pfns)); +- if ( !rec_pfns ) +- { +- ERROR("Unable to allocate %zu bytes of memory for page data pfn list", +- nr_pfns * sizeof(*rec_pfns)); +- goto err; +- } +- + hdr.count = nr_pfns; + + rec.length = sizeof(hdr); +- rec.length += nr_pfns * sizeof(*rec_pfns); ++ rec.length += nr_pfns * sizeof(*ctx->save.rec_pfns); + rec.length += nr_pages * PAGE_SIZE; + + for ( i = 0; i < nr_pfns; ++i ) +- rec_pfns[i] = ((uint64_t)(ctx->save.types[i]) << 32) | ctx->save.batch_pfns[i]; ++ ctx->save.rec_pfns[i] = ((uint64_t)(ctx->save.types[i]) << 32) | ++ ctx->save.batch_pfns[i]; + + ctx->save.iov[0].iov_base = &rec.type; + ctx->save.iov[0].iov_len = sizeof(rec.type); +@@ -228,12 +220,13 @@ static int write_batch(struct xc_sr_cont + ctx->save.iov[2].iov_base = &hdr; + ctx->save.iov[2].iov_len = sizeof(hdr); + +- ctx->save.iov[3].iov_base = rec_pfns; +- ctx->save.iov[3].iov_len = nr_pfns * sizeof(*rec_pfns); ++ ctx->save.iov[3].iov_base = ctx->save.rec_pfns; ++ ctx->save.iov[3].iov_len = nr_pfns * sizeof(*ctx->save.rec_pfns); + + iovcnt = 4; + ctx->save.pages_sent += nr_pages; +- ctx->save.overhead_sent += sizeof(rec) + sizeof(hdr) + nr_pfns * sizeof(*rec_pfns); ++ ctx->save.overhead_sent += sizeof(rec) + sizeof(hdr) + ++ nr_pfns * sizeof(*ctx->save.rec_pfns); + + if ( nr_pages ) + { +@@ -260,7 +253,6 @@ static int write_batch(struct xc_sr_cont + rc = ctx->save.nr_batch_pfns = 0; + + err: +- free(rec_pfns); + if ( guest_mapping ) + xenforeignmemory_unmap(xch->fmem, guest_mapping, nr_pages_mapped); + for ( i = 0; local_pages && i < nr_pfns; ++i ) +@@ -843,11 +835,12 @@ static int setup(struct xc_sr_context *c + ctx->save.types = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.types)); + ctx->save.errors = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.errors)); + ctx->save.iov = malloc((4 + MAX_BATCH_SIZE) * sizeof(*ctx->save.iov)); ++ ctx->save.rec_pfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.rec_pfns)); + ctx->save.deferred_pages = bitmap_alloc(ctx->save.p2m_size); + + if ( !ctx->save.batch_pfns || !ctx->save.mfns || !ctx->save.types || +- !ctx->save.errors || !ctx->save.iov || !dirty_bitmap || +- !ctx->save.deferred_pages ) ++ !ctx->save.errors || !ctx->save.iov || !ctx->save.rec_pfns || ++ !dirty_bitmap || !ctx->save.deferred_pages ) + { + ERROR("Unable to allocate memory for dirty bitmaps, batch pfns and" + " deferred pages"); +@@ -878,6 +871,7 @@ static void cleanup(struct xc_sr_context + xc_hypercall_buffer_free_pages(xch, dirty_bitmap, + NRPAGES(bitmap_size(ctx->save.p2m_size))); + free(ctx->save.deferred_pages); ++ free(ctx->save.rec_pfns); + free(ctx->save.iov); + free(ctx->save.errors); + free(ctx->save.types); diff --git a/libxc-sr-save-show_transfer_rate.patch b/libxc-sr-save-show_transfer_rate.patch new file mode 100644 index 0000000..2387fa1 --- /dev/null +++ b/libxc-sr-save-show_transfer_rate.patch @@ -0,0 +1,116 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 15:39:59 +0200 +Subject: libxc sr save show_transfer_rate + +tools: show migration transfer rate in send_dirty_pages + +Show how fast domU pages are transferred in each iteration. + +The relevant data is how fast the pfns travel, not so much how much +protocol overhead exists. So the reported MiB/sec is just for pfns. + +Signed-off-by: Olaf Hering + +v02: +- rearrange MiB_sec calculation (jgross) +--- + tools/libs/guest/xg_sr_common.h | 2 ++ + tools/libs/guest/xg_sr_save.c | 46 +++++++++++++++++++++++++++++++++ + 2 files changed, 48 insertions(+) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -238,6 +238,8 @@ struct xc_sr_context + bool debug; + + unsigned long p2m_size; ++ size_t pages_sent; ++ size_t overhead_sent; + + struct precopy_stats stats; + +--- a/tools/libs/guest/xg_sr_save.c ++++ b/tools/libs/guest/xg_sr_save.c +@@ -1,5 +1,6 @@ + #include + #include ++#include + + #include "xg_sr_common.h" + +@@ -238,6 +239,8 @@ static int write_batch(struct xc_sr_cont + iov[3].iov_len = nr_pfns * sizeof(*rec_pfns); + + iovcnt = 4; ++ ctx->save.pages_sent += nr_pages; ++ ctx->save.overhead_sent += sizeof(rec) + sizeof(hdr) + nr_pfns * sizeof(*rec_pfns); + + if ( nr_pages ) + { +@@ -356,6 +359,42 @@ static int suspend_domain(struct xc_sr_c + return 0; + } + ++static void show_transfer_rate(struct xc_sr_context *ctx, struct timespec *start) ++{ ++ xc_interface *xch = ctx->xch; ++ struct timespec end = {}, diff = {}; ++ size_t ms, MiB_sec; ++ ++ if (!ctx->save.pages_sent) ++ return; ++ ++ if ( clock_gettime(CLOCK_MONOTONIC, &end) ) ++ PERROR("clock_gettime"); ++ ++ if ( (end.tv_nsec - start->tv_nsec) < 0 ) ++ { ++ diff.tv_sec = end.tv_sec - start->tv_sec - 1; ++ diff.tv_nsec = end.tv_nsec - start->tv_nsec + (1000U*1000U*1000U); ++ } ++ else ++ { ++ diff.tv_sec = end.tv_sec - start->tv_sec; ++ diff.tv_nsec = end.tv_nsec - start->tv_nsec; ++ } ++ ++ ms = (diff.tv_nsec / (1000U*1000U)); ++ ms += (diff.tv_sec * 1000U); ++ if (!ms) ++ ms = 1; ++ ++ MiB_sec = (ctx->save.pages_sent * PAGE_SIZE * 1000U) / ms / (1024U*1024U); ++ ++ errno = 0; ++ IPRINTF("%s: %zu bytes + %zu pages in %ld.%09ld sec, %zu MiB/sec", __func__, ++ ctx->save.overhead_sent, ctx->save.pages_sent, ++ diff.tv_sec, diff.tv_nsec, MiB_sec); ++} ++ + /* + * Send a subset of pages in the guests p2m, according to the dirty bitmap. + * Used for each subsequent iteration of the live migration loop. +@@ -369,9 +408,15 @@ static int send_dirty_pages(struct xc_sr + xen_pfn_t p; + unsigned long written; + int rc; ++ struct timespec start = {}; + DECLARE_HYPERCALL_BUFFER_SHADOW(unsigned long, dirty_bitmap, + &ctx->save.dirty_bitmap_hbuf); + ++ ctx->save.pages_sent = 0; ++ ctx->save.overhead_sent = 0; ++ if ( clock_gettime(CLOCK_MONOTONIC, &start) ) ++ PERROR("clock_gettime"); ++ + for ( p = 0, written = 0; p < ctx->save.p2m_size; ++p ) + { + if ( !test_bit(p, dirty_bitmap) ) +@@ -395,6 +440,7 @@ static int send_dirty_pages(struct xc_sr + if ( written > entries ) + DPRINTF("Bitmap contained more entries than expected..."); + ++ show_transfer_rate(ctx, &start); + xc_report_progress_step(xch, entries, entries); + + return ctx->save.ops.check_vm_state(ctx); diff --git a/libxc-sr-save-types.patch b/libxc-sr-save-types.patch new file mode 100644 index 0000000..454308e --- /dev/null +++ b/libxc-sr-save-types.patch @@ -0,0 +1,154 @@ +From: Olaf Hering +Date: Fri, 23 Oct 2020 11:23:51 +0200 +Subject: libxc sr save types + +tools: save: preallocate types array + +Remove repeated allocation from migration loop. There will never be +more than MAX_BATCH_SIZE pages to process in a batch. +Allocate the space once. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 1 + + tools/libs/guest/xg_sr_save.c | 28 +++++++++++++--------------- + 2 files changed, 14 insertions(+), 15 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -245,6 +245,7 @@ struct xc_sr_context + + xen_pfn_t *batch_pfns; + xen_pfn_t *mfns; ++ xen_pfn_t *types; + unsigned int nr_batch_pfns; + unsigned long *deferred_pages; + unsigned long nr_deferred_pages; +--- a/tools/libs/guest/xg_sr_save.c ++++ b/tools/libs/guest/xg_sr_save.c +@@ -88,7 +88,6 @@ static int write_checkpoint_record(struc + static int write_batch(struct xc_sr_context *ctx) + { + xc_interface *xch = ctx->xch; +- xen_pfn_t *types = NULL; + void *guest_mapping = NULL; + void **guest_data = NULL; + void **local_pages = NULL; +@@ -105,8 +104,6 @@ static int write_batch(struct xc_sr_cont + + assert(nr_pfns != 0); + +- /* Types of the batch pfns. */ +- types = malloc(nr_pfns * sizeof(*types)); + /* Errors from attempting to map the gfns. */ + errors = malloc(nr_pfns * sizeof(*errors)); + /* Pointers to page data to send. Mapped gfns or local allocations. */ +@@ -116,7 +113,7 @@ static int write_batch(struct xc_sr_cont + /* iovec[] for writev(). */ + iov = malloc((nr_pfns + 4) * sizeof(*iov)); + +- if ( !types || !errors || !guest_data || !local_pages || !iov ) ++ if ( !errors || !guest_data || !local_pages || !iov ) + { + ERROR("Unable to allocate arrays for a batch of %u pages", + nr_pfns); +@@ -125,7 +122,7 @@ static int write_batch(struct xc_sr_cont + + for ( i = 0; i < nr_pfns; ++i ) + { +- types[i] = ctx->save.mfns[i] = ctx->save.ops.pfn_to_gfn(ctx, ++ ctx->save.types[i] = ctx->save.mfns[i] = ctx->save.ops.pfn_to_gfn(ctx, + ctx->save.batch_pfns[i]); + + /* Likely a ballooned page. */ +@@ -136,7 +133,7 @@ static int write_batch(struct xc_sr_cont + } + } + +- rc = xc_get_pfn_type_batch(xch, ctx->domid, nr_pfns, types); ++ rc = xc_get_pfn_type_batch(xch, ctx->domid, nr_pfns, ctx->save.types); + if ( rc ) + { + PERROR("Failed to get types for pfn batch"); +@@ -146,14 +143,14 @@ static int write_batch(struct xc_sr_cont + + for ( i = 0; i < nr_pfns; ++i ) + { +- if ( !is_known_page_type(types[i]) ) ++ if ( !is_known_page_type(ctx->save.types[i]) ) + { + ERROR("Unknown type %#"PRIpfn" for pfn %#"PRIpfn, +- types[i], ctx->save.mfns[i]); ++ ctx->save.types[i], ctx->save.mfns[i]); + goto err; + } + +- if ( !page_type_has_stream_data(types[i]) ) ++ if ( !page_type_has_stream_data(ctx->save.types[i]) ) + continue; + + ctx->save.mfns[nr_pages++] = ctx->save.mfns[i]; +@@ -172,7 +169,7 @@ static int write_batch(struct xc_sr_cont + + for ( i = 0, p = 0; i < nr_pfns; ++i ) + { +- if ( !page_type_has_stream_data(types[i]) ) ++ if ( !page_type_has_stream_data(ctx->save.types[i]) ) + continue; + + if ( errors[p] ) +@@ -183,7 +180,7 @@ static int write_batch(struct xc_sr_cont + } + + orig_page = page = guest_mapping + (p * PAGE_SIZE); +- rc = ctx->save.ops.normalise_page(ctx, types[i], &page); ++ rc = ctx->save.ops.normalise_page(ctx, ctx->save.types[i], &page); + + if ( orig_page != page ) + local_pages[i] = page; +@@ -194,7 +191,7 @@ static int write_batch(struct xc_sr_cont + { + set_bit(ctx->save.batch_pfns[i], ctx->save.deferred_pages); + ++ctx->save.nr_deferred_pages; +- types[i] = XEN_DOMCTL_PFINFO_XTAB; ++ ctx->save.types[i] = XEN_DOMCTL_PFINFO_XTAB; + --nr_pages; + } + else +@@ -223,7 +220,7 @@ static int write_batch(struct xc_sr_cont + rec.length += nr_pages * PAGE_SIZE; + + for ( i = 0; i < nr_pfns; ++i ) +- rec_pfns[i] = ((uint64_t)(types[i]) << 32) | ctx->save.batch_pfns[i]; ++ rec_pfns[i] = ((uint64_t)(ctx->save.types[i]) << 32) | ctx->save.batch_pfns[i]; + + iov[0].iov_base = &rec.type; + iov[0].iov_len = sizeof(rec.type); +@@ -275,7 +272,6 @@ static int write_batch(struct xc_sr_cont + free(local_pages); + free(guest_data); + free(errors); +- free(types); + + return rc; + } +@@ -849,9 +845,10 @@ static int setup(struct xc_sr_context *c + ctx->save.batch_pfns = malloc(MAX_BATCH_SIZE * + sizeof(*ctx->save.batch_pfns)); + ctx->save.mfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.mfns)); ++ ctx->save.types = malloc(MAX_BATCH_SIZE * sizeof(*ctx->save.types)); + ctx->save.deferred_pages = bitmap_alloc(ctx->save.p2m_size); + +- if ( !ctx->save.batch_pfns || !ctx->save.mfns || ++ if ( !ctx->save.batch_pfns || !ctx->save.mfns || !ctx->save.types || + !dirty_bitmap || !ctx->save.deferred_pages ) + { + ERROR("Unable to allocate memory for dirty bitmaps, batch pfns and" +@@ -883,6 +880,7 @@ static void cleanup(struct xc_sr_context + xc_hypercall_buffer_free_pages(xch, dirty_bitmap, + NRPAGES(bitmap_size(ctx->save.p2m_size))); + free(ctx->save.deferred_pages); ++ free(ctx->save.types); + free(ctx->save.mfns); + free(ctx->save.batch_pfns); + } diff --git a/libxc-sr-track-migration-time.patch b/libxc-sr-track-migration-time.patch new file mode 100644 index 0000000..80680a0 --- /dev/null +++ b/libxc-sr-track-migration-time.patch @@ -0,0 +1,263 @@ +From: Olaf Hering +Date: Thu, 4 Feb 2021 20:33:53 +0100 +Subject: libxc sr track migration time + +Track live migration state unconditionally in logfiles to see how long a domU was suspended. + +Signed-off-by: Olaf Hering +--- + tools/include/xentoollog.h | 1 + + tools/libs/ctrl/xc_domain.c | 12 +++++-- + tools/libs/ctrl/xc_private.h | 9 +++++ + tools/libs/guest/xg_resume.c | 5 ++- + tools/libs/guest/xg_sr_common.c | 59 ++++++++++++++++++++++++++++++++ + tools/libs/guest/xg_sr_common.h | 3 ++ + tools/libs/guest/xg_sr_restore.c | 3 ++ + tools/libs/guest/xg_sr_save.c | 6 +++- + tools/xl/xl.c | 2 ++ + 9 files changed, 96 insertions(+), 4 deletions(-) + +--- a/tools/include/xentoollog.h ++++ b/tools/include/xentoollog.h +@@ -133,6 +133,7 @@ const char *xtl_level_to_string(xentooll + }); + + ++#define XL_NO_SUSEINFO "XL_NO_SUSEINFO" + #endif /* XENTOOLLOG_H */ + + /* +--- a/tools/libs/ctrl/xc_domain.c ++++ b/tools/libs/ctrl/xc_domain.c +@@ -66,20 +66,28 @@ int xc_domain_cacheflush(xc_interface *x + int xc_domain_pause(xc_interface *xch, + uint32_t domid) + { ++ int ret; + struct xen_domctl domctl = {}; + domctl.cmd = XEN_DOMCTL_pausedomain; + domctl.domain = domid; +- return do_domctl(xch, &domctl); ++ ret = do_domctl(xch, &domctl); ++ if (getenv(XL_NO_SUSEINFO) == NULL) ++ SUSEINFO("domid %u: %s returned %d", domid, __func__, ret); ++ return ret; + } + + + int xc_domain_unpause(xc_interface *xch, + uint32_t domid) + { ++ int ret; + struct xen_domctl domctl = {}; + domctl.cmd = XEN_DOMCTL_unpausedomain; + domctl.domain = domid; +- return do_domctl(xch, &domctl); ++ ret = do_domctl(xch, &domctl); ++ if (getenv(XL_NO_SUSEINFO) == NULL) ++ SUSEINFO("domid %u: %s returned %d", domid, __func__, ret); ++ return ret; + } + + +--- a/tools/libs/ctrl/xc_private.h ++++ b/tools/libs/ctrl/xc_private.h +@@ -42,6 +42,15 @@ + + #include + ++/* ++ * Using loglevel ERROR to make sure the intended informational messages appear ++ * in libvirts libxl-driver.log ++ */ ++#define SUSEINFO(_m, _a...) do { int ERROR_errno = errno; \ ++ xc_report(xch, xch->error_handler, XTL_ERROR, XC_ERROR_NONE, "SUSEINFO: " _m , ## _a ); \ ++ errno = ERROR_errno; \ ++ } while (0) ++ + #if defined(HAVE_VALGRIND_MEMCHECK_H) && !defined(NDEBUG) && !defined(__MINIOS__) + /* Compile in Valgrind client requests? */ + #include +--- a/tools/libs/guest/xg_resume.c ++++ b/tools/libs/guest/xg_resume.c +@@ -259,7 +259,10 @@ out: + */ + int xc_domain_resume(xc_interface *xch, uint32_t domid, int fast) + { +- return (fast ++ int ret = (fast + ? xc_domain_resume_cooperative(xch, domid) + : xc_domain_resume_any(xch, domid)); ++ if (getenv(XL_NO_SUSEINFO) == NULL) ++ SUSEINFO("domid %u: %s%s returned %d", domid, __func__, fast ? " fast" : "", ret); ++ return ret; + } +--- a/tools/libs/guest/xg_sr_common.c ++++ b/tools/libs/guest/xg_sr_common.c +@@ -163,6 +163,65 @@ static void __attribute__((unused)) buil + BUILD_BUG_ON(sizeof(struct xc_sr_rec_hvm_params) != 8); + } + ++/* Write a two-character hex representation of 'byte' to digits[]. ++ Pre-condition: sizeof(digits) >= 2 */ ++static void byte_to_hex(char *digits, const uint8_t byte) ++{ ++ uint8_t nybbel = byte >> 4; ++ ++ if ( nybbel > 9 ) ++ digits[0] = 'a' + nybbel-10; ++ else ++ digits[0] = '0' + nybbel; ++ ++ nybbel = byte & 0x0f; ++ if ( nybbel > 9 ) ++ digits[1] = 'a' + nybbel-10; ++ else ++ digits[1] = '0' + nybbel; ++} ++ ++/* Convert an array of 16 unsigned bytes to a DCE/OSF formatted UUID ++ string. ++ ++ Pre-condition: sizeof(dest) >= 37 */ ++void sr_uuid_to_string(char *dest, const uint8_t *uuid) ++{ ++ int i = 0; ++ char *p = dest; ++ ++ for (; i < 4; i++ ) ++ { ++ byte_to_hex(p, uuid[i]); ++ p += 2; ++ } ++ *p++ = '-'; ++ for (; i < 6; i++ ) ++ { ++ byte_to_hex(p, uuid[i]); ++ p += 2; ++ } ++ *p++ = '-'; ++ for (; i < 8; i++ ) ++ { ++ byte_to_hex(p, uuid[i]); ++ p += 2; ++ } ++ *p++ = '-'; ++ for (; i < 10; i++ ) ++ { ++ byte_to_hex(p, uuid[i]); ++ p += 2; ++ } ++ *p++ = '-'; ++ for (; i < 16; i++ ) ++ { ++ byte_to_hex(p, uuid[i]); ++ p += 2; ++ } ++ *p = '\0'; ++} ++ + /* + * Expand the tracking structures as needed. + * To avoid realloc()ing too excessively, the size increased to the nearest +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -294,6 +294,7 @@ struct xc_sr_context + xc_stream_type_t stream_type; + + xc_domaininfo_t dominfo; ++ char uuid[16*2+4+1]; + + union /* Common save or restore data. */ + { +@@ -505,6 +506,8 @@ extern struct xc_sr_save_ops save_ops_x8 + extern struct xc_sr_restore_ops restore_ops_x86_pv; + extern struct xc_sr_restore_ops restore_ops_x86_hvm; + ++extern void sr_uuid_to_string(char *dest, const uint8_t *uuid); ++ + struct xc_sr_record + { + uint32_t type; +--- a/tools/libs/guest/xg_sr_restore.c ++++ b/tools/libs/guest/xg_sr_restore.c +@@ -871,6 +871,8 @@ static int restore(struct xc_sr_context + struct xc_sr_rhdr rhdr; + int rc, saved_rc = 0, saved_errno = 0; + ++ SUSEINFO("domid %u: %s %s start", ctx->domid, ctx->uuid, __func__); ++ DPRINTF("domid %u: max_pages %lx tot_pages %lx p2m_size %lx", ctx->domid, ctx->restore.max_pages, ctx->restore.tot_pages, ctx->restore.p2m_size); + IPRINTF("Restoring domain"); + + rc = setup(ctx); +@@ -946,6 +948,7 @@ static int restore(struct xc_sr_context + PERROR("Restore failed"); + + done: ++ SUSEINFO("domid %u: %s done", ctx->domid, __func__); + cleanup(ctx); + + if ( saved_rc ) +@@ -1011,6 +1014,7 @@ int xc_domain_restore(xc_interface *xch, + io_fd, dom, hvm, stream_type); + + ctx.domid = dom; ++ sr_uuid_to_string(ctx.uuid, ctx.dominfo.handle); + + if ( read_headers(&ctx) ) + return -1; +--- a/tools/libs/guest/xg_sr_save.c ++++ b/tools/libs/guest/xg_sr_save.c +@@ -353,7 +353,7 @@ static void show_transfer_rate(struct xc + MiB_sec = (ctx->save.pages_sent * PAGE_SIZE * 1000U) / ms / (1024U*1024U); + + errno = 0; +- IPRINTF("%s: %zu bytes + %zu pages in %ld.%09ld sec, %zu MiB/sec", __func__, ++ SUSEINFO("domid %u: %zu bytes + %zu pages in %ld.%09ld sec, %zu MiB/sec", ctx->domid, + ctx->save.overhead_sent, ctx->save.pages_sent, + diff.tv_sec, diff.tv_nsec, MiB_sec); + } +@@ -875,13 +875,16 @@ static int save(struct xc_sr_context *ct + { + xc_interface *xch = ctx->xch; + int rc, saved_rc = 0, saved_errno = 0; ++ unsigned long tot_pages = ctx->dominfo.tot_pages; + ++ SUSEINFO("domid %u: %s %s start, %lu pages allocated", ctx->domid, ctx->uuid, __func__, tot_pages); + IPRINTF("Saving domain %d, type %s", + ctx->domid, dhdr_type_to_str(guest_type)); + + rc = setup(ctx); + if ( rc ) + goto err; ++ SUSEINFO("domid %u: p2m_size %lx", ctx->domid, ctx->save.p2m_size); + + xc_report_progress_single(xch, "Start of stream"); + +@@ -995,6 +998,7 @@ static int save(struct xc_sr_context *ct + PERROR("Save failed"); + + done: ++ SUSEINFO("domid %u: %s done", ctx->domid, __func__); + cleanup(ctx); + + if ( saved_rc ) +@@ -1054,6 +1058,7 @@ int xc_domain_save(xc_interface *xch, in + io_fd, dom, flags, hvm); + + ctx.domid = dom; ++ sr_uuid_to_string(ctx.uuid, ctx.dominfo.handle); + + if ( hvm ) + { +--- a/tools/xl/xl.c ++++ b/tools/xl/xl.c +@@ -424,6 +424,8 @@ int main(int argc, char **argv) + logger = xtl_createlogger_stdiostream(stderr, minmsglevel, xtl_flags); + if (!logger) exit(EXIT_FAILURE); + ++ /* Provide context to libxl and libxc: no SUSEINFO() from xl */ ++ setenv(XL_NO_SUSEINFO, "1", 0); + xl_ctx_alloc(); + + atexit(xl_ctx_free); diff --git a/libxc-sr-xg_sr_bitmap-populated_pfns.patch b/libxc-sr-xg_sr_bitmap-populated_pfns.patch new file mode 100644 index 0000000..0a45ea3 --- /dev/null +++ b/libxc-sr-xg_sr_bitmap-populated_pfns.patch @@ -0,0 +1,197 @@ +From: Olaf Hering +Date: Fri, 5 Feb 2021 20:16:02 +0100 +Subject: libxc sr xg_sr_bitmap populated_pfns + +tools: use xg_sr_bitmap for populated_pfns + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.h | 20 ++++++- + tools/libs/guest/xg_sr_restore.c | 69 ------------------------ + tools/libs/guest/xg_sr_restore_x86_hvm.c | 9 ++++ + tools/libs/guest/xg_sr_restore_x86_pv.c | 7 +++ + 4 files changed, 34 insertions(+), 71 deletions(-) + +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -375,8 +375,7 @@ struct xc_sr_context + uint32_t xenstore_domid, console_domid; + + /* Bitmap of currently populated PFNs during restore. */ +- unsigned long *populated_pfns; +- xen_pfn_t max_populated_pfn; ++ struct sr_bitmap populated_pfns; + + /* Sender has invoked verify mode on the stream. */ + bool verify; +@@ -632,6 +631,23 @@ static inline bool page_type_has_stream_ + } + } + ++static inline bool pfn_is_populated(struct xc_sr_context *ctx, xen_pfn_t pfn) ++{ ++ return sr_test_bit(pfn, &ctx->restore.populated_pfns); ++} ++ ++static inline int pfn_set_populated(struct xc_sr_context *ctx, xen_pfn_t pfn) ++{ ++ xc_interface *xch = ctx->xch; ++ ++ if ( sr_set_bit(pfn, &ctx->restore.populated_pfns) == false ) ++ { ++ PERROR("Failed to realloc populated_pfns bitmap"); ++ errno = ENOMEM; ++ return -1; ++ } ++ return 0; ++} + #endif + /* + * Local variables: +--- a/tools/libs/guest/xg_sr_restore.c ++++ b/tools/libs/guest/xg_sr_restore.c +@@ -72,64 +72,6 @@ static int read_headers(struct xc_sr_con + } + + /* +- * Is a pfn populated? +- */ +-static bool pfn_is_populated(const struct xc_sr_context *ctx, xen_pfn_t pfn) +-{ +- if ( pfn > ctx->restore.max_populated_pfn ) +- return false; +- return test_bit(pfn, ctx->restore.populated_pfns); +-} +- +-/* +- * Set a pfn as populated, expanding the tracking structures if needed. To +- * avoid realloc()ing too excessively, the size increased to the nearest power +- * of two large enough to contain the required pfn. +- */ +-static int pfn_set_populated(struct xc_sr_context *ctx, xen_pfn_t pfn) +-{ +- xc_interface *xch = ctx->xch; +- +- if ( pfn > ctx->restore.max_populated_pfn ) +- { +- xen_pfn_t new_max; +- size_t old_sz, new_sz; +- unsigned long *p; +- +- /* Round up to the nearest power of two larger than pfn, less 1. */ +- new_max = pfn; +- new_max |= new_max >> 1; +- new_max |= new_max >> 2; +- new_max |= new_max >> 4; +- new_max |= new_max >> 8; +- new_max |= new_max >> 16; +-#ifdef __x86_64__ +- new_max |= new_max >> 32; +-#endif +- +- old_sz = bitmap_size(ctx->restore.max_populated_pfn + 1); +- new_sz = bitmap_size(new_max + 1); +- p = realloc(ctx->restore.populated_pfns, new_sz); +- if ( !p ) +- { +- ERROR("Failed to realloc populated bitmap"); +- errno = ENOMEM; +- return -1; +- } +- +- memset((uint8_t *)p + old_sz, 0x00, new_sz - old_sz); +- +- ctx->restore.populated_pfns = p; +- ctx->restore.max_populated_pfn = new_max; +- } +- +- assert(!test_bit(pfn, ctx->restore.populated_pfns)); +- set_bit(pfn, ctx->restore.populated_pfns); +- +- return 0; +-} +- +-/* + * Given a set of pfns, obtain memory from Xen to fill the physmap for the + * unpopulated subset. If types is NULL, no page type checking is performed + * and all unpopulated pfns are populated. +@@ -911,16 +853,6 @@ static int setup(struct xc_sr_context *c + if ( rc ) + goto err; + +- ctx->restore.max_populated_pfn = (32 * 1024 / 4) - 1; +- ctx->restore.populated_pfns = bitmap_alloc( +- ctx->restore.max_populated_pfn + 1); +- if ( !ctx->restore.populated_pfns ) +- { +- ERROR("Unable to allocate memory for populated_pfns bitmap"); +- rc = -1; +- goto err; +- } +- + ctx->restore.pfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.pfns)); + ctx->restore.types = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.types)); + ctx->restore.mfns = malloc(MAX_BATCH_SIZE * sizeof(*ctx->restore.mfns)); +@@ -969,7 +901,6 @@ static void cleanup(struct xc_sr_context + xch, dirty_bitmap, NRPAGES(bitmap_size(ctx->restore.p2m_size))); + + free(ctx->restore.buffered_records); +- free(ctx->restore.populated_pfns); + free(ctx->restore.pages); + free(ctx->restore.iov); + free(ctx->restore.guest_data); +--- a/tools/libs/guest/xg_sr_restore_x86_hvm.c ++++ b/tools/libs/guest/xg_sr_restore_x86_hvm.c +@@ -136,6 +136,7 @@ static int x86_hvm_localise_page(struct + static int x86_hvm_setup(struct xc_sr_context *ctx) + { + xc_interface *xch = ctx->xch; ++ unsigned long max_pfn, max_pages = ctx->dominfo.max_pages; + + if ( ctx->restore.guest_type != DHDR_TYPE_X86_HVM ) + { +@@ -161,6 +162,13 @@ static int x86_hvm_setup(struct xc_sr_co + } + #endif + ++ max_pfn = max(ctx->restore.p2m_size, max_pages); ++ if ( !sr_bitmap_expand(&ctx->restore.populated_pfns, max_pfn) ) ++ { ++ PERROR("Unable to allocate memory for populated_pfns bitmap"); ++ return -1; ++ } ++ + return 0; + } + +@@ -241,6 +249,7 @@ static int x86_hvm_stream_complete(struc + + static int x86_hvm_cleanup(struct xc_sr_context *ctx) + { ++ sr_bitmap_free(&ctx->restore.populated_pfns); + free(ctx->x86.hvm.restore.context.ptr); + + free(ctx->x86.restore.cpuid.ptr); +--- a/tools/libs/guest/xg_sr_restore_x86_pv.c ++++ b/tools/libs/guest/xg_sr_restore_x86_pv.c +@@ -1060,6 +1060,12 @@ static int x86_pv_setup(struct xc_sr_con + if ( rc ) + return rc; + ++ if ( !sr_bitmap_expand(&ctx->restore.populated_pfns, 32 * 1024 / 4) ) ++ { ++ PERROR("Unable to allocate memory for populated_pfns bitmap"); ++ return -1; ++ } ++ + ctx->x86.pv.restore.nr_vcpus = ctx->dominfo.max_vcpu_id + 1; + ctx->x86.pv.restore.vcpus = calloc(sizeof(struct xc_sr_x86_pv_restore_vcpu), + ctx->x86.pv.restore.nr_vcpus); +@@ -1153,6 +1159,7 @@ static int x86_pv_stream_complete(struct + */ + static int x86_pv_cleanup(struct xc_sr_context *ctx) + { ++ sr_bitmap_free(&ctx->restore.populated_pfns); + free(ctx->x86.pv.p2m); + free(ctx->x86.pv.p2m_pfns); + diff --git a/libxc-sr-xg_sr_bitmap.patch b/libxc-sr-xg_sr_bitmap.patch new file mode 100644 index 0000000..03d3413 --- /dev/null +++ b/libxc-sr-xg_sr_bitmap.patch @@ -0,0 +1,141 @@ +From: Olaf Hering +Date: Fri, 5 Feb 2021 19:50:03 +0100 +Subject: libxc sr xg_sr_bitmap + +tools: add API for expandable bitmaps + +Since the incoming migration stream lacks info about what the highest pfn +will be, some data structures can not be allocated upfront. + +Add an API for expandable bitmaps, loosely based on pfn_set_populated. + +Signed-off-by: Olaf Hering +--- + tools/libs/guest/xg_sr_common.c | 39 +++++++++++++++++++ + tools/libs/guest/xg_sr_common.h | 67 +++++++++++++++++++++++++++++++++ + 2 files changed, 106 insertions(+) + +--- a/tools/libs/guest/xg_sr_common.c ++++ b/tools/libs/guest/xg_sr_common.c +@@ -164,6 +164,45 @@ static void __attribute__((unused)) buil + } + + /* ++ * Expand the tracking structures as needed. ++ * To avoid realloc()ing too excessively, the size increased to the nearest ++ * power of two large enough to contain the required number of bits. ++ */ ++bool _sr_bitmap_expand(struct sr_bitmap *bm, unsigned long bits) ++{ ++ size_t new_max; ++ size_t old_sz, new_sz; ++ void *p; ++ ++ if (bits <= bm->bits) ++ return true; ++ ++ /* Round up to the nearest power of two larger than bit, less 1. */ ++ new_max = bits; ++ new_max |= new_max >> 1; ++ new_max |= new_max >> 2; ++ new_max |= new_max >> 4; ++ new_max |= new_max >> 8; ++ new_max |= new_max >> 16; ++ new_max |= sizeof(unsigned long) > 4 ? new_max >> 32 : 0; ++ ++ /* Allocate units of unsigned long */ ++ new_max = (new_max + BITS_PER_LONG - 1) & ~(BITS_PER_LONG - 1); ++ ++ old_sz = bitmap_size(bm->bits); ++ new_sz = bitmap_size(new_max); ++ p = realloc(bm->p, new_sz); ++ if (!p) ++ return false; ++ ++ memset(p + old_sz, 0, new_sz - old_sz); ++ bm->p = p; ++ bm->bits = new_max; ++ ++ return true; ++} ++ ++/* + * Local variables: + * mode: C + * c-file-style: "BSD" +--- a/tools/libs/guest/xg_sr_common.h ++++ b/tools/libs/guest/xg_sr_common.h +@@ -18,6 +18,73 @@ const char *rec_type_to_str(uint32_t typ + struct xc_sr_context; + struct xc_sr_record; + ++struct sr_bitmap ++{ ++ void *p; ++ unsigned long bits; ++}; ++ ++extern bool _sr_bitmap_expand(struct sr_bitmap *bm, unsigned long bits); ++ ++static inline bool sr_bitmap_expand(struct sr_bitmap *bm, unsigned long bits) ++{ ++ if (bits > bm->bits) ++ return _sr_bitmap_expand(bm, bits); ++ return true; ++} ++ ++static inline void sr_bitmap_free(struct sr_bitmap *bm) ++{ ++ free(bm->p); ++ bm->p = NULL; ++} ++ ++static inline bool sr_set_bit(unsigned long bit, struct sr_bitmap *bm) ++{ ++ if (sr_bitmap_expand(bm, bit + 1) == false) ++ return false; ++ ++ set_bit(bit, bm->p); ++ return true; ++} ++ ++static inline bool sr_test_bit(unsigned long bit, struct sr_bitmap *bm) ++{ ++ if (bit + 1 > bm->bits) ++ return false; ++ return !!test_bit(bit, bm->p); ++} ++ ++static inline void sr_clear_bit(unsigned long bit, struct sr_bitmap *bm) ++{ ++ if (bit + 1 <= bm->bits) ++ clear_bit(bit, bm->p); ++} ++ ++static inline bool sr_test_and_clear_bit(unsigned long bit, struct sr_bitmap *bm) ++{ ++ if (bit + 1 > bm->bits) ++ return false; ++ return !!test_and_clear_bit(bit, bm->p); ++} ++ ++/* No way to report potential allocation error, bitmap must be expanded prior usage */ ++static inline bool sr_test_and_set_bit(unsigned long bit, struct sr_bitmap *bm) ++{ ++ if (bit + 1 > bm->bits) ++ return false; ++ return !!test_and_set_bit(bit, bm->p); ++} ++ ++static inline bool sr_set_long_bit(unsigned long base_bit, struct sr_bitmap *bm) ++{ ++ if (sr_bitmap_expand(bm, base_bit + BITS_PER_LONG) == false) ++ return false; ++ ++ set_bit_long(base_bit, bm->p); ++ return true; ++} ++ + /** + * Save operations. To be implemented for each type of guest, for use by the + * common save algorithm. diff --git a/libxc-sr-xl-migration-debug.patch b/libxc-sr-xl-migration-debug.patch new file mode 100644 index 0000000..cf1ab57 --- /dev/null +++ b/libxc-sr-xl-migration-debug.patch @@ -0,0 +1,46 @@ +From: Olaf Hering +Date: Thu, 29 Oct 2020 17:00:19 +0100 +Subject: libxc sr xl migration debug + +xl: fix description of migrate --debug + +xl migrate --debug used to track every pfn in every batch of pages. +But these times are gone. The code in xc_domain_save is the consumer +of this knob, now may enable verification mode. + +Signed-off-by: Olaf Hering + +v03: +- adjust to describe what --debug would do when the code which + consumes this knob is fixed. +v02: +- the option has no effect anymore +--- + docs/man/xl.1.pod.in | 4 +++- + tools/xl/xl_cmdtable.c | 2 +- + 2 files changed, 4 insertions(+), 2 deletions(-) + +--- a/docs/man/xl.1.pod.in ++++ b/docs/man/xl.1.pod.in +@@ -486,7 +486,9 @@ domain. + + =item B<--debug> + +-Display huge (!) amount of debug information during the migration process. ++This enables verification mode, which will transfer the entire domU memory ++once more to the receiving host to make sure the content is identical on ++both sides. + + =item B<-p> + +--- a/tools/xl/xl_cmdtable.c ++++ b/tools/xl/xl_cmdtable.c +@@ -173,7 +173,7 @@ const struct cmd_spec cmd_table[] = { + " migrate-receive [-d -e]\n" + "-e Do not wait in the background (on ) for the death\n" + " of the domain.\n" +- "--debug Print huge (!) amount of debug during the migration process.\n" ++ "--debug Enable verification mode.\n" + "-p Do not unpause domain after migrating it.\n" + "-D Preserve the domain id" + }, diff --git a/libxl.LIBXL_HOTPLUG_TIMEOUT.patch b/libxl.LIBXL_HOTPLUG_TIMEOUT.patch new file mode 100644 index 0000000..fbd13f6 --- /dev/null +++ b/libxl.LIBXL_HOTPLUG_TIMEOUT.patch @@ -0,0 +1,306 @@ +References: bsc#1120095 + +A domU with a large amount of disks may run into the hardcoded +LIBXL_HOTPLUG_TIMEOUT limit, which is 40 seconds. This happens if the +preparation for each disk takes an unexpected large amount of time. Then +the sum of all configured disks and the individual preparation time will +be larger than 40 seconds. The hotplug script which does the preparation +takes a lock before doing the actual preparation. Since the hotplug +scripts for each disk are spawned at nearly the same time, each one has +to wait for the lock. Due to this contention, the total execution time +of a script can easily exceed the timeout. In this case libxl will +terminate the script because it has to assume an error condition. + +Example: +10 configured disks, each one takes 3 seconds within the critital +section. The total execution time will be 30 seconds, which is still +within the limit. With 5 additional configured disks, the total +execution time will be 45 seconds, which would trigger the timeout. + +To handle such setup without a recompile of libxl, a special key/value +has to be created in xenstore prior domain creation. This can be done +either manually, or at system startup. + +If this systemd service file is placed in /etc/systemd/system/, and +activated, it will create the required entry in xenstore: + +/etc/systemd/system # cat xen-LIBXL_HOTPLUG_TIMEOUT.service +[Unit] +Description=set global LIBXL_HOTPLUG_TIMEOUT +ConditionPathExists=/proc/xen/capabilities + +Requires=xenstored.service +After=xenstored.service +Requires=xen-init-dom0.service +After=xen-init-dom0.service +Before=xencommons.service + +[Service] +Type=oneshot +RemainAfterExit=true +ExecStartPre=/bin/grep -q control_d /proc/xen/capabilities +ExecStart=/usr/bin/xenstore-write /libxl/suse/per-device-LIBXL_HOTPLUG_TIMEOUT 5 + +[Install] +WantedBy=multi-user.target + +/etc/systemd/system # systemctl enable xen-LIBXL_HOTPLUG_TIMEOUT.service +/etc/systemd/system # systemctl start xen-LIBXL_HOTPLUG_TIMEOUT.service + +In this example the per-device value will be set to 5 seconds. + +The change for libxl which handles this xenstore value will enable +additional logging if the key is found. That extra logging will show how +the execution time of each script. +--- a/tools/libs/light/libxl_aoutils.c ++++ b/tools/libs/light/libxl_aoutils.c +@@ -529,6 +529,8 @@ static void async_exec_timeout(libxl__eg + { + libxl__async_exec_state *aes = CONTAINER_OF(ev, *aes, time); + STATE_AO_GC(aes->ao); ++ char b[64]; ++ libxl__suse_diff_timespec(&aes->start, b, sizeof(b)); + + if (!aes->rc) + aes->rc = rc; +@@ -536,7 +538,7 @@ static void async_exec_timeout(libxl__eg + libxl__ev_time_deregister(gc, &aes->time); + + assert(libxl__ev_child_inuse(&aes->child)); +- LOG(ERROR, "killing execution of %s because of timeout", aes->what); ++ LOG(ERROR, "killing execution of %s because of timeout%s", aes->what, b); + + if (kill(aes->child.pid, SIGKILL)) { + LOGEV(ERROR, errno, "unable to kill %s [%ld]", +@@ -552,6 +554,10 @@ static void async_exec_done(libxl__egc * + { + libxl__async_exec_state *aes = CONTAINER_OF(child, *aes, child); + STATE_AO_GC(aes->ao); ++ char b[64]; ++ libxl__suse_diff_timespec(&aes->start, b, sizeof(b)); ++ if (b[0]) ++ LOG(NOTICE, "finished execution of '%s'%s", aes->what, b); + + libxl__ev_time_deregister(gc, &aes->time); + +--- a/tools/libs/light/libxl_create.c ++++ b/tools/libs/light/libxl_create.c +@@ -1363,6 +1363,7 @@ static void initiate_domain_create(libxl + * build info around just to know if the domain has a device model or not. + */ + store_libxl_entry(gc, domid, &d_config->b_info); ++ libxl__suse_domain_set_hotplug_timeout(gc, domid, d_config->num_disks, d_config->num_nics); + + for (i = 0; i < d_config->num_disks; i++) { + ret = libxl__disk_devtype.set_default(gc, domid, &d_config->disks[i], +--- a/tools/libs/light/libxl_device.c ++++ b/tools/libs/light/libxl_device.c +@@ -1309,7 +1309,7 @@ static void device_hotplug(libxl__egc *e + } + + aes->ao = ao; +- aes->what = GCSPRINTF("%s %s", args[0], args[1]); ++ aes->what = GCSPRINTF("%s %s for %s", args[0], args[1], be_path); + aes->env = env; + aes->args = args; + aes->callback = device_hotplug_child_death_cb; +@@ -1318,6 +1318,15 @@ static void device_hotplug(libxl__egc *e + aes->stdfds[1] = 2; + aes->stdfds[2] = -1; + ++ switch (aodev->dev->backend_kind) { ++ case LIBXL__DEVICE_KIND_VBD: ++ case LIBXL__DEVICE_KIND_VIF: ++ if (aodev->num_exec == 0) ++ libxl__suse_domain_get_hotplug_timeout(gc, aodev->dev->domid, aodev->dev->backend_kind, &aes->start, &aes->timeout_ms, be_path); ++ default: ++ break; ++ } ++ + rc = libxl__async_exec_start(aes); + if (rc) + goto out; +--- a/tools/libs/light/libxl_event.c ++++ b/tools/libs/light/libxl_event.c +@@ -1032,27 +1032,29 @@ static void devstate_callback(libxl__egc + { + EGC_GC; + libxl__ev_devstate *ds = CONTAINER_OF(xsw, *ds, w); ++ char b[64]; ++ libxl__suse_diff_timespec(&ds->w.start, b, sizeof(b)); + + if (rc) { + if (rc == ERROR_TIMEDOUT) +- LOG(DEBUG, "backend %s wanted state %d "" timed out", ds->w.path, +- ds->wanted); ++ LOG(DEBUG, "backend %s wanted state %d "" timed out%s", ds->w.path, ++ ds->wanted, b); + goto out; + } + if (!sstate) { +- LOG(DEBUG, "backend %s wanted state %d"" but it was removed", +- ds->w.path, ds->wanted); ++ LOG(DEBUG, "backend %s wanted state %d"" but it was removed%s", ++ ds->w.path, ds->wanted, b); + rc = ERROR_INVAL; + goto out; + } + + int got = atoi(sstate); + if (got == ds->wanted) { +- LOG(DEBUG, "backend %s wanted state %d ok", ds->w.path, ds->wanted); ++ LOG(DEBUG, "backend %s wanted state %d ok%s", ds->w.path, ds->wanted, b); + rc = 0; + } else { +- LOG(DEBUG, "backend %s wanted state %d"" still waiting state %d", +- ds->w.path, ds->wanted, got); ++ LOG(DEBUG, "backend %s wanted state %d"" still waiting state %d%s", ++ ds->w.path, ds->wanted, got, b); + return; + } + +@@ -1078,6 +1080,8 @@ int libxl__ev_devstate_wait(libxl__ao *a + ds->w.path = state_path; + ds->w.timeout_ms = milliseconds; + ds->w.callback = devstate_callback; ++ rc = clock_gettime(CLOCK_MONOTONIC, &ds->w.start); ++ if (rc) goto out; + rc = libxl__xswait_start(gc, &ds->w); + if (rc) goto out; + +--- a/tools/libs/light/libxl_internal.c ++++ b/tools/libs/light/libxl_internal.c +@@ -18,6 +18,97 @@ + #include "libxl_internal.h" + #include "libxl_arch.h" + ++#define LIBXL_SUSE_PATH_TIMEOUT "/libxl/suse/per-device-LIBXL_HOTPLUG_TIMEOUT" ++#define LIBXL_SUSE_PATH_DISK_TIMEOUT "suse/disks-LIBXL_HOTPLUG_TIMEOUT" ++#define LIBXL_SUSE_PATH_NIC_TIMEOUT "suse/nics-LIBXL_HOTPLUG_TIMEOUT" ++ ++void libxl__suse_domain_set_hotplug_timeout(libxl__gc *gc, uint32_t domid, long d, long n) ++{ ++ char *path; ++ char *val, *p; ++ long v; ++ ++ val = libxl__xs_read(gc, XBT_NULL, LIBXL_SUSE_PATH_TIMEOUT); ++ if (!val) ++ return; ++ ++ v = strtol(val, NULL, 0); ++ if (v <= 0) ++ return; ++ ++ path = libxl__xs_libxl_path(gc, domid); ++ if (d > 0) { ++ p = GCSPRINTF("%s/" LIBXL_SUSE_PATH_DISK_TIMEOUT, path); ++ LOGD(NOTICE, domid, "Setting %s to %ld*%ld=%ld", p, d, v, d*v); ++ libxl__xs_printf(gc, XBT_NULL, p, "%ld", d*v); ++ } ++ if (n > 0) { ++ p = GCSPRINTF("%s/" LIBXL_SUSE_PATH_NIC_TIMEOUT, path); ++ LOGD(NOTICE, domid, "Setting %s to %ld*%ld=%ld", p, n, v, n*v); ++ libxl__xs_printf(gc, XBT_NULL, p, "%ld", n*v); ++ } ++} ++ ++void libxl__suse_domain_get_hotplug_timeout(libxl__gc *gc, uint32_t domid, libxl__device_kind kind, struct timespec *ts, int *timeout_ms, const char *be_path) ++{ ++ char *path; ++ char *val, *p; ++ long v = 0; ++ ++ path = libxl__xs_libxl_path(gc, domid); ++ if (!path) ++ return; ++ ++ switch (kind) { ++ case LIBXL__DEVICE_KIND_VBD: ++ p = GCSPRINTF("%s/" LIBXL_SUSE_PATH_DISK_TIMEOUT, path); ++ break; ++ case LIBXL__DEVICE_KIND_VIF: ++ p = GCSPRINTF("%s/" LIBXL_SUSE_PATH_NIC_TIMEOUT, path); ++ break; ++ default: ++ return; ++ } ++ errno = 0; ++ val = libxl__xs_read(gc, XBT_NULL, p); ++ if (val) ++ v = strtol(val, NULL, 0); ++ LOGED(DEBUG, domid, "Got from '%s' = %ld from %s for %s", val?:"", v, p, be_path); ++ if (!val || v <= 0) ++ return; ++ ++ if (v > (INT_MAX/1000)) ++ v = (INT_MAX/1000); ++ v *= 1000; ++ LOGD(NOTICE, domid, "Replacing timeout %d with %ld for %s", *timeout_ms, v, be_path); ++ *timeout_ms = v; ++ if (clock_gettime(CLOCK_MONOTONIC, ts) < 0) { ++ LOGED(ERROR, domid, "clock_gettime failed for %s", be_path); ++ ts->tv_sec = ts->tv_nsec = 0; ++ } ++ ++} ++ ++void libxl__suse_diff_timespec(const struct timespec *old, char *b, size_t s) ++{ ++ struct timespec new, diff; ++ ++ if (old->tv_sec == 0 && old->tv_nsec == 0) { ++ *b = '\0'; ++ return; ++ } ++ if (clock_gettime(CLOCK_MONOTONIC, &new)) ++ new = *old; ++ if ((new.tv_nsec - old->tv_nsec) < 0) { ++ diff.tv_sec = new.tv_sec - old->tv_sec - 1; ++ diff.tv_nsec = new.tv_nsec - old->tv_nsec + (1000*1000*1000); ++ } else { ++ diff.tv_sec = new.tv_sec - old->tv_sec; ++ diff.tv_nsec = new.tv_nsec - old->tv_nsec; ++ } ++ snprintf(b, s, " (%ld.%09lds)", (long)diff.tv_sec, diff.tv_nsec); ++} ++ + void libxl__alloc_failed(libxl_ctx *ctx, const char *func, + size_t nmemb, size_t size) { + #define M "libxl: FATAL ERROR: memory allocation failure" +--- a/tools/libs/light/libxl_internal.h ++++ b/tools/libs/light/libxl_internal.h +@@ -50,6 +50,7 @@ + #include + #include + #include ++#include + + #include + #include +@@ -1626,6 +1627,7 @@ struct libxl__xswait_state { + const char *what; /* for error msgs: noun phrase, what we're waiting for */ + const char *path; + int timeout_ms; /* as for poll(2) */ ++ struct timespec start; + libxl__xswait_callback *callback; + /* remaining fields are private to xswait */ + libxl__ev_time time_ev; +@@ -2703,6 +2705,7 @@ struct libxl__async_exec_state { + char **args; /* execution arguments */ + char **env; /* execution environment */ + ++ struct timespec start; + /* private */ + libxl__ev_time time; + libxl__ev_child child; +@@ -4899,6 +4902,9 @@ _hidden int userlookup_helper_getpwuid(l + + #endif + ++_hidden void libxl__suse_domain_set_hotplug_timeout(libxl__gc *gc, uint32_t domid, long d, long n); ++_hidden void libxl__suse_domain_get_hotplug_timeout(libxl__gc *gc, uint32_t domid, libxl__device_kind kind, struct timespec *ts, int *timeout_ms, const char *be_path); ++_hidden void libxl__suse_diff_timespec(const struct timespec *old, char *b, size_t s); + /* + * Local variables: + * mode: C diff --git a/libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch b/libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch index 2535774..0dd06e5 100644 --- a/libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch +++ b/libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch @@ -7,59 +7,191 @@ https://bugzilla.novell.com/show_bug.cgi?id=879425 tools/libxl/libxlu_disk_l.l | 1 + 5 files changed, 18 insertions(+), 1 deletion(-) -Index: xen-4.7.0-testing/tools/libxl/libxl.c +Index: xen-4.20.0-testing/docs/man/xl-disk-configuration.5.pod.in =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl.c -+++ xen-4.7.0-testing/tools/libxl/libxl.c -@@ -2575,6 +2575,8 @@ static void device_disk_add(libxl__egc * - flexarray_append_pair(back, "discard-enable", - libxl_defbool_val(disk->discard_enable) ? - "1" : "0"); -+ if ((disk->readwrite & ~LIBXL_HAVE_LIBXL_DEVICE_DISK_DISABLE_FLUSH_MASK) == LIBXL_HAVE_LIBXL_DEVICE_DISK_DISABLE_FLUSH_MAGIC) -+ flexarray_append_pair(back, "suse-diskcache-disable-flush", "1"); +--- xen-4.20.0-testing.orig/docs/man/xl-disk-configuration.5.pod.in ++++ xen-4.20.0-testing/docs/man/xl-disk-configuration.5.pod.in +@@ -339,6 +339,32 @@ No - flexarray_append(front, "backend-id"); - flexarray_append(front, GCSPRINTF("%d", disk->backend_domid)); -Index: xen-4.7.0-testing/tools/libxl/libxl.h + discard + ++=item B ++ ++=over 4 ++ ++=item Description ++ ++Request that the qemu block driver does not automatically flush written data to the backend storage. ++ ++=item Supported values ++ ++absent, present ++ ++=item Mandatory ++ ++No ++ ++=item Default value ++ ++absent ++ ++=back ++ ++This enables the '-disk cache=unsafe' mode inside qemu. ++In this mode writes to the underlying blockdevice are delayed. ++While using this option in production is dangerous, it improves performance during installation of a domU. ++ + =back + + An advisory setting for the backend driver, specifying whether to +Index: xen-4.20.0-testing/tools/include/libxl.h =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl.h -+++ xen-4.7.0-testing/tools/libxl/libxl.h -@@ -253,6 +253,18 @@ - #define LIBXL_HAVE_BUILD_ID 1 +--- xen-4.20.0-testing.orig/tools/include/libxl.h ++++ xen-4.20.0-testing/tools/include/libxl.h +@@ -603,6 +603,21 @@ + #define LIBXL_HAVE_P9_ADD 1 /* + * The libxl_device_disk has no way to indicate that cache=unsafe is + * supposed to be used. Provide this knob without breaking the ABI. + * This is done by overloading struct libxl_device_disk->readwrite: -+ * readwrite == 0: disk is readonly, no discard -+ * readwrite == 1: disk is readwrite, backend driver may enable discard ++ * readwrite == 0: disk is readonly, cache= does not matter ++ * readwrite == 1: disk is readwrite, backend driver may tweak cache= + * readwrite == MAGIC: disk is readwrite, backend driver should ignore + * flush requests from the frontend driver. ++ * Note: the macro with MAGIC is used by libvirt to decide if this patch is applied + */ +#define LIBXL_HAVE_LIBXL_DEVICE_DISK_DISABLE_FLUSH_MAGIC 0x00006000U +#define LIBXL_HAVE_LIBXL_DEVICE_DISK_DISABLE_FLUSH_MASK 0xffff0fffU ++#define LIBXL_SUSE_IS_CACHE_UNSAFE(rw) (((rw) & ~LIBXL_HAVE_LIBXL_DEVICE_DISK_DISABLE_FLUSH_MASK) == LIBXL_HAVE_LIBXL_DEVICE_DISK_DISABLE_FLUSH_MAGIC) ++#define LIBXL_SUSE_SET_CACHE_UNSAFE(rw) (((rw) & LIBXL_HAVE_LIBXL_DEVICE_DISK_DISABLE_FLUSH_MASK) | LIBXL_HAVE_LIBXL_DEVICE_DISK_DISABLE_FLUSH_MAGIC) + +/* * libxl ABI compatibility * * The only guarantee which libxl makes regarding ABI compatibility -Index: xen-4.7.0-testing/tools/libxl/libxlu_disk.c +Index: xen-4.20.0-testing/tools/libs/light/libxl_disk.c =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxlu_disk.c -+++ xen-4.7.0-testing/tools/libxl/libxlu_disk.c -@@ -79,6 +79,8 @@ int xlu_disk_parse(XLU_Config *cfg, +--- xen-4.20.0-testing.orig/tools/libs/light/libxl_disk.c ++++ xen-4.20.0-testing/tools/libs/light/libxl_disk.c +@@ -464,6 +464,8 @@ static void device_disk_add(libxl__egc * + flexarray_append_pair(back, "discard-enable", + libxl_defbool_val(disk->discard_enable) ? + "1" : "0"); ++ if (LIBXL_SUSE_IS_CACHE_UNSAFE(disk->readwrite)) ++ flexarray_append_pair(back, "suse-diskcache-disable-flush", "1"); + flexarray_append(back, "specification"); + flexarray_append(back, libxl__device_disk_string_of_specification(disk->specification)); + if (disk->specification == LIBXL_DISK_SPECIFICATION_VIRTIO) { +Index: xen-4.20.0-testing/tools/libs/light/libxl_dm.c +=================================================================== +--- xen-4.20.0-testing.orig/tools/libs/light/libxl_dm.c ++++ xen-4.20.0-testing/tools/libs/light/libxl_dm.c +@@ -1003,14 +1003,27 @@ enum { + LIBXL__COLO_SECONDARY, + }; + ++static const char *qemu_cache_mode(const libxl_device_disk *disk) ++{ ++ static const char cache_directsync[] = "directsync"; ++ static const char cache_writeback[] = "writeback"; ++ static const char cache_unsafe[] = "unsafe"; ++ ++ if (LIBXL_SUSE_IS_CACHE_UNSAFE(disk->readwrite)) ++ return cache_unsafe; ++ if (disk->direct_io_safe) ++ return cache_directsync; ++ return cache_writeback; ++} ++ + static char *qemu_disk_scsi_drive_string(libxl__gc *gc, const char *target_path, + int unit, const char *format, + const libxl_device_disk *disk, + int colo_mode, const char **id_ptr) + { + char *drive = NULL; +- char *common = GCSPRINTF("if=none,readonly=%s,cache=writeback", +- disk->readwrite ? "off" : "on"); ++ char *common = GCSPRINTF("if=none,readonly=%s,cache=%s", ++ disk->readwrite ? "off" : "on", qemu_cache_mode(disk)); + const char *exportname = disk->colo_export; + const char *active_disk = disk->active_disk; + const char *hidden_disk = disk->hidden_disk; +@@ -1069,8 +1082,8 @@ static char *qemu_disk_ide_drive_string( + switch (colo_mode) { + case LIBXL__COLO_NONE: + drive = GCSPRINTF +- ("file=%s,if=ide,index=%d,media=disk,format=%s,cache=writeback", +- target_path, unit, format); ++ ("file=%s,if=ide,index=%d,media=disk,format=%s,cache=%s", ++ target_path, unit, format, qemu_cache_mode(disk)); + break; + case LIBXL__COLO_PRIMARY: + /* +@@ -1083,13 +1096,14 @@ static char *qemu_disk_ide_drive_string( + * vote-threshold=1 + */ + drive = GCSPRINTF( +- "if=ide,index=%d,media=disk,cache=writeback,driver=quorum," ++ "if=ide,index=%d,media=disk,cache=%s,driver=quorum," + "id=%s," + "children.0.file.filename=%s," + "children.0.driver=%s," + "read-pattern=fifo," + "vote-threshold=1", +- unit, exportname, target_path, format); ++ unit, qemu_cache_mode(disk), ++ exportname, target_path, format); + break; + case LIBXL__COLO_SECONDARY: + /* +@@ -1103,7 +1117,7 @@ static char *qemu_disk_ide_drive_string( + * file.backing.backing=exportname, + */ + drive = GCSPRINTF( +- "if=ide,index=%d,id=top-colo,media=disk,cache=writeback," ++ "if=ide,index=%d,id=top-colo,media=disk,cache=%s," + "driver=replication," + "mode=secondary," + "top-id=top-colo," +@@ -1112,7 +1126,8 @@ static char *qemu_disk_ide_drive_string( + "file.backing.driver=qcow2," + "file.backing.file.filename=%s," + "file.backing.backing=%s", +- unit, active_disk, hidden_disk, exportname); ++ unit, qemu_cache_mode(disk), ++ active_disk, hidden_disk, exportname); + break; + default: + abort(); +@@ -1985,8 +2000,8 @@ static int libxl__build_device_model_arg + return ERROR_INVAL; + } + flexarray_vappend(dm_args, "-drive", +- GCSPRINTF("file=%s,if=none,id=ahcidisk-%d,format=%s,cache=writeback", +- target_path, disk, format), ++ GCSPRINTF("file=%s,if=none,id=ahcidisk-%d,format=%s,cache=%s", ++ target_path, disk, format, qemu_cache_mode(&disks[i])), + "-device", GCSPRINTF("ide-hd,bus=ahci0.%d,unit=0,drive=ahcidisk-%d", + disk, disk), NULL); + continue; +Index: xen-4.20.0-testing/tools/libs/util/libxlu_disk.c +=================================================================== +--- xen-4.20.0-testing.orig/tools/libs/util/libxlu_disk.c ++++ xen-4.20.0-testing/tools/libs/util/libxlu_disk.c +@@ -78,6 +78,8 @@ int xlu_disk_parse(XLU_Config *cfg, if (!disk->pdev_path || !strcmp(disk->pdev_path, "")) disk->format = LIBXL_DISK_FORMAT_EMPTY; } + if (disk->readwrite && dpc.suse_diskcache_disable_flush) -+ disk->readwrite = (disk->readwrite & LIBXL_HAVE_LIBXL_DEVICE_DISK_DISABLE_FLUSH_MASK) | LIBXL_HAVE_LIBXL_DEVICE_DISK_DISABLE_FLUSH_MAGIC; ++ disk->readwrite = LIBXL_SUSE_SET_CACHE_UNSAFE(disk->readwrite); if (!disk->vdev) { xlu__disk_err(&dpc,0, "no vdev specified"); -Index: xen-4.7.0-testing/tools/libxl/libxlu_disk_i.h +Index: xen-4.20.0-testing/tools/libs/util/libxlu_disk_i.h =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxlu_disk_i.h -+++ xen-4.7.0-testing/tools/libxl/libxlu_disk_i.h +--- xen-4.20.0-testing.orig/tools/libs/util/libxlu_disk_i.h ++++ xen-4.20.0-testing/tools/libs/util/libxlu_disk_i.h @@ -10,7 +10,7 @@ typedef struct { void *scanner; YY_BUFFER_STATE buf; @@ -69,15 +201,15 @@ Index: xen-4.7.0-testing/tools/libxl/libxlu_disk_i.h const char *spec; } DiskParseContext; -Index: xen-4.7.0-testing/tools/libxl/libxlu_disk_l.l +Index: xen-4.20.0-testing/tools/libs/util/libxlu_disk_l.l =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxlu_disk_l.l -+++ xen-4.7.0-testing/tools/libxl/libxlu_disk_l.l -@@ -195,6 +195,7 @@ colo-port=[^,]*,? { STRIP(','); setcolop +--- xen-4.20.0-testing.orig/tools/libs/util/libxlu_disk_l.l ++++ xen-4.20.0-testing/tools/libs/util/libxlu_disk_l.l +@@ -216,6 +216,7 @@ colo-port=[^,]*,? { STRIP(','); setcolop colo-export=[^,]*,? { STRIP(','); SAVESTRING("colo-export", colo_export, FROMEQUALS); } active-disk=[^,]*,? { STRIP(','); SAVESTRING("active-disk", active_disk, FROMEQUALS); } hidden-disk=[^,]*,? { STRIP(','); SAVESTRING("hidden-disk", hidden_disk, FROMEQUALS); } +suse-diskcache-disable-flush,? { DPC->suse_diskcache_disable_flush = 1; } - /* the target magic parameter, eats the rest of the string */ - + trusted,? { libxl_defbool_set(&DPC->disk->trusted, true); } + untrusted,? { libxl_defbool_set(&DPC->disk->trusted, false); } diff --git a/libxl.helper_done-crash.patch b/libxl.helper_done-crash.patch new file mode 100644 index 0000000..3d4fff1 --- /dev/null +++ b/libxl.helper_done-crash.patch @@ -0,0 +1,51 @@ +From fb0f946726ff8aaa15b76bc3ec3b18878851a447 Mon Sep 17 00:00:00 2001 +From: Olaf Hering +Date: Fri, 27 Sep 2019 18:06:12 +0200 +Subject: libxl: fix crash in helper_done due to uninitialized data + +A crash in helper_done, called from libxl_domain_suspend, was reported, +triggered by 'virsh migrate --live xen+ssh://host': + + #1 helper_done (...) at libxl_save_callout.c:371 + helper_failed + helper_stop + libxl__save_helper_abort + #2 check_all_finished (..., rc=-3) at libxl_stream_write.c:671 + stream_done + stream_complete + write_done + dc->callback == write_done + efd->func == datacopier_writable + #3 afterpoll_internal (...) at libxl_event.c:1269 + +This is triggered by a failed poll, the actual error was: + +libxl_aoutils.c:328:datacopier_writable: unexpected poll event 0x1c on fd 37 (should be POLLOUT) writing libxc header during copy of save v2 stream + +In this case revents in datacopier_writable is POLLHUP|POLLERR|POLLOUT, +which triggers datacopier_callback. In helper_done, +shs->completion_callback is still zero. libxl__xc_domain_save fills +dss.sws.shs. But that function is only called after stream_header_done. +Any error before that will leave dss partly uninitialized. + +Fix this crash by checking if ->completion_callback is valid. + +Signed-off-by: Olaf Hering +--- + tools/libxl/libxl_save_callout.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +--- a/tools/libs/light/libxl_save_callout.c ++++ b/tools/libs/light/libxl_save_callout.c +@@ -364,8 +364,9 @@ static void helper_done(libxl__egc *egc, + assert(!libxl__save_helper_inuse(shs)); + + shs->egc = egc; +- shs->completion_callback(egc, shs->caller_state, +- shs->rc, shs->retval, shs->errnoval); ++ if (shs->completion_callback) ++ shs->completion_callback(egc, shs->caller_state, ++ shs->rc, shs->retval, shs->errnoval); + shs->egc = 0; + } + diff --git a/libxl.max_event_channels.patch b/libxl.max_event_channels.patch new file mode 100644 index 0000000..135911b --- /dev/null +++ b/libxl.max_event_channels.patch @@ -0,0 +1,23 @@ +References: bsc#1167608 +unbound limits for max_event_channels +1023 is too low for a three digit value of vcpus +it is difficult to make the value depend on the number of vcpus +adding devices at runtime also needs event channels + +But, having an unbound value (of 128k) may have a negative effect on XSA-344. + +Therefore, just let the built-in default depend on the number of vcpus. + +Index: xen-4.17.0-testing/tools/libs/light/libxl_create.c +=================================================================== +--- xen-4.17.0-testing.orig/tools/libs/light/libxl_create.c ++++ xen-4.17.0-testing/tools/libs/light/libxl_create.c +@@ -263,7 +263,7 @@ int libxl__domain_build_info_setdefault( + b_info->iomem[i].gfn = b_info->iomem[i].start; + + if (!b_info->event_channels) +- b_info->event_channels = 1023; ++ b_info->event_channels = max(1023, 8 * b_info->max_vcpus + 511); + + rc = libxl_get_physinfo(CTX, &info); + if (rc) { diff --git a/libxl.pvscsi.patch b/libxl.pvscsi.patch deleted file mode 100644 index bfbad39..0000000 --- a/libxl.pvscsi.patch +++ /dev/null @@ -1,2626 +0,0 @@ -Subject: [PATCH v12 1/2] libxl: add support for vscsi -Date: Wed, 13 Apr 2016 08:56:59 +0000 -Message-Id: <1460537820-15398-2-git-send-email-olaf@aepfle.de> -fate#316613 , https://fate.suse.com/316613 - -Port pvscsi support from xend to libxl: - - vscsi=['pdev,vdev{,options}'] - xl scsi-attach - xl scsi-detach - xl scsi-list - -Signed-off-by: Olaf Hering -Cc: Ian Jackson -Cc: Stefano Stabellini -Cc: Ian Campbell -Cc: Wei Liu ---- - docs/man/xl.cfg.pod.5 | 56 + - docs/man/xl.pod.1 | 18 - tools/libxl/Makefile | 2 - tools/libxl/libxl.c | 9 - tools/libxl/libxl.h | 42 + - tools/libxl/libxl_create.c | 41 + - tools/libxl/libxl_device.c | 2 - tools/libxl/libxl_internal.h | 8 - tools/libxl/libxl_types.idl | 53 + - tools/libxl/libxl_types_internal.idl | 1 - tools/libxl/libxl_vscsi.c | 1169 +++++++++++++++++++++++++++++++++++ - tools/libxl/libxlu_vscsi.c | 667 +++++++++++++++++++ - tools/libxl/libxlutil.h | 19 - tools/libxl/xl.h | 3 - tools/libxl/xl_cmdimpl.c | 225 ++++++ - tools/libxl/xl_cmdtable.c | 15 - 16 files changed, 2326 insertions(+), 4 deletions(-) - -Index: xen-4.7.0-testing/docs/man/xl.cfg.pod.5 -=================================================================== ---- xen-4.7.0-testing.orig/docs/man/xl.cfg.pod.5 -+++ xen-4.7.0-testing/docs/man/xl.cfg.pod.5 -@@ -517,6 +517,62 @@ value is optional if this is a guest dom - - =back - -+=item B -+ -+Specifies the PVSCSI devices to be provided to the guest. PVSCSI passes -+SCSI devices from the backend domain to the guest. -+ -+Each VSCSI_SPEC_STRING consists of "pdev,vdev[,options]". -+'pdev' describes the physical device, preferable in a persistent format -+such as /dev/disk/by-*/*. -+'vdev' is the domU device in vHOST:CHANNEL:TARGET:LUN notation, all integers. -+'options' lists additional flags which a backend may recognize. -+ -+The supported values for "pdev" and "options" depends on the backend driver used: -+ -+=over 4 -+ -+=item B -+ -+=over 4 -+ -+=item C -+ -+The backend driver in the pvops kernel is part of the Linux-IO Target framework -+(LIO). As such the SCSI devices have to be configured first with the tools -+provided by this framework, such as a xen-scsiback aware targetcli. The "pdev" -+in domU.cfg has to refer to a config item in that framework instead of the raw -+device. Usually this is a WWN in the form of "naa.WWN:LUN". -+ -+=item C -+ -+No options recognized. -+ -+=back -+ -+=item B -+ -+=over 4 -+ -+=item C -+ -+The dom0 device in either /dev/scsidev or pHOST:CHANNEL:TARGET:LUN notation. -+ -+It's recommended to use persistent names "/dev/disk/by-*/*" to refer to a "pdev". -+The toolstack will translate this internally to "h:c:t:l" notation, which is how -+the backend driver will access the device. Using the "h:c:t:l" notation for -+"pdev" in domU.cfg is discouraged because this value will change across reboots, -+depending on the detection order in the OS. -+ -+=item C -+ -+Currently only the option value "feature-host" is recognized. SCSI command -+emulation in backend driver is bypassed when "feature-host" is specified. -+ -+=back -+ -+=back -+ - =item B - - Specifies the paravirtual framebuffer devices which should be supplied -Index: xen-4.7.0-testing/docs/man/xl.pod.1 -=================================================================== ---- xen-4.7.0-testing.orig/docs/man/xl.pod.1 -+++ xen-4.7.0-testing/docs/man/xl.pod.1 -@@ -1423,6 +1423,24 @@ List virtual trusted platform modules fo - - =back - -+=head2 PVSCSI DEVICES -+ -+=over 4 -+ -+=item B I I I,I<[feature-host]> -+ -+Creates a new vscsi device in the domain specified by I. -+ -+=item B I I -+ -+Removes the vscsi device from domain specified by I. -+ -+=item B I I<[domain-id] ...> -+ -+List vscsi devices for the domain specified by I. -+ -+=back -+ - =head1 PCI PASS-THROUGH - - =over 4 -Index: xen-4.7.0-testing/tools/libxl/Makefile -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/Makefile -+++ xen-4.7.0-testing/tools/libxl/Makefile -@@ -108,6 +108,7 @@ endif - LIBXL_LIBS += -lyajl - - LIBXL_OBJS = flexarray.o libxl.o libxl_create.o libxl_dm.o libxl_pci.o \ -+ libxl_vscsi.o \ - libxl_dom.o libxl_exec.o libxl_xshelp.o libxl_device.o \ - libxl_internal.o libxl_utils.o libxl_uuid.o \ - libxl_json.o libxl_aoutils.o libxl_numa.o libxl_vnuma.o \ -@@ -151,6 +152,7 @@ AUTOINCS= libxlu_cfg_y.h libxlu_cfg_l.h - AUTOSRCS= libxlu_cfg_y.c libxlu_cfg_l.c - AUTOSRCS += _libxl_save_msgs_callout.c _libxl_save_msgs_helper.c - LIBXLU_OBJS = libxlu_cfg_y.o libxlu_cfg_l.o libxlu_cfg.o \ -+ libxlu_vscsi.o \ - libxlu_disk_l.o libxlu_disk.o libxlu_vif.o libxlu_pci.o - $(LIBXLU_OBJS): CFLAGS += $(CFLAGS_libxenctrl) # For xentoollog.h - -Index: xen-4.7.0-testing/tools/libxl/libxl.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl.c -+++ xen-4.7.0-testing/tools/libxl/libxl.c -@@ -4387,6 +4387,7 @@ DEFINE_DEVICE_REMOVE_CUSTOM(usbctrl, des - /* The following functions are defined: - * libxl_device_disk_add - * libxl_device_nic_add -+ * libxl_device_vscsictrl_add - * libxl_device_vtpm_add - * libxl_device_usbctrl_add - * libxl_device_usbdev_add -@@ -4418,6 +4419,9 @@ DEFINE_DEVICE_ADD(disk) - /* nic */ - DEFINE_DEVICE_ADD(nic) - -+/* vscsi */ -+DEFINE_DEVICE_ADD(vscsictrl) -+ - /* vtpm */ - DEFINE_DEVICE_ADD(vtpm) - -@@ -7370,6 +7374,11 @@ int libxl_retrieve_domain_configuration( - - MERGE(nic, nics, COMPARE_DEVID, {}); - -+ MERGE(vscsictrl, vscsictrls, COMPARE_DEVID, { -+ libxl_device_vscsictrl_dispose(dst); -+ libxl_device_vscsictrl_copy(CTX, dst, src); -+ }); -+ - MERGE(vtpm, vtpms, COMPARE_DEVID, {}); - - MERGE(pci, pcidevs, COMPARE_PCI, {}); -Index: xen-4.7.0-testing/tools/libxl/libxl.h -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl.h -+++ xen-4.7.0-testing/tools/libxl/libxl.h -@@ -880,6 +880,13 @@ void libxl_mac_copy(libxl_ctx *ctx, libx - #define LIBXL_HAVE_PCITOPOLOGY 1 - - /* -+ * LIBXL_HAVE_VSCSI -+ * -+ * If this is defined, the PV SCSI feature is supported. -+ */ -+#define LIBXL_HAVE_VSCSI 1 -+ -+/* - * LIBXL_HAVE_SOCKET_BITMAP - * - * If this is defined, then libxl_socket_bitmap_alloc and -@@ -1710,6 +1717,41 @@ int libxl_device_channel_getinfo(libxl_c - libxl_device_channel *channel, - libxl_channelinfo *channelinfo); - -+/* Virtual SCSI */ -+int libxl_device_vscsictrl_add(libxl_ctx *ctx, uint32_t domid, -+ libxl_device_vscsictrl *vscsi, -+ const libxl_asyncop_how *ao_how) -+ LIBXL_EXTERNAL_CALLERS_ONLY; -+int libxl_device_vscsictrl_remove(libxl_ctx *ctx, uint32_t domid, -+ libxl_device_vscsictrl *vscsi, -+ const libxl_asyncop_how *ao_how) -+ LIBXL_EXTERNAL_CALLERS_ONLY; -+int libxl_device_vscsictrl_destroy(libxl_ctx *ctx, uint32_t domid, -+ libxl_device_vscsictrl *vscsi, -+ const libxl_asyncop_how *ao_how) -+ LIBXL_EXTERNAL_CALLERS_ONLY; -+ -+libxl_device_vscsictrl *libxl_device_vscsictrl_list(libxl_ctx *ctx, uint32_t domid, int *num); -+int libxl_device_vscsictrl_getinfo(libxl_ctx *ctx, uint32_t domid, -+ libxl_device_vscsictrl *vscsictrl, -+ libxl_device_vscsidev *vscsidev, -+ libxl_vscsiinfo *vscsiinfo); -+int libxl_device_vscsidev_add(libxl_ctx *ctx, uint32_t domid, -+ libxl_device_vscsidev *dev, -+ const libxl_asyncop_how *ao_how) -+ LIBXL_EXTERNAL_CALLERS_ONLY; -+/* Remove vscsidev connected to vscsictrl */ -+int libxl_device_vscsidev_remove(libxl_ctx *ctx, uint32_t domid, -+ libxl_device_vscsidev *dev, -+ const libxl_asyncop_how *ao_how) -+ LIBXL_EXTERNAL_CALLERS_ONLY; -+void libxl_device_vscsictrl_append_vscsidev(libxl_ctx *ctx, -+ libxl_device_vscsictrl *ctrl, -+ libxl_device_vscsidev *dev); -+void libxl_device_vscsictrl_remove_vscsidev(libxl_ctx *ctx, -+ libxl_device_vscsictrl *ctrl, -+ unsigned int idx); -+ - /* Virtual TPMs */ - int libxl_device_vtpm_add(libxl_ctx *ctx, uint32_t domid, libxl_device_vtpm *vtpm, - const libxl_asyncop_how *ao_how) -Index: xen-4.7.0-testing/tools/libxl/libxl_create.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_create.c -+++ xen-4.7.0-testing/tools/libxl/libxl_create.c -@@ -742,6 +742,8 @@ static void domcreate_bootloader_done(li - static void domcreate_launch_dm(libxl__egc *egc, libxl__multidev *aodevs, - int ret); - -+static void domcreate_attach_vscsictrls(libxl__egc *egc, libxl__multidev *multidev, -+ int ret); - static void domcreate_attach_vtpms(libxl__egc *egc, libxl__multidev *multidev, - int ret); - static void domcreate_attach_usbctrls(libxl__egc *egc, -@@ -1434,13 +1436,13 @@ static void domcreate_devmodel_started(l - if (d_config->num_nics > 0) { - /* Attach nics */ - libxl__multidev_begin(ao, &dcs->multidev); -- dcs->multidev.callback = domcreate_attach_vtpms; -+ dcs->multidev.callback = domcreate_attach_vscsictrls; - libxl__add_nics(egc, ao, domid, d_config, &dcs->multidev); - libxl__multidev_prepared(egc, &dcs->multidev, 0); - return; - } - -- domcreate_attach_vtpms(egc, &dcs->multidev, 0); -+ domcreate_attach_vscsictrls(egc, &dcs->multidev, 0); - return; - - error_out: -@@ -1448,7 +1450,7 @@ error_out: - domcreate_complete(egc, dcs, ret); - } - --static void domcreate_attach_vtpms(libxl__egc *egc, -+static void domcreate_attach_vscsictrls(libxl__egc *egc, - libxl__multidev *multidev, - int ret) - { -@@ -1463,6 +1465,39 @@ static void domcreate_attach_vtpms(libxl - goto error_out; - } - -+ /* Plug vscsi devices */ -+ if (d_config->num_vscsictrls > 0) { -+ /* Attach vscsictrls */ -+ libxl__multidev_begin(ao, &dcs->multidev); -+ dcs->multidev.callback = domcreate_attach_vtpms; -+ libxl__add_vscsictrls(egc, ao, domid, d_config, &dcs->multidev); -+ libxl__multidev_prepared(egc, &dcs->multidev, 0); -+ return; -+ } -+ -+ domcreate_attach_vtpms(egc, multidev, 0); -+ return; -+ -+error_out: -+ assert(ret); -+ domcreate_complete(egc, dcs, ret); -+} -+ -+static void domcreate_attach_vtpms(libxl__egc *egc, -+ libxl__multidev *multidev, -+ int ret) -+{ -+ libxl__domain_create_state *dcs = CONTAINER_OF(multidev, *dcs, multidev); -+ STATE_AO_GC(dcs->ao); -+ int domid = dcs->guest_domid; -+ -+ libxl_domain_config* const d_config = dcs->guest_config; -+ -+ if(ret) { -+ LOG(ERROR, "unable to add vscsi devices"); -+ goto error_out; -+ } -+ - /* Plug vtpm devices */ - if (d_config->num_vtpms > 0) { - /* Attach vtpms */ -Index: xen-4.7.0-testing/tools/libxl/libxl_device.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_device.c -+++ xen-4.7.0-testing/tools/libxl/libxl_device.c -@@ -684,6 +684,7 @@ void libxl__multidev_prepared(libxl__egc - * The following functions are defined: - * libxl__add_disks - * libxl__add_nics -+ * libxl__add_vscsictrls - * libxl__add_vtpms - * libxl__add_usbctrls - * libxl__add_usbs -@@ -705,6 +706,7 @@ void libxl__multidev_prepared(libxl__egc - - DEFINE_DEVICES_ADD(disk) - DEFINE_DEVICES_ADD(nic) -+DEFINE_DEVICES_ADD(vscsictrl) - DEFINE_DEVICES_ADD(vtpm) - DEFINE_DEVICES_ADD(usbctrl) - DEFINE_DEVICES_ADD(usbdev) -Index: xen-4.7.0-testing/tools/libxl/libxl_internal.h -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_internal.h -+++ xen-4.7.0-testing/tools/libxl/libxl_internal.h -@@ -2630,6 +2630,10 @@ _hidden void libxl__device_nic_add(libxl - libxl_device_nic *nic, - libxl__ao_device *aodev); - -+_hidden void libxl__device_vscsictrl_add(libxl__egc *egc, uint32_t domid, -+ libxl_device_vscsictrl *vscsictrl, -+ libxl__ao_device *aodev); -+ - _hidden void libxl__device_vtpm_add(libxl__egc *egc, uint32_t domid, - libxl_device_vtpm *vtpm, - libxl__ao_device *aodev); -@@ -3488,6 +3492,10 @@ _hidden void libxl__add_nics(libxl__egc - libxl_domain_config *d_config, - libxl__multidev *multidev); - -+_hidden void libxl__add_vscsictrls(libxl__egc *egc, libxl__ao *ao, uint32_t domid, -+ libxl_domain_config *d_config, -+ libxl__multidev *multidev); -+ - _hidden void libxl__add_vtpms(libxl__egc *egc, libxl__ao *ao, uint32_t domid, - libxl_domain_config *d_config, - libxl__multidev *multidev); -Index: xen-4.7.0-testing/tools/libxl/libxl_types.idl -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_types.idl -+++ xen-4.7.0-testing/tools/libxl/libxl_types.idl -@@ -698,6 +698,43 @@ libxl_device_channel = Struct("device_ch - ])), - ]) - -+libxl_vscsi_pdev_type = Enumeration("vscsi_pdev_type", [ -+ (0, "INVALID"), -+ (1, "HCTL"), -+ (2, "WWN"), -+ ]) -+ -+libxl_vscsi_hctl = Struct("vscsi_hctl", [ -+ ("hst", uint32), -+ ("chn", uint32), -+ ("tgt", uint32), -+ ("lun", uint64), -+ ]) -+ -+libxl_vscsi_pdev = Struct("vscsi_pdev", [ -+ ("p_devname", string), -+ ("u", KeyedUnion(None, libxl_vscsi_pdev_type, "type", -+ [ -+ ("invalid", None), -+ ("hctl", Struct(None, [("m", libxl_vscsi_hctl)])), -+ ("wwn", Struct(None, [("m", string)])), -+ ])), -+ ]) -+ -+libxl_device_vscsidev = Struct("device_vscsidev", [ -+ ("vscsidev_id", libxl_devid), -+ ("pdev", libxl_vscsi_pdev), -+ ("vdev", libxl_vscsi_hctl), -+ ]) -+ -+libxl_device_vscsictrl = Struct("device_vscsictrl", [ -+ ("backend_domid", libxl_domid), -+ ("devid", libxl_devid), -+ ("idx", libxl_devid), -+ ("vscsidevs", Array(libxl_device_vscsidev, "num_vscsidevs")), -+ ("scsi_raw_cmds", libxl_defbool), -+ ]) -+ - libxl_domain_config = Struct("domain_config", [ - ("c_info", libxl_domain_create_info), - ("b_info", libxl_domain_build_info), -@@ -709,6 +746,7 @@ libxl_domain_config = Struct("domain_con - ("dtdevs", Array(libxl_device_dtdev, "num_dtdevs")), - ("vfbs", Array(libxl_device_vfb, "num_vfbs")), - ("vkbs", Array(libxl_device_vkb, "num_vkbs")), -+ ("vscsictrls", Array(libxl_device_vscsictrl, "num_vscsictrls")), - ("vtpms", Array(libxl_device_vtpm, "num_vtpms")), - # a channel manifests as a console with a name, - # see docs/misc/channels.txt -@@ -746,6 +784,21 @@ libxl_nicinfo = Struct("nicinfo", [ - ("rref_rx", integer), - ], dir=DIR_OUT) - -+libxl_vscsiinfo = Struct("vscsiinfo", [ -+ ("backend", string), -+ ("backend_id", uint32), -+ ("frontend", string), -+ ("frontend_id", uint32), -+ ("devid", libxl_devid), -+ ("pdev", libxl_vscsi_pdev), -+ ("vdev", libxl_vscsi_hctl), -+ ("idx", libxl_devid), -+ ("vscsidev_id", libxl_devid), -+ ("scsi_raw_cmds", bool), -+ ("vscsictrl_state", integer), -+ ("vscsidev_state", integer), -+ ], dir=DIR_OUT) -+ - libxl_vtpminfo = Struct("vtpminfo", [ - ("backend", string), - ("backend_id", uint32), -Index: xen-4.7.0-testing/tools/libxl/libxl_types_internal.idl -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_types_internal.idl -+++ xen-4.7.0-testing/tools/libxl/libxl_types_internal.idl -@@ -24,6 +24,7 @@ libxl__device_kind = Enumeration("device - (8, "VTPM"), - (9, "VUSB"), - (10, "QUSB"), -+ (11, "VSCSI"), - ]) - - libxl__console_backend = Enumeration("console_backend", [ -Index: xen-4.7.0-testing/tools/libxl/libxl_vscsi.c -=================================================================== ---- /dev/null -+++ xen-4.7.0-testing/tools/libxl/libxl_vscsi.c -@@ -0,0 +1,1169 @@ -+/* -+ * Copyright (C) 2016 SUSE Linux GmbH -+ * Author Olaf Hering -+ * -+ * This program is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU Lesser General Public License as published -+ * by the Free Software Foundation; version 2.1 only. with the special -+ * exception on linking described in file LICENSE. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU Lesser General Public License for more details. -+ */ -+#include "libxl_osdeps.h" /* must come before any other headers */ -+#include "libxl_internal.h" -+ -+typedef struct vscsidev_rm { -+ libxl_device_vscsictrl *ctrl; -+ char *be_path; -+ int dev_wait; -+ libxl__device dev; -+} vscsidev_rm_t; -+ -+typedef void (*vscsictrl_add)(libxl__egc *egc, -+ libxl__ao_device *aodev, -+ libxl_device_vscsictrl *vscsictrl, -+ libxl_domain_config *d_config); -+ -+#define LIBXL_CTRL_INDEX "libxl_ctrl_index" -+ -+#define XLU_WWN_LEN 16 -+ -+static int vscsi_parse_hctl(char *str, libxl_vscsi_hctl *hctl) -+{ -+ unsigned int hst, chn, tgt; -+ unsigned long long lun; -+ -+ if (sscanf(str, "%u:%u:%u:%llu", &hst, &chn, &tgt, &lun) != 4) -+ return ERROR_INVAL; -+ -+ hctl->hst = hst; -+ hctl->chn = chn; -+ hctl->tgt = tgt; -+ hctl->lun = lun; -+ return 0; -+} -+ -+/* Translate p-dev back into pdev.type */ -+static bool vscsi_parse_pdev(libxl__gc *gc, libxl_device_vscsidev *dev, -+ char *c, char *p, char *v) -+{ -+ libxl_vscsi_hctl hctl; -+ unsigned long long lun; -+ char wwn[XLU_WWN_LEN + 1]; -+ bool parsed_ok = false; -+ -+ libxl_vscsi_hctl_init(&hctl); -+ -+ dev->pdev.p_devname = libxl__strdup(NOGC, c); -+ -+ if (strncmp(p, "naa.", 4) == 0) { -+ /* WWN as understood by pvops */ -+ memset(wwn, 0, sizeof(wwn)); -+ if (sscanf(p, "naa.%16[0-9a-fA-F]:%llu", wwn, &lun) == 2) { -+ libxl_vscsi_pdev_init_type(&dev->pdev, LIBXL_VSCSI_PDEV_TYPE_WWN); -+ dev->pdev.u.wwn.m = libxl__strdup(NOGC, p); -+ parsed_ok = true; -+ } -+ } else if (vscsi_parse_hctl(p, &hctl) == 0) { -+ /* Either xenlinux, or pvops with properly configured alias in sysfs */ -+ libxl_vscsi_pdev_init_type(&dev->pdev, LIBXL_VSCSI_PDEV_TYPE_HCTL); -+ libxl_vscsi_hctl_copy(CTX, &dev->pdev.u.hctl.m, &hctl); -+ parsed_ok = true; -+ } -+ -+ if (parsed_ok && vscsi_parse_hctl(v, &dev->vdev) != 0) -+ parsed_ok = false; -+ -+ libxl_vscsi_hctl_dispose(&hctl); -+ -+ return parsed_ok; -+} -+ -+static bool vscsi_fill_dev(libxl__gc *gc, -+ xs_transaction_t t, -+ const char *devs_path, -+ const char *dev_dir, -+ libxl_device_vscsidev *dev) -+{ -+ char *path, *c, *p, *v, *s; -+ unsigned int devid; -+ int r; -+ -+ r = sscanf(dev_dir, "dev-%u", &devid); -+ if (r != 1) { -+ LOG(ERROR, "expected dev-N, got '%s'", dev_dir); -+ return false; -+ } -+ dev->vscsidev_id = devid; -+ -+ path = GCSPRINTF("%s/%s", devs_path, dev_dir); -+ c = libxl__xs_read(gc, t, GCSPRINTF("%s/p-devname", path)); -+ p = libxl__xs_read(gc, t, GCSPRINTF("%s/p-dev", path)); -+ v = libxl__xs_read(gc, t, GCSPRINTF("%s/v-dev", path)); -+ s = libxl__xs_read(gc, t, GCSPRINTF("%s/state", path)); -+ LOG(DEBUG, "%s/state is %s", path, s); -+ if (!(c && p && v && s)) { -+ LOG(ERROR, "p-devname '%s' p-dev '%s' v-dev '%s'", c, p, v); -+ return false; -+ } -+ -+ if (!vscsi_parse_pdev(gc, dev, c, p, v)) { -+ LOG(ERROR, "failed to parse %s: %s %s %s %s", path, c, p, v, s); -+ return false; -+ } -+ -+ return true; -+} -+ -+static bool vscsi_fill_ctrl(libxl__gc *gc, -+ uint32_t tgt_domid, -+ xs_transaction_t t, -+ const char *fe_path, -+ const char *dir, -+ libxl_device_vscsictrl *ctrl) -+{ -+ libxl_device_vscsidev dev; -+ char *tmp, *devs_path; -+ const char *be_path; -+ char **dev_dirs; -+ unsigned int ndev_dirs, dev_dir; -+ uint32_t be_domid, fe_domid; -+ char be_type[16]; -+ int r; -+ bool ok; -+ -+ ctrl->devid = atoi(dir); -+ -+ tmp = GCSPRINTF("%s/%s/backend", fe_path, dir); -+ r = libxl__xs_read_checked(gc, t, tmp, &be_path); -+ if (r || !be_path) -+ goto out; -+ -+ r = sscanf(be_path, "/local/domain/%u/backend/%15[^/]/%u", -+ &be_domid, be_type, &fe_domid); -+ if (r != 3 || fe_domid != tgt_domid) -+ goto out; -+ ctrl->backend_domid = be_domid; -+ -+ tmp = libxl__xs_read(gc, t, GCSPRINTF("%s/" LIBXL_CTRL_INDEX, be_path)); -+ if (!tmp) -+ goto out; -+ ctrl->idx = atoi(tmp); -+ -+ tmp = libxl__xs_read(gc, t, GCSPRINTF("%s/feature-host", be_path)); -+ if (!tmp) -+ goto out; -+ ok = atoi(tmp) != 0; -+ libxl_defbool_set(&ctrl->scsi_raw_cmds, ok); -+ -+ ok = true; -+ devs_path = GCSPRINTF("%s/vscsi-devs", be_path); -+ dev_dirs = libxl__xs_directory(gc, t, devs_path, &ndev_dirs); -+ for (dev_dir = 0; dev_dirs && dev_dir < ndev_dirs; dev_dir++) { -+ libxl_device_vscsidev_init(&dev); -+ ok = vscsi_fill_dev(gc, t, devs_path, dev_dirs[dev_dir], &dev); -+ if (ok == true) -+ ok = ctrl->idx == dev.vdev.hst; -+ if (ok == true) -+ libxl_device_vscsictrl_append_vscsidev(CTX, ctrl, &dev); -+ libxl_device_vscsidev_dispose(&dev); -+ if (ok == false) -+ break; -+ } -+ -+ return ok; -+ -+out: -+ libxl_defbool_set(&ctrl->scsi_raw_cmds, false); -+ return false; -+} -+ -+/* return an array of vscsictrls with num elements */ -+static int vscsi_collect_ctrls(libxl__gc *gc, -+ uint32_t domid, -+ libxl_device_vscsictrl **ctrls, -+ int *num) -+{ -+ xs_transaction_t t = XBT_NULL; -+ libxl_device_vscsictrl ctrl; -+ char *fe_path; -+ char **dirs; -+ unsigned int ndirs = 0, dir; -+ int rc; -+ -+ fe_path = GCSPRINTF("%s/device/vscsi", libxl__xs_get_dompath(gc, domid)); -+ -+ for (;;) { -+ *num = 0; -+ -+ rc = libxl__xs_transaction_start(gc, &t); -+ if (rc) goto out; -+ -+ dirs = libxl__xs_directory(gc, t, fe_path, &ndirs); -+ /* Nothing to do */ -+ if (!(dirs && ndirs)) -+ break; -+ -+ /* List of ctrls to be returned to the caller */ -+ *ctrls = libxl__malloc(NOGC, ndirs * sizeof(**ctrls)); -+ -+ for (dir = 0; dir < ndirs; dir++) { -+ libxl_device_vscsictrl_init(*ctrls + dir); -+ -+ libxl_device_vscsictrl_init(&ctrl); -+ if (vscsi_fill_ctrl(gc, domid, t, fe_path, dirs[dir], &ctrl)) { -+ libxl_device_vscsictrl_copy(CTX, *ctrls + *num, &ctrl); -+ (*num)++; -+ } -+ libxl_device_vscsictrl_dispose(&ctrl); -+ } -+ -+ rc = libxl__xs_transaction_commit(gc, &t); -+ if (!rc) break; -+ -+ if (rc < 0) { -+ for (dir = 0; dir < ndirs; dir++) -+ libxl_device_vscsictrl_dispose(*ctrls + dir); -+ free(*ctrls); -+ *ctrls = NULL; -+ *num = 0; -+ goto out; -+ } -+ } -+ -+out: -+ libxl__xs_transaction_abort(gc, &t); -+ return rc; -+} -+ -+/* Simplified variant of device_addrm_aocomplete */ -+static void vscsi_aodev_complete(libxl__egc *egc, libxl__ao_device *aodev) -+{ -+ STATE_AO_GC(aodev->ao); -+ libxl__ao_complete(egc, ao, aodev->rc); -+} -+ -+static int libxl__device_from_vscsictrl(libxl__gc *gc, uint32_t domid, -+ libxl_device_vscsictrl *vscsictrl, -+ libxl__device *device) -+{ -+ device->backend_devid = vscsictrl->devid; -+ device->backend_domid = vscsictrl->backend_domid; -+ device->devid = vscsictrl->devid; -+ device->domid = domid; -+ device->backend_kind = LIBXL__DEVICE_KIND_VSCSI; -+ device->kind = LIBXL__DEVICE_KIND_VSCSI; -+ -+ return 0; -+} -+ -+static int vscsictrl_remove(libxl_ctx *ctx, -+ uint32_t domid, -+ libxl_device_vscsictrl *vscsictrl, -+ const libxl_asyncop_how *ao_how, -+ int force) -+{ -+ AO_CREATE(ctx, domid, ao_how); -+ libxl__device *device; -+ libxl__ao_device *aodev; -+ int rc; -+ -+ GCNEW(device); -+ rc = libxl__device_from_vscsictrl(gc, domid, vscsictrl, device); -+ if (rc != 0) goto out; -+ -+ GCNEW(aodev); -+ libxl__prepare_ao_device(ao, aodev); -+ aodev->action = LIBXL__DEVICE_ACTION_REMOVE; -+ aodev->dev = device; -+ aodev->callback = vscsi_aodev_complete; -+ aodev->force = force; -+ libxl__initiate_device_generic_remove(egc, aodev); -+ -+out: -+ if (rc) return AO_CREATE_FAIL(rc); -+ return AO_INPROGRESS; -+} -+ -+static int vscsidev_be_set_rm(libxl__gc *gc, -+ libxl_device_vscsidev *v, -+ flexarray_t *back) -+{ -+ int rc; -+ char *dir; -+ -+ dir = GCSPRINTF("vscsi-devs/dev-%u", v->vscsidev_id); -+ rc = flexarray_append_pair(back, -+ GCSPRINTF("%s/state", dir), -+ GCSPRINTF("%d", XenbusStateClosing)); -+ return rc; -+} -+ -+static int vscsictrl_reconfigure_rm(libxl__ao_device *aodev, -+ const char *state_path, -+ int *be_wait) -+ -+{ -+ STATE_AO_GC(aodev->ao); -+ vscsidev_rm_t *vscsidev_rm = CONTAINER_OF(aodev->dev, *vscsidev_rm, dev); -+ libxl_device_vscsictrl *ctrl = vscsidev_rm->ctrl; -+ const char *be_path = vscsidev_rm->be_path; -+ int rc, i, be_state; -+ char *dev_path, *state_val; -+ flexarray_t *back; -+ libxl_device_vscsidev *v; -+ xs_transaction_t t = XBT_NULL; -+ -+ /* Prealloc key+value: 1 toplevel + 1 per device */ -+ i = 2 * (1 + 1); -+ back = flexarray_make(gc, i, 1); -+ -+ for (;;) { -+ rc = libxl__xs_transaction_start(gc, &t); -+ if (rc) goto out; -+ -+ state_val = libxl__xs_read(gc, t, state_path); -+ LOG(DEBUG, "%s is %s", state_path, state_val); -+ if (!state_val) { -+ rc = ERROR_NOTFOUND; -+ goto out; -+ } -+ -+ be_state = atoi(state_val); -+ switch (be_state) { -+ case XenbusStateUnknown: -+ case XenbusStateInitialising: -+ case XenbusStateClosing: -+ case XenbusStateClosed: -+ default: -+ /* The backend is in a bad state */ -+ rc = ERROR_FAIL; -+ goto out; -+ case XenbusStateInitialised: -+ case XenbusStateReconfiguring: -+ case XenbusStateReconfigured: -+ /* Backend is still busy, caller has to retry */ -+ rc = ERROR_NOT_READY; -+ goto out; -+ case XenbusStateInitWait: -+ /* The frontend did not connect yet */ -+ *be_wait = XenbusStateInitWait; -+ vscsidev_rm->dev_wait = XenbusStateClosing; -+ break; -+ case XenbusStateConnected: -+ /* The backend can handle reconfigure */ -+ *be_wait = XenbusStateConnected; -+ vscsidev_rm->dev_wait = XenbusStateClosed; -+ flexarray_append_pair(back, "state", -+ GCSPRINTF("%d", XenbusStateReconfiguring)); -+ break; -+ } -+ -+ /* Append new vscsidev or skip existing */ -+ for (i = 0; i < ctrl->num_vscsidevs; i++) { -+ unsigned int nb = 0; -+ v = ctrl->vscsidevs + i; -+ dev_path = GCSPRINTF("%s/vscsi-devs/dev-%u", be_path, v->vscsidev_id); -+ if (!libxl__xs_directory(gc, XBT_NULL, dev_path, &nb)) { -+ /* FIXME Sanity check */ -+ LOG(DEBUG, "%s does not exist anymore", dev_path); -+ continue; -+ } -+ rc = vscsidev_be_set_rm(gc, v, back); -+ if (rc) goto out; -+ } -+ -+ libxl__xs_writev(gc, t, be_path, -+ libxl__xs_kvs_of_flexarray(gc, back, back->count)); -+ -+ rc = libxl__xs_transaction_commit(gc, &t); -+ if (!rc) break; -+ if (rc < 0) goto out; -+ } -+ -+ rc = 0; -+ -+out: -+ libxl__xs_transaction_abort(gc, &t); -+ return rc; -+} -+ -+static void vscsictrl_remove_be_dev(libxl__gc *gc, -+ libxl_device_vscsidev *v, -+ xs_transaction_t t, -+ const char *be_path, -+ int dev_wait) -+{ -+ char *dir, *path, *val; -+ -+ dir = GCSPRINTF("%s/vscsi-devs/dev-%u", be_path, v->vscsidev_id); -+ path = GCSPRINTF("%s/state", dir); -+ val = libxl__xs_read(gc, t, path); -+ LOG(DEBUG, "%s is %s", path, val); -+ if (val && strcmp(val, GCSPRINTF("%d", dev_wait)) == 0) { -+ xs_rm(CTX->xsh, t, GCSPRINTF("%s/state", dir)); -+ xs_rm(CTX->xsh, t, GCSPRINTF("%s/p-devname", dir)); -+ xs_rm(CTX->xsh, t, GCSPRINTF("%s/p-dev", dir)); -+ xs_rm(CTX->xsh, t, GCSPRINTF("%s/v-dev", dir)); -+ xs_rm(CTX->xsh, t, dir); -+ } else { -+ LOG(ERROR, "%s has %s, expected %d", path, val, dev_wait); -+ } -+} -+ -+static void vscsictrl_remove_be_cb(libxl__egc *egc, -+ libxl__ev_devstate *ds, -+ int rc) -+{ -+ libxl__ao_device *aodev = CONTAINER_OF(ds, *aodev, backend_ds); -+ STATE_AO_GC(aodev->ao); -+ vscsidev_rm_t *vscsidev_rm = CONTAINER_OF(aodev->dev, *vscsidev_rm, dev); -+ libxl_device_vscsictrl *ctrl = vscsidev_rm->ctrl; -+ xs_transaction_t t = XBT_NULL; -+ int i; -+ -+ for (;;) { -+ rc = libxl__xs_transaction_start(gc, &t); -+ if (rc) goto out; -+ -+ for (i = 0; i < ctrl->num_vscsidevs; i++) -+ vscsictrl_remove_be_dev(gc, ctrl->vscsidevs + i, t, -+ vscsidev_rm->be_path, -+ vscsidev_rm->dev_wait); -+ -+ rc = libxl__xs_transaction_commit(gc, &t); -+ if (!rc) break; -+ if (rc < 0) goto out; -+ } -+ -+out: -+ aodev->rc = rc; -+ aodev->callback(egc, aodev); -+} -+ -+static void vscsidev__remove(libxl__egc *egc, libxl__ao_device *aodev) -+{ -+ STATE_AO_GC(aodev->ao); -+ vscsidev_rm_t *vscsidev_rm = CONTAINER_OF(aodev->dev, *vscsidev_rm, dev); -+ char *state_path; -+ int rc, be_wait; -+ -+ vscsidev_rm->be_path = libxl__device_backend_path(gc, aodev->dev); -+ state_path = GCSPRINTF("%s/state", vscsidev_rm->be_path); -+ -+ rc = vscsictrl_reconfigure_rm(aodev, state_path, &be_wait); -+ if (rc) goto out; -+ -+ rc = libxl__ev_devstate_wait(ao, &aodev->backend_ds, -+ vscsictrl_remove_be_cb, -+ state_path, be_wait, -+ LIBXL_DESTROY_TIMEOUT * 1000); -+ if (rc) { -+ LOG(ERROR, "unable to wait for %s", state_path); -+ goto out; -+ } -+ -+ return; -+ -+out: -+ aodev->rc = rc; -+ /* Notify that this is done */ -+ aodev->callback(egc, aodev); -+} -+ -+static int vscsidev_remove(libxl_ctx *ctx, -+ uint32_t domid, -+ libxl_device_vscsictrl *vscsictrl, -+ const libxl_asyncop_how *ao_how) -+{ -+ AO_CREATE(ctx, domid, ao_how); -+ libxl__ao_device *aodev; -+ vscsidev_rm_t *vscsidev_rm; -+ libxl__device *device; -+ int rc; -+ -+ GCNEW(aodev); -+ -+ GCNEW(vscsidev_rm); -+ vscsidev_rm->ctrl = vscsictrl; -+ device = &vscsidev_rm->dev; -+ -+ rc = libxl__device_from_vscsictrl(gc, domid, vscsictrl, device); -+ if (rc) goto out; -+ -+ libxl__prepare_ao_device(ao, aodev); -+ aodev->dev = device; -+ aodev->action = LIBXL__DEVICE_ACTION_REMOVE; -+ aodev->callback = vscsi_aodev_complete; -+ -+ vscsidev__remove(egc, aodev); -+ -+out: -+ if (rc) AO_CREATE_FAIL(rc); -+ return AO_INPROGRESS; -+} -+ -+static int vscsidev_backend_add(libxl__gc *gc, -+ libxl_device_vscsidev *v, -+ flexarray_t *back) -+{ -+ int rc; -+ char *dir; -+ unsigned int hst, chn, tgt; -+ unsigned long long lun; -+ -+ -+ dir = GCSPRINTF("vscsi-devs/dev-%u", v->vscsidev_id); -+ switch (v->pdev.type) { -+ case LIBXL_VSCSI_PDEV_TYPE_WWN: -+ flexarray_append_pair(back, -+ GCSPRINTF("%s/p-dev", dir), -+ v->pdev.u.wwn.m); -+ break; -+ case LIBXL_VSCSI_PDEV_TYPE_HCTL: -+ hst = v->pdev.u.hctl.m.hst; -+ chn = v->pdev.u.hctl.m.chn; -+ tgt = v->pdev.u.hctl.m.tgt; -+ lun = v->pdev.u.hctl.m.lun; -+ flexarray_append_pair(back, -+ GCSPRINTF("%s/p-dev", dir), -+ GCSPRINTF("%u:%u:%u:%llu", hst, chn, tgt, lun)); -+ break; -+ case LIBXL_VSCSI_PDEV_TYPE_INVALID: -+ /* fallthrough */ -+ default: -+ rc = ERROR_FAIL; -+ goto out; -+ } -+ flexarray_append_pair(back, -+ GCSPRINTF("%s/p-devname", dir), -+ v->pdev.p_devname); -+ hst = v->vdev.hst; -+ chn = v->vdev.chn; -+ tgt = v->vdev.tgt; -+ lun = v->vdev.lun; -+ flexarray_append_pair(back, -+ GCSPRINTF("%s/v-dev", dir), -+ GCSPRINTF("%u:%u:%u:%llu", hst, chn, tgt, lun)); -+ flexarray_append_pair(back, -+ GCSPRINTF("%s/state", dir), -+ GCSPRINTF("%d", XenbusStateInitialising)); -+ rc = 0; -+out: -+ return rc; -+} -+ -+static void vscsictrl_new_backend(libxl__egc *egc, -+ libxl__ao_device *aodev, -+ libxl_device_vscsictrl *vscsictrl, -+ libxl_domain_config *d_config) -+{ -+ STATE_AO_GC(aodev->ao); -+ int rc, i; -+ flexarray_t *back; -+ flexarray_t *front; -+ libxl_device_vscsidev *v; -+ xs_transaction_t t = XBT_NULL; -+ -+ /* Prealloc key+value: 4 toplevel + 4 per device */ -+ i = 2 * (4 + (4 * vscsictrl->num_vscsidevs)); -+ back = flexarray_make(gc, i, 1); -+ front = flexarray_make(gc, 2 * 2, 1); -+ -+ flexarray_append_pair(back, -+ "frontend-id", -+ GCSPRINTF("%d", aodev->dev->domid)); -+ flexarray_append_pair(back, "online", "1"); -+ flexarray_append_pair(back, -+ "state", -+ GCSPRINTF("%d", XenbusStateInitialising)); -+ flexarray_append_pair(back, -+ LIBXL_CTRL_INDEX, -+ GCSPRINTF("%d", vscsictrl->idx)); -+ flexarray_append_pair(back, "feature-host", -+ libxl_defbool_val(vscsictrl->scsi_raw_cmds) ? -+ "1" : "0"); -+ -+ flexarray_append_pair(front, -+ "backend-id", -+ GCSPRINTF("%d", vscsictrl->backend_domid)); -+ flexarray_append_pair(front, -+ "state", -+ GCSPRINTF("%d", XenbusStateInitialising)); -+ -+ for (i = 0; i < vscsictrl->num_vscsidevs; i++) { -+ v = vscsictrl->vscsidevs + i; -+ rc = vscsidev_backend_add(gc, v, back); -+ if (rc) goto out; -+ } -+ -+ for (;;) { -+ rc = libxl__xs_transaction_start(gc, &t); -+ if (rc) goto out; -+ -+ rc = libxl__device_exists(gc, t, aodev->dev); -+ if (rc < 0) goto out; -+ if (rc == 1) { /* already exists in xenstore */ -+ LOG(ERROR, "device already exists in xenstore"); -+ rc = ERROR_DEVICE_EXISTS; -+ goto out; -+ } -+ -+ if (aodev->update_json) { -+ rc = libxl__set_domain_configuration(gc, aodev->dev->domid, d_config); -+ if (rc) goto out; -+ } -+ -+ libxl__device_generic_add(gc, t, aodev->dev, -+ libxl__xs_kvs_of_flexarray(gc, back, -+ back->count), -+ libxl__xs_kvs_of_flexarray(gc, front, -+ front->count), -+ NULL); -+ -+ rc = libxl__xs_transaction_commit(gc, &t); -+ if (!rc) break; -+ if (rc < 0) goto out; -+ } -+ -+ libxl__wait_device_connection(egc, aodev); -+ return; -+ -+out: -+ libxl__xs_transaction_abort(gc, &t); -+ aodev->rc = rc; -+ aodev->callback(egc, aodev); -+} -+ -+static void vscsictrl_do_reconfigure_add_cb(libxl__egc *egc, -+ libxl__ev_devstate *ds, -+ int rc) -+{ -+ libxl__ao_device *aodev = CONTAINER_OF(ds, *aodev, backend_ds); -+ STATE_AO_GC(aodev->ao); -+ aodev->rc = rc; -+ aodev->callback(egc, aodev); -+} -+ -+static void vscsictrl_do_reconfigure_add(libxl__egc *egc, -+ libxl__ao_device *aodev, -+ libxl_device_vscsictrl *vscsictrl, -+ libxl_domain_config *d_config) -+{ -+ STATE_AO_GC(aodev->ao); -+ int rc, i, be_state, be_wait; -+ const char *be_path; -+ char *dev_path, *state_path, *state_val; -+ flexarray_t *back; -+ libxl_device_vscsidev *v; -+ xs_transaction_t t = XBT_NULL; -+ bool do_reconfigure = false; -+ -+ /* Prealloc key+value: 1 toplevel + 4 per device */ -+ i = 2 * (1 + (4 * vscsictrl->num_vscsidevs)); -+ back = flexarray_make(gc, i, 1); -+ -+ be_path = libxl__device_backend_path(gc, aodev->dev); -+ state_path = GCSPRINTF("%s/state", be_path); -+ -+ for (;;) { -+ rc = libxl__xs_transaction_start(gc, &t); -+ if (rc) goto out; -+ -+ state_val = libxl__xs_read(gc, t, state_path); -+ LOG(DEBUG, "%s is %s", state_path, state_val); -+ if (!state_val) { -+ rc = ERROR_FAIL; -+ goto out; -+ } -+ -+ be_state = atoi(state_val); -+ switch (be_state) { -+ case XenbusStateUnknown: -+ case XenbusStateInitialising: -+ case XenbusStateClosing: -+ case XenbusStateClosed: -+ default: -+ /* The backend is in a bad state */ -+ rc = ERROR_FAIL; -+ goto out; -+ case XenbusStateInitialised: -+ case XenbusStateReconfiguring: -+ case XenbusStateReconfigured: -+ /* Backend is still busy, caller has to retry */ -+ rc = ERROR_NOT_READY; -+ goto out; -+ case XenbusStateInitWait: -+ /* The frontend did not connect yet */ -+ be_wait = XenbusStateInitWait; -+ do_reconfigure = false; -+ break; -+ case XenbusStateConnected: -+ /* The backend can handle reconfigure */ -+ be_wait = XenbusStateConnected; -+ flexarray_append_pair(back, "state", GCSPRINTF("%d", XenbusStateReconfiguring)); -+ do_reconfigure = true; -+ break; -+ } -+ -+ /* Append new vscsidev or skip existing */ -+ for (i = 0; i < vscsictrl->num_vscsidevs; i++) { -+ unsigned int nb = 0; -+ v = vscsictrl->vscsidevs + i; -+ dev_path = GCSPRINTF("%s/vscsi-devs/dev-%u", be_path, v->vscsidev_id); -+ if (libxl__xs_directory(gc, XBT_NULL, dev_path, &nb)) { -+ /* FIXME Sanity check */ -+ LOG(DEBUG, "%s exists already with %u entries", dev_path, nb); -+ continue; -+ } -+ rc = vscsidev_backend_add(gc, v, back); -+ if (rc) goto out; -+ } -+ -+ if (aodev->update_json) { -+ rc = libxl__set_domain_configuration(gc, aodev->dev->domid, d_config); -+ if (rc) goto out; -+ } -+ -+ libxl__xs_writev(gc, t, be_path, -+ libxl__xs_kvs_of_flexarray(gc, back, back->count)); -+ -+ rc = libxl__xs_transaction_commit(gc, &t); -+ if (!rc) break; -+ if (rc < 0) goto out; -+ } -+ -+ if (do_reconfigure) { -+ rc = libxl__ev_devstate_wait(ao, &aodev->backend_ds, -+ vscsictrl_do_reconfigure_add_cb, -+ state_path, be_wait, -+ LIBXL_INIT_TIMEOUT * 1000); -+ if (rc) goto out; -+ } -+ return; -+ -+out: -+ libxl__xs_transaction_abort(gc, &t); -+ aodev->rc = rc; -+ aodev->callback(egc, aodev); -+} -+ -+static int vscsictrl_next_vscsidev_id(libxl__gc *gc, -+ const char *libxl_path, -+ libxl_devid *vscsidev_id) -+{ -+ const char *val; -+ xs_transaction_t t = XBT_NULL; -+ unsigned int id; -+ int rc; -+ -+ for (;;) { -+ rc = libxl__xs_transaction_start(gc, &t); -+ if (rc) goto out; -+ -+ val = libxl__xs_read(gc, t, libxl_path); -+ id = val ? strtoul(val, NULL, 10) : 0; -+ -+ LOG(DEBUG, "%s = %s vscsidev_id %u", libxl_path, val, id); -+ -+ val = GCSPRINTF("%u", id + 1); -+ rc = libxl__xs_write_checked(gc, t, libxl_path, val); -+ if (rc) goto out; -+ -+ rc = libxl__xs_transaction_commit(gc, &t); -+ if (!rc) break; -+ if (rc < 0) goto out; -+ } -+ -+ *vscsidev_id = id; -+ rc = 0; -+ -+out: -+ libxl__xs_transaction_abort(gc, &t); -+ return rc; -+} -+ -+static int vscsictrl_assign_vscsidev_ids(libxl__gc *gc, -+ uint32_t domid, -+ libxl_device_vscsictrl *vscsictrl) -+{ -+ libxl_device_vscsidev *dev; -+ libxl_devid vscsidev_id; -+ const char *libxl_path; -+ int rc, i; -+ -+ libxl_path = GCSPRINTF("%s/vscsi/%u/next_vscsidev_id", -+ libxl__xs_libxl_path(gc, domid), -+ vscsictrl->devid); -+ for (i = 0; i < vscsictrl->num_vscsidevs; i++) { -+ dev = &vscsictrl->vscsidevs[i]; -+ if (dev->vscsidev_id >= 0) -+ continue; -+ rc = vscsictrl_next_vscsidev_id(gc, libxl_path, &vscsidev_id); -+ if (rc) { -+ LOG(ERROR, "failed to assign vscsidev_id to %s for %s", -+ libxl_path, dev->pdev.p_devname); -+ goto out; -+ } -+ dev->vscsidev_id = vscsidev_id; -+ } -+ -+ rc = 0; -+out: -+ return rc; -+} -+ -+static void vscsictrl_update_json(libxl__egc *egc, -+ libxl__ao_device *aodev, -+ libxl_device_vscsictrl *vscsictrl, -+ vscsictrl_add fn) -+{ -+ STATE_AO_GC(aodev->ao); -+ int rc; -+ uint32_t domid = aodev->dev->domid; -+ libxl_device_vscsictrl vscsictrl_saved; -+ libxl_domain_config d_config; -+ libxl__domain_userdata_lock *lock = NULL; -+ -+ libxl_domain_config_init(&d_config); -+ libxl_device_vscsictrl_init(&vscsictrl_saved); -+ -+ libxl_device_vscsictrl_copy(CTX, &vscsictrl_saved, vscsictrl); -+ -+ rc = vscsictrl_assign_vscsidev_ids(gc, domid, &vscsictrl_saved); -+ if (rc) goto out; -+ -+ if (aodev->update_json) { -+ lock = libxl__lock_domain_userdata(gc, domid); -+ if (!lock) { -+ rc = ERROR_LOCK_FAIL; -+ goto out; -+ } -+ -+ rc = libxl__get_domain_configuration(gc, domid, &d_config); -+ if (rc) goto out; -+ -+ /* Replace or append the copy to the domain config */ -+ DEVICE_ADD(vscsictrl, vscsictrls, domid, &vscsictrl_saved, COMPARE_DEVID, &d_config); -+ } -+ -+ fn(egc, aodev, &vscsictrl_saved, &d_config); -+ -+out: -+ if (lock) libxl__unlock_domain_userdata(lock); -+ libxl_device_vscsictrl_dispose(&vscsictrl_saved); -+ libxl_domain_config_dispose(&d_config); -+ if (rc) { -+ aodev->rc = rc; -+ aodev->callback(egc, aodev); -+ } -+} -+ -+static void vscsictrl__reconfigure_add(libxl__egc *egc, -+ uint32_t domid, -+ libxl_device_vscsictrl *vscsictrl, -+ libxl__ao_device *aodev) -+{ -+ STATE_AO_GC(aodev->ao); -+ libxl__device *device; -+ vscsictrl_add fn; -+ int rc; -+ -+ GCNEW(device); -+ rc = libxl__device_from_vscsictrl(gc, domid, vscsictrl, device); -+ if (rc) goto out; -+ aodev->dev = device; -+ -+ fn = vscsictrl_do_reconfigure_add; -+ vscsictrl_update_json(egc, aodev, vscsictrl, fn); -+ return; -+ -+out: -+ aodev->rc = rc; -+ aodev->callback(egc, aodev); -+} -+ -+static int vscsictrl_reconfigure_add(libxl_ctx *ctx, -+ uint32_t domid, -+ libxl_device_vscsictrl *vscsictrl, -+ const libxl_asyncop_how *ao_how) -+{ -+ AO_CREATE(ctx, domid, ao_how); -+ libxl__ao_device *aodev; -+ -+ GCNEW(aodev); -+ libxl__prepare_ao_device(ao, aodev); -+ aodev->action = LIBXL__DEVICE_ACTION_ADD; -+ aodev->callback = vscsi_aodev_complete; -+ aodev->update_json = true; -+ vscsictrl__reconfigure_add(egc, domid, vscsictrl, aodev); -+ -+ return AO_INPROGRESS; -+} -+ -+void libxl__device_vscsictrl_add(libxl__egc *egc, uint32_t domid, -+ libxl_device_vscsictrl *vscsictrl, -+ libxl__ao_device *aodev) -+{ -+ STATE_AO_GC(aodev->ao); -+ libxl__device *device; -+ vscsictrl_add fn; -+ int rc; -+ -+ if (vscsictrl->devid == -1) { -+ if ((vscsictrl->devid = libxl__device_nextid(gc, domid, "vscsi")) < 0) { -+ rc = ERROR_FAIL; -+ goto out; -+ } -+ } -+ -+ GCNEW(device); -+ rc = libxl__device_from_vscsictrl(gc, domid, vscsictrl, device); -+ if (rc) goto out; -+ aodev->dev = device; -+ -+ fn = vscsictrl_new_backend; -+ vscsictrl_update_json(egc, aodev, vscsictrl, fn); -+ return; -+ -+out: -+ aodev->rc = rc; -+ aodev->callback(egc, aodev); -+} -+ -+int libxl_device_vscsictrl_remove(libxl_ctx *ctx, uint32_t domid, -+ libxl_device_vscsictrl *vscsictrl, -+ const libxl_asyncop_how *ao_how) -+{ -+ return vscsictrl_remove(ctx, domid, vscsictrl, ao_how, 0); -+} -+ -+int libxl_device_vscsictrl_destroy(libxl_ctx *ctx, uint32_t domid, -+ libxl_device_vscsictrl *vscsictrl, -+ const libxl_asyncop_how *ao_how) -+{ -+ return vscsictrl_remove(ctx, domid, vscsictrl, ao_how, 1); -+} -+ -+libxl_device_vscsictrl *libxl_device_vscsictrl_list(libxl_ctx *ctx, -+ uint32_t domid, -+ int *num) -+{ -+ GC_INIT(ctx); -+ libxl_device_vscsictrl *ctrls = NULL; -+ int rc, num_ctrls = 0; -+ -+ *num = 0; -+ -+ rc = vscsi_collect_ctrls(gc, domid, &ctrls, &num_ctrls); -+ if (rc == 0) -+ *num = num_ctrls; -+ -+ GC_FREE; -+ return ctrls; -+} -+ -+int libxl_device_vscsictrl_getinfo(libxl_ctx *ctx, uint32_t domid, -+ libxl_device_vscsictrl *vscsictrl, -+ libxl_device_vscsidev *vscsidev, -+ libxl_vscsiinfo *vscsiinfo) -+{ -+ GC_INIT(ctx); -+ char *dompath, *vscsipath; -+ char *val; -+ int rc = ERROR_FAIL; -+ -+ libxl_vscsiinfo_init(vscsiinfo); -+ dompath = libxl__xs_get_dompath(gc, domid); -+ vscsiinfo->devid = vscsictrl->devid; -+ vscsiinfo->vscsidev_id = vscsidev->vscsidev_id; -+ libxl_vscsi_pdev_copy(ctx, &vscsiinfo->pdev, &vscsidev->pdev); -+ libxl_vscsi_hctl_copy(ctx, &vscsiinfo->vdev, &vscsidev->vdev); -+ -+ vscsipath = GCSPRINTF("%s/device/vscsi/%d", dompath, vscsiinfo->devid); -+ vscsiinfo->backend = xs_read(ctx->xsh, XBT_NULL, -+ GCSPRINTF("%s/backend", vscsipath), NULL); -+ if (!vscsiinfo->backend) -+ goto out; -+ if(!libxl__xs_read(gc, XBT_NULL, vscsiinfo->backend)) -+ goto out; -+ -+ val = libxl__xs_read(gc, XBT_NULL, GCSPRINTF("%s/backend-id", vscsipath)); -+ vscsiinfo->backend_id = val ? strtoul(val, NULL, 10) : -1; -+ -+ val = libxl__xs_read(gc, XBT_NULL, GCSPRINTF("%s/state", vscsipath)); -+ vscsiinfo->vscsictrl_state = val ? strtoul(val, NULL, 10) : -1; -+ -+ val = libxl__xs_read(gc, XBT_NULL, GCSPRINTF("%s/" LIBXL_CTRL_INDEX, vscsipath)); -+ vscsiinfo->idx = val ? strtoul(val, NULL, 10) : -1; -+ -+ vscsiinfo->frontend = xs_read(ctx->xsh, XBT_NULL, -+ GCSPRINTF("%s/frontend", vscsiinfo->backend), NULL); -+ -+ val = libxl__xs_read(gc, XBT_NULL, -+ GCSPRINTF("%s/frontend-id", vscsiinfo->backend)); -+ vscsiinfo->frontend_id = val ? strtoul(val, NULL, 10) : -1; -+ -+ val = libxl__xs_read(gc, XBT_NULL, -+ GCSPRINTF("%s/vscsi-devs/dev-%u/state", -+ vscsiinfo->backend, vscsidev->vscsidev_id)); -+ vscsiinfo->vscsidev_state = val ? strtoul(val, NULL, 10) : -1; -+ -+ rc = 0; -+out: -+ GC_FREE; -+ return rc; -+} -+ -+int libxl_device_vscsidev_add(libxl_ctx *ctx, uint32_t domid, -+ libxl_device_vscsidev *vscsidev, -+ const libxl_asyncop_how *ao_how) -+{ -+ GC_INIT(ctx); -+ libxl_device_vscsictrl *vc, *ctrls = NULL; -+ libxl_device_vscsidev *vd; -+ int c, d, rc, num_ctrls = 0; -+ int duplicate = 0; -+ -+ rc = vscsi_collect_ctrls(gc, domid, &ctrls, &num_ctrls); -+ if (rc != 0) goto out; -+ -+ -+ for (c = 0; c < num_ctrls; ++c) { -+ vc = ctrls + c; -+ if (vc->idx != vscsidev->vdev.hst) -+ continue; -+ -+ for (d = 0; d < vc->num_vscsidevs; d++) { -+ vd = vc->vscsidevs + d; -+ if (vd->vdev.hst == vscsidev->vdev.hst && -+ vd->vdev.chn == vscsidev->vdev.chn && -+ vd->vdev.tgt == vscsidev->vdev.tgt && -+ vd->vdev.lun == vscsidev->vdev.lun) { -+ unsigned long long lun = vd->vdev.lun; -+ LOG(ERROR, "vdev '%u:%u:%u:%llu' is already used.\n", -+ vd->vdev.hst, vd->vdev.chn, vd->vdev.tgt, lun); -+ rc = ERROR_DEVICE_EXISTS; -+ duplicate = 1; -+ break; -+ } -+ } -+ -+ if (!duplicate) { -+ /* Append vscsidev to this vscsictrl, trigger reconfigure */ -+ libxl_device_vscsictrl_append_vscsidev(ctx, vc, vscsidev); -+ rc = vscsictrl_reconfigure_add(ctx, domid, vc, ao_how); -+ } -+ break; -+ } -+ -+ for (c = 0; c < num_ctrls; ++c) -+ libxl_device_vscsictrl_dispose(ctrls + c); -+ free(ctrls); -+ -+out: -+ GC_FREE; -+ return rc; -+} -+ -+int libxl_device_vscsidev_remove(libxl_ctx *ctx, uint32_t domid, -+ libxl_device_vscsidev *vscsidev, -+ const libxl_asyncop_how *ao_how) -+{ -+ GC_INIT(ctx); -+ libxl_device_vscsictrl *vc, *ctrls = NULL; -+ libxl_device_vscsidev *vd; -+ int c, d, rc, num_ctrls = 0; -+ int found = 0, idx; -+ int head, tail, i; -+ -+ rc = vscsi_collect_ctrls(gc, domid, &ctrls, &num_ctrls); -+ if (rc != 0) goto out; -+ -+ -+ for (c = 0; c < num_ctrls; ++c) { -+ vc = ctrls + c; -+ -+ for (d = 0; d < vc->num_vscsidevs; d++) { -+ vd = vc->vscsidevs + d; -+ if (vd->vdev.hst == vscsidev->vdev.hst && -+ vd->vdev.chn == vscsidev->vdev.chn && -+ vd->vdev.tgt == vscsidev->vdev.tgt && -+ vd->vdev.lun == vscsidev->vdev.lun) { -+ found = 1; -+ idx = d; -+ break; -+ } -+ } -+ -+ if (found) { -+ if (vc->num_vscsidevs > 1) { -+ /* Prepare vscsictrl, leave only desired vscsidev */ -+ head = idx; -+ tail = vc->num_vscsidevs - idx - 1; -+ for (i = 0; i < head; i++) -+ libxl_device_vscsictrl_remove_vscsidev(ctx, vc, 0); -+ for (i = 0; i < tail; i++) -+ libxl_device_vscsictrl_remove_vscsidev(ctx, vc, 1); -+ -+ /* Remove single vscsidev connected to this vscsictrl */ -+ rc = vscsidev_remove(ctx, domid, vc, ao_how); -+ } else { -+ /* Wipe entire vscsictrl */; -+ rc = vscsictrl_remove(ctx, domid, vc, ao_how, 0); -+ } -+ break; -+ } -+ } -+ -+ for (c = 0; c < num_ctrls; ++c) -+ libxl_device_vscsictrl_dispose(ctrls + c); -+ free(ctrls); -+ -+ if (!found) -+ rc = ERROR_NOTFOUND; -+ -+out: -+ GC_FREE; -+ return rc; -+} -+ -+void libxl_device_vscsictrl_append_vscsidev(libxl_ctx *ctx, -+ libxl_device_vscsictrl *ctrl, -+ libxl_device_vscsidev *dev) -+{ -+ GC_INIT(ctx); -+ ctrl->vscsidevs = libxl__realloc(NOGC, ctrl->vscsidevs, sizeof(*dev) * (ctrl->num_vscsidevs + 1)); -+ libxl_device_vscsidev_init(ctrl->vscsidevs + ctrl->num_vscsidevs); -+ libxl_device_vscsidev_copy(CTX, ctrl->vscsidevs + ctrl->num_vscsidevs, dev); -+ ctrl->num_vscsidevs++; -+ GC_FREE; -+} -+ -+void libxl_device_vscsictrl_remove_vscsidev(libxl_ctx *ctx, -+ libxl_device_vscsictrl *ctrl, -+ unsigned int idx) -+{ -+ GC_INIT(ctx); -+ if (idx >= ctrl->num_vscsidevs) -+ return; -+ libxl_device_vscsidev_dispose(&ctrl->vscsidevs[idx]); -+ if (ctrl->num_vscsidevs > idx + 1) -+ memmove(&ctrl->vscsidevs[idx], -+ &ctrl->vscsidevs[idx + 1], -+ (ctrl->num_vscsidevs - idx - 1) * sizeof(*ctrl->vscsidevs)); -+ ctrl->vscsidevs = libxl__realloc(NOGC, ctrl->vscsidevs, sizeof(*ctrl->vscsidevs) * (ctrl->num_vscsidevs - 1)); -+ ctrl->num_vscsidevs--; -+ GC_FREE; -+} -+ -+/* -+ * Local variables: -+ * mode: C -+ * c-basic-offset: 4 -+ * indent-tabs-mode: nil -+ * End: -+ */ -Index: xen-4.7.0-testing/tools/libxl/libxlu_vscsi.c -=================================================================== ---- /dev/null -+++ xen-4.7.0-testing/tools/libxl/libxlu_vscsi.c -@@ -0,0 +1,667 @@ -+/* -+ * libxlu_vscsi.c - xl configuration file parsing: setup and helper functions -+ * -+ * Copyright (C) 2016 SUSE Linux GmbH -+ * Author Olaf Hering -+ * Author Ondřej Holeček -+ * -+ * This program is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU Lesser General Public License as published -+ * by the Free Software Foundation; version 2.1 only. with the special -+ * exception on linking described in file LICENSE. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU Lesser General Public License for more details. -+ */ -+#include "libxl_osdeps.h" /* must come before any other headers */ -+#include -+#include -+#include -+#include -+#include -+#include "libxlu_internal.h" -+ -+#ifdef __linux__ -+#define LOG(_c, _x, _a...) \ -+ if((_c) && (_c)->report) fprintf((_c)->report, "%s(%u): " _x "\n", __func__, __LINE__, ##_a) -+ -+#define XLU_SYSFS_TARGET_PVSCSI "/sys/kernel/config/target/xen-pvscsi" -+#define XLU_WWN_LEN 16 -+struct xlu__vscsi_target { -+ XLU_Config *cfg; -+ libxl_vscsi_hctl *pdev_hctl; -+ libxl_vscsi_pdev *pdev; -+ char path[PATH_MAX]; -+ char udev_path[PATH_MAX]; -+ char wwn[XLU_WWN_LEN + 1]; -+ unsigned long long lun; -+}; -+ -+static int xlu__vscsi_parse_hctl(char *str, libxl_vscsi_hctl *hctl) -+{ -+ unsigned int hst, chn, tgt; -+ unsigned long long lun; -+ -+ if (sscanf(str, "%u:%u:%u:%llu", &hst, &chn, &tgt, &lun) != 4) -+ return ERROR_INVAL; -+ -+ hctl->hst = hst; -+ hctl->chn = chn; -+ hctl->tgt = tgt; -+ hctl->lun = lun; -+ return 0; -+} -+ -+static char *xlu__vscsi_trim_string(char *s) -+{ -+ size_t len; -+ -+ while (isspace(*s)) -+ s++; -+ len = strlen(s); -+ while (len-- > 1 && isspace(s[len])) -+ s[len] = '\0'; -+ return s; -+} -+ -+ -+static int xlu__vscsi_parse_dev(XLU_Config *cfg, char *pdev, libxl_vscsi_hctl *hctl) -+{ -+ struct stat dentry; -+ char *sysfs = NULL; -+ const char *type; -+ int rc, found = 0; -+ DIR *dirp; -+ struct dirent *de; -+ -+ /* stat pdev to get device's sysfs entry */ -+ if (stat (pdev, &dentry) < 0) { -+ LOG(cfg, "%s, device node not found", pdev); -+ rc = ERROR_INVAL; -+ goto out; -+ } -+ -+ if (S_ISBLK (dentry.st_mode)) { -+ type = "block"; -+ } else if (S_ISCHR (dentry.st_mode)) { -+ type = "char"; -+ } else { -+ LOG(cfg, "%s, device node not a block or char device", pdev); -+ rc = ERROR_INVAL; -+ goto out; -+ } -+ -+ /* /sys/dev/type/major:minor symlink added in 2.6.27 */ -+ if (asprintf(&sysfs, "/sys/dev/%s/%u:%u/device/scsi_device", type, -+ major(dentry.st_rdev), minor(dentry.st_rdev)) < 0) { -+ sysfs = NULL; -+ rc = ERROR_NOMEM; -+ goto out; -+ } -+ -+ dirp = opendir(sysfs); -+ if (!dirp) { -+ LOG(cfg, "%s, no major:minor link in sysfs", pdev); -+ rc = ERROR_INVAL; -+ goto out; -+ } -+ -+ while ((de = readdir(dirp))) { -+ if (!strcmp(de->d_name, ".") || !strcmp(de->d_name, "..")) -+ continue; -+ -+ if (xlu__vscsi_parse_hctl(de->d_name, hctl)) -+ continue; -+ -+ found = 1; -+ break; -+ } -+ closedir(dirp); -+ -+ if (!found) { -+ LOG(cfg, "%s, no h:c:t:l link in sysfs", pdev); -+ rc = ERROR_INVAL; -+ goto out; -+ } -+ -+ rc = 0; -+out: -+ free(sysfs); -+ return rc; -+} -+ -+static bool xlu__vscsi_compare_hctl(libxl_vscsi_hctl *a, libxl_vscsi_hctl *b) -+{ -+ if (a->hst == b->hst && -+ a->chn == b->chn && -+ a->tgt == b->tgt && -+ a->lun == b->lun) -+ return true; -+ return false; -+} -+ -+/* Finally at -+ * /sys/kernel/config/target/xen-pvscsi/naa./tpgt_1/lun/lun_0//udev_path -+ */ -+static bool xlu__vscsi_compare_udev(struct xlu__vscsi_target *tgt) -+{ -+ bool ret; -+ int fd; -+ ssize_t read_sz; -+ libxl_vscsi_hctl udev_hctl; -+ -+ libxl_vscsi_hctl_init(&udev_hctl); -+ -+ fd = open(tgt->path, O_RDONLY); -+ if (fd < 0){ -+ ret = false; -+ goto out; -+ } -+ read_sz = read(fd, &tgt->udev_path, sizeof(tgt->udev_path) - 1); -+ close(fd); -+ -+ if (read_sz <= 0 || read_sz > sizeof(tgt->udev_path) - 1) { -+ ret = false; -+ goto out; -+ } -+ tgt->udev_path[read_sz] = '\0'; -+ read_sz--; -+ if (tgt->udev_path[read_sz] == '\n') -+ tgt->udev_path[read_sz] = '\0'; -+ -+ if (xlu__vscsi_parse_dev(tgt->cfg, tgt->udev_path, &udev_hctl)) { -+ ret = false; -+ goto out; -+ } -+ ret = xlu__vscsi_compare_hctl(tgt->pdev_hctl, &udev_hctl); -+ -+out: -+ libxl_vscsi_hctl_dispose(&udev_hctl); -+ return ret; -+} -+ -+/* /sys/kernel/config/target/xen-pvscsi/naa./tpgt_1/lun/lun_0//udev_path */ -+static bool xlu__vscsi_walk_dir_lun(struct xlu__vscsi_target *tgt) -+{ -+ bool found; -+ DIR *dirp; -+ struct dirent *de; -+ size_t path_len = strlen(tgt->path); -+ char *subdir = &tgt->path[path_len]; -+ -+ dirp = opendir(tgt->path); -+ if (!dirp) -+ return false; -+ -+ found = false; -+ while ((de = readdir(dirp))) { -+ if (!strcmp(de->d_name, ".") || !strcmp(de->d_name, "..")) -+ continue; -+ -+ snprintf(subdir, sizeof(tgt->path) - path_len, "/%s/udev_path", de->d_name); -+ -+ found = xlu__vscsi_compare_udev(tgt); -+ if (found) -+ break; -+ -+ *subdir = '\0'; -+ } -+ closedir(dirp); -+ return found; -+} -+ -+/* /sys/kernel/config/target/xen-pvscsi/naa./tpgt_1/lun/lun_0 */ -+static bool xlu__vscsi_walk_dir_luns(struct xlu__vscsi_target *tgt) -+{ -+ bool found; -+ DIR *dirp; -+ struct dirent *de; -+ size_t path_len = strlen(tgt->path); -+ char *subdir = &tgt->path[path_len]; -+ -+ dirp = opendir(tgt->path); -+ if (!dirp) -+ return false; -+ -+ found = false; -+ while ((de = readdir(dirp))) { -+ if (!strcmp(de->d_name, ".") || !strcmp(de->d_name, "..")) -+ continue; -+ -+ if (sscanf(de->d_name, "lun_%llu", &tgt->lun) != 1) -+ continue; -+ -+ -+ snprintf(subdir, sizeof(tgt->path) - path_len, "/%s", de->d_name); -+ -+ found = xlu__vscsi_walk_dir_lun(tgt); -+ if (found) -+ break; -+ -+ *subdir = '\0'; -+ } -+ closedir(dirp); -+ return found; -+} -+ -+/* /sys/kernel/config/target/xen-pvscsi/naa./tpgt_1 */ -+static bool xlu__vscsi_walk_dir_naa(struct xlu__vscsi_target *tgt) -+{ -+ bool found; -+ DIR *dirp; -+ struct dirent *de; -+ size_t path_len = strlen(tgt->path); -+ char *subdir = &tgt->path[path_len]; -+ unsigned int tpgt; -+ -+ dirp = opendir(tgt->path); -+ if (!dirp) -+ return false; -+ -+ found = false; -+ while ((de = readdir(dirp))) { -+ if (!strcmp(de->d_name, ".") || !strcmp(de->d_name, "..")) -+ continue; -+ -+ if (sscanf(de->d_name, "tpgt_%u", &tpgt) != 1) -+ continue; -+ -+ snprintf(subdir, sizeof(tgt->path) - path_len, "/%s/lun", de->d_name); -+ -+ found = xlu__vscsi_walk_dir_luns(tgt); -+ if (found) -+ break; -+ -+ *subdir = '\0'; -+ } -+ closedir(dirp); -+ return found; -+} -+ -+/* /sys/kernel/config/target/xen-pvscsi/naa. */ -+static bool xlu__vscsi_find_target_wwn(struct xlu__vscsi_target *tgt) -+{ -+ bool found; -+ DIR *dirp; -+ struct dirent *de; -+ size_t path_len = strlen(tgt->path); -+ char *subdir = &tgt->path[path_len]; -+ -+ dirp = opendir(tgt->path); -+ if (!dirp) -+ return false; -+ -+ found = false; -+ while ((de = readdir(dirp))) { -+ if (!strcmp(de->d_name, ".") || !strcmp(de->d_name, "..")) -+ continue; -+ -+ if (sscanf(de->d_name, "naa.%16[0-9a-fA-F]", tgt->wwn) != 1) -+ continue; -+ -+ snprintf(subdir, sizeof(tgt->path) - path_len, "/%s", de->d_name); -+ -+ found = xlu__vscsi_walk_dir_naa(tgt); -+ if (found) -+ break; -+ -+ *subdir = '\0'; -+ } -+ closedir(dirp); -+ return found; -+} -+ -+/* -+ * Convert pdev from config string into pdev property for backend, -+ * which is either h:c:t:l for xenlinux or naa.wwn:lun for pvops -+ */ -+static int xlu__vscsi_dev_to_pdev(XLU_Config *cfg, libxl_ctx *ctx, char *str, -+ libxl_vscsi_hctl *pdev_hctl, -+ libxl_vscsi_pdev *pdev) -+{ -+ int rc = ERROR_INVAL; -+ struct xlu__vscsi_target *tgt; -+ static const char xen_pvscsi[] = XLU_SYSFS_TARGET_PVSCSI; -+ -+ /* First get hctl representation of config item */ -+ if (xlu__vscsi_parse_dev(cfg, str, pdev_hctl)) -+ goto out; -+ -+ /* Check if a SCSI target item exists for the config item */ -+ if (access(xen_pvscsi, F_OK) == 0) { -+ tgt = calloc(1, sizeof(*tgt)); -+ if (!tgt) { -+ rc = ERROR_NOMEM; -+ goto out; -+ } -+ tgt->cfg = cfg; -+ tgt->pdev_hctl = pdev_hctl; -+ tgt->pdev = pdev; -+ snprintf(tgt->path, sizeof(tgt->path), "%s", xen_pvscsi); -+ if (xlu__vscsi_find_target_wwn(tgt) == true) { -+ LOG(cfg, "'%s' maps to '%s(%s)'", str, tgt->path, tgt->udev_path); -+ libxl_vscsi_pdev_init_type(pdev, LIBXL_VSCSI_PDEV_TYPE_WWN); -+ if (asprintf(&pdev->u.wwn.m, "naa.%s:%llu", tgt->wwn, tgt->lun) < 0) { -+ rc = ERROR_NOMEM; -+ goto out; -+ } -+ } -+ free(tgt); -+ } else { -+ /* Assume xenlinux backend */ -+ libxl_vscsi_pdev_init_type(pdev, LIBXL_VSCSI_PDEV_TYPE_HCTL); -+ libxl_vscsi_hctl_copy(ctx, &pdev->u.hctl.m, pdev_hctl); -+ } -+ rc = 0; -+ -+out: -+ return rc; -+} -+ -+/* WWN as understood by pvops */ -+static int xlu__vscsi_wwn_to_pdev(XLU_Config *cfg, char *str, libxl_vscsi_pdev *pdev) -+{ -+ int rc = ERROR_INVAL; -+ unsigned long long lun; -+ char wwn[XLU_WWN_LEN + 1]; -+ -+ memset(wwn, 0, sizeof(wwn)); -+ if (sscanf(str, "naa.%16[0-9a-fA-F]:%llu", wwn, &lun) == 2) { -+ libxl_vscsi_pdev_init_type(pdev, LIBXL_VSCSI_PDEV_TYPE_WWN); -+ pdev->u.wwn.m = strdup(str); -+ rc = pdev->u.wwn.m ? 0 : ERROR_NOMEM; -+ } -+ return rc; -+} -+ -+static int xlu__vscsi_parse_pdev(XLU_Config *cfg, libxl_ctx *ctx, char *str, -+ libxl_vscsi_pdev *pdev) -+{ -+ int rc = ERROR_INVAL; -+ libxl_vscsi_hctl pdev_hctl; -+ -+ libxl_vscsi_hctl_init(&pdev_hctl); -+ if (strncmp(str, "/dev/", 5) == 0) { -+ rc = xlu__vscsi_dev_to_pdev(cfg, ctx, str, &pdev_hctl, pdev); -+ } else if (strncmp(str, "naa.", 4) == 0) { -+ rc = xlu__vscsi_wwn_to_pdev(cfg, str, pdev); -+ } else if (xlu__vscsi_parse_hctl(str, &pdev_hctl) == 0) { -+ /* Either xenlinux, or pvops with properly configured alias in sysfs */ -+ libxl_vscsi_pdev_init_type(pdev, LIBXL_VSCSI_PDEV_TYPE_HCTL); -+ libxl_vscsi_hctl_copy(ctx, &pdev->u.hctl.m, &pdev_hctl); -+ rc = 0; -+ } -+ -+ if (rc == 0) { -+ pdev->p_devname = strdup(str); -+ if (!pdev->p_devname) -+ rc = ERROR_NOMEM; -+ } -+ -+ libxl_vscsi_hctl_dispose(&pdev_hctl); -+ return rc; -+} -+ -+int xlu_vscsi_parse(XLU_Config *cfg, libxl_ctx *ctx, const char *str, -+ libxl_device_vscsictrl *new_ctrl, -+ libxl_device_vscsidev *new_dev) -+{ -+ int rc; -+ char *tmp, *pdev, *vdev, *fhost; -+ -+ tmp = strdup(str); -+ if (!tmp) { -+ rc = ERROR_NOMEM; -+ goto out; -+ } -+ -+ pdev = strtok(tmp, ","); -+ vdev = strtok(NULL, ","); -+ fhost = strtok(NULL, ","); -+ if (!(pdev && vdev)) { -+ LOG(cfg, "invalid devspec: '%s'\n", str); -+ rc = ERROR_INVAL; -+ goto out; -+ } -+ -+ pdev = xlu__vscsi_trim_string(pdev); -+ vdev = xlu__vscsi_trim_string(vdev); -+ -+ rc = xlu__vscsi_parse_pdev(cfg, ctx, pdev, &new_dev->pdev); -+ if (rc) { -+ LOG(cfg, "failed to parse %s, rc == %d", pdev, rc); -+ goto out; -+ } -+ -+ if (xlu__vscsi_parse_hctl(vdev, &new_dev->vdev)) { -+ LOG(cfg, "invalid '%s', expecting hst:chn:tgt:lun", vdev); -+ rc = ERROR_INVAL; -+ goto out; -+ } -+ -+ new_ctrl->idx = new_dev->vdev.hst; -+ -+ if (fhost) { -+ fhost = xlu__vscsi_trim_string(fhost); -+ if (strcmp(fhost, "feature-host") == 0) { -+ libxl_defbool_set(&new_ctrl->scsi_raw_cmds, true); -+ } else { -+ LOG(cfg, "invalid option '%s', expecting %s", fhost, "feature-host"); -+ rc = ERROR_INVAL; -+ goto out; -+ } -+ } else -+ libxl_defbool_set(&new_ctrl->scsi_raw_cmds, false); -+ rc = 0; -+ -+out: -+ free(tmp); -+ return rc; -+} -+ -+int xlu_vscsi_get_ctrl(XLU_Config *cfg, libxl_ctx *ctx, uint32_t domid, -+ const char *str, -+ libxl_device_vscsictrl *ctrl, -+ libxl_device_vscsidev *dev, -+ libxl_device_vscsictrl *existing, -+ bool *found_existing) -+{ -+ libxl_device_vscsictrl *vscsictrls = NULL, *tmp; -+ int rc, found_ctrl = -1, i; -+ int num_ctrls; -+ -+ -+ rc = xlu_vscsi_parse(cfg, ctx, str, ctrl, dev); -+ if (rc) -+ goto out; -+ -+ /* Look for existing vscsictrl for given domain */ -+ vscsictrls = libxl_device_vscsictrl_list(ctx, domid, &num_ctrls); -+ if (vscsictrls) { -+ for (i = 0; i < num_ctrls; ++i) { -+ if (vscsictrls[i].idx == dev->vdev.hst) { -+ found_ctrl = i; -+ break; -+ } -+ } -+ } -+ -+ if (found_ctrl == -1) { -+ *found_existing = false; -+ } else { -+ *found_existing = true; -+ tmp = vscsictrls + found_ctrl; -+ -+ /* Check if the vdev address is already taken */ -+ for (i = 0; i < tmp->num_vscsidevs; ++i) { -+ if (tmp->vscsidevs[i].vdev.chn == dev->vdev.chn && -+ tmp->vscsidevs[i].vdev.tgt == dev->vdev.tgt && -+ tmp->vscsidevs[i].vdev.lun == dev->vdev.lun) { -+ unsigned long long lun = dev->vdev.lun; -+ LOG(cfg, "vdev '%u:%u:%u:%llu' is already used.\n", -+ dev->vdev.hst, dev->vdev.chn, dev->vdev.tgt, lun); -+ rc = ERROR_INVAL; -+ goto out; -+ } -+ } -+ -+ if (libxl_defbool_val(ctrl->scsi_raw_cmds) != -+ libxl_defbool_val(tmp->scsi_raw_cmds)) { -+ LOG(cfg, "different feature-host setting: " -+ "existing ctrl has it %s, new ctrl has it %s\n", -+ libxl_defbool_val(ctrl->scsi_raw_cmds) ? "set" : "unset", -+ libxl_defbool_val(tmp->scsi_raw_cmds) ? "set" : "unset"); -+ rc = ERROR_INVAL; -+ goto out; -+ } -+ -+ libxl_device_vscsictrl_copy(ctx, existing, tmp); -+ } -+ -+ rc = 0; -+ -+out: -+ if (vscsictrls) { -+ for (i = 0; i < num_ctrls; ++i) -+ libxl_device_vscsictrl_dispose(vscsictrls + i); -+ free(vscsictrls); -+ } -+ return rc; -+} -+ -+int xlu_vscsi_detach(XLU_Config *cfg, libxl_ctx *ctx, uint32_t domid, char *str) -+{ -+ libxl_device_vscsidev dev = { }; -+ libxl_device_vscsictrl ctrl = { }; -+ int rc; -+ char *tmp = NULL; -+ -+ libxl_device_vscsictrl_init(&ctrl); -+ libxl_device_vscsidev_init(&dev); -+ -+ /* Create a dummy cfg */ -+ if (asprintf(&tmp, "0:0:0:0,%s", str) < 0) { -+ LOG(cfg, "asprintf failed while removing %s from domid %u", str, domid); -+ rc = ERROR_FAIL; -+ goto out; -+ } -+ -+ rc = xlu_vscsi_parse(cfg, ctx, tmp, &ctrl, &dev); -+ if (rc) goto out; -+ -+ rc = libxl_device_vscsidev_remove(ctx, domid, &dev, NULL); -+ switch (rc) { -+ case ERROR_NOTFOUND: -+ LOG(cfg, "detach failed: %s does not exist in domid %u", str, domid); -+ break; -+ default: -+ break; -+ } -+ -+out: -+ free(tmp); -+ libxl_device_vscsidev_dispose(&dev); -+ libxl_device_vscsictrl_dispose(&ctrl); -+ return rc; -+} -+ -+int xlu_vscsi_config_add(XLU_Config *cfg, -+ libxl_ctx *ctx, -+ const char *str, -+ int *num_vscsis, -+ libxl_device_vscsictrl **vscsis) -+{ -+ int rc, i; -+ libxl_device_vscsidev dev = { }; -+ libxl_device_vscsictrl *tmp_ctrl, ctrl = { }; -+ bool ctrl_found = false; -+ -+ /* -+ * #1: parse the devspec and place it in temporary ctrl+dev part -+ * #2: find existing vscsictrl with number vdev.hst -+ * if found, append the vscsidev to this vscsictrl -+ * #3: otherwise, create new vscsictrl and append vscsidev -+ * Note: vdev.hst does not represent the index named "num_vscsis", -+ * it is a private index used just in the config file -+ */ -+ libxl_device_vscsictrl_init(&ctrl); -+ libxl_device_vscsidev_init(&dev); -+ -+ rc = xlu_vscsi_parse(cfg, ctx, str, &ctrl, &dev); -+ if (rc) -+ goto out; -+ -+ if (*num_vscsis) { -+ for (i = 0; i < *num_vscsis; i++) { -+ tmp_ctrl = *vscsis + i; -+ if (tmp_ctrl->idx == dev.vdev.hst) { -+ libxl_device_vscsictrl_append_vscsidev(ctx, tmp_ctrl, &dev); -+ ctrl_found = true; -+ break; -+ } -+ } -+ } -+ -+ if (!ctrl_found || !*num_vscsis) { -+ tmp_ctrl = realloc(*vscsis, sizeof(ctrl) * (*num_vscsis + 1)); -+ if (!tmp_ctrl) { -+ LOG(cfg, "realloc #%d failed", *num_vscsis + 1); -+ rc = ERROR_NOMEM; -+ goto out; -+ } -+ *vscsis = tmp_ctrl; -+ tmp_ctrl = *vscsis + *num_vscsis; -+ libxl_device_vscsictrl_init(tmp_ctrl); -+ -+ libxl_device_vscsictrl_copy(ctx, tmp_ctrl, &ctrl); -+ -+ libxl_device_vscsictrl_append_vscsidev(ctx, tmp_ctrl, &dev); -+ -+ (*num_vscsis)++; -+ } -+ -+ rc = 0; -+out: -+ libxl_device_vscsidev_dispose(&dev); -+ libxl_device_vscsictrl_dispose(&ctrl); -+ return rc; -+} -+#else /* ! __linux__ */ -+int xlu_vscsi_get_ctrl(XLU_Config *cfg, libxl_ctx *ctx, uint32_t domid, -+ const char *str, -+ libxl_device_vscsictrl *ctrl, -+ libxl_device_vscsidev *dev, -+ libxl_device_vscsictrl *existing, -+ bool *found_existing) -+{ -+ return ERROR_INVAL; -+} -+ -+int xlu_vscsi_parse(XLU_Config *cfg, -+ libxl_ctx *ctx, -+ const char *str, -+ libxl_device_vscsictrl *new_ctrl, -+ libxl_device_vscsidev *new_dev) -+{ -+ return ERROR_INVAL; -+} -+ -+int xlu_vscsi_detach(XLU_Config *cfg, -+ libxl_ctx *ctx, -+ uint32_t domid, -+ char *str) -+{ -+ return ERROR_INVAL; -+} -+ -+int xlu_vscsi_config_add(XLU_Config *cfg, -+ libxl_ctx *ctx, -+ const char *str, -+ int *num_vscsis, -+ libxl_device_vscsictrl **vscsis) -+{ -+ return ERROR_INVAL; -+} -+#endif -Index: xen-4.7.0-testing/tools/libxl/libxlutil.h -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxlutil.h -+++ xen-4.7.0-testing/tools/libxl/libxlutil.h -@@ -118,6 +118,25 @@ int xlu_rdm_parse(XLU_Config *cfg, libxl - int xlu_vif_parse_rate(XLU_Config *cfg, const char *rate, - libxl_device_nic *nic); - -+/* Fill ctrl/dev with device described in str (pdev,vdev[,options]) */ -+int xlu_vscsi_get_ctrl(XLU_Config *cfg, libxl_ctx *ctx, uint32_t domid, -+ const char *str, -+ libxl_device_vscsictrl *ctrl, -+ libxl_device_vscsidev *dev, -+ libxl_device_vscsictrl *existing, -+ bool *found_existing); -+/* Parse config string and fill provided vscsi ctrl and vscsi device */ -+int xlu_vscsi_parse(XLU_Config *cfg, libxl_ctx *ctx, const char *str, -+ libxl_device_vscsictrl *new_ctrl, -+ libxl_device_vscsidev *new_dev); -+/* Detach vscsi device described in config string (pdev,vdev[,options]) */ -+int xlu_vscsi_detach(XLU_Config *cfg, libxl_ctx *ctx, uint32_t domid, char *str); -+/* Add vscsi device described in config string (pdev,vdev[,options]) to d_config */ -+int xlu_vscsi_config_add(XLU_Config *cfg, -+ libxl_ctx *ctx, -+ const char *str, -+ int *num_vscsis, -+ libxl_device_vscsictrl **vscsis); - #endif /* LIBXLUTIL_H */ - - /* -Index: xen-4.7.0-testing/tools/libxl/xl.h -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/xl.h -+++ xen-4.7.0-testing/tools/libxl/xl.h -@@ -89,6 +89,9 @@ int main_channellist(int argc, char **ar - int main_blockattach(int argc, char **argv); - int main_blocklist(int argc, char **argv); - int main_blockdetach(int argc, char **argv); -+int main_vscsiattach(int argc, char **argv); -+int main_vscsilist(int argc, char **argv); -+int main_vscsidetach(int argc, char **argv); - int main_vtpmattach(int argc, char **argv); - int main_vtpmlist(int argc, char **argv); - int main_vtpmdetach(int argc, char **argv); -Index: xen-4.7.0-testing/tools/libxl/xl_cmdimpl.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/xl_cmdimpl.c -+++ xen-4.7.0-testing/tools/libxl/xl_cmdimpl.c -@@ -1325,7 +1325,7 @@ static void parse_config_data(const char - long l, vcpus = 0; - XLU_Config *config; - XLU_ConfigList *cpus, *vbds, *nics, *pcis, *cvfbs, *cpuids, *vtpms, -- *usbctrls, *usbdevs; -+ *usbctrls, *usbdevs, *vscsictrls; - XLU_ConfigList *channels, *ioports, *irqs, *iomem, *viridian, *dtdevs; - int num_ioports, num_irqs, num_iomem, num_cpus, num_viridian; - int pci_power_mgmt = 0; -@@ -1855,6 +1855,17 @@ static void parse_config_data(const char - } - } - -+ if (!xlu_cfg_get_list(config, "vscsi", &vscsictrls, 0, 0)) { -+ int num_vscsi_items = 0; -+ d_config->num_vscsictrls = 0; -+ d_config->vscsictrls = NULL; -+ while ((buf = xlu_cfg_get_listitem (vscsictrls, num_vscsi_items)) != NULL) { -+ if (xlu_vscsi_config_add(config, ctx, buf, &d_config->num_vscsictrls, &d_config->vscsictrls)) -+ exit(1); -+ num_vscsi_items++; -+ } -+ } -+ - if (!xlu_cfg_get_list(config, "vtpm", &vtpms, 0, 0)) { - d_config->num_vtpms = 0; - d_config->vtpms = NULL; -@@ -7416,6 +7427,218 @@ int main_blockdetach(int argc, char **ar - return rc; - } - -+int main_vscsiattach(int argc, char **argv) -+{ -+ uint32_t domid; -+ int opt, rc; -+ XLU_Config *config = NULL; -+ libxl_device_vscsictrl ctrl, existing; -+ libxl_device_vscsidev dev; -+ bool found_existing = false; -+ char *str = NULL, *feat_buf = NULL; -+ char *json; -+ -+ SWITCH_FOREACH_OPT(opt, "", NULL, "scsi-attach", 1) { -+ /* No options */ -+ } -+ -+ if (argc < 4 || argc > 5) { -+ help("scsi-attach"); -+ return 1; -+ } -+ -+ if (libxl_domain_qualifier_to_domid(ctx, argv[optind], &domid) < 0) { -+ fprintf(stderr, "%s is an invalid domain identifier\n", argv[optind]); -+ return 1; -+ } -+ -+ optind++; -+ -+ if (argc == 5) { -+ if (asprintf(&feat_buf, ",%s", argv[4]) < 0) { -+ perror("asprintf"); -+ return 1; -+ } -+ } -+ -+ if (asprintf(&str, "%s,%s%s", argv[2], argv[3], feat_buf ?: "") < 0) { -+ perror("asprintf"); -+ rc = 1; -+ goto out;; -+ } -+ -+ libxl_device_vscsictrl_init(&existing); -+ libxl_device_vscsictrl_init(&ctrl); -+ libxl_device_vscsidev_init(&dev); -+ -+ config = xlu_cfg_init(stderr, "command line"); -+ if (!config) { -+ fprintf(stderr, "Failed to allocate for configuration\n"); -+ rc = 1; -+ goto out; -+ } -+ -+ /* Parse config string and store result */ -+ rc = xlu_vscsi_get_ctrl(config, ctx, domid, str, &ctrl, &dev, &existing, &found_existing); -+ if (rc < 0) -+ goto out; -+ -+ if (dryrun_only) { -+ libxl_device_vscsictrl *tmp = found_existing ? &existing : &ctrl; -+ libxl_device_vscsictrl_append_vscsidev(ctx, tmp , &dev); -+ json = libxl_device_vscsictrl_to_json(ctx, tmp); -+ printf("vscsi: %s\n", json); -+ free(json); -+ if (ferror(stdout) || fflush(stdout)) { perror("stdout"); exit(-1); } -+ rc = 0; -+ goto out; -+ } -+ -+ /* Finally add the device */ -+ if (found_existing) { -+ if (libxl_device_vscsidev_add(ctx, domid, &dev, NULL)) { -+ fprintf(stderr, "libxl_device_vscsidev_add failed\n"); -+ rc = 1; -+ goto out; -+ } -+ } else { -+ libxl_device_vscsictrl_append_vscsidev(ctx, &ctrl, &dev); -+ if (libxl_device_vscsictrl_add(ctx, domid, &ctrl, NULL)) { -+ fprintf(stderr, "libxl_device_vscsictrl_add failed.\n"); -+ rc = 1; -+ goto out; -+ } -+ } -+ -+ rc = 0; -+out: -+ if (config) -+ xlu_cfg_destroy(config); -+ libxl_device_vscsictrl_dispose(&existing); -+ libxl_device_vscsictrl_dispose(&ctrl); -+ libxl_device_vscsidev_dispose(&dev); -+ free(str); -+ free(feat_buf); -+ return rc; -+} -+ -+int main_vscsilist(int argc, char **argv) -+{ -+ int opt; -+ uint32_t domid; -+ libxl_device_vscsictrl *vscsictrls; -+ libxl_vscsiinfo vscsiinfo; -+ int num_ctrls, h, d; -+ -+ SWITCH_FOREACH_OPT(opt, "", NULL, "scsi-list", 1) { -+ /* No options */ -+ } -+ if (argc < 2) { -+ help("scsi-list"); -+ return 1; -+ } -+ -+ /* Idx BE state ctrl p_hst v_hst state */ -+ printf("%-3s %-3s %-5s %-5s %-10s %-10s %-5s\n", -+ "Idx", "BE", "state", "ctrl", "phy-hctl", "vir-hctl", "devstate"); -+ for (argv += optind, argc -= optind; argc > 0; --argc, ++argv) { -+ if (libxl_domain_qualifier_to_domid(ctx, *argv, &domid) < 0) { -+ fprintf(stderr, "%s is an invalid domain identifier\n", *argv); -+ continue; -+ } -+ vscsictrls = libxl_device_vscsictrl_list(ctx, domid, &num_ctrls); -+ if (!vscsictrls) -+ continue; -+ -+ for (h = 0; h < num_ctrls; ++h) { -+ for (d = 0; d < vscsictrls[h].num_vscsidevs; d++) { -+ if (!libxl_device_vscsictrl_getinfo(ctx, domid, &vscsictrls[h], -+ &vscsictrls[h].vscsidevs[d], -+ &vscsiinfo)) { -+ char pdev[64], vdev[64]; -+ unsigned long long lun; -+ switch (vscsiinfo.pdev.type) { -+ case LIBXL_VSCSI_PDEV_TYPE_HCTL: -+ lun = vscsiinfo.pdev.u.hctl.m.lun; -+ snprintf(pdev, sizeof(pdev), "%u:%u:%u:%llu", -+ vscsiinfo.pdev.u.hctl.m.hst, -+ vscsiinfo.pdev.u.hctl.m.chn, -+ vscsiinfo.pdev.u.hctl.m.tgt, -+ lun); -+ break; -+ case LIBXL_VSCSI_PDEV_TYPE_WWN: -+ snprintf(pdev, sizeof(pdev), "%s", -+ vscsiinfo.pdev.u.wwn.m); -+ break; -+ default: -+ pdev[0] = '\0'; -+ break; -+ } -+ lun = vscsiinfo.vdev.lun; -+ snprintf(vdev, sizeof(vdev), "%u:%u:%u:%llu", -+ vscsiinfo.vdev.hst, -+ vscsiinfo.vdev.chn, -+ vscsiinfo.vdev.tgt, -+ lun); -+ /* Idx BE state Sta */ -+ printf("%-3d %-3d %-5d %-5d %-10s %-10s %d\n", -+ vscsiinfo.devid, -+ vscsiinfo.backend_id, -+ vscsiinfo.vscsictrl_state, -+ vscsiinfo.backend_id, -+ pdev, vdev, -+ vscsiinfo.vscsidev_state); -+ -+ } -+ libxl_vscsiinfo_dispose(&vscsiinfo); -+ } -+ libxl_device_vscsictrl_dispose(&vscsictrls[h]); -+ } -+ free(vscsictrls); -+ -+ } -+ -+ return 0; -+} -+ -+int main_vscsidetach(int argc, char **argv) -+{ -+ int opt; -+ char *dom = argv[1], *str = argv[2]; -+ uint32_t domid; -+ XLU_Config *config = NULL; -+ int rc = 0; -+ -+ SWITCH_FOREACH_OPT(opt, "", NULL, "scsi-detach", 1) { -+ /* No options */ -+ } -+ -+ if (argc < 3) { -+ help("scsi-detach"); -+ return 1; -+ } -+ -+ if (libxl_domain_qualifier_to_domid(ctx, dom, &domid) < 0) { -+ fprintf(stderr, "%s is an invalid domain identifier\n", dom); -+ return 1; -+ } -+ -+ config = xlu_cfg_init(stderr, "command line"); -+ if (!config) { -+ fprintf(stderr, "Failed to allocate for configuration\n"); -+ goto out; -+ } -+ -+ rc = xlu_vscsi_detach(config, ctx, domid, str); -+ if (rc) -+ fprintf(stderr, "scsi-detach %s %s failed: %d\n", dom, str, rc); -+ -+out: -+ if (config) -+ xlu_cfg_destroy(config); -+ return !!rc; -+} -+ - int main_vtpmattach(int argc, char **argv) - { - int opt; -Index: xen-4.7.0-testing/tools/libxl/xl_cmdtable.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/xl_cmdtable.c -+++ xen-4.7.0-testing/tools/libxl/xl_cmdtable.c -@@ -354,6 +354,21 @@ struct cmd_spec cmd_table[] = { - "Destroy a domain's virtual block device", - " ", - }, -+ { "scsi-attach", -+ &main_vscsiattach, 1, 1, -+ "Attach a dom0 SCSI device to a domain.", -+ " ", -+ }, -+ { "scsi-list", -+ &main_vscsilist, 0, 0, -+ "List all dom0 SCSI devices currently attached to a domain.", -+ "", -+ }, -+ { "scsi-detach", -+ &main_vscsidetach, 0, 1, -+ "Detach a specified SCSI device from a domain.", -+ " ", -+ }, - { "vtpm-attach", - &main_vtpmattach, 1, 1, - "Create a new virtual TPM device", diff --git a/libxl.set-migration-constraints-from-cmdline.patch b/libxl.set-migration-constraints-from-cmdline.patch deleted file mode 100644 index 3176dd7..0000000 --- a/libxl.set-migration-constraints-from-cmdline.patch +++ /dev/null @@ -1,512 +0,0 @@ -From 77deb80879859ed279e24a790ec08e9c5d37dd0e Mon Sep 17 00:00:00 2001 -From: Olaf Hering -Date: Wed, 5 Feb 2014 14:37:53 +0100 -Subject: libxl: set migration constraints from cmdline - -Add new options to xl migrate to control the process of migration. -The intention is to optionally abort the migration if it takes too long -to migrate a busy guest due to the high number of new dirty pages. -Currently the guest is suspended to transfer the remaining dirty pages. -The suspend/resume cycle will cause a time jump. This transfer can take -a long time, which can confuse the guest if the time jump is too far. -The new options allow to override the built-in default values, which are -not changed by this patch. - ---max_iters Number of iterations before final suspend (default: 30) - ---max_factor Max amount of memory to transfer before final suspend (default: 3*RAM) - ---min_remaing Number of dirty pages before stop© (default: 50) - ---abort_if_busy Abort migration instead of doing final suspend. - -The changes to libxl change the API, handle LIBXL_API_VERSION == 0x040200. - -v8: - - merge --min_remaing changes - - tools/libxc: print stats if migration is aborted - - use special _suse version of lib calls to preserve ABI - -v7: - - remove short options - - update description of --abort_if_busy in xl.1 - - extend description of --abort_if_busy in xl help - - add comment to libxl_domain_suspend declaration, props is optional - -v6: - - update the LIBXL_API_VERSION handling for libxl_domain_suspend - change it to an inline function if LIBXL_API_VERSION is defined to 4.2.0 - - rename libxl_save_properties to libxl_domain_suspend_properties - - rename ->xlflags to ->flags within that struct - -v5: - - adjust libxl_domain_suspend prototype, move flags, max_iters, - max_factor into a new, optional struct libxl_save_properties - - rename XCFLAGS_DOMSAVE_NOSUSPEND to XCFLAGS_DOMSAVE_ABORT_IF_BUSY - - rename LIBXL_SUSPEND_NO_FINAL_SUSPEND to LIBXL_SUSPEND_ABORT_IF_BUSY - - rename variables no_suspend to abort_if_busy - - rename option -N/--no_suspend to -A/--abort_if_busy - - update xl.1, extend description of -A option - -v4: - - update default for no_suspend from None to 0 in XendCheckpoint.py:save - - update logoutput in setMigrateConstraints - - change xm migrate defaults from None to 0 - - add new options to xl.1 - - fix syntax error in XendDomain.py:domain_migrate_constraints_set - - fix xm migrate -N option name to match xl migrate - -v3: - - move logic errors in libxl__domain_suspend and fixed help text in - cmd_table to separate patches - - fix syntax error in XendCheckpoint.py - - really pass max_iters and max_factor in libxl__xc_domain_save - - make libxl_domain_suspend_0x040200 declaration globally visible - - bump libxenlight.so SONAME from 2.0 to 2.1 due to changed - libxl_domain_suspend - -v2: - - use LIBXL_API_VERSION and define libxl_domain_suspend_0x040200 - - fix logic error in min_reached check in xc_domain_save - - add longopts - - update --help text - - correct description of migrate --help text - -Signed-off-by: Olaf Hering ---- - docs/man/xl.pod.1 | 20 +++++++++++++++++++ - tools/libxc/include/xenguest.h | 7 ++++++ - tools/libxc/xc_nomigrate.c | 10 +++++++++ - tools/libxc/xc_sr_common.h | 1 - tools/libxc/xc_sr_save.c | 22 +++++++++++++++------ - tools/libxl/libxl.c | 29 ++++++++++++++++++++++++---- - tools/libxl/libxl.h | 15 ++++++++++++++ - tools/libxl/libxl_dom_save.c | 1 - tools/libxl/libxl_internal.h | 4 +++ - tools/libxl/libxl_save_callout.c | 4 ++- - tools/libxl/libxl_save_helper.c | 8 ++++--- - tools/libxl/xl_cmdimpl.c | 40 +++++++++++++++++++++++++++++++++------ - tools/libxl/xl_cmdtable.c | 23 ++++++++++++++-------- - 13 files changed, 156 insertions(+), 28 deletions(-) - -Index: xen-4.7.0-testing/docs/man/xl.pod.1 -=================================================================== ---- xen-4.7.0-testing.orig/docs/man/xl.pod.1 -+++ xen-4.7.0-testing/docs/man/xl.pod.1 -@@ -443,6 +443,26 @@ Send instead of config file fro - - Print huge (!) amount of debug during the migration process. - -+=item B<--max_iters> I -+ -+Number of iterations before final suspend (default: 30) -+ -+=item B<--max_factor> I -+ -+Max amount of memory to transfer before final suspend (default: 3*RAM) -+ -+=item B<--min_remaining> -+ -+Number of remaining dirty pages. If the number of dirty pages drops that -+low the guest is suspended and the remaing pages are transfered to . -+ -+=item B<--abort_if_busy> -+ -+Abort migration instead of doing final suspend/transfer/resume if the -+guest has still dirty pages after the number of iterations and/or the -+amount of RAM transferred. This avoids long periods of time where the -+guest is suspended. -+ - =back - - =item B [I] I I -Index: xen-4.7.0-testing/tools/libxc/include/xenguest.h -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxc/include/xenguest.h -+++ xen-4.7.0-testing/tools/libxc/include/xenguest.h -@@ -29,6 +29,7 @@ - #define XCFLAGS_HVM (1 << 2) - #define XCFLAGS_STDVGA (1 << 3) - #define XCFLAGS_CHECKPOINT_COMPRESS (1 << 4) -+#define XCFLAGS_DOMSAVE_ABORT_IF_BUSY (1 << 5) - - #define X86_64_B_SIZE 64 - #define X86_32_B_SIZE 32 -@@ -105,6 +106,12 @@ int xc_domain_save(xc_interface *xch, in - struct save_callbacks* callbacks, int hvm, - xc_migration_stream_t stream_type, int recv_fd); - -+int xc_domain_save_suse(xc_interface *xch, int io_fd, uint32_t dom, uint32_t max_iters, -+ uint32_t max_factor, uint32_t flags /* XCFLAGS_xxx */, -+ uint32_t min_remaining, -+ struct save_callbacks* callbacks, int hvm, -+ xc_migration_stream_t stream_type, int recv_fd); -+ - /* callbacks provided by xc_domain_restore */ - struct restore_callbacks { - /* Called after a new checkpoint to suspend the guest. -Index: xen-4.7.0-testing/tools/libxc/xc_nomigrate.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxc/xc_nomigrate.c -+++ xen-4.7.0-testing/tools/libxc/xc_nomigrate.c -@@ -29,6 +29,16 @@ int xc_domain_save(xc_interface *xch, in - return -1; - } - -+int xc_domain_save_suse(xc_interface *xch, int io_fd, uint32_t dom, uint32_t max_iters, -+ uint32_t max_factor, uint32_t flags, -+ uint32_t min_remaining, -+ struct save_callbacks* callbacks, int hvm, -+ xc_migration_stream_t stream_type, int recv_fd) -+{ -+ errno = ENOSYS; -+ return -1; -+} -+ - int xc_domain_restore(xc_interface *xch, int io_fd, uint32_t dom, - unsigned int store_evtchn, unsigned long *store_mfn, - domid_t store_domid, unsigned int console_evtchn, -Index: xen-4.7.0-testing/tools/libxc/xc_sr_common.h -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxc/xc_sr_common.h -+++ xen-4.7.0-testing/tools/libxc/xc_sr_common.h -@@ -201,6 +201,7 @@ struct xc_sr_context - /* Parameters for tweaking live migration. */ - unsigned max_iterations; - unsigned dirty_threshold; -+ bool abort_if_busy; - - unsigned long p2m_size; - -Index: xen-4.7.0-testing/tools/libxc/xc_sr_save.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxc/xc_sr_save.c -+++ xen-4.7.0-testing/tools/libxc/xc_sr_save.c -@@ -511,6 +511,14 @@ static int send_memory_live(struct xc_sr - goto out; - } - -+ if (!rc && ctx->save.abort_if_busy && stats.dirty_count > ctx->save.dirty_threshold) { -+ rc = -1; -+ errno = EBUSY; -+ PERROR("%s: domU busy. dirty pages: %u/%u after %u iterations", -+ __func__, -+ stats.dirty_count, ctx->save.dirty_threshold, x); -+ } -+ - out: - xc_set_progress_prefix(xch, NULL); - free(progress_str); -@@ -915,10 +923,11 @@ static int save(struct xc_sr_context *ct - return rc; - }; - --int xc_domain_save(xc_interface *xch, int io_fd, uint32_t dom, -- uint32_t max_iters, uint32_t max_factor, uint32_t flags, -- struct save_callbacks* callbacks, int hvm, -- xc_migration_stream_t stream_type, int recv_fd) -+int xc_domain_save_suse(xc_interface *xch, int io_fd, uint32_t dom, -+ uint32_t max_iters, uint32_t max_factor, uint32_t flags, -+ uint32_t min_remaining, -+ struct save_callbacks* callbacks, int hvm, -+ xc_migration_stream_t stream_type, int recv_fd) - { - struct xc_sr_context ctx = - { -@@ -930,6 +939,7 @@ int xc_domain_save(xc_interface *xch, in - ctx.save.callbacks = callbacks; - ctx.save.live = !!(flags & XCFLAGS_LIVE); - ctx.save.debug = !!(flags & XCFLAGS_DEBUG); -+ ctx.save.abort_if_busy = !!(flags & XCFLAGS_DOMSAVE_ABORT_IF_BUSY); - ctx.save.checkpointed = stream_type; - ctx.save.recv_fd = recv_fd; - -@@ -944,8 +954,8 @@ int xc_domain_save(xc_interface *xch, in - * These parameters are better than the legacy algorithm especially for - * busy guests. - */ -- ctx.save.max_iterations = 5; -- ctx.save.dirty_threshold = 50; -+ ctx.save.max_iterations = max_iters ? : 5; -+ ctx.save.dirty_threshold = min_remaining ? : 50; - - /* Sanity checks for callbacks. */ - if ( hvm ) -Index: xen-4.7.0-testing/tools/libxl/libxl.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl.c -+++ xen-4.7.0-testing/tools/libxl/libxl.c -@@ -934,8 +934,9 @@ static void domain_suspend_cb(libxl__egc - - } - --int libxl_domain_suspend(libxl_ctx *ctx, uint32_t domid, int fd, int flags, -- const libxl_asyncop_how *ao_how) -+static int do_libxl_domain_suspend(libxl_ctx *ctx, uint32_t domid, int fd, -+ const libxl_domain_suspend_suse_properties *props, -+ const libxl_asyncop_how *ao_how) - { - AO_CREATE(ctx, domid, ao_how); - int rc; -@@ -955,9 +956,15 @@ int libxl_domain_suspend(libxl_ctx *ctx, - dss->domid = domid; - dss->fd = fd; - dss->type = type; -- dss->live = flags & LIBXL_SUSPEND_LIVE; -- dss->debug = flags & LIBXL_SUSPEND_DEBUG; - dss->checkpointed_stream = LIBXL_CHECKPOINTED_STREAM_NONE; -+ if (props) { -+ dss->live = props->flags & LIBXL_SUSPEND_LIVE; -+ dss->debug = props->flags & LIBXL_SUSPEND_DEBUG; -+ dss->max_iters = props->max_iters; -+ dss->max_factor = props->max_factor; -+ dss->min_remaining = props->min_remaining; -+ dss->xlflags = props->flags; -+ } - - rc = libxl__fd_flags_modify_save(gc, dss->fd, - ~(O_NONBLOCK|O_NDELAY), 0, -@@ -971,6 +978,20 @@ int libxl_domain_suspend(libxl_ctx *ctx, - return AO_CREATE_FAIL(rc); - } - -+int libxl_domain_suspend_suse(libxl_ctx *ctx, uint32_t domid, int fd, -+ const libxl_domain_suspend_suse_properties *props, -+ const libxl_asyncop_how *ao_how) -+{ -+ return do_libxl_domain_suspend(ctx, domid, fd, props, ao_how); -+} -+ -+int libxl_domain_suspend(libxl_ctx *ctx, uint32_t domid, int fd, int flags, -+ const libxl_asyncop_how *ao_how) -+{ -+ libxl_domain_suspend_suse_properties props = { .flags = flags }; -+ return do_libxl_domain_suspend(ctx, domid, fd, &props, ao_how); -+} -+ - int libxl_domain_pause(libxl_ctx *ctx, uint32_t domid) - { - int ret; -Index: xen-4.7.0-testing/tools/libxl/libxl.h -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl.h -+++ xen-4.7.0-testing/tools/libxl/libxl.h -@@ -1323,8 +1323,23 @@ int libxl_domain_suspend(libxl_ctx *ctx, - int flags, /* LIBXL_SUSPEND_* */ - const libxl_asyncop_how *ao_how) - LIBXL_EXTERNAL_CALLERS_ONLY; -+ -+typedef struct { -+ int flags; /* LIBXL_SUSPEND_* */ -+ int max_iters; -+ int max_factor; -+ int min_remaining; -+} libxl_domain_suspend_suse_properties; -+ -+#define LIBXL_HAVE_DOMAIN_SUSPEND_SUSE -+int libxl_domain_suspend_suse(libxl_ctx *ctx, uint32_t domid, int fd, -+ const libxl_domain_suspend_suse_properties *props, /* optional */ -+ const libxl_asyncop_how *ao_how) -+ LIBXL_EXTERNAL_CALLERS_ONLY; -+ - #define LIBXL_SUSPEND_DEBUG 1 - #define LIBXL_SUSPEND_LIVE 2 -+#define LIBXL_SUSPEND_ABORT_IF_BUSY 4 - - /* @param suspend_cancel [from xenctrl.h:xc_domain_resume( @param fast )] - * If this parameter is true, use co-operative resume. The guest -Index: xen-4.7.0-testing/tools/libxl/libxl_dom_save.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_dom_save.c -+++ xen-4.7.0-testing/tools/libxl/libxl_dom_save.c -@@ -375,6 +375,7 @@ void libxl__domain_save(libxl__egc *egc, - - dss->xcflags = (live ? XCFLAGS_LIVE : 0) - | (debug ? XCFLAGS_DEBUG : 0) -+ | (dss->xlflags & LIBXL_SUSPEND_ABORT_IF_BUSY ? XCFLAGS_DOMSAVE_ABORT_IF_BUSY : 0) - | (dss->hvm ? XCFLAGS_HVM : 0); - - /* Disallow saving a guest with vNUMA configured because migration -Index: xen-4.7.0-testing/tools/libxl/libxl_internal.h -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_internal.h -+++ xen-4.7.0-testing/tools/libxl/libxl_internal.h -@@ -3292,6 +3292,10 @@ struct libxl__domain_save_state { - /* private */ - int rc; - int hvm; -+ int max_iters; -+ int max_factor; -+ int min_remaining; -+ int xlflags; - int xcflags; - libxl__domain_suspend_state dsps; - union { -Index: xen-4.7.0-testing/tools/libxl/libxl_save_callout.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_save_callout.c -+++ xen-4.7.0-testing/tools/libxl/libxl_save_callout.c -@@ -89,7 +89,9 @@ void libxl__xc_domain_save(libxl__egc *e - libxl__srm_callout_enumcallbacks_save(&shs->callbacks.save.a); - - const unsigned long argnums[] = { -- dss->domid, 0, 0, dss->xcflags, dss->hvm, -+ dss->domid, -+ dss->max_iters, dss->max_factor, dss->min_remaining, -+ dss->xcflags, dss->hvm, - cbflags, dss->checkpointed_stream, - }; - -Index: xen-4.7.0-testing/tools/libxl/libxl_save_helper.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_save_helper.c -+++ xen-4.7.0-testing/tools/libxl/libxl_save_helper.c -@@ -253,6 +253,7 @@ int main(int argc, char **argv) - uint32_t dom = strtoul(NEXTARG,0,10); - uint32_t max_iters = strtoul(NEXTARG,0,10); - uint32_t max_factor = strtoul(NEXTARG,0,10); -+ uint32_t min_remaining = strtoul(NEXTARG,0,10); - uint32_t flags = strtoul(NEXTARG,0,10); - int hvm = atoi(NEXTARG); - unsigned cbflags = strtoul(NEXTARG,0,10); -@@ -264,9 +265,10 @@ int main(int argc, char **argv) - startup("save"); - setup_signals(save_signal_handler); - -- r = xc_domain_save(xch, io_fd, dom, max_iters, max_factor, flags, -- &helper_save_callbacks, hvm, stream_type, -- recv_fd); -+ r = xc_domain_save_suse(xch, io_fd, dom, max_iters, max_factor, flags, -+ min_remaining, -+ &helper_save_callbacks, hvm, stream_type, -+ recv_fd); - complete(r); - - } else if (!strcmp(mode,"--restore-domain")) { -Index: xen-4.7.0-testing/tools/libxl/xl_cmdimpl.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/xl_cmdimpl.c -+++ xen-4.7.0-testing/tools/libxl/xl_cmdimpl.c -@@ -4615,6 +4615,8 @@ static void migrate_do_preamble(int send - } - - static void migrate_domain(uint32_t domid, const char *rune, int debug, -+ int max_iters, int max_factor, -+ int min_remaining, int abort_if_busy, - const char *override_config_file) - { - pid_t child = -1; -@@ -4623,7 +4625,13 @@ static void migrate_domain(uint32_t domi - char *away_domname; - char rc_buf; - uint8_t *config_data; -- int config_len, flags = LIBXL_SUSPEND_LIVE; -+ int config_len; -+ libxl_domain_suspend_suse_properties props = { -+ .flags = LIBXL_SUSPEND_LIVE, -+ .max_iters = max_iters, -+ .max_factor = max_factor, -+ .min_remaining = min_remaining, -+ }; - - save_domain_core_begin(domid, override_config_file, - &config_data, &config_len); -@@ -4642,10 +4650,12 @@ static void migrate_domain(uint32_t domi - xtl_stdiostream_adjust_flags(logger, XTL_STDIOSTREAM_HIDE_PROGRESS, 0); - - if (debug) -- flags |= LIBXL_SUSPEND_DEBUG; -- rc = libxl_domain_suspend(ctx, domid, send_fd, flags, NULL); -+ props.flags |= LIBXL_SUSPEND_DEBUG; -+ if (abort_if_busy) -+ props.flags |= LIBXL_SUSPEND_ABORT_IF_BUSY; -+ rc = libxl_domain_suspend_suse(ctx, domid, send_fd, &props, NULL); - if (rc) { -- fprintf(stderr, "migration sender: libxl_domain_suspend failed" -+ fprintf(stderr, "migration sender: libxl_domain_suspend_suse failed" - " (rc=%d)\n", rc); - if (rc == ERROR_GUEST_TIMEDOUT) - goto failed_suspend; -@@ -5060,13 +5070,18 @@ int main_migrate(int argc, char **argv) - char *rune = NULL; - char *host; - int opt, daemonize = 1, monitor = 1, debug = 0; -+ int max_iters = 0, max_factor = 0, min_remaining = 0, abort_if_busy = 0; - static struct option opts[] = { - {"debug", 0, 0, 0x100}, -+ {"max_iters", 1, 0, 0x101}, -+ {"max_factor", 1, 0, 0x102}, -+ {"min_remaining", 1, 0, 0x103}, -+ {"abort_if_busy", 0, 0, 0x104}, - {"live", 0, 0, 0x200}, - COMMON_LONG_OPTS - }; - -- SWITCH_FOREACH_OPT(opt, "FC:s:e", opts, "migrate", 2) { -+ SWITCH_FOREACH_OPT(opt, "FC:s:eM:m:A", opts, "migrate", 2) { - case 'C': - config_filename = optarg; - break; -@@ -5083,6 +5098,18 @@ int main_migrate(int argc, char **argv) - case 0x100: /* --debug */ - debug = 1; - break; -+ case 0x101: -+ max_iters = atoi(optarg); -+ break; -+ case 0x102: -+ max_factor = atoi(optarg); -+ break; -+ case 0x103: -+ min_remaining = atoi(optarg); -+ break; -+ case 0x104: -+ abort_if_busy = 1; -+ break; - case 0x200: /* --live */ - /* ignored for compatibility with xm */ - break; -@@ -5115,7 +5142,8 @@ int main_migrate(int argc, char **argv) - debug ? " -d" : ""); - } - -- migrate_domain(domid, rune, debug, config_filename); -+ migrate_domain(domid, rune, debug, max_iters, max_factor, min_remaining, -+ abort_if_busy, config_filename); - return EXIT_SUCCESS; - } - #endif -Index: xen-4.7.0-testing/tools/libxl/xl_cmdtable.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/xl_cmdtable.c -+++ xen-4.7.0-testing/tools/libxl/xl_cmdtable.c -@@ -157,14 +157,21 @@ struct cmd_spec cmd_table[] = { - &main_migrate, 0, 1, - "Migrate a domain to another host", - "[options] ", -- "-h Print this help.\n" -- "-C Send instead of config file from creation.\n" -- "-s Use instead of ssh. String will be passed\n" -- " to sh. If empty, run instead of ssh xl\n" -- " migrate-receive [-d -e]\n" -- "-e Do not wait in the background (on ) for the death\n" -- " of the domain.\n" -- "--debug Print huge (!) amount of debug during the migration process." -+ "-h Print this help.\n" -+ "-C Send instead of config file from creation.\n" -+ "-s Use instead of ssh. String will be passed\n" -+ " to sh. If empty, run instead of ssh xl\n" -+ " migrate-receive [-d -e]\n" -+ "-e Do not wait in the background (on ) for the death\n" -+ " of the domain.\n" -+ "--debug Print huge (!) amount of debug during the migration process.\n" -+ "\n" -+ "SUSE Linux specific options:\n" -+ "--max_iters Number of iterations before final suspend (default: 30)\n" -+ "--max_factor Max amount of memory to transfer before final suspend (default: 3*RAM).\n" -+ "--min_remaining Number of remaining dirty pages before final suspend (default: 50).\n" -+ "--abort_if_busy Abort migration instead of doing final suspend, if number\n" -+ " of iterations or amount of transfered memory is exceeded." - }, - { "restore", - &main_restore, 0, 1, diff --git a/log-guest-console.patch b/log-guest-console.patch deleted file mode 100644 index 13a8287..0000000 --- a/log-guest-console.patch +++ /dev/null @@ -1,142 +0,0 @@ -Add code to support logging xen-domU console, as what xenconsoled does. Log info -will be saved in /var/log/xen/console/guest-domUname.log. - -Signed-off-by: Chunyan Liu ---- - hw/xen_console.c | 71 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ - 1 files changed, 71 insertions(+), 0 deletions(-) - -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_console.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/xen_console.c -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_console.c -@@ -38,6 +38,8 @@ - #include "qemu-char.h" - #include "xen_backend.h" - -+static int log_guest = 0; -+ - struct buffer { - uint8_t *data; - size_t consumed; -@@ -54,8 +56,24 @@ struct XenConsole { - void *sring; - CharDriverState *chr; - int backlog; -+ int log_fd; - }; - -+static int write_all(int fd, const char* buf, size_t len) -+{ -+ while (len) { -+ ssize_t ret = write(fd, buf, len); -+ if (ret == -1 && errno == EINTR) -+ continue; -+ if (ret < 0) -+ return -1; -+ len -= ret; -+ buf += ret; -+ } -+ -+ return 0; -+} -+ - static void buffer_append(struct XenConsole *con) - { - struct buffer *buffer = &con->buffer; -@@ -83,6 +101,15 @@ static void buffer_append(struct XenCons - intf->out_cons = cons; - xen_be_send_notify(&con->xendev); - -+ if (con->log_fd != -1) { -+ int logret; -+ logret = write_all(con->log_fd, buffer->data + buffer->size - size, size); -+ if (logret < 0) { -+ xen_be_printf(&con->xendev, 1, "Write to log failed on domain %d: %d (%s)\n", -+ con->xendev.dom, errno, strerror(errno)); -+ } -+ } -+ - if (buffer->max_capacity && - buffer->size > buffer->max_capacity) { - /* Discard the middle of the data. */ -@@ -176,6 +203,37 @@ static void xencons_send(struct XenConso - } - } - -+static int create_domain_log(struct XenConsole *con) -+{ -+ char *logfile; -+ char *path, *domname; -+ int fd; -+ const char *logdir = "/var/log/xen/console"; -+ -+ path = xs_get_domain_path(xenstore, con->xendev.dom); -+ domname = xenstore_read_str(path, "name"); -+ free(path); -+ if (!domname) -+ return -1; -+ -+ if (mkdir(logdir, 0755) && errno != EEXIST) -+ { -+ xen_be_printf(&con->xendev, 1, "Directory %s does not exist and fail to create it!", logdir); -+ return -1; -+ } -+ -+ if (asprintf(&logfile, "%s/guest-%s.log", logdir, domname) < 0) -+ return -1; -+ qemu_free(domname); -+ -+ fd = open(logfile, O_WRONLY|O_CREAT|O_APPEND, 0644); -+ free(logfile); -+ if (fd == -1) -+ xen_be_printf(&con->xendev, 1, "Failed to open log %s: %d (%s)", logfile, errno, strerror(errno)); -+ -+ return fd; -+} -+ - /* -------------------------------------------------------------------- */ - - static int con_init(struct XenDevice *xendev) -@@ -183,6 +241,7 @@ static int con_init(struct XenDevice *xe - struct XenConsole *con = container_of(xendev, struct XenConsole, xendev); - char *type, *dom, label[32]; - const char *output; -+ char *logenv = NULL; - - /* setup */ - dom = xs_get_domain_path(xenstore, con->xendev.dom); -@@ -209,6 +268,10 @@ static int con_init(struct XenDevice *xe - con->chr = qemu_chr_open(label, output, NULL); - xenstore_store_pv_console_info(con->xendev.dev, con->chr, output); - -+ logenv = getenv("XENCONSOLED_TRACE"); -+ if (logenv != NULL && strlen(logenv) == strlen("guest") && !strcmp(logenv, "guest")) { -+ log_guest = 1; -+ } - return 0; - } - -@@ -246,6 +309,9 @@ static int con_initialise(struct XenDevi - con->xendev.remote_port, - con->xendev.local_port, - con->buffer.max_capacity); -+ con->log_fd = -1; -+ if (log_guest) -+ con->log_fd = create_domain_log(con); - return 0; - } - -@@ -266,6 +332,12 @@ static void con_disconnect(struct XenDev - xengnttab_unmap(xendev->gnttabdev, con->sring, 1); - con->sring = NULL; - } -+ -+ if (con->log_fd != -1) { -+ close(con->log_fd); -+ con->log_fd = -1; -+ } -+ - } - - static void con_event(struct XenDevice *xendev) diff --git a/logrotate.conf b/logrotate.conf index 260027e..79b645e 100644 --- a/logrotate.conf +++ b/logrotate.conf @@ -1,21 +1,19 @@ -compress -missingok - -/var/log/xen/xend*.log { - rotate 5 - size 1M +/var/log/xen/xen-hotplug.log { + compress + missingok notifempty - copytruncate -} - -/var/log/xen/domain-builder-ng.log /var/log/xen/xen-hotplug.log { rotate 2 size 100k - notifempty copytruncate } -/var/log/xen/qemu-dm.*.log { - rotate 0 - monthly +/var/log/xen/xl-*.log /var/log/xen/qemu-dm-*.log /var/log/xen/console/*.log { + compress + missingok + notifempty + rotate 4 + dateext + dateformat -%Y%m%d-%H%M + size 2M + copytruncate } diff --git a/mini-os.tar.bz2 b/mini-os.tar.bz2 index fec435e..b2c9a1c 100644 --- a/mini-os.tar.bz2 +++ b/mini-os.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:436ec6bfe55880d69677fdba7c5c1a50a88d7cbd2781574845488455550d5256 -size 255793 +oid sha256:7ac3d71d959534ab95233bfd6484fb40ced94fe11758be2be95980ed90a937e5 +size 320415 diff --git a/pvdrv_emulation_control.patch b/pvdrv_emulation_control.patch deleted file mode 100644 index 9e43a66..0000000 --- a/pvdrv_emulation_control.patch +++ /dev/null @@ -1,28 +0,0 @@ ---- - tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c | 13 +++++++++++++ - 1 file changed, 13 insertions(+) - -Index: xen-4.4.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c -=================================================================== ---- xen-4.4.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c -+++ xen-4.4.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c -@@ -370,6 +370,19 @@ static void suse_platform_ioport_write(v - net_tap_shutdown_all(); - fprintf(logfile, "Done.\n"); - break; -+ case 8: -+ if (val ==1 ) { -+ fprintf(logfile, "Disconnect IDE hard disk...\n"); -+ ide_unplug_harddisks(); -+ fprintf(logfile, "Done.\n"); -+ } else if (val == 2) { -+ fprintf(logfile, "Disconnect netifs...\n"); -+ pci_unplug_netifs(); -+ fprintf(logfile, "Shutdown taps...\n"); -+ net_tap_shutdown_all(); -+ fprintf(logfile, "Done.\n"); -+ } -+ break; - default: - fprintf(logfile, "Write %x to bad port %x (base %x) on evtchn device.\n", - val, addr, ioport_base); diff --git a/pygrub-boot-legacy-sles.patch b/pygrub-boot-legacy-sles.patch index 6fc13e9..344aa77 100644 --- a/pygrub-boot-legacy-sles.patch +++ b/pygrub-boot-legacy-sles.patch @@ -1,17 +1,17 @@ -Index: xen-4.7.0-testing/tools/pygrub/src/pygrub +Index: xen-4.19.0-testing/tools/pygrub/src/pygrub =================================================================== ---- xen-4.7.0-testing.orig/tools/pygrub/src/pygrub -+++ xen-4.7.0-testing/tools/pygrub/src/pygrub -@@ -454,7 +454,7 @@ class Grub: +--- xen-4.19.0-testing.orig/tools/pygrub/src/pygrub ++++ xen-4.19.0-testing/tools/pygrub/src/pygrub +@@ -593,7 +593,7 @@ class Grub: self.cf.filename = f break if self.__dict__.get('cf', None) is None: -- raise RuntimeError, "couldn't find bootloader config file in the image provided." +- raise RuntimeError("couldn't find bootloader config file in the image provided.") + return f = fs.open_file(self.cf.filename) # limit read size to avoid pathological cases buf = f.read(FS_READ_MAX) -@@ -626,6 +626,20 @@ def run_grub(file, entry, fs, cfg_args): +@@ -768,6 +768,20 @@ def run_grub(file, entry, fs, cfg_args): g = Grub(file, fs) @@ -25,14 +25,14 @@ Index: xen-4.7.0-testing/tools/pygrub/src/pygrub + chosencfg["args"] = cfg_args + return chosencfg + if g.__dict__.get('cf', None) is None: -+ raise RuntimeError, "couldn't find bootloader config file in the image provided." ++ raise RuntimeError("couldn't find bootloader config file in the image provided.") + else: + return + if list_entries: for i in range(len(g.cf.images)): img = g.cf.images[i] -@@ -721,6 +735,19 @@ def sniff_netware(fs, cfg): +@@ -854,6 +868,19 @@ def sniff_netware(fs, cfg): return cfg @@ -50,14 +50,14 @@ Index: xen-4.7.0-testing/tools/pygrub/src/pygrub + return cfg + def format_sxp(kernel, ramdisk, args): - s = "linux (kernel %s)" % kernel + s = "linux (kernel %s)" % repr(kernel) if ramdisk: -@@ -801,7 +828,7 @@ if __name__ == "__main__": +@@ -932,7 +959,7 @@ if __name__ == "__main__": debug = False not_really = False output_format = "sxp" -- output_directory = "/var/run/xen/pygrub" +- output_directory = "/var/run/xen/pygrub/" + output_directory = "/var/run/xen" + uid = None # what was passed in - incfg = { "kernel": None, "ramdisk": None, "args": "" } diff --git a/pygrub-handle-one-line-menu-entries.patch b/pygrub-handle-one-line-menu-entries.patch index af2f9ed..b190a10 100644 --- a/pygrub-handle-one-line-menu-entries.patch +++ b/pygrub-handle-one-line-menu-entries.patch @@ -5,11 +5,11 @@ For example: menuentry 'halt' { halt } Force it to fall through where it will handle the closing brace. Also change warning to debug to cut down on verbose output. -Index: xen-4.7.0-testing/tools/pygrub/src/GrubConf.py +Index: xen-4.18.0-testing/tools/pygrub/src/GrubConf.py =================================================================== ---- xen-4.7.0-testing.orig/tools/pygrub/src/GrubConf.py -+++ xen-4.7.0-testing/tools/pygrub/src/GrubConf.py -@@ -147,7 +147,7 @@ class GrubImage(_GrubImage): +--- xen-4.18.0-testing.orig/tools/pygrub/src/GrubConf.py ++++ xen-4.18.0-testing/tools/pygrub/src/GrubConf.py +@@ -150,7 +150,7 @@ class GrubImage(_GrubImage): else: logging.info("Ignored image directive %s" %(com,)) else: @@ -18,16 +18,16 @@ Index: xen-4.7.0-testing/tools/pygrub/src/GrubConf.py # now put the line in the list of lines if replace is None: -@@ -302,7 +302,7 @@ class GrubConfigFile(_GrubConfigFile): +@@ -309,7 +309,7 @@ class GrubConfigFile(_GrubConfigFile): else: logging.info("Ignored directive %s" %(com,)) else: - logging.warning("Unknown directive %s" %(com,)) + logging.debug("Unknown directive %s" %(com,)) - + if img: self.add_image(GrubImage(title, img)) -@@ -336,7 +336,7 @@ class Grub2Image(_GrubImage): +@@ -343,7 +343,7 @@ class Grub2Image(_GrubImage): elif com.startswith('set:'): pass else: @@ -36,8 +36,8 @@ Index: xen-4.7.0-testing/tools/pygrub/src/GrubConf.py # now put the line in the list of lines if replace is None: -@@ -401,7 +401,10 @@ class Grub2ConfigFile(_GrubConfigFile): - raise RuntimeError, "syntax error: cannot nest menuentry (%d %s)" % (len(img),img) +@@ -408,7 +408,10 @@ class Grub2ConfigFile(_GrubConfigFile): + raise RuntimeError("syntax error: cannot nest menuentry (%d %s)" % (len(img),img)) img = [] title = title_match.group(1) - continue @@ -48,12 +48,12 @@ Index: xen-4.7.0-testing/tools/pygrub/src/GrubConf.py if l.startswith("submenu"): menu_level += 1 -@@ -440,7 +443,7 @@ class Grub2ConfigFile(_GrubConfigFile): +@@ -447,7 +450,7 @@ class Grub2ConfigFile(_GrubConfigFile): elif com.startswith('set:'): pass else: - logging.warning("Unknown directive %s" %(com,)) + logging.debug("Unknown directive %s" %(com,)) - + if img is not None: - raise RuntimeError, "syntax error: end of file with open menuentry(%d %s)" % (len(img),img) + raise RuntimeError("syntax error: end of file with open menuentry(%d %s)" % (len(img),img)) diff --git a/pygrub-netware-xnloader.patch b/pygrub-netware-xnloader.patch deleted file mode 100644 index 5d1862e..0000000 --- a/pygrub-netware-xnloader.patch +++ /dev/null @@ -1,21 +0,0 @@ -Index: xen-4.7.0-testing/tools/pygrub/src/pygrub -=================================================================== ---- xen-4.7.0-testing.orig/tools/pygrub/src/pygrub -+++ xen-4.7.0-testing/tools/pygrub/src/pygrub -@@ -25,6 +25,7 @@ import fsimage - import grub.GrubConf - import grub.LiloConf - import grub.ExtLinuxConf -+import xnloader - - PYGRUB_VER = 0.6 - FS_READ_MAX = 1024 * 1024 -@@ -763,6 +764,8 @@ if __name__ == "__main__": - if len(data) == 0: - os.close(tfd) - del datafile -+ if file_to_read == "/nwserver/xnloader.sys": -+ xnloader.patch_netware_loader(ret) - return ret - try: - os.write(tfd, data) diff --git a/qemu-dm-segfault.patch b/qemu-dm-segfault.patch deleted file mode 100644 index d0fae33..0000000 --- a/qemu-dm-segfault.patch +++ /dev/null @@ -1,52 +0,0 @@ -Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/ide.c -=================================================================== ---- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/ide.c -+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/ide.c -@@ -937,8 +937,9 @@ static inline void ide_dma_submit_check( - - static inline void ide_set_irq(IDEState *s) - { -- BMDMAState *bm = s->bmdma; -- if (!s->bs) return; /* ouch! (see ide_flush_cb) */ -+ BMDMAState *bm; -+ if (!s || !s->bs) return; /* ouch! (see ide_flush_cb) */ -+ bm = s->bmdma; - if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) { - if (bm) { - bm->status |= BM_STATUS_INT; -@@ -1338,6 +1339,8 @@ static void ide_write_flush_cb(void *opa - BMDMAState *bm = opaque; - IDEState *s = bm->ide_if; - -+ if (!s) return; /* yikes */ -+ - if (ret != 0) { - ide_dma_error(s); - return; -@@ -1432,7 +1435,7 @@ static void ide_flush_cb(void *opaque, i - { - IDEState *s = opaque; - -- if (!s->bs) return; /* ouch! (see below) */ -+ if (!s || !s->bs) return; /* ouch! (see below) */ - - if (ret) { - /* We are completely doomed. The IDE spec does not permit us -@@ -1689,7 +1692,7 @@ static void ide_atapi_cmd_read_dma_cb(vo - IDEState *s = bm->ide_if; - int data_offset, n; - -- if (!s->bs) return; /* ouch! (see ide_flush_cb) */ -+ if (!s || !s->bs) return; /* ouch! (see ide_flush_cb) */ - - if (ret < 0) { - ide_atapi_io_error(s, ret); -@@ -2375,7 +2378,7 @@ static void cdrom_change_cb(void *opaque - IDEState *s = opaque; - uint64_t nb_sectors; - -- if (!s->bs) return; /* ouch! (see ide_flush_cb) */ -+ if (!s || !s->bs) return; /* ouch! (see ide_flush_cb) */ - - bdrv_get_geometry(s->bs, &nb_sectors); - s->nb_sectors = nb_sectors; diff --git a/qemu-ifup-set-mtu.patch b/qemu-ifup-set-mtu.patch deleted file mode 100644 index e8c72ce..0000000 --- a/qemu-ifup-set-mtu.patch +++ /dev/null @@ -1,16 +0,0 @@ -Index: xen-4.2.3-testing/tools/qemu-xen-traditional-dir-remote/i386-dm/qemu-ifup-Linux -=================================================================== ---- xen-4.2.3-testing.orig/tools/qemu-xen-traditional-dir-remote/i386-dm/qemu-ifup-Linux -+++ xen-4.2.3-testing/tools/qemu-xen-traditional-dir-remote/i386-dm/qemu-ifup-Linux -@@ -20,4 +20,11 @@ then - fi - - ifconfig $1 0.0.0.0 up -+ -+mtu="`ip link show $bridge | awk '/mtu/ { print $5 }'`" -+if [ -n "$mtu" ] && [ "$mtu" -gt 0 ] -+then -+ ip link set $1 mtu $mtu || : -+fi -+ - brctl addif $bridge $1 || true diff --git a/qemu-security-etch1.patch b/qemu-security-etch1.patch deleted file mode 100644 index ec2cfd1..0000000 --- a/qemu-security-etch1.patch +++ /dev/null @@ -1,38 +0,0 @@ -Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/ne2000.c -=================================================================== ---- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/ne2000.c -+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/ne2000.c -@@ -222,7 +222,7 @@ static int ne2000_can_receive(void *opaq - NE2000State *s = opaque; - - if (s->cmd & E8390_STOP) -- return 1; -+ return 0; - return !ne2000_buffer_full(s); - } - -Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/pc.c -=================================================================== ---- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/pc.c -+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/pc.c -@@ -412,7 +412,8 @@ static void bochs_bios_write(void *opaqu - case 0x400: - case 0x401: - fprintf(stderr, "BIOS panic at rombios.c, line %d\n", val); -- exit(1); -+ /* according to documentation, these can be safely ignored */ -+ break; - case 0x402: - case 0x403: - #ifdef DEBUG_BIOS -@@ -435,8 +436,9 @@ static void bochs_bios_write(void *opaqu - /* LGPL'ed VGA BIOS messages */ - case 0x501: - case 0x502: -+ /* according to documentation, these can be safely ignored */ - fprintf(stderr, "VGA BIOS panic, line %d\n", val); -- exit(1); -+ break; - case 0x500: - case 0x503: - #ifdef DEBUG_BIOS diff --git a/qemu-xen-traditional-dir-remote.tar.bz2 b/qemu-xen-traditional-dir-remote.tar.bz2 deleted file mode 100644 index 9396619..0000000 --- a/qemu-xen-traditional-dir-remote.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:56d11699417995deec758fa53f0015683a856c78f8fe88ef9f4ee535d115e55b -size 3237180 diff --git a/replace-obsolete-network-configuration-commands-in-s.patch b/replace-obsolete-network-configuration-commands-in-s.patch new file mode 100644 index 0000000..eb5f74b --- /dev/null +++ b/replace-obsolete-network-configuration-commands-in-s.patch @@ -0,0 +1,151 @@ +From 5e1e18fde92bae1ae87f78d470e80b1ffc9350d1 Mon Sep 17 00:00:00 2001 +From: Michal Kubecek +Date: Wed, 26 Jul 2017 10:28:54 +0200 +Subject: [PATCH] replace obsolete network configuration commands in scripts + +Some scripts still use obsolete network configuration commands ifconfig and +brctl. Replace them by commands from iproute2 package. +--- + README | 3 +-- + tools/hotplug/Linux/colo-proxy-setup | 14 ++++++-------- + tools/hotplug/Linux/remus-netbuf-setup | 3 ++- + tools/hotplug/Linux/vif-bridge | 7 ++++--- + tools/hotplug/Linux/vif-nat | 2 +- + tools/hotplug/Linux/vif-route | 6 ++++-- + tools/hotplug/Linux/xen-network-common.sh | 6 ++---- + .../i386-dm/qemu-ifup-Linux | 5 +++-- + 9 files changed, 26 insertions(+), 26 deletions(-) + +Index: xen-4.19.0-testing/README +=================================================================== +--- xen-4.19.0-testing.orig/README ++++ xen-4.19.0-testing/README +@@ -59,8 +59,7 @@ provided by your OS distributor: + * Development install of GLib v2.0 (e.g. libglib2.0-dev) + * Development install of Pixman (e.g. libpixman-1-dev) + * pkg-config +- * bridge-utils package (/sbin/brctl) +- * iproute package (/sbin/ip) ++ * iproute package (/sbin/ip, /sbin/bridge) + * GNU bison and GNU flex + * ACPI ASL compiler (iasl) + +Index: xen-4.19.0-testing/tools/hotplug/Linux/remus-netbuf-setup +=================================================================== +--- xen-4.19.0-testing.orig/tools/hotplug/Linux/remus-netbuf-setup ++++ xen-4.19.0-testing/tools/hotplug/Linux/remus-netbuf-setup +@@ -76,6 +76,7 @@ + #specific setup code such as renaming. + dir=$(dirname "$0") + . "$dir/xen-hotplug-common.sh" ++. "$dir/xen-network-common.sh" + + findCommand "$@" + +@@ -139,8 +140,16 @@ check_ifb() { + + setup_ifb() { + +- for ifb in `ifconfig -a -s|egrep ^ifb|cut -d ' ' -f1` ++ if [ "$legacy_tools" ]; then ++ ifbs=`ifconfig -a -s|egrep ^ifb|cut -d ' ' -f1` ++ else ++ ifbs=$(ip --oneline link show type ifb | cut -d ' ' -f2) ++ fi ++ for ifb in $ifbs + do ++ if [ ! "$legacy_tools" ]; then ++ ifb="${ifb%:}" ++ fi + check_ifb "$ifb" || continue + REMUS_IFB="$ifb" + break +Index: xen-4.19.0-testing/tools/hotplug/Linux/vif-bridge +=================================================================== +--- xen-4.19.0-testing.orig/tools/hotplug/Linux/vif-bridge ++++ xen-4.19.0-testing/tools/hotplug/Linux/vif-bridge +@@ -42,7 +42,8 @@ if [ -z "$bridge" ]; then + if which brctl >&/dev/null; then + bridge=$(brctl show | awk 'NR==2{print$1}') + else +- bridge=$(bridge link | cut -d" " -f7) ++ bridge=$(ip --oneline link show type bridge | awk '(NR == 1) { print $2; }') ++ bridge="${bridge%:}" + fi + if [ -z "$bridge" ] + then +Index: xen-4.19.0-testing/tools/hotplug/Linux/vif-nat +=================================================================== +--- xen-4.19.0-testing.orig/tools/hotplug/Linux/vif-nat ++++ xen-4.19.0-testing/tools/hotplug/Linux/vif-nat +@@ -172,7 +172,11 @@ case "$command" in + ;; + offline) + [ "$dhcp" != 'no' ] && dhcp_down +- do_without_error ifconfig "${dev}" down ++ if [ "$legacy_tools" ]; then ++ do_without_error ifconfig "${dev}" down ++ else ++ do_without_error ip link set "${dev}" down ++ fi + ;; + esac + +Index: xen-4.19.0-testing/tools/hotplug/Linux/vif-route +=================================================================== +--- xen-4.19.0-testing.orig/tools/hotplug/Linux/vif-route ++++ xen-4.19.0-testing/tools/hotplug/Linux/vif-route +@@ -23,13 +23,23 @@ main_ip=$(dom0_ip) + + case "${command}" in + add|online) +- ifconfig ${dev} ${main_ip} netmask 255.255.255.255 up ++ if [ "$legacy_tools" ]; then ++ ifconfig ${dev} ${main_ip} netmask 255.255.255.255 up ++ else ++ ip addr add "${main_ip}/32" dev "$dev" ++ fi ++ ip link set "dev" up + echo 1 >/proc/sys/net/ipv4/conf/${dev}/proxy_arp + ipcmd='add' + cmdprefix='' + ;; + remove|offline) +- do_without_error ifdown ${dev} ++ if [ "$legacy_tools" ]; then ++ do_without_error ifdown ${dev} ++ else ++ do_without_error ip addr flush dev "$dev" ++ do_without_error ip link set "$dev" down ++ fi + ipcmd='del' + cmdprefix='do_without_error' + ;; +Index: xen-4.19.0-testing/tools/hotplug/Linux/xen-network-common.sh +=================================================================== +--- xen-4.19.0-testing.orig/tools/hotplug/Linux/xen-network-common.sh ++++ xen-4.19.0-testing/tools/hotplug/Linux/xen-network-common.sh +@@ -15,6 +15,12 @@ + # + + ++# Use brctl and ifconfig on older systems ++legacy_tools= ++if [ -f /sbin/brctl -a -f /sbin/ifconfig ]; then ++ legacy_tools="true" ++fi ++ + # Gentoo doesn't have ifup/ifdown, so we define appropriate alternatives. + + # Other platforms just use ifup / ifdown directly. +@@ -152,8 +158,10 @@ remove_from_bridge () { + log debug "removing $dev from bridge $bridge" + if which brctl >&/dev/null; then + do_without_error brctl delif ${bridge} ${dev} ++ do_without_error ifconfig "$dev" down + else + do_without_error ip link set ${dev} nomaster ++ do_without_error ip link set "$dev" down + fi + else + log debug "$dev not on bridge $bridge" diff --git a/stdvga-cache.patch b/stdvga-cache.patch deleted file mode 100644 index 7e3ee7f..0000000 --- a/stdvga-cache.patch +++ /dev/null @@ -1,16 +0,0 @@ -Index: xen-4.7.0-testing/xen/arch/x86/hvm/stdvga.c -=================================================================== ---- xen-4.7.0-testing.orig/xen/arch/x86/hvm/stdvga.c -+++ xen-4.7.0-testing/xen/arch/x86/hvm/stdvga.c -@@ -167,7 +167,10 @@ static int stdvga_outb(uint64_t addr, ui - - /* When in standard vga mode, emulate here all writes to the vram buffer - * so we can immediately satisfy reads without waiting for qemu. */ -- s->stdvga = (s->sr[7] == 0x00); -+ s->stdvga = -+ (s->sr[7] == 0x00) && /* standard vga mode */ -+ (s->gr[6] == 0x05); /* misc graphics register w/ MemoryMapSelect=1 -+ * 0xa0000-0xaffff (64k region), AlphaDis=1 */ - - if ( !prev_stdvga && s->stdvga ) - { diff --git a/stubdom-have-iovec.patch b/stubdom-have-iovec.patch deleted file mode 100644 index dd694cf..0000000 --- a/stubdom-have-iovec.patch +++ /dev/null @@ -1,26 +0,0 @@ -Because of commit 76eb7cef6b84ca804f4db340e23ad9c501767c32 -xc_private.h now contains a definition of iovec. This conflicts -when building qemu traditional xen_platform.c which includes -hw.h which includes qemu-common.h which already has a definition -of iovec -Index: xen-4.7.0-testing/tools/libxc/xc_private.h -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxc/xc_private.h -+++ xen-4.7.0-testing/tools/libxc/xc_private.h -@@ -47,6 +47,8 @@ - #endif - - #if defined(__MINIOS__) -+#ifndef HAVE_IOVEC -+#define HAVE_IOVEC - /* - * MiniOS's libc doesn't know about sys/uio.h or writev(). - * Declare enough of sys/uio.h to compile. -@@ -55,6 +57,7 @@ struct iovec { - void *iov_base; - size_t iov_len; - }; -+#endif - #else - #include - #endif diff --git a/stubdom.tar.bz2 b/stubdom.tar.bz2 index 8df22c3..786919b 100644 --- a/stubdom.tar.bz2 +++ b/stubdom.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:b7fce018fbbf4c4c678ee81b79934be92aa60aa7a091126fd43552a1bdb1c92c -size 17477558 +oid sha256:9a8b9900372f18a56efae2497f98edc97dd08f8b259bb5a4404dc1e8f427bc80 +size 19767778 diff --git a/supported_module.patch b/supported_module.patch deleted file mode 100644 index 9010b3a..0000000 --- a/supported_module.patch +++ /dev/null @@ -1,16 +0,0 @@ -Make our PV drivers "Novell supported modules" - -Signed-off-by: K. Y. Srinivasan - -Index: xen-4.2.0-testing/unmodified_drivers/linux-2.6/Module.supported -=================================================================== ---- /dev/null -+++ xen-4.2.0-testing/unmodified_drivers/linux-2.6/Module.supported -@@ -0,0 +1,7 @@ -+xen-vbd -+xen-platform-pci -+xen-vnif -+xenbus -+xen-balloon -+xen-scsi -+xen-usb diff --git a/suse-xendomains-service.patch b/suse-xendomains-service.patch new file mode 100644 index 0000000..42658dd --- /dev/null +++ b/suse-xendomains-service.patch @@ -0,0 +1,20 @@ +xendomains: remove libvirtd conflict + +Conflicting with libvirtd is fine for upstream, where xl/libxl is king. +But down the SUSE stream, we promote libvirt and all the libvirt-based +tools. If a user installs libvirt on their SUSE Xen host, then libvirt +should be king and override xendomains. + +bsc#1015348 +Index: xen-4.8.0-testing/tools/hotplug/Linux/systemd/xendomains.service.in +=================================================================== +--- xen-4.8.0-testing.orig/tools/hotplug/Linux/systemd/xendomains.service.in ++++ xen-4.8.0-testing/tools/hotplug/Linux/systemd/xendomains.service.in +@@ -5,7 +5,6 @@ After=proc-xen.mount xenstored.service x + After=network-online.target + After=remote-fs.target + ConditionPathExists=/proc/xen/capabilities +-Conflicts=libvirtd.service + + [Service] + Type=oneshot diff --git a/suspend_evtchn_lock.patch b/suspend_evtchn_lock.patch index d4f5ea4..6507d45 100644 --- a/suspend_evtchn_lock.patch +++ b/suspend_evtchn_lock.patch @@ -6,10 +6,10 @@ http://xen.1045712.n5.nabble.com/Re-PATCH-improve-suspend-evtchn-lock-processing Signed-off-by: Chunyan Liu -Index: xen-4.7.0-testing/tools/libxc/xc_suspend.c +Index: xen-4.10.0-testing/tools/libs/guest/xg_suspend.c =================================================================== ---- xen-4.7.0-testing.orig/tools/libxc/xc_suspend.c -+++ xen-4.7.0-testing/tools/libxc/xc_suspend.c +--- xen-4.10.0-testing.orig/tools/libs/guest/xg_suspend.c ++++ xen-4.10.0-testing/tools/libs/guest/xg_suspend.c @@ -20,6 +20,10 @@ #include "xc_private.h" @@ -56,7 +56,7 @@ Index: xen-4.7.0-testing/tools/libxc/xc_suspend.c + } +} + - static void get_suspend_file(char buf[], int domid) + static void get_suspend_file(char buf[], uint32_t domid) { snprintf(buf, SUSPEND_FILE_BUFLEN, SUSPEND_LOCK_FILE, domid); @@ -48,6 +83,7 @@ static int lock_suspend_event(xc_interfa diff --git a/tmp_build.patch b/tmp_build.patch deleted file mode 100644 index 8d15371..0000000 --- a/tmp_build.patch +++ /dev/null @@ -1,30 +0,0 @@ ---- - tools/xenstore/Makefile | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -Index: xen-4.7.0-testing/tools/xenstore/Makefile -=================================================================== ---- xen-4.7.0-testing.orig/tools/xenstore/Makefile -+++ xen-4.7.0-testing/tools/xenstore/Makefile -@@ -86,6 +86,7 @@ $(CLIENTS_DOMU): xenstore - - xenstore: xenstore_client.o $(LIBXENSTORE) - $(CC) $< $(LDFLAGS) $(LDLIBS_libxenstore) $(SOCKET_LIBS) -o $@ $(APPEND_LDFLAGS) -+ $(CC) $< $(CFLAGS) $(LDFLAGS) -Wl,--build-id=uuid -L. -lxenstore $(SOCKET_LIBS) -o domu-$@ - - xenstore-control: xenstore_control.o $(LIBXENSTORE) - $(CC) $< $(LDFLAGS) $(LDLIBS_libxenstore) $(SOCKET_LIBS) -o $@ $(APPEND_LDFLAGS) -@@ -139,10 +140,11 @@ endif - $(INSTALL_PROG) xenstore-control $(DESTDIR)$(bindir) - $(INSTALL_PROG) xenstore $(DESTDIR)$(bindir) - set -e ; for c in $(CLIENTS) ; do \ -- ln -f $(DESTDIR)$(bindir)/xenstore $(DESTDIR)$(bindir)/$${c} ; \ -+ ln -fs xenstore $(DESTDIR)/usr/bin/$${c} ; \ - done -+ $(INSTALL_PROG) domu-xenstore $(DESTDIR)/bin - for client in $(CLIENTS_DOMU); do \ -- $(INSTALL_PROG) $$client $(DESTDIR)$(bindir)/$${client/domu-}; \ -+ ln -fs domu-xenstore $(DESTDIR)/bin/$${client/domu-}; \ - done - $(INSTALL_DIR) $(DESTDIR)$(libdir) - $(INSTALL_SHLIB) libxenstore.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir) diff --git a/vif-bridge-no-iptables.patch b/vif-bridge-no-iptables.patch index 73474c3..f602b0d 100644 --- a/vif-bridge-no-iptables.patch +++ b/vif-bridge-no-iptables.patch @@ -1,8 +1,8 @@ -Index: xen-4.5.0-testing/tools/hotplug/Linux/vif-bridge +Index: xen-4.15.0-testing/tools/hotplug/Linux/vif-bridge =================================================================== ---- xen-4.5.0-testing.orig/tools/hotplug/Linux/vif-bridge -+++ xen-4.5.0-testing/tools/hotplug/Linux/vif-bridge -@@ -93,7 +93,7 @@ case "$command" in +--- xen-4.15.0-testing.orig/tools/hotplug/Linux/vif-bridge ++++ xen-4.15.0-testing/tools/hotplug/Linux/vif-bridge +@@ -87,7 +87,7 @@ case "$command" in ;; esac diff --git a/vif-route.patch b/vif-route.patch index d46767f..4e8b0a9 100644 --- a/vif-route.patch +++ b/vif-route.patch @@ -1,15 +1,25 @@ References: bsc#985503 -Index: xen-4.7.0-testing/tools/hotplug/Linux/vif-route +Index: xen-4.15.1-testing/tools/hotplug/Linux/vif-route =================================================================== ---- xen-4.7.0-testing.orig/tools/hotplug/Linux/vif-route -+++ xen-4.7.0-testing/tools/hotplug/Linux/vif-route -@@ -35,7 +35,7 @@ case "${command}" in - ;; +--- xen-4.15.1-testing.orig/tools/hotplug/Linux/vif-route ++++ xen-4.15.1-testing/tools/hotplug/Linux/vif-route +@@ -57,11 +57,13 @@ case "${type_if}" in + ;; esac --if [ "${ip}" ] ; then +-# If we've been given a list of IP addresses, then add routes from dom0 to +-# the guest using those addresses. +-for addr in ${ip} ; do +- ${cmdprefix} ip route ${ipcmd} ${addr} dev ${dev} src ${main_ip} metric ${metric} +-done +if [ "${ip}" ] && [ "${ipcmd}" ] ; then - # If we've been given a list of IP addresses, then add routes from dom0 to - # the guest using those addresses. - for addr in ${ip} ; do ++ # If we've been given a list of IP addresses, then add routes from dom0 to ++ # the guest using those addresses. ++ for addr in ${ip} ; do ++ ${cmdprefix} ip route ${ipcmd} ${addr} dev ${dev} src ${main_ip} metric ${metric} ++ done ++fi + + handle_iptable + diff --git a/x86-cpufreq-report.patch b/x86-cpufreq-report.patch deleted file mode 100644 index 48ac4cd..0000000 --- a/x86-cpufreq-report.patch +++ /dev/null @@ -1,84 +0,0 @@ -Index: xen-4.7.0-testing/xen/arch/x86/platform_hypercall.c -=================================================================== ---- xen-4.7.0-testing.orig/xen/arch/x86/platform_hypercall.c -+++ xen-4.7.0-testing/xen/arch/x86/platform_hypercall.c -@@ -26,7 +26,7 @@ - #include - #include - #include --#include -+#include - #include - #include - #include -@@ -820,6 +820,41 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA - ret = -EFAULT; - } - break; -+ -+ case XENPF_get_cpu_freq: -+ case XENPF_get_cpu_freq_min: -+ case XENPF_get_cpu_freq_max: -+ { -+ struct vcpu *v; -+ const struct cpufreq_policy *policy; -+ -+ if ( op->u.get_cpu_freq.vcpu >= current->domain->max_vcpus || -+ !(v = current->domain->vcpu[op->u.get_cpu_freq.vcpu]) ) -+ { -+ ret = -EINVAL; -+ break; -+ } -+ -+ policy = per_cpu(cpufreq_cpu_policy, v->processor); -+ switch ( op->cmd & -!!policy ) -+ { -+ case XENPF_get_cpu_freq: -+ op->u.get_cpu_freq.freq = policy->cur; -+ break; -+ case XENPF_get_cpu_freq_min: -+ op->u.get_cpu_freq.freq = policy->min; -+ break; -+ case XENPF_get_cpu_freq_max: -+ op->u.get_cpu_freq.freq = policy->max; -+ break; -+ default: -+ op->u.get_cpu_freq.freq = 0; -+ break; -+ } -+ if ( __copy_field_to_guest(u_xenpf_op, op, u.get_cpu_freq.freq) ) -+ ret = -EFAULT; -+ } -+ break; - - default: - ret = -ENOSYS; -Index: xen-4.7.0-testing/xen/include/public/platform.h -=================================================================== ---- xen-4.7.0-testing.orig/xen/include/public/platform.h -+++ xen-4.7.0-testing/xen/include/public/platform.h -@@ -547,6 +547,16 @@ struct xenpf_core_parking { - typedef struct xenpf_core_parking xenpf_core_parking_t; - DEFINE_XEN_GUEST_HANDLE(xenpf_core_parking_t); - -+#define XENPF_get_cpu_freq ('N' << 24) -+#define XENPF_get_cpu_freq_min (XENPF_get_cpu_freq + 1) -+#define XENPF_get_cpu_freq_max (XENPF_get_cpu_freq_min + 1) -+struct xenpf_get_cpu_freq { -+ /* IN variables */ -+ uint32_t vcpu; -+ /* OUT variables */ -+ uint32_t freq; /* in kHz */ -+}; -+ - /* - * Access generic platform resources(e.g., accessing MSR, port I/O, etc) - * in unified way. Batch resource operations in one call are supported and -@@ -638,6 +648,7 @@ struct xen_platform_op { - struct xenpf_core_parking core_parking; - struct xenpf_resource_op resource_op; - struct xenpf_symdata symdata; -+ struct xenpf_get_cpu_freq get_cpu_freq; - uint8_t pad[128]; - } u; - }; diff --git a/x86-ioapic-ack-default.patch b/x86-ioapic-ack-default.patch index b362045..497cccf 100644 --- a/x86-ioapic-ack-default.patch +++ b/x86-ioapic-ack-default.patch @@ -1,10 +1,8 @@ Change default IO-APIC ack mode for single IO-APIC systems to old-style. -Index: xen-4.7.0-testing/xen/arch/x86/io_apic.c -=================================================================== ---- xen-4.7.0-testing.orig/xen/arch/x86/io_apic.c -+++ xen-4.7.0-testing/xen/arch/x86/io_apic.c -@@ -2030,7 +2030,10 @@ void __init setup_IO_APIC(void) +--- a/xen/arch/x86/io_apic.c ++++ b/xen/arch/x86/io_apic.c +@@ -2152,7 +2152,10 @@ void __init setup_IO_APIC(void) io_apic_irqs = ~PIC_IRQS; printk("ENABLING IO-APIC IRQs\n"); diff --git a/xen-4.20.0-testing-src.tar.bz2 b/xen-4.20.0-testing-src.tar.bz2 new file mode 100644 index 0000000..12bcc04 --- /dev/null +++ b/xen-4.20.0-testing-src.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:cc7cc705dcc33a6a23e1571032d8f28d2c21b2690ad8364537b1fb0623576e60 +size 5734024 diff --git a/xen-4.7.0-testing-src.tar.bz2 b/xen-4.7.0-testing-src.tar.bz2 deleted file mode 100644 index 6424f85..0000000 --- a/xen-4.7.0-testing-src.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:b7d642a7d1c3e0c423f7cd66ddff9e173135a6bd4e4f7b36cd7fefe20065a6e8 -size 4472864 diff --git a/xen-arch-kconfig-nr_cpus.patch b/xen-arch-kconfig-nr_cpus.patch new file mode 100644 index 0000000..ba93633 --- /dev/null +++ b/xen-arch-kconfig-nr_cpus.patch @@ -0,0 +1,13 @@ +Index: xen-4.20.0-testing/xen/arch/Kconfig +=================================================================== +--- xen-4.20.0-testing.orig/xen/arch/Kconfig ++++ xen-4.20.0-testing/xen/arch/Kconfig +@@ -8,7 +8,7 @@ config NR_CPUS + int "Maximum number of CPUs" + range 1 1 if ARM && MPU + range 1 16383 +- default "256" if X86 ++ default "1024" if X86 + default "1" if ARM && MPU + default "8" if ARM && RCAR3 + default "4" if ARM && QEMU diff --git a/xen-destdir.patch b/xen-destdir.patch index e871cd8..73edaeb 100644 --- a/xen-destdir.patch +++ b/xen-destdir.patch @@ -1,57 +1,30 @@ -Index: xen-4.7.0-testing/tools/xenstore/Makefile -=================================================================== ---- xen-4.7.0-testing.orig/tools/xenstore/Makefile -+++ xen-4.7.0-testing/tools/xenstore/Makefile -@@ -21,6 +21,7 @@ LDFLAGS += $(LDFLAGS-y) +--- a/tools/xs-clients/Makefile ++++ b/tools/xs-clients/Makefile +@@ -29,7 +29,7 @@ all: $(TARGETS) + clients: xenstore $(CLIENTS) xenstore-control - CLIENTS := xenstore-exists xenstore-list xenstore-read xenstore-rm xenstore-chmod - CLIENTS += xenstore-write xenstore-ls xenstore-watch -+CLIENTS_DOMU := $(patsubst xenstore-%,domu-xenstore-%,$(CLIENTS)) - - XENSTORED_OBJS = xenstored_core.o xenstored_watch.o xenstored_domain.o xenstored_transaction.o xs_lib.o talloc.o utils.o tdb.o hashtable.o - -@@ -55,7 +56,7 @@ endif - all: $(ALL_TARGETS) - - .PHONY: clients --clients: xenstore $(CLIENTS) xenstore-control -+clients: xenstore $(CLIENTS) $(CLIENTS_DOMU) xenstore-control - - ifeq ($(CONFIG_SunOS),y) - xenstored_probes.h: xenstored_probes.d -@@ -80,6 +81,9 @@ xenstored.a: $(XENSTORED_OBJS) $(CLIENTS): xenstore - ln -f xenstore $@ +- ln -f xenstore $@ ++ ln -sf xenstore $@ -+$(CLIENTS_DOMU): xenstore -+ ln -f xenstore $@ -+ - xenstore: xenstore_client.o $(LIBXENSTORE) - $(CC) $< $(LDFLAGS) $(LDLIBS_libxenstore) $(SOCKET_LIBS) -o $@ $(APPEND_LDFLAGS) - -@@ -107,7 +111,7 @@ clean: - rm -f *.a *.o *.opic *.so* xenstored_probes.h - rm -f xenstored xs_random xs_stress xs_crashme - rm -f xs_tdb_dump xenstore-control init-xenstore-domain -- rm -f xenstore $(CLIENTS) -+ rm -f xenstore $(CLIENTS) $(CLIENTS_DOMU) - $(RM) $(DEPS) - - .PHONY: distclean -@@ -130,12 +134,16 @@ ifeq ($(XENSTORE_XENSTORED),y) - $(INSTALL_DIR) $(DESTDIR)$(sbindir) - $(INSTALL_DIR) $(DESTDIR)$(XEN_LIB_STORED) - $(INSTALL_PROG) xenstored $(DESTDIR)$(sbindir) -+ $(INSTALL_DIR) $(DESTDIR)/bin - endif + xenstore: xenstore_client.o + $(CC) $(LDFLAGS) $^ $(LDLIBS) -o $@ $(APPEND_LDFLAGS) +@@ -54,7 +54,7 @@ install: all $(INSTALL_PROG) xenstore-control $(DESTDIR)$(bindir) $(INSTALL_PROG) xenstore $(DESTDIR)$(bindir) set -e ; for c in $(CLIENTS) ; do \ - ln -f $(DESTDIR)$(bindir)/xenstore $(DESTDIR)$(bindir)/$${c} ; \ +- ln -f $(DESTDIR)$(bindir)/xenstore $(DESTDIR)$(bindir)/$${c} ; \ ++ ln -sf xenstore $(DESTDIR)$(bindir)/$${c} ; \ done -+ for client in $(CLIENTS_DOMU); do \ -+ $(INSTALL_PROG) $$client $(DESTDIR)$(bindir)/$${client/domu-}; \ -+ done - $(INSTALL_DIR) $(DESTDIR)$(libdir) - $(INSTALL_SHLIB) libxenstore.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir) - ln -sf libxenstore.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)/libxenstore.so.$(MAJOR) + + .PHONY: uninstall +--- a/tools/xenstored/Makefile ++++ b/tools/xenstored/Makefile +@@ -32,6 +32,7 @@ TAGS: + install: all + $(INSTALL_DIR) $(DESTDIR)$(sbindir) + $(INSTALL_PROG) xenstored $(DESTDIR)$(sbindir) ++ $(INSTALL_DIR) $(DESTDIR)$(bindir) + + .PHONY: uninstall + uninstall: diff --git a/xen-disable-qemu-monitor.patch b/xen-disable-qemu-monitor.patch deleted file mode 100644 index e1b2ab0..0000000 --- a/xen-disable-qemu-monitor.patch +++ /dev/null @@ -1,70 +0,0 @@ -CVE-2007-0998 - remote compromise of dom0 - -Rather than completely disabling QEMU's console (which would remove -the "sendkey" command, among other useful things), remove all console -commands that can read/write dom0's state. - - -Index: xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/monitor.c -=================================================================== ---- xen-4.2.0-testing.orig/tools/qemu-xen-traditional-dir-remote/monitor.c -+++ xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/monitor.c -@@ -1497,6 +1497,7 @@ static const term_cmd_t term_cmds[] = { - "device|all", "commit changes to the disk images (if -snapshot is used) or backing files" }, - { "info", "s?", do_info, - "subcommand", "show various information about the system state" }, -+#ifdef CONFIG_TRUSTED_CLIENT - { "q|quit", "", do_quit, - "", "quit the emulator" }, - { "eject", "-fB", do_eject, -@@ -1509,6 +1510,7 @@ static const term_cmd_t term_cmds[] = { - "filename", "output logs to 'filename'" }, - { "log", "s", do_log, - "item1[,...]", "activate logging of the specified items to '/tmp/qemu.log'" }, -+#endif - { "savevm", "s?", do_savevm, - "tag|id", "save a VM snapshot. If no tag or id are provided, a new snapshot is created" }, - { "loadvm", "s", do_loadvm, -@@ -1538,8 +1540,10 @@ static const term_cmd_t term_cmds[] = { - "", "reset the system" }, - { "system_powerdown", "", do_system_powerdown, - "", "send system power down event" }, -+#ifdef CONFIG_TRUSTED_CLIENT - { "sum", "ii", do_sum, - "addr size", "compute the checksum of a memory region" }, -+#endif - { "usb_add", "s", do_usb_add, - "device", "add USB device (e.g. 'host:bus.addr' or 'host:vendor_id:product_id')" }, - { "usb_del", "s", do_usb_del, -@@ -1558,6 +1562,7 @@ static const term_cmd_t term_cmds[] = { - "state", "change mouse button state (1=L, 2=M, 4=R)" }, - { "mouse_set", "i", do_mouse_set, - "index", "set which mouse device receives events" }, -+#ifdef CONFIG_TRUSTED_CLIENT - #ifdef HAS_AUDIO - { "wavcapture", "si?i?i?", do_wav_capture, - "path [frequency bits channels]", -@@ -1565,6 +1570,7 @@ static const term_cmd_t term_cmds[] = { - #endif - { "stopcapture", "i", do_stop_capture, - "capture index", "stop capture" }, -+#endif - { "memsave", "lis", do_memory_save, - "addr size file", "save to disk virtual memory dump starting at 'addr' of size 'size'", }, - { "pmemsave", "lis", do_physical_memory_save, -@@ -1646,6 +1652,7 @@ static const term_cmd_t info_cmds[] = { - "", "show KVM information", }, - { "usb", "", usb_info, - "", "show guest USB devices", }, -+#ifdef CONFIG_TRUSTED_CLIENT - { "usbhost", "", usb_host_info, - "", "show host USB devices", }, - { "profile", "", do_info_profile, -@@ -1677,6 +1684,7 @@ static const term_cmd_t info_cmds[] = { - { "migrate", "", do_info_migrate, "", "show migration status" }, - { "balloon", "", do_info_balloon, - "", "show balloon information" }, -+#endif - { NULL, NULL, }, - }; - diff --git a/xen-hvm-default-bridge.patch b/xen-hvm-default-bridge.patch deleted file mode 100644 index 6693b5c..0000000 --- a/xen-hvm-default-bridge.patch +++ /dev/null @@ -1,85 +0,0 @@ -Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/net.h -=================================================================== ---- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/net.h -+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/net.h -@@ -107,8 +107,8 @@ void net_host_device_add(const char *dev - void net_host_device_remove(int vlan_id, const char *device); - - #ifndef DEFAULT_NETWORK_SCRIPT --#define DEFAULT_NETWORK_SCRIPT "/etc/qemu-ifup" --#define DEFAULT_NETWORK_DOWN_SCRIPT "/etc/qemu-ifdown" -+#define DEFAULT_NETWORK_SCRIPT "/etc/xen/qemu-ifup" -+#define DEFAULT_NETWORK_DOWN_SCRIPT "/etc/xen/qemu-ifdown" - #endif - #ifdef __sun__ - #define SMBD_COMMAND "/usr/sfw/sbin/smbd" -Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/net.c -=================================================================== ---- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/net.c -+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/net.c -@@ -1774,9 +1774,10 @@ int net_client_init(const char *device, - } - if (get_param_value(script_arg, sizeof(script_arg), "scriptarg", p) == 0 && - get_param_value(script_arg, sizeof(script_arg), "bridge", p) == 0) { /* deprecated; for xend compatibility */ -- pstrcpy(script_arg, sizeof(script_arg), ""); -+ ret = net_tap_init(vlan, device, name, ifname, setup_script, NULL, NULL); -+ } else { -+ ret = net_tap_init(vlan, device, name, ifname, setup_script, down_script, script_arg); - } -- ret = net_tap_init(vlan, device, name, ifname, setup_script, down_script, script_arg); - } - } else - #endif -Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/i386-dm/qemu-ifup-Linux -=================================================================== ---- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/i386-dm/qemu-ifup-Linux -+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/i386-dm/qemu-ifup-Linux -@@ -1,36 +1,22 @@ - #!/bin/sh - --#. /etc/rc.d/init.d/functions --#ulimit -c unlimited -- - echo 'config qemu network with xen bridge for ' $* - -+# If bridge is not specified, try device with default route. - bridge=$2 -+if [ -z "$bridge" ]; then -+ bridge=$(ip route list | awk '/^default / { print $NF }') -+fi - --# --# Old style bridge setup with netloop, used to have a bridge name --# of xenbrX, enslaving pethX and vif0.X, and then configuring --# eth0. --# --# New style bridge setup does not use netloop, so the bridge name --# is ethX and the physical device is enslaved pethX --# --# So if... --# --# - User asks for xenbrX --# - AND xenbrX doesn't exist --# - AND there is a ethX device which is a bridge --# --# ..then we translate xenbrX to ethX --# --# This lets old config files work without modification --# --if [ ! -e "/sys/class/net/$bridge" ] && [ -z "${bridge##xenbr*}" ] -+# Exit if $bridge is not a bridge. Exit with 0 status -+# so qemu-dm process is not terminated. No networking in -+# vm is bad but not catastrophic. The vm could still run -+# cpu and disk IO workloads. -+# Include an useful error message in qemu-dm log file. -+if [ ! -e "/sys/class/net/${bridge}/bridge" ] - then -- if [ -e "/sys/class/net/eth${bridge#xenbr}/bridge" ] -- then -- bridge="eth${bridge#xenbr}" -- fi -+ echo "WARNING! ${bridge} is not a bridge. qemu-ifup exiting. VM may not have a functioning networking stack." -+ exit 0 - fi - - ifconfig $1 0.0.0.0 up diff --git a/xen-qemu-iscsi-fix.patch b/xen-qemu-iscsi-fix.patch deleted file mode 100644 index 37fb06b..0000000 --- a/xen-qemu-iscsi-fix.patch +++ /dev/null @@ -1,76 +0,0 @@ -Index: xen-4.5.0-testing/tools/qemu-xen-traditional-dir-remote/xenstore.c -=================================================================== ---- xen-4.5.0-testing.orig/tools/qemu-xen-traditional-dir-remote/xenstore.c -+++ xen-4.5.0-testing/tools/qemu-xen-traditional-dir-remote/xenstore.c -@@ -450,7 +450,7 @@ void xenstore_parse_domain_config(int hv - char *buf = NULL; - char *fpath = NULL, *bpath = NULL, *btype = NULL, - *dev = NULL, *params = NULL, *drv = NULL; -- int i, ret, is_tap; -+ int i, j, ret, is_tap; - unsigned int len, num, hd_index, pci_devid = 0; - BlockDriverState *bs; - BlockDriver *format; -@@ -534,12 +534,7 @@ void xenstore_parse_domain_config(int hv - continue; - free(danger_type); - danger_type = xs_read(xsh, XBT_NULL, danger_buf, &len); -- if (pasprintf(&buf, "%s/params", bpath) == -1) -- continue; -- free(params); -- params = xs_read(xsh, XBT_NULL, buf, &len); -- if (params == NULL) -- continue; -+ - /* read the name of the device */ - if (pasprintf(&buf, "%s/type", bpath) == -1) - continue; -@@ -547,6 +542,35 @@ void xenstore_parse_domain_config(int hv - drv = xs_read(xsh, XBT_NULL, buf, &len); - if (drv == NULL) - continue; -+ -+ free(params); -+ if (!strcmp(drv,"iscsi") || !strcmp(drv, "npiv") || -+ !strcmp(drv,"dmmd")) { -+ if (pasprintf(&buf, "%s/node", bpath) == -1) -+ continue; -+ -+ /* wait for block-[iscsi|npiv|dmmd] script to complete and populate the -+ * node entry. try 30 times (30 secs) */ -+ for (j = 0; j < 30; j++) { -+ params = xs_read(xsh, XBT_NULL, buf, &len); -+ if (params != NULL) -+ break; -+ sleep(1); -+ } -+ if (params == NULL) { -+ fprintf(stderr, "qemu: %s device not found -- timed out \n", drv); -+ continue; -+ } -+ } -+ else -+ { -+ if (pasprintf(&buf, "%s/params", bpath) == -1) -+ continue; -+ params = xs_read(xsh, XBT_NULL, buf, &len); -+ if (params == NULL) -+ continue; -+ } -+ - /* Obtain blktap sub-type prefix */ - if ((!strcmp(drv, "tap") || !strcmp(drv, "qdisk")) && params[0]) { - char *offset = strchr(params, ':'); -@@ -664,6 +688,12 @@ void xenstore_parse_domain_config(int hv - format = &bdrv_host_device; - else - format = &bdrv_raw; -+ } else if (!strcmp(drv,"iscsi")) { -+ format = &bdrv_raw; -+ } else if (!strcmp(drv,"npiv")) { -+ format = &bdrv_raw; -+ } else if (!strcmp(drv,"dmmd")) { -+ format = &bdrv_raw; - } else { - format = bdrv_find_format(drv); - if (!format) { diff --git a/xen-supportconfig b/xen-supportconfig new file mode 100644 index 0000000..f77bd03 --- /dev/null +++ b/xen-supportconfig @@ -0,0 +1,85 @@ +#!/bin/bash +############################################################# +# Name: Supportconfig Plugin for Xen +# Description: Gathers important troubleshooting information +# about Xen and its tools +############################################################# + +# TODO: +# - Anything needed for UEFI? +# + +RCFILE="/usr/lib/supportconfig/resources/supportconfig.rc" +OF="output-xen.txt" + +GRUB2_CONF_FILES="/etc/default/grub" +XEN_CONF_FILES="/etc/xen/xl.conf /etc/sysconfig/xencommons /etc/sysconfig/xendomains" +XEN_SERVICES="xencommons xendomains xen-watchdog" +PERSISTENT_VM_CONF_FILES="" +ACTIVE_VM_CONF_FILES="" +XEN_LOG_FILES="" + +if [ -s $RCFILE ]; then + if ! source $RCFILE; then + log_write $OF "ERROR: Initializing resource file: $RCFILE" + exit 1 + fi +fi + +# if no xen package we are done +rpm_verify $OF xen || exit 111 + +# if not a xen host (dom0) we are done +log_write $OF "#==[ Checking if booted Xen ]=================================#" +if [ ! -d /proc/xen ] || [ ! -e /proc/xen/capabilities ] || [ `cat /proc/xen/capabilities` != "control_d" ]; then + log_write $OF "No" + log_write $OF "Skipped" + exit 0 +else + log_write $OF "Yes" +fi + +# basic system information: +log_cmd $OF "uname -r" +for service in $XEN_SERVICES; do + log_cmd $OF "systemctl status $service" + log_cmd $OF "systemctl is-enabled $service" +done +log_cmd $OF "lscpu" +log_cmd $OF "xl info --numa" +log_cmd $OF "xl list" +log_cmd $OF "xl pci-assignable-list" +log_cmd $OF "xenstore-ls" +log_cmd $OF "ps -ef | grep xen" +# dump grub2-related conf files +conf_files $OF "$GRUB2_CONF_FILES" +# dump Xen-related conf files +conf_files $OF "$XEN_CONF_FILES" + +# detailed system info: +log_cmd $OF "xl list --long" +log_cmd $OF "xl dmesg" +# network-related info often useful for debugging +if systemctl is-enabled NetworkManager.service &> /dev/null ; then + log_write $OF "NOTE: NetworkManager should not be enabled on a Xen host" +fi +for proto in '-4' '-6' +do + log_cmd $OF "ip $proto neighbor show" + log_cmd $OF "ip $proto route show" + log_cmd $OF "ip $proto address show" +done +log_cmd $OF "ip link show type bridge" +log_cmd $OF "bridge link show" +# list contents of common config and image directories +log_cmd $OF "ls -alR /etc/xen/vm/" +log_cmd $OF "ls -alR /etc/xen/auto/" +log_cmd $OF "ls -alR /var/lib/xen/images/" +# dump VM-related conf files +test -d /etc/xen/vm && PERSISTENT_VM_CONF_FILES=$(find -L /etc/xen/vm/ -type f | sort) +conf_files $OF "$PERSISTENT_VM_CONF_FILES" +test -d /var/lib/xen && ACTIVE_VM_CONF_FILES=$(find -L /var/lib/xen/userdata* -type f | sort) +conf_files $OF "$ACTIVE_VM_CONF_FILES" +# dump log files +test -d /var/log/xen && XEN_LOG_FILES="$(find -L /var/log/xen/ -type f | grep 'log$' | sort)" +log_files $OF 0 "$XEN_LOG_FILES" diff --git a/xen-utils-0.1.tar.bz2 b/xen-utils-0.1.tar.bz2 deleted file mode 100644 index 9865112..0000000 --- a/xen-utils-0.1.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:2d78844237d1148bedeaee6dd56a170a0f5ebcda45593fddff8128d3336c0792 -size 6272 diff --git a/xen.bug1026236.suse_vtsc_tolerance.patch b/xen.bug1026236.suse_vtsc_tolerance.patch new file mode 100644 index 0000000..44fd445 --- /dev/null +++ b/xen.bug1026236.suse_vtsc_tolerance.patch @@ -0,0 +1,58 @@ +suse_vtsc_tolerance= +Reference: bsc#1026236 + +To avoid emulation of vTSC after live migration or save/restore allow +different clock frequency up to the specified value. If the frequency +is within the allowed range TSC access by the domU will be performed +at native speed. Otherwise TSC access will be emulated. It is up to +the hostadmin to decide how much tolerance all running domUs can +actually handle. The default is zero tolerance. + +--- a/xen/arch/x86/time.c ++++ b/xen/arch/x86/time.c +@@ -47,6 +47,9 @@ + static char __initdata opt_clocksource[10]; + string_param("clocksource", opt_clocksource); + ++static unsigned int __ro_after_init opt_suse_vtsc_tolerance; ++integer_param("suse_vtsc_tolerance", opt_suse_vtsc_tolerance); ++ + unsigned long __read_mostly cpu_khz; /* CPU clock frequency in kHz. */ + DEFINE_SPINLOCK(rtc_lock); + unsigned long pit0_ticks; +@@ -2926,6 +2929,8 @@ int tsc_set_info(struct domain *d, + + switch ( tsc_mode ) + { ++ bool disable_vtsc; ++ + case XEN_CPUID_TSC_MODE_DEFAULT: + case XEN_CPUID_TSC_MODE_ALWAYS_EMULATE: + d->arch.vtsc_offset = get_s_time() - elapsed_nsec; +@@ -2939,8 +2944,25 @@ int tsc_set_info(struct domain *d, + * When a guest is created, gtsc_khz is passed in as zero, making + * d->arch.tsc_khz == cpu_khz. Thus no need to check incarnation. + */ ++ disable_vtsc = d->arch.tsc_khz == cpu_khz; ++ ++ if ( tsc_mode == XEN_CPUID_TSC_MODE_DEFAULT && !disable_vtsc && ++ opt_suse_vtsc_tolerance && is_hvm_domain(d) ) ++ { ++ long khz_diff = ABS((long)cpu_khz - gtsc_khz); ++ ++ disable_vtsc = khz_diff <= opt_suse_vtsc_tolerance; ++ ++ printk(XENLOG_G_INFO "%pd: host has %lu kHz," ++ " domU expects %u kHz," ++ " difference of %ld is %s tolerance of %u\n", ++ d, cpu_khz, gtsc_khz, khz_diff, ++ disable_vtsc ? "within" : "outside", ++ opt_suse_vtsc_tolerance); ++ } ++ + if ( tsc_mode == XEN_CPUID_TSC_MODE_DEFAULT && host_tsc_is_safe() && +- (d->arch.tsc_khz == cpu_khz || ++ (disable_vtsc || + (is_hvm_domain(d) && + hvm_get_tsc_scaling_ratio(d->arch.tsc_khz))) ) + { diff --git a/xen.build-compare.doc_html.patch b/xen.build-compare.doc_html.patch index 63d96ab..e662273 100644 --- a/xen.build-compare.doc_html.patch +++ b/xen.build-compare.doc_html.patch @@ -5,20 +5,20 @@ Sort input files to reduce build-compare noise. docs/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) -Index: xen-4.6.0-testing/docs/Makefile +Index: xen-4.18.0-testing/docs/Makefile =================================================================== ---- xen-4.6.0-testing.orig/docs/Makefile -+++ xen-4.6.0-testing/docs/Makefile -@@ -142,7 +142,7 @@ install: install-man-pages install-html +--- xen-4.18.0-testing.orig/docs/Makefile ++++ xen-4.18.0-testing/docs/Makefile +@@ -192,7 +192,7 @@ uninstall: uninstall-man-pages uninstall # Individual file build targets html/index.html: $(DOC_HTML) $(CURDIR)/gen-html-index INDEX - $(PERL) -w -- $(CURDIR)/gen-html-index -i INDEX html $(DOC_HTML) + $(PERL) -w -- $(CURDIR)/gen-html-index -i INDEX html $(sort $(DOC_HTML)) - html/%.html: %.markdown - ifneq ($(MARKDOWN),) -@@ -165,8 +165,8 @@ html/hypercall/%/index.html: $(CURDIR)/x + html/%.txt: %.txt + @$(INSTALL_DIR) $(@D) +@@ -207,8 +207,8 @@ html/hypercall/%/index.html: $(CURDIR)/x $(INSTALL_DIR) $(@D) $(PERL) -w $(CURDIR)/xen-headers -O $(@D) \ -T 'arch-$* - Xen public headers' \ diff --git a/xen.build-compare.man.patch b/xen.build-compare.man.patch deleted file mode 100644 index a99769b..0000000 --- a/xen.build-compare.man.patch +++ /dev/null @@ -1,18 +0,0 @@ -Having just X.Y as version in the man pages is enough. ---- - docs/Makefile | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -Index: xen-4.5.0-testing/docs/Makefile -=================================================================== ---- xen-4.5.0-testing.orig/docs/Makefile -+++ xen-4.5.0-testing/docs/Makefile -@@ -2,7 +2,7 @@ XEN_ROOT=$(CURDIR)/.. - include $(XEN_ROOT)/Config.mk - -include $(XEN_ROOT)/config/Docs.mk - --VERSION := $(shell $(MAKE) -C $(XEN_ROOT)/xen --no-print-directory xenversion) -+VERSION := $(shell $(MAKE) -C $(XEN_ROOT)/xen --no-print-directory xenversion | cut -f -2 -d .) - - DOC_ARCHES := arm x86_32 x86_64 - diff --git a/xen.changes b/xen.changes index 9cae873..4c14490 100644 --- a/xen.changes +++ b/xen.changes @@ -1,3 +1,4989 @@ +------------------------------------------------------------------- +Mon Feb 10 06:02:04 MST 2025 - carnold@suse.com + +- Update to Xen 4.20.0 RC4 release + * AMD/IOMMU: log IVHD contents + * AMD/IOMMU: drop stray MSI enabling + * radix-tree: introduce RADIX_TREE{,_INIT}() + +------------------------------------------------------------------- +Fri Jan 31 09:59:45 MST 2025 - carnold@suse.com + +- Update to Xen 4.20.0 RC3 release + * x86/HVM: correct MMIO emulation cache bounds check + * x86/HVM: allocate emulation cache entries dynamically + * x86/HVM: correct read/write split at page boundaries + * x86/iommu: check for CMPXCHG16B when enabling IOMMU + * iommu/vtd: remove non-CX16 logic from interrupt remapping + * x86/iommu: remove non-CX16 logic from DMA remapping + * iommu/amd: atomically update IRTE + * x86emul: further correct 64-bit mode zero count repeated string + insn handling + * x86/PV: further harden guest memory accesses against speculative + abuse + * x86/intel: Fix PERF_GLOBAL fixup when virtualised + +------------------------------------------------------------------- +Fri Jan 31 08:49:14 UTC 2025 - Markéta Machová + +- Add explicit build dependency on python3-setuptools, needed by python313 + +------------------------------------------------------------------- +Mon Jan 20 05:46:51 MST 2025 - carnold@suse.com + +- Update to Xen 4.20.0 RC2 release + * xen/arm: Fully initialise struct membanks_hdr fields + * build: Set DATE to SOURCE_DATE_EPOCH if available (for + reproducible builds) + * x86: Add Support for Paging-Write Feature + * x86/time: introduce command line option to select wallclock + * x86/time: prefer CMOS over EFI_GET_TIME + * xentrace: free CPU mask string before overwriting pointer + * xl: properly dispose of vTPM struct instance + * xl: properly dispose of libxl_dominfo struct instances + * Various documentation fixes and updates (including ppc and + riscv additions) + * Various MISRA compliance improvements. + +------------------------------------------------------------------- +Fri Jan 10 12:43:42 MST 2025 - carnold@suse.com + +- Update to Xen 4.20.0 RC1 release + * x86/amd: Misc setup for Fam1Ah processors + * xen/perfc cleanups and adjustments + * libxl: drop setting XEN_QEMU_CONSOLE_LIMIT in the environment + (XSA-180 / CVE-2014-3672) + * x86emul: VCVT{,U}DQ2PD ignores embedded rounding + * x86emul: correct put_fpu()'s segment selector handling + * xen/flask: Wire up XEN_DOMCTL_dt_overlay and XEN_DOMCTL_set_llc_colors + * xen/events: fix race with set_global_virq_handler() + +------------------------------------------------------------------- +Mon Jan 6 06:01:11 MST 2025 - carnold@suse.com + +- Update to Xen 4.20.0 pre-release (jsc#PED-8907) + xen-4.20.0-testing-src.tar.bz2 +- New Features + * On Arm: + - Experimental support for Armv8-R. + - Support for NXP S32G3 Processors Family and NXP LINFlexD UART driver. + - Basic handling for SCMI requests over SMC using Shared Memory, by allowing + forwarding the calls to EL3 FW if coming from hwdom. + - Support for LLC (Last Level Cache) coloring. + * On x86: + - xl suspend/resume subcommands. + - Support for SRSO_U/S_NO and SRSO_MSR_FIX +- Changed Features + * Fixed blkif protocol specification for sector sizes different than 512b. + * The dombuilder in libxenguest no longer un-gzips secondary modules, instead + leaving this to the guest kernel to do in guest context. + * On x86: + - Prefer ACPI reboot over UEFI ResetSystem() run time service call. + - Switched the xAPIC flat driver to use physical destination mode for external + interrupts instead of logical destination mode. +- Removed Features + * On x86: + - Support for running on Xeon Phi processors. + - Removed the `ucode=allow-same` command line option. + - Removed x2APIC Cluster Mode for external interrupts. x2APIC Physical and + Mixed Modes are still available. +- Dropped patches + xsa466.patch + +------------------------------------------------------------------- +Wed Dec 11 11:11:11 UTC 2024 - ohering@suse.de + +- Move /etc/bash_completion.d/xl back to %_datadir/bash-completion/completions + +------------------------------------------------------------------- +Mon Dec 9 10:13:51 MST 2024 - carnold@suse.com + +- bsc#1234282 - VUL-0: xen: XSA-466: Xen hypercall page unsafe + against speculative attacks + xsa466.patch + +------------------------------------------------------------------- +Wed Dec 4 09:16:24 MST 2024 - carnold@suse.com + +- Update to Xen 4.19.1 bug fix release (jsc#PED-8907) + xen-4.19.1-testing-src.tar.bz2 + * No upstream changelog found in sources or webpage +- Dropped patches + 66a8b8ac-bunzip2-rare-failure.patch + 66bb6f78-x86-IOMMU-move-tracking-in-iommu_identity_mapping.patch + 66bb6fa5-x86-pass-through-document-as-security-unsupported.patch + 66cf737b-x86-Dom0-disable-SMAP-for-PV-only.patch + 66d02b69-Arm64-adjust-irq_to_desc-to-fix-build-with-gcc14.patch + 66d6dca8-libxl-nul-termination-in-xen_console_read_line.patch + 66d8690f-SUPPORT-split-XSM-from-Flask.patch + 66e29480-x86-HVM-properly-reject-indirect-VRAM-writes.patch + 66e44ae2-x86-ucode-AMD-buffer-underrun.patch + 66f2af41-x86-vLAPIC-undue-recursion-of-vlapic_error.patch + 66f2fd92-x86-ucode-Intel-stricter-sanity-check.patch + xsa463-01.patch + xsa463-02.patch + xsa463-03.patch + xsa463-04.patch + xsa463-05.patch + xsa463-06.patch + xsa463-07.patch + xsa463-08.patch + xsa463-09.patch + xsa464.patch + gcc14-fixes.patch + +------------------------------------------------------------------- +Wed Oct 30 09:34:38 MDT 2024 - carnold@suse.com + +- bsc#1232622 - VUL-0: CVE-2024-45818: xen: Deadlock in x86 HVM + standard VGA handling (XSA-463) + xsa463-01.patch + xsa463-02.patch + xsa463-03.patch + xsa463-04.patch + xsa463-05.patch + xsa463-06.patch + xsa463-07.patch + xsa463-08.patch + xsa463-09.patch +- bsc#1232624 - VUL-0: CVE-2024-45819: xen: libxl leaks data to PVH + guests via ACPI tables (XSA-464) + xsa464.patch +- Drop stdvga-cache.patch + +------------------------------------------------------------------- +Tue Oct 29 12:34:56 UTC 2024 - ohering@suse.de + +- bsc#1232542 - remove usage of net-tools-deprecated from supportconfig plugin + +------------------------------------------------------------------- +Thu Sep 26 11:30:00 CEST 2024 - jbeulich@suse.com + +- bsc#1230366 - VUL-0: CVE-2024-45817: xen: x86: Deadlock in + vlapic_error() (XSA-462) + 66f2af41-x86-vLAPIC-undue-recursion-of-vlapic_error.patch + Drop xsa462.patch +- Upstream bug fixes (bsc#1027519) + 66cf737b-x86-Dom0-disable-SMAP-for-PV-only.patch + 66d6dca8-libxl-nul-termination-in-xen_console_read_line.patch + 66d8690f-SUPPORT-split-XSM-from-Flask.patch + 66e29480-x86-HVM-properly-reject-indirect-VRAM-writes.patch + 66e44ae2-x86-ucode-AMD-buffer-underrun.patch + 66f2fd92-x86-ucode-Intel-stricter-sanity-check.patch + +------------------------------------------------------------------- +Tue Sep 10 09:54:34 MDT 2024 - carnold@suse.com + +- bsc#1230366 - VUL-0: CVE-2024-45817: xen: x86: Deadlock in + vlapic_error() (XSA-462) + xsa462.patch + +------------------------------------------------------------------- +Fri Aug 30 07:32:58 UTC 2024 - Guillaume GARDET + +- Fix build on aarch64 with gcc14 (bsc#1225953) + 66d02b69-Arm64-adjust-irq_to_desc-to-fix-build-with-gcc14.patch + +------------------------------------------------------------------- +Wed Aug 14 14:10:47 MDT 2024 - carnold@suse.com + +- bsc#1228574 - VUL-0: CVE-2024-31145: xen: error handling in x86 + IOMMU identity mapping (XSA-460) + 66bb6f78-x86-IOMMU-move-tracking-in-iommu_identity_mapping.patch +- bsc#1228575 - VUL-0: CVE-2024-31146: xen: PCI device pass-through + with shared resources (XSA-461) + 66bb6fa5-x86-pass-through-document-as-security-unsupported.patch + +------------------------------------------------------------------- +Wed Aug 7 08:06:00 CEST 2024 - jbeulich@suse.com + +- Upstream bug fixes (bsc#1027519) + 66a8b8ac-bunzip2-rare-failure.patch + +------------------------------------------------------------------- +Tue Jul 30 05:58:34 MDT 2024 - carnold@suse.com + +- Update to Xen 4.19.0 FCS release (jsc#PED-8907) + xen-4.19.0-testing-src.tar.bz2 +- New Features + * On x86: + - Introduce a new x2APIC driver that uses Cluster Logical addressing mode + for IPIs and Physical addressing mode for external interrupts. + * On Arm: + - FF-A notification support. + - Introduction of dynamic node programming using overlay dtbo. + * Add a new 9pfs backend running as a daemon in dom0. First user is + Xenstore-stubdom now being able to support full Xenstore trace capability. + * libxl support for backendtype=tap with tapback. +- Changed Features + * Changed flexible array definitions in public I/O interface headers to not + use "1" as the number of array elements. + * The minimum supported OCaml toolchain version is now 4.05 + * On x86: + - HVM PIRQs are disabled by default. + - Reduce IOMMU setup time for hardware domain. + - Allow HVM/PVH domains to map foreign pages. + - Declare PVH dom0 supported with caveats. + * xl/libxl configures vkb=[] for HVM domains with priority over vkb_device. + * Increase the maximum number of CPUs Xen can be built for from 4095 to + 16383. + * When building with Systemd support (./configure --enable-systemd), remove + libsystemd as a build dependency. Systemd Notify support is retained, now + using a standalone library implementation. + * xenalyze no longer requires `--svm-mode` when analyzing traces + generated on AMD CPUs + * Code symbol annotations and MISRA compliance improvements. +- Removed Features + * caml-stubdom. It hasn't built since 2014, was pinned to Ocaml 4.02, and has + been superseded by the MirageOS/SOLO5 projects. + * /usr/bin/pygrub symlink. This was deprecated in Xen 4.2 (2012) but left for + compatibility reasons. VMs configured with bootloader="/usr/bin/pygrub" + should be updated to just bootloader="pygrub". + * The Xen gdbstub on x86. + * xentrace_format has been removed; use xenalyze instead. +- Dropped patches contained in new tarball + 6617d62c-x86-hvm-Misra-Rule-19-1-regression.patch + 6627a4ee-vRTC-UIP-set-for-longer-than-expected.patch + 6627a5fc-x86-MTRR-inverted-WC-check.patch + 662a6a4c-x86-spec-reporting-of-BHB-clearing.patch + 662a6a8d-x86-spec-adjust-logic-to-elide-LFENCE.patch + 663090fd-x86-gen-cpuid-syntax.patch + 663a383c-libxs-open-xenbus-fds-as-O_CLOEXEC.patch + 663a4f3e-x86-cpu-policy-migration-IceLake-to-CascadeLake.patch + 663d05b5-x86-ucode-distinguish-up-to-date.patch + 663eaa27-libxl-XenStore-error-handling-in-device-creation.patch + 66450626-sched-set-all-sched_resource-data-inside-locked.patch + 66450627-x86-respect-mapcache_domain_init-failing.patch + 6646031f-x86-ucode-further-identify-already-up-to-date.patch + 6666ba52-x86-irq-remove-offline-CPUs-from-old-CPU-mask-when.patch + 666994ab-x86-SMP-no-shorthand-IPI-in-hotplug.patch + 666994f0-x86-IRQ-limit-interrupt-movement-in-fixup_irqs.patch + 666b07ee-x86-EPT-special-page-in-epte_get_entry_emt.patch + 666b0819-x86-EPT-avoid-marking-np-ents-for-reconfig.patch + 666b085a-x86-EPT-drop-questionable-mfn_valid-from-.patch + 667187cc-x86-Intel-unlock-CPUID-earlier.patch + 66718849-x86-IRQ-old_cpu_mask-in-fixup_irqs.patch + 6671885e-x86-IRQ-handle-moving-in-_assign_irq_vector.patch + 6672c846-x86-xstate-initialisation-of-XSS-cache.patch + 6672c847-x86-CPUID-XSAVE-dynamic-leaves.patch + 6673ffdc-x86-IRQ-forward-pending-to-new-dest-in-fixup_irqs.patch + xsa458.patch +- Dropped patches no longer necessary + bin-python3-conversion.patch + migration-python3-conversion.patch + +------------------------------------------------------------------- +Tue Jul 23 09:43:13 UTC 2024 - Franz Sirl + +- Enable support for ZSTD and LZO compression formats + +------------------------------------------------------------------- +Wed Jul 3 12:41:39 MDT 2024 - carnold@suse.com + +- bsc#1227355 - VUL-0: CVE-2024-31143: xen: double unlock in x86 + guest IRQ handling (XSA-458) + xsa458.patch + +------------------------------------------------------------------- +Mon Jun 24 16:20:00 CEST 2024 - jbeulich@suse.com + +- bsc#1214718 - The system hangs intermittently when Power Control + Mode is set to Minimum Power on SLES15SP5 Xen + 6666ba52-x86-irq-remove-offline-CPUs-from-old-CPU-mask-when.patch + 666994ab-x86-SMP-no-shorthand-IPI-in-hotplug.patch + 666994f0-x86-IRQ-limit-interrupt-movement-in-fixup_irqs.patch + 66718849-x86-IRQ-old_cpu_mask-in-fixup_irqs.patch + 6671885e-x86-IRQ-handle-moving-in-_assign_irq_vector.patch + 6673ffdc-x86-IRQ-forward-pending-to-new-dest-in-fixup_irqs.patch +- Upstream bug fixes (bsc#1027519) + 66450626-sched-set-all-sched_resource-data-inside-locked.patch + 66450627-x86-respect-mapcache_domain_init-failing.patch + 6646031f-x86-ucode-further-identify-already-up-to-date.patch + 666b07ee-x86-EPT-special-page-in-epte_get_entry_emt.patch + 666b0819-x86-EPT-avoid-marking-np-ents-for-reconfig.patch + 666b085a-x86-EPT-drop-questionable-mfn_valid-from-.patch + 667187cc-x86-Intel-unlock-CPUID-earlier.patch + 6672c846-x86-xstate-initialisation-of-XSS-cache.patch + 6672c847-x86-CPUID-XSAVE-dynamic-leaves.patch + +------------------------------------------------------------------- +Wed Jun 12 12:03:14 UTC 2024 - Daniel Garcia + +- Fix python3 shebang in tools package (bsc#1212476) +- Depend directly on %primary_python instead of python3 so this + package will continue working without rebuilding even if python3 + changes in the system. +- Remove not needed patches, these patches adds the python3 shebang to + some scripts, but that's done during the build phase so it's not + needed: + - bin-python3-conversion.patch + - migration-python3-conversion.patch + +------------------------------------------------------------------- +Tue Jun 4 18:09:00 MDT 2024 - carnold@suse.com + +- bsc#1225953 - Package xen does not build with gcc14 because of + new errors + gcc14-fixes.patch + +------------------------------------------------------------------- +Wed May 15 11:15:00 CEST 2024 - jbeulich@suse.com + +- bsc#1221984 - VUL-0: CVE-2023-46842: xen: x86 HVM hypercalls may + trigger Xen bug check (XSA-454) + 6617d62c-x86-hvm-Misra-Rule-19-1-regression.patch +- Upstream bug fixes (bsc#1027519) + 6627a4ee-vRTC-UIP-set-for-longer-than-expected.patch + 6627a5fc-x86-MTRR-inverted-WC-check.patch + 662a6a4c-x86-spec-reporting-of-BHB-clearing.patch + 662a6a8d-x86-spec-adjust-logic-to-elide-LFENCE.patch + 663090fd-x86-gen-cpuid-syntax.patch + 663a383c-libxs-open-xenbus-fds-as-O_CLOEXEC.patch + 663a4f3e-x86-cpu-policy-migration-IceLake-to-CascadeLake.patch + 663d05b5-x86-ucode-distinguish-up-to-date.patch + 663eaa27-libxl-XenStore-error-handling-in-device-creation.patch + +------------------------------------------------------------------- +Tue Apr 9 14:11:15 MDT 2024 - carnold@suse.com + +- Update to Xen 4.18.2 security bug fix release (bsc#1027519) + xen-4.18.2-testing-src.tar.bz2 + * No upstream changelog found in sources or webpage +- bsc#1221984 - VUL-0: CVE-2023-46842: xen: x86 HVM hypercalls may + trigger Xen bug check (XSA-454) +- bsc#1222302 - VUL-0: CVE-2024-31142: xen: x86: Incorrect logic + for BTC/SRSO mitigations (XSA-455) +- bsc#1222453 - VUL-0: CVE-2024-2201: xen: x86: Native Branch + History Injection (XSA-456) +- Dropped patch contained in new tarball + 65f83951-x86-mm-use-block_lock_speculation-in.patch + +------------------------------------------------------------------- +Mon Mar 25 15:30:00 CET 2024 - jbeulich@suse.com + +- bsc#1221334 - VUL-0: CVE-2024-2193: xen: GhostRace: Speculative + Race Conditions (XSA-453) + 65f83951-x86-mm-use-block_lock_speculation-in.patch + +------------------------------------------------------------------- +Fri Mar 15 10:11:56 MDT 2024 - carnold@suse.com + +- Update to Xen 4.18.1 bug fix release (bsc#1027519) + xen-4.18.1-testing-src.tar.bz2 + * No upstream changelog found in sources or webpage +- bsc#1221332 - VUL-0: CVE-2023-28746: xen: x86: Register File Data + Sampling (XSA-452) +- bsc#1221334 - VUL-0: CVE-2024-2193: xen: GhostRace: Speculative + Race Conditions (XSA-453) +- Dropped patches included in new tarball + 654370e2-x86-x2APIC-remove-ACPI_FADT_APIC_CLUSTER-use.patch + 65437103-x86-i8259-dont-assume-IRQs-always-target-CPU0.patch + 655b2ba9-fix-sched_move_domain.patch + 6566fef3-x86-vLAPIC-x2APIC-derive-LDR-from-APIC-ID.patch + 6569ad03-libxg-mem-leak-in-cpu-policy-get-set.patch + 656ee5e1-x86emul-avoid-triggering-event-assertions.patch + 656ee602-cpupool-adding-offline-CPU.patch + 656ee6c3-domain_create-error-path.patch + 6571ca95-fix-sched_move_domain.patch + 6578598c-Arm-avoid-pointer-overflow-on-invalidate.patch + 65842d5c-x86-AMD-extend-CPU-erratum-1474-fix.patch + 65a7a0a4-x86-Intel-GPCC-setup.patch + 65a9911a-VMX-IRQ-handling-for-EXIT_REASON_INIT.patch + 65b27990-x86-p2m-pt-off-by-1-in-entry-check.patch + 65b29e91-x86-ucode-stability-of-raw-policy-rescan.patch + 65b8f961-PCI-fail-dev-assign-if-phantom-functions.patch + 65b8f9ab-VT-d-else-vs-endif-misplacement.patch + xsa451.patch + +------------------------------------------------------------------- +Tue Feb 13 09:35:57 MST 2024 - carnold@suse.com + +- bsc#1219885 - VUL-0: CVE-2023-46841: xen: x86: shadow stack vs + exceptions from emulation stubs (XSA-451) + xsa451.patch + +------------------------------------------------------------------- +Wed Jan 31 13:40:00 CET 2024 - jbeulich@suse.com + +- Upstream bug fixes (bsc#1027519) + 6566fef3-x86-vLAPIC-x2APIC-derive-LDR-from-APIC-ID.patch + 6569ad03-libxg-mem-leak-in-cpu-policy-get-set.patch + 656ee5e1-x86emul-avoid-triggering-event-assertions.patch + 656ee602-cpupool-adding-offline-CPU.patch + 656ee6c3-domain_create-error-path.patch + 6571ca95-fix-sched_move_domain.patch + 6578598c-Arm-avoid-pointer-overflow-on-invalidate.patch + 65842d5c-x86-AMD-extend-CPU-erratum-1474-fix.patch + 65a7a0a4-x86-Intel-GPCC-setup.patch + 65a9911a-VMX-IRQ-handling-for-EXIT_REASON_INIT.patch + 65b27990-x86-p2m-pt-off-by-1-in-entry-check.patch + 65b29e91-x86-ucode-stability-of-raw-policy-rescan.patch +- bsc#1218851 - VUL-0: CVE-2023-46839: xen: phantom functions + assigned to incorrect contexts (XSA-449) + 65b8f961-PCI-fail-dev-assign-if-phantom-functions.patch +- bsc#1219080 - VUL-0: CVE-2023-46840: xen: VT-d: Failure to + quarantine devices in !HVM builds (XSA-450) + 65b8f9ab-VT-d-else-vs-endif-misplacement.patch +- Patches dropped / replaced by newer upstream versions + xsa449.patch + xsa450.patch + +------------------------------------------------------------------- +Tue Jan 23 08:52:25 MST 2024 - carnold@suse.com + +- bsc#1219080 - VUL-0: CVE-2023-46840: xen: VT-d: Failure to + quarantine devices in !HVM builds (XSA-450) + xsa450.patch + +------------------------------------------------------------------- +Tue Jan 16 09:32:55 MST 2024 - carnold@suse.com + +- bsc#1218851 - VUL-0: CVE-2023-46839: xen: phantom functions + assigned to incorrect contexts (XSA-449) + xsa449.patch + +------------------------------------------------------------------- +Tue Nov 21 13:22:23 MST 2023 - carnold@suse.com + +- Enable the Kconfig options REQUIRE_NX and DIT_DEFAULT to + provide better hypervisor security + xen.spec + +------------------------------------------------------------------- +Tue Nov 21 12:14:00 CET 2023 - jbeulich@suse.com + +- Upstream bug fixes (bsc#1027519) + 654370e2-x86-x2APIC-remove-ACPI_FADT_APIC_CLUSTER-use.patch + 65437103-x86-i8259-dont-assume-IRQs-always-target-CPU0.patch + 655b2ba9-fix-sched_move_domain.patch + +------------------------------------------------------------------- +Mon Nov 20 10:08:38 UTC 2023 - Bernhard Wiedemann + +- Pass XEN_BUILD_DATE + _TIME to override build date (boo#1047218) + +------------------------------------------------------------------- +Thu Nov 16 06:24:59 MST 2023 - carnold@suse.com + +- Update to Xen 4.18.0 FCS release (jsc#PED-4984) + xen-4.18.0-testing-src.tar.bz2 + * Repurpose command line gnttab_max_{maptrack_,}frames options so they don't + cap toolstack provided values. + * Ignore VCPUOP_set_singleshot_timer's VCPU_SSHOTTMR_future flag. The only + known user doesn't use it properly, leading to in-guest breakage. + * The "dom0" option is now supported on Arm and "sve=" sub-option can be used + to enable dom0 guest to use SVE/SVE2 instructions. + * Physical CPU Hotplug downgraded to Experimental and renamed "ACPI CPU + Hotplug" for clarity + * On x86, support for features new in Intel Sapphire Rapids CPUs: + - PKS (Protection Key Supervisor) available to HVM/PVH guests. + - VM-Notify used by Xen to mitigate certain micro-architectural pipeline + livelocks, instead of crashing the entire server. + - Bus-lock detection, used by Xen to mitigate (by rate-limiting) the system + wide impact of a guest misusing atomic instructions. + * xl/libxl can customize SMBIOS strings for HVM guests. + * Add support for AVX512-FP16 on x86. + * On Arm, Xen supports guests running SVE/SVE2 instructions. (Tech Preview) + * On Arm, add suport for Firmware Framework for Arm A-profile (FF-A) Mediator + (Tech Preview) + * Add Intel Hardware P-States (HWP) cpufreq driver. + * On Arm, experimental support for dynamic addition/removal of Xen device tree + nodes using a device tree overlay binary (.dtbo). + * Introduce two new hypercalls to map the vCPU runstate and time areas by + physical rather than linear/virtual addresses. + * On x86, support for enforcing system-wide operation in Data Operand + Independent Timing Mode. + * The project has now officially adopted 6 directives and 65 rules of MISRA-C. + * On x86, the "pku" command line option has been removed. It has never + behaved precisely as described, and was redundant with the unsupported + "cpuid=no-pku". Visibility of PKU to guests should be via its vm.cfg file. + * xenpvnetboot removed as unable to convert to Python 3. + * xencons is no longer supported or present. See 5d22d69b30 +- Droppped patches contained in new tarballs + 63e4da00-dont-log-errors-when-trying-to-load-PVH-xenstore-stubdom.patch + 643e3810-CONFIG_DEBUG_INFO-no-EXPERT.patch + 643e387f-xen-update-CONFIG_DEBUG_INFO-help-text.patch + 6447a8fd-x86-EFI-permit-crash-dump-analysis.patch + 64d33a57-libxenstat-Linux-nul-terminate-string.patch + aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch + xen.stubdom.newlib.patch + xsa446.patch + xsa445.patch + xsa438.patch + xsa439-00.patch + xsa439-01.patch + xsa439-02.patch + xsa439-03.patch + xsa439-04.patch + xsa439-05.patch + xsa439-06.patch + xsa439-07.patch + xsa439-08.patch + xsa439-09.patch + xsa443-10.patch + xsa443-11.patch + xsa440.patch +- Dropped xen-utils-0.1.tar.bz2 + The xen-list and xen-destroy commands are removed. Originally + created as a better replacement for 'xm'. The 'xl' equivalent + commands should be used instead. +- Dropped libxl.pvscsi.patch + Support for PVSCSI devices in the guest is no longer supported. + +------------------------------------------------------------------- +Thu Nov 2 06:44:38 MDT 2023 - carnold@suse.com + +- bsc#1216807 - VUL-0: CVE-2023-46836: xen: x86: BTC/SRSO fixes not + fully effective (XSA-446) + xsa446.patch + +------------------------------------------------------------------- +Fri Oct 27 09:22:33 MDT 2023 - carnold@suse.com + +- bsc#1216654 - VUL-0: CVE-2023-46835: xen: x86/AMD: mismatch in + IOMMU quarantine page table levels (XSA-445) + xsa445.patch + +------------------------------------------------------------------- +Wed Oct 18 15:30:33 MDT 2023 - jfehlig@suse.com + +- Supportconfig: Adapt plugin to modern supportconfig + The supportconfig 'scplugin.rc' file is deprecated in favor of + supportconfig.rc'. Adapt the xen plugin to the new scheme. + xen-supportconfig + +------------------------------------------------------------------- +Tue Oct 17 14:40:00 CEST 2023 - jbeulich@suse.com + +- bsc#1215145 - VUL-0: CVE-2023-34322: xen: top-level shadow + reference dropped too early for 64-bit PV guests (XSA-438) + 650abbfe-x86-shadow-defer-PV-top-level-release.patch +- bsc#1215474 - VUL-0: CVE-2023-20588: xen: AMD CPU transitional + execution leak via division by zero (XSA-439) + 64e5b4ac-x86-AMD-extend-Zenbleed-check.patch + 65087000-x86-spec-ctrl-SPEC_CTRL_EXIT_TO_XEN-confusion.patch + 65087001-x86-spec-ctrl-fold-DO_SPEC_CTRL_EXIT_TO_XEN.patch + 65087002-x86-spec-ctrl-SPEC_CTRL-ENTRY-EXIT-asm-macros.patch + 65087003-x86-spec-ctrl-SPEC_CTRL-ENTER-EXIT-comments.patch + 65087004-x86-entry-restore_all_xen-stack_end.patch + 65087005-x86-entry-track-IST-ness-of-entry.patch + 65087006-x86-spec-ctrl-VERW-on-IST-exit-to-Xen.patch + 65087007-x86-AMD-Zen-1-2-predicates.patch + 65087008-x86-spec-ctrl-Zen1-DIV-leakage.patch +- bsc#1215746 - VUL-0: CVE-2023-34326: xen: x86/AMD: missing IOMMU + TLB flushing (XSA-442) + 65263470-AMD-IOMMU-flush-TLB-when-flushing-DTE.patch +- bsc#1215747 - VUL-0: CVE-2023-34325: xen: Multiple + vulnerabilities in libfsimage disk handling (XSA-443) + 65263471-libfsimage-xfs-remove-dead-code.patch + 65263472-libfsimage-xfs-amend-mask32lo.patch + 65263473-libfsimage-xfs-sanity-check-superblock.patch + 65263474-libfsimage-xfs-compile-time-check.patch + 65263475-pygrub-remove-unnecessary-hypercall.patch + 65263476-pygrub-small-refactors.patch + 65263477-pygrub-open-output-files-earlier.patch + 65263478-libfsimage-function-to-preload-plugins.patch + 65263479-pygrub-deprivilege.patch + 6526347a-libxl-allow-bootloader-restricted-mode.patch + 6526347b-libxl-limit-bootloader-when-restricted.patch +- bsc#1215748 - VUL-0: CVE-2023-34327,CVE-2023-34328: xen: x86/AMD: + Debug Mask handling (XSA-444) + 6526347c-SVM-fix-AMD-DR-MASK-context-switch-asymmetry.patch + 6526347d-x86-PV-auditing-of-guest-breakpoints.patch +- Upstream bug fixes (bsc#1027519) + 64e6459b-revert-VMX-sanitize-rIP-before-reentering.patch + 64eef7e9-x86-reporting-spurious-i8259-interrupts.patch + 64f71f50-Arm-handle-cache-flush-at-top.patch + 65084ba5-x86-AMD-dont-expose-TscFreqSel.patch +- Patches dropped / replaced by newer upstream versions + xsa438.patch + xsa439-00.patch + xsa439-01.patch + xsa439-02.patch + xsa439-03.patch + xsa439-04.patch + xsa439-05.patch + xsa439-06.patch + xsa439-07.patch + xsa439-08.patch + xsa439-09.patch + xsa442.patch + xsa443-01.patch + xsa443-02.patch + xsa443-03.patch + xsa443-04.patch + xsa443-05.patch + xsa443-06.patch + xsa443-07.patch + xsa443-08.patch + xsa443-09.patch + xsa443-10.patch + xsa443-11.patch + xsa444-1.patch + xsa444-2.patch + +------------------------------------------------------------------- +Wed Sep 27 13:17:04 MDT 2023 - carnold@suse.com + +- bsc#1215744 - VUL-0: CVE-2023-34323: xen: xenstored: A + transaction conflict can crash C Xenstored (XSA-440) + xsa440.patch +- bsc#1215746 - VUL-0: CVE-2023-34326: xen: x86/AMD: missing IOMMU + TLB flushing (XSA-442) + xsa442.patch +- bsc#1215747 - VUL-0: CVE-2023-34325: xen: Multiple + vulnerabilities in libfsimage disk handling (XSA-443) + xsa443-01.patch + xsa443-02.patch + xsa443-03.patch + xsa443-04.patch + xsa443-05.patch + xsa443-06.patch + xsa443-07.patch + xsa443-08.patch + xsa443-09.patch + xsa443-10.patch + xsa443-11.patch +- bsc#1215748 - VUL-0: CVE-2023-34327,CVE-2023-34328: xen: x86/AMD: + Debug Mask handling (XSA-444) + xsa444-1.patch + xsa444-2.patch + +------------------------------------------------------------------- +Mon Sep 18 11:36:39 MDT 2023 - carnold@suse.com + +- bsc#1215474 - VUL-0: CVE-2023-20588: xen: AMD CPU transitional + execution leak via division by zero (XSA-439) + xsa439-00.patch + xsa439-01.patch + xsa439-02.patch + xsa439-03.patch + xsa439-04.patch + xsa439-05.patch + xsa439-06.patch + xsa439-07.patch + xsa439-08.patch + xsa439-09.patch + +------------------------------------------------------------------- +Fri Sep 8 10:10:18 MDT 2023 - carnold@suse.com + +- bsc#1215145 - VUL-0: CVE-2023-34322: xen: top-level shadow + reference dropped too early for 64-bit PV guests (XSA-438) + xsa438.patch + +------------------------------------------------------------------- +Sun Aug 13 13:13:13 UTC 2023 - ohering@suse.de + +- Handle potential unaligned access to bitmap in + libxc-sr-restore-hvm-legacy-superpage.patch + If setting BITS_PER_LONG at once, the initial bit must be aligned + +------------------------------------------------------------------- +Thu Aug 10 11:10:00 CEST 2023 - jbeulich@suse.com + +- bsc#1212684 - xentop fails with long interface name + 64d33a57-libxenstat-Linux-nul-terminate-string.patch + +------------------------------------------------------------------- +Tue Aug 8 11:36:00 MDT 2023 - carnold@suse.com + +- Update to Xen 4.17.2 bug fix release (bsc#1027519) + xen-4.17.2-testing-src.tar.bz2 + * No upstream changelog found in sources or webpage +- bsc#1214082 - VUL-0: CVE-2023-20569: xen: x86/AMD: Speculative + Return Stack Overflow (XSA-434) +- bsc#1214083 - VUL-0: CVE-2022-40982: xen: x86/Intel: Gather Data + Sampling (XSA-435) +- Dropped patches contained in new tarball + 64525c61-tools-libs-guest-assist-gcc13s-realloc-analyzer.patch + 645dec48-AMD-IOMMU-assert-boolean-enum.patch + 64639e84-amd-fix-legacy-setting-of-SSBD-on-AMD-Family-17h.patch + 646b782b-PCI-pci_get_pdev-respect-segment.patch + 647dfb0e-x86-missing-unlock-in-microcode_update_helper.patch + 648863fc-AMD-IOMMU-Invalidate-All-check.patch + 64bea1b2-x86-AMD-Zenbleed.patch + +------------------------------------------------------------------- +Tue Aug 1 11:11:11 UTC 2023 - ohering@suse.de + +- Handle potential off-by-one errors in libxc-sr-xg_sr_bitmap.patch + A bit is an index in bitmap, while bits is the allocated size + of the bitmap. + +------------------------------------------------------------------- +Fri Jul 28 15:15:15 UTC 2023 - ohering@suse.de + +- Add more debug to libxc-sr-track-migration-time.patch + This is supposed to help with doing the math in case xl restore + fails with ERANGE as reported in bug#1209311 + +------------------------------------------------------------------- +Tue Jul 25 10:44:08 MDT 2023 - carnold@suse.com + +- bsc#1213616 - VUL-0: CVE-2023-20593: xen: x86/AMD: Zenbleed + (XSA-433) + 64bea1b2-x86-AMD-Zenbleed.patch + +------------------------------------------------------------------- +Thu Jul 6 13:41:00 CET 2023 - jbeulich@suse.com + +- Upstream bug fixes (bsc#1027519) + 645dec48-AMD-IOMMU-assert-boolean-enum.patch + 646b782b-PCI-pci_get_pdev-respect-segment.patch + 647dfb0e-x86-missing-unlock-in-microcode_update_helper.patch + 648863fc-AMD-IOMMU-Invalidate-All-check.patch + +------------------------------------------------------------------- +Mon May 22 07:52:57 MDT 2023 - carnold@suse.com + +- bsc#1211433 - VUL-0: CVE-2022-42336: xen: Mishandling of guest + SSBD selection on AMD hardware (XSA-431) + 64639e84-amd-fix-legacy-setting-of-SSBD-on-AMD-Family-17h.patch + +------------------------------------------------------------------- +Thu May 4 11:22:27 MDT 2023 - carnold@suse.com + +- bsc#1210570 - gcc-13 realloc use-after-free analysis error + 64525c61-tools-libs-guest-assist-gcc13s-realloc-analyzer.patch + +------------------------------------------------------------------- +Fri Apr 28 14:53:15 MDT 2023 - carnold@suse.com + +- bsc#1209237 - xen-syms doesn't contain debug-info + 643e3810-CONFIG_DEBUG_INFO-no-EXPERT.patch + 643e387f-xen-update-CONFIG_DEBUG_INFO-help-text.patch + 6447a8fd-x86-EFI-permit-crash-dump-analysis.patch + +------------------------------------------------------------------- +Thu Apr 27 11:40:25 MDT 2023 - carnold@suse.com + +- Update to Xen 4.17.1 bug fix release (bsc#1027519) + xen-4.17.1-testing-src.tar.bz2 + * No upstream changelog found in sources or webpage +- Dropped patches contained in new tarball + 63a03b73-VMX-VMExit-based-BusLock-detection.patch + 63a03ba6-VMX-INTR_SHADOW_NMI-helper.patch + 63a03bce-VMX-Notify-VMExit.patch + 63a03e28-x86-high-freq-TSC-overflow.patch + 63c05478-VMX-calculate-model-specific-LBRs-once.patch + 63c05478-VMX-support-CPUs-without-model-specific-LBR.patch + 63d24e91-tools-xenstore-revert-simplify-loop-handling.patch + 63e53ac9-x86-CPUID-leaves-7-1-ecx-edx.patch + 63e53ac9-x86-disable-CET-SS-when-fractured-updates.patch + 63ebca9c-x86-spec-ctrl-Mitigate-Cross-Thread-Return-Address-Predictions.patch + 63f4d045-x86-ucode-AMD-apply-early-on-all-threads.patch + 63fe06e0-x86-ucode-AMD-apply-late-on-all-threads.patch + 640f3035-x86-altp2m-help-gcc13.patch + 641041e8-VT-d-constrain-IGD-check.patch + 64104238-bunzip-gcc13.patch + 6419697d-AMD-IOMMU-no-XT-x2APIC-phys.patch + 64199e0c-x86-shadow-account-for-log-dirty-mode.patch + 64199e0d-x86-HVM-bound-number-of-pca-regions.patch + 64199e0e-x86-HVM-serialize-pca-list-manipulation.patch + 64199e0f-x86-spec-ctrl-defer-CR4_PV32_RESTORE-for-CSTAR.patch + libxl.fix-guest-kexec-skip-cpuid-policy.patch + xsa430.patch + +------------------------------------------------------------------- +Tue Apr 11 09:36:33 MDT 2023 - carnold@suse.com + +- bsc#1210315 - VUL-0: CVE-2022-42335: xen: x86 shadow paging + arbitrary pointer dereference (XSA-430) + xsa430.patch + +------------------------------------------------------------------- +Fri Mar 31 11:02:49 MDT 2023 - carnold@suse.com + +- Not building the shim is correctly handled by --disable-pvshim + Drop disable-building-pv-shim.patch + +------------------------------------------------------------------- +Thu Mar 23 08:10:00 CET 2023 - jbeulich@suse.com + +- Upstream bug fixes (bsc#1027519) + 63a03b73-VMX-VMExit-based-BusLock-detection.patch + 63a03ba6-VMX-INTR_SHADOW_NMI-helper.patch + 63a03bce-VMX-Notify-VMExit.patch + 63e53ac9-x86-CPUID-leaves-7-1-ecx-edx.patch + 63e53ac9-x86-disable-CET-SS-when-fractured-updates.patch + 63f4d045-x86-ucode-AMD-apply-early-on-all-threads.patch + 63fe06e0-x86-ucode-AMD-apply-late-on-all-threads.patch + 641041e8-VT-d-constrain-IGD-check.patch + 6419697d-AMD-IOMMU-no-XT-x2APIC-phys.patch +- Use "proper" upstream backports: + 640f3035-x86-altp2m-help-gcc13.patch + 64104238-bunzip-gcc13.patch + 64199e0c-x86-shadow-account-for-log-dirty-mode.patch + 64199e0d-x86-HVM-bound-number-of-pca-regions.patch + 64199e0e-x86-HVM-serialize-pca-list-manipulation.patch + 64199e0f-x86-spec-ctrl-defer-CR4_PV32_RESTORE-for-CSTAR.patch +- ... in place of: + bunzip-gcc13.patch + altp2m-gcc13.patch + xsa427.patch + xsa428-1.patch + xsa428-2.patch + xsa429.patch + +------------------------------------------------------------------- +Thu Mar 16 08:08:08 UTC 2023 - ohering@suse.de + +- bsc#1209245 - fix host-assisted kexec/kdump for HVM domUs + libxl.fix-guest-kexec-skip-cpuid-policy.patch + +------------------------------------------------------------------- +Tue Mar 7 10:44:12 MST 2023 - carnold@suse.com + +- bsc#1209017 - VUL-0: CVE-2022-42332: xen: x86 shadow plus + log-dirty mode use-after-free (XSA-427) + xsa427.patch +- bsc#1209018 - VUL-0: CVE-2022-42333,CVE-2022-42334: xen: x86/HVM + pinned cache attributes mis-handling (XSA-428) + xsa428-1.patch + xsa428-2.patch +- bsc#1209019 - VUL-0: CVE-2022-42331: xen: x86: speculative + vulnerability in 32bit SYSCALL path (XSA-429) + xsa429.patch + +------------------------------------------------------------------- +Thu Mar 2 10:33:46 MST 2023 - carnold@suse.com + +- bsc#1208736 - GCC 13: xen package fails + bunzip-gcc13.patch + altp2m-gcc13.patch +- Drop gcc13-fixes.patch + +------------------------------------------------------------------- +Tue Feb 28 08:56:55 MST 2023 - carnold@suse.com + +- bsc#1208736 - GCC 13: xen package fails + gcc13-fixes.patch + +------------------------------------------------------------------- +Wed Feb 15 11:07:08 MST 2023 - carnold@suse.com + +- bsc#1208286 - VUL-0: CVE-2022-27672: xen: Cross-Thread Return + Address Predictions (XSA-426) + 63ebca9c-x86-spec-ctrl-Mitigate-Cross-Thread-Return-Address-Predictions.patch + +------------------------------------------------------------------- +Thu Feb 9 09:56:27 MST 2023 - carnold@suse.com + +- bsc#1205792 - Partner-L3: launch-xenstore error messages show in + SLES15 SP4 xen kernel. + 63e4da00-dont-log-errors-when-trying-to-load-PVH-xenstore-stubdom.patch + +------------------------------------------------------------------- +Mon Feb 6 12:17:00 CET 2023 - jbeulich@suse.com + +- bsc#1026236 - tidy/modernize patch + xen.bug1026236.suse_vtsc_tolerance.patch + +------------------------------------------------------------------- +Mon Feb 6 12:15:00 CET 2023 - jbeulich@suse.com + +- Upstream bug fixes (bsc#1027519) + 63c05478-VMX-calculate-model-specific-LBRs-once.patch + 63c05478-VMX-support-CPUs-without-model-specific-LBR.patch +- bsc#1207544 - VUL-0: CVE-2022-42330: xen: Guests can cause + Xenstore crash via soft reset (XSA-425) + xsa425.patch -> + 63d24e91-tools-xenstore-revert-simplify-loop-handling.patch + +------------------------------------------------------------------- +Wed Jan 25 10:39:54 MST 2023 - carnold@suse.com + +- bsc#1207544 - VUL-0: CVE-2022-42330: xen: Guests can cause + Xenstore crash via soft reset (XSA-425) + xsa425.patch + +------------------------------------------------------------------- +Tue Jan 3 14:10:18 UTC 2023 - Stefan Schubert + +- Migration of PAM settings to /usr/lib/pam.d. + +------------------------------------------------------------------- +Tue Dec 20 13:35:00 CET 2022 - jbeulich@suse.com + +- Upstream bug fixes (bsc#1027519) + 63a03e28-x86-high-freq-TSC-overflow.patch + +------------------------------------------------------------------- +Thu Dec 8 10:54:29 MST 2022 - carnold@suse.com + +- Update to Xen 4.17.0 FCS release (jsc#PED-1858) + xen-4.17.0-testing-src.tar.bz2 + * On x86 "vga=current" can now be used together with GrUB2's gfxpayload setting. Note that + this requires use of "multiboot2" (and "module2") as the GrUB commands loading Xen. + * The "gnttab" option now has a new command line sub-option for disabling the + GNTTABOP_transfer functionality. + * The x86 MCE command line option info is now updated. + * Out-of-tree builds for the hypervisor now supported. + * __ro_after_init support, for marking data as immutable after boot. + * The project has officially adopted 4 directives and 24 rules of MISRA-C, + added MISRA-C checker build integration, and defined how to document + deviations. + * IOMMU superpage support on x86, affecting PV guests as well as HVM/PVH ones + when they don't share page tables with the CPU (HAP / EPT / NPT). + * Support for VIRT_SSBD and MSR_SPEC_CTRL for HVM guests on AMD. + * Improved TSC, CPU, and APIC clock frequency calibration on x86. + * Support for Xen using x86 Control Flow Enforcement technology for its own + protection. Both Shadow Stacks (ROP protection) and Indirect Branch + Tracking (COP/JOP protection). + * Add mwait-idle support for SPR and ADL on x86. + * Extend security support for hosts to 12 TiB of memory on x86. + * Add command line option to set cpuid parameters for dom0 at boot time on x86. + * Improved static configuration options on Arm. + * cpupools can be specified at boot using device tree on Arm. + * It is possible to use PV drivers with dom0less guests, allowing statically + booted dom0less guests with PV devices. + * On Arm, p2m structures are now allocated out of a pool of memory set aside at + domain creation. + * Improved mitigations against Spectre-BHB on Arm. + * Support VirtIO-MMIO devices device-tree binding creation in toolstack on Arm. + * Allow setting the number of CPUs to activate at runtime from command line + option on Arm. + * Grant-table support on Arm was improved and hardened by implementing + "simplified M2P-like approach for the xenheap pages" + * Add Renesas R-Car Gen4 IPMMU-VMSA support on Arm. + * Add i.MX lpuart and i.MX8QM support on Arm. + * Improved toolstack build system. + * Add Xue - console over USB 3 Debug Capability. + * gitlab-ci automation: Fixes and improvements together with new tests. + * dropped support for the (x86-only) "vesa-mtrr" and "vesa-remap" command line options +- Drop patches contained in new tarball or invalid + 62fde97e-tools-libxl-Replace-deprecated-soundhw-on-QEMU-command-line.patch + xsa410-01.patch + xsa410-02.patch + xsa410-03.patch + xsa410-04.patch + xsa410-05.patch + xsa410-06.patch + xsa410-07.patch + xsa410-08.patch + xsa410-09.patch + xsa410-10.patch + xsa411.patch + +------------------------------------------------------------------- +Wed Sep 28 10:14:10 MDT 2022 - carnold@suse.com + +- bsc#1203806 - VUL-0: CVE-2022-33746: xen: P2M pool freeing may + take excessively long (XSA-410) + xsa410-01.patch + xsa410-02.patch + xsa410-03.patch + xsa410-04.patch + xsa410-05.patch + xsa410-06.patch + xsa410-07.patch + xsa410-08.patch + xsa410-09.patch + xsa410-10.patch +- bsc#1203807 - VUL-0: CVE-2022-33748: xen: lock order inversion in + transitive grant copy handling (XSA-411) + xsa411.patch + +------------------------------------------------------------------- +Thu Sep 1 06:21:39 UTC 2022 - Stefan Schubert + +- Migration to /usr/etc: Saving user changed configuration files + in /etc and restoring them while an RPM update. + +------------------------------------------------------------------- +Mon Aug 29 10:24:31 MDT 2022 - carnold@suse.com + +- bsc#1201994 - Xen DomU unable to emulate audio device + 62fde97e-tools-libxl-Replace-deprecated-soundhw-on-QEMU-command-line.patch + +------------------------------------------------------------------- +Tue Aug 23 08:52:05 MDT 2022 - carnold@suse.com + +- Things are compiling fine now with gcc12. + Drop gcc12-fixes.patch + +------------------------------------------------------------------- +Thu Aug 18 14:18:46 MDT 2022 - carnold@suse.com + +- Update to Xen 4.16.2 bug fix release (bsc#1027519) + xen-4.16.2-testing-src.tar.bz2 + * No upstream changelog found in sources or webpage +- Drop patches contained in new tarball + 625fca42-VT-d-reserved-CAP-ND.patch + 626f7ee8-x86-MSR-handle-P5-MC-reads.patch + 627549d6-IO-shutdown-race.patch + 62a1e594-x86-clean-up-_get_page_type.patch + 62a1e5b0-x86-ABAC-race-in-_get_page_type.patch + 62a1e5d2-x86-introduce-_PAGE_-for-mem-types.patch + 62a1e5f0-x86-dont-change-cacheability-of-directmap.patch + 62a1e60e-x86-split-cache_flush-out-of-cache_writeback.patch + 62a1e62b-x86-AMD-work-around-CLFLUSH-ordering.patch + 62a1e649-x86-track-and-flush-non-coherent.patch + 62a99614-IOMMU-x86-gcc12.patch + 62ab0fab-x86-spec-ctrl-VERW-flushing-runtime-cond.patch + 62ab0fac-x86-spec-ctrl-enum-for-MMIO-Stale-Data.patch + 62ab0fad-x86-spec-ctrl-add-unpriv-mmio.patch + 62bdd840-x86-spec-ctrl-only-adjust-idle-with-legacy-IBRS.patch + 62bdd841-x86-spec-ctrl-knobs-for-STIBP-and-PSFD.patch + 62c56cc0-libxc-fix-compilation-error-with-gcc13.patch + 62cc31ed-x86-honour-spec-ctrl-0-for-unpriv-mmio.patch + 62cc31ee-cmdline-extend-parse_boolean.patch + 62cc31ef-x86-spec-ctrl-fine-grained-cmdline-subopts.patch + 62cd91d0-x86-spec-ctrl-rework-context-switching.patch + 62cd91d1-x86-spec-ctrl-rename-SCF_ist_wrmsr.patch + 62cd91d2-x86-spec-ctrl-rename-opt_ibpb.patch + 62cd91d3-x86-spec-ctrl-rework-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch + 62cd91d4-x86-spec-ctrl-IBPB-on-entry.patch + 62cd91d5-x86-cpuid-BTC_NO-enum.patch + 62cd91d6-x86-spec-ctrl-enable-Zen2-chickenbit.patch + 62cd91d7-x86-spec-ctrl-mitigate-Branch-Type-Confusion.patch + xsa408.patch + +------------------------------------------------------------------- +Thu Jul 28 07:07:07 UTC 2022 - ohering@suse.de + +- bsc#1167608, bsc#1201631 - fix built-in default of max_event_channels + A previous change to the built-in default had a logic error, + effectively restoring the upstream limit of 1023 channels per domU. + Fix the logic to calculate the default based on the number of vcpus. + adjust libxl.max_event_channels.patch + +------------------------------------------------------------------- +Wed Jul 13 11:10:03 MDT 2022 - carnold@suse.com + +- Added --disable-pvshim when running configure in xen.spec. + We have never shipped the shim and don't need to build it. + +------------------------------------------------------------------- +Tue Jul 13 10:30:00 CEST 2022 - jbeulich@suse.com + +- bsc#1199965 - VUL-0: CVE-2022-26362: xen: Race condition + in typeref acquisition + 62a1e594-x86-clean-up-_get_page_type.patch + 62a1e5b0-x86-ABAC-race-in-_get_page_type.patch +- bsc#1199966 - VUL-0: CVE-2022-26363,CVE-2022-26364: xen: + Insufficient care with non-coherent mappings + 62a1e5d2-x86-introduce-_PAGE_-for-mem-types.patch + 62a1e5f0-x86-dont-change-cacheability-of-directmap.patch + 62a1e60e-x86-split-cache_flush-out-of-cache_writeback.patch + 62a1e62b-x86-AMD-work-around-CLFLUSH-ordering.patch + 62a1e649-x86-track-and-flush-non-coherent.patch +- bsc#1200549 VUL-0: CVE-2022-21123,CVE-2022-21125,CVE-2022-21166: + xen: x86: MMIO Stale Data vulnerabilities (XSA-404) + 62ab0fab-x86-spec-ctrl-VERW-flushing-runtime-cond.patch + 62ab0fac-x86-spec-ctrl-enum-for-MMIO-Stale-Data.patch + 62ab0fad-x86-spec-ctrl-add-unpriv-mmio.patch +- bsc#1201469 - VUL-0: CVE-2022-23816,CVE-2022-23825,CVE-2022-29900: + xen: retbleed - arbitrary speculative code execution with return + instructions (XSA-407) + 62cc31ed-x86-honour-spec-ctrl-0-for-unpriv-mmio.patch + 62cc31ee-cmdline-extend-parse_boolean.patch + 62cc31ef-x86-spec-ctrl-fine-grained-cmdline-subopts.patch + 62cd91d0-x86-spec-ctrl-rework-context-switching.patch + 62cd91d1-x86-spec-ctrl-rename-SCF_ist_wrmsr.patch + 62cd91d2-x86-spec-ctrl-rename-opt_ibpb.patch + 62cd91d3-x86-spec-ctrl-rework-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch + 62cd91d4-x86-spec-ctrl-IBPB-on-entry.patch + 62cd91d5-x86-cpuid-BTC_NO-enum.patch + 62cd91d6-x86-spec-ctrl-enable-Zen2-chickenbit.patch + 62cd91d7-x86-spec-ctrl-mitigate-Branch-Type-Confusion.patch +- Upstream bug fixes (bsc#1027519) + 62a99614-IOMMU-x86-gcc12.patch + 62bdd840-x86-spec-ctrl-only-adjust-idle-with-legacy-IBRS.patch + 62bdd841-x86-spec-ctrl-knobs-for-STIBP-and-PSFD.patch +- Drop patches replaced by upstream versions + xsa401-1.patch + xsa401-2.patch + xsa402-1.patch + xsa402-2.patch + xsa402-3.patch + xsa402-4.patch + xsa402-5.patch + +------------------------------------------------------------------- +Tue Jul 12 08:32:19 MDT 2022 - carnold@suse.com + +- bsc#1201394 - VUL-0: CVE-2022-33745: xen: insufficient TLB flush + for x86 PV guests in shadow mode (XSA-408) + xsa408.patch +- Fix gcc13 compilation error + 62c56cc0-libxc-fix-compilation-error-with-gcc13.patch + +------------------------------------------------------------------- +Tue Jun 28 14:31:48 UTC 2022 - Stefan Schubert + +- Moved logrotate files from user specific directory /etc/logrotate.d + to vendor specific directory /usr/etc/logrotate.d. + +------------------------------------------------------------------- +Tue Jun 08 17:50:00 CEST 2022 - jbeulich@suse.com + +- bsc#1199966 - VUL-0: EMBARGOED: CVE-2022-26363,CVE-2022-26364: xen: + Insufficient care with non-coherent mappings + fix xsa402-5.patch + +------------------------------------------------------------------- +Tue May 31 17:25:00 CEST 2022 - jbeulich@suse.com + +- Upstream bug fixes (bsc#1027519) + 625fca42-VT-d-reserved-CAP-ND.patch + 626f7ee8-x86-MSR-handle-P5-MC-reads.patch + 627549d6-IO-shutdown-race.patch +- bsc#1199965 - VUL-0: EMBARGOED: CVE-2022-26362: xen: Race condition + in typeref acquisition + xsa401-1.patch + xsa401-2.patch +- bsc#1199966 - VUL-0: EMBARGOED: CVE-2022-26363,CVE-2022-26364: xen: + Insufficient care with non-coherent mappings + xsa402-1.patch + xsa402-2.patch + xsa402-3.patch + xsa402-4.patch + xsa402-5.patch + +------------------------------------------------------------------- +Tue May 10 16:08:02 UTC 2022 - Dirk Müller + +- fix python3 >= 3.10 version detection + +------------------------------------------------------------------- +Wed Apr 13 08:54:02 MDT 2022 - carnold@suse.com + +- Update to Xen 4.16.1 bug fix release (bsc#1027519) + xen-4.16.1-testing-src.tar.bz2 +- Drop patches contained in new tarball + 61b31d5c-x86-restrict-all-but-self-IPI.patch + 61b88e78-x86-CPUID-TSXLDTRK-definition.patch + 61bc429f-revert-hvmloader-PA-range-should-be-UC.patch + 61d5687a-x86-spec-ctrl-opt_srb_lock-default.patch + 61d6ea2d-VT-d-split-domid-map-cleanup-check-into-a-function.patch + 61d6ea7b-VT-d-dont-leak-domid-mapping-on-error-path.patch + 61e0296a-x86-time-calibration-relative-counts.patch + 61e029c8-x86-time-TSC-freq-calibration-accuracy.patch + 61e02a1c-libxl-PCI-PV-hotplug-stubdom-coldplug.patch + 61e98e88-x86-introduce-get-set-reg-infra.patch + 61e98e89-x86-MSR-split-SPEC_CTRL-handling.patch + 61e98e8a-x86-spec-ctrl-drop-ENTRY-EXIT-HVM.patch + 61e98e8b-VT-x-SPEC_CTRL-NMI-race-condition.patch + 61eaaa23-x86-get-set-reg-infra-build.patch + 61efec1d-Arm-P2M-always-clear-entry-on-mapping-removal.patch + 61efec4d-gnttab-only-decrement-refcounter-on-final-unmap.patch + 61efec96-IOMMU-x86-stop-pirq-iteration-immediately-on-error.patch + 61f2d886-x86-CPUID-disentangle-new-leaves-logic.patch + 61f2d887-x86-CPUID-leaf-7-1-EBX-infra.patch + 61f2dd76-x86-SPEC_CTRL-migration-compatibility.patch + 61f7b2af-libxl-dont-touch-nr_vcpus_out-if-listing.patch + 61f933a4-x86-cpuid-advertise-SSB_NO.patch + 61f933a5-x86-drop-use_spec_ctrl-boolean.patch + 61f933a6-x86-new-has_spec_ctrl-boolean.patch + 61f933a7-x86-dont-use-spec_ctrl-enter-exit-for-S3.patch + 61f933a8-x86-SPEC_CTRL-record-last-write.patch + 61f933a9-x86-SPEC_CTRL-use-common-logic-for-AMD.patch + 61f933aa-SVM-SPEC_CTRL-entry-exit-logic.patch + 61f933ab-x86-AMD-SPEC_CTRL-infra.patch + 61f933ac-SVM-enable-MSR_SPEC_CTRL-for-guests.patch + 61f946a2-VMX-drop-SPEC_CTRL-load-on-VMEntry.patch + 6202afa3-x86-clean-up-MSR_MCU_OPT_CTRL-handling.patch + 6202afa4-x86-TSX-move-has_rtm_always_abort.patch + 6202afa5-x86-TSX-cope-with-deprecation-on-WHL-R-CFL-R.patch + 6202afa7-x86-CPUID-leaf-7-2-EDX-infra.patch + 6202afa8-x86-Intel-PSFD-for-guests.patch + 62278667-Arm-introduce-new-processors.patch + 62278668-Arm-move-errata-CSV2-check-earlier.patch + 62278669-Arm-add-ECBHB-and-CLEARBHB-ID-fields.patch + 6227866a-Arm-Spectre-BHB-handling.patch + 6227866b-Arm-allow-SMCCC_ARCH_WORKAROUND_3-use.patch + 6227866c-x86-AMD-cease-using-thunk-lfence.patch + 6229ba46-VT-d-drop-undue-address-of-from-check_cleanup_domid_map.patch + 624ebcef-VT-d-dont-needlessly-look-up-DID.patch + 624ebd3b-VT-d-avoid-NULL-deref-on-dcmo-error-paths.patch + 624ebd74-VT-d-avoid-infinite-recursion-on-dcmo-error-path.patch + xsa397.patch + xsa399.patch + xsa400-01.patch + xsa400-02.patch + xsa400-03.patch + xsa400-04.patch + xsa400-05.patch + xsa400-06.patch + xsa400-07.patch + xsa400-08.patch + xsa400-09.patch + xsa400-10.patch + xsa400-11.patch + xsa400-12.patch + +------------------------------------------------------------------- +Fri Apr 8 12:00:00 CEST 2022 - jbeulich@suse.com + +- bsc#1197426 - VUL-0: CVE-2022-26358,CVE-2022-26359, + CVE-2022-26360,CVE-2022-26361: xen: IOMMU: RMRR (VT-d) and unity + map (AMD-Vi) handling issues (XSA-400) + 624ebcef-VT-d-dont-needlessly-look-up-DID.patch + 624ebd3b-VT-d-avoid-NULL-deref-on-dcmo-error-paths.patch + 624ebd74-VT-d-avoid-infinite-recursion-on-dcmo-error-path.patch + +------------------------------------------------------------------- +Mon Apr 4 09:58:24 MDT 2022 - carnold@suse.com + +- bsc#1197423 - VUL-0: CVE-2022-26356: xen: Racy interactions + between dirty vram tracking and paging log dirty hypercalls + (XSA-397) + xsa397.patch +- bsc#1197425 - VUL-0: CVE-2022-26357: xen: race in VT-d domain ID + cleanup (XSA-399) + xsa399.patch +- bsc#1197426 - VUL-0: CVE-2022-26358,CVE-2022-26359, + CVE-2022-26360,CVE-2022-26361: xen: IOMMU: RMRR (VT-d) and unity + map (AMD-Vi) handling issues (XSA-400) + xsa400-01.patch + xsa400-02.patch + xsa400-03.patch + xsa400-04.patch + xsa400-05.patch + xsa400-06.patch + xsa400-07.patch + xsa400-08.patch + xsa400-09.patch + xsa400-10.patch + xsa400-11.patch + xsa400-12.patch +- Additional upstream bug fixes for XSA-400 (bsc#1027519) + 61d6ea2d-VT-d-split-domid-map-cleanup-check-into-a-function.patch + 61d6ea7b-VT-d-dont-leak-domid-mapping-on-error-path.patch + 6229ba46-VT-d-drop-undue-address-of-from-check_cleanup_domid_map.patch + +------------------------------------------------------------------- +Mon Mar 14 10:14:00 CET 2022 - jbeulich@suse.com + +- bsc#1196915 - VUL-0: CVE-2022-0001, CVE-2022-0002,CVE-2021-26401: + xen: BHB speculation issues (XSA-398) + 62278667-Arm-introduce-new-processors.patch + 62278668-Arm-move-errata-CSV2-check-earlier.patch + 62278669-Arm-add-ECBHB-and-CLEARBHB-ID-fields.patch + 6227866a-Arm-Spectre-BHB-handling.patch + 6227866b-Arm-allow-SMCCC_ARCH_WORKAROUND_3-use.patch + 6227866c-x86-AMD-cease-using-thunk-lfence.patch + +------------------------------------------------------------------- +Thu Mar 3 14:42:07 MST 2022 - carnold@suse.com + +- bsc#1196545 - GCC 12: xen package fails + gcc12-fixes.patch + +------------------------------------------------------------------- +Mon Feb 14 11:40:00 CET 2022 - jbeulich@suse.com + +- Upstream bug fixes (bsc#1027519) + 61e0296a-x86-time-calibration-relative-counts.patch + 61e029c8-x86-time-TSC-freq-calibration-accuracy.patch + 61e02a1c-libxl-PCI-PV-hotplug-stubdom-coldplug.patch + 61e98e88-x86-introduce-get-set-reg-infra.patch + 61e98e89-x86-MSR-split-SPEC_CTRL-handling.patch + 61e98e8a-x86-spec-ctrl-drop-ENTRY-EXIT-HVM.patch + 61e98e8b-VT-x-SPEC_CTRL-NMI-race-condition.patch + 61eaaa23-x86-get-set-reg-infra-build.patch + 61efec1d-Arm-P2M-always-clear-entry-on-mapping-removal.patch + 61efec4d-gnttab-only-decrement-refcounter-on-final-unmap.patch + 61efec96-IOMMU-x86-stop-pirq-iteration-immediately-on-error.patch + 61f2d886-x86-CPUID-disentangle-new-leaves-logic.patch + 61f2d887-x86-CPUID-leaf-7-1-EBX-infra.patch + 61f2dd76-x86-SPEC_CTRL-migration-compatibility.patch + 61f7b2af-libxl-dont-touch-nr_vcpus_out-if-listing.patch + 61f933a4-x86-cpuid-advertise-SSB_NO.patch + 61f933a5-x86-drop-use_spec_ctrl-boolean.patch + 61f933a6-x86-new-has_spec_ctrl-boolean.patch + 61f933a7-x86-dont-use-spec_ctrl-enter-exit-for-S3.patch + 61f933a8-x86-SPEC_CTRL-record-last-write.patch + 61f933a9-x86-SPEC_CTRL-use-common-logic-for-AMD.patch + 61f933aa-SVM-SPEC_CTRL-entry-exit-logic.patch + 61f933ab-x86-AMD-SPEC_CTRL-infra.patch + 61f933ac-SVM-enable-MSR_SPEC_CTRL-for-guests.patch + 61f946a2-VMX-drop-SPEC_CTRL-load-on-VMEntry.patch + 6202afa3-x86-clean-up-MSR_MCU_OPT_CTRL-handling.patch + 6202afa4-x86-TSX-move-has_rtm_always_abort.patch + 6202afa5-x86-TSX-cope-with-deprecation-on-WHL-R-CFL-R.patch + 6202afa7-x86-CPUID-leaf-7-2-EDX-infra.patch + 6202afa8-x86-Intel-PSFD-for-guests.patch +- Drop patches replaced by the above: + xsa393.patch + xsa394.patch + xsa395.patch + libxl-Fix-PV-hotplug-and-stubdom-coldplug.patch + libxl-dont-try-to-free-a-NULL-list-of-vcpus.patch + libxl-dont-touch-nr_vcpus_out-if-listing-vcpus-and-returning-NULL.patch + +------------------------------------------------------------------- +Thu Jan 13 10:55:58 MST 2022 - carnold@suse.com + +- bsc#1194576 - VUL-0: CVE-2022-23033: xen: arm: + guest_physmap_remove_page not removing the p2m mappings (XSA-393) + xsa393.patch +- bsc#1194581 - VUL-0: CVE-2022-23034: xen: a PV guest could DoS + Xen while unmapping a grant (XSA-394) + xsa394.patch +- bsc#1194588 - VUL-0: CVE-2022-23035: xen: insufficient cleanup of + passed-through device IRQs (XSA-395) + xsa395.patch + +------------------------------------------------------------------- +Wed Jan 12 14:16:53 MST 2022 - carnold@suse.com + +- bsc#1191668 - L3: issue around xl and virsh operation - virsh + list not giving any output (see also bsc#1194267) + libxl-dont-try-to-free-a-NULL-list-of-vcpus.patch + libxl-dont-touch-nr_vcpus_out-if-listing-vcpus-and-returning-NULL.patch + +------------------------------------------------------------------- +Tue Jan 11 10:47:10 MST 2022 - carnold@suse.com + +- bsc#1193307 - pci backend does not exist when attach a vf to a pv + guest + libxl-Fix-PV-hotplug-and-stubdom-coldplug.patch + Drop libxl-PCI-defer-backend-wait.patch + +------------------------------------------------------------------- +Thu Jan 6 16:05:00 CET 2022 - jbeulich@suse.com + +- bsc#1193447 - Slow execution of hvmloader+ovmf when VM contains + an sriov device + 61bc429f-revert-hvmloader-PA-range-should-be-UC.patch +- Upstream bug fixes (bsc#1027519) + 61b31d5c-x86-restrict-all-but-self-IPI.patch + 61b88e78-x86-CPUID-TSXLDTRK-definition.patch + 61d5687a-x86-spec-ctrl-opt_srb_lock-default.patch + +------------------------------------------------------------------- +Tue Jan 4 15:51:15 UTC 2022 - James Fehlig + +- Collect active VM config files in the supportconfig plugin + xen-supportconfig + +------------------------------------------------------------------- +Thu Dec 9 09:36:20 MST 2021 - carnold@suse.com + +- bsc#1193307 - pci backend does not exist when attach a vf to a pv + guest + libxl-PCI-defer-backend-wait.patch + +------------------------------------------------------------------- +Wed Dec 1 09:45:10 MST 2021 - carnold@suse.com + +- Update to Xen 4.16.0 FCS release + xen-4.16.0-testing-src.tar.bz2 + * Miscellaneous fixes to the TPM manager software in preparation + for TPM 2.0 support. + * Increased reliance on the PV shim as 32-bit PV guests will only + be supported in shim mode going forward. This change reduces + the attack surface in the hypervisor. + * Increased hardware support by allowing Xen to boot on Intel + devices that lack a Programmable Interval Timer. + * Cleanup of legacy components by no longer building QEMU + Traditional or PV-Grub by default. Note both projects have + upstream Xen support merged now, so it is no longer recommended + to use the Xen specific forks. + * Initial support for guest virtualized Performance Monitor + Counters on Arm. + * Improved support for dom0less mode by allowing the usage on + Arm 64bit hardware with EFI firmware. + * Improved support for Arm 64-bit heterogeneous systems by + leveling the CPU features across all to improve big.LITTLE + support. + +------------------------------------------------------------------- +Wed Nov 17 07:25:37 MST 2021 - carnold@suse.com + +- Update to Xen 4.16.0 RC3 release + xen-4.16.0-testing-src.tar.bz2 +- Drop iPXE sources and patches. iPXE is only used by QEMU + traditional which has never shipped with SLE15. + ipxe.tar.bz2 + ipxe-enable-nics.patch + ipxe-no-error-logical-not-parentheses.patch + ipxe-use-rpm-opt-flags.patch +- Drop building ocaml xenstored in the spec file. There are no + plans or need to support this version. + +------------------------------------------------------------------- +Mon Nov 8 09:09:58 MST 2021 - carnold@suse.com + +- Update to Xen 4.16.0 RC2 release + xen-4.16.0-testing-src.tar.bz2 +- Modified files + ipxe-use-rpm-opt-flags.patch + ipxe.tar.bz2 (new version) + +------------------------------------------------------------------- +Mon Nov 1 11:15:13 MDT 2021 - carnold@suse.com + +- Update to Xen 4.16.0 RC1 release + xen-4.16.0-testing-src.tar.bz2 +- Drop patches contained in new tarball or invalid + 615c9fd0-VT-d-fix-deassign-of-device-with-RMRR.patch + libxc-sr-383b41974d5543b62f3181d216070fe3691fb130.patch + libxc-sr-5588ebcfca774477cf823949e5703b0ac48818cc.patch + libxc-sr-9e59d9f8ee3808acde9833192211da25f66d8cc2.patch + libxc-sr-f17a73b3c0264c62dd6b5dae01ed621c051c3038.patch + xenstore-launch.patch + +------------------------------------------------------------------- +Wed Oct 6 08:19:42 MDT 2021 - carnold@suse.com + +- bsc#1191363 - VUL-0: CVE-2021-28702: xen: PCI devices with RMRRs + not deassigned correctly (XSA-386) + 615c9fd0-VT-d-fix-deassign-of-device-with-RMRR.patch + +------------------------------------------------------------------- +Mon Sep 13 11:50:00 CEST 2021 - jbeulich@suse.com + +- Revert "Simplify %autosetup". + +------------------------------------------------------------------- +Fri Sep 10 13:07:31 MDT 2021 - carnold@suse.com + +- Update to Xen 4.15.1 bug fix release + xen-4.15.1-testing-src.tar.bz2 +- Drop patches contained in new tarball + 60631c38-VT-d-QI-restore-flush-hooks.patch + 60700077-x86-vpt-avoid-pt_migrate-rwlock.patch + 60787714-revert-x86-HPET-avoid-legacy-replacement-mode.patch + 60787714-x86-HPET-avoid-legacy-replacement-mode.patch + 60787714-x86-HPET-factor-legacy-replacement-mode-enabling.patch + 608676f2-VT-d-register-based-invalidation-optional.patch + 60a27288-x86emul-gas-2-36-test-harness-build.patch + 60af933d-x86-gcc11-hypervisor-build.patch + 60afe616-x86-CPUID-rework-HLE-and-RTM-handling.patch + 60afe617-x86-TSX-minor-cleanup-and-improvements.patch + 60afe618-x86-TSX-deprecate-vpmu=rtm-abort.patch + 60be0e24-credit2-pick-runnable-unit.patch + 60be0e42-credit2-per-entity-load-tracking-when-continuing.patch + 60be3097-x86-CPUID-fix-HLE-and-RTM-handling-again.patch + 60bf9e19-Arm-create-dom0less-domUs-earlier.patch + 60bf9e1a-Arm-boot-modules-scrubbing.patch + 60bf9e1b-VT-d-size-qinval-queue-dynamically.patch + 60bf9e1c-AMD-IOMMU-size-command-buffer-dynamically.patch + 60bf9e1d-VT-d-eliminate-flush-related-timeouts.patch + 60bf9e1e-x86-spec-ctrl-protect-against-SCSB.patch + 60bf9e1f-x86-spec-ctrl-mitigate-TAA-after-S3.patch + 60bfa904-AMD-IOMMU-wait-for-command-slot.patch + 60bfa906-AMD-IOMMU-drop-command-completion-timeout.patch + 60c0bf86-x86-TSX-cope-with-deprecation.patch + 60c8a7ac-x86-vpt-fully-init-timers-before-enlisting.patch + 60c8de6e-osdep_xenforeignmemory_map-prototype.patch + 60d49689-VT-d-undo-device-mappings-upon-error.patch + 60d496b9-VT-d-adjust-domid-map-updating-on-unmap.patch + 60d496d6-VT-d-clear_fault_bits-should-clear-all.patch + 60d496ee-VT-d-dont-lose-errors-on-multi-IOMMU-flush.patch + 60d5c6df-IOMMU-PCI-dont-let-domain-cleanup-continue.patch + libxl-d5f54009dba11d04bfe2a28eee47b994de66b84a.patch + libxl-f3f778c81769075ac0eb93b98d4b2803e7936453.patch + libxl-4e217db45e83fc3173382306c8b03da86099a25d.patch + libxl-85760c03d664400368a3f76ae0225307c25049a7.patch + libxl-0ff26a3225d69ffec76fe5aca8296852fa951204.patch + libxl-7c313e8365eb663311a0cf39f77b4f5880244765.patch + libxl-0c0b3a7e4a2d65fd252b89b46bdcdb048bb24b6c.patch + libxl-fe6630ddc4e8a8fbf8dd28a1bc58e3881393f9c1.patch + libxl-qemu6-vnc-password.patch + libxl-qemu6-scsi.patch + +------------------------------------------------------------------- +Mon Aug 30 15:15:15 UTC 2021 - ohering@suse.de + +- bsc#1189882 - refresh libxc-sr-restore-hvm-legacy-superpage.patch + prevent superpage allocation in the LAPIC and ACPI_INFO range + +------------------------------------------------------------------- +Wed Aug 4 05:55:41 MDT 2021 - carnold@suse.com + +- Drop aarch64-maybe-uninitialized.patch as the fix is in tarball. + +------------------------------------------------------------------- +Mon Jul 26 10:10:10 UTC 2021 - ohering@suse.de + +- Simplify %autosetup + +------------------------------------------------------------------- +Fri Jul 23 11:11:11 UTC 2021 - ohering@suse.de + +- refresh the migration patches to state v20210713 + removed libxc-sr-add-xc_is_known_page_type.patch + removed libxc-sr-arrays.patch + removed libxc-sr-batch_pfns.patch + removed libxc-sr-page_type_has_stream_data.patch + removed libxc-sr-use-xc_is_known_page_type.patch + removed libxc.migrate_tracking.patch + removed libxc.sr.superpage.patch + removed libxl.set-migration-constraints-from-cmdline.patch + added libxc-sr-383b41974d5543b62f3181d216070fe3691fb130.patch + added libxc-sr-5588ebcfca774477cf823949e5703b0ac48818cc.patch + added libxc-sr-9e59d9f8ee3808acde9833192211da25f66d8cc2.patch + added libxc-sr-LIBXL_HAVE_DOMAIN_SUSPEND_PROPS.patch + added libxc-sr-abort_if_busy.patch + added libxc-sr-f17a73b3c0264c62dd6b5dae01ed621c051c3038.patch + added libxc-sr-max_iters.patch + added libxc-sr-min_remaining.patch + added libxc-sr-number-of-iterations.patch + added libxc-sr-precopy_policy.patch + added libxc-sr-restore-hvm-legacy-superpage.patch + added libxc-sr-track-migration-time.patch + added libxc-sr-xg_sr_bitmap-populated_pfns.patch + added libxc-sr-xg_sr_bitmap.patch + added libxc-sr-xl-migration-debug.patch + +------------------------------------------------------------------- +Thu Jul 22 22:33:51 UTC 2021 - James Fehlig + +- spec: Change the '--with-system-ovmf' configure option to use + the new Xen-specific ovmf firmware. The traditional, unified + firmwares will no longer support multi-VMM. For more information + + https://bugzilla.tianocore.org/show_bug.cgi?id=1689 + https://bugzilla.tianocore.org/show_bug.cgi?id=2122 + +------------------------------------------------------------------- +Wed Jul 21 08:08:08 UTC 2021 - ohering@suse.de + +- bsc#1176189 - xl monitoring process exits during xl save -p|-c + keep the monitoring process running to cleanup the domU during shutdown + xl-save-pc.patch + +------------------------------------------------------------------- +Tue Jul 13 12:30:00 CEST 2021 - jbeulich@suse.com + +- bsc#1179246 - Dom0 hangs when pinning CPUs for dom0 with HVM guest + 60be0e24-credit2-pick-runnable-unit.patch + 60be0e42-credit2-per-entity-load-tracking-when-continuing.patch +- Upstream bug fixes (bsc#1027519) + 60be3097-x86-CPUID-fix-HLE-and-RTM-handling-again.patch + 60bf9e19-Arm-create-dom0less-domUs-earlier.patch (Replaces xsa372-1.patch) + 60bf9e1a-Arm-boot-modules-scrubbing.patch (Replaces xsa372-2.patch) + 60bf9e1b-VT-d-size-qinval-queue-dynamically.patch (Replaces xsa373-1.patch) + 60bf9e1c-AMD-IOMMU-size-command-buffer-dynamically.patch (Replaces xsa373-2.patch) + 60bf9e1d-VT-d-eliminate-flush-related-timeouts.patch (Replaces xsa373-2.patch) + 60bf9e1e-x86-spec-ctrl-protect-against-SCSB.patch (Replaces xsa375.patch) + 60bf9e1f-x86-spec-ctrl-mitigate-TAA-after-S3.patch (Replaces xsa377.patch) + 60bfa904-AMD-IOMMU-wait-for-command-slot.patch (Replaces xsa373-4.patch) + 60bfa906-AMD-IOMMU-drop-command-completion-timeout.patch (Replaces xsa373-5.patch) + 60c8a7ac-x86-vpt-fully-init-timers-before-enlisting.patch + 60c8de6e-osdep_xenforeignmemory_map-prototype.patch + 60d49689-VT-d-undo-device-mappings-upon-error.patch + 60d496b9-VT-d-adjust-domid-map-updating-on-unmap.patch + 60d496d6-VT-d-clear_fault_bits-should-clear-all.patch + 60d496ee-VT-d-dont-lose-errors-on-multi-IOMMU-flush.patch + 60d5c6df-IOMMU-PCI-dont-let-domain-cleanup-continue.patch +- Dropped gcc11-fixes.patch + +------------------------------------------------------------------- +Tue Jun 29 10:10:10 UTC 2021 - ohering@suse.de + +- bsc#1180350 - some long deprecated commands were finally removed + in qemu6. Adjust libxl to use supported commands. + libxl-d5f54009dba11d04bfe2a28eee47b994de66b84a.patch + libxl-f3f778c81769075ac0eb93b98d4b2803e7936453.patch + libxl-4e217db45e83fc3173382306c8b03da86099a25d.patch + libxl-85760c03d664400368a3f76ae0225307c25049a7.patch + libxl-0ff26a3225d69ffec76fe5aca8296852fa951204.patch + libxl-7c313e8365eb663311a0cf39f77b4f5880244765.patch + libxl-0c0b3a7e4a2d65fd252b89b46bdcdb048bb24b6c.patch + libxl-fe6630ddc4e8a8fbf8dd28a1bc58e3881393f9c1.patch + libxl-qemu6-vnc-password.patch + libxl-qemu6-scsi.patch + +------------------------------------------------------------------- +Tue Jun 22 09:09:09 UTC 2021 - ohering@suse.de + +- Update logrotate.conf, move global options into per-file sections + to prevent globbering of global state (bsc#1187406) + +------------------------------------------------------------------- +Mon Jun 7 15:15:15 UTC 2021 - ohering@suse.de + +- Fix shell macro expansion in xen.spec, so that ExecStart= + in xendomains-wait-disks.service is created correctly (bsc#1183877) + +------------------------------------------------------------------- +Mon May 31 12:30:00 CEST 2021 - jbeulich@suse.com + +- Upstream bug fixes (bsc#1027519) + 60631c38-VT-d-QI-restore-flush-hooks.patch + 60700077-x86-vpt-avoid-pt_migrate-rwlock.patch + 60787714-revert-x86-HPET-avoid-legacy-replacement-mode.patch + 60787714-x86-HPET-avoid-legacy-replacement-mode.patch + 60787714-x86-HPET-factor-legacy-replacement-mode-enabling.patch + 608676f2-VT-d-register-based-invalidation-optional.patch + 60a27288-x86emul-gas-2-36-test-harness-build.patch + 60af933d-x86-gcc11-hypervisor-build.patch + 60afe616-x86-CPUID-rework-HLE-and-RTM-handling.patch + 60afe617-x86-TSX-minor-cleanup-and-improvements.patch + 60afe618-x86-TSX-deprecate-vpmu=rtm-abort.patch +- Embargoed security fixes + xsa372-1.patch + xsa372-2.patch + xsa373-1.patch + xsa373-2.patch + xsa373-3.patch + xsa373-4.patch + xsa373-5.patch + xsa375.patch + xsa377.patch +- Embargoed non-security fix + x86-TSX-cope-with-deprecation.patch + +------------------------------------------------------------------- +Mon May 31 12:20:00 CEST 2021 - jbeulich@suse.com + +- x86-cpufreq-report.patch: Drop. We haven't had a kernel understanding + this custom extension for quite some time. + +------------------------------------------------------------------- +Tue May 4 14:14:14 UTC 2021 - ohering@suse.de + +- Add xen.sysconfig-fillup.patch to make sure xencommons is in a + format as expected by fillup. (bsc#1185682) + Each comment needs to be followed by an enabled key. Otherwise + fillup will remove manually enabled key=value pairs, along with + everything that looks like a stale comment, during next pkg update + +------------------------------------------------------------------- +Tue May 4 09:09:09 UTC 2021 - ohering@suse.de + +- Remove init.xen_loop and /etc/modprobe.d/xen_loop.conf + The number of loop devices is unlimited since a while + +------------------------------------------------------------------- +Tue Apr 27 12:50:50 UTC 2021 - ohering@suse.de + +- Refresh xenstore-launch.patch to cover also daemon case + +------------------------------------------------------------------- +Wed Apr 21 16:11:28 MDT 2021 - carnold@suse.com + +- Now that SOURCE_DATE_EPOCH is defined and Xen Makefile uses it, + drop reproducible.patch + +------------------------------------------------------------------- +Tue Apr 20 13:01:41 MDT 2021 - carnold@suse.com + +- Update to Xen 4.15.0 FCS release + xen-4.15.0-testing-src.tar.bz2 + * Xen can now export Intel Processor Trace (IPT) data from guests to tools in dom0. + * Xen now supports Viridian enlightenments for guests with more than 64 vcpus. + * Xenstored and oxenstored both now support LiveUpdate (tech preview). + * Unified boot images + * Switched x86 MSR accesses to deny by default policy. + * Named PCI devices for xl/libxl and improved documentation for xl PCI configuration format. + * Support for zstd-compressed dom0 (x86) and domU kernels. + * Reduce ACPI verbosity by default. + * Add ucode=allow-same option to test late microcode loading path. + * Library improvements from NetBSD ports upstreamed. + * x86: Allow domains to use AVX-VNNI instructions. + * Added XEN_SCRIPT_DIR configuration option to specify location for Xen scripts. + * xennet: Documented a way for the backend (or toolstack) to specify MTU to the frontend. + * On detecting a host crash, some debug key handlers can automatically triggered to aid in debugging. + * Increase the maximum number of guests which can share a single IRQ from 7 to 16, and make this configurable with irq-max-guests. +- Dropped patches contained in new tarball + 5fca3b32-tools-libs-ctrl-fix-dumping-of-ballooned-guest.patch + 5fedf9f4-x86-hpet_setup-fix-retval.patch + 5ff458f2-x86-vPCI-tolerate-disabled-MSI-X-entry.patch + 5ff71655-x86-dpci-EOI-regardless-of-masking.patch + 5ffc58c4-ACPI-reduce-verbosity-by-default.patch + 5ffc58e8-x86-ACPI-dont-overwrite-FADT.patch + 600999ad-x86-dpci-do-not-remove-pirqs-from.patch + 600ab341-x86-vioapic-EOI-check-IRR-before-inject.patch + 6011bbc7-x86-timer-fix-boot-without-PIT.patch + 6013e4bd-memory-bail-from-page-scrub-when-CPU-offline.patch + 6013e546-x86-HVM-reorder-domain-init-error-path.patch + 601d4396-x86-EFI-suppress-ld-2-36-debug-info.patch + 602bd768-page_alloc-only-flush-after-scrubbing.patch + 602cfe3d-IOMMU-check-if-initialized-before-teardown.patch + 602e5a8c-gnttab-never-permit-mapping-transitive-grants.patch + 602e5abb-gnttab-bypass-IOMMU-when-mapping-own-grant.patch + 602ffae9-tools-libs-light-fix-xl-save--c-handling.patch + 6037b02e-x86-EFI-suppress-ld-2-36-base-relocs.patch + 60787714-x86-HPET-avoid-legacy-replacement-mode.patch + 60787714-x86-HPET-factor-legacy-replacement-mode-enabling.patch + 60410127-gcc11-adjust-rijndaelEncrypt.patch + 60422428-x86-shadow-avoid-fast-fault-path.patch + 604b9070-VT-d-disable-QI-IR-before-init.patch + 60535c11-libxl-domain-soft-reset.patch (Replaces xsa368.patch) + 60700077-x86-vpt-avoid-pt_migrate-rwlock.patch + libxc-bitmap-50a5215f30e964a6f16165ab57925ca39f31a849.patch + libxc-bitmap-longs.patch + libxc-sr-3cccdae45242dab27198b8e150be0c85acd5d3c9.patch + libxl.fix-libacpi-dependency.patch + stubdom-have-iovec.patch + xenwatchdogd-options.patch + +------------------------------------------------------------------- +Mon Apr 19 12:03:30 MDT 2021 - carnold@suse.com + +- bsc#1180491 - "Panic on CPU 0: IO-APIC + timer doesn't work!" + 60787714-x86-HPET-avoid-legacy-replacement-mode.patch + 60787714-x86-HPET-factor-legacy-replacement-mode-enabling.patch +- Upstream bug fixes (bsc#1027519) + 60410127-gcc11-adjust-rijndaelEncrypt.patch + 60422428-x86-shadow-avoid-fast-fault-path.patch + 604b9070-VT-d-disable-QI-IR-before-init.patch + 60535c11-libxl-domain-soft-reset.patch (Replaces xsa368.patch) + 60700077-x86-vpt-avoid-pt_migrate-rwlock.patch + +------------------------------------------------------------------- +Thu Mar 25 10:10:10 UTC 2021 - ohering@suse.de + +- bsc#1137251 - Restore changes for xen-dom0-modules.service which + were silently removed on 2019-10-17 + +------------------------------------------------------------------- +Fri Mar 12 19:19:19 UTC 2021 - ohering@suse.de + +- bsc#1177112 - Fix libxc.sr.superpage.patch + The receiving side did detect holes in a to-be-allocated superpage, + but allocated a superpage anyway. This resulted to over-allocation. + +------------------------------------------------------------------- +Mon Mar 8 16:16:16 UTC 2021 - ohering@suse.de + +- bsc#1167608 - adjust limit for max_event_channels + A previous change allowed an unbound number of event channels + to make sure even large domUs can start of of the box. + This may have a bad side effect in the light of XSA-344. + Adjust the built-in limit based on the number of vcpus. + In case this is not enough, max_event_channels=/maxEventChannels= + has to be used to set the limit as needed for large domUs + adjust libxl.max_event_channels.patch + +------------------------------------------------------------------- +Fri Mar 5 08:49:56 MST 2021 - carnold@suse.com + +- bsc#1183072 - VUL-0: CVE-2021-28687: xen: HVM soft-reset crashes + toolstack (XSA-368). Also resolves, + bsc#1179148 - kdump of HVM fails, soft-reset not handled by libxl + bsc#1181989 - openQA job causes libvirtd to dump core when + running kdump inside domain + xsa368.patch + +------------------------------------------------------------------- +Tue Feb 26 14:00:00 CET 2021 - jbeulich@suse.com + +- bsc#1177204 - L3-Question: conring size for XEN HV's with huge + memory to small. Inital Xen logs cut + 5ffc58c4-ACPI-reduce-verbosity-by-default.patch +- Upstream bug fixes (bsc#1027519) + 601d4396-x86-EFI-suppress-ld-2-36-debug-info.patch + 602bd768-page_alloc-only-flush-after-scrubbing.patch + 602cfe3d-IOMMU-check-if-initialized-before-teardown.patch + 602e5a8c-gnttab-never-permit-mapping-transitive-grants.patch + 602e5abb-gnttab-bypass-IOMMU-when-mapping-own-grant.patch + 6037b02e-x86-EFI-suppress-ld-2-36-base-relocs.patch +- bsc#1181921 - GCC 11: xen package fails + gcc11-fixes.patch + +------------------------------------------------------------------- +Tue Feb 23 10:00:26 MST 2021 - carnold@suse.com + +- bsc#1182576 - L3: XEN domU crashed on resume when using the xl + unpause command + 602ffae9-tools-libs-light-fix-xl-save--c-handling.patch + +------------------------------------------------------------------- +Thu Feb 18 11:42:54 MST 2021 - carnold@suse.com + +- Start using the %autosetup macro to simplify patch management + xen.spec + +------------------------------------------------------------------- +Wed Feb 10 12:52:00 MST 2021 - carnold@suse.com + +- bsc#1181921 - GCC 11: xen package fails + gcc11-fixes.patch +- Drop gcc10-fixes.patch + +------------------------------------------------------------------- +Tue Feb 2 05:37:27 MST 2021 - carnold@suse.com + +- Upstream bug fixes (bsc#1027519) + 5fedf9f4-x86-hpet_setup-fix-retval.patch + 5ff458f2-x86-vPCI-tolerate-disabled-MSI-X-entry.patch + 5ff71655-x86-dpci-EOI-regardless-of-masking.patch + 5ffc58e8-x86-ACPI-dont-overwrite-FADT.patch + 600999ad-x86-dpci-do-not-remove-pirqs-from.patch (Replaces xsa360.patch) + 600ab341-x86-vioapic-EOI-check-IRR-before-inject.patch + 6013e4bd-memory-bail-from-page-scrub-when-CPU-offline.patch + 6013e546-x86-HVM-reorder-domain-init-error-path.patch +- bsc#1180491 - "Panic on CPU 0: IO-APIC + timer doesn't work!" + 6011bbc7-x86-timer-fix-boot-without-PIT.patch + +------------------------------------------------------------------- +Thu Jan 21 08:46:20 MST 2021 - carnold@suse.com + +- bsc#1181254 - VUL-0: xen: IRQ vector leak on x86 (XSA-360) + xsa360.patch + +------------------------------------------------------------------- +Wed Jan 13 14:27:51 MST 2021 - carnold@suse.com + +- bsc#1180794 - bogus qemu binary path used when creating fv guest + under xen + xen.spec + +------------------------------------------------------------------- +Wed Jan 13 10:36:49 MST 2021 - carnold@suse.com + +- bsc#1180690 - L3-Question: xen: no needsreboot flag set + Add Provides: installhint(reboot-needed) in xen.spec for libzypp + +------------------------------------------------------------------- +Mon Jan 4 19:19:19 UTC 2021 - ohering@suse.de + +- Update libxl.set-migration-constraints-from-cmdline.patch + Remove code which handled --max_factor. The total amount of + transferred data is no indicator to trigger the final stop+copy. + This should have been removed during upgrade to Xen 4.7. + Fix off-by-one in --max_iters, it caused one additional copy cycle. + Reduce default value of --max_iters from 5 to 2. + The workload within domU will continue to produce dirty pages. + It is unreasonable to expect any slowdown during migration. + Now there is one initial copy of all memory, one instead of four + iteration for dirty memory, and a final copy iteration prior move. + +------------------------------------------------------------------- +Thu Dec 17 10:15:31 MST 2020 - carnold@suse.com + +- Update to Xen 4.14.1 bug fix release (bsc#1027519) + xen-4.14.1-testing-src.tar.bz2 + Contains the following recent security fixes + bsc#1179516 XSA-359 - CVE-2020-29571 + bsc#1179514 XSA-358 - CVE-2020-29570 + bsc#1179513 XSA-356 - CVE-2020-29567 + bsc#1178963 XSA-355 - CVE-2020-29040 + bsc#1178591 XSA-351 - CVE-2020-28368 + bsc#1179506 XSA-348 - CVE-2020-29566 + bsc#1179502 XSA-325 - CVE-2020-29483 + bsc#1179501 XSA-324 - CVE-2020-29484 + bsc#1179498 XSA-322 - CVE-2020-29481 + bsc#1179496 XSA-115 - CVE-2020-29480 +- Dropped patches contained in new tarball + 5f1a9916-x86-S3-put-data-sregs-into-known-state.patch + 5f21b9fd-x86-cpuid-APIC-bit-clearing.patch + 5f479d9e-x86-begin-to-support-MSR_ARCH_CAPS.patch + 5f4cf06e-x86-Dom0-expose-MSR_ARCH_CAPS.patch + 5f4cf96a-x86-PV-fix-SEGBASE_GS_USER_SEL.patch + 5f560c42-x86-PV-64bit-segbase-consistency.patch + 5f560c42-x86-PV-rewrite-segment-ctxt-switch.patch + 5f5b6b7a-hypfs-fix-custom-param-writes.patch + 5f607915-x86-HVM-more-consistent-IO-completion.patch + 5f6a002d-x86-PV-handle-MSR_MISC_ENABLE-correctly.patch + 5f6a0049-memory-dont-skip-RCU-unlock-in-acquire_resource.patch + 5f6a0067-x86-vPT-fix-race-when-migrating-timers.patch + 5f6a008e-x86-MSI-drop-read_msi_msg.patch + 5f6a00aa-x86-MSI-X-restrict-reading-of-PBA-bases.patch + 5f6a00c4-evtchn-relax-port_is_valid.patch + 5f6a00df-x86-PV-avoid-double-exception-injection.patch + 5f6a00f4-evtchn-add-missing-barriers.patch + 5f6a0111-evtchn-x86-enforce-correct-upper-limit.patch + 5f6a013f-evtchn_reset-shouldnt-succeed-with.patch + 5f6a0160-evtchn-IRQ-safe-per-channel-lock.patch + 5f6a0178-evtchn-address-races-with-evtchn_reset.patch + 5f6a01a4-evtchn-preempt-in-evtchn_destroy.patch + 5f6a01c6-evtchn-preempt-in-evtchn_reset.patch + 5f6cfb5b-x86-PV-dont-GP-for-SYSENTER-with-NT-set.patch + 5f6cfb5b-x86-PV-dont-clobber-NT-on-return-to-guest.patch + 5f71a21e-x86-S3-fix-shadow-stack-resume.patch + 5f76ca65-evtchn-Flask-prealloc-for-send.patch + 5f76caaf-evtchn-FIFO-use-stable-fields.patch + 5f897c25-x86-traps-fix-read_registers-for-DF.patch + 5f897c7b-x86-smpboot-restrict-memguard_guard_stack.patch + 5f8ed5d3-x86-mm-map_pages_to_xen-single-exit-path.patch + 5f8ed5eb-x86-mm-modify_xen_mappings-one-exit-path.patch + 5f8ed603-x86-mm-prevent-races-in-mapping-updates.patch + 5f8ed635-IOMMU-suppress-iommu_dont_flush_iotlb-when.patch + 5f8ed64c-IOMMU-hold-page-ref-until-TLB-flush.patch + 5f8ed682-AMD-IOMMU-convert-amd_iommu_pte.patch + 5f8ed69c-AMD-IOMMU-update-live-PTEs-atomically.patch + 5f8ed6b0-AMD-IOMMU-suitably-order-DTE-mods.patch + xsa286-1.patch + xsa286-2.patch + xsa286-3.patch + xsa286-4.patch + xsa286-5.patch + xsa286-6.patch + xsa351-1.patch + xsa351-2.patch + xsa351-3.patch + xsa355.patch + +------------------------------------------------------------------- +Wed Dec 16 16:16:16 UTC 2020 - ohering@suse.de + +- Pass --with-rundir to configure to get rid of /var/run + +------------------------------------------------------------------- +Tue Dec 15 15:15:15 UTC 2020 - ohering@suse.de + +- bsc#1178736 - allow restart of xenwatchdogd, enable tuning of + keep-alive interval and timeout options via XENWATCHDOGD_ARGS= + add xenwatchdogd-options.patch + add xenwatchdogd-restart.patch + +------------------------------------------------------------------- +Tue Dec 15 10:10:10 UTC 2020 - ohering@suse.de + +- bsc#1177112 - Fix libxc.sr.superpage.patch + The receiving side may punch holes incorrectly into optimistically + allocated superpages. Also reduce overhead in bitmap handling. + add libxc-bitmap-50a5215f30e964a6f16165ab57925ca39f31a849.patch + add libxc-bitmap-long.patch + add libxc-bitmap-longs.patch + +------------------------------------------------------------------- +Mon Dec 14 14:22:08 MST 2020 - carnold@suse.com + +- boo#1029961 - Move files in xen-tools-domU to /usr/bin from /bin + xen-destdir.patch + Drop tmp_build.patch + +------------------------------------------------------------------- +Fri Dec 4 06:54:08 MST 2020 - carnold@suse.com + +- bsc#1176782 - L3: xl dump-core shows missing nr_pages during + core. If maxmem and current are the same the issue doesn't happen + 5fca3b32-tools-libs-ctrl-fix-dumping-of-ballooned-guest.patch + +------------------------------------------------------------------- +Fri Nov 20 15:09:49 MST 2020 - carnold@suse.com + +- bsc#1178963 - VUL-0: xen: stack corruption from XSA-346 change + (XSA-355) + xsa355.patch + +------------------------------------------------------------------- +Fri Nov 20 20:20:20 UTC 2020 - ohering@suse.de + +- Fix build error with libxl.fix-libacpi-dependency.patch + +------------------------------------------------------------------- +Fri Nov 20 19:19:19 UTC 2020 - ohering@suse.de + +- Enhance libxc.migrate_tracking.patch + Hide SUSEINFO messages from pause/unpause/resume from xl command. + They are intended for libvirt logging, but lacked info about + execution context. + Remove extra logging about dirty pages in each iteration, the + number of transferred pages + protocol overhead is already + reported elsewhere. + +------------------------------------------------------------------- +Fri Nov 20 18:18:18 UTC 2020 - ohering@suse.de + +- Remove libxl.libxl__domain_pvcontrol.patch + It is already part of 4.14.0-rc1 + +------------------------------------------------------------------- +Tue Nov 10 09:38:03 MST 2020 - carnold@suse.com + +- bsc#1178591 - VUL-0: CVE-2020-28368: xen: Intel RAPL sidechannel + attack aka PLATYPUS attack aka XSA-351 + xsa351-1.patch + xsa351-2.patch + xsa351-3.patch + +------------------------------------------------------------------- +Mon Nov 2 11:11:11 UTC 2020 - ohering@suse.de + +- bsc#1177950 - adjust help for --max_iters, default is 5 + libxl.set-migration-constraints-from-cmdline.patch + +------------------------------------------------------------------- +Fri Oct 30 11:11:11 UTC 2020 - ohering@suse.de + +- jsc#SLE-16899 - improve performance of live migration + remove allocations and memcpy from hotpaths on sending and + receiving side to get more throughput on 10Gbs+ connections + libxc-sr-3cccdae45242dab27198b8e150be0c85acd5d3c9.patch + libxc-sr-add-xc_is_known_page_type.patch + libxc-sr-arrays.patch + libxc-sr-batch_pfns.patch + libxc-sr-page_type_has_stream_data.patch + libxc-sr-readv_exact.patch + libxc-sr-restore-handle_buffered_page_data.patch + libxc-sr-restore-handle_incoming_page_data.patch + libxc-sr-restore-map_errs.patch + libxc-sr-restore-mfns.patch + libxc-sr-restore-pfns.patch + libxc-sr-restore-populate_pfns-mfns.patch + libxc-sr-restore-populate_pfns-pfns.patch + libxc-sr-restore-read_record.patch + libxc-sr-restore-types.patch + libxc-sr-save-errors.patch + libxc-sr-save-guest_data.patch + libxc-sr-save-iov.patch + libxc-sr-save-local_pages.patch + libxc-sr-save-mfns.patch + libxc-sr-save-rec_pfns.patch + libxc-sr-save-show_transfer_rate.patch + libxc-sr-save-types.patch + libxc-sr-use-xc_is_known_page_type.patch + adjust libxc.sr.superpage.patch + adjust libxc.migrate_tracking.patch + +------------------------------------------------------------------- +Wed Oct 21 09:34:32 MDT 2020 - carnold@suse.com + +- Upstream bug fixes (bsc#1027519) + 5f479d9e-x86-begin-to-support-MSR_ARCH_CAPS.patch + 5f4cf06e-x86-Dom0-expose-MSR_ARCH_CAPS.patch + 5f4cf96a-x86-PV-fix-SEGBASE_GS_USER_SEL.patch + 5f560c42-x86-PV-rewrite-segment-ctxt-switch.patch + 5f5b6b7a-hypfs-fix-custom-param-writes.patch + 5f607915-x86-HVM-more-consistent-IO-completion.patch + 5f6cfb5b-x86-PV-dont-GP-for-SYSENTER-with-NT-set.patch + 5f6cfb5b-x86-PV-dont-clobber-NT-on-return-to-guest.patch + 5f71a21e-x86-S3-fix-shadow-stack-resume.patch + 5f76ca65-evtchn-Flask-prealloc-for-send.patch + 5f76caaf-evtchn-FIFO-use-stable-fields.patch + 5f897c25-x86-traps-fix-read_registers-for-DF.patch + 5f897c7b-x86-smpboot-restrict-memguard_guard_stack.patch +- Renamed patches + 5f560c42-x86-PV-64bit-segbase-consistency.patch + Replaces 5f5b6951-x86-PV-64bit-segbase-consistency.patch + 5f6a002d-x86-PV-handle-MSR_MISC_ENABLE-correctly.patch + Replaces 5f6a05a0-pv-Handle-the-Intel-specific-MSR_MISC_ENABLE-correctly.patch + 5f6a0049-memory-dont-skip-RCU-unlock-in-acquire_resource.patch + Replaces 5f6a05b7-xen-memory-Dont-skip-the-RCU-unlock-path-in-acquire_resource.patch + 5f6a0067-x86-vPT-fix-race-when-migrating-timers.patch + Replaces 5f6a05dd-vpt-fix-race-when-migrating-timers-between-vCPUs.patch + 5f6a008e-x86-MSI-drop-read_msi_msg.patch + Replaces 5f6a05fa-msi-get-rid-of-read_msi_msg.patch + 5f6a00aa-x86-MSI-X-restrict-reading-of-PBA-bases.patch + Replaces 5f6a061a-MSI-X-restrict-reading-of-table-PBA-bases-from-BARs.patch + 5f6a00c4-evtchn-relax-port_is_valid.patch + Replaces 5f6a062c-evtchn-relax-port_is_valid.patch + 5f6a00df-x86-PV-avoid-double-exception-injection.patch + Replaces 5f6a065c-pv-Avoid-double-exception-injection.patch + 5f6a00f4-evtchn-add-missing-barriers.patch + Replaces 5f6a0674-xen-evtchn-Add-missing-barriers-when-accessing-allocating-an-event-channel.patch + 5f6a0111-evtchn-x86-enforce-correct-upper-limit.patch + Replaces 5f6a068e-evtchn-x86-enforce-correct-upper-limit-for-32-bit-guests.patch + 5f6a013f-evtchn_reset-shouldnt-succeed-with.patch + Replaces 5f6a06be-evtchn-evtchn_reset-shouldnt-succeed-with-still-open-ports.patch + 5f6a0160-evtchn-IRQ-safe-per-channel-lock.patch + Replaces 5f6a06e0-evtchn-convert-per-channel-lock-to-be-IRQ-safe.patch + 5f6a0178-evtchn-address-races-with-evtchn_reset.patch + Replaces 5f6a06f2-evtchn-address-races-with-evtchn_reset.patch + 5f6a01a4-evtchn-preempt-in-evtchn_destroy.patch + Replaces 5f6a071f-evtchn-arrange-for-preemption-in-evtchn_destroy.patch + 5f6a01c6-evtchn-preempt-in-evtchn_reset.patch + Replaces 5f6a0754-evtchn-arrange-for-preemption-in-evtchn_reset.patch + +------------------------------------------------------------------- +Tue Oct 13 10:48:04 MDT 2020 - carnold@suse.com + +- bsc#1177409 - VUL-0: CVE-2020-27674: xen: x86 PV guest + INVLPG-like flushes may leave stale TLB entries (XSA-286) + xsa286-1.patch + xsa286-2.patch + xsa286-3.patch + xsa286-4.patch + xsa286-5.patch + xsa286-6.patch +- bsc#1177412 - VUL-0: CVE-2020-27672: xen: Race condition in Xen + mapping code (XSA-345) + 5f8ed5d3-x86-mm-map_pages_to_xen-single-exit-path.patch + 5f8ed5eb-x86-mm-modify_xen_mappings-one-exit-path.patch + 5f8ed603-x86-mm-prevent-races-in-mapping-updates.patch +- bsc#1177413 - VUL-0: CVE-2020-27671: xen: undue deferral of IOMMU + TLB flushes (XSA-346) + 5f8ed635-IOMMU-suppress-iommu_dont_flush_iotlb-when.patch + 5f8ed64c-IOMMU-hold-page-ref-until-TLB-flush.patch +- bsc#1177414 - VUL-0: CVE-2020-27670: xen: unsafe AMD IOMMU page + table updates (XSA-347) + 5f8ed682-AMD-IOMMU-convert-amd_iommu_pte.patch + 5f8ed69c-AMD-IOMMU-update-live-PTEs-atomically.patch + 5f8ed6b0-AMD-IOMMU-suitably-order-DTE-mods.patch + +------------------------------------------------------------------- +Mon Oct 12 10:10:10 UTC 2020 - ohering@suse.de + +- Update libxc.sr.superpage.patch + set errno in x86_hvm_alloc_4k (bsc#1177112) + +------------------------------------------------------------------- +Tue Sep 22 10:54:28 MDT 2020 - carnold@suse.com + +- bsc#1176339 - VUL-0: CVE-2020-25602: xen: x86 pv: Crash when + handling guest access to MSR_MISC_ENABLE (XSA-333) + 5f6a05a0-pv-Handle-the-Intel-specific-MSR_MISC_ENABLE-correctly.patch +- bsc#1176341 - VUL-0: CVE-2020-25598: xen: Missing unlock in + XENMEM_acquire_resource error path (XSA-334) + 5f6a05b7-xen-memory-Dont-skip-the-RCU-unlock-path-in-acquire_resource.patch +- bsc#1176343 - VUL-0: CVE-2020-25604: xen: race when migrating + timers between x86 HVM vCPU-s (XSA-336) + 5f6a05dd-vpt-fix-race-when-migrating-timers-between-vCPUs.patch +- bsc#1176344 - VUL-0: CVE-2020-25595: xen: PCI passthrough code + reading back hardware registers (XSA-337) + 5f6a05fa-msi-get-rid-of-read_msi_msg.patch + 5f6a061a-MSI-X-restrict-reading-of-table-PBA-bases-from-BARs.patch +- bsc#1176346 - VUL-0: CVE-2020-25597: xen: once valid event + channels may not turn invalid (XSA-338) + 5f6a062c-evtchn-relax-port_is_valid.patch +- bsc#1176345 - VUL-0: CVE-2020-25596: xen: x86 pv guest kernel + DoS via SYSENTER (XSA-339) + 5f6a065c-pv-Avoid-double-exception-injection.patch +- bsc#1176347 - VUL-0: CVE-2020-25603: xen: Missing barrier + barriers when accessing/allocating an event channel (XSA-340) + 5f6a0674-xen-evtchn-Add-missing-barriers-when-accessing-allocating-an-event-channel.patch +- bsc#1176348 - VUL-0: CVE-2020-25600: xen: out of bounds event + channels available to 32-bit x86 domains (XSA-342) + 5f6a068e-evtchn-x86-enforce-correct-upper-limit-for-32-bit-guests.patch +- bsc#1176349 - VUL-0: CVE-2020-25599: xen: races with + evtchn_reset() (XSA-343) + 5f6a06be-evtchn-evtchn_reset-shouldnt-succeed-with-still-open-ports.patch + 5f6a06e0-evtchn-convert-per-channel-lock-to-be-IRQ-safe.patch + 5f6a06f2-evtchn-address-races-with-evtchn_reset.patch +- bsc#1176350 - VUL-0: CVE-2020-25601: xen: lack of preemption in + evtchn_reset() / evtchn_destroy() (XSA-344) + 5f6a071f-evtchn-arrange-for-preemption-in-evtchn_destroy.patch + 5f6a0754-evtchn-arrange-for-preemption-in-evtchn_reset.patch +- Upstream bug fix (bsc#1027519) + 5f5b6951-x86-PV-64bit-segbase-consistency.patch + +------------------------------------------------------------------- +Mon Sep 21 14:03:02 MDT 2020 - carnold@suse.com + +- Fix problems in xen.spec with building on aarch64 + +------------------------------------------------------------------- +Fri Sep 18 15:20:31 MDT 2020 - carnold@suse.com + +- Make use of %service_del_postun_without_restart while preserving + the old behavior for older distros. +- In %post tools, remove unnecessary qemu symlinks. + +------------------------------------------------------------------- +Thu Sep 17 11:11:11 UTC 2020 - ohering@suse.de + +- Fix error in xen-tools %post when linking pvgrub64.bin +- Make paths below libexec more explicit +- Create symlink also for pvgrub32.bin + +------------------------------------------------------------------- +Fri Sep 11 11:11:11 UTC 2020 - ohering@suse.de + +- Revert previous libexec change for qemu compat wrapper + The path is used in existing domU.xml files in the emulator field +- Escape some % chars in xen.spec, they have to appear verbatim + +------------------------------------------------------------------- +Wed Sep 9 10:11:12 UTC 2020 - ohering@suse.de + +- Enhance libxc.migrate_tracking.patch + Print number of allocated pages on sending side, this is more + accurate than p2m_size. + +------------------------------------------------------------------- +Wed Sep 2 12:53:47 MDT 2020 - carnold@suse.com + +- jsc#SLE-15926 - Dev: XEN: drop netware support + Dropped the following patches + pygrub-netware-xnloader.patch + xnloader.py + Refreshed pygrub-boot-legacy-sles.patch + +------------------------------------------------------------------- +Tue Sep 1 12:28:43 UTC 2020 - Guillaume GARDET + +- Fix build on aarch64 with gcc10 +- Package xenhypfs for aarch64 + +------------------------------------------------------------------- +Wed Aug 5 19:30:23 UTC 2020 - Callum Farmer + +- Correct license name + * GPL-3.0+ is now GPL-3.0-or-later + +------------------------------------------------------------------- +Mon Aug 3 06:26:08 MDT 2020 - carnold@suse.com + +- Upstream bug fixes (bsc#1027519) + 5f1a9916-x86-S3-put-data-sregs-into-known-state.patch + 5f21b9fd-x86-cpuid-APIC-bit-clearing.patch + +------------------------------------------------------------------- +Fri Jul 24 16:27:29 MDT 2020 - carnold@suse.com + +- Update to Xen 4.14.0 FCS release + xen-4.14.0-testing-src.tar.bz2 + * Linux stubdomains (contributed by QUBES OS) + * Control-flow Enforcement Technology (CET) Shadow Stack support (contributed by Citrix) + * Lightweight VM fork for fuzzing / introspection. (contributed by Intel) + * Livepatch: buildid and hotpatch stack requirements + * CONFIG_PV32 + * Hypervisor FS support + * Running Xen as a Hyper-V Guest + * Domain ID randomization, persistence across save / restore + * Golang binding autogeneration + * KDD support for Windows 7, 8.x and 10 +- Dropped patches contained in new tarball + 5eb51be6-cpupool-fix-removing-cpu-from-pool.patch + 5eb51caa-sched-vcpu-pause-flags-atomic.patch + 5ec2a760-x86-determine-MXCSR-mask-always.patch + 5ec50b05-x86-idle-rework-C6-EOI-workaround.patch + 5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch + 5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch + 5ec82237-x86-extend-ISR-C6-workaround-to-Haswell.patch + 5ece1b91-x86-clear-RDRAND-CPUID-bit-on-AMD-fam-15-16.patch + 5ece8ac4-x86-load_system_tables-NMI-MC-safe.patch + 5ed69804-x86-ucode-fix-start-end-update.patch + 5eda60cb-SVM-split-recalc-NPT-fault-handling.patch + 5edf6ad8-ioreq-pending-emulation-server-destruction-race.patch + 5edfbbea-x86-spec-ctrl-CPUID-MSR-defs-for-SRBDS.patch + 5edfbbea-x86-spec-ctrl-mitigate-SRBDS.patch + 5ee24d0e-x86-spec-ctrl-document-SRBDS-workaround.patch + xsa317.patch + xsa319.patch + xsa321-1.patch + xsa321-2.patch + xsa321-3.patch + xsa321-4.patch + xsa321-5.patch + xsa321-6.patch + xsa321-7.patch + xsa328-1.patch + xsa328-2.patch + +------------------------------------------------------------------- +Thu Jul 23 11:12:58 MDT 2020 - carnold@suse.com + +- bsc#1172356 - Not able to hot-plug NIC via virt-manager, asks to + attach on next reboot while it should be live attached + ignore-ip-command-script-errors.patch + +------------------------------------------------------------------- +Fri Jul 17 14:14:14 UTC 2020 - ohering@suse.de + +- Enhance libxc.migrate_tracking.patch + After transfer of domU memory, the target host has to assemble + the backend devices. Track the time prior xc_domain_unpause. + +------------------------------------------------------------------- +Tue Jun 30 18:03:40 UTC 2020 - ohering@suse.de + +- Add libxc.migrate_tracking.patch to track live migrations + unconditionally in logfiles, especially in libvirt. + This will track how long a domU was suspended during transit. + +------------------------------------------------------------------- +Mon Jun 29 11:28:27 MDT 2020 - carnold@suse.com + +- bsc#1173376 - VUL-0: CVE-2020-15566: xen: XSA-317 - Incorrect + error handling in event channel port allocation + xsa317.patch +- bsc#1173377 - VUL-0: CVE-2020-15563: xen: XSA-319 - inverted code + paths in x86 dirty VRAM tracking + xsa319.patch +- bsc#1173378 - VUL-0: CVE-2020-15565: xen: XSA-321 - insufficient + cache write- back under VT-d + xsa321-1.patch + xsa321-2.patch + xsa321-3.patch + xsa321-4.patch + xsa321-5.patch + xsa321-6.patch + xsa321-7.patch +- bsc#1173380 - VUL-0: CVE-2020-15567: xen: XSA-328 - non-atomic + modification of live EPT PTE + xsa328-1.patch + xsa328-2.patch + +------------------------------------------------------------------- +Mon Jun 22 11:24:48 MDT 2020 - carnold@suse.com + +- bsc#1172205 - VUL-0: CVE-2020-0543: xen: Special Register Buffer + Data Sampling (SRBDS) aka "CrossTalk" (XSA-320) + 5ee24d0e-x86-spec-ctrl-document-SRBDS-workaround.patch + 5edfbbea-x86-spec-ctrl-CPUID-MSR-defs-for-SRBDS.patch (Replaces xsa320-1.patch) + 5edfbbea-x86-spec-ctrl-mitigate-SRBDS.patch (Replaces xsa320-2.patch) +- Upstream bug fixes (bsc#1027519) + 5ec50b05-x86-idle-rework-C6-EOI-workaround.patch + 5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch + 5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch + 5ec82237-x86-extend-ISR-C6-workaround-to-Haswell.patch + 5ece1b91-x86-clear-RDRAND-CPUID-bit-on-AMD-fam-15-16.patch + 5ece8ac4-x86-load_system_tables-NMI-MC-safe.patch + 5ed69804-x86-ucode-fix-start-end-update.patch + 5eda60cb-SVM-split-recalc-NPT-fault-handling.patch + 5edf6ad8-ioreq-pending-emulation-server-destruction-race.patch + +------------------------------------------------------------------- +Fri Jun 5 16:42:16 UTC 2020 - Callum Farmer + +- Fixes for %_libexecdir changing to /usr/libexec + +------------------------------------------------------------------- +Thu May 28 08:35:20 MDT 2020 - carnold@suse.com + +- bsc#1172205 - VUL-0: CVE-2020-0543: xen: Special Register Buffer + Data Sampling (SRBDS) aka "CrossTalk" (XSA-320) + xsa320-1.patch + xsa320-2.patch + +------------------------------------------------------------------- +Mon May 18 10:55:26 MDT 2020 - carnold@suse.com + +- Update to Xen 4.13.1 bug fix release (bsc#1027519) + xen-4.13.1-testing-src.tar.bz2 + 5eb51be6-cpupool-fix-removing-cpu-from-pool.patch + 5eb51caa-sched-vcpu-pause-flags-atomic.patch + 5ec2a760-x86-determine-MXCSR-mask-always.patch +- Drop patches contained in new tarball + 5de65f84-gnttab-map-always-do-IOMMU-part.patch + 5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch + 5e15e03d-sched-fix-S3-resume-with-smt=0.patch + 5e16fb6a-x86-clear-per-cpu-stub-page-info.patch + 5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch + 5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch + 5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch + 5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch + 5e318cd4-x86-apic-fix-disabling-LVT0.patch + 5e344c11-x86-HVM-relinquish-resources-from-domain_destroy.patch + 5e3bd385-EFI-recheck-variable-name-strings.patch + 5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch + 5e3bd3f8-xmalloc-guard-against-overflow.patch + 5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch + 5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch + 5e4d4f5b-sched-fix-get_cpu_idle_time-with-core-sched.patch + 5e4e614d-x86-spec-ctrl-no-xen-also-disables-branch-hardening.patch + 5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch + 5e5e7188-fix-error-path-in-cpupool_unassign_cpu_start.patch + 5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch + 5e7a371c-sched-fix-cpu-onlining-with-core-sched.patch + 5e7c90cf-sched-fix-cpu-offlining-with-core-sched.patch + 5e7cfb29-x86-ucode-AMD-fix-assert-in-compare_patch.patch + 5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch + 5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch + 5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch + 5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch + 5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch + 5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch + 5e86f7fd-credit2-fix-credit-too-few-resets.patch + 5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch + 5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch + 5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch + 5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch + 5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch + 5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch + +------------------------------------------------------------------- +Wed May 13 21:07:29 UTC 2020 - James Fehlig + +- spec: Remove invocation of autogen.sh +- spec: Recommend qemu-ovmf-x86_64 to provide UEFI firmwares + +------------------------------------------------------------------- +Wed May 13 09:56:49 MDT 2020 - carnold@suse.com + +- bsc#1170968 - GCC 10: xen build fails on i586 + gcc10-fixes.patch + +------------------------------------------------------------------- +Tue Apr 14 11:06:08 MDT 2020 - carnold@suse.com + +- bsc#1169392 - VUL-0: CVE-2020-11742: xen: Bad continuation + handling in GNTTABOP_copy (XSA-318) + 5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch + +------------------------------------------------------------------- +Mon Apr 6 12:01:45 MDT 2020 - carnold@suse.com + +- bsc#1168140 - VUL-0: CVE-2020-11740, CVE-2020-11741: xen: XSA-313 + multiple xenoprof issues + 5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch + 5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch +- bsc#1168142 - VUL-0: CVE-2020-11739: xen: XSA-314 - Missing + memory barriers in read-write unlock paths + 5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch +- bsc#1168143 - VUL-0: CVE-2020-11743: xen: XSA-316 - Bad error + path in GNTTABOP_map_grant + 5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch +- bsc#1167152 - L3: Xenstored Crashed during VM install Need Core + analyzed + 5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch +- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog + bug soft lockup CPU #0 stuck under high load / upstream with + workaround. See also bsc#1134506 + 5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch + 5e86f7fd-credit2-fix-credit-too-few-resets.patch +- Drop for upstream solution (bsc#1165206) + 01-xen-credit2-avoid-vcpus-to.patch + default-to-credit1-scheduler.patch +- Upstream bug fixes (bsc#1027519) + 5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch + 5e5e7188-fix-error-path-in-cpupool_unassign_cpu_start.patch + 5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch + 5e7a371c-sched-fix-cpu-onlining-with-core-sched.patch + 5e7c90cf-sched-fix-cpu-offlining-with-core-sched.patch + 5e7cfb29-x86-ucode-AMD-fix-assert-in-compare_patch.patch + 5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch + 5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch + 5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch + 5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch + 5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch + +------------------------------------------------------------------- +Wed Mar 25 18:18:18 UTC 2020 - ohering@suse.de + +- bsc#1167608 - unbound limit for max_event_channels + domUs with many vcpus and/or resources fail to start + libxl.max_event_channels.patch + +------------------------------------------------------------------- +Wed Mar 18 17:00:34 UTC 2020 - ohering@suse.de + +- bsc#1161480 - Fix xl shutdown for HVM without PV drivers + add libxl.libxl__domain_pvcontrol.patch + +------------------------------------------------------------------- +Thu Mar 12 07:57:53 MDT 2020 - carnold@suse.com + +- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog + bug soft lockup CPU #0 stuck under high load / upstream with + workaround. See also bsc#1134506 + 01-xen-credit2-avoid-vcpus-to.patch + +------------------------------------------------------------------- +Tue Mar 10 07:41:34 MDT 2020 - carnold@suse.com + +- bsc#1158414 - GCC 10: xen build fails + gcc10-fixes.patch + +------------------------------------------------------------------- +Wed Mar 4 13:28:17 MST 2020 - carnold@suse.com + +- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog + bug soft lockup CPU #0 stuck under high load / upstream with + workaround. See also bsc#1134506 + default-to-credit1-scheduler.patch + +------------------------------------------------------------------- +Thu Feb 20 08:18:37 MST 2020 - carnold@suse.com + +- bsc#1160932 - VUL-0: xen: XSA-312 v1: arm: a CPU may speculate + past the ERET instruction + 5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch +- bsc#1164425 - x86: "spec-ctrl=no-xen" should also disable branch + hardening + 5e4e614d-x86-spec-ctrl-no-xen-also-disables-branch-hardening.patch +- Upstream bug fixes (bsc#1027519) + 5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch + 5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch + 5e318cd4-x86-apic-fix-disabling-LVT0.patch + 5e344c11-x86-HVM-relinquish-resources-from-domain_destroy.patch + 5e3bd385-EFI-recheck-variable-name-strings.patch + 5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch + 5e3bd3f8-xmalloc-guard-against-overflow.patch + 5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch + 5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch + 5e4d4f5b-sched-fix-get_cpu_idle_time-with-core-sched.patch + +------------------------------------------------------------------- +Tue Feb 18 18:18:18 UTC 2020 - ohering@suse.de + +- bsc#1159755 - use fixed qemu-3.1 machine type for HVM + This must be done in qemu to preserve PCI layout + remove libxl.lock-qemu-machine-for-hvm.patch + +------------------------------------------------------------------- +Fri Feb 7 12:37:35 UTC 2020 - ohering@suse.de + +- jsc#SLE-10183 - script to calculate cpuid= mask + add helper script from https://github.com/twizted/xen_maskcalc + domUs may be migrated between different cpus from the same vendor + if their visible cpuid value has incompatible feature bits masked. + +------------------------------------------------------------------- +Wed Feb 5 15:16:06 UTC 2020 - ohering@suse.de + +- jsc#SLE-10172, bsc#1055731 - handle degraded raid for xendomains + add helper script and systemd service from + https://github.com/luizluca/xen-tools-xendomains-wait-disk + in new sub package xen-tools-xendomains-wait-disk + See included README for usage instructions + xendomains-wait-disks.LICENSE + xendomains-wait-disks.README.md + xendomains-wait-disks.sh + +------------------------------------------------------------------- +Tue Jan 28 14:10:38 UTC 2020 - ohering@suse.de + +- bsc#1159755 - use fixed qemu-3.1 machine type for HVM + qemu4 introduced incompatible changes in pc-i440fx, which revealed + a design bug in 'xenfv'. Live migration from domUs started with + qemu versions prior qemu4 can not be received with qemu4+. + libxl.lock-qemu-machine-for-hvm.patch + +------------------------------------------------------------------- +Tue Jan 14 09:19:31 MST 2020 - carnold@suse.com + +- Upstream bug fixes (bsc#1027519) + 5de65f84-gnttab-map-always-do-IOMMU-part.patch + 5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch + 5e15e03d-sched-fix-S3-resume-with-smt=0.patch + 5e16fb6a-x86-clear-per-cpu-stub-page-info.patch + 5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch + +------------------------------------------------------------------- +Wed Jan 8 11:43:04 UTC 2020 - Dominique Leuenberger + +- BuildRequire pkgconfig(libsystemd) instead of systemd-devel: + Allow OBS to shortcut through the -mini flavors. + +------------------------------------------------------------------- +Wed Dec 18 10:16:52 MST 2019 - carnold@suse.com + +- bsc#1159320 - Xen logrotate file needs updated + logrotate.conf + +------------------------------------------------------------------- +Wed Dec 18 08:21:17 MST 2019 - carnold@suse.com + +- Update to Xen 4.13.0 FCS release + xen-4.13.0-testing-src.tar.bz2 + * Core Scheduling (contributed by SUSE) + * Branch hardening to mitigate against Spectre v1 (contributed by Citrix) + * Late uCode loading (contributed by Intel) + * Improved live-patching build tools (contributed by AWS) + * OP-TEE support (contributed by EPAM) + * Renesas R-CAR IPMMU-VMSA driver (contributed by EPAM) + * Dom0-less passthrough and ImageBuilder (contributed by XILINX) + * Support for new Hardware + +------------------------------------------------------------------- +Tue Dec 3 08:57:29 MST 2019 - carnold@suse.com + +- Update to Xen 4.13.0 RC4 release + xen-4.13.0-testing-src.tar.bz2 +- Rebase libxl.pvscsi.patch + +------------------------------------------------------------------- +Mon Nov 25 10:49:13 MST 2019 - carnold@suse.com + +- Update to Xen 4.13.0 RC3 release + xen-4.13.0-testing-src.tar.bz2 +- Drop python38-build.patch + +------------------------------------------------------------------- +Tue Nov 12 08:09:27 MST 2019 - carnold@suse.com + +- Update to Xen 4.13.0 RC2 release + xen-4.13.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Tue Oct 29 14:27:13 CET 2019 - Matej Cepl + +- Add python38-build.patch fixing build with Python 3.8 (add + --embed to python-config call) + +------------------------------------------------------------------- +Mon Oct 14 09:01:47 MDT 2019 - carnold@suse.com + +- Update to Xen 4.13.0 RC1 release + xen-4.13.0-testing-src.tar.bz2 +- Drop patches contained in new tarball or invalid + 5ca7660f-x86-entry-drop-unused-includes.patch + 5cab2a6b-x86-ACPI-also-parse-AMD-tables-early.patch + 5cab2ab7-x86-IOMMU-introduce-init-ops.patch + 5cab2ae8-x86-IOMMU-abstract-iommu_supports_eim.patch + 5cab2b4e-x86-IOMMU-abstract-iommu_enable_x2apic_IR.patch + 5cab2b95-x86-IOMMU-initialize-iommu_ops-in.patch + 5cac9a4b-x86-IOMMU-abstract-adjust_vtd_irq_affinities.patch + 5cdeac7f-AMD-IOMMU-adjust-IOMMU-list-head-init.patch + 5cf8da09-adjust-sysdom-creation-call-earlier-on-x86.patch + 5d0cf4e4-AMD-IOMMU-initialize-IRQ-tasklet-once.patch + 5d149bb0-AMD-IOMMU-dont-add-IOMMUs.patch + 5d1b3fab-AMD-IOMMU-restrict-feature-logging.patch + 5d358508-x86-IRQ-desc-affinity-represents-request.patch + 5d358534-x86-IRQ-consolidate-arch-cpu_mask-use.patch + 5d358a67-AMD-IOMMU-pass-IOMMU-to-iterate_ivrs_entries-cb.patch + 5d358a92-AMD-IOMMU-pass-IOMMU-to-amd_iommu_alloc_intremap_table.patch + 5d39811c-x86-IOMMU-dont-restrict-IRQ-affinities.patch + 5d417813-AMD-IOMMU-bitfield-extended-features.patch + 5d417838-AMD-IOMMU-bitfield-control-reg.patch + 5d41785b-AMD-IOMMU-bitfield-IRTE.patch + 5d41787e-AMD-IOMMU-pass-IOMMU-to-gfu-intremap-entry.patch + 5d4178ad-AMD-IOMMU-128bit-non-guest-APIC-IRTE.patch + 5d4178fc-AMD-IOMMU-split-amd_iommu_init_one.patch + 5d41793f-AMD-IOMMU-allow-enabling-without-IRQ.patch + 5d417a16-AMD-IOMMU-adjust-IRQ-setup-for-x2APIC.patch + 5d417ab6-AMD-IOMMU-enable-x2APIC-mode.patch + 5d417b38-AMD-IOMMU-correct-IRTE-updating.patch + 5d417b6a-AMD-IOMMU-dont-needlessly-log-headers.patch + 5d419d49-x86-spec-ctrl-report-proper-status.patch + 5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch + 5d4a9d25-AMD-IOMMU-drop-not-found-message.patch + 5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch + 5d4afa7a-credit2-fix-memory-leak.patch + 5d4d850a-introduce-bss-percpu-page-aligned.patch + 5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch + 5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch + 5d6524ca-x86-mm-correctly-init-M2P-entries.patch + 5d67ceaf-x86-properly-gate-PKU-clearing.patch + 5d70bfba-x86-shadow-dont-enable-with-too-small-allocation.patch + 5d779811-x86-fix-CPUID7-0-eax-levelling-MSR.patch + 5d77b40f-fix-hvm_all_ioreq_servers_add_vcpu-cleanup.patch + 5d80e7c0-AMD-IOMMU-free-shared-IRT-once.patch + 5d80e80d-AMD-IOMMU-valid-flag-for-IVRS-mappings.patch + 5d80e82e-AMD-IOMMU-alloc_intremap_table-callers-handle-errors.patch + 5d80e857-x86-PCI-read-MSI-X-table-entry-count-early.patch + 5d80ea13-vpci-honor-read-only-devices.patch + 5d89d8d9-libxc-x86-avoid-overflow-in-CPUID-APIC-ID.patch + 5d8b715f-ACPI-cpuidle-bump-max-num-of-states.patch + 5d8b72e5-AMD-IOMMU-dont-blindly-alloc-intremap-tables.patch + 5d8b730e-AMD-IOMMU-phantom-funcs-share-intremap-tables.patch + 5d8b733b-x86-PCI-read-max-MSI-vector-count-early.patch + 5d8b736d-AMD-IOMMU-replace-INTREMAP_ENTRIES.patch + 5d8b7393-AMD-IOMMU-restrict-intremap-table-sizes.patch + 5d9ee2a8-AMD-IOMMU-alloc-1-devtab-per-PCI-seg.patch + 5d9ee2f0-AMD-IOMMU-allocate_buffer-avoid-memset.patch + 5d9ee312-AMD-IOMMU-prefill-all-DTEs.patch + CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch + blktap2-no-uninit.patch + libxl.prepare-environment-for-domcreate_stream_done.patch + pygrub-python3-conversion.patch + fix-xenpvnetboot.patch + +------------------------------------------------------------------- +Thu Oct 10 08:39:52 MDT 2019 - carnold@suse.com + +- bsc#1135799 - Partner-L3: Xen crashes on AMD ROME based machines + 5d9ee2a8-AMD-IOMMU-alloc-1-devtab-per-PCI-seg.patch + 5d9ee2f0-AMD-IOMMU-allocate_buffer-avoid-memset.patch + 5d9ee312-AMD-IOMMU-prefill-all-DTEs.patch + +------------------------------------------------------------------- +Wed Oct 2 08:37:47 UTC 2019 - ohering@suse.de + +- bsc#1120095 - add code to change LIBXL_HOTPLUG_TIMEOUT at runtime + The included README has details about the impact of this change + libxl.LIBXL_HOTPLUG_TIMEOUT.patch + +------------------------------------------------------------------- +Mon Sep 30 10:43:43 MDT 2019 - carnold@suse.com + +- bsc#1135799 - Partner-L3: Xen crashes on AMD ROME based machines + 5ca7660f-x86-entry-drop-unused-includes.patch + 5cf8da09-adjust-sysdom-creation-call-earlier-on-x86.patch + 5cab2a6b-x86-ACPI-also-parse-AMD-tables-early.patch + 5cab2ab7-x86-IOMMU-introduce-init-ops.patch + 5cab2ae8-x86-IOMMU-abstract-iommu_supports_eim.patch + 5cab2b4e-x86-IOMMU-abstract-iommu_enable_x2apic_IR.patch + 5cab2b95-x86-IOMMU-initialize-iommu_ops-in.patch + 5cac9a4b-x86-IOMMU-abstract-adjust_vtd_irq_affinities.patch + 5cdeac7f-AMD-IOMMU-adjust-IOMMU-list-head-init.patch + 5d0cf4e4-AMD-IOMMU-initialize-IRQ-tasklet-once.patch + 5d149bb0-AMD-IOMMU-dont-add-IOMMUs.patch + 5d1b3fab-AMD-IOMMU-restrict-feature-logging.patch + 5d358508-x86-IRQ-desc-affinity-represents-request.patch + 5d358534-x86-IRQ-consolidate-arch-cpu_mask-use.patch + 5d358a67-AMD-IOMMU-pass-IOMMU-to-iterate_ivrs_entries-cb.patch + 5d358a92-AMD-IOMMU-pass-IOMMU-to-amd_iommu_alloc_intremap_table.patch + 5d39811c-x86-IOMMU-dont-restrict-IRQ-affinities.patch + 5d417813-AMD-IOMMU-bitfield-extended-features.patch + 5d417838-AMD-IOMMU-bitfield-control-reg.patch + 5d41785b-AMD-IOMMU-bitfield-IRTE.patch + 5d41787e-AMD-IOMMU-pass-IOMMU-to-gfu-intremap-entry.patch + 5d4178ad-AMD-IOMMU-128bit-non-guest-APIC-IRTE.patch + 5d4178fc-AMD-IOMMU-split-amd_iommu_init_one.patch + 5d41793f-AMD-IOMMU-allow-enabling-without-IRQ.patch + 5d417a16-AMD-IOMMU-adjust-IRQ-setup-for-x2APIC.patch + 5d417ab6-AMD-IOMMU-enable-x2APIC-mode.patch + 5d417b38-AMD-IOMMU-correct-IRTE-updating.patch + 5d417b6a-AMD-IOMMU-dont-needlessly-log-headers.patch + 5d4a9d25-AMD-IOMMU-drop-not-found-message.patch + 5d80e7c0-AMD-IOMMU-free-shared-IRT-once.patch + 5d80e80d-AMD-IOMMU-valid-flag-for-IVRS-mappings.patch + 5d80e82e-AMD-IOMMU-alloc_intremap_table-callers-handle-errors.patch + 5d80e857-x86-PCI-read-MSI-X-table-entry-count-early.patch + 5d8b72e5-AMD-IOMMU-dont-blindly-alloc-intremap-tables.patch + 5d8b730e-AMD-IOMMU-phantom-funcs-share-intremap-tables.patch + 5d8b733b-x86-PCI-read-max-MSI-vector-count-early.patch + 5d8b736d-AMD-IOMMU-replace-INTREMAP_ENTRIES.patch + 5d8b7393-AMD-IOMMU-restrict-intremap-table-sizes.patch +- bsc#1145240 - [Migration]Can't pre-allocate 1 shadow pages + 5d70bfba-x86-shadow-dont-enable-with-too-small-allocation.patch +- bsc#1137717 - [HPS Bug] Unable to install Windows Server 2016 + with 2 CPUs setting (or above) under SLES12 SP4 Xen Server on AMD + ROME platform + 5d89d8d9-libxc-x86-avoid-overflow-in-CPUID-APIC-ID.patch +- Upstream bug fixes (bsc#1027519) + 5d67ceaf-x86-properly-gate-PKU-clearing.patch + 5d779811-x86-fix-CPUID7-0-eax-levelling-MSR.patch + 5d77b40f-fix-hvm_all_ioreq_servers_add_vcpu-cleanup.patch + 5d80ea13-vpci-honor-read-only-devices.patch + 5d8b715f-ACPI-cpuidle-bump-max-num-of-states.patch + +------------------------------------------------------------------- +Fri Sep 27 16:25:38 UTC 2019 - ohering@suse.de + +- bsc#1145774 - Libivrtd segfaults when trying to live migrate a VM + Fix crash in an error path of libxl_domain_suspend with + libxl.helper_done-crash.patch + +------------------------------------------------------------------- +Wed Aug 28 09:25:30 MDT 2019 - carnold@suse.com + +- Upstream bug fixes (bsc#1027519) + 5d419d49-x86-spec-ctrl-report-proper-status.patch + 5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch + 5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch + 5d4afa7a-credit2-fix-memory-leak.patch + 5d4d850a-introduce-bss-percpu-page-aligned.patch + 5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch + 5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch + 5d6524ca-x86-mm-correctly-init-M2P-entries.patch +- Drop 5d419d49-x86-spec-ctrl-facilities-report-wrong-status.patch + +------------------------------------------------------------------- +Wed Aug 28 11:25:17 UTC 2019 - ohering@suse.de + +- Preserve modified files which used to be marked as %config, + rename file.rpmsave to file + +------------------------------------------------------------------- +Fri Aug 9 10:29:45 MDT 2019 - carnold@suse.com + +- Update to Xen 4.12.1 bug fix release (bsc#1027519) + xen-4.12.1-testing-src.tar.bz2 +- Drop patches contained in new tarball + 5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch + 5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch + 5c87b6c8-drop-arch_evtchn_inject.patch + 5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch + 5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch + 5c8f752c-x86-e820-build-with-gcc9.patch + 5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch + 5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch + 5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch + 5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch + 5c9e63c5-credit2-SMT-idle-handling.patch + 5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch + 5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch + 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch + 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch + 5cd921fb-trace-fix-build-with-gcc9.patch + 5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch + 5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch + 5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch + 5cd926d0-bitmap_fill-zero-sized.patch + 5cd92724-drivers-video-drop-constraints.patch + 5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch + 5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch + 5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch + 5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch + 5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch + 5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch + 5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch + 5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch + 5cdeb9fd-sched-fix-csched2_deinit_pdata.patch + 5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch + 5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch + 5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch + 5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch + 5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch + 5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch + 5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch + 5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch + 5d03a0c4-6-Arm64-cmpxchg-simplify.patch + 5d03a0c4-7-Arm32-cmpxchg-simplify.patch + 5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch + 5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch + 5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch + 5d03a0c4-B-bitops-guest-helpers.patch + 5d03a0c4-C-cmpxchg-guest-helpers.patch + 5d03a0c4-D-use-guest-atomics-helpers.patch + 5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch + 5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch +- Refreshed patches + libxl.pvscsi.patch + +------------------------------------------------------------------- +Thu Aug 1 13:10:39 MDT 2019 - carnold@suse.com + +- bsc#1143563 - Speculative mitigation facilities report wrong status + 5d419d49-x86-spec-ctrl-facilities-report-wrong-status.patch + +------------------------------------------------------------------- +Wed Jul 17 13:56:46 UTC 2019 - ohering@suse.de + +- Update xen-dom0-modules.service (bsc#1137251) + Map backend module names from pvops and xenlinux kernels to a + module alias. This avoids errors from modprobe about unknown + modules. Ignore a few xenlinux modules that lack aliases. + +------------------------------------------------------------------- +Mon Jul 15 07:56:56 MDT 2019 - carnold@suse.com + +- Gcc9 warnings seem to be cleared up with upstream fixes. + Drop gcc9-ignore-warnings.patch + +------------------------------------------------------------------- +Tue Jun 25 09:29:05 MDT 2019 - carnold@suse.com + +- bsc#1138563 - L3: xenpvnetboot improperly ported to Python 3 + fix-xenpvnetboot.patch + +------------------------------------------------------------------- +Mon Jun 24 08:02:57 UTC 2019 - ohering@suse.de + +- Move /etc/modprobe.d/xen_loop.conf to /lib/modprobe.d/xen_loop.conf + +------------------------------------------------------------------- +Mon Jun 24 08:00:10 UTC 2019 - ohering@suse.de + +- Remove /etc/xen/xenapiusers and /etc/pam.d/xen-api + +------------------------------------------------------------------- +Fri Jun 21 12:25:55 UTC 2019 - ohering@suse.de + +- Remove all upstream provided files in /etc/xen + They are not required at runtime. The host admin is now + responsible if he really needs anything in this subdirectory. + +------------------------------------------------------------------- +Fri Jun 21 12:07:45 UTC 2019 - ohering@suse.de + +- In our effort to make /etc fully admin controlled, move /etc/xen/scripts + to libexec/xen/scripts with xen-tools.etc_pollution.patch + +------------------------------------------------------------------- +Wed Jun 19 13:20:39 UTC 2019 - ohering@suse.de + +- Move /etc/bash_completion.d/xl.sh to %{_datadir}/bash-completion/completions + +------------------------------------------------------------------- +Mon Jun 17 09:08:33 MDT 2019 - carnold@suse.com + +- bsc#1138294 - VUL-0: CVE-2019-17349: XSA-295: Unlimited Arm + Atomics Operations + 5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch + 5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch + 5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch + 5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch + 5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch + 5d03a0c4-6-Arm64-cmpxchg-simplify.patch + 5d03a0c4-7-Arm32-cmpxchg-simplify.patch + 5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch + 5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch + 5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch + 5d03a0c4-B-bitops-guest-helpers.patch + 5d03a0c4-C-cmpxchg-guest-helpers.patch + 5d03a0c4-D-use-guest-atomics-helpers.patch + 5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch + 5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch +- Upstream bug fixes (bsc#1027519) + 5c87b6c8-drop-arch_evtchn_inject.patch + 5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch + 5cd921fb-trace-fix-build-with-gcc9.patch + 5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch + 5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch + 5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch + 5cd926d0-bitmap_fill-zero-sized.patch + 5cd92724-drivers-video-drop-constraints.patch + 5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch (Replaces xsa297-0a.patch) + 5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch (Replaces xsa297-0b.patch) + 5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch (Replaces xsa297-0c.patch) + 5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch (Replaces xsa297-0d.patch) + 5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch (Replaces xsa297-1.patch) + 5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch (Replaces xsa297-2.patch) + 5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch (Replaces xsa297-3.patch) + 5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch + 5cdeb9fd-sched-fix-csched2_deinit_pdata.patch + 5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch + 5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch + 5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch + +------------------------------------------------------------------- +Fri Jun 14 15:35:28 MDT 2019 - carnold@suse.com + +- Fix some outdated information in the readme + README.SUSE + +------------------------------------------------------------------- +Tue Jun 11 20:22:47 UTC 2019 - Jim Fehlig + +- spec: xen-tools: require matching version of xen package + bsc#1137471 + +------------------------------------------------------------------- +Fri May 17 08:50:57 UTC 2019 - ohering@suse.de + +- Remove two stale patches + xen.build-compare.man.patch + xenpaging.doc.patch + +------------------------------------------------------------------- +Tue May 14 15:35:17 UTC 2019 - Martin Liška + +- Disable LTO (boo#1133296). + +------------------------------------------------------------------- +Mon May 13 20:20:00 UTC 2019 - ohering@suse.de + +- Remove arm32 from ExclusiveArch to fix build + +------------------------------------------------------------------- +Mon Apr 29 08:54:04 MDT 2019 - carnold@suse.com + +- bsc#1111331 - VUL-0: CPU issues Q2 2019 aka "Group 4". + CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 + xsa297-0a.patch + xsa297-0b.patch + xsa297-0c.patch + xsa297-0d.patch + xsa297-1.patch + xsa297-2.patch + xsa297-3.patch +- Update 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch and + drop 5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch + Refresh 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch + +------------------------------------------------------------------- +Wed Apr 17 08:28:50 MDT 2019 - carnold@suse.com + +- bsc#1131811 - [XEN] internal error: libxenlight failed to create + new domain. This patch is a workaround for a systemd issue. See + patch header for additional comments. + xenstore-launch.patch + +------------------------------------------------------------------- +Thu Apr 11 16:29:39 MDT 2019 - carnold@suse.com + +- bsc#1125378 - [xen][pygrub] Can not restore sle11sp4 pv guest + after upgrading host from sle11sp4 to sle15sp1 + pygrub-python3-conversion.patch +- Fix "TypeError: virDomainDefineXML() argument 2 must be str or + None, not bytes" when converting VMs from using the xm/xend + toolstack to the libxl/libvirt toolstack. (bsc#1123378) + xen2libvirt.py + +------------------------------------------------------------------- +Mon Apr 8 08:13:04 MDT 2019 - carnold@suse.com + +- bsc#1124560 - Fully virtualized guests crash on boot + 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch +- bsc#1121391 - GCC 9: xen build fails + 5c8f752c-x86-e820-build-with-gcc9.patch +- Upstream bug fixes (bsc#1027519) + 5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch + 5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch + 5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch + 5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch + 5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch + 5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch + 5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch + 5c9e63c5-credit2-SMT-idle-handling.patch + 5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch + 5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch + 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch + 5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch + +------------------------------------------------------------------- +Thu Apr 4 08:53:02 UTC 2019 - ohering@suse.de + +- Install pkgconfig files into libdir instead of datadir + +------------------------------------------------------------------- +Tue Apr 2 08:03:53 MDT 2019 - carnold@suse.com + +- Update to Xen 4.12.0 FCS release (fate#325107, fate#323901) + xen-4.12.0-testing-src.tar.bz2 + * HVM/PVH and PV only Hypervisor: The Xen 4.12 release separates + the HVM/PVH and PV code paths in Xen and provides KCONFIG + options to build a PV only or HVM/PVH only hypervisor. + * QEMU Deprivilege (DM_RESTRICT): In Xen 4.12, this feature has + been vastly improved. + * Argo - Hypervisor-Mediated data eXchange: Argo is a new inter- + domain communication mechanism. + * Improvements to Virtual Machine Introspection: The VMI subsystem + which allows detection of 0-day vulnerabilities has seen many + functional and performance improvements. + * Credit 2 Scheduler: The Credit2 scheduler is now the Xen Project + default scheduler. + * PVH Support: Grub2 boot support has been added to Xen and Grub2. + * PVH Dom0: PVH Dom0 support has now been upgraded from experimental + to tech preview. + * The Xen 4.12 upgrade also includes improved IOMMU mapping code, + which is designed to significantly improve the startup times of + AMD EPYC based systems. + * The upgrade also features Automatic Dom0 Sizing which allows the + setting of Dom0 memory size as a percentage of host memory (e.g. + 10%) or with an offset (e.g. 1G+10%). + +------------------------------------------------------------------- +Tue Mar 26 10:06:06 MDT 2019 - carnold@suse.com + +- bsc#1130485 - Please drop Requires on multipath-tools in + xen-tools. Now using Recommends multipath-tools. + xen.spec + +------------------------------------------------------------------- +Mon Mar 25 08:17:31 MDT 2019 - carnold@suse.com + +- Update to Xen 4.12.0 RC7 release (fate#325107, fate#323901) + xen-4.12.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Wed Mar 20 09:48:26 MDT 2019 - carnold@suse.com + +- Update to Xen 4.12.0 RC6 release (fate#325107, fate#323901) + xen-4.12.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Fri Mar 15 13:09:29 UTC 2019 - ohering@suse.de + +- bsc#1026236 - add Xen cmdline option "suse_vtsc_tolerance" to + avoid TSC emulation for HVM domUs if their expected frequency + does not match exactly the frequency of the receiving host + xen.bug1026236.suse_vtsc_tolerance.patch + +------------------------------------------------------------------- +Mon Mar 11 11:24:42 MDT 2019 - carnold@suse.com + +- Update to Xen 4.12.0 RC5 release (fate#325107, fate#323901) + xen-4.12.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Mon Mar 11 05:58:59 MDT 2019 - carnold@suse.com + +- jsc#SLE-3059 - Disable Xen auto-ballooning +- Add CONFIG_DOM0_MEM to the spec file for managing dom0 memory. + xen.spec +- Disable autoballooning in xl.con + xl-conf-disable-autoballoon.patch + +------------------------------------------------------------------- +Thu Mar 7 17:55:20 UTC 2019 - ohering@suse.de + +- Update gcc9-ignore-warnings.patch to fix build in SLE12 + +------------------------------------------------------------------- +Thu Mar 7 15:28:02 UTC 2019 - ohering@suse.de + +- bsc#1126325 - fix crash in libxl in error path + Setup of grant_tables and other variables may fail + libxl.prepare-environment-for-domcreate_stream_done.patch + +------------------------------------------------------------------- +Wed Mar 6 11:12:09 MST 2019 - carnold@suse.com + +- bsc#1127620 - Documentation for the xl configuration file allows + for firmware=pvgrub64 but we don't ship pvgrub64. + Create a link from grub.xen to pvgrub64 + xen.spec + +------------------------------------------------------------------- +Mon Mar 4 14:58:18 MST 2019 - carnold@suse.com + +- Update to Xen 4.12.0 RC4 release (fate#325107, fate#323901) + xen-4.12.0-testing-src.tar.bz2 +- Tarball also contains additional post RC4 security fixes for + Xen Security Advisories 287, 288, and 290 through 294. + +------------------------------------------------------------------- +Tue Feb 19 08:11:38 MST 2019 - carnold@suse.com + +- Update to Xen 4.12.0 RC3 release (fate#325107, fate#323901) + xen-4.12.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Mon Feb 4 12:34:57 MST 2019 - carnold@suse.com + +- Update to Xen 4.12.0 RC2 release (fate#325107, fate#323901) + xen-4.12.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Fri Jan 25 12:53:37 MST 2019 - carnold@suse.com + +- bsc#1121391 - GCC 9: xen build fails + gcc9-ignore-warnings.patch + +------------------------------------------------------------------- +Thu Jan 24 09:39:18 MST 2019 - carnold@suse.com + +- bsc#1122563 - Virtualization/xen: Bug no Xen on boot, missing + /proc/xen, after 4.11 -> 4.12 upgrade on X86_64/efi. + Keep xen.efi in /usr/lib64/efi for booting older distros. + xen.spec + +------------------------------------------------------------------- +Fri Jan 18 10:51:12 MST 2019 - carnold@suse.com + +- fate#326960: Package grub2 as noarch. + As part of the effort to have a unified bootloader across + architectures, modify the xen.spec file to move the Xen efi files + to /usr/share/efi/$(uname -m) from /usr/lib64/efi. + +------------------------------------------------------------------- +Wed Jan 16 11:24:49 MST 2019 - carnold@suse.com + +- Update to Xen 4.12.0 RC1 release (fate#325107, fate#323901) + xen-4.12.0-testing-src.tar.bz2 +- Drop + 5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch + 5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch + 5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch + 5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch + 5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch + 5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch + 5b9784d2-x86-HVM-add-known_gla-helper.patch + 5b9784f2-x86-HVM-split-page-straddling-accesses.patch + 5bdc31d5-VMX-fix-vmx_handle_eoi.patch + gcc8-fix-array-warning-on-i586.patch + gcc8-fix-format-warning-on-i586.patch + gcc8-inlining-failed.patch + xen.bug1079730.patch + +------------------------------------------------------------------- +Tue Jan 15 13:38:13 MST 2019 - carnold@suse.com + +- bsc#1121960 - xen: sync with Factory + xen.spec + xen.changes + +------------------------------------------------------------------- +Sat Jan 12 14:06:02 UTC 2019 - Jan Engelhardt + +- Replace old $RPM_* shell vars. +- Run fdupes for all architectures, and not crossing + subvolume boundaries. + +------------------------------------------------------------------- +Thu Jan 10 10:57:44 UTC 2019 - Guillaume GARDET + +- Do not run %fdupes on aarch64 to avoid the hardlink-across-partition + rpmlint error + +------------------------------------------------------------------- +Tue Jan 8 13:31:30 UTC 2019 - Guillaume GARDET + +- Require qemu-seabios only on x86* as it is not available on non-x86 + systems + +------------------------------------------------------------------- +Thu Dec 27 18:16:54 UTC 2018 - Bernhard Wiedemann + +- Avoid creating dangling symlinks (bsc#1116524) + This reverts the revert of tmp_build.patch + +------------------------------------------------------------------- +Tue Dec 4 13:19:21 MST 2018 - carnold@suse.com + +- Update to Xen 4.11.1 bug fix release (bsc#1027519) + xen-4.11.1-testing-src.tar.bz2 +- 5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch + replaces xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch +- 5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch + replaces xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch +- Drop the following patches contained in the new tarball + 5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch + 5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch + 5b3cab8e-2-VMX-improve-MSR-load-save-API.patch + 5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch + 5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch + 5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch + 5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch + 5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch + 5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch + 5b3f8fa5-port-array_index_nospec-from-Linux.patch + 5b4321f6-x86-correctly-set-nonlazy_xstate_used-when-loading-full-state.patch + 5b4488e7-x86-spec-ctrl-cmdline-handling.patch + 5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch + 5b4c9a60-allow-cpu_down-to-be-called-earlier.patch + 5b4db308-SVM-fix-cleanup-svm_inject_event.patch + 5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch + 5b5040f2-x86-AMD-distinguish-CU-from-HT.patch + 5b505fe5-VMX-fix-find-msr-build.patch + 5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch + 5b508775-2-x86-possibly-bring-up-all-CPUs.patch + 5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch + 5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch + 5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch + 5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch + 5b56feb1-hvm-Disallow-unknown-MSR_EFER-bits.patch + 5b56feb2-spec-ctrl-Fix-the-parsing-of-xpti--on-fixed-Intel-hardware.patch + 5b62ca93-VMX-avoid-hitting-BUG_ON.patch + 5b6d84ac-x86-fix-improve-vlapic-read-write.patch + 5b6d8ce2-x86-XPTI-parsing.patch + 5b72fbbe-ARM-disable-grant-table-v2.patch + 5b72fbbe-oxenstored-eval-order.patch + 5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch + 5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch + 5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch + 5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch + 5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch + 5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch + 5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch + 5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch + 5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch + 5b72fbbf-x86-Make-spec-ctrl-no-a-global-disable-of-all-mitigations.patch + 5b72fbbf-xl.conf-Add-global-affinity-masks.patch + 5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch + 5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch + 5b75afef-x86-setup-avoid-OoB-E820-lookup.patch + 5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch + 5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch + 5b8d5832-x86-assorted-array_index_nospec-insertions.patch + 5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch + 5bacae4b-x86-boot-allocate-extra-module-slot.patch + 5bae44ce-x86-silence-false-log-messages.patch + 5bb60c12-x86-split-opt_xpti.patch + 5bb60c4f-x86-split-opt_pv_l1tf.patch + 5bb60c74-x86-fix-xpti-and-pv-l1tf.patch + 5bcf0722-x86-boot-enable-NMIs.patch + 5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch + 5bd076e9-x86-boot-init-debug-regs-correctly.patch + 5bd076e9-x86-init-vcpu-debug-regs-correctly.patch + 5bd0e0cf-vvmx-Disallow-the-use-of-VT-x-instructions-when-nested-virt-is-disabled.patch + 5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch + 5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch + 5be2a308-x86-extend-get_platform_badpages.patch + 5be2a354-x86-work-around-HLE-host-lockup-erratum.patch + xsa275-1.patch + xsa275-2.patch + xsa276-1.patch + xsa276-2.patch + xsa277.patch + xsa279.patch + xsa280-1.patch + xsa280-2.patch + +------------------------------------------------------------------- +Wed Nov 21 15:44:39 MST 2018 - carnold@suse.com + +- bsc#1116524 - Package xen-tools-4.11.0_09-2.1.x86_64 broken: + Missing /bin/domu-xenstore. This was broken because "make + package build reproducible" change. (boo#1047218, boo#1062303) + This fix reverses the change to this patch. + tmp_build.patch + +------------------------------------------------------------------- +Mon Nov 12 09:47:39 MST 2018 - carnold@suse.com + +- bsc#1115040 - VUL-0: CVE-2018-19961 CVE-2018-19962: xen: + insufficient TLB flushing / improper large page mappings with AMD + IOMMUs (XSA-275) + xsa275-1.patch + xsa275-2.patch +- bsc#1115043 - VUL-0: CVE-2018-19963: xen: resource accounting + issues in x86 IOREQ server handling (XSA-276) + xsa276-1.patch + xsa276-2.patch +- bsc#1115044 - VUL-0: CVE-2018-19964: xen: x86: incorrect error + handling for guest p2m page removals (XSA-277) + xsa277.patch +- bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even + when disabled (XSA-278) + 5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch +- bsc#1115045 - VUL-0: xen: CVE-2018-19965: x86: DoS from attempting + to use INVPCID with a non-canonical addresses (XSA-279) + xsa279.patch +- bsc#1115047 - VUL-0: CVE-2018-19966: xen: Fix for XSA-240 + conflicts with shadow paging (XSA-280) + xsa280-1.patch + xsa280-2.patch +- bsc#1114988 - VUL-0: CVE-2018-19967: xen: guest use of HLE + constructs may lock up host (XSA-282) + 5be2a308-x86-extend-get_platform_badpages.patch + 5be2a354-x86-work-around-HLE-host-lockup-erratum.patch +- bsc#1108940 - L3: XEN SLE12-SP1 domU hang on SLE12-SP3 HV + 5bdc31d5-VMX-fix-vmx_handle_eoi.patch +- Upstream bug fixes (bsc#1027519) + 5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch + 5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch + 5bacae4b-x86-boot-allocate-extra-module-slot.patch + 5bae44ce-x86-silence-false-log-messages.patch + 5bb60c12-x86-split-opt_xpti.patch + 5bb60c4f-x86-split-opt_pv_l1tf.patch + 5bb60c74-x86-fix-xpti-and-pv-l1tf.patch + 5bcf0722-x86-boot-enable-NMIs.patch + 5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch + 5bd076e9-x86-boot-init-debug-regs-correctly.patch + 5bd076e9-x86-init-vcpu-debug-regs-correctly.patch + 5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch + +------------------------------------------------------------------- +Tue Nov 6 08:33:59 MST 2018 - carnold@suse.com + +- bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even + when disabled (XSA-278) + 5bd0e0cf-vvmx-Disallow-the-use-of-VT-x-instructions-when-nested-virt-is-disabled.patch + +------------------------------------------------------------------- +Wed Oct 24 20:08:24 UTC 2018 - ohering@suse.de + +- Use SMBIOS_REL_DATE instead of SMBIOS_DATE for reproducible binaries + +------------------------------------------------------------------- +Wed Oct 24 08:21:01 UTC 2018 - Bernhard Wiedemann + +- make package build reproducible (boo#1047218, boo#1062303) + * Set SMBIOS_REL_DATE + * Update tmp_build.patch to use SHA instead of random build-id + * Add reproducible.patch to use --no-insert-timestamp + +------------------------------------------------------------------- +Mon Oct 15 06:55:47 UTC 2018 - ohering@suse.de + +- Building with ncurses 6.1 will fail without + xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch +- Building libxl acpi support on aarch64 with gcc 8.2 will fail without + xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch + +------------------------------------------------------------------- +Tue Sep 11 13:29:58 MDT 2018 - carnold@suse.com + +- bsc#1106263 - L3: The affinity reporting via 'xl vcpu-list' is + apparently broken + 5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch + 5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch + 5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch + +------------------------------------------------------------------- +Tue Sep 11 07:47:57 MDT 2018 - carnold@suse.com + +- bsc#1094508 - L3: Kernel oops in fs/dcache.c called by + d_materialise_unique() + 5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch + 5b9784d2-x86-HVM-add-known_gla-helper.patch + 5b9784f2-x86-HVM-split-page-straddling-accesses.patch +- bsc#1103279 - (CVE-2018-15470) VUL-0: CVE-2018-15470: xen: + oxenstored does not apply quota-maxentity (XSA-272) + 5b72fbbe-oxenstored-eval-order.patch +- bsc#1103275 - (CVE-2018-15469) VUL-0: CVE-2018-15469: xen: Use of + v2 grant tables may cause crash on ARM (XSA-268) + 5b72fbbe-ARM-disable-grant-table-v2.patch +- Upstream patches from Jan (bsc#1027519) + 5b6d84ac-x86-fix-improve-vlapic-read-write.patch + 5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch + 5b75afef-x86-setup-avoid-OoB-E820-lookup.patch + 5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch + 5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch + 5b8d5832-x86-assorted-array_index_nospec-insertions.patch +- Drop 5b741962-x86-write-to-correct-variable-in-parse_pv_l1tf.patch + +------------------------------------------------------------------- +Tue Aug 28 16:07:52 MDT 2018 - carnold@suse.com + +- bsc#1078292 - rpmbuild -ba SPECS/xen.spec with xen-4.9.1 failed + xen.spec + +------------------------------------------------------------------- +Fri Aug 17 13:01:36 MDT 2018 - carnold@suse.com + +- bsc#1091107 - VUL-0: CVE-2018-3646: xen: L1 Terminal Fault -VMM + (XSA-273) + 5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch + 5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch + 5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch + 5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch + 5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch + 5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch + 5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch + 5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch +- bsc#1103276 - VUL-0: CVE-2018-15468: xen: x86: Incorrect + MSR_DEBUGCTL handling lets guests enable BTS (XSA-269) + 5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch +- Upstream prereq patches for XSA-273 and other upstream fixes + (bsc#1027519) + 5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch + 5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch + 5b3cab8e-2-VMX-improve-MSR-load-save-API.patch + 5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch + 5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch + 5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch + 5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch + 5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch + 5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch + 5b4321f6-x86-correctly-set-nonlazy_xstate_used-when-loading-full-state.patch + 5b505fe5-VMX-fix-find-msr-build.patch + 5b56feb1-hvm-Disallow-unknown-MSR_EFER-bits.patch + 5b56feb2-spec-ctrl-Fix-the-parsing-of-xpti--on-fixed-Intel-hardware.patch + 5b62ca93-VMX-avoid-hitting-BUG_ON.patch + 5b6d8ce2-x86-XPTI-parsing.patch + 5b72fbbf-x86-Make-spec-ctrl-no-a-global-disable-of-all-mitigations.patch + 5b72fbbf-xl.conf-Add-global-affinity-masks.patch + 5b741962-x86-write-to-correct-variable-in-parse_pv_l1tf.patch + +------------------------------------------------------------------- +Tue Jul 24 09:17:09 MDT 2018 - carnold@suse.com + +- Upstream patches from Jan (bsc#1027519) + 5b3f8fa5-port-array_index_nospec-from-Linux.patch + 5b4488e7-x86-spec-ctrl-cmdline-handling.patch + 5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch + 5b4c9a60-allow-cpu_down-to-be-called-earlier.patch + 5b4db308-SVM-fix-cleanup-svm_inject_event.patch + 5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch + 5b5040f2-x86-AMD-distinguish-CU-from-HT.patch + 5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch + 5b508775-2-x86-possibly-bring-up-all-CPUs.patch + 5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch + 5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch + 5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch + 5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch + gcc8-fix-format-warning-on-i586.patch + gcc8-fix-array-warning-on-i586.patch +- Drop xen.fuzz-_FORTIFY_SOURCE.patch + gcc8-fix-warning-on-i586.patch + +------------------------------------------------------------------- +Mon Jul 9 10:53:15 MDT 2018 - carnold@suse.com + +- Update to Xen 4.11.0 FCS (fate#325202, fate#325123) + xen-4.11.0-testing-src.tar.bz2 + disable-building-pv-shim.patch +- Dropped patches + 5a33a12f-domctl-improve-locking-during-domain-destruction.patch + 5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch + 5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch + 5a9985bd-x86-invpcid-support.patch + 5ac72a48-gcc8.patch + 5ac72a5f-gcc8.patch + 5ac72a64-gcc8.patch + 5ac72a69-gcc8.patch + 5ac72a6e-gcc8.patch + 5ac72a74-gcc8.patch + 5ac72a7b-gcc8.patch + 5ad4923e-x86-correct-S3-resume-ordering.patch + 5ad49293-x86-suppress-BTI-mitigations-around-S3.patch + 5ad600d4-x86-pv-introduce-x86emul_read_dr.patch + 5ad600d4-x86-pv-introduce-x86emul_write_dr.patch + 5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch + 5adda097-x86-HPET-fix-race-triggering-ASSERT.patch + 5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch + 5adde9ed-xpti-fix-double-fault-handling.patch + 5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch + 5ae31917-x86-cpuidle-init-stats-lock-once.patch + 5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch + 5aeaeaf0-sched-fix-races-in-vcpu-migration.patch + 5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch + 5aec7393-1-x86-xpti-avoid-copy.patch + 5aec7393-2-x86-xpti-write-cr3.patch + 5aec744a-3-x86-xpti-per-domain-flag.patch + 5aec744a-4-x86-xpti-use-invpcid.patch + 5aec744a-5-x86-xpti-no-global-pages.patch + 5aec744a-6-x86-xpti-cr3-valid-flag.patch + 5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch + 5aec744b-8-x86-xpti-cr3-helpers.patch + 5aec74a8-9-x86-xpti-use-pcid.patch + 5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch + 5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch + 5af1daa9-3-x86-traps-use-IST-for-DB.patch + 5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch + 5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch + 5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch + 5af97999-viridian-cpuid-leaf-40000003.patch + 5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch + 5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch + 5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch + 5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch + 5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch + 5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch + 5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch + 5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch + 5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch + 5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch + 5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch + 5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch + 5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch + 5b0bc9da-x86-XPTI-fix-S3-resume.patch + 5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x80000008.patch + 5b0d2d91-x86-suppress-sync-when-XPTI-off.patch + 5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch + 5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch + 5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch + 5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch + 5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch + 5b238b92-x86-HVM-account-for-fully-eager-FPU.patch + 5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch + 5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch + 5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch + 5b34882d-x86-mm-dont-bypass-preemption-checks.patch + 5b348874-x86-refine-checks-in-DB-handler.patch + 5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch + 5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch + 5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch + 5b348954-x86-guard-against-NM.patch + libxl.Add-a-version-check-of-QEMU-for-QMP-commands.patch + libxl.LIBXL_DESTROY_TIMEOUT.patch + libxl.qmp-Tell-QEMU-about-live-migration-or-snapshot.patch + xen_fix_build_with_acpica_20180427_and_new_packages.patch + +------------------------------------------------------------------- +Wed Jul 4 15:46:01 UTC 2018 - trenn@suse.de + +- Submit upstream patch libacpi: fixes for iasl >= 20180427 + git commit 858dbaaeda33b05c1ac80aea0ba9a03924e09005 + xen_fix_build_with_acpica_20180427_and_new_packages.patch + This is needed for acpica package to get updated in our build service + +------------------------------------------------------------------- +Fri Jun 29 08:35:34 MDT 2018 - carnold@suse.com + +- Upstream patches from Jan (bsc#1027519) + 5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-1.patch) + 5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-2.patch) + 5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch (Replaces Spectre-v4-3.patch) + 5b0bc9da-x86-XPTI-fix-S3-resume.patch + 5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x80000008.patch + 5b0d2d91-x86-suppress-sync-when-XPTI-off.patch + 5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch + 5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch + 5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch + 5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch (Replaces xsa267-1.patch) + 5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch (Replaces xsa267-2.patch) + 5b238b92-x86-HVM-account-for-fully-eager-FPU.patch + 5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch + 5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch + 5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch + 5b34882d-x86-mm-dont-bypass-preemption-checks.patch (Replaces xsa264.patch) + 5b348874-x86-refine-checks-in-DB-handler.patch (Replaces xsa265.patch) + 5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch (Replaces xsa266-1-<>.patch) + 5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch (Replaces xsa266-2-<>.patch) + 5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch + 5b348954-x86-guard-against-NM.patch + +------------------------------------------------------------------- +Mon Jun 25 09:50:31 UTC 2018 - ohering@suse.de + +- Fix more build gcc8 related failures with xen.fuzz-_FORTIFY_SOURCE.patch + +------------------------------------------------------------------- +Mon Jun 25 09:44:25 UTC 2018 - ohering@suse.de + +- bsc#1098403 - fix regression introduced by changes for bsc#1079730 + a PV domU without qcow2 and/or vfb has no qemu attached. + Ignore QMP errors for PV domUs to handle PV domUs with and without + an attached qemu-xen. + xen.bug1079730.patch + +------------------------------------------------------------------- +Mon Jun 18 14:57:06 MDT 2018 - carnold@suse.com + +- bsc#1097521 - VUL-0: CVE-2018-12891: xen: preemption checks + bypassed in x86 PV MM handling (XSA-264) + xsa264.patch +- bsc#1097522 - VUL-0: CVE-2018-12893: xen: x86: #DB exception + safety check can be triggered by a guest (XSA-265) + xsa265.patch +- bsc#1097523 - VUL-0: CVE-2018-12892: xen: libxl fails to honour + readonly flag on HVM emulated SCSI disks (XSA-266) + xsa266-1-libxl-qemu_disk_scsi_drive_string-Break-out-common-p.patch + xsa266-2-libxl-restore-passing-readonly-to-qemu-for-SCSI-disk.patch + +------------------------------------------------------------------- +Wed Jun 13 14:20:14 MDT 2018 - carnold@suse.com + +- bsc#1095242 - VUL-0: CVE-2018-3665: xen: Lazy FP Save/Restore + (XSA-267) + xsa267-1.patch + xsa267-2.patch + +------------------------------------------------------------------- +Fri Jun 1 10:27:44 MDT 2018 - carnold@suse.com + +- bsc#1092543 - GCC 8: xen build fails + gcc8-fix-warning-on-i586.patch + +------------------------------------------------------------------- +Fri May 18 08:03:46 MDT 2018 - carnold@suse.com + +- bsc#1092631 - VUL-0: CVE-2018-3639: xen: V4 – Speculative Store + Bypass aka "Memory Disambiguation" (XSA-263) + 5ad4923e-x86-correct-S3-resume-ordering.patch + 5ad49293-x86-suppress-BTI-mitigations-around-S3.patch + 5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch + 5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch + 5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch + 5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch + 5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch + 5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch + 5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch + 5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch + 5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch + 5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch + Spectre-v4-1.patch + Spectre-v4-2.patch + Spectre-v4-3.patch + +------------------------------------------------------------------- +Thu May 17 20:29:37 UTC 2018 - ohering@suse.de + +- Always call qemus xen-save-devices-state in suspend/resume to + fix migration with qcow2 images (bsc#1079730) + libxl.Add-a-version-check-of-QEMU-for-QMP-commands.patch + libxl.qmp-Tell-QEMU-about-live-migration-or-snapshot.patch + xen.bug1079730.patch + +------------------------------------------------------------------- +Wed May 16 08:45:24 MDT 2018 - carnold@suse.com + +- bsc#1087289 - L3: Xen BUG at sched_credit.c:1663 + 5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch + 5aeaeaf0-sched-fix-races-in-vcpu-migration.patch +- Upstream patches from Jan (bsc#1027519) + 5ad600d4-x86-pv-introduce-x86emul_read_dr.patch + 5ad600d4-x86-pv-introduce-x86emul_write_dr.patch + 5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch + 5adda097-x86-HPET-fix-race-triggering-ASSERT.patch + 5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch + 5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch + 5ae31917-x86-cpuidle-init-stats-lock-once.patch + 5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch + 5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch (Replaces xsa260-1.patch) + 5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch (Replaces xsa260-2.patch) + 5af1daa9-3-x86-traps-use-IST-for-DB.patch (Replaces xsa260-3.patch) + 5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch (Replaces xsa260-4.patch) + 5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch (Replaces xsa262.patch) + 5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch (Replaces xsa261.patch) + 5af97999-viridian-cpuid-leaf-40000003.patch + +------------------------------------------------------------------- +Fri May 11 08:36:45 MDT 2018 - carnold@suse.com + +- Fixes related to Page Table Isolation (XPTI). bsc#1074562 XSA-254 + 5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch + 5a9985bd-x86-invpcid-support.patch + 5adde9ed-xpti-fix-double-fault-handling.patch + 5aec7393-1-x86-xpti-avoid-copy.patch + 5aec7393-2-x86-xpti-write-cr3.patch + 5aec744a-3-x86-xpti-per-domain-flag.patch + 5aec744a-4-x86-xpti-use-invpcid.patch + 5aec744a-5-x86-xpti-no-global-pages.patch + 5aec744a-6-x86-xpti-cr3-valid-flag.patch + 5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch + 5aec744b-8-x86-xpti-cr3-helpers.patch + 5aec74a8-9-x86-xpti-use-pcid.patch + +------------------------------------------------------------------- +Wed May 9 08:32:42 MDT 2018 - carnold@suse.com + +- bsc#1092543 - GCC 8: xen build fails + 5ac72a48-gcc8.patch + 5ac72a5f-gcc8.patch + 5ac72a64-gcc8.patch + 5ac72a69-gcc8.patch + 5ac72a6e-gcc8.patch + 5ac72a74-gcc8.patch + 5ac72a7b-gcc8.patch + gcc8-inlining-failed.patch + +------------------------------------------------------------------- +Tue May 8 12:51:26 MDT 2018 - carnold@suse.com + +- Update to Xen 4.10.1 bug fix release (bsc#1027519) + xen-4.10.1-testing-src.tar.bz2 + disable-building-pv-shim.patch +- Drop the following patches contained in the new tarball + 5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch + 5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch + 5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch + 5a313972-x86-microcode-add-support-for-AMD-Fam17.patch + 5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch + 5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch + 5a4caa8c-x86-E820-don-t-overrun-array.patch + 5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch + 5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch + 5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch + 5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch + 5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch + 5a4fd893-4-x86-introduce-cpuid_policy_updated.patch + 5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch + 5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch + 5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch + 5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch + 5a4fd894-4-clarifications-to-wait-infrastructure.patch + 5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch + 5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch + 5a5e2cff-x86-Meltdown-band-aid.patch + 5a5e2d73-x86-Meltdown-band-aid-conditional.patch + 5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch + 5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch + 5a5e3a4e-3-x86-report-speculative-mitigation-details.patch + 5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch + 5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch + 5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch + 5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch + 5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch + 5a5e459c-2-x86-report-domain-id-on-CPUID.patch + 5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch + 5a69c0b9-x86-fix-GET_STACK_END.patch + 5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch + 5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch + 5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch + 5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch + 5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch + 5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch + 5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch + 5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch + 5a6b36cd-9-x86-issue-speculation-barrier.patch + 5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch + 5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch + 5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch + 5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch + 5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch + 5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch + 5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch + 5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch + 5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch + 5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch + 5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch + 5a955800-gnttab-dont-free-status-pages-on-ver-change.patch + 5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch + 5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch + 5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch + 5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch + 5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch + 5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch + 5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch + xsa258.patch + xsa259.patch + +------------------------------------------------------------------- +Wed Apr 25 09:45:03 MDT 2018 - carnold@suse.com + +- bsc#1090820 - VUL-0: CVE-2018-8897: xen: x86: mishandling of + debug exceptions (XSA-260) + xsa260-1.patch + xsa260-2.patch + xsa260-3.patch + xsa260-4.patch +- bsc#1090822 - VUL-0: CVE-2018-10982: xen: x86 vHPET interrupt + injection errors (XSA-261) + xsa261.patch +- bsc#1090823 - VUL-0: CVE-2018-10981: xen: qemu may drive Xen into + unbounded loop (XSA-262) + xsa262.patch + +------------------------------------------------------------------- +Mon Apr 16 14:03:24 MDT 2018 - carnold@suse.com + +- bsc#1089152 - VUL-0: CVE-2018-10472: xen: Information leak via + crafted user-supplied CDROM (XSA-258) + xsa258.patch +- bsc#1089635 - VUL-0: CVE-2018-10471: xen: x86: PV guest may crash + Xen with XPTI (XSA-259) + xsa259.patch + +------------------------------------------------------------------- +Wed Mar 28 08:28:59 UTC 2018 - ohering@suse.de + +- Preserve xen-syms from xen-dbg.gz to allow processing vmcores + with crash(1) (bsc#1087251) + +------------------------------------------------------------------- +Mon Mar 26 08:20:45 MDT 2018 - carnold@suse.com + +- Upstream patches from Jan (bsc#1027519) and fixes related to + Page Table Isolation (XPTI). See also bsc#1074562 XSA-254 + 5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch + 5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch + 5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch + 5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch + 5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch + 5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch + +------------------------------------------------------------------- +Thu Mar 1 09:36:03 MST 2018 - carnold@suse.com + +- bsc#1072834 - Xen HVM: unchecked MSR access error: RDMSR from + 0xc90 at rIP: 0xffffffff93061456 (native_read_msr+0x6/0x30) + 5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch +- Upstream patches from Jan (bsc#1027519) + 5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch + 5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch + 5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch + 5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch + 5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch + 5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch + 5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch + 5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch (Replaces xsa252.patch) + 5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch (Replaces xsa255-1.patch) + 5a955800-gnttab-dont-free-status-pages-on-ver-change.patch (Replaces xsa255-2.patch) + 5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch (Replaces xsa256.patch) +- Drop + xsa252.patch + xsa255-1.patch + xsa255-2.patch + xsa256.patch + +------------------------------------------------------------------- +Mon Feb 12 13:26:38 MST 2018 - carnold@suse.com + +- bsc#1080635 - VUL-0: CVE-2018-7540: xen: DoS via non-preemptable + L3/L4 pagetable freeing (XSA-252) + xsa252.patch +- bsc#1080662 - VUL-0: CVE-2018-7541: xen: grant table v2 -> v1 + transition may crash Xen (XSA-255) + xsa255-1.patch + xsa255-2.patch +- bsc#1080634 - VUL-0: CVE-2018-7542: xen: x86 PVH guest without + LAPIC may DoS the host (XSA-256) + xsa256.patch + +------------------------------------------------------------------- +Fri Feb 9 12:59:12 UTC 2018 - ohering@suse.de + +- Remove stale systemd presets code for 13.2 and older + +------------------------------------------------------------------- +Fri Feb 9 12:31:33 UTC 2018 - ohering@suse.de + +- fate#324965 - add script, udev rule and systemd service to watch + for vcpu online/offline events in a HVM domU + They are triggered via xl vcpu-set domU N + +------------------------------------------------------------------- +Fri Feb 9 10:23:15 UTC 2018 - ohering@suse.de + +- Replace hardcoded xen with Name tag when refering to subpkgs + +------------------------------------------------------------------- +Fri Feb 9 10:19:49 UTC 2018 - ohering@suse.de + +- Make sure tools and tools-domU require libs from the very same build + +------------------------------------------------------------------- +Wed Feb 7 22:47:44 UTC 2018 - jfehlig@suse.com + +- tools-domU: Add support for qemu guest agent. New files + 80-xen-channel-setup.rules and xen-channel-setup.sh configure a + xen-pv-channel for use by the guest agent + FATE#324963 + +------------------------------------------------------------------- +Wed Feb 7 15:01:10 UTC 2018 - ohering@suse.de + +- Remove outdated /etc/xen/README* + +------------------------------------------------------------------- +Mon Jan 29 10:11:05 MST 2018 - carnold@suse.com + +- bsc#1073961 - VUL-0: CVE-2018-5244: xen: x86: memory leak with + MSR emulation (XSA-253) + 5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch +- bsc#1074562 - VUL-0: CVE-2017-5753,CVE-2017-5715,CVE-2017-5754 + xen: Information leak via side effects of speculative execution + (XSA-254). Includes Spectre v2 mitigation. + 5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch + 5a4caa8c-x86-E820-don-t-overrun-array.patch + 5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch + 5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch + 5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch + 5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch + 5a4fd893-4-x86-introduce-cpuid_policy_updated.patch + 5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch + 5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch + 5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch + 5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch + 5a4fd894-4-clarifications-to-wait-infrastructure.patch + 5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch + 5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch + 5a5e2cff-x86-Meltdown-band-aid.patch + 5a5e2d73-x86-Meltdown-band-aid-conditional.patch + 5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch + 5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch + 5a5e3a4e-3-x86-report-speculative-mitigation-details.patch + 5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch + 5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch + 5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch + 5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch + 5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch + 5a5e459c-2-x86-report-domain-id-on-CPUID.patch + 5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch + 5a69c0b9-x86-fix-GET_STACK_END.patch + 5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch + 5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch + 5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch + 5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch + 5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch + 5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch + 5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch + 5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch + 5a6b36cd-9-x86-issue-speculation-barrier.patch + 5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch + 5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch + +------------------------------------------------------------------- +Fri Jan 26 14:40:14 MST 2018 - carnold@suse.com + +- Fix python3 deprecated atoi call (bsc#1067224) + pygrub-python3-conversion.patch +- Drop xenmon-python3-conversion.patch + +------------------------------------------------------------------- +Wed Jan 10 11:12:07 UTC 2018 - ohering@suse.de + +- bsc#1067317 - pass cache=writeback|unsafe|directsync to qemu, + depending on the libxl disk settings + libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch + +------------------------------------------------------------------- +Mon Jan 8 08:15:11 UTC 2018 - ohering@suse.de + +- Remove libxl.LIBXL_DESTROY_TIMEOUT.debug.patch + +------------------------------------------------------------------- +Fri Jan 5 13:45:40 MST 2018 - carnold@suse.com + +- bsc#1067224 - xen-tools have hard dependency on Python 2 + build-python3-conversion.patch + bin-python3-conversion.patch + +------------------------------------------------------------------- +Wed Dec 20 09:57:09 MST 2017 - carnold@suse.com + +- bsc#1070165 - xen crashes after aborted localhost migration + 5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch +- bsc#1035442 - L3: libxl: error: libxl.c:1676:devices_destroy_cb: + libxl__devices_destroy failed + 5a33a12f-domctl-improve-locking-during-domain-destruction.patch +- Upstream patches from Jan (bsc#1027519) + 5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch + 5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch + 5a313972-x86-microcode-add-support-for-AMD-Fam17.patch + 5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch + +------------------------------------------------------------------- +Wed Dec 13 08:43:00 MST 2017 - carnold@suse.com + +- Update to Xen 4.10.0 FCS (fate#321394, fate#322686) + xen-4.10.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Mon Dec 11 12:07:30 UTC 2017 - ohering@suse.de + +- Rebuild initrd if xen-tools-domU is updated + +------------------------------------------------------------------- +Tue Dec 5 08:38:58 MST 2017 - carnold@suse.com + +- Update to Xen 4.10.0-rc8 (fate#321394, fate#322686) + xen-4.10.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Tue Nov 28 10:14:56 UTC 2017 - ohering@suse.de + +- Increase the value of LIBXL_DESTROY_TIMEOUT from 10 to 100 seconds + If many domUs shutdown in parallel the backends can not keep up + Add some debug output to track how long backend shutdown takes (bsc#1035442) + libxl.LIBXL_DESTROY_TIMEOUT.patch + libxl.LIBXL_DESTROY_TIMEOUT.debug.patch + +------------------------------------------------------------------- +Tue Nov 28 10:06:03 UTC 2017 - ohering@suse.de + +- Adjust xenstore-run-in-studomain.patch to change the defaults + in the code instead of changing the sysconfig template, to also + cover the upgrade case + +------------------------------------------------------------------- +Fri Nov 24 17:28:59 UTC 2017 - carnold@suse.com + +- Update to Xen 4.10.0-rc6 (fate#321394, fate#322686) + xen-4.10.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Fri Nov 24 13:25:07 UTC 2017 - ohering@suse.de + +- Since xen switched to Kconfig, building a debug hypervisor + was done by default. Adjust make logic to build a non-debug + hypervisor by default, and continue to provide one as xen-dbg.gz + +------------------------------------------------------------------- +Fri Nov 24 11:26:45 UTC 2017 - ohering@suse.de + +- fate#316614: set migration constraints from cmdline + fix libxl.set-migration-constraints-from-cmdline.patch for xen-4.10 + +------------------------------------------------------------------- +Thu Nov 23 15:06:44 UTC 2017 - ohering@suse.de + +- Document the suse-diskcache-disable-flush option in + xl-disk-configuration(5) (bsc#879425,bsc#1067317) + +------------------------------------------------------------------- +Thu Nov 23 13:47:42 UTC 2017 - rbrown@suse.com + +- Replace references to /var/adm/fillup-templates with new + %_fillupdir macro (boo#1069468) + +------------------------------------------------------------------- +Thu Nov 16 08:48:07 MST 2017 - carnold@suse.com + +- Update to Xen 4.10.0-rc5 (fate#321394, fate#322686) + xen-4.10.0-testing-src.tar.bz2 +- fate#323663 - Run Xenstore in stubdomain + xenstore-run-in-studomain.patch + +------------------------------------------------------------------- +Thu Nov 9 15:11:57 MST 2017 - carnold@suse.com + +- bsc#1067224 - xen-tools have hard dependency on Python 2 + pygrub-python3-conversion.patch + xenmon-python3-conversion.patch + migration-python3-conversion.patch + xnloader.py + xen2libvirt.py + +------------------------------------------------------------------- +Wed Nov 8 10:47:24 UTC 2017 - ohering@suse.de + +- Remove xendriverdomain.service (bsc#1065185) + Driver domains must be configured manually with custom .service file + +------------------------------------------------------------------- +Thu Nov 2 14:14:02 MDT 2017 - carnold@suse.com + +- Update to Xen 4.10.0-rc3 (fate#321394, fate#322686) + xen-4.10.0-testing-src.tar.bz2 +- Drop 59f31268-libxc-remove-stale-error-check-for-domain-size.patch + +------------------------------------------------------------------- +Thu Nov 2 11:36:27 UTC 2017 - ohering@suse.de + +- Adjust xen-dom0-modules.service to ignore errors (bsc#1065187) + +------------------------------------------------------------------- +Fri Oct 27 07:48:55 MDT 2017 - carnold@suse.com + +- fate#324052 Support migration of Xen HVM domains larger than 1TB + 59f31268-libxc-remove-stale-error-check-for-domain-size.patch + +------------------------------------------------------------------- +Wed Oct 25 16:26:33 MDT 2017 - carnold@suse.com + +- Update to Xen 4.10.0-rc2 (fate#321394, fate#322686) + xen-4.10.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Mon Oct 16 09:34:23 MDT 2017 - carnold@suse.com + +- Update to Xen 4.10.0-rc1 (fate#321394, fate#322686) + xen-4.10.0-testing-src.tar.bz2 +- Drop patches included in new tarball + 592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch + 596f257e-x86-fix-hvmemul_insn_fetch.patch + 5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch + 598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch + 598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch + 5992f1e5-x86-grant-disallow-misaligned-PTEs.patch + 5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch + 5992f233-gnttab-correct-pin-status-fixup-for-copy.patch + 59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch + 59958ebf-gnttab-fix-transitive-grant-handling.patch + 59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch + 599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch + 59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch + 59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch + 59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch + 59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch + 59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch + 59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch + 59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch + 59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch + 59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch + 59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch + 59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch + 59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch + gcc7-arm.patch + gcc7-mini-os.patch + +------------------------------------------------------------------- +Tue Oct 3 09:03:57 MDT 2017 - carnold@suse.com + +- bsc#1061084 - VUL-0: xen: page type reference leak on x86 + (XSA-242) + xsa242.patch +- bsc#1061086 - VUL-0: xen: x86: Incorrect handling of self-linear + shadow mappings with translated guests (XSA-243) + xsa243.patch +- bsc#1061087 - VUL-0: xen: x86: Incorrect handling of IST settings + during CPU hotplug (XSA-244) + xsa244.patch + +------------------------------------------------------------------- +Mon Oct 2 13:26:08 MDT 2017 - carnold@suse.com + +- bsc#1061077 - VUL-0: xen: DMOP map/unmap missing argument checks + (XSA-238) + xsa238.patch +- bsc#1061080 - VUL-0: xen: hypervisor stack leak in x86 I/O + intercept code (XSA-239) + xsa239.patch +- bsc#1061081 - VUL-0: xen: Unlimited recursion in linear pagetable + de-typing (XSA-240) + xsa240-1.patch + xsa240-2.patch +- bsc#1061082 - VUL-0: xen: Stale TLB entry due to page type + release race (XSA-241) + xsa241.patch + +------------------------------------------------------------------- +Fri Sep 29 10:57:35 MDT 2017 - carnold@suse.com + +- bsc#1061075 - VUL-0: xen: pin count / page reference race in + grant table code (XSA-236) + xsa236.patch +- bsc#1061076 - VUL-0: xen: multiple MSI mapping issues on x86 + (XSA-237) + xsa237-1.patch + xsa237-2.patch + xsa237-3.patch + xsa237-4.patch + xsa237-5.patch + +------------------------------------------------------------------- +Tue Sep 26 08:44:03 MDT 2017 - carnold@suse.com + +- bsc#1056278 - VUL-0: xen: Missing NUMA node parameter + verification (XSA-231) + 59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch +- bsc#1056280 - VUL-0: xen: Missing check for grant table (XSA-232) + 59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch +- bsc#1056281 - VUL-0: xen: cxenstored: Race in domain cleanup + (XSA-233) + 59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch +- bsc#1056282 - VUL-0: xen: insufficient grant unmapping checks for + x86 PV guests (XSA-234) + 59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch +- bsc#1055321 - VUL-0: xen: add-to-physmap error paths fail to + release lock on ARM (XSA-235) + 599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch +- Upstream patches from Jan (bsc#1027519) + 59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch + 59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch + 59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch + 59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch + 59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch + 59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch + 59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch + 59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch +- Dropped gcc7-xen.patch + +------------------------------------------------------------------- +Thu Sep 7 04:58:12 MDT 2017 - carnold@suse.com + +- bsc#1057358 - Cannot Boot into SLES12.3 with Xen hypervisor when + Secure Boot is Enabled + xen.spec + +------------------------------------------------------------------- +Tue Sep 5 12:00:59 UTC 2017 - ohering@suse.de + +- bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored + update from v6 to v9 to cover more cases for ballooned domUs + libxc.sr.superpage.patch + +------------------------------------------------------------------- +Mon Aug 28 14:51:54 UTC 2017 - ohering@suse.de + +- bsc#1026236 - remove suse_vtsc_tolerance= cmdline option for Xen + drop the patch because it is not upstream acceptable + remove xen.suse_vtsc_tolerance.patch + +------------------------------------------------------------------- +Sat Aug 26 10:52:46 UTC 2017 - ohering@suse.de + +- bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored + after the save using xl stack + libxc.sr.superpage.patch + +------------------------------------------------------------------- +Tue Aug 22 13:25:33 UTC 2017 - ohering@suse.de + +- Unignore gcc-PIE + the toolstack disables PIE for firmware builds as needed + +------------------------------------------------------------------- +Mon Aug 21 10:42:46 MDT 2017 - carnold@suse.com + +- Upstream patches from Jan (bsc#1027519) + 592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch + 596f257e-x86-fix-hvmemul_insn_fetch.patch + 5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch + 598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch + 598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch + 5992f1e5-x86-grant-disallow-misaligned-PTEs.patch (Replaces xsa227.patch) + 5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch (Replaces xsa228.patch) + 5992f233-gnttab-correct-pin-status-fixup-for-copy.patch (Replaces xsa230.patch) + 59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch (Replaces xsa226-1.patch) + 59958ebf-gnttab-fix-transitive-grant-handling.patch (Replaces xsa226-2.patch) + 59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch + +------------------------------------------------------------------- +Wed Aug 16 15:03:46 MDT 2017 - carnold@suse.com + +- bsc#1044974 - xen-tools require python-pam + xen.spec + +------------------------------------------------------------------- +Fri Aug 11 16:37:44 MDT 2017 - carnold@suse.com + +- Clean up spec file errors and a few warnings. (bsc#1027519) +- Removed conditional 'with_systemd' and some old deprecated + 'sles_version' checks. + xen.spec + +------------------------------------------------------------------- +Thu Aug 10 19:45:31 UTC 2017 - jfehlig@suse.com + +- Remove use of brctl utiltiy from supportconfig plugin + FATE#323639 + +------------------------------------------------------------------- +Thu Aug 10 07:50:47 UTC 2017 - ohering@suse.de + +- Use upstream variant of mini-os __udivmoddi4 change + gcc7-mini-os.patch + +------------------------------------------------------------------- +Wed Aug 9 13:14:56 MDT 2017 - carnold@suse.com + +- fate#323639 Move bridge-utils to legacy + replace-obsolete-network-configuration-commands-in-s.patch + +------------------------------------------------------------------- +Tue Aug 8 08:20:41 MDT 2017 - carnold@suse.com + +- bsc#1052686 - VUL-0: xen: grant_table: possibly premature + clearing of GTF_writing / GTF_reading (XSA-230) + xsa230.patch + +------------------------------------------------------------------- +Mon Aug 7 12:53:44 UTC 2017 - ohering@suse.de + +- bsc#1035231 - migration of HVM domU does not use superpages + on destination dom0 + libxc.sr.superpage.patch + +------------------------------------------------------------------- +Thu Aug 3 11:51:11 MDT 2017 - carnold@suse.com + +- bsc#1051787 - VUL-0: CVE-2017-12135: xen: possibly unbounded + recursion in grant table code (XSA-226) + xsa226-1.patch + xsa226-2.patch +- bsc#1051788 - VUL-0: CVE-2017-12137: xen: x86: PV privilege + escalation via map_grant_ref (XSA-227) + xsa227.patch +- bsc#1051789 - VUL-0: CVE-2017-12136: xen: grant_table: Race + conditions with maptrack free list handling (XSA-228) + xsa228.patch + +------------------------------------------------------------------- +Tue Aug 1 20:02:58 UTC 2017 - jfehlig@suse.com + +- Add a supportconfig plugin + xen-supportconfig + FATE#323661 + +------------------------------------------------------------------- +Tue Jul 25 14:48:02 UTC 2017 - ohering@suse.de + +- bsc#1026236 - add suse_vtsc_tolerance= cmdline option for Xen + To avoid emulation of TSC access from a domU after live migration + add a global tolerance for the measured host kHz + xen.suse_vtsc_tolerance.patch + +------------------------------------------------------------------- +Thu Jul 20 10:46:43 MDT 2017 - carnold@suse.com + +- fate#323662 Drop qemu-dm from xen-tools package + The following tarball and patches have been removed + qemu-xen-traditional-dir-remote.tar.bz2 + VNC-Support-for-ExtendedKeyEvent-client-message.patch + 0001-net-move-the-tap-buffer-into-TAPState.patch + 0002-net-increase-tap-buffer-size.patch + 0003-e1000-fix-access-4-bytes-beyond-buffer-end.patch + 0004-e1000-secrc-support.patch + 0005-e1000-multi-buffer-packet-support.patch + 0006-e1000-clear-EOP-for-multi-buffer-descriptors.patch + 0007-e1000-verify-we-have-buffers-upfront.patch + 0008-e1000-check-buffer-availability.patch + CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch + CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch + CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch + CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch + CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch + CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch + CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch + CVE-2015-4037-qemut-smb-config-dir-name.patch + CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch + CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch + CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch + CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch + CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch + CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch + CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch + CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch + CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch + CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch + CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch + CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch + CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch + CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch + CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch + CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch + CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch + CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch + CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch + CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch + CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch + CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch + CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch + CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch + blktap.patch + cdrom-removable.patch + xen-qemu-iscsi-fix.patch + qemu-security-etch1.patch + xen-disable-qemu-monitor.patch + xen-hvm-default-bridge.patch + qemu-ifup-set-mtu.patch + ioemu-vnc-resize.patch + capslock_enable.patch + altgr_2.patch + log-guest-console.patch + bdrv_open2_fix_flags.patch + bdrv_open2_flags_2.patch + ioemu-7615-qcow2-fix-alloc_cluster_link_l2.patch + qemu-dm-segfault.patch + bdrv_default_rwflag.patch + kernel-boot-hvm.patch + ioemu-watchdog-support.patch + ioemu-watchdog-linkage.patch + ioemu-watchdog-ib700-timer.patch + ioemu-hvm-pv-support.patch + pvdrv_emulation_control.patch + ioemu-disable-scsi.patch + ioemu-disable-emulated-ide-if-pv.patch + xenpaging.qemu.flush-cache.patch + ioemu-devicemodel-include.patch +- Cleanup spec file and remove unused KMP patches + kmp_filelist + supported_module.patch + xen_pvonhvm.xen_emul_unplug.patch + +------------------------------------------------------------------- +Mon Jul 17 15:19:50 MDT 2017 - carnold@suse.com + +- bsc#1002573 - Optimize LVM functions in block-dmmd + block-dmmd + +------------------------------------------------------------------- +Fri Jul 14 18:05:12 UTC 2017 - ohering@suse.de + +- Record initial Xen dmesg in /var/log/xen/xen-boot.log for + supportconfig. Keep previous log in /var/log/xen/xen-boot.prev.log + +------------------------------------------------------------------- +Fri Jul 14 10:41:34 UTC 2017 - ohering@suse.de + +- Remove storytelling from description in xen.rpm + +------------------------------------------------------------------- +Wed Jun 28 01:40:43 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0 FCS (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Wed Jun 21 14:03:40 MDT 2017 - carnold@suse.com + +- Update block-dmmd script (bsc#1002573) + block-dmmd + +------------------------------------------------------------------- +Tue Jun 20 15:18:25 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc8+ (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + gcc7-arm.patch +- Drop gcc7-error-xenpmd.patch + +------------------------------------------------------------------- +Mon Jun 5 10:49:34 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc8 (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Thu Jun 1 13:24:26 MDT 2017 - carnold@suse.com + +- bsc#1042160 - VUL-1: CVE-2017-9330: xen: usb: ohci: infinite loop + due to incorrect return value + CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch + +------------------------------------------------------------------- +Tue May 30 11:24:41 MDT 2017 - carnold@suse.com + +- bsc#1037243 - VUL-1: CVE-2017-8309: xen: audio: host memory + leakage via capture buffer + CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch + +------------------------------------------------------------------- +Fri May 26 12:58:06 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc7 (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Mon May 22 14:43:01 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc6 (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Thu May 18 16:22:53 MDT 2017 - carnold@suse.com + +- bsc#1031343 - xen fails to build with GCC 7 + gcc7-mini-os.patch + gcc7-xen.patch + +------------------------------------------------------------------- +Wed May 17 08:28:37 MDT 2017 - carnold@suse.com + +- bsc#1031343 - xen fails to build with GCC 7 + gcc7-error-xenpmd.patch + +------------------------------------------------------------------- +Tue May 16 09:04:19 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc5 (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 +- Drop xen-tools-pkgconfig-xenlight.patch + +------------------------------------------------------------------- +Wed May 10 15:26:38 MDT 2017 - carnold@suse.com + +- bsc#1037779 - xen breaks kexec-tools build + xen-tools-pkgconfig-xenlight.patch + +------------------------------------------------------------------- +Tue May 9 08:40:58 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc4 (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Tue May 2 09:18:24 MDT 2017 - carnold@suse.com + +- bsc#1036146 - sles12sp2 xen VM dumps core to wrong path + xen.spec + +------------------------------------------------------------------- +Fri Apr 28 09:03:56 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc3 (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + aarch64-maybe-uninitialized.patch + +------------------------------------------------------------------- +Fri Apr 21 16:26:31 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc2 (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Wed Apr 19 07:54:58 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc1 (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + ioemu-devicemodel-include.patch +- Dropped patches contained in new tarball + xen-4.8.0-testing-src.tar.bz2 + 0001-xenstore-let-write_node-and-some-callers-return-errn.patch + 0002-xenstore-undo-function-rename.patch + 0003-xenstore-rework-of-transaction-handling.patch + 584806ce-x86emul-correct-PUSHF-POPF.patch + 584fc649-fix-determining-when-domain-creation-is-complete.patch + 58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch + 58510cac-x86emul-MOVNTI-no-REP-prefixes.patch + 58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch + 5853ed37-VT-d-correct-dma_msi_set_affinity.patch + 5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch + 58580060-x86-emul-correct-SYSCALL-eflags-handling.patch + 585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch + 585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch + 585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch + 586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch + 587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch + 587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch + 5882129d-x86emul-LOCK-check-adjustments.patch + 58821300-x86-segment-attribute-handling.patch + 58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch + 58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch + 5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch + 5887888f-credit2-never-consider-CPUs-outside-of-pool.patch + 5887888f-credit2-use-the-correct-scratch-cpumask.patch + 5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch + 5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch + 589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch + 58a44771-IOMMU-always-call-teardown-callback.patch + 58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch + 58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch + 58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch + 58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch + 58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch + 58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch + 58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch + 58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch + 58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch + 58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch + 58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch + 58d25ea2-xenstore-add-missing-checks-for-allocation-failure.patch + 58d91365-sched-dont-call-wrong-hook-via-VCPU2OP.patch + CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch + CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch + glibc-2.25-compatibility-fix.patch + xs-09-add_change_node-params.patch + xs-10-call-add_change_node.patch + xs-11-tdb-record-header.patch + xs-12-node-gen-count.patch + xs-13-read-directory-part-support.patch + xs-14-command-array.patch + xs-15-command-return-val.patch + xs-16-function-static.patch + xs-17-arg-parsing.patch + xs-18-default-buffer.patch + xs-19-handle-alloc-failures.patch + xs-20-tdb-version.patch + xs-21-empty-tdb-database.patch + xs-22-reopen_log-fix.patch + xs-23-XS_DEBUG-rename.patch + xs-24-xenstored_control.patch + xs-25-control-enhance.patch + xs-26-log-control.patch + xs-27-memory-report.patch + xs-28-remove-talloc-report.patch + xs-29-define-off_t.patch + xsa206-0001-xenstored-apply-a-write-transaction-rate-limit.patch + xsa206-0002-xenstored-Log-when-the-write-transaction-rate-limit.patch + +------------------------------------------------------------------- +Wed Apr 5 11:41:52 MDT 2017 - carnold@suse.com + +- bsc#1022703 - Xen HVM guest with OVMF hangs with unattached CDRom + 58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch + +------------------------------------------------------------------- +Wed Mar 29 16:18:26 UTC 2017 - jfehlig@suse.com + +- bsc#1015348 - L3: libvirtd does not start during boot + suse-xendomains-service.patch + +------------------------------------------------------------------- +Wed Mar 22 08:54:15 MDT 2017 - carnold@suse.com + +- bsc#1014136 - Partner-L3: kdump can't dump a kernel on SLES12-SP2 + with Xen hypervisor. + 58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch +- bsc#1026236 - L3: Paravirtualized vs. fully virtualized migration + - latter one much faster + 58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch +- Upstream patch from Jan + 58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch + 58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch + 58d91365-sched-dont-call-wrong-hook-via-VCPU2OP.patch + +------------------------------------------------------------------- +Mon Mar 20 09:46:02 MDT 2017 - carnold@suse.com + +- bsc#1022555 - L3: Timeout in "execution of /etc/xen/scripts/block + add" + 58d25ea2-xenstore-add-missing-checks-for-allocation-failure.patch + 0001-xenstore-let-write_node-and-some-callers-return-errn.patch + 0002-xenstore-undo-function-rename.patch + 0003-xenstore-rework-of-transaction-handling.patch +- bsc#1030144 - VUL-0: xen: xenstore denial of service via repeated + update (XSA-206) + xsa206-0001-xenstored-apply-a-write-transaction-rate-limit.patch + xsa206-0002-xenstored-Log-when-the-write-transaction-rate-limit.patch +- bsc#1029827 - Forward port xenstored + xs-09-add_change_node-params.patch + xs-10-call-add_change_node.patch + xs-11-tdb-record-header.patch + xs-12-node-gen-count.patch + xs-13-read-directory-part-support.patch + xs-14-command-array.patch + xs-15-command-return-val.patch + xs-16-function-static.patch + xs-17-arg-parsing.patch + xs-18-default-buffer.patch + xs-19-handle-alloc-failures.patch + xs-20-tdb-version.patch + xs-21-empty-tdb-database.patch + xs-22-reopen_log-fix.patch + xs-23-XS_DEBUG-rename.patch + xs-24-xenstored_control.patch + xs-25-control-enhance.patch + xs-26-log-control.patch + xs-27-memory-report.patch + xs-28-remove-talloc-report.patch + xs-29-define-off_t.patch + +------------------------------------------------------------------- +Tue Mar 14 06:59:46 UTC 2017 - ohering@suse.de + +- bsc#1029128 - fix make xen to really produce xen.efi with gcc48 + +------------------------------------------------------------------- +Wed Mar 8 07:51:35 MST 2017 - carnold@suse.com + +- bsc#1028235 - VUL-0: CVE-2017-6505: xen: qemu: usb: an infinite + loop issue in ohci_service_ed_list + CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch +- Upstream patches from Jan (bsc#1027519) + 5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch + 5887888f-credit2-use-the-correct-scratch-cpumask.patch + 5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch + 589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch + 58a44771-IOMMU-always-call-teardown-callback.patch + 58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch + 58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch + 58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch + 58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch + 58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch + 58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch + +------------------------------------------------------------------- +Thu Mar 2 15:21:25 MST 2017 - carnold@suse.com + +- bsc#1027654 - XEN fails to build against glibc 2.25 + glibc-2.25-compatibility-fix.patch + libxl.pvscsi.patch + +------------------------------------------------------------------- +Thu Feb 16 11:42:23 UTC 2017 - ohering@suse.de + +- fate#316613: Refresh and enable libxl.pvscsi.patch + +------------------------------------------------------------------- +Fri Feb 10 11:22:01 MST 2017 - carnold@suse.com + +- bsc#1024834 - VUL-0: CVE-2017-2620: xen: cirrus_bitblt_cputovideo + does not check if memory region is safe (XSA-209) + CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch + +------------------------------------------------------------------- +Wed Feb 8 10:19:24 MST 2017 - carnold@suse.com + +- bsc#1023948 - [pvusb][sles12sp3][openqa] Segmentation fault + happened when adding usbctrl devices via xl + 589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch + +------------------------------------------------------------------- +Thu Feb 2 09:57:01 MST 2017 - carnold@suse.com + +- Upstream patches from Jan (bsc#1027519) + 587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch + 587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch + 5882129d-x86emul-LOCK-check-adjustments.patch + 58821300-x86-segment-attribute-handling.patch + 58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch + 58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch + 5887888f-credit2-use-the-correct-scratch-cpumask.patch + 5887888f-credit2-never-consider-CPUs-outside-of-pool.patch + 5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch + 5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch + +------------------------------------------------------------------- +Wed Feb 1 09:36:25 MST 2017 - carnold@suse.com + +- bsc#1023004 - VUL-0: CVE-2017-2615: qemu: display: cirrus: oob + access while doing bitblt copy backward mode + CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch + +------------------------------------------------------------------- +Thu Jan 26 10:30:19 MST 2017 - carnold@suse.com + +- fate#322313 and fate#322150 require the acpica package ported to + aarch64 which Xen 4.8 needs to build. Temporarily disable aarch64 + until these fates are complete. + xen.spec + +------------------------------------------------------------------- +Wed Jan 25 15:39:26 MST 2017 - carnold@suse.com + +- bsc#1021952 - Virutalization/xen: Bug xen-tools missing + /usr/bin/domu-xenstore; guests fail to launch + tmp_build.patch + xen.spec + +------------------------------------------------------------------- +Wed Jan 18 10:50:52 UTC 2017 - ohering@suse.de + +- No systemd presets for 42.3+ and SLE12SP3+ (bsc#1012842) + +------------------------------------------------------------------- +Thu Jan 12 11:34:06 MST 2017 - carnold@suse.com + +- bsc#1007224 - broken symlinks in /usr/share/doc/packages/xen/misc/ + xen.spec + +------------------------------------------------------------------- +Mon Jan 9 10:54:19 MST 2017 - carnold@suse.com + +- 585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch + Replaces xsa202.patch (bsc#1014298) +- 585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch + Replaces xsa203.patch (bsc#1014300) +- 58580060-x86-emul-correct-SYSCALL-eflags-handling.patch + Replaces xsa204.patch (bsc#1016340) +- Upstream patches from Jan + 58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch + 5853ed37-VT-d-correct-dma_msi_set_affinity.patch + 5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch + 585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch + 586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch + +------------------------------------------------------------------- +Wed Jan 4 14:59:04 MST 2017 - carnold@suse.com + +- bsc#1015169 - VUL-0: CVE-2016-9921, CVE-2016-9922: xen: qemu: + display: cirrus_vga: a divide by zero in cirrus_do_copy + CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch + +------------------------------------------------------------------- +Mon Dec 19 10:32:51 MST 2016 - carnold@suse.com + +- bsc#1016340 - VUL-0: CVE-2016-10013: xen: x86: Mishandling of + SYSCALL singlestep during emulation (XSA-204) + xsa204.patch + +------------------------------------------------------------------- +Thu Dec 15 09:08:18 MST 2016 - carnold@suse.com + +- bsc#1012651 - VUL-0: CVE-2016-9932: xen: x86 CMPXCHG8B emulation + fails to ignore operand size override (XSA-200) + 58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch + +------------------------------------------------------------------- +Wed Dec 14 08:24:41 MST 2016 - carnold@suse.com + +- bsc#1014298 - VUL-0: CVE-2016-10024: xen: x86 PV guests may be + able to mask interrupts (XSA-202) + xsa202.patch +- bsc#1014300 - VUL-0: CVE-2016-10025: xen: x86: missing NULL + pointer check in VMFUNC emulation (XSA-203) + xsa203.patch +- Upstream patches from Jan + 584806ce-x86emul-correct-PUSHF-POPF.patch + 584fc649-fix-determining-when-domain-creation-is-complete.patch + 58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch + 58510cac-x86emul-MOVNTI-no-REP-prefixes.patch + +------------------------------------------------------------------- +Mon Dec 5 15:32:00 MST 2016 - carnold@suse.com + +- Update to Xen 4.8 FCS + xen-4.8.0-testing-src.tar.bz2 +- Dropped + xen-4.7.1-testing-src.tar.bz2 + 0001-libxc-Rework-extra-module-initialisation.patch + 0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch + 0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch + 0004-firmware-makefile-install-BIOS-blob.patch + 0005-libxl-Load-guest-BIOS-from-file.patch + 0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch + 0007-hvmloader-Grab-the-hvm_start_info-pointer.patch + 0008-hvmloader-Locate-the-BIOS-blob.patch + 0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch + 0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch + 0011-hvmloader-Load-OVMF-from-modules.patch + 0012-hvmloader-Specific-bios_load-function-required.patch + 0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch + 0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch + 57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch + 576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch + 5769106e-x86-generate-assembler-equates-for-synthesized.patch + 57a1e603-x86-time-adjust-local-system-time-initialization.patch + 57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch + 57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch + 57a30261-x86-support-newer-Intel-CPU-models.patch + 5810a9cc-x86-emul-Correct-decoding-of-SReg3-operands.patch + 581b2c3b-x86-emul-reject-LGDT-LIDT-with-non-canonical-addresses.patch + 581b647a-x86emul-L-S-G-I-DT-ignore-opsz-overrides-in-64-bit-mode.patch + 58249392-x86-svm-dont-clobber-eax-edx-if-RDMSR-intercept-fails.patch + 582c35d6-x86-vmx-correct-long-mode-check-in-vmx_cpuid_intercept.patch + 582c35ee-x86-traps-dont-call-hvm_hypervisor_cpuid_leaf-for-PV.patch + 58343dc2-x86-hvm-Fix-the-handling-of-non-present-segments.patch + 58343df8-x86-HVM-dont-load-LDTR-with-VM86-mode-attrs-during-task-switch.patch + 58343e24-x86-PV-writes-of-fs-and-gs-base-MSRs-require-canonical-addresses.patch + 58343e9e-libelf-fix-stack-memory-leak-when-loading-32-bit-symbol-tables.patch + 58343ec2-x86emul-fix-huge-bit-offset-handling.patch + 58343f29-x86-emul-correct-the-IDT-entry-calculation-in-inject_swint.patch + 58343f44-x86-svm-fix-injection-of-software-interrupts.patch + 58343f79-pygrub-Properly-quote-results-when-returning-them-to-the-caller.patch + CVE-2016-9381-xsa197-qemut.patch + CVE-2016-9637-xsa199-qemut.patch + +------------------------------------------------------------------- +Tue Nov 22 10:49:36 MST 2016 - carnold@suse.com + +- bsc#1011652 - VUL-0: xen: qemu ioport array overflow + CVE-2016-9637-xsa199-qemut.patch + +------------------------------------------------------------------- +Fri Nov 18 11:30:20 MST 2016 - carnold@suse.com + +- bsc#1009100 - VUL-0: CVE-2016-9386: XSA-191: xen: x86 null + segments not always treated as unusable + 58343dc2-x86-hvm-Fix-the-handling-of-non-present-segments.patch +- bsc#1009103 - VUL-0: CVE-2016-9382: XSA-192: xen: x86 task switch + to VM86 mode mis-handled + 58343df8-x86-HVM-dont-load-LDTR-with-VM86-mode-attrs-during-task-switch.patch +- bsc#1009104 - VUL-0: CVE-2016-9385: XSA-193: xen: x86 segment base + write emulation lacking canonical address checks + 58343e24-x86-PV-writes-of-fs-and-gs-base-MSRs-require-canonical-addresses.patch +- bsc#1009105 - VUL-0: CVE-2016-9384: XSA-194: xen: guest 32-bit + ELF symbol table load leaking host data + 58343e9e-libelf-fix-stack-memory-leak-when-loading-32-bit-symbol-tables.patch +- bsc#1009107 - VUL-0: CVE-2016-9383: XSA-195: xen: x86 64-bit bit + test instruction emulation broken + 58343ec2-x86emul-fix-huge-bit-offset-handling.patch +- bsc#1009108 - VUL-0: CVE-2016-9377,CVE-2016-9378: XSA-196: xen: + x86 software interrupt injection mis-handled + 58343f29-x86-emul-correct-the-IDT-entry-calculation-in-inject_swint.patch + 58343f44-x86-svm-fix-injection-of-software-interrupts.patch +- bsc#1009109 - VUL-0: CVE-2016-9381: XSA-197: xen: qemu incautious + about shared ring processing + CVE-2016-9381-xsa197-qemut.patch +- bsc#1009111 - VUL-0: CVE-2016-9379,CVE-2016-9380: XSA-198: xen: + delimiter injection vulnerabilities in pygrub + 58343f79-pygrub-Properly-quote-results-when-returning-them-to-the-caller.patch +- Upstream patches from Jan + 581b2c3b-x86-emul-reject-LGDT-LIDT-with-non-canonical-addresses.patch + 581b647a-x86emul-L-S-G-I-DT-ignore-opsz-overrides-in-64-bit-mode.patch + 58249392-x86-svm-dont-clobber-eax-edx-if-RDMSR-intercept-fails.patch + 582c35d6-x86-vmx-correct-long-mode-check-in-vmx_cpuid_intercept.patch + 582c35ee-x86-traps-dont-call-hvm_hypervisor_cpuid_leaf-for-PV.patch + +------------------------------------------------------------------- +Tue Nov 15 13:12:40 MST 2016 - carnold@suse.com + +- Update to Xen Version 4.7.1 + xen-4.7.1-testing-src.tar.bz2 +- Dropped patches contained in new tarball + xen-4.7.0-testing-src.tar.bz2 + 575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch + 57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch + 57973099-have-schedulers-revise-initial-placement.patch + 579730e6-remove-buggy-initial-placement-algorithm.patch + 57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch + 57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch + 57ac6316-don-t-restrict-DMA-heap-to-node-0.patch + 57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch + 57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch + 57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch + 57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch + 57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch + 57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch + 57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch + 57c82be2-x86-32on64-adjust-call-gate-emulation.patch + 57c93e52-fix-error-in-libxl_device_usbdev_list.patch + 57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch + 57c96e2c-x86-correct-PT_NOTE-file-position.patch + 57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch + 57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch + 57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch + 57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch + 57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch + 57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch + 57d7ca5f-x86-domctl-fix-TOCTOU-race-in-XEN_DOMCTL_getvcpuextstate.patch + 57d7ca64-x86-domctl-fix-migration-of-guests-not-using-xsave.patch + 57da8883-credit1-fix-mask-to-be-used-for-tickling.patch + 57da8883-credit2-properly-schedule-migration-of-running-vcpu.patch + 57dfb1c5-x86-Intel-hide-CPUID-faulting-capability-from-guests.patch + 57e93e1d-x86emul-correct-loading-of-ss.patch + 57e93e4a-x86emul-don-t-allow-null-selector-for-LTR.patch + 57e93e89-x86-AMD-apply-erratum-665-workaround.patch + 57ee6cbc-credit1-return-time-remaining-to-limit-as-next-timeslice.patch + 57f3a8ee-x86emul-honor-guest-CR0-TS-and-CR0-EM.patch + 57fb6a91-x86-defer-not-present-segment-checks.patch + 5800c51d-x86-hvm-Clobber-cs-L-when-LME-becomes-set.patch + 5800caec-x86emul-fix-pushing-of-selector-registers.patch + 5800cb06-x86-Viridian-don-t-depend-on-undefined-register-state.patch + 580e29f9-x86-MISALIGNSSE-feature-depends-on-SSE.patch + 57dfb2ff-x86-Intel-Broadwell-no-PKG_C8-10_RESIDENCY-MSRs.patch + +------------------------------------------------------------------- +Mon Nov 7 15:08:58 MST 2016 - carnold@suse.com + +- bsc#1004981 - Xen RPM doesn't contain debug hypervisor for EFI + systems + xen.spec + +------------------------------------------------------------------- +Thu Nov 3 09:30:24 MDT 2016 - carnold@suse.com + +- bsc#1000106 - VUL-0: CVE-2016-7777: xen: CR0.TS and CR0.EM not + always honored for x86 HVM guests (XSA-190) + 57f3a8ee-x86emul-honor-guest-CR0-TS-and-CR0-EM.patch +- bsc#996191 - [XEN][acpi]residency -n 88 -c will cause xen panic + on broadwell-ep + 57dfb2ff-x86-Intel-Broadwell-no-PKG_C8-10_RESIDENCY-MSRs.patch +- Upstream patches from Jan + 57d7ca5f-x86-domctl-fix-TOCTOU-race-in-XEN_DOMCTL_getvcpuextstate.patch + 57d7ca64-x86-domctl-fix-migration-of-guests-not-using-xsave.patch + 57da8883-credit1-fix-mask-to-be-used-for-tickling.patch + 57da8883-credit2-properly-schedule-migration-of-running-vcpu.patch + 57dfb1c5-x86-Intel-hide-CPUID-faulting-capability-from-guests.patch + 57e93e1d-x86emul-correct-loading-of-ss.patch + 57e93e4a-x86emul-don-t-allow-null-selector-for-LTR.patch + 57e93e89-x86-AMD-apply-erratum-665-workaround.patch + 57ee6cbc-credit1-return-time-remaining-to-limit-as-next-timeslice.patch + 57fb6a91-x86-defer-not-present-segment-checks.patch + 5800c51d-x86-hvm-Clobber-cs-L-when-LME-becomes-set.patch + 5800caec-x86emul-fix-pushing-of-selector-registers.patch + 5800cb06-x86-Viridian-don-t-depend-on-undefined-register-state.patch + 580e29f9-x86-MISALIGNSSE-feature-depends-on-SSE.patch + 5810a9cc-x86-emul-Correct-decoding-of-SReg3-operands.patch + +------------------------------------------------------------------- +Wed Nov 2 10:30:58 MDT 2016 - carnold@suse.com + +- bsc#1007941 - Xen tools limit the number of vcpus to 256 when the + system has 384 + xen-arch-kconfig-nr_cpus.patch + +------------------------------------------------------------------- +Tue Nov 1 09:37:08 MDT 2016 - carnold@suse.com + +- bsc#1007157 - VUL-0: CVE-2016-8910: xen: net: rtl8139: infinite + loop while transmit in C+ mode + CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch + +------------------------------------------------------------------- +Mon Oct 17 10:00:19 MDT 2016 - carnold@suse.com + +- bsc#1005004 - CVE-2016-8667: xen: dma: rc4030 divide by zero + error in set_next_tick + CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch +- bsc#1005005 - VUL-0: CVE-2016-8669: xen: char: divide by zero + error in serial_update_parameters + CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch + +------------------------------------------------------------------- +Wed Oct 5 10:55:45 MDT 2016 - carnold@suse.com + +- bsc#1003030 - VUL-0: CVE-2016-7908: xen: net: Infinite loop in + mcf_fec_do_tx + CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch +- bsc#1003032 - VUL-0: CVE-2016-7909: xen: net: pcnet: infinite + loop in pcnet_rdra_addr + CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch + ------------------------------------------------------------------- Mon Sep 12 08:44:11 MDT 2016 - carnold@suse.com diff --git a/xen.libxl.dmmd.patch b/xen.libxl.dmmd.patch index 684e437..a502443 100644 --- a/xen.libxl.dmmd.patch +++ b/xen.libxl.dmmd.patch @@ -7,13 +7,20 @@ References: bsc#954872 tools/libxl/libxlu_disk_l.l | 2 ++ 4 files changed, 37 insertions(+), 6 deletions(-) -Index: xen-4.7.0-testing/tools/libxl/libxl.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl.c -+++ xen-4.7.0-testing/tools/libxl/libxl.c -@@ -2522,6 +2522,10 @@ static void device_disk_add(libxl__egc * - /* now create a phy device to export the device to the guest */ - goto do_backend_phy; +--- a/tools/libs/light/libxl_disk.c ++++ b/tools/libs/light/libxl_disk.c +@@ -237,7 +237,7 @@ static int libxl__device_disk_setdefault + return rc; + } + +-static int libxl__device_from_disk(libxl__gc *gc, uint32_t domid, ++int libxl__device_from_disk(libxl__gc *gc, uint32_t domid, + const libxl_device_disk *disk, + libxl__device *device) + { +@@ -414,6 +414,10 @@ static void device_disk_add(libxl__egc * + assert(device->backend_kind == LIBXL__DEVICE_KIND_VBD3); + break; case LIBXL_DISK_BACKEND_QDISK: + if (disk->script) { + script = libxl__abs_path(gc, disk->script, libxl__xen_script_dir_path()); @@ -21,12 +28,10 @@ Index: xen-4.7.0-testing/tools/libxl/libxl.c + } flexarray_append(back, "params"); flexarray_append(back, GCSPRINTF("%s:%s", - libxl__device_disk_string_of_format(disk->format), disk->pdev_path)); -Index: xen-4.7.0-testing/tools/libxl/libxl_device.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_device.c -+++ xen-4.7.0-testing/tools/libxl/libxl_device.c -@@ -293,7 +293,8 @@ static int disk_try_backend(disk_try_bac + libxl__device_disk_string_of_format(disk->format), +--- a/tools/libs/light/libxl_device.c ++++ b/tools/libs/light/libxl_device.c +@@ -361,7 +361,8 @@ static int disk_try_backend(disk_try_bac return backend; case LIBXL_DISK_BACKEND_QDISK: @@ -35,13 +40,11 @@ Index: xen-4.7.0-testing/tools/libxl/libxl_device.c + a->disk->vdev, a->disk->script, libxl_disk_backend_to_string(backend)); return backend; - default: -Index: xen-4.7.0-testing/tools/libxl/libxl_dm.c -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_dm.c -+++ xen-4.7.0-testing/tools/libxl/libxl_dm.c -@@ -903,6 +903,30 @@ static char *qemu_disk_ide_drive_string( - return drive; + case LIBXL_DISK_BACKEND_STANDALONE: +--- a/tools/libs/light/libxl_dm.c ++++ b/tools/libs/light/libxl_dm.c +@@ -1181,6 +1181,30 @@ out: + return rc; } +static void libxl__suse_node_to_path(libxl__gc *gc, int domid, const libxl_device_disk *dp, const char **pdev_path) @@ -69,9 +72,9 @@ Index: xen-4.7.0-testing/tools/libxl/libxl_dm.c +} + static int libxl__build_device_model_args_new(libxl__gc *gc, - const char *dm, int guest_domid, - const libxl_domain_config *guest_config, -@@ -1326,9 +1350,11 @@ static int libxl__build_device_model_arg + const char *dm, int guest_domid, + const libxl_domain_config *guest_config, +@@ -1873,9 +1897,11 @@ static int libxl__build_device_model_arg libxl__device_disk_dev_number(disks[i].vdev, &disk, &part); const char *format; char *drive; @@ -82,22 +85,11 @@ Index: xen-4.7.0-testing/tools/libxl/libxl_dm.c + libxl__suse_node_to_path(gc, guest_domid, disks + i, &target_path); + if (dev_number == -1) { - LOG(WARN, "unable to determine"" disk number for %s", - disks[i].vdev); -@@ -1369,7 +1395,7 @@ static int libxl__build_device_model_arg - * the bootloader path. - */ - if (disks[i].backend == LIBXL_DISK_BACKEND_TAP) -- target_path = libxl__blktap_devpath(gc, disks[i].pdev_path, -+ target_path = libxl__blktap_devpath(gc, target_path, - disks[i].format); - else - target_path = libxl__device_disk_find_local_path(gc, -Index: xen-4.7.0-testing/tools/libxl/libxlu_disk_l.l -=================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxlu_disk_l.l -+++ xen-4.7.0-testing/tools/libxl/libxlu_disk_l.l -@@ -228,6 +228,8 @@ target=.* { STRIP(','); SAVESTRING("targ + LOGD(WARN, guest_domid, "unable to determine"" disk number for %s", + disks[i].vdev); +--- a/tools/libs/util/libxlu_disk_l.l ++++ b/tools/libs/util/libxlu_disk_l.l +@@ -256,6 +256,8 @@ target=.* { STRIP(','); SAVESTRING("targ free(newscript); } @@ -106,3 +98,16 @@ Index: xen-4.7.0-testing/tools/libxl/libxlu_disk_l.l tapdisk:/.* { DPC->had_depr_prefix=1; DEPRECATE(0); } tap2?:/.* { DPC->had_depr_prefix=1; DEPRECATE(0); } aio:/.* { DPC->had_depr_prefix=1; DEPRECATE(0); } +--- a/tools/libs/light/libxl_internal.h ++++ b/tools/libs/light/libxl_internal.h +@@ -2070,6 +2070,10 @@ _hidden char *libxl__object_to_json(libx + _hidden int libxl__cpuid_legacy(libxl_ctx *ctx, uint32_t domid, bool retore, + libxl_domain_build_info *info); + ++_hidden int libxl__device_from_disk(libxl__gc *gc, uint32_t domid, ++ const libxl_device_disk *disk, ++ libxl__device *device); ++ + /* Calls poll() again - useful to check whether a signaled condition + * is still true. Cannot fail. Returns currently-true revents. */ + _hidden short libxl__fd_poll_recheck(libxl__egc *egc, int fd, short events); diff --git a/xen.spec b/xen.spec index 83263f3..ef6a83f 100644 --- a/xen.spec +++ b/xen.spec @@ -1,7 +1,7 @@ # # spec file for package xen # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2025 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,22 +12,28 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # - - # needssslcertforbuild + +#Compat macro for new _fillupdir macro introduced in Nov 2017 +%if ! %{defined _fillupdir} + %define _fillupdir /var/adm/fillup-templates +%endif + +# Tumbleweed now defines _libexecdir as /usr/libexec +# Keep it at the original location (/usr/lib) for backward compatibility +%define _libexecdir /usr/lib + +%{?!primary_python:%define primary_python python3} + Name: xen -ExclusiveArch: %ix86 x86_64 %arm aarch64 -%define changeset 31594 -%define xen_build_dir xen-4.7.0-testing +ExclusiveArch: %ix86 x86_64 aarch64 +%define xen_build_dir xen-4.20.0-testing # -%define with_kmp 0 %define with_gdbsx 0 %define with_dom0_support 0 -%define with_qemu_traditional 0 -%bcond_with xen_oxenstored %ifarch x86_64 %bcond_without xen_debug %bcond_without xen_stubdom @@ -36,24 +42,15 @@ ExclusiveArch: %ix86 x86_64 %arm aarch64 %bcond_with xen_stubdom %endif # +%define qemu_arch i386 %ifarch x86_64 -%define with_kmp 0 %define with_gdbsx 1 %define with_dom0_support 1 -%define with_qemu_traditional 1 %endif # %ifarch %arm aarch64 %define with_dom0_support 1 -%endif -# -%define max_cpus 4 -%ifarch x86_64 -%if %suse_version >= 1315 -%define max_cpus 1024 -%else -%define max_cpus 512 -%endif +%define qemu_arch aarch64 %endif # %define xen_install_suffix %{nil} @@ -67,50 +64,32 @@ ExclusiveArch: %ix86 x86_64 %arm aarch64 # 12.2+ have gcc 4.7 as default compiler %define with_gcc47 0 %define with_gcc48 0 -%if %suse_version == 1110 -%define with_gcc48 1 -%endif %define _fwdefdir /etc/sysconfig/SuSEfirewall2.d/services -%define with_systemd 0 -%if %suse_version > 1220 -%define with_systemd 1 -%define include_systemd_preset 0 -%if %suse_version <= 1320 -%define include_systemd_preset 1 -%endif %systemd_requires -BuildRequires: systemd-devel +BuildRequires: pkgconfig(libsystemd) %define with_systemd_modules_load %{_prefix}/lib/modules-load.d -%else -PreReq: %insserv_prereq -%endif PreReq: %fillup_prereq %ifarch %arm aarch64 +%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120200 ) +BuildRequires: libfdt-devel +%else BuildRequires: libfdt1-devel %endif -%ifarch %ix86 x86_64 -BuildRequires: dev86 %endif -#!BuildIgnore: gcc-PIE -# JWF: Until Anthony's series to load BIOS via toolstack is merged, -# autoconf is needed by autogen.sh. -# http://lists.xenproject.org/archives/html/xen-devel/2016-03/msg01626.html -BuildRequires: autoconf >= 2.67 BuildRequires: bison BuildRequires: fdupes +%if 0%{?suse_version} > 1315 BuildRequires: figlet +%endif BuildRequires: flex BuildRequires: glib2-devel BuildRequires: libaio-devel BuildRequires: libbz2-devel +BuildRequires: libnl3-devel BuildRequires: libpixman-1-0-devel BuildRequires: libuuid-devel BuildRequires: libxml2-devel BuildRequires: libyajl-devel -%if %{?with_qemu_traditional}0 -BuildRequires: SDL-devel -BuildRequires: pciutils-devel -%endif %if %{with xen_stubdom} %if 0%{?suse_version} < 1230 BuildRequires: texinfo @@ -118,32 +97,18 @@ BuildRequires: texinfo BuildRequires: makeinfo %endif %endif -BuildRequires: ncurses-devel -%if %{?with_dom0_support}0 -%if %{with xen_oxenstored} -BuildRequires: ocaml -BuildRequires: ocaml-compiler-libs -BuildRequires: ocaml-findlib -BuildRequires: ocaml-ocamldoc -BuildRequires: ocaml-runtime -%endif -%endif -BuildRequires: openssl-devel -BuildRequires: python-devel -%if %{?with_systemd}0 -BuildRequires: systemd -%endif -%if %suse_version >= 1120 -BuildRequires: xz-devel -%endif -%if %suse_version <= 1110 -BuildRequires: pmtools -%else -%ifarch %ix86 x86_64 BuildRequires: acpica -%endif -%endif +BuildRequires: libzstd-devel +BuildRequires: lzo-devel +BuildRequires: ncurses-devel +BuildRequires: openssl-devel +BuildRequires: python3-devel +BuildRequires: python3-setuptools +BuildRequires: xz-devel +BuildRequires: pkgconfig(systemd) %ifarch x86_64 +BuildRequires: gcc-32bit +BuildRequires: gcc-c++ %if %{?with_gcc47}0 BuildRequires: gcc47 %endif @@ -152,206 +117,118 @@ BuildRequires: gcc48 %endif BuildRequires: glibc-32bit BuildRequires: glibc-devel-32bit +BuildRequires: makeinfo %endif -%if %{?with_kmp}0 -BuildRequires: kernel-source -BuildRequires: kernel-syms -BuildRequires: module-init-tools -%if %suse_version >= 1230 -BuildRequires: lndir +%ifarch x86_64 BuildRequires: pesign-obs-integration -%else -BuildRequires: xorg-x11-util-devel -%endif %endif +BuildRequires: python-rpm-macros +Provides: installhint(reboot-needed) -Version: 4.7.0_12 +Version: 4.20.0_08 Release: 0 Summary: Xen Virtualization: Hypervisor (aka VMM aka Microkernel) -License: GPL-2.0 +License: GPL-2.0-only Group: System/Kernel -Source0: xen-4.7.0-testing-src.tar.bz2 +Source0: xen-4.20.0-testing-src.tar.bz2 Source1: stubdom.tar.bz2 -Source2: qemu-xen-traditional-dir-remote.tar.bz2 -Source5: ipxe.tar.bz2 -Source6: mini-os.tar.bz2 +Source2: mini-os.tar.bz2 Source9: xen.changes Source10: README.SUSE Source11: boot.xen Source12: boot.local.xenU -Source15: logrotate.conf +Source13: xen-supportconfig +Source14: logrotate.conf Source21: block-npiv-common.sh Source22: block-npiv Source23: block-npiv-vport -Source26: init.xen_loop -%if %{?with_kmp}0 -Source28: kmp_filelist -%endif -Source29: block-dmmd +Source24: block-dmmd # Xen API remote authentication sources Source30: etc_pam.d_xen-api Source31: xenapiusers # Init script and sysconf file for pciback Source34: init.pciback Source35: sysconfig.pciback -Source36: xnloader.py -Source37: xen2libvirt.py +Source36: xen2libvirt.py # Systemd service files Source41: xencommons.service Source42: xen-dom0-modules.service -Source57: xen-utils-0.1.tar.bz2 +Source10172: xendomains-wait-disks.sh +Source10173: xendomains-wait-disks.LICENSE +Source10174: xendomains-wait-disks.README.md +Source10183: xen_maskcalc.py # For xen-libs Source99: baselibs.conf # Upstream patches -Patch1: 57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch -Patch2: 575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch -Patch3: 576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch -Patch4: 57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch -Patch5: 5769106e-x86-generate-assembler-equates-for-synthesized.patch -Patch6: 57973099-have-schedulers-revise-initial-placement.patch -Patch7: 579730e6-remove-buggy-initial-placement-algorithm.patch -Patch8: 57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch -Patch9: 57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch -Patch10: 57a1e603-x86-time-adjust-local-system-time-initialization.patch -Patch11: 57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch -Patch12: 57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch -Patch13: 57a30261-x86-support-newer-Intel-CPU-models.patch -Patch14: 57ac6316-don-t-restrict-DMA-heap-to-node-0.patch -Patch15: 57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch -Patch16: 57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch -Patch17: 57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch -Patch18: 57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch -Patch19: 57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch -Patch20: 57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch -Patch21: 57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch -Patch22: 57c82be2-x86-32on64-adjust-call-gate-emulation.patch -Patch23: 57c93e52-fix-error-in-libxl_device_usbdev_list.patch -Patch24: 57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch -Patch25: 57c96e2c-x86-correct-PT_NOTE-file-position.patch -Patch26: 57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch -Patch27: 57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch -Patch28: 57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch -Patch29: 57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch -Patch30: 57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch -Patch31: 57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch -# Upstream qemu-traditional patches -Patch250: VNC-Support-for-ExtendedKeyEvent-client-message.patch -Patch251: 0001-net-move-the-tap-buffer-into-TAPState.patch -Patch252: 0002-net-increase-tap-buffer-size.patch -Patch253: 0003-e1000-fix-access-4-bytes-beyond-buffer-end.patch -Patch254: 0004-e1000-secrc-support.patch -Patch255: 0005-e1000-multi-buffer-packet-support.patch -Patch256: 0006-e1000-clear-EOP-for-multi-buffer-descriptors.patch -Patch257: 0007-e1000-verify-we-have-buffers-upfront.patch -Patch258: 0008-e1000-check-buffer-availability.patch -Patch259: CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch -Patch260: CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch -Patch261: CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch -Patch262: CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch -Patch263: CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch -Patch264: CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch -Patch265: CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch -Patch266: CVE-2015-4037-qemut-smb-config-dir-name.patch -Patch267: CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch -Patch268: CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch -Patch269: CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch -Patch270: CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch -Patch271: CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch -Patch272: CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch -Patch273: CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch -Patch274: CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch -Patch275: CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch -Patch276: CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch -Patch277: CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch -Patch278: CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch -Patch279: CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch -Patch280: CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch -Patch281: CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch -# qemu-traditional patches that are not upstream -Patch350: blktap.patch -Patch351: cdrom-removable.patch -Patch353: xen-qemu-iscsi-fix.patch -Patch354: qemu-security-etch1.patch -Patch355: xen-disable-qemu-monitor.patch -Patch356: xen-hvm-default-bridge.patch -Patch357: qemu-ifup-set-mtu.patch -Patch358: ioemu-vnc-resize.patch -Patch359: capslock_enable.patch -Patch360: altgr_2.patch -Patch361: log-guest-console.patch -Patch370: bdrv_open2_fix_flags.patch -Patch371: bdrv_open2_flags_2.patch -Patch372: ioemu-7615-qcow2-fix-alloc_cluster_link_l2.patch -Patch373: qemu-dm-segfault.patch -Patch374: bdrv_default_rwflag.patch -Patch375: kernel-boot-hvm.patch -Patch376: ioemu-watchdog-support.patch -Patch377: ioemu-watchdog-linkage.patch -Patch378: ioemu-watchdog-ib700-timer.patch -Patch379: ioemu-hvm-pv-support.patch -Patch380: pvdrv_emulation_control.patch -Patch381: ioemu-disable-scsi.patch -Patch382: ioemu-disable-emulated-ide-if-pv.patch -Patch383: xenpaging.qemu.flush-cache.patch +# EMBARGOED security fixes +# libxc +Patch301: libxc-bitmap-long.patch +Patch302: libxc-sr-xl-migration-debug.patch +Patch303: libxc-sr-readv_exact.patch +Patch304: libxc-sr-save-show_transfer_rate.patch +Patch305: libxc-sr-save-mfns.patch +Patch306: libxc-sr-save-types.patch +Patch307: libxc-sr-save-errors.patch +Patch308: libxc-sr-save-iov.patch +Patch309: libxc-sr-save-rec_pfns.patch +Patch310: libxc-sr-save-guest_data.patch +Patch311: libxc-sr-save-local_pages.patch +Patch312: libxc-sr-restore-pfns.patch +Patch313: libxc-sr-restore-types.patch +Patch314: libxc-sr-restore-mfns.patch +Patch315: libxc-sr-restore-map_errs.patch +Patch316: libxc-sr-restore-populate_pfns-pfns.patch +Patch317: libxc-sr-restore-populate_pfns-mfns.patch +Patch318: libxc-sr-restore-read_record.patch +Patch319: libxc-sr-restore-handle_buffered_page_data.patch +Patch320: libxc-sr-restore-handle_incoming_page_data.patch +Patch321: libxc-sr-LIBXL_HAVE_DOMAIN_SUSPEND_PROPS.patch +Patch322: libxc-sr-precopy_policy.patch +Patch323: libxc-sr-max_iters.patch +Patch324: libxc-sr-min_remaining.patch +Patch325: libxc-sr-abort_if_busy.patch +Patch326: libxc-sr-xg_sr_bitmap.patch +Patch327: libxc-sr-xg_sr_bitmap-populated_pfns.patch +Patch328: libxc-sr-restore-hvm-legacy-superpage.patch +Patch329: libxc-sr-track-migration-time.patch +Patch330: libxc-sr-number-of-iterations.patch # Our platform specific patches Patch400: xen-destdir.patch Patch401: vif-bridge-no-iptables.patch Patch402: vif-bridge-tap-fix.patch Patch403: xl-conf-default-bridge.patch +Patch404: xl-conf-disable-autoballoon.patch +Patch405: xen-arch-kconfig-nr_cpus.patch +Patch406: suse-xendomains-service.patch +Patch407: replace-obsolete-network-configuration-commands-in-s.patch +Patch408: ignore-ip-command-script-errors.patch # Needs to go upstream Patch420: suspend_evtchn_lock.patch -Patch421: xenpaging.doc.patch -Patch422: stubdom-have-iovec.patch -Patch423: vif-route.patch +Patch421: vif-route.patch # Other bug fixes or features +Patch450: xen.sysconfig-fillup.patch Patch451: xenconsole-no-multiple-connections.patch Patch452: hibernate.patch -Patch453: stdvga-cache.patch -Patch454: ipxe-enable-nics.patch -Patch455: pygrub-netware-xnloader.patch -Patch456: pygrub-boot-legacy-sles.patch -Patch457: pygrub-handle-one-line-menu-entries.patch -Patch458: aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch -Patch459: CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch -Patch460: libxl.pvscsi.patch -Patch461: xen.libxl.dmmd.patch -Patch462: libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch -Patch463: blktap2-no-uninit.patch -Patch464: libxl.set-migration-constraints-from-cmdline.patch +Patch453: xl-save-pc.patch +Patch454: pygrub-boot-legacy-sles.patch +Patch455: pygrub-handle-one-line-menu-entries.patch +Patch461: libxl.max_event_channels.patch +Patch463: libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch +Patch464: xen.libxl.dmmd.patch +Patch465: xenstore-run-in-studomain.patch +Patch466: libxl.helper_done-crash.patch +Patch467: libxl.LIBXL_HOTPLUG_TIMEOUT.patch +# python3 conversion patches +Patch500: build-python3-conversion.patch # Hypervisor and PV driver Patches -Patch501: x86-ioapic-ack-default.patch -Patch502: x86-cpufreq-report.patch -Patch520: xen_pvonhvm.xen_emul_unplug.patch -Patch521: supported_module.patch -Patch601: xen.build-compare.doc_html.patch -Patch602: xen.build-compare.man.patch -Patch603: ipxe-no-error-logical-not-parentheses.patch -Patch604: ipxe-use-rpm-opt-flags.patch -# Anthony's "load BIOS via toolstack" patches -# http://lists.xenproject.org/archives/html/xen-devel/2016-03/msg01626.html -Patch700: 0001-libxc-Rework-extra-module-initialisation.patch -Patch701: 0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch -Patch702: 0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch -Patch703: 0004-firmware-makefile-install-BIOS-blob.patch -Patch704: 0005-libxl-Load-guest-BIOS-from-file.patch -Patch705: 0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch -Patch706: 0007-hvmloader-Grab-the-hvm_start_info-pointer.patch -Patch707: 0008-hvmloader-Locate-the-BIOS-blob.patch -Patch708: 0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch -Patch709: 0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch -Patch710: 0011-hvmloader-Load-OVMF-from-modules.patch -Patch711: 0012-hvmloader-Specific-bios_load-function-required.patch -Patch712: 0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch -Patch713: 0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch +Patch600: xen.bug1026236.suse_vtsc_tolerance.patch +Patch601: x86-ioapic-ack-default.patch +Patch602: xenwatchdogd-restart.patch +Patch621: xen.build-compare.doc_html.patch # Build patches -Patch99996: xen.stubdom.newlib.patch -Patch99998: tmp_build.patch -Url: http://www.cl.cam.ac.uk/Research/SRG/netos/xen/ +URL: http://www.cl.cam.ac.uk/Research/SRG/netos/xen/ BuildRoot: %{_tmppath}/%{name}-%{version}-build -%define pyver %(python -c "import sys; print sys.version[:3]") -%if %{?with_kmp}0 -%suse_kernel_module_package -n xen um pv xen -f kmp_filelist -%endif +%define pyver %(python3 -c "import sys; print(sys.version.rpartition('.')[0])") %description Xen is a virtual machine monitor for x86 that supports execution of @@ -360,50 +237,11 @@ performance and resource isolation. This package contains the Xen Hypervisor. (tm) -Modern computers are sufficiently powerful to use virtualization to -present the illusion of many smaller virtual machines (VMs), each -running a separate operating system instance. Successful partitioning -of a machine to support the concurrent execution of multiple operating -systems poses several challenges. Firstly, virtual machines must be -isolated from one another: It is not acceptable for the execution of -one to adversely affect the performance of another. This is -particularly true when virtual machines are owned by mutually -untrusting users. Secondly, it is necessary to support a variety of -different operating systems to accommodate the heterogeneity of popular -applications. Thirdly, the performance overhead introduced by -virtualization should be small. - -Xen uses a technique called paravirtualization: The guest OS is -modified, mainly to enhance performance. - -The Xen hypervisor (microkernel) does not provide device drivers for -your hardware (except for CPU and memory). This job is left to the -kernel that's running in domain 0. Thus the domain 0 kernel is -privileged; it has full hardware access. It's started immediately after -Xen starts up. Other domains have no access to the hardware; instead -they use virtual interfaces that are provided by Xen (with the help of -the domain 0 kernel). - -In addition to this package you need to install the kernel-xen, xen-libs -and xen-tools packages to use Xen. Xen version 3 and newer also supports -running unmodified guests using full virtualization, if appropriate hardware -is present. - [Hypervisor is a trademark of IBM] - - -Authors: --------- - Ian Pratt - Keir Fraser - Christian Limpach - Mark Williamson - Ewan Mellor - ... - %package libs Summary: Xen Virtualization: Libraries +License: GPL-2.0-only Group: System/Kernel %description libs @@ -414,8 +252,8 @@ performance and resource isolation. This package contains the libraries used to interact with the Xen virtual machine monitor. -In addition to this package you need to install kernel-xen, xen and -xen-tools to use Xen. +In addition to this package you need to install xen and xen-tools +to use Xen. Authors: @@ -427,28 +265,29 @@ Authors: %package tools Summary: Xen Virtualization: Control tools for domain 0 +License: GPL-2.0-only Group: System/Kernel -Requires: bridge-utils +%if 0%{?suse_version} > 1500 +BuildRequires: pam-devel +%endif %ifarch x86_64 -%if %suse_version >= 1315 +%if 0%{?suse_version} >= 1315 Requires: grub2-x86_64-xen %endif -# Uncomment when ovmf is supported -#Requires: qemu-ovmf-x86_64 +Recommends: qemu-ovmf-x86_64 Requires: qemu-x86 %endif %ifarch %arm aarch64 Requires: qemu-arm %endif -Requires: multipath-tools -Requires: python -Requires: python-curses -Requires: python-lxml -Requires: python-openssl -Requires: python-pam -Requires: python-xml +Requires: %{name} = %{version}-%{release} +Requires: %{name}-libs = %{version}-%{release} +Recommends: multipath-tools +Requires: %{primary_python} +Requires: %{primary_python}-curses +%ifarch %{ix86} x86_64 Requires: qemu-seabios -Requires: xen-libs = %{version} +%endif # subpackage existed in 10.3 Provides: xen-tools-ioemu = %{version} Obsoletes: xen-tools-ioemu < %{version} @@ -462,8 +301,8 @@ performance and resource isolation. This package contains the control tools that allow you to start, stop, migrate, and manage virtual machines. -In addition to this package you need to install kernel-xen, xen and -xen-libs to use Xen. +In addition to this package you need to install xen and xen-libs +to use Xen. Authors: @@ -471,12 +310,39 @@ Authors: Ian Pratt +%ifarch x86_64 +%package tools-xendomains-wait-disk +Summary: Adds a new xendomains-wait-disks.service +License: GPL-3.0-or-later +Group: System/Kernel +Requires: %{name}-tools = %{version}-%{release} +Requires: coreutils +Requires: sed +Requires: vim +BuildArch: noarch + +%description tools-xendomains-wait-disk +This package adds a new service named xendomains-wait-disks.service, +that simply calls xendomains-wait-disks. xendomains-wait-disks script +loops checking for the presence of every disk used by domU that +xendomains.service will try to launch. The script returns when +all disks become available or xendomains-wait-disks.service expires. + +xendomains-wait-disks.service has the same dependencies as +xendomains.service, but it adds itself as a Wanted service for xendomains. +If xendomains-wait-disks.service fails, xendomains.service is launched anyway. + +https://github.com/luizluca/xen-tools-xendomains-wait-disk +%endif + %endif %package tools-domU Summary: Xen Virtualization: Control tools for domain U +License: GPL-2.0-only Group: System/Kernel -Conflicts: xen-tools +Conflicts: %{name}-tools +Requires: %{name}-libs = %{version}-%{release} %description tools-domU Xen is a virtual machine monitor for x86 that supports execution of @@ -494,9 +360,10 @@ Authors: %package devel Summary: Xen Virtualization: Headers and libraries for development +License: GPL-2.0-only Group: System/Kernel +Requires: %{name}-libs = %{version} Requires: libuuid-devel -Requires: xen-libs = %{version} %description devel Xen is a virtual machine monitor for x86 that supports execution of @@ -512,30 +379,11 @@ Authors: -------- Ian Pratt -%if %{?with_kmp}0 - -%package KMP -Summary: Xen para-virtual device drivers for fully virtualized guests -Group: System/Kernel -Conflicts: xen -%if %suse_version >= 1230 -Requires: pesign-obs-integration -%endif - -%description KMP -Xen is a virtual machine monitor for x86 that supports execution of -multiple guest operating systems with unprecedented levels of -performance and resource isolation. - -This package contains the Xen para-virtual device drivers for fully -virtualized guests. - -%endif - %if %{?with_dom0_support}0 %package doc-html Summary: Xen Virtualization: HTML documentation +License: GPL-2.0-only Group: Documentation/HTML %description doc-html @@ -554,156 +402,11 @@ Authors: %endif %prep -%setup -q -n %xen_build_dir -a 1 -a 2 -a 5 -a 6 -a 57 -# Upstream patches -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch6 -p1 -%patch7 -p1 -%patch8 -p1 -%patch9 -p1 -%patch10 -p1 -%patch11 -p1 -%patch12 -p1 -%patch13 -p1 -%patch14 -p1 -%patch15 -p1 -%patch16 -p1 -%patch17 -p1 -%patch18 -p1 -%patch19 -p1 -%patch20 -p1 -%patch21 -p1 -%patch22 -p1 -%patch23 -p1 -%patch24 -p1 -%patch25 -p1 -%patch26 -p1 -%patch27 -p1 -%patch28 -p1 -%patch29 -p1 -%patch30 -p1 -%patch31 -p1 -# Upstream qemu patches -%patch250 -p1 -%patch251 -p1 -%patch252 -p1 -%patch253 -p1 -%patch254 -p1 -%patch255 -p1 -%patch256 -p1 -%patch257 -p1 -%patch258 -p1 -%patch259 -p1 -%patch260 -p1 -%patch261 -p1 -%patch262 -p1 -%patch263 -p1 -%patch264 -p1 -%patch265 -p1 -%patch266 -p1 -%patch267 -p1 -%patch268 -p1 -%patch269 -p1 -%patch270 -p1 -%patch271 -p1 -%patch272 -p1 -%patch273 -p1 -%patch274 -p1 -%patch275 -p1 -%patch276 -p1 -%patch277 -p1 -%patch278 -p1 -%patch279 -p1 -%patch280 -p1 -%patch281 -p1 -# Qemu traditional -%patch350 -p1 -%patch351 -p1 -%patch353 -p1 -%patch354 -p1 -%patch355 -p1 -%patch356 -p1 -%patch357 -p1 -%patch358 -p1 -%patch359 -p1 -%patch360 -p1 -%patch361 -p1 -%patch370 -p1 -%patch371 -p1 -%patch372 -p1 -%patch373 -p1 -%patch374 -p1 -%patch375 -p1 -%patch376 -p1 -%patch377 -p1 -%patch378 -p1 -%patch379 -p1 -%patch380 -p1 -%patch381 -p1 -%patch382 -p1 -%patch383 -p1 -# Our platform specific patches -%patch400 -p1 -%patch401 -p1 -%patch402 -p1 -%patch403 -p1 -# Needs to go upstream -%patch420 -p1 -%patch421 -p1 -%patch422 -p1 -%patch423 -p1 -# Other bug fixes or features -%patch451 -p1 -%patch452 -p1 -%patch453 -p1 -%patch454 -p1 -%patch455 -p1 -%patch456 -p1 -%patch457 -p1 -%patch458 -p1 -%patch459 -p1 -%patch460 -p1 -%patch461 -p1 -%patch462 -p1 -%patch463 -p1 -%patch464 -p1 -# Hypervisor and PV driver Patches -%patch501 -p1 -%patch502 -p1 -%patch520 -p1 -%patch521 -p1 -%patch601 -p1 -%patch602 -p1 -%patch603 -p1 -%patch604 -p1 -# Anthony's "load BIOS via toolstack" patches -# http://lists.xenproject.org/archives/html/xen-devel/2016-03/msg01626.html -%patch700 -p1 -%patch701 -p1 -%patch702 -p1 -%patch703 -p1 -%patch704 -p1 -%patch705 -p1 -%patch706 -p1 -%patch707 -p1 -%patch708 -p1 -%patch709 -p1 -%patch710 -p1 -%patch711 -p1 -%patch712 -p1 -%patch713 -p1 -# Build patches -%patch99996 -p1 -%patch99998 -p1 +%setup -q -n %xen_build_dir -a 1 -a 2 +%autosetup -D -T -n %xen_build_dir -p1 %build -# JWF: Anthony's series to load BIOS from toolstack requires autogen.sh. -# http://lists.xenproject.org/archives/html/xen-devel/2016-03/msg01626.html -./autogen.sh +%define _lto_cflags %{nil} # we control the version info of this package # to gain control of filename of xen.gz @@ -720,22 +423,28 @@ XEN_EXTRAVERSION="${XEN_EXTRAVERSION%%.*}" XEN_FULLVERSION="$XEN_VERSION.$XEN_SUBVERSION.$XEN_EXTRAVERSION" XEN_BUILD_DATE="`date -u -d '1970-01-01'`" XEN_BUILD_TIME="`date -u -d '1970-01-01' +%%T`" -SMBIOS_DATE="`date -u -d '1970-01-01' +%%m/%%d/%%Y`" +SMBIOS_REL_DATE="`date -u -d '1970-01-01' +%%m/%%d/%%Y`" RELDATE="`date -u -d '1970-01-01' '+%%d %%b %%Y'`" if test -r %{S:9} then XEN_BUILD_DATE="` date -u -d \"$(sed -n '/@/{s/ - .*$//p;q}' %{S:9})\" `" XEN_BUILD_TIME="` date -u -d \"$(sed -n '/@/{s/ - .*$//p;q}' %{S:9})\" +%%T`" - SMBIOS_DATE="` date -u -d \"$(sed -n '/@/{s/ - .*$//p;q}' %{S:9})\" +%%m/%%d/%%Y`" + SMBIOS_REL_DATE="` date -u -d \"$(sed -n '/@/{s/ - .*$//p;q}' %{S:9})\" +%%m/%%d/%%Y`" RELDATE="` date -u -d \"$(sed -n '/@/{s/ - .*$//p;q}' %{S:9})\" '+%%d %%b %%Y'`" fi cat > .our_xenversion <<_EOV_ export WGET=$(type -P false) export FTP=$(type -P false) export GIT=$(type -P false) -export EXTRA_CFLAGS_XEN_TOOLS="$RPM_OPT_FLAGS" -export EXTRA_CFLAGS_QEMU_TRADITIONAL="$RPM_OPT_FLAGS" -export SMBIOS_DATE="$SMBIOS_DATE" +%ifarch aarch64 +# GCC10+ enables outline-atomics option by default and breaks the build, so disable it +%if 0%{?suse_version} >= 1550 +export CFLAGS="%{optflags} -mno-outline-atomics" +%endif +%endif +export EXTRA_CFLAGS_XEN_TOOLS="%{optflags}" +export EXTRA_CFLAGS_QEMU_TRADITIONAL="%{optflags}" +export SMBIOS_REL_DATE="$SMBIOS_REL_DATE" export RELDATE="$RELDATE" XEN_VERSION=$XEN_VERSION XEN_SUBVERSION=$XEN_SUBVERSION @@ -743,7 +452,6 @@ XEN_EXTRAVERSION=$XEN_EXTRAVERSION XEN_FULLVERSION=$XEN_FULLVERSION _EOV_ source ./.our_xenversion -echo "%{changeset}" > xen/.scmversion sed -i~ " s/XEN_VERSION[[:blank:]]*=.*/XEN_VERSION = $XEN_VERSION/ s/XEN_SUBVERSION[[:blank:]]*=.*/XEN_SUBVERSION = $XEN_SUBVERSION/ @@ -758,19 +466,21 @@ if diff -u xen/Makefile~ xen/Makefile then : no changes? fi + configure_flags= +configure_flags="--with-system-qemu=%{_bindir}/qemu-system-%{qemu_arch}" %if %{with xen_stubdom} -configure_flags=--enable-stubdom +configure_flags="${configure_flags} --enable-stubdom" %else -configure_flags=--disable-stubdom +# change the/our default to daemon due to lack of stubdom +sed -i~ 's/ XENSTORETYPE=domain$/ XENSTORETYPE=daemon/' tools/hotplug/Linux/launch-xenstore.in +configure_flags="${configure_flags} --disable-stubdom" %endif -%if %{?with_qemu_traditional}0 -configure_flags="${configure_flags} --enable-qemu-traditional" -%else +export PYTHON=$(realpath /usr/bin/python3) configure_flags="${configure_flags} --disable-qemu-traditional" -%endif ./configure \ --disable-xen \ + --disable-pvshim \ --enable-tools \ --enable-docs \ --prefix=/usr \ @@ -779,68 +489,110 @@ configure_flags="${configure_flags} --disable-qemu-traditional" --sbindir=%{_sbindir} \ --libdir=%{_libdir} \ --libexecdir=%{_libexecdir} \ + --with-libexec-leaf-dir=%{name} \ --datadir=%{_datadir} \ - --with-xen-dumpdir=%{_sharedstatedir}/xen/dump \ --mandir=%{_mandir} \ --includedir=%{_includedir} \ --docdir=%{_defaultdocdir}/xen \ --with-initddir=%{_initddir} \ -%if %{?with_dom0_support}0 -%if %{with xen_oxenstored} - --with-xenstored=oxenstored \ -%endif -%endif -%if %{?with_systemd}0 + --with-rundir=%{_rundir} \ --enable-systemd \ --with-systemd=%{_unitdir} \ --with-systemd-modules-load=%{with_systemd_modules_load} \ -%else - --disable-systemd \ -%endif - --with-system-ovmf=%{_datadir}/qemu/ovmf-x86_64-ms.bin \ + --with-system-ovmf=%{_datadir}/qemu/ovmf-x86_64-xen-4m.bin \ --with-system-seabios=%{_datadir}/qemu/bios-256k.bin \ - --with-system-qemu=%{_bindir}/qemu-system-i386 \ ${configure_flags} make -C tools/include/xen-foreign %{?_smp_mflags} make %{?_smp_mflags} -%if %{?with_dom0_support}0 -make -C tools/xen-utils-0.1 XEN_INTREE_BUILD=yes XEN_ROOT=$PWD -%endif # -%if %{?with_kmp}0 -# PV driver modules -export XL=/usr/src/linux -export XEN=/usr/src/linux/include/xen -mkdir -p obj -for flavor in %flavors_to_build; do - rm -rf obj/$flavor - cp -r unmodified_drivers/linux-2.6 obj/$flavor - cd obj/$flavor - ./mkbuildtree - make -C /usr/src/linux-obj/%_target_cpu/$flavor modules \ - %{?_smp_mflags} \ - M=$PWD - cd ../.. -done -%endif %install source ./.our_xenversion # tools make \ - DESTDIR=$RPM_BUILD_ROOT \ - SYSCONFIG_DIR=/var/adm/fillup-templates \ + DESTDIR=%{buildroot} \ + SYSCONFIG_DIR=%{_fillupdir} \ + PKG_INSTALLDIR=%{_libdir}/pkgconfig \ + BASH_COMPLETION_DIR=%{_datadir}/bash-completion/completions \ %{?_smp_mflags} \ install -find $RPM_BUILD_ROOT -ls -for i in $RPM_BUILD_ROOT/var/adm/fillup-templates/* +find %{buildroot} -ls +for i in %{buildroot}/%{_fillupdir}/* do - mv -v $i ${i%/*}/sysconfig.${i##*/} + mv -v $i ${i%%/*}/sysconfig.${i##*/} done -%if %{?with_systemd}0 -udev_rulesdir=$RPM_BUILD_ROOT%{_udevrulesdir} +# +udev_rulesdir=%{buildroot}/%{_udevrulesdir} +tools_domU_dir=%{buildroot}/%{_libexecdir}/%{name}-tools-domU mkdir -p ${udev_rulesdir} +mkdir -p ${tools_domU_dir} +# +tee ${udev_rulesdir}/80-%{name}-tools-domU.rules <<'_EOR_' +# XenSource, Inc. Xen Platform Device +SUBSYSTEM=="pci", ATTR{modalias}=="pci:v00005853d00000001sv00005853sd00000001bcFFsc80i00", TAG+="systemd", ENV{SYSTEMD_WANTS}+="%{name}-vcpu-watch.service" +_EOR_ +# +tee %{buildroot}/%{_unitdir}/%{name}-vcpu-watch.service <<'_EOS_' +[Unit] +Description=Listen to CPU online/offline events from dom0 toolstack + +[Service] +Type=simple +ExecStart=%{_libexecdir}/%{name}-tools-domU/%{name}-vcpu-watch.sh +Restart=always +RestartSec=2 +_EOS_ +# +tee %{buildroot}/%{_libexecdir}/%{name}-tools-domU/%{name}-vcpu-watch.sh <<'_EOS_' +#!/bin/bash +unset LANG +unset ${!LC_*} +echo "$0 starting" >&2 +xenstore-watch cpu | while read +do + : xenstore event: ${REPLY} + case "${REPLY}" in + cpu) + : just started + ;; + cpu/[0-9]/availability|cpu/[0-9][0-9]/availability) + vcpu="${REPLY%%/*}" + vcpu="${vcpu#*/}" + sysfs="/sys/devices/system/cpu/cpu${vcpu}/online" + if test -f "${sysfs}" + then + availability="`xenstore-read \"${REPLY}\"`" + case "${availability}" in + online|offline) + if test "${availability}" = "online" + then + new_sysfs_state=1 + else + new_sysfs_state=0 + fi + read cur_sysfs_state rest < "${sysfs}" + if test "${cur_sysfs_state}" = "${new_sysfs_state}" + then + : the vcpu "${vcpu}" already has state "${availability}" via "${sysfs}" + else + : setting vcpu "${vcpu}" to "${availability}" via "${sysfs}" + echo "setting vcpu ${vcpu} to ${availability}" >&2 + echo "${new_sysfs_state}" > "${sysfs}" + fi + ;; + esac + fi + ;; + *) + : unhandled + ;; + esac +done +exit 1 +_EOS_ +chmod 755 %{buildroot}/%{_libexecdir}/%{name}-tools-domU/%{name}-vcpu-watch.sh +# tee ${udev_rulesdir}/60-persistent-xvd.rules <<'_EOR_' ACTION=="remove", GOTO="xvd_aliases_end" SUBSYSTEM!="block", GOTO="xvd_aliases_end" @@ -851,7 +603,13 @@ KERNEL=="xvd*[0-9]", ENV{VBD_HD_SYMLINK}=="hd[a-d]", SYMLINK+="$env{VBD_HD_SYML LABEL="xvd_aliases_end" _EOR_ # -dracut_moduledir=$RPM_BUILD_ROOT/usr/lib/dracut/modules.d/50%{name}-tools-domU +tee ${udev_rulesdir}/80-%{name}-channel-setup.rules <<'_EOF_' +SUBSYSTEM=="xen", DEVPATH=="/devices/console-[0-9]", IMPORT{program}=="xen-channel-setup.sh $attr{nodename} %%n" + +SUBSYSTEM=="xen", DEVPATH=="/devices/console-[0-9]", ENV{XEN_CHANNEL_NAME}=="org.qemu.guest_agent.0", TAG+="systemd", ENV{SYSTEMD_WANTS}+="qemu-ga@hvc%%n.service" +_EOF_ +# +dracut_moduledir=%{buildroot}/usr/lib/dracut/modules.d/50%{name}-tools-domU mkdir -p ${dracut_moduledir} tee ${dracut_moduledir}/module-setup.sh <<'_EOS_' #!/bin/bash @@ -869,8 +627,9 @@ install() { inst_rules 60-persistent-xvd.rules } _EOS_ +chmod 755 ${dracut_moduledir}/module-setup.sh # -udev_programdir=$RPM_BUILD_ROOT/usr/lib/udev +udev_programdir=%{buildroot}/usr/lib/udev mkdir -p ${udev_programdir} tee ${udev_programdir}/%{name}-tools-domU.sh <<'_EOS_' #!/bin/bash @@ -901,64 +660,96 @@ backend="`xenstore-read device/${d}/backend`" dev="`xenstore-read \"${backend}\"/dev`" test -n "${dev}" && echo "VBD_HD_SYMLINK=${dev}" _EOS_ +# +tee ${udev_programdir}/%{name}-channel-setup.sh <<'_EOF_' +#!/bin/bash + +if test "$#" -ne 2; then + exit 1 +fi + +channel_path="$1" +channel_num="$2" + +name="`xenstore-read \"$channel_path\"/name`" +test -z "$name" && exit 1 + +if test $name != "org.qemu.guest_agent.0"; then + exit 1 +fi + +mkdir -p /dev/xenchannel +devname=/dev/xenchannel/$name +# Xen's console devices are used for channels. See xen-pv-channel(7) +# for more details +ln -sfn /dev/hvc$channel_num $devname + +echo "XEN_CHANNEL_NAME=$name" +_EOF_ chmod 755 ${udev_programdir}/*.sh -%endif # EFI %if %{?with_dom0_support}0 -export BRP_PESIGN_FILES="*.ko *.efi /lib/firmware" -make -C xen install \ -%if %{?with_gcc47}0 - CC=gcc-4.7 \ -%endif -%if %{?with_gcc48}0 - CC=gcc-4.8 \ -%endif - max_phys_cpus=%{max_cpus} debug=n crash_debug=n DEBUG_DIR=/boot DESTDIR=$RPM_BUILD_ROOT %{?_smp_mflags} -make -C xen clean +arch=`uname -m` install_xen() { local ext="" - find $RPM_BUILD_ROOT/boot -ls + find %{buildroot}/boot -ls if [ -n "$1" ]; then ext="-$1" - mv $RPM_BUILD_ROOT/boot/xen-${XEN_FULLVERSION}%{xen_install_suffix} \ - $RPM_BUILD_ROOT/boot/xen${ext}-${XEN_FULLVERSION}%{xen_install_suffix} + mv %{buildroot}/boot/xen-syms-${XEN_FULLVERSION} \ + %{buildroot}/boot/xen-syms${ext}-${XEN_FULLVERSION} + mv %{buildroot}/boot/xen-${XEN_FULLVERSION}%{xen_install_suffix} \ + %{buildroot}/boot/xen${ext}-${XEN_FULLVERSION}%{xen_install_suffix} + if test -d %{buildroot}/%{_libdir}/efi; then + mv %{buildroot}/%{_libdir}/efi/xen-${XEN_FULLVERSION}.efi %{buildroot}/%{_libdir}/efi/xen${ext}-${XEN_FULLVERSION}.efi + ln -sf xen${ext}-${XEN_FULLVERSION}.efi %{buildroot}/%{_libdir}/efi/xen${ext}-$XEN_VERSION.$XEN_SUBVERSION.efi + ln -sf xen${ext}-${XEN_FULLVERSION}.efi %{buildroot}/%{_libdir}/efi/xen${ext}-$XEN_VERSION.efi + ln -sf xen${ext}-${XEN_FULLVERSION}.efi %{buildroot}/%{_libdir}/efi/xen${ext}.efi + fi + elif test -d %{buildroot}/%{_libdir}/efi; then + # Move the efi files to /usr/share/efi/ (fate#326960) + mkdir -p %{buildroot}/%{_datadir}/efi/$arch + mv %{buildroot}/%{_libdir}/efi/xen*.efi %{buildroot}/%{_datadir}/efi/$arch/ + ln -s %{_datadir}/efi/$arch/xen-${XEN_FULLVERSION}.efi %{buildroot}/%{_libdir}/efi/xen.efi fi - rm $RPM_BUILD_ROOT/boot/xen-$XEN_VERSION.$XEN_SUBVERSION%{xen_install_suffix} - rm $RPM_BUILD_ROOT/boot/xen-$XEN_VERSION%{xen_install_suffix} - rm $RPM_BUILD_ROOT/boot/xen%{xen_install_suffix} + rm %{buildroot}/boot/xen-$XEN_VERSION.$XEN_SUBVERSION%{xen_install_suffix} + rm %{buildroot}/boot/xen-$XEN_VERSION%{xen_install_suffix} + rm %{buildroot}/boot/xen%{xen_install_suffix} # Do not link to links; grub cannot follow. - ln -s xen${ext}-${XEN_FULLVERSION}%{xen_install_suffix} $RPM_BUILD_ROOT/boot/xen${ext}-$XEN_VERSION.$XEN_SUBVERSION%{xen_install_suffix} - ln -s xen${ext}-${XEN_FULLVERSION}%{xen_install_suffix} $RPM_BUILD_ROOT/boot/xen${ext}-$XEN_VERSION%{xen_install_suffix} - ln -s xen${ext}-${XEN_FULLVERSION}%{xen_install_suffix} $RPM_BUILD_ROOT/boot/xen${ext}%{xen_install_suffix} - ln -sf xen-syms${ext}-${XEN_FULLVERSION} $RPM_BUILD_ROOT/boot/xen-syms${ext} - find $RPM_BUILD_ROOT/boot -ls + ln -s xen${ext}-${XEN_FULLVERSION}%{xen_install_suffix} %{buildroot}/boot/xen${ext}-$XEN_VERSION.$XEN_SUBVERSION%{xen_install_suffix} + ln -s xen${ext}-${XEN_FULLVERSION}%{xen_install_suffix} %{buildroot}/boot/xen${ext}-$XEN_VERSION%{xen_install_suffix} + ln -s xen${ext}-${XEN_FULLVERSION}%{xen_install_suffix} %{buildroot}/boot/xen${ext}%{xen_install_suffix} + if test -f xen-syms${ext}-${XEN_FULLVERSION}; then + ln -sf xen-syms${ext}-${XEN_FULLVERSION} %{buildroot}/boot/xen-syms${ext} + fi + find %{buildroot}/boot -ls } +export BRP_PESIGN_FILES="*.efi /lib/firmware" +CC=gcc +%if %{?with_gcc47}0 +CC=gcc-4.7 +%endif +%if %{?with_gcc48}0 +CC=gcc-4.8 +%endif +rm -fv xen/.config +echo CONFIG_REQUIRE_NX=y > xen/.config +echo CONFIG_DIT_DEFAULT=y >> xen/.config %if %{with xen_debug} -make -C xen install max_phys_cpus=%{max_cpus} debug=y crash_debug=y DEBUG_DIR=/boot DESTDIR=$RPM_BUILD_ROOT %{?_smp_mflags} +echo CONFIG_DEBUG=y >> xen/.config +echo "CONFIG_DOM0_MEM=\"1G+10%%,max:64G\"" >> xen/.config +yes '' | make -C xen oldconfig +make -C xen install XEN_BUILD_DATE="$XEN_BUILD_DATE" XEN_BUILD_TIME="$XEN_BUILD_TIME" DEBUG_DIR=/boot DESTDIR=%{buildroot} CC=$CC %{?_smp_mflags} install_xen dbg make -C xen clean %endif -make -C xen install max_phys_cpus=%{max_cpus} debug=n crash_debug=n DEBUG_DIR=/boot DESTDIR=$RPM_BUILD_ROOT %{?_smp_mflags} +echo CONFIG_DEBUG=n >> xen/.config +echo "CONFIG_DOM0_MEM=\"1G+10%%,max:64G\"" >> xen/.config +yes '' | make -C xen oldconfig +make -C xen install XEN_BUILD_DATE="$XEN_BUILD_DATE" XEN_BUILD_TIME="$XEN_BUILD_TIME" DEBUG_DIR=/boot DESTDIR=%{buildroot} CC=$CC %{?_smp_mflags} install_xen make -C xen clean -echo > xen.files.txt -# EFI depends on gcc47 -if test -d $RPM_BUILD_ROOT%{_libdir}/efi -then - echo %{_libdir}/efi >> xen.files.txt -fi -%endif - -# PV driver modules -%if %{?with_kmp}0 -export INSTALL_MOD_PATH=$RPM_BUILD_ROOT -export INSTALL_MOD_DIR=updates -for flavor in %flavors_to_build; do - make -C /usr/src/linux-obj/%_target_cpu/$flavor modules_install \ - M=$PWD/obj/$flavor -done %endif # On x86_64, qemu-xen was installed as /usr/lib/xen/bin/qemu-system-i386 @@ -967,101 +758,141 @@ done # preserve the path. For x86_64, create a simple wrapper that invokes # /usr/bin/qemu-system-i386 # Using qemu-system-x86_64 will result in an incompatible VM -%ifarch x86_64 -cat > $RPM_BUILD_ROOT/usr/lib/xen/bin/qemu-system-i386 << 'EOF' +%ifarch x86_64 aarch64 +hardcoded_path_in_existing_domU_xml='%{_libexecdir}/%{name}/bin' +mkdir -vp %{buildroot}${hardcoded_path_in_existing_domU_xml} +tee %{buildroot}${hardcoded_path_in_existing_domU_xml}/qemu-system-%{qemu_arch} << 'EOF' #!/bin/sh -exec %{_bindir}/qemu-system-i386 "$@" +exec %{_bindir}/qemu-system-%{qemu_arch} "$@" EOF -chmod 0755 $RPM_BUILD_ROOT/usr/lib/xen/bin/qemu-system-i386 +chmod 0755 %{buildroot}${hardcoded_path_in_existing_domU_xml}/qemu-system-%{qemu_arch} + +# +unit='%{_libexecdir}/%{name}/bin/xendomains-wait-disks' +mkdir -vp '%{buildroot}%{_libexecdir}/%{name}/bin' +cp -avL '%{SOURCE10172}' "%{buildroot}${unit}" +mkdir xendomains-wait-disk +cp -avL '%{SOURCE10173}' xendomains-wait-disk/LICENSE +cp -avL '%{SOURCE10174}' xendomains-wait-disk/README.md +tee %{buildroot}%{_unitdir}/xendomains-wait-disks.service <<_EOS_ +[Unit] +Description=Xendomains - for those machines that will start, wait for their disks to appear +Requires=proc-xen.mount xenstored.service +After=proc-xen.mount xenstored.service xenconsoled.service xen-init-dom0.service +After=network-online.target +After=remote-fs.target +Before=xendomains.service +ConditionPathExists=/proc/xen/capabilities + +[Service] +Type=oneshot +ExecStart=${unit} +TimeoutSec=5min + +[Install] +WantedBy=xendomains.service +_EOS_ +# %endif # Stubdom %if %{?with_dom0_support}0 # Docs -mkdir -p $RPM_BUILD_ROOT/%{_defaultdocdir}/xen/misc +mkdir -p %{buildroot}/%{_defaultdocdir}/xen/misc for name in COPYING %SOURCE10 %SOURCE11 %SOURCE12; do - install -m 644 $name $RPM_BUILD_ROOT/%{_defaultdocdir}/xen/ + install -m 644 $name %{buildroot}/%{_defaultdocdir}/xen/ done -for name in vtpm.txt crashdb.txt \ - xenpaging.txt xl-disk-configuration.txt pci-device-reservations.txt \ - xl-network-configuration.markdown xl-numa-placement.markdown \ - xen-command-line.markdown xenstore-paths.markdown; do - install -m 644 docs/misc/$name $RPM_BUILD_ROOT/%{_defaultdocdir}/xen/misc/ +for name in vtpm-platforms.txt crashdb.txt xenpaging.txt \ + xen-command-line.pandoc xenstore-paths.pandoc; do + install -m 644 docs/misc/$name %{buildroot}/%{_defaultdocdir}/xen/misc/ done -mkdir -p $RPM_BUILD_ROOT/etc/modprobe.d -install -m644 %SOURCE26 $RPM_BUILD_ROOT/etc/modprobe.d/xen_loop.conf - -# xen-utils -make -C tools/xen-utils-0.1 install DESTDIR=$RPM_BUILD_ROOT XEN_INTREE_BUILD=yes XEN_ROOT=$PWD -install -m755 %SOURCE37 $RPM_BUILD_ROOT/usr/sbin/xen2libvirt +# Xen utilities +install -m755 %SOURCE36 %{buildroot}/usr/sbin/xen2libvirt +install -m755 %SOURCE10183 %{buildroot}/usr/sbin/xen_maskcalc +%python3_fix_shebang +rm -f %{buildroot}/etc/xen/README* # Example config -mkdir -p $RPM_BUILD_ROOT/etc/xen/{vm,examples,scripts} -mv $RPM_BUILD_ROOT/etc/xen/xlexample* $RPM_BUILD_ROOT/etc/xen/examples -rm -f $RPM_BUILD_ROOT/etc/xen/examples/*nbd -install -m644 tools/xentrace/formats $RPM_BUILD_ROOT/etc/xen/examples/xentrace_formats.txt +mkdir -p %{buildroot}/etc/xen/{vm,examples,scripts} +mv %{buildroot}/etc/xen/xlexample* %{buildroot}/etc/xen/examples +rm -f %{buildroot}/etc/xen/examples/*nbd # Scripts -rm -f $RPM_BUILD_ROOT/etc/xen/scripts/block-*nbd -install -m755 %SOURCE21 %SOURCE22 %SOURCE23 %SOURCE29 $RPM_BUILD_ROOT/etc/xen/scripts/ +rm -f %{buildroot}/etc/xen/scripts/block-*nbd +install -m755 %SOURCE21 %SOURCE22 %SOURCE23 %SOURCE24 %{buildroot}/etc/xen/scripts/ +install -m755 tools/pygrub/src/pygrub %{buildroot}/usr/bin/pygrub +mkdir -p %{buildroot}/usr/lib/supportconfig/plugins +install -m 755 %SOURCE13 %{buildroot}/usr/lib/supportconfig/plugins/xen -# Xen API remote authentication files -install -d $RPM_BUILD_ROOT/etc/pam.d -install -m644 %SOURCE30 $RPM_BUILD_ROOT/etc/pam.d/xen-api -install -m644 %SOURCE31 $RPM_BUILD_ROOT/etc/xen/ - -# Logrotate -install -m644 -D %SOURCE15 $RPM_BUILD_ROOT/etc/logrotate.d/xen +# Xen API remote authentication files and Logrotate files +install -m644 %SOURCE31 %{buildroot}/etc/xen/ +%if 0%{?suse_version} > 1500 +mkdir -p %{buildroot}%{_distconfdir}/logrotate.d +install -m644 -D %SOURCE14 %{buildroot}%{_distconfdir}/logrotate.d/xen +install -d %{buildroot}%{_pam_vendordir} +install -m644 %SOURCE30 %{buildroot}/%{_pam_vendordir}/xen-api +%else +install -m644 -D %SOURCE14 %{buildroot}%{_sysconfdir}/logrotate.d/xen +install -d %{buildroot}/etc/pam.d +install -m644 %SOURCE30 %{buildroot}/etc/pam.d/xen-api +%endif # Directories -mkdir -p $RPM_BUILD_ROOT/var/lib/xenstored -mkdir -p $RPM_BUILD_ROOT/var/lib/xen/images -mkdir -p $RPM_BUILD_ROOT/var/lib/xen/jobs -mkdir -p $RPM_BUILD_ROOT/var/lib/xen/save -mkdir -p $RPM_BUILD_ROOT/var/lib/xen/dump -mkdir -p $RPM_BUILD_ROOT/var/log/xen -mkdir -p $RPM_BUILD_ROOT/var/log/xen/console -ln -s /var/lib/xen/images $RPM_BUILD_ROOT/etc/xen/images - -# Bootloader -install -m755 %SOURCE36 $RPM_BUILD_ROOT/%{_libdir}/python%{pyver}/site-packages +mkdir -p %{buildroot}/var/lib/xenstored +mkdir -p %{buildroot}/var/lib/xen/images +mkdir -p %{buildroot}/var/lib/xen/jobs +mkdir -p %{buildroot}/var/lib/xen/save +mkdir -p %{buildroot}/var/lib/xen/dump +mkdir -p %{buildroot}/var/log/xen +mkdir -p %{buildroot}/var/log/xen/console # Systemd -%if %{?with_systemd}0 -%if %{?include_systemd_preset}0 -mkdir -vp $RPM_BUILD_ROOT%_presetdir -cat > $RPM_BUILD_ROOT%_presetdir/00-%{name}.preset < mods for mod in $mods do - echo "ExecStart=-/usr/bin/env modprobe $mod" >> $RPM_BUILD_ROOT%{_unitdir}/${bn} + # load by alias, if possible, to handle pvops and xenlinux + alias="$mod" + case "$mod" in + xen-evtchn) ;; + xen-gntdev) ;; + xen-gntalloc) ;; + xen-blkback) alias='xen-backend:vbd' ;; + xen-netback) alias='xen-backend:vif' ;; + xen-pciback) alias='xen-backend:pci' ;; + evtchn) unset alias ;; + gntdev) unset alias ;; + netbk) alias='xen-backend:vif' ;; + blkbk) alias='xen-backend:vbd' ;; + xen-scsibk) unset alias ;; + usbbk) unset alias ;; + pciback) alias='xen-backend:pci' ;; + xen-acpi-processor) ;; + blktap2) unset alias ;; + *) ;; + esac + if test -n "${alias}" + then + echo "ExecStart=-/bin/sh -c 'modprobe $alias || :'" >> mods + fi done -rm -rfv $RPM_BUILD_ROOT%{_initddir} -%else -# Init scripts -mkdir -p $RPM_BUILD_ROOT%{_initddir} -install %SOURCE34 $RPM_BUILD_ROOT%{_initddir}/pciback -ln -s %{_initddir}/pciback $RPM_BUILD_ROOT/usr/sbin/rcpciback -ln -s %{_initddir}/xendomains $RPM_BUILD_ROOT/usr/sbin/rcxendomains -%endif -install %SOURCE35 $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.pciback +sort -u mods | tee -a %{buildroot}/%{_unitdir}/${bn} +rm -rfv %{buildroot}/%{_initddir} +install -m644 %SOURCE35 %{buildroot}/%{_fillupdir}/sysconfig.pciback # Clean up unpackaged files -find $RPM_BUILD_ROOT \( \ +find %{buildroot} \( \ -name .deps -o \ -name README.blktap -o \ -name README.xenmon -o \ @@ -1077,102 +908,97 @@ find $RPM_BUILD_ROOT \( \ -name "*.dtb" -o \ -name "openbios-*" -o \ -name "petalogix*" -o \ - -name "ppc*" -o \ + -name "*.pyc" -o \ -name "s390*" -o \ -name "slof*" -o \ -name "spapr*" -o \ - -name "*.egg-info" \) \ + -name "PKG-INFO" -o \ + -name "SOURCES.txt" -o \ + -name "dependency_links.txt" -o \ + -name "top_level.txt" -o \ + -name "*.egg-info" \) \ -print -delete # Wipe empty directories -if find $RPM_BUILD_ROOT/usr -type d -print0 | xargs -0n1 rmdir -p 2>/dev/null +if find %{buildroot}/usr -type d -print0 | xargs -0n1 rmdir -p 2>/dev/null then : fi -# Create symlinks for keymaps -%fdupes -s $RPM_BUILD_ROOT/%{_datadir} +# "xl devd" has to be called manually in a driver domain +find %{buildroot} -name xendriverdomain.service -print -delete + +# Create hardlinks for 3 .txt files and 1 .py +%fdupes %{buildroot}/%{_prefix} +find %{buildroot} -type f -size 0 -delete -print %else # !with_dom0_support # 32 bit hypervisor no longer supported. Remove dom0 tools. -rm -rf $RPM_BUILD_ROOT/%{_datadir}/doc -rm -rf $RPM_BUILD_ROOT/%{_datadir}/man -rm -rf $RPM_BUILD_ROOT/%{_libdir}/xen -rm -rf $RPM_BUILD_ROOT/%{_libdir}/python* -rm -rf $RPM_BUILD_ROOT/%{_libdir}/ocaml* -rm -rf $RPM_BUILD_ROOT%{_unitdir} -rm -rf $RPM_BUILD_ROOT%{with_systemd_modules_load} -rm -rf $RPM_BUILD_ROOT/usr/sbin -rm -rf $RPM_BUILD_ROOT/etc/xen -rm -rf $RPM_BUILD_ROOT/var -rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/bash_completion.d/xl.sh -rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/init.d/xen* -rm -f $RPM_BUILD_ROOT/%{_bindir}/*store* -rm -f $RPM_BUILD_ROOT/%{_bindir}/*trace* -rm -f $RPM_BUILD_ROOT/%{_bindir}/xenalyze* -rm -f $RPM_BUILD_ROOT/%{_bindir}/xenco* -rm -f $RPM_BUILD_ROOT/%{_bindir}/xen-cpuid -rm -f $RPM_BUILD_ROOT/%{_bindir}/pygrub -rm -f $RPM_BUILD_ROOT/%{_bindir}/remus -rm -f $RPM_BUILD_ROOT/usr/etc/qemu/target-x86_64.conf -rm -f $RPM_BUILD_ROOT/usr/libexec/qemu-bridge-helper +rm -rf %{buildroot}/%{_datadir}/doc +rm -rf %{buildroot}/%{_datadir}/man +rm -rf %{buildroot}/%{_libexecdir}/%{name} +rm -rf %{buildroot}/%{_libdir}/python* +rm -rf %{buildroot}/%{_unitdir} +rm -rf %{buildroot}/%{_fillupdir} +rm -rf %{buildroot}/%{with_systemd_modules_load} +rm -rf %{buildroot}/usr/sbin +rm -rf %{buildroot}/etc/xen +rm -rf %{buildroot}/var +rm -f %{buildroot}/%{_datadir}/bash-completion/completions/xl +rm -f %{buildroot}/%{_sysconfdir}/init.d/xen* +rm -f %{buildroot}/%{_bindir}/*trace* +rm -f %{buildroot}/%{_bindir}/vchan-socket-proxy +rm -f %{buildroot}/%{_bindir}/xenalyze* +rm -f %{buildroot}/%{_bindir}/xenco* +rm -f %{buildroot}/%{_bindir}/xen-cpuid +rm -f %{buildroot}/%{_bindir}/pygrub +rm -f %{buildroot}/%{_bindir}/remus +rm -f %{buildroot}/usr/etc/qemu/target-x86_64.conf +rm -f %{buildroot}/usr/libexec/qemu-bridge-helper %endif %if %{?with_dom0_support}0 -%files -f xen.files.txt +%files %defattr(-,root,root) /boot/* +%{_libdir}/efi +%{_datadir}/efi %endif %files libs %defattr(-,root,root) -%{_libdir}/fs/ +%{_libdir}/xenfsimage/ %{_libdir}/*.so.* %if %{?with_dom0_support}0 %files tools %defattr(-,root,root) -%ifarch %ix86 x86_64 /usr/bin/xenalyze -%endif -/usr/bin/xencons /usr/bin/xenstore* /usr/bin/pygrub -#%if %{?with_qemu_traditional}0 -#/usr/bin/tapdisk-ioemu -#%endif +/usr/bin/vchan-socket-proxy /usr/bin/xencov_split -/usr/bin/xentrace_format %ifarch x86_64 /usr/bin/xen-cpuid %endif -/usr/sbin/tap* /usr/sbin/xenbaked /usr/sbin/xenconsoled /usr/sbin/xencov /usr/sbin/xenlockprof -/usr/sbin/xenmon.py +/usr/sbin/xenmon /usr/sbin/xenperf /usr/sbin/xenpm /usr/sbin/xenpmd -/usr/sbin/xen-ringwatch /usr/sbin/xenstored -/usr/sbin/xen-tmem-list-parse /usr/sbin/xentop /usr/sbin/xentrace -/usr/sbin/xentrace_setsize /usr/sbin/xentrace_setmask +/usr/sbin/xentrace_setsize /usr/sbin/xenwatchdogd -/usr/sbin/gtracestat -/usr/sbin/gtraceview -/usr/sbin/lock-util -/usr/sbin/td-util -/usr/sbin/vhd-update -/usr/sbin/vhd-util /usr/sbin/flask-get-bool /usr/sbin/flask-getenforce /usr/sbin/flask-label-pci @@ -1184,40 +1010,50 @@ rm -f $RPM_BUILD_ROOT/usr/libexec/qemu-bridge-helper %endif /usr/sbin/xl /usr/sbin/xen2libvirt +/usr/sbin/xen-access +/usr/sbin/xen_maskcalc %ifarch %ix86 x86_64 /usr/sbin/xen-hptool /usr/sbin/xen-hvmcrash /usr/sbin/xen-hvmctx +/usr/sbin/xen-kdd /usr/sbin/xen-lowmemd -/usr/sbin/kdd +/usr/sbin/xen-memshare +/usr/sbin/xen-ucode +/usr/sbin/xen-mceinj +/usr/sbin/xen-vmtrace %endif -/usr/sbin/xen-list -/usr/sbin/xen-destroy -/usr/sbin/xen-bugtool +/usr/sbin/xenhypfs /usr/sbin/xen-livepatch +/usr/sbin/xen-diag %dir %attr(700,root,root) /etc/xen %dir /etc/xen/scripts -%if %{?with_qemu_traditional}0 -#/usr/sbin/blktapctrl -#/etc/xen/scripts/blktap -/etc/xen/scripts/qemu-ifup -%endif /etc/xen/scripts/block* /etc/xen/scripts/external-device-migrate /etc/xen/scripts/hotplugpath.sh +/etc/xen/scripts/launch-xenstore /etc/xen/scripts/locking.sh /etc/xen/scripts/logging.sh -/etc/xen/scripts/vif2 /etc/xen/scripts/vif-* /etc/xen/scripts/vscsi /etc/xen/scripts/xen-hotplug-* /etc/xen/scripts/xen-network-common.sh /etc/xen/scripts/xen-script-common.sh /etc/xen/scripts/colo-proxy-setup -%{_libexecdir}/xen -/var/adm/fillup-templates/sysconfig.pciback -/var/adm/fillup-templates/sysconfig.xencommons -/var/adm/fillup-templates/sysconfig.xendomains +/etc/xen/scripts/remus-netbuf-setup +%dir /usr/lib/supportconfig +%dir /usr/lib/supportconfig/plugins +/usr/lib/supportconfig/plugins/xen +%dir %{_libexecdir}/%{name} +%{_libexecdir}/%{name}/bin +%exclude %{_libexecdir}/%{name}-tools-domU +%ifarch x86_64 +%{_libexecdir}/%{name}/boot +%exclude %{_libexecdir}/%{name}/bin/xendomains-wait-disks +%endif +%{_fillupdir}/sysconfig.pciback +%{_fillupdir}/sysconfig.xencommons +%{_fillupdir}/sysconfig.xendomains %dir /var/lib/xen %dir %attr(700,root,root) /var/lib/xen/images %dir %attr(700,root,root) /var/lib/xen/save @@ -1228,151 +1064,94 @@ rm -f $RPM_BUILD_ROOT/usr/libexec/qemu-bridge-helper %dir /var/lib/xenstored %dir /var/log/xen %dir /var/log/xen/console -%config /etc/logrotate.d/xen +%if 0%{?suse_version} > 1500 +%{_distconfdir}/logrotate.d/xen +%{_pam_vendordir}/xen-api +%else +%config(noreplace) %{_sysconfdir}/logrotate.d/xen +%config /etc/pam.d/xen-api +%endif /etc/xen/auto %config /etc/xen/examples -/etc/xen/images %config /etc/xen/cpupool -/etc/xen/README* %config /etc/xen/vm %config(noreplace) /etc/xen/xenapiusers %config(noreplace) /etc/xen/xl.conf -%config /etc/pam.d/xen-api -%config /etc/modprobe.d/xen_loop.conf -%if %{?with_systemd}0 %config %{_unitdir} +%exclude %{_unitdir}/%{name}-vcpu-watch.service +%exclude %{_unitdir}/xendomains-wait-disks.service %config %{with_systemd_modules_load} -%if %{?include_systemd_preset}0 -%config %_presetdir -%endif -%else -/usr/sbin/rcpciback -/usr/sbin/rcxendomains -%config %{_initddir}/* -%endif -%dir /etc/modprobe.d -/etc/bash_completion.d/xl.sh -%if %{?with_qemu_traditional}0 -%dir %{_datadir}/xen -%dir %{_datadir}/xen/qemu -%{_datadir}/xen/qemu/* -%endif +%{_datadir}/bash-completion/completions/xl %dir %{_libdir}/python%{pyver}/site-packages/grub %dir %{_libdir}/python%{pyver}/site-packages/xen %dir %{_libdir}/python%{pyver}/site-packages/xen/lowlevel %dir %{_libdir}/python%{pyver}/site-packages/xen/migration %{_libdir}/python%{pyver}/site-packages/grub/* -%{_libdir}/python%{pyver}/site-packages/xen/__init__* +%{_libdir}/python%{pyver}/site-packages/xen/util.py %{_libdir}/python%{pyver}/site-packages/xen/lowlevel/* %{_libdir}/python%{pyver}/site-packages/xen/migration/* -%{_libdir}/python%{pyver}/site-packages/fsimage.so -%{_libdir}/python%{pyver}/site-packages/xnloader.py +%{_libdir}/python%{pyver}/site-packages/*.so %dir %{_defaultdocdir}/xen %{_defaultdocdir}/xen/COPYING %{_defaultdocdir}/xen/README.SUSE %{_defaultdocdir}/xen/boot.local.xenU %{_defaultdocdir}/xen/boot.xen -%{_defaultdocdir}/xen/misc -%{_mandir}/man1/xentop.1.gz -%{_mandir}/man1/xentrace_format.1.gz -%{_mandir}/man1/xl.1.gz -%{_mandir}/man1/xenstore-chmod.1.gz -%{_mandir}/man1/xenstore-ls.1.gz -%{_mandir}/man1/xenstore.1.gz -%{_mandir}/man5/xl.cfg.5.gz -%{_mandir}/man5/xl.conf.5.gz -%{_mandir}/man5/xlcpupool.cfg.5.gz -%{_mandir}/man8/*.8.gz -%{_mandir}/man1/xen-list.1.gz +%{_mandir}/man*/* -%if %{with xen_oxenstored} -/usr/sbin/oxenstored -/etc/xen/oxenstored.conf -%dir %{_libdir}/ocaml -%dir %{_libdir}/ocaml/xenbus -%dir %{_libdir}/ocaml/xenctrl -%dir %{_libdir}/ocaml/xeneventchn -%dir %{_libdir}/ocaml/xenlight -%dir %{_libdir}/ocaml/xenmmap -%dir %{_libdir}/ocaml/xenstore -%dir %{_libdir}/ocaml/xentoollog -%{_libdir}/ocaml/xenbus/META -%{_libdir}/ocaml/xenbus/*.so -%{_libdir}/ocaml/xenbus/*.cma -%{_libdir}/ocaml/xenbus/*.cmi -%{_libdir}/ocaml/xenbus/*.cmo -%{_libdir}/ocaml/xenctrl/META -%{_libdir}/ocaml/xenctrl/*.so -%{_libdir}/ocaml/xenctrl/*.cma -%{_libdir}/ocaml/xenctrl/*.cmi -%{_libdir}/ocaml/xeneventchn/META -%{_libdir}/ocaml/xeneventchn/*.so -%{_libdir}/ocaml/xeneventchn/*.cma -%{_libdir}/ocaml/xeneventchn/*.cmi -%{_libdir}/ocaml/xenlight/META -%{_libdir}/ocaml/xenlight/*.so -%{_libdir}/ocaml/xenlight/*.cma -%{_libdir}/ocaml/xenlight/*.cmi -%{_libdir}/ocaml/xenmmap/META -%{_libdir}/ocaml/xenmmap/*.so -%{_libdir}/ocaml/xenmmap/*.cma -%{_libdir}/ocaml/xenmmap/*.cmi -%{_libdir}/ocaml/xenstore/META -%{_libdir}/ocaml/xenstore/*.cma -%{_libdir}/ocaml/xenstore/*.cmi -%{_libdir}/ocaml/xenstore/*.cmo -%{_libdir}/ocaml/xentoollog/META -%{_libdir}/ocaml/xentoollog/*.so -%{_libdir}/ocaml/xentoollog/*.cma -%{_libdir}/ocaml/xentoollog/*.cmi +%ifarch x86_64 +%files tools-xendomains-wait-disk +%license xendomains-wait-disk/LICENSE +%doc xendomains-wait-disk/README.md +%config %{_unitdir}/xendomains-wait-disks.service +%config %attr(0755,root,root) %{_libexecdir}/%{name}/bin/xendomains-wait-disks %endif - # with_dom0_support %endif +%posttrans -n %{name}-tools-domU +%{?regenerate_initrd_posttrans} + %files tools-domU %defattr(-,root,root) %ifarch %ix86 x86_64 /usr/bin/xen-detect +%exclude /usr/bin/xenstore-control %endif -/bin/domu-xenstore -/bin/xenstore-* -%if %{?with_systemd}0 +/usr/bin/xenstore* +%if %{?with_dom0_support}0 +%config %{_unitdir}/%{name}-vcpu-watch.service +%endif +%{_libexecdir}/%{name}-tools-domU /usr/lib/udev /usr/lib/dracut -%endif %files devel %defattr(-,root,root) %{_libdir}/*.a %{_libdir}/*.so -%if %{?with_dom0_support}0 -%if %{with xen_oxenstored} -%{_libdir}/ocaml/xenbus/*.a -%{_libdir}/ocaml/xenbus/*.cmx* -%{_libdir}/ocaml/xenctrl/*.a -%{_libdir}/ocaml/xenctrl/*.cmx* -%{_libdir}/ocaml/xeneventchn/*.a -%{_libdir}/ocaml/xeneventchn/*.cmx* -%{_libdir}/ocaml/xenlight/*.a -%{_libdir}/ocaml/xenlight/*.cmx* -%{_libdir}/ocaml/xenmmap/*.a -%{_libdir}/ocaml/xenmmap/*.cmx* -%{_libdir}/ocaml/xenstore/*.a -%{_libdir}/ocaml/xenstore/*.cmx* -%{_libdir}/ocaml/xentoollog/*.a -%{_libdir}/ocaml/xentoollog/*.cmx* -%endif -%endif /usr/include/* -%{_datadir}/pkgconfig/xenlight.pc -%{_datadir}/pkgconfig/xlutil.pc +%{_libdir}/pkgconfig/xenlight.pc +%{_libdir}/pkgconfig/xlutil.pc +%{_libdir}/pkgconfig/xencall.pc +%{_libdir}/pkgconfig/xencontrol.pc +%{_libdir}/pkgconfig/xendevicemodel.pc +%{_libdir}/pkgconfig/xenevtchn.pc +%{_libdir}/pkgconfig/xenforeignmemory.pc +%{_libdir}/pkgconfig/xengnttab.pc +%{_libdir}/pkgconfig/xenguest.pc +%{_libdir}/pkgconfig/xenhypfs.pc +%{_libdir}/pkgconfig/xenstat.pc +%{_libdir}/pkgconfig/xenstore.pc +%{_libdir}/pkgconfig/xentoolcore.pc +%{_libdir}/pkgconfig/xentoollog.pc +%{_libdir}/pkgconfig/xenvchan.pc %if %{?with_dom0_support}0 %files doc-html %defattr(-,root,root) %dir %{_defaultdocdir}/xen +%{_defaultdocdir}/xen/misc %{_defaultdocdir}/xen/html %post @@ -1381,64 +1160,84 @@ if [ -x /sbin/update-bootloader ]; then fi %pre tools -%if %{?with_systemd}0 %service_add_pre xencommons.service %service_add_pre xendomains.service +%service_add_pre xen-watchdog.service +%service_add_pre xenstored.service +%service_add_pre xen-dom0-modules.service +%service_add_pre xenconsoled.service +%service_add_pre xen-init-dom0.service +%service_add_pre xen-qemu-dom0-disk-backend.service +%if 0%{?suse_version} > 1500 +# Prepare for migration to /usr/etc; save any old .rpmsave +for i in logrotate.d/xen pam.d/xen-api ; do + test -f %{_sysconfdir}/${i}.rpmsave && mv -v %{_sysconfdir}/${i}.rpmsave %{_sysconfdir}/${i}.rpmsave.old ||: +done +%endif + +%if 0%{?suse_version} > 1500 +%posttrans tools +# Migration to /usr/etc, restore just created .rpmsave +for i in logrotate.d/xen pam.d/xen-api ; do + test -f %{_sysconfdir}/${i}.rpmsave && mv -v %{_sysconfdir}/${i}.rpmsave %{_sysconfdir}/${i} ||: +done %endif %post tools -xen_tools_first_arg=$1 -%if %{?with_systemd}0 %{fillup_only -n xencommons xencommons} %{fillup_only -n xendomains xendomains} %service_add_post xencommons.service %service_add_post xendomains.service -%else -%{fillup_only -n pciback} -%{fillup_and_insserv -y -n xencommons xencommons} -%{fillup_and_insserv -i -y -n xendomains xendomains} -%endif +%service_add_post xen-watchdog.service +%service_add_post xenstored.service +%service_add_post xen-dom0-modules.service +%service_add_post xenconsoled.service +%service_add_post xen-init-dom0.service +%service_add_post xen-qemu-dom0-disk-backend.service -if [ -f /usr/bin/qemu-img ]; then - if [ -f /usr/bin/qemu-img-xen ]; then - rm /usr/bin/qemu-img-xen - fi - rm -f %{_libexecdir}/xen/bin/qemu-img-xen - ln -s /usr/bin/qemu-img %{_libexecdir}/xen/bin/qemu-img-xen -fi -if [ -f /usr/bin/qemu-nbd ]; then - if [ -f /usr/bin/qemu-nbd-xen ]; then - rm /usr/bin/qemu-nbd-xen - fi - rm -f %{_libexecdir}/xen/bin/qemu-nbd-xen - ln -s /usr/bin/qemu-nbd %{_libexecdir}/xen/bin/qemu-nbd-xen -fi -if [ -f /usr/bin/qemu-io ]; then - rm -f %{_libexecdir}/xen/bin/qemu-io-xen - ln -s /usr/bin/qemu-io %{_libexecdir}/xen/bin/qemu-io-xen -fi if [ -f /etc/default/grub ] && ! (/usr/bin/grep GRUB_CMDLINE_XEN /etc/default/grub >/dev/null); then echo '# Xen boot parameters for all Xen boots' >> /etc/default/grub echo 'GRUB_CMDLINE_XEN=""' >> /etc/default/grub echo '# Xen boot parameters for non-recovery Xen boots (in addition to GRUB_CMDLINE_XEN)' >> /etc/default/grub echo 'GRUB_CMDLINE_XEN_DEFAULT=""' >> /etc/default/grub fi +if [ -f %{_datadir}/grub2/i386-xen/grub.xen ] && [ ! -f %{_libexecdir}/%{name}/boot/pvgrub32.bin ]; then + ln -sv %{_datadir}/grub2/i386-xen/grub.xen %{_libexecdir}/%{name}/boot/pvgrub32.bin +fi +if [ -f %{_datadir}/grub2/x86_64-xen/grub.xen ] && [ ! -f %{_libexecdir}/%{name}/boot/pvgrub64.bin ]; then + ln -sv %{_datadir}/grub2/x86_64-xen/grub.xen %{_libexecdir}/%{name}/boot/pvgrub64.bin +fi %preun tools -%if %{?with_systemd}0 %service_del_preun xencommons.service %service_del_preun xendomains.service -%else -%{stop_on_removal xendomains xencommons} -%endif +%service_del_preun xen-watchdog.service +%service_del_preun xenstored.service +%service_del_preun xen-dom0-modules.service +%service_del_preun xenconsoled.service +%service_del_preun xen-init-dom0.service +%service_del_preun xen-qemu-dom0-disk-backend.service %postun tools +%if %{defined service_del_postun_without_restart} +%service_del_postun_without_restart xencommons.service +%service_del_postun_without_restart xendomains.service +%service_del_postun_without_restart xen-watchdog.service +%service_del_postun_without_restart xenstored.service +%service_del_postun_without_restart xen-dom0-modules.service +%service_del_postun_without_restart xenconsoled.service +%service_del_postun_without_restart xen-init-dom0.service +%service_del_postun_without_restart xen-qemu-dom0-disk-backend.service +%else export DISABLE_RESTART_ON_UPDATE=yes -%if %{?with_systemd}0 %service_del_postun xencommons.service %service_del_postun xendomains.service -%else -%{insserv_cleanup} +%service_del_postun xen-watchdog.service +%service_del_postun xenstored.service +%service_del_postun xen-dom0-modules.service +%service_del_postun xenconsoled.service +%service_del_postun xen-init-dom0.service +%service_del_postun xen-qemu-dom0-disk-backend.service %endif %endif diff --git a/xen.stubdom.newlib.patch b/xen.stubdom.newlib.patch deleted file mode 100644 index 3d97245..0000000 --- a/xen.stubdom.newlib.patch +++ /dev/null @@ -1,119 +0,0 @@ -# HG changeset patch -# Parent 02ec826cab1e4acb25b364a180a1597ace1149f9 -stubdom: fix errors in newlib - -rpm post-build-checks found a few code bugs in newlib, and marks them as -errors. Add another newlib patch and apply it during stubdom build. - -I: A function uses a 'return;' statement, but has actually a value - to return, like an integer ('return 42;') or similar. -W: xen voidreturn ../../../../newlib-1.16.0/libgloss/i386/cygmon-gmon.c:117, 125, 146, 157, 330 - -I: Program is using implicit definitions of special functions. - these functions need to use their correct prototypes to allow - the lightweight buffer overflow checking to work. - - Implicit memory/string functions need #include . - - Implicit *printf functions need #include . - - Implicit *printf functions need #include . - - Implicit *read* functions need #include . - - Implicit *recv* functions need #include . -E: xen implicit-fortify-decl ../../../../newlib-1.16.0/libgloss/i386/cygmon-gmon.c:119 - -I: Program returns random data in a function -E: xen no-return-in-nonvoid-function ../../../../newlib-1.16.0/libgloss/i386/cygmon-gmon.c:362 - -Signed-off-by: Olaf Hering - -Index: xen-4.7.0-testing/stubdom/Makefile -=================================================================== ---- xen-4.7.0-testing.orig/stubdom/Makefile -+++ xen-4.7.0-testing/stubdom/Makefile -@@ -80,6 +80,8 @@ newlib-$(NEWLIB_VERSION): newlib-$(NEWLI - patch -d $@ -p0 < newlib.patch - patch -d $@ -p0 < newlib-chk.patch - patch -d $@ -p1 < newlib-stdint-size_max-fix-from-1.17.0.patch -+ patch -d $@ -p1 < newlib-cygmon-gmon.patch -+ patch -d $@ -p1 < newlib-makedoc.patch - find $@ -type f | xargs perl -i.bak \ - -pe 's/\b_(tzname|daylight|timezone)\b/$$1/g' - touch $@ -Index: xen-4.7.0-testing/stubdom/newlib-cygmon-gmon.patch -=================================================================== ---- /dev/null -+++ xen-4.7.0-testing/stubdom/newlib-cygmon-gmon.patch -@@ -0,0 +1,60 @@ -+ -+I: A function uses a 'return;' statement, but has actually a value -+ to return, like an integer ('return 42;') or similar. -+W: xen voidreturn ../../../../newlib-1.16.0/libgloss/i386/cygmon-gmon.c:117, 125, 146, 157, 330 -+ -+I: Program is using implicit definitions of special functions. -+ these functions need to use their correct prototypes to allow -+ the lightweight buffer overflow checking to work. -+ - Implicit memory/string functions need #include . -+ - Implicit *printf functions need #include . -+ - Implicit *printf functions need #include . -+ - Implicit *read* functions need #include . -+ - Implicit *recv* functions need #include . -+E: xen implicit-fortify-decl ../../../../newlib-1.16.0/libgloss/i386/cygmon-gmon.c:119 -+ -+I: Program returns random data in a function -+E: xen no-return-in-nonvoid-function ../../../../newlib-1.16.0/libgloss/i386/cygmon-gmon.c:362 -+ -+--- -+ libgloss/i386/cygmon-gmon.c | 6 +++++- -+ 1 file changed, 5 insertions(+), 1 deletion(-) -+ -+Index: newlib-1.16.0/libgloss/i386/cygmon-gmon.c -+=================================================================== -+--- newlib-1.16.0.orig/libgloss/i386/cygmon-gmon.c -++++ newlib-1.16.0/libgloss/i386/cygmon-gmon.c -+@@ -61,6 +61,8 @@ -+ static char sccsid[] = "@(#)gmon.c 5.3 (Berkeley) 5/22/91"; -+ #endif /* not lint */ -+ -++#include -++#include -+ #define DEBUG -+ #ifdef DEBUG -+ #include -+@@ -89,7 +91,7 @@ static int s_scale; -+ -+ extern int errno; -+ -+-int -++void -+ monstartup(lowpc, highpc) -+ char *lowpc; -+ char *highpc; -+@@ -199,6 +201,7 @@ _mcleanup() -+ -+ static char already_setup = 0; -+ -++void -+ _mcount() -+ { -+ register char *selfpc; -+@@ -341,6 +344,7 @@ overflow: -+ * profiling is what mcount checks to see if -+ * all the data structures are ready. -+ */ -++void -+ moncontrol(mode) -+ int mode; -+ { -Index: xen-4.7.0-testing/stubdom/newlib-makedoc.patch -=================================================================== ---- /dev/null -+++ xen-4.7.0-testing/stubdom/newlib-makedoc.patch -@@ -0,0 +1,10 @@ -+--- newlib-1.16.0/newlib/doc/makedoc.c.orig 2015-04-08 11:56:39.283090914 +0200 -++++ newlib-1.16.0/newlib/doc/makedoc.c 2015-04-08 11:56:51.245227742 +0200 -+@@ -39,6 +39,7 @@ -+ #include -+ #include -+ #include -++#include -+ -+ #define DEF_SIZE 5000 -+ #define STACK 50 diff --git a/xen.sysconfig-fillup.patch b/xen.sysconfig-fillup.patch new file mode 100644 index 0000000..d1ba7af --- /dev/null +++ b/xen.sysconfig-fillup.patch @@ -0,0 +1,101 @@ +Fix xencommons for fillup + +The usage in xen.spec is like this: + %post tools + %{fillup_only -n xencommons xencommons} + +After fresh install, modify the key=value pairs as required, then +upgrade the package, the sysconfig file is broken and changes are lost: + + # rm /etc/sysconfig/xencommons + # zypper in --oldpackage xen-tools-4.12.4_02-3.30.1 + # echo XENSTORETYPE=domain >> /etc/sysconfig/xencommons + # echo XENSTORE_DOMAIN_SIZE=123 >> /etc/sysconfig/xencommons + # zypper in --oldpackage xen-tools-4.12.4_04-3.33.1 + # diff -u /var/adm/fillup-templates/sysconfig.xencommons /etc/sysconfig/xencommons + +Basically fillup removed all comments, and also the two added key=value lines. + +Prevent this by defining all keys, with empty values, so that consumers +of the values will continue to use the built-in defaults. +Index: xen-4.19.0-testing/tools/hotplug/Linux/init.d/sysconfig.xencommons.in +=================================================================== +--- xen-4.19.0-testing.orig/tools/hotplug/Linux/init.d/sysconfig.xencommons.in ++++ xen-4.19.0-testing/tools/hotplug/Linux/init.d/sysconfig.xencommons.in +@@ -3,7 +3,9 @@ + ## Default: "none" + # + # Log xenconsoled messages (cf xl dmesg) +-#XENCONSOLED_TRACE=[none|guest|hv|all] ++# One of [none|guest|hv|all] ++# ++XENCONSOLED_TRACE= + + ## Type: string + ## Default: daemon +@@ -16,10 +18,10 @@ + # + # Changing this requires a reboot to take effect. + # +-#XENSTORETYPE=daemon ++XENSTORETYPE= + + ## Type: string +-## Default: xenstored ++## Default: @XENSTORED@ + # + # Select xenstore implementation, this can be either + # of these below. +@@ -30,7 +32,7 @@ + # * @sbindir@/xenstored + # + # Changing this requires a reboot to take effect. +-#XENSTORED=@XENSTORED@ ++XENSTORED= + + ## Type: string + ## Default: unlimited +@@ -57,8 +59,9 @@ XENSTORED_ARGS= + ## Type: string + ## Default: Not defined, tracing off + # +-# Log xenstored messages +-#XENSTORED_TRACE=[yes|on|1] ++# Log xenstored messages if a non-empty value is assigned. ++# ++XENSTORED_TRACE= + + ## Type: integer + ## Default: 50 +@@ -74,14 +77,14 @@ XENSTORED_ARGS= + # + # xenstore domain kernel. + # Only evaluated if XENSTORETYPE is "domain". +-#XENSTORE_DOMAIN_KERNEL=@LIBEXEC@/boot/xenstore-stubdom.gz ++XENSTORE_DOMAIN_KERNEL= + + ## Type: integer + ## Default: 8 + # + # xenstore domain memory size in MiB. + # Only evaluated if XENSTORETYPE is "domain". +-#XENSTORE_DOMAIN_SIZE=8 ++XENSTORE_DOMAIN_SIZE= + + ## Type: string + ## Default: not set, no autoballooning of xenstore domain +@@ -92,7 +95,7 @@ XENSTORED_ARGS= + # - combination of both in form of : (e.g. 8:1/100), resulting + # value will be the higher of both specifications + # Only evaluated if XENSTORETYPE is "domain". +-#XENSTORE_MAX_DOMAIN_SIZE= ++XENSTORE_MAX_DOMAIN_SIZE= + + ## Type: string + ## Default: "" +@@ -105,4 +108,4 @@ XENSTORE_DOMAIN_ARGS= + #QEMU_XEN=@qemu_xen_path@ + + # Dom0 UUID +-#XEN_DOM0_UUID=00000000-0000-0000-0000-000000000000 ++XEN_DOM0_UUID= diff --git a/xen2libvirt.py b/xen2libvirt.py index d31a285..35845f4 100644 --- a/xen2libvirt.py +++ b/xen2libvirt.py @@ -1,4 +1,4 @@ -#!/usr/bin/env python +#!/usr/bin/python3 # # Copyright (C) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -22,6 +22,7 @@ # Read native Xen configuration format, convert to libvirt domXML, and # import (virsh define ) into libvirt. + import sys import os import argparse @@ -31,7 +32,7 @@ from xml.etree import ElementTree try: import libvirt except ImportError: - print 'Unable to import the libvirt module. Is libvirt-python installed?' + print('Unable to import the libvirt module. Is libvirt-python installed?') sys.exit(1) parser = argparse.ArgumentParser(description='Import Xen domain configuration into libvirt') @@ -44,7 +45,7 @@ parser.add_argument('path', help='Path to Xen domain configuration') def print_verbose(msg): if args.verbose: - print msg + print(msg) def check_config(path, config): @@ -103,12 +104,12 @@ def import_domain(conn, path, format=None, convert_only=False): print_verbose('Successfully converted Xen domain configuration to ' 'libvirt domXML:\n %s' % xml) if convert_only: - print xml + print(xml) else: print_verbose('Importing converted libvirt domXML into libvirt...') - dom = conn.defineXML(xml) + dom = conn.defineXML(xml.decode("utf-8")) if dom is None: - print 'Failed to define domain from converted domXML' + print('Failed to define domain from converted domXML') sys.exit(1) print_verbose('domXML successfully imported into libvirt') diff --git a/xen_maskcalc.py b/xen_maskcalc.py new file mode 100644 index 0000000..7c6ab84 --- /dev/null +++ b/xen_maskcalc.py @@ -0,0 +1,395 @@ +#!/usr/bin/python3 + +# Xen Mask Calculator - Calculate CPU masking information based on cpuid(1) +# Copyright (C) 2017 Armando Vega +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +import argparse +import sys +import os + + +EAX1_MATCH = '0x00000001 0x00:' +EAX7_MATCH = '0x00000007 0x00:' +EXP_LINELN = 76 + +libxl_names_ecx1 = [] +libxl_names_edx1 = [] +libvirt_names_ecx1 = [] +libvirt_names_edx1 = [] + +libxl_names_ebx7 = [] +libxl_names_ecx7 = [] +libvirt_names_ebx7 = [] +libvirt_names_ecx7 = [] + +def fill_ecx1(bit, libxl, libvirt): + if libxl_names_ecx1[bit]: + print("ecx bit %s already set: libxl %s libvirt %s. Ignoring %s/%s\n" % (bit, libxl_names_ecx1[bit], libvirt_names_ecx1[bit], libxl, libvirt)) + return + libxl_names_ecx1[bit] = libxl + libvirt_names_ecx1[bit] = libvirt + +def fill_edx1(bit, libxl, libvirt): + if libxl_names_edx1[bit]: + print("edx bit %s already set: libxl %s libvirt %s. Ignoring %s/%s\n" % (bit, libxl_names_edx1[bit], libvirt_names_edx1[bit], libxl, libvirt)) + return + libxl_names_edx1[bit] = libxl + libvirt_names_edx1[bit] = libvirt + +def fill_ebx7(bit, libxl, libvirt): + if libxl_names_ebx7[bit]: + print("edx bit %s already set: libxl %s libvirt %s. Ignoring %s/%s\n" % (bit, libxl_names_ebx7[bit], libvirt_names_ebx7[bit], libxl, libvirt)) + return + libxl_names_ebx7[bit] = libxl + libvirt_names_ebx7[bit] = libvirt + +def fill_ecx7(bit, libxl, libvirt): + if libxl_names_ecx7[bit]: + print("ecx bit %s already set: libxl %s libvirt %s. Ignoring %s/%s\n" % (bit, libxl_names_ecx7[bit], libvirt_names_ecx7[bit], libxl, libvirt)) + return + libxl_names_ecx7[bit] = libxl + libvirt_names_ecx7[bit] = libvirt + +def fill_bit_names(): + for i in range(0,32): + libxl_names_ecx1.append(None) + libxl_names_edx1.append(None) + libxl_names_ebx7.append(None) + libxl_names_ecx7.append(None) + libvirt_names_ecx1.append(None) + libvirt_names_edx1.append(None) + libvirt_names_ebx7.append(None) + libvirt_names_ecx7.append(None) + + fill_ecx1(0, "sse3", "pni") + fill_ecx1(1, "pclmulqdq", "pclmuldq") + fill_ecx1(2, "dtes64", "dtes64") + fill_ecx1(3, "monitor", "monitor") + fill_ecx1(4, "dscpl", "ds_cpl") + fill_ecx1(5, "vmx", "vmx") + fill_ecx1(6, "smx", "smx") + fill_ecx1(7, "est", "est") + fill_ecx1(8, "tm2", "tm2") + fill_ecx1(9, "ssse3", "ssse3") + fill_ecx1(10, "cntxid", "cid") + fill_ecx1(12, "fma", "fma") + fill_ecx1(13, "cmpxchg16", "cx16") + fill_ecx1(14, "xtpr", "xtpr") + fill_ecx1(15, "pdcm", "pdcm") + fill_ecx1(17, "pcid", "pcid") + fill_ecx1(18, "dca", "dca") + fill_ecx1(19, "sse4_1", "sse4.1") + fill_ecx1(20, "sse4_2", "sse4.2") + fill_ecx1(21, "x2apic", "x2apic") + fill_ecx1(22, "movbe", "movbe") + fill_ecx1(23, "popcnt", "popcnt") + fill_ecx1(24, "tsc-deadline", "tsc-deadline") + fill_ecx1(25, "aes", "aes") + fill_ecx1(26, "xsave", "xsave") + fill_ecx1(27, "osxsave", "osxsave") + fill_ecx1(28, "avx", "avx") + fill_ecx1(29, "f16c", "f16c") + fill_ecx1(30, "rdrand", "rdrand") + fill_ecx1(31, "hypervisor", "hypervisor") + + fill_edx1(0, "fpu", "fpu") + fill_edx1(1, "vme", "vme") + fill_edx1(2, "de", "de") + fill_edx1(3, "pse", "pse") + fill_edx1(4, "tsc", "tsc") + fill_edx1(5, "msr", "msr") + fill_edx1(6, "pae", "pae") + fill_edx1(7, "mce", "mce") + fill_edx1(8, "cmpxchg8", "cx8") + fill_edx1(9, "apic", "apic") + fill_edx1(11, "sysenter", "sep") + fill_edx1(12, "mtrr", "mtrr") + fill_edx1(13, "pge", "pge") + fill_edx1(14, "mca", "mca") + fill_edx1(15, "cmov", "cmov") + fill_edx1(16, "pat", "pat") + fill_edx1(17, "pse36", "pse36") + fill_edx1(18, "psn", "pn") + fill_edx1(19, "clfsh", "clflush") + fill_edx1(21, "ds", "ds") + fill_edx1(22, "acpi", "acpi") + fill_edx1(23, "mmx", "mmx") + fill_edx1(24, "fxsr", "fxsr") + fill_edx1(25, "sse", "sse") + fill_edx1(26, "sse2", "sse2") + fill_edx1(27, "ss", "ss") + fill_edx1(28, "htt", "ht") + fill_edx1(29, "tm", "tm") + fill_edx1(30, "ia64", "ia64") + fill_edx1(31, "pbe", "pbe") + + fill_ebx7(0, "fsgsbase", "fsgsbase") + fill_ebx7(1, "tsc_adjust", "tsc_adjust") + fill_ebx7(3, "bmi1", "bmi1") + fill_ebx7(4, "hle", "hle") + fill_ebx7(5, "avx2", "avx2") + fill_ebx7(7, "smep", "smep") + fill_ebx7(8, "bmi2", "bmi2") + fill_ebx7(9, "erms", "erms") + fill_ebx7(10, "invpcid", "invpcid") + fill_ebx7(11, "rtm", "rtm") + fill_ebx7(12, "cmt", "cmt") + fill_ebx7(14, "mpx", "mpx") + fill_ebx7(16, "avx512f", "avx512f") + fill_ebx7(17, "avx512dq", "avx512dq") + fill_ebx7(18, "rdseed", "rdseed") + fill_ebx7(19, "adx", "adx") + fill_ebx7(20, "smap", "smap") + fill_ebx7(21, "avx512-ifma", "avx512-ifma") + fill_ebx7(23, "clflushopt", "clflushopt") + fill_ebx7(24, "clwb", "clwb") + fill_ebx7(26, "avx512pf", "avx512pf") + fill_ebx7(27, "avx512er", "avx512er") + fill_ebx7(28, "avx512cd", "avx512cd") + fill_ebx7(29, "sha", "sha") + fill_ebx7(30, "avx512bw", "avx512bw") + fill_ebx7(31, "avx512vl", "avx512vl") + + fill_ecx7(0, "prefetchwt1", "prefetchwt1") + fill_ecx7(1, "avx512-vbmi", "avx512-vbmi") + fill_ecx7(2, "umip", "umip") + fill_ecx7(3, "pku", "pku") + fill_ecx7(4, "ospke", "ospke") + fill_ecx7(6, "avx512-vbmi2", "avx512-vbmi2") + fill_ecx7(8, "gfni", "gfni") + fill_ecx7(9, "vaes", "vaes") + fill_ecx7(10, "vpclmulqdq", "vpclmulqdq") + fill_ecx7(11, "avx512-vnni", "avx512-vnni") + fill_ecx7(12, "avx512-bitalg", "avx512-bitalg") + fill_ecx7(14, "avx512-vpopcntdq", "avx512-vpopcntdq") + fill_ecx7(22, "rdpid", "rdpid") + fill_ecx7(25, "cldemote", "cldemote") + + +def get_register_mask(regs): + """ Take a list of register values and return the calculated mask """ + reg_n = len(regs) + mask = '' + for idx in range(32): + counter = 0 + for reg in regs: + counter += 1 if (reg & (1 << idx) > 0) else 0 + # if we have all 1s or all 0s we don't mask the bit + if counter == reg_n or counter == 0: + mask = mask + 'x' + else: + mask = mask + '0' + # we calculated the mask in reverse, so we reverse it again + return mask[::-1] + + +def print_xl_masking_config(nodes): + """ Take a dictionary of nodes containing their registers and print out CPUID masking configuration for xl """ + nomasking = 'x' * 32 + libxl = [] + libvirt = [] + eax1_ecx_regs = [] + eax1_edx_regs = [] + eax7_ebx_regs = [] + eax7_ecx_regs = [] + for node in nodes: + eax1_ecx_regs.append(nodes[node]['eax1_ecx']) + eax1_edx_regs.append(nodes[node]['eax1_edx']) + eax7_ebx_regs.append(nodes[node]['eax7_ebx']) + eax7_ecx_regs.append(nodes[node]['eax7_ecx']) + # Get masks for the EAX1 and EAX7 registers + eax1_ecx_mask = get_register_mask(eax1_ecx_regs) + eax1_edx_mask = get_register_mask(eax1_edx_regs) + eax7_ebx_mask = get_register_mask(eax7_ebx_regs) + eax7_ecx_mask = get_register_mask(eax7_ecx_regs) + # Build the xl CPUID config + cpuid_config = 'cpuid = [\n "0x00000001:ecx=' + eax1_ecx_mask + if eax1_edx_mask != nomasking: + cpuid_config += ',edx=' + eax1_edx_mask + cpuid_config += '",\n' + cpuid_config += ' "0x00000007,0x00:ebx=' + eax7_ebx_mask + if eax7_ecx_mask != nomasking: + cpuid_config += ',ecx=' + eax7_ecx_mask + cpuid_config += '"\n' + cpuid_config += ']' + print(cpuid_config) + + bitnum = len(eax1_ecx_mask) + while bitnum > 0: + bitnum -= 1 + bitval = eax1_ecx_mask[len(eax1_ecx_mask) - 1 - bitnum] + if bitval == "0" and libxl_names_ecx1[bitnum]: + libxl.append(libxl_names_ecx1[bitnum] + "=0") + libvirt.append(libvirt_names_ecx1[bitnum]) + + bitnum = len(eax1_edx_mask) + while bitnum > 0: + bitnum -= 1 + bitval = eax1_edx_mask[len(eax1_edx_mask) - 1 - bitnum] + if bitval == "0" and libxl_names_edx1[bitnum]: + libxl.append(libxl_names_edx1[bitnum] + "=0") + libvirt.append(libvirt_names_edx1[bitnum]) + + bitnum = len(eax7_ebx_mask) + while bitnum > 0: + bitnum -= 1 + bitval = eax7_ebx_mask[len(eax7_ebx_mask) - 1 - bitnum] + if bitval == "0" and libxl_names_ebx7[bitnum]: + libxl.append(libxl_names_ebx7[bitnum] + "=0") + libvirt.append(libvirt_names_ebx7[bitnum]) + + bitnum = len(eax7_ecx_mask) + while bitnum > 0: + bitnum -= 1 + bitval = eax7_ecx_mask[len(eax7_ecx_mask) - 1 - bitnum] + if bitval == "0" and libxl_names_ecx7[bitnum]: + libxl.append(libxl_names_ecx7[bitnum] + "=0") + libvirt.append(libvirt_names_ecx7[bitnum]) + + if len(libxl) > 0: + output = "cpuid = [ host" + for i in libxl: + output += "," + i + output += " ]" + print(output) + + print("") + print(" ") + for i in libvirt: + print(" " % i) + print(" ") + print("") + + +def print_verbose_masking_info(nodes): + """ Take a dictionary of nodes containing their registers and print out verbose mask derivation information """ + eax1_ecx_regs = [] + eax1_edx_regs = [] + eax7_ebx_regs = [] + eax7_ecx_regs = [] + for node in nodes: + eax1_ecx_regs.append(nodes[node]['eax1_ecx']) + eax1_edx_regs.append(nodes[node]['eax1_edx']) + eax7_ebx_regs.append(nodes[node]['eax7_ebx']) + eax7_ecx_regs.append(nodes[node]['eax7_ecx']) + + print("") + print('== Detailed mask derivation info ==') + print("") + + print('EAX1 ECX registers:') + for reg in eax1_ecx_regs: + print('{0:032b}'.format(reg)) + print('================================') + print(get_register_mask(eax1_ecx_regs)) + + print("") + print('EAX1 EDX registers:') + for reg in eax1_edx_regs: + print('{0:032b}'.format(reg)) + print('================================') + print(get_register_mask(eax1_edx_regs)) + + print("") + print('EAX7,0 EBX registers:') + for reg in eax7_ebx_regs: + print('{0:032b}'.format(reg)) + print('================================') + print(get_register_mask(eax7_ebx_regs)) + + print("") + print('EAX7,0 ECX registers:') + for reg in eax7_ecx_regs: + print('{0:032b}'.format(reg)) + print('================================') + print(get_register_mask(eax7_ecx_regs)) + + +if __name__ == '__main__': + epilog = """The individual 'node_files' are generated with 'cpuid -1r': + server1~$ cpuid -1r > node1 + server2~$ cpuid -1r > node2 + server3~$ cpuid -1r > node3 + + ~$ {0} node1 node2 node3 + + Use 'zypper install cpuid' to install the cpuid.rpm. + +Note: Run 'cpuid' with NATIVE boot instead of dom0 to get the complete cpid value. +Xen hides some bits from dom0! + """.format(sys.argv[0]) + parser = argparse.ArgumentParser( + formatter_class=argparse.RawDescriptionHelpFormatter, + description='A utility that calculates a XEN CPUID difference mask', + epilog=epilog + ) + parser.add_argument('node_files', nargs='*', help='Filenames of XEN node CPUID outputs') + parser.add_argument('-v', '--verbose', action='store_true', help='Get detailed mask derivation information') + args = parser.parse_args() + if len(args.node_files) < 2: + print('Need at least 2 files to do the comparison!') + parser.print_help() + sys.exit(1) + + fill_bit_names() + nodes = dict() + for node in args.node_files: + if os.path.isfile(node): + try: + f = open(node) + except IOError as e: + print("I/O error({0}): {1}".format(e.errno, e.strerror)) + sys.exit(1) + else: + lines = [line.strip() for line in f] + eax1 = '' + eax7 = '' + # try to match the lines containing interesting registers + # EAX1 - Processor Info and Feature Bits + # EAX7 - Extended features + for line in lines: + if line.startswith(EAX1_MATCH): + eax1 = line + elif line.startswith(EAX7_MATCH): + eax7 = line + # if we get garbled data we should probably just give up + if len(eax1) < EXP_LINELN or len(eax7) < EXP_LINELN: + print('ERROR: invalid data format in file : ' + node) + sys.exit(1) + + # check if we can actually parse the strings into integers + try: + eax1_ecx = int(eax1.split()[4].split('=')[1], 0) + eax1_edx = int(eax1.split()[5].split('=')[1], 0) + eax7_ebx = int(eax7.split()[3].split('=')[1], 0) + eax7_ecx = int(eax7.split()[4].split('=')[1], 0) + except ValueError: + print('ERROR: invalid data format in file: ' + node) + sys.exit(1) + + nodes[node] = dict() + nodes[node]['eax1_ecx'] = eax1_ecx + nodes[node]['eax1_edx'] = eax1_edx + nodes[node]['eax7_ebx'] = eax7_ebx + nodes[node]['eax7_ecx'] = eax7_ecx + f.close() + else: + print('File not found: ' + node) + sys.exit(1) + + print_xl_masking_config(nodes) + if args.verbose: + print_verbose_masking_info(nodes) diff --git a/xen_pvonhvm.xen_emul_unplug.patch b/xen_pvonhvm.xen_emul_unplug.patch deleted file mode 100644 index 30ec7bb..0000000 --- a/xen_pvonhvm.xen_emul_unplug.patch +++ /dev/null @@ -1,44 +0,0 @@ -fate#311487 - -Handle xen_emul_unplug from xenlinux based core kernel. - -If the kernel was booted with xen_emul_unplug=(never|ide-disks|nics) unplug only -what was requested. Kernel cmdline option is prefered over module option. - ---- - unmodified_drivers/linux-2.6/platform-pci/platform-pci.c | 15 +++++++++++++++ - 1 file changed, 15 insertions(+) - -Index: xen-4.7.0-testing/unmodified_drivers/linux-2.6/platform-pci/platform-pci.c -=================================================================== ---- xen-4.7.0-testing.orig/unmodified_drivers/linux-2.6/platform-pci/platform-pci.c -+++ xen-4.7.0-testing/unmodified_drivers/linux-2.6/platform-pci/platform-pci.c -@@ -39,6 +39,9 @@ - #include - #include - #include -+#ifdef HAVE_XEN_PVONHVM_UNPLUG -+#include -+#endif - #ifdef __ia64__ - #include - #endif -@@ -290,6 +293,18 @@ static int check_platform_magic(struct d - short magic, unplug = 0; - char protocol, *p, *q, *err; - -+#ifdef HAVE_XEN_PVONHVM_UNPLUG -+ if (xen_pvonhvm_unplug) { -+ /* Use kernel cmdline setting */ -+ if (dev_unplug) -+ printk(KERN_INFO DRV_NAME ": ignoring option dev_unplug=%s \n", dev_unplug); -+ dev_unplug = NULL; -+ if (xen_pvonhvm_unplugged_disks) -+ unplug |= UNPLUG_ALL_IDE_DISKS | UNPLUG_AUX_IDE_DISKS; -+ if (xen_pvonhvm_unplugged_nics) -+ unplug |= UNPLUG_ALL_NICS; -+ } else -+#endif - /* Unconditionally unplug everything */ - if (!dev_unplug) - unplug = UNPLUG_ALL; diff --git a/xencommons.service b/xencommons.service index 8ab2de1..f3ad5ef 100644 --- a/xencommons.service +++ b/xencommons.service @@ -30,6 +30,7 @@ Type=oneshot RemainAfterExit=true ExecStartPre=/bin/grep -q control_d /proc/xen/capabilities ExecStart=/usr/bin/xenstore-ls -f +ExecStartPost=/bin/sh -c 'mv -vf /var/log/xen/xen-boot.log /var/log/xen/xen-boot.prev.log ; /usr/sbin/xl dmesg > /var/log/xen/xen-boot.log' [Install] WantedBy=multi-user.target diff --git a/xenconsole-no-multiple-connections.patch b/xenconsole-no-multiple-connections.patch index 504a7e2..dbdeb7d 100644 --- a/xenconsole-no-multiple-connections.patch +++ b/xenconsole-no-multiple-connections.patch @@ -1,16 +1,16 @@ -Index: xen-4.7.0-testing/tools/console/client/main.c +Index: xen-4.18.0-testing/tools/console/client/main.c =================================================================== ---- xen-4.7.0-testing.orig/tools/console/client/main.c -+++ xen-4.7.0-testing/tools/console/client/main.c -@@ -100,6 +100,7 @@ static int get_pty_fd(struct xs_handle * +--- xen-4.18.0-testing.orig/tools/console/client/main.c ++++ xen-4.18.0-testing/tools/console/client/main.c +@@ -101,6 +101,7 @@ static int get_pty_fd(struct xs_handle * * Assumes there is already a watch set in the store for this path. */ { struct timeval tv; + struct flock lock; fd_set watch_fdset; int xs_fd = xs_fileno(xs), pty_fd = -1; - int start, now; -@@ -123,6 +124,14 @@ static int get_pty_fd(struct xs_handle * + time_t start, now; +@@ -124,6 +125,14 @@ static int get_pty_fd(struct xs_handle * pty_fd = open(pty_path, O_RDWR | O_NOCTTY); if (pty_fd == -1) warn("Could not open tty `%s'", pty_path); diff --git a/xendomains-wait-disks.LICENSE b/xendomains-wait-disks.LICENSE new file mode 100644 index 0000000..48fa45a --- /dev/null +++ b/xendomains-wait-disks.LICENSE @@ -0,0 +1,674 @@ + GNU GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The GNU General Public License is a free, copyleft license for +software and other kinds of works. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +the GNU General Public License is intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. We, the Free Software Foundation, use the +GNU General Public License for most of our software; it applies also to +any other work released this way by its authors. You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + + To protect your rights, we need to prevent others from denying you +these rights or asking you to surrender the rights. Therefore, you have +certain responsibilities if you distribute copies of the software, or if +you modify it: responsibilities to respect the freedom of others. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must pass on to the recipients the same +freedoms that you received. You must make sure that they, too, receive +or can get the source code. And you must show them these terms so they +know their rights. + + Developers that use the GNU GPL protect your rights with two steps: +(1) assert copyright on the software, and (2) offer you this License +giving you legal permission to copy, distribute and/or modify it. + + For the developers' and authors' protection, the GPL clearly explains +that there is no warranty for this free software. For both users' and +authors' sake, the GPL requires that modified versions be marked as +changed, so that their problems will not be attributed erroneously to +authors of previous versions. + + Some devices are designed to deny users access to install or run +modified versions of the software inside them, although the manufacturer +can do so. This is fundamentally incompatible with the aim of +protecting users' freedom to change the software. The systematic +pattern of such abuse occurs in the area of products for individuals to +use, which is precisely where it is most unacceptable. Therefore, we +have designed this version of the GPL to prohibit the practice for those +products. If such problems arise substantially in other domains, we +stand ready to extend this provision to those domains in future versions +of the GPL, as needed to protect the freedom of users. + + Finally, every program is threatened constantly by software patents. +States should not allow patents to restrict development and use of +software on general-purpose computers, but in those that do, we wish to +avoid the special danger that patents applied to a free program could +make it effectively proprietary. To prevent this, the GPL assures that +patents cannot be used to render the program non-free. + + The precise terms and conditions for copying, distribution and +modification follow. + + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Use with the GNU Affero General Public License. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU Affero General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the special requirements of the GNU Affero General Public License, +section 13, concerning interaction through a network will apply to the +combination as such. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +state the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + {one line to give the program's name and a brief idea of what it does.} + Copyright (C) {year} {name of author} + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . + +Also add information on how to contact you by electronic and paper mail. + + If the program does terminal interaction, make it output a short +notice like this when it starts in an interactive mode: + + {project} Copyright (C) {year} {fullname} + This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, your program's commands +might be different; for a GUI interface, you would use an "about box". + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU GPL, see +. + + The GNU General Public License does not permit incorporating your program +into proprietary programs. If your program is a subroutine library, you +may consider it more useful to permit linking proprietary applications with +the library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. But first, please read +. diff --git a/xendomains-wait-disks.README.md b/xendomains-wait-disks.README.md new file mode 100644 index 0000000..ed87ba1 --- /dev/null +++ b/xendomains-wait-disks.README.md @@ -0,0 +1,28 @@ +# xen-tools-xendomains-wait-disk + +[xendomains.service](https://github.com/xen-project/xen/blob/RELEASE-4.13.0/tools/hotplug/Linux/systemd/xendomains.service.in) has problems +with disks that appear only later in boot process (or even after booting is complete). This project creates a service that +loops over all disks that domU will use and wait for them to appear. + +xendomains-wait-disk.service launches a script that reads both /etc/xen/auto/ configurations and /var/lib/xen/save/ dumps. +From those files, it extracts which disks are needed for all domU that will be started (respecting /etc/sysconfig/xendomains +settings). After that, it simply loops waiting for those disks to appear. There is a timeout (5 min) configured in +xendomains-wait-disk.service that prevents it to block booting process forever. + +There are two known cases where this project is useful: + +## degraded mdadm RAID + +mdadm RAID are assembled by [udev rules](https://github.com/neilbrown/mdadm/blob/master/udev-md-raid-assembly.rules). +However, it is only assembled when it is healthy. When a member is still missing, it starts a [timer](https://github.com/neilbrown/mdadm/blob/master/systemd/mdadm-last-resort%40.timer) that will try to assemble the RAID anyway after 30s, even if degraded. This timer does not block xendomains to be started. So, if a domU is depending on a MD RAID that is degraded (i.e. RAID 1 missing one disk), xendomains.service will be started before those 30s passed and that domU will fail. + +An alternative solution would be to add extra hard dependencies to xendomains.service for each required disk (Require=xxx.device). However, this solution introduces another bigger problem. Before, if a single RAID is degraded, only the domU that depends on it will fail. With Require=xxx.device, xendomains will never start if +a RAID could not be assembled even after 30s (i.e. RAID5 with two missing disks). + +With xendomains-wait-disk.service, xendomains.service will be blocked up to 5 min waiting for those MD RAID used by domUs. If it fails, xendomains.service +continues anyway. + +## iSCSI disks + +domU that uses iSCSI disk (mapped by host OS) also fails to start during boot. open-iscsi.service returns before it connect to the remote target and rescan +iscsi disks. As in mdadm RAID case, xendomains.service is started and domU that depends on iSCSI disks will fail. diff --git a/xendomains-wait-disks.sh b/xendomains-wait-disks.sh new file mode 100644 index 0000000..b6668e3 --- /dev/null +++ b/xendomains-wait-disks.sh @@ -0,0 +1,199 @@ +#!/bin/bash +# +# Generates xendomains unit +# + +read_conf_from_file() { + ${sbindir}/xl create --quiet --dryrun --defconfig "$1" +} + +big2littleendian_32bit(){ + echo ${1:6:2}${1:4:2}${1:2:2}${1:0:2} +} + +read_hex() { + local out_var=$1; shift + local input=$1; shift + local pos_var=$1; shift + local length=$1; shift + local hex=$(dd bs=1 skip=${!pos_var} count=$length status=none <$input | xxd -p -c$length -l$length) + read -r $pos_var <<<"$((${!pos_var} + $length))" + read -r $out_var <<<"$hex" +} + +hex2dec() { + local hex=$1; shift + local little_endian=$1; shift + if $little_endian; then + hex=$(big2littleendian_32bit $hex) + fi + echo $((0x$hex)) +} + +read_conf_from_image(){ + local pos=0 length=0 + + local magic_header byte_order mandatory_flags optional_flags optional_data_len config_len config_json + + read_hex magic_header $1 pos 32 + # "Xen saved domain, xl format\n \0 \r" + if [ "$magic_header" != "58656e20736176656420646f6d61696e2c20786c20666f726d61740a2000200d" ]; then + log $err "Unknown file format in $1. Wrong magic header: '0x$magic_header'" + return 1 + fi + + read_hex byte_order $1 pos 4 + case "$byte_order" in + 04030201) little_endian=true;; + 01020304) little_endian=false;; + *) log $err "Unknown byte order 0x$byte_order in $1"; return 1;; + esac + + #define XL_MANDATORY_FLAG_JSON (1U << 0) /* config data is in JSON format */ + #define XL_MANDATORY_FLAG_STREAMv2 (1U << 1) /* stream is v2 */ + read_hex mandatory_flags $1 pos 4 + if [ "$(($(hex2dec $mandatory_flags $little_endian) & 0x3))" -ne 3 ]; then + log $err "Unknown config format or stream version. Mandatory flags are 0x$mandatory_flag" + return 1 + fi + + read_hex optional_flags $1 pos 4 + read_hex optional_data_len $1 pos 4 + optional_data_len=$(hex2dec $optional_data_len $little_endian) + + # I'll not use but saved memory dump will begin at $((pos+optional_data_len)) + read_hex config_len $1 pos 4 + config_len=$(hex2dec $config_len $little_endian) + + # null terminated string + read_hex config_json $1 pos $config_len + xxd -p -r <<<"$config_json" +} + +log() { + local msg_loglevel=$1; shift + if [ "$msg_loglevel" -gt "$LOGLEVEL" ]; then + return 0 + fi + echo "$@" >&2 +} + + +emerg=0; alert=1; crit=2; err=3 +warning=4; notice=5; info=6; debug=7 +LOGLEVEL=${LOGLEVEL:-4} +if [ "$SYSTEMD_LOG_LEVEL" ]; then + LOGLEVEL=${!SYSTEMD_LOG_LEVEL} +fi +log $debug "Using loglevel $LOGLEVEL" +trap "log $err Error on \$LINENO: \$(caller)" ERR + +log $debug "loading /etc/xen/scripts/hotplugpath.sh..." +. /etc/xen/scripts/hotplugpath.sh + +#log $debug "testing for ${sbindir}/xl..." +#CMD=${sbindir}/xl +#if ! $CMD list &> /dev/null; then +# log $err "${sbindir}/xl list failed!" +# log $err "$($CMD list &>&1)" +# exit $? +#fi +#log $debug "${sbindir}/xl list OK!" + +log $debug "loading /etc/sysconfig/xendomains..." +XENDOM_CONFIG=/etc/sysconfig/xendomains +if ! test -r $XENDOM_CONFIG; then + echo "$XENDOM_CONFIG not existing" >&2; + exit 6 +fi + +. $XENDOM_CONFIG + +doms_conf=() +doms_restore=() +doms_source=() + +log $debug "Reading saved domains..." +if [ "$XENDOMAINS_RESTORE" = "true" ] && [ -d "$XENDOMAINS_SAVE" ]; then + for dom in $XENDOMAINS_SAVE/*; do + log $debug "Trying $dom..." + if ! [ -r $dom ] ; then + log $debug "Not readable $dom..." + continue + fi + + log $debug "Reading conf from $dom..." + if ! dom_conf=$(read_conf_from_image $dom); then + log $error "Cannot read conf from $dom" + continue + fi + + log $debug "Adding $dom to the list" + doms_conf+=("$dom_conf") + doms_restore+=(true) + doms_source+=("$dom") + done +fi + +log $debug "Reading auto domains..." +if [ -d "$XENDOMAINS_AUTO" ]; then + for dom in $XENDOMAINS_AUTO/*; do + log $debug "Trying $dom..." + if ! [ -r $dom ] ; then + log $debug "Not readable $dom..." + continue + fi + + log $debug "Reading conf from $dom..." + if ! dom_conf=$(read_conf_from_file $dom); then + echo 123 + log $error "Cannot read conf from $dom" + continue + fi + + log $debug "Adding $dom to the list" + doms_conf+=("$dom_conf") + doms_restore+=(false) + doms_source+=("$dom") + done +fi + +log $debug "We have ${#doms_conf[*]} to check" +for i in ${!doms_conf[*]}; do + log $debug "Doing dom $i..." + + dom_conf="${doms_conf[i]}" + dom_restore="${doms_restore[i]}" + dom_source="${doms_source[i]}" + + dom_name=$(sed -n 's/^.*(name \(.*\))$/\1/p;s/^.*"name": "\(.*\)",$/\1/p' <<<"$dom_conf") + readarray -t required_disks <<<"$(sed -n -e '/^ "disks": \[/,/ \],/{ /"pdev_path":/ { s/.*"pdev_path": "//;s/".*//p } }' <<<"$dom_conf")" + + log $debug "dom $i is named $dom_name..." + for disk in "${required_disks[@]}"; do + disk_control_var=control_$(tr -d -c '[a-zA-Z0-9_]' <<<"$disk") + if [ "${!disk_control_var:-0}" -eq 1 ]; then + log $debug "$disk for $dom_name is already being checked" + continue + fi + declare $disk_control_var=1 + log $debug "waiting for $disk for $dom_name" + ( + j=0 found_loglevel=$debug + while true; do + if [ -e "$disk" ]; then + log $found_loglevel "disk $disk found (after $j seconds)" + exit 0 + fi + if [ "$(( j++ % 5))" -eq 0 ]; then + log $warning "still waiting for $disk for $dom_name..." + found_loglevel=$warning + fi + sleep 1 + done + ) & + done +done + +wait +log $debug "Exiting normally" diff --git a/xenpaging.doc.patch b/xenpaging.doc.patch deleted file mode 100644 index c5b38dd..0000000 --- a/xenpaging.doc.patch +++ /dev/null @@ -1,65 +0,0 @@ ---- - docs/misc/xenpaging.txt | 49 +++++++++++++++++++++++++++++++++--------------- - 1 file changed, 34 insertions(+), 15 deletions(-) - -Index: xen-4.2.0-testing/docs/misc/xenpaging.txt -=================================================================== ---- xen-4.2.0-testing.orig/docs/misc/xenpaging.txt -+++ xen-4.2.0-testing/docs/misc/xenpaging.txt -@@ -22,22 +22,41 @@ functionality. - - Usage: - --Up to now xenpaging is not integrated into libxl/xend, so it has to be --started manually for each guest. -+Up to now xenpaging is only integrated into xm/xend. - --Once the guest is running, run xenpaging with the guest_id and the path --to the pagefile: -- -- /usr/lib/xen/bin/xenpaging -f /path/to/page_file -d dom_id & -- --Once xenpaging runs it needs a memory target, which is the memory --footprint of the guest. This value (in KiB) must be written manually to --xenstore. The following example sets the target to 512MB: -- -- xenstore-write /local/domain//memory/target-tot_pages $((1024*512)) -- --Now xenpaging tries to page-out as many pages to keep the overall memory --footprint of the guest at 512MB. -+To enable xenpaging for a guest add the option 'actmem=' to the guests -+config file and run 'xm new ' to make the changes -+active. actmem= takes the amount of memory in MB which a guest is -+allowed to use at a given time. Everything above this limit will be -+paged out. This paging is transparent to the guest. -+ -+Example: -+ memory=4096 -+ actmem=1024 -+In this example a guest gets the impression it has 4GB of memory and -+the guest OS has to configure itself for this amount of memory. But -+xenpaging will page-out 3072MB, leaving only 1024MB active at a time. -+ -+At runtime the configured value of actmem= can be changed with the "xm -+mem-swap-target" command. -+ xm mem-swap-target 512 -+ -+Additional cmdline options for the xenpaging binary can be specified -+with the xenpaging_extra= config file option: -+ -+ xenpaging_extra=[ '-f', '/dev/shm/pagefile-guest_name', '-v' ] -+ -+To get a list of available options, run /usr/lib/xen/bin/xenpaging -h: -+ -+ xenpaging [options] -f -d -+ -+options: -+ -d --domain= numerical domain_id of guest. This option is required. -+ -f --pagefile= pagefile to use. This option is required. -+ -m --max_memkb= maximum amount of memory to handle. -+ -r --mru_size= number of paged-in pages to keep in memory. -+ -v --verbose enable debug output. -+ -h --help this output. - - Todo: - - integrate xenpaging into libxl diff --git a/xenpaging.qemu.flush-cache.patch b/xenpaging.qemu.flush-cache.patch deleted file mode 100644 index 3d2820d..0000000 --- a/xenpaging.qemu.flush-cache.patch +++ /dev/null @@ -1,31 +0,0 @@ -Subject: xenpaging/qemu-dm: add command to flush buffer cache. - -Add support for a xenstore dm command to flush qemu's buffer cache. - -qemu will just keep mapping pages and not release them, which causes problems -for the memory pager (since the page is mapped, it won't get paged out). When -the pager has trouble finding a page to page out, it asks qemu to flush its -buffer, which releases all the page mappings. This makes it possible to find -pages to swap out agian. - -Already-Signed-off-by: Patrick Colp -Signed-off-by: Olaf Hering - ---- - tools/qemu-xen-traditional-dir-remote/xenstore.c | 3 +++ - 1 file changed, 3 insertions(+) - -Index: xen-4.6.0-testing/tools/qemu-xen-traditional-dir-remote/xenstore.c -=================================================================== ---- xen-4.6.0-testing.orig/tools/qemu-xen-traditional-dir-remote/xenstore.c -+++ xen-4.6.0-testing/tools/qemu-xen-traditional-dir-remote/xenstore.c -@@ -995,6 +995,9 @@ static void xenstore_process_dm_command_ - do_pci_add(par); - free(par); - #endif -+ } else if (!strncmp(command, "flush-cache", len)) { -+ fprintf(logfile, "dm-command: flush caches\n"); -+ qemu_invalidate_map_cache(); - } else { - fprintf(logfile, "dm-command: unknown command\"%*s\"\n", len, command); - } diff --git a/xenstore-run-in-studomain.patch b/xenstore-run-in-studomain.patch new file mode 100644 index 0000000..44f1865 --- /dev/null +++ b/xenstore-run-in-studomain.patch @@ -0,0 +1,54 @@ +References: fate#323663 - Run Xenstore in stubdomain + +--- a/tools/hotplug/Linux/init.d/sysconfig.xencommons.in ++++ b/tools/hotplug/Linux/init.d/sysconfig.xencommons.in +@@ -8,7 +8,7 @@ + XENCONSOLED_TRACE= + + ## Type: string +-## Default: daemon ++## Default: domain + # + # Select type of xentore service. + # +@@ -80,14 +80,14 @@ XENSTORED_TRACE= + XENSTORE_DOMAIN_KERNEL= + + ## Type: integer +-## Default: 8 ++## Default: 32 + # + # xenstore domain memory size in MiB. + # Only evaluated if XENSTORETYPE is "domain". + XENSTORE_DOMAIN_SIZE= + + ## Type: string +-## Default: not set, no autoballooning of xenstore domain ++## Default: 1/100 + # + # Maximum xenstore domain memory size. Can be specified as: + # - plain integer value for max size in MiB +--- a/tools/hotplug/Linux/launch-xenstore.in ++++ b/tools/hotplug/Linux/launch-xenstore.in +@@ -48,7 +48,7 @@ test_xenstore && exit 0 + + test -f @CONFIG_DIR@/@CONFIG_LEAF_DIR@/xencommons && . @CONFIG_DIR@/@CONFIG_LEAF_DIR@/xencommons + +-[ "$XENSTORETYPE" = "" ] && XENSTORETYPE=daemon ++[ "$XENSTORETYPE" = "" ] && XENSTORETYPE=domain + + /bin/mkdir -p @XEN_RUN_DIR@ + +@@ -95,9 +95,10 @@ test -f @CONFIG_DIR@/@CONFIG_LEAF_DIR@/x + [ "$XENSTORETYPE" = "domain" ] && { + [ -z "$XENSTORE_DOMAIN_KERNEL" ] && XENSTORE_DOMAIN_KERNEL=@LIBEXEC@/boot/xenstore-stubdom.gz + XENSTORE_DOMAIN_ARGS="$XENSTORE_DOMAIN_ARGS --kernel $XENSTORE_DOMAIN_KERNEL" +- [ -z "$XENSTORE_DOMAIN_SIZE" ] && XENSTORE_DOMAIN_SIZE=8 ++ [ -z "$XENSTORE_DOMAIN_SIZE" ] && XENSTORE_DOMAIN_SIZE=32 + XENSTORE_DOMAIN_ARGS="$XENSTORE_DOMAIN_ARGS --memory $XENSTORE_DOMAIN_SIZE" +- [ -z "$XENSTORE_MAX_DOMAIN_SIZE" ] || XENSTORE_DOMAIN_ARGS="$XENSTORE_DOMAIN_ARGS --maxmem $XENSTORE_MAX_DOMAIN_SIZE" ++ [ -z "$XENSTORE_MAX_DOMAIN_SIZE" ] && XENSTORE_MAX_DOMAIN_SIZE="1/100" ++ XENSTORE_DOMAIN_ARGS="$XENSTORE_DOMAIN_ARGS --maxmem $XENSTORE_MAX_DOMAIN_SIZE" + [ -z "$XENSTORED_TRACE" ] || XENSTORE_DOMAIN_ARGS="$XENSTORE_DOMAIN_ARGS -T xenstored-trace.log" + + echo -n Starting $XENSTORE_DOMAIN_KERNEL... diff --git a/xenwatchdogd-restart.patch b/xenwatchdogd-restart.patch new file mode 100644 index 0000000..2fb20dc --- /dev/null +++ b/xenwatchdogd-restart.patch @@ -0,0 +1,119 @@ +References: bsc#1178736 + +Allow restart of xenwatchdogd in case it terminated unexpectetly. +Index: xen-4.19.0-testing/tools/misc/xenwatchdogd.c +=================================================================== +--- xen-4.19.0-testing.orig/tools/misc/xenwatchdogd.c ++++ xen-4.19.0-testing/tools/misc/xenwatchdogd.c +@@ -21,6 +21,8 @@ + #include + #include + #include ++#include ++#include + + #define WDOG_MIN_TIMEOUT 2 + #define WDOG_MIN_SLEEP 1 +@@ -29,9 +31,11 @@ + static xc_interface *h; + static volatile bool safeexit = false; + static volatile bool done = false; ++static const char id_file[] = "/run/xenwatchdog_id.txt"; + +-static void daemonize(void) ++static void daemonize(const char *str) + { ++ const char *err_str = ""; + switch (fork()) { + case -1: + err(EXIT_FAILURE, "fork"); +@@ -40,7 +44,9 @@ static void daemonize(void) + default: + exit(EXIT_SUCCESS); + } +- umask(0); ++#define err(x,s) do { err_str = (s); goto out; } while (0) ++ openlog(str, LOG_CONS, LOG_DAEMON); ++ umask(~(S_IRUSR|S_IWUSR)); + if (setsid() < 0) + err(EXIT_FAILURE, "setsid"); + if (chdir("/") < 0) +@@ -51,6 +57,10 @@ static void daemonize(void) + err(EXIT_FAILURE, "reopen stdout"); + if(freopen("/dev/null", "w", stderr) == NULL) + err(EXIT_FAILURE, "reopen stderr"); ++ return; ++out: ++ syslog(LOG_ERR, "%s: %m", err_str); ++ exit(1); + } + + static void catch_exit(int sig) +@@ -62,6 +72,7 @@ static void catch_usr1(int sig) + { + safeexit = true; + done = true; ++ unlink(id_file); + } + + static void __attribute__((noreturn)) usage(int exit_code) +@@ -98,10 +109,12 @@ static int parse_secs(const char *arg, c + + int main(int argc, char **argv) + { ++ FILE *f; + int id; + int t, s; + int ret; + bool daemon = true; ++ const char *err_str = ""; + + for ( ;; ) + { +@@ -160,7 +173,7 @@ int main(int argc, char **argv) + s = t / 2; + + if (daemon) +- daemonize(); ++ daemonize(basename(argv[0])); + + h = xc_interface_open(NULL, NULL, 0); + if (h == NULL) +@@ -177,9 +190,25 @@ int main(int argc, char **argv) + if (signal(SIGUSR1, &catch_usr1) == SIG_ERR) + err(EXIT_FAILURE, "signal"); + +- id = xc_watchdog(h, 0, t); +- if (id <= 0) +- err(EXIT_FAILURE, "xc_watchdog setup"); ++ f = fopen(id_file, "r"); ++ if (f) { ++ if (fscanf(f, "%d", &id) != 1) ++ id = -1; ++ if (id <= 0) ++ err(EXIT_FAILURE, "xc_watchdog setup"); ++ syslog(LOG_INFO, "reusing id %d", id); ++ fclose(f); ++ } else { ++ id = xc_watchdog(h, 0, t); ++ syslog(LOG_INFO, "obtained id %d", id); ++ if (id <= 0) ++ err(EXIT_FAILURE, "xc_watchdog setup"); ++ f = fopen(id_file, "w"); ++ if (f) { ++ fprintf(f, "%d\n", id); ++ fclose(f); ++ } ++ } + + while (!done) { + sleep(s); +@@ -191,4 +220,8 @@ int main(int argc, char **argv) + // Zero seconds timeout will disarm the watchdog timer + xc_watchdog(h, id, safeexit ? 0 : WDOG_EXIT_TIMEOUT); + return 0; ++ ++out: ++ syslog(LOG_ERR, "%s: %m", err_str); ++ exit(EXIT_FAILURE); + } diff --git a/xl-conf-default-bridge.patch b/xl-conf-default-bridge.patch index e848852..381cbdb 100644 --- a/xl-conf-default-bridge.patch +++ b/xl-conf-default-bridge.patch @@ -1,8 +1,8 @@ -Index: xen-4.4.0-testing/tools/examples/xl.conf +Index: xen-4.14.0-testing/tools/examples/xl.conf =================================================================== ---- xen-4.4.0-testing.orig/tools/examples/xl.conf -+++ xen-4.4.0-testing/tools/examples/xl.conf -@@ -30,7 +30,7 @@ +--- xen-4.14.0-testing.orig/tools/examples/xl.conf ++++ xen-4.14.0-testing/tools/examples/xl.conf +@@ -34,7 +34,7 @@ #vif.default.script="vif-bridge" # default bridge device to use with vif-bridge hotplug scripts diff --git a/xl-conf-disable-autoballoon.patch b/xl-conf-disable-autoballoon.patch new file mode 100644 index 0000000..649417a --- /dev/null +++ b/xl-conf-disable-autoballoon.patch @@ -0,0 +1,13 @@ +Index: xen-4.14.0-testing/tools/examples/xl.conf +=================================================================== +--- xen-4.14.0-testing.orig/tools/examples/xl.conf ++++ xen-4.14.0-testing/tools/examples/xl.conf +@@ -7,7 +7,7 @@ + # Control whether dom0 is ballooned down when xen doesn't have enough + # free memory to create a domain. "auto" means only balloon if dom0 + # starts with all the host's memory. +-#autoballoon="auto" ++autoballoon="off" + + # full path of the lockfile used by xl during domain creation + #lockfile="/var/lock/xl" diff --git a/xl-save-pc.patch b/xl-save-pc.patch new file mode 100644 index 0000000..f606187 --- /dev/null +++ b/xl-save-pc.patch @@ -0,0 +1,175 @@ +References: bug#1176189 + +Usage of xl save -p|-c will suspend the domU. +As a result the monitoring xl process with get a LIBXL_EVENT_TYPE_DOMAIN_SHUTDOWN/LIBXL_SHUTDOWN_REASON_SUSPEND event. +This will cause it to exit because it does not know the -p/-c flags were used to keep the domU active. +As a result the final shutdown will not destroy the domU. + +Write a flag to xenstore to let the monitoring process know about the usage of -p/-c. +Remove the flag once the suspend is done. + +Recognize the flag in the monitoring process. +Keep going if the flag is seen. +Watch again for @releaseDomain events. +Keep going if the event type and shutdown reason remains the same. +--- + tools/xl/Makefile | 3 ++- + tools/xl/xl.h | 1 + + tools/xl/xl_saverestore.c | 15 ++++++++++++ + tools/xl/xl_vmcontrol.c | 48 +++++++++++++++++++++++++++++++++++++++ + 4 files changed, 66 insertions(+), 1 deletion(-) + +--- a/tools/xl/Makefile ++++ b/tools/xl/Makefile +@@ -25,6 +25,7 @@ XL_OBJS += xl_vmcontrol.o xl_saverestore + XL_OBJS += xl_vdispl.o xl_vsnd.o xl_vkb.o + + $(XL_OBJS): CFLAGS += $(CFLAGS_libxentoollog) ++$(XL_OBJS): CFLAGS += $(CFLAGS_libxenstore) + $(XL_OBJS): CFLAGS += $(CFLAGS_XL) + $(XL_OBJS): CFLAGS += -include $(XEN_ROOT)/tools/config.h # libxl_json.h needs it. + +@@ -32,7 +33,7 @@ $(XL_OBJS): CFLAGS += -include $(XEN_ROO + all: xl + + xl: $(XL_OBJS) +- $(CC) $(LDFLAGS) -o $@ $(XL_OBJS) $(LDLIBS_libxenutil) $(LDLIBS_libxenlight) $(LDLIBS_libxentoollog) -lyajl $(APPEND_LDFLAGS) ++ $(CC) $(LDFLAGS) -o $@ $(XL_OBJS) $(LDLIBS_libxenutil) $(LDLIBS_libxenlight) $(LDLIBS_libxentoollog) $(LDLIBS_libxenstore) -lyajl $(APPEND_LDFLAGS) + + .PHONY: install + install: all +--- a/tools/xl/xl.h ++++ b/tools/xl/xl.h +@@ -306,6 +306,7 @@ typedef enum { + DOMAIN_RESTART_SUSPENDED, /* Domain suspended - keep looping */ + } domain_restart_type; + ++#define XL_SAVE_PAUSE_CHECKPOINT "suse-xl-save-pc" + extern void printf_info_sexp(int domid, libxl_domain_config *d_config, FILE *fh); + extern void apply_global_affinity_masks(libxl_domain_type type, + libxl_bitmap *vcpu_affinity_array, +--- a/tools/xl/xl_saverestore.c ++++ b/tools/xl/xl_saverestore.c +@@ -21,6 +21,7 @@ + #include + #include + ++#include + #include + #include + #include +@@ -127,6 +128,8 @@ static int save_domain(uint32_t domid, i + const char *filename, int checkpoint, + int leavepaused, const char *override_config_file) + { ++ struct xs_handle *xsh = NULL; ++ char path[80]; + int fd; + uint8_t *config_data; + int config_len; +@@ -144,12 +147,24 @@ static int save_domain(uint32_t domid, i + fprintf(stderr, "Failed to open temp file %s for writing\n", filename); + exit(EXIT_FAILURE); + } ++ if (leavepaused || checkpoint) ++ { ++ snprintf(path, sizeof(path), "/libxl/%u/" XL_SAVE_PAUSE_CHECKPOINT, domid); ++ xsh = xs_open(0); ++ if (xsh) ++ xs_write(xsh, XBT_NULL, path, leavepaused ? "p" : "c", 1); ++ } + + save_domain_core_writeconfig(fd, filename, config_data, config_len); + + int rc = libxl_domain_suspend_suse(ctx, domid, fd, &props, NULL); + close(fd); + ++ if (xsh) { ++ xs_rm(xsh, XBT_NULL, path); ++ xs_close(xsh); ++ } ++ + if (rc < 0) { + fprintf(stderr, "Failed to save domain, resuming domain\n"); + libxl_domain_resume(ctx, domid, 1, 0); +--- a/tools/xl/xl_vmcontrol.c ++++ b/tools/xl/xl_vmcontrol.c +@@ -22,6 +22,7 @@ + #include + #include + ++#include + #include + #include + #include +@@ -706,6 +707,10 @@ int create_domain(struct domain_create * + int migrate_fd = dom_info->migrate_fd; + bool config_in_json; + ++ libxl_event_type type = 0; ++ uint8_t shutdown_reason = 0; ++ bool is_in_suspend = false; ++ + int i; + int need_daemon = daemonize; + int ret, rc; +@@ -1073,6 +1078,24 @@ start: + ret = domain_wait_event(domid, &event); + if (ret) goto out; + ++ if (is_in_suspend) { ++ if ( type == event->type && event->u.domain_shutdown.shutdown_reason == shutdown_reason) { ++ struct timespec req = { .tv_nsec = 123456789, }; ++ libxl_evdisable_domain_death(ctx, deathw); ++ deathw = NULL; ++ ret = libxl_evenable_domain_death(ctx, domid, 0, &deathw); ++ if (ret) goto out; ++ libxl_event_free(ctx, event); ++ LOG("Domain %u still suspended", domid); ++ nanosleep(&req, NULL); ++ continue; ++ } ++ is_in_suspend = false; ++ LOG("Domain %u left suspend state", domid); ++ } ++ type = event->type; ++ shutdown_reason = event->u.domain_shutdown.shutdown_reason; ++ + switch (event->type) { + + case LIBXL_EVENT_TYPE_DOMAIN_SHUTDOWN: +@@ -1134,10 +1157,34 @@ start: + goto start; + + case DOMAIN_RESTART_NONE: ++ { ++ struct xs_handle *xsh = xs_open(0); ++ ++ if (xsh) { ++ char path[80]; ++ unsigned int len = 0; ++ char *val; ++ ++ snprintf(path, sizeof(path), "/libxl/%u/" XL_SAVE_PAUSE_CHECKPOINT, domid); ++ val = xs_read(xsh, XBT_NULL, path, &len); ++ xs_close(xsh); ++ LOG("Got %p '%s' from %s, len %u", val, val ?:"", path, len); ++ free(val); ++ if (val) ++ { ++ is_in_suspend = true; ++ libxl_evdisable_domain_death(ctx, deathw); ++ deathw = NULL; ++ ret = libxl_evenable_domain_death(ctx, domid, 0, &deathw); ++ if (ret) goto out; ++ break; ++ } ++ } + LOG("Done. Exiting now"); + libxl_event_free(ctx, event); + ret = 0; + goto out; ++ } + + case DOMAIN_RESTART_SUSPENDED: + LOG("Continue waiting for domain %u", domid); diff --git a/xnloader.py b/xnloader.py deleted file mode 100644 index ba2e568..0000000 --- a/xnloader.py +++ /dev/null @@ -1,62 +0,0 @@ -# NetWare-specific operations -# -# Copyright (c) 2013 Suse Linux Products. -# Author: Charles Arnold -# -# This software may be freely redistributed under the terms of the GNU -# general public license. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - -# Binary patching of xnloader.sys -# For launching NetWare on Xen 4.2 and newer - -import os, sys, base64 - -CODE_OFFSET=0x49F5 -NUMBER_OF_CODE_BYTES=17 -ORIGINAL_CODE="BA00080000C786FC1F0000FFFFFFFF31C9" -PATCHED_CODE="BAF8070000834C961CFFB9080000009090" -XNLOADER_SYS_MD5SUM="eb76cce2a2d45928ea2bf26e01430af2" - -def patch_netware_loader(loader): - """Open the given xnloader.sys file and patch the relevant code hunk.""" - - # domUloader calls this with all kernels so perhaps this is not the NetWare loader - md5sum_cmd = 'md5sum ' + loader - p = os.popen(md5sum_cmd) - sum = p.read().split()[0] - p.close() - if sum != XNLOADER_SYS_MD5SUM: - return - - try: - fd = os.open(loader, os.O_RDWR) - except Exception, e: - print >>sys.stderr, e - raise - - # Validate minimum size for I/O - stat = os.fstat(fd) - if stat.st_size < CODE_OFFSET+NUMBER_OF_CODE_BYTES: - os.close(fd) - return - - # Seek to location of code hunk - os.lseek(fd, CODE_OFFSET, os.SEEK_SET) - - # Read code bytes at offset - buf = os.read(fd, NUMBER_OF_CODE_BYTES) - - code_as_hex = base64.b16encode(buf) - if code_as_hex == ORIGINAL_CODE: - # Seek back to start location of the code hunk - os.lseek(fd, CODE_OFFSET, os.SEEK_SET) - # Convert the PATCHED_CODE string to raw binary - code_as_bin = base64.b16decode(PATCHED_CODE) - # Write the patched code - os.write(fd, code_as_bin) - os.close(fd) -