pool/xen
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 251716 from Virtualization

Browse Source 
Bug fixes for os13.2

OBS-URL: https://build.opensuse.org/request/show/251716
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xen?expand=0&rev=195
This commit is contained in:
Stephan Kulow 2014-09-25 07:33:42 +00:00 committed by Git OBS Bridge
commit 296b5421e5
13 changed files with 744 additions and 348 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

335
53fcebab-xen-pass-kernel-initrd-to-qemu.patch Normal file
View File

@ -0,0 +1,335 @@
Subject: xen: pass kernel initrd to qemu
From: Chunyan Liu cyliu@suse.com Mon Jul 7 14:34:33 2014 +0800
Date: Tue Aug 26 21:18:51 2014 +0100:
Git: 11dffa2359e8a2629490c14c029c7c7c777b3e47
xen side patch to support xen HVM direct kernel boot:
support 'kernel', 'ramdisk', 'cmdline' (and 'root', 'extra' as well
which would be deprecated later) in HVM config file, parse config file,
pass -kernel, -initrd, -append parameters to qemu.
Signed-off-by: Chunyan Liu <cyliu@suse.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Index: xen-4.4.1-testing/docs/man/xl.cfg.pod.5
===================================================================
--- xen-4.4.1-testing.orig/docs/man/xl.cfg.pod.5
+++ xen-4.4.1-testing/docs/man/xl.cfg.pod.5
@@ -296,6 +296,37 @@ Action to take if the domain crashes. D
=back
+=head3 Direct Kernel Boot
+
+Direct kernel boot allows booting directly from a kernel and initrd
+stored in the host physical machine OS, allowing command line arguments
+to be passed directly. PV guest direct kernel boot is supported. HVM
+guest direct kernel boot is supported with limitation (it's supported
+when using qemu-xen and default BIOS 'seabios'; not supported in case of
+stubdom-dm and old rombios.)
+
+=over 4
+
+=item B<kernel="PATHNAME">
+
+Load the specified file as the kernel image.
+
+=item B<ramdisk="PATHNAME">
+
+Load the specified file as the ramdisk.
+
+=item B<root="STRING">
+
+Append B<root="STRING"> to the kernel command line (Note: it is guest
+specific what meaning this has).
+
+=item B<extra="STRING">
+
+Append B<STRING> to the kernel command line. (Note: it is guest
+specific what meaning this has).
+
+=back
+
=head3 Other Options
=over 4
@@ -625,20 +656,12 @@ The following options apply only to Para
=over 4
-=item B<kernel="PATHNAME">
-
-Load the specified file as the kernel image. Either B<kernel> or
-B<bootloader> must be specified for PV guests.
-
-=item B<ramdisk="PATHNAME">
-
-Load the specified file as the ramdisk.
-
=item B<bootloader="PROGRAM">
Run C<PROGRAM> to find the kernel image and ramdisk to use. Normally
C<PROGRAM> would be C<pygrub>, which is an emulation of
-grub/grub2/syslinux.
+grub/grub2/syslinux. Either B<kernel> or B<bootloader> must be specified
+for PV guests.
=item B<bootloader_args=[ "ARG", "ARG", ...]>
@@ -646,16 +669,6 @@ Append B<ARG>s to the arguments to the B
program. Alternatively if the argument is a simple string then it will
be split into words at whitespace (this second option is deprecated).
-=item B<root="STRING">
-
-Append B<root="STRING"> to the kernel command line (Note: it is guest
-specific what meaning this has).
-
-=item B<extra="STRING">
-
-Append B<STRING> to the kernel command line. Note: it is guest
-specific what meaning this has).
-
=item B<e820_host=BOOLEAN>
Selects whether to expose the host e820 (memory map) to the guest via
Index: xen-4.4.1-testing/tools/libxl/libxl.h
===================================================================
--- xen-4.4.1-testing.orig/tools/libxl/libxl.h
+++ xen-4.4.1-testing/tools/libxl/libxl.h
@@ -445,6 +445,21 @@
#define LIBXL_HAVE_NO_SUSPEND_RESUME 1
#endif
+/*
+ * LIBXL_HAVE_BUILDINFO_KERNEL
+ *
+ * If this is defined, then the libxl_domain_build_info structure will
+ * contain 'kernel', 'ramdisk', 'cmdline' fields. 'kernel' is a string
+ * to indicate kernel image location, 'ramdisk' is a string to indicate
+ * ramdisk location, 'cmdline' is a string to indicate the paramters which
+ * would be appended to kernel image.
+ *
+ * Both PV guest and HVM guest can use these fields for direct kernel boot.
+ * But for compatibility reason, u.pv.kernel, u.pv.ramdisk and u.pv.cmdline
+ * still exist.
+ */
+#define LIBXL_HAVE_BUILDINFO_KERNEL 1
+
/* Functions annotated with LIBXL_EXTERNAL_CALLERS_ONLY may not be
* called from within libxl itself. Callers outside libxl, who
* do not #include libxl_internal.h, are fine. */
Index: xen-4.4.1-testing/tools/libxl/libxl_bootloader.c
===================================================================
--- xen-4.4.1-testing.orig/tools/libxl/libxl_bootloader.c
+++ xen-4.4.1-testing/tools/libxl/libxl_bootloader.c
@@ -56,12 +56,12 @@ static void make_bootloader_args(libxl__
ARG(bootloader_path);
- if (info->u.pv.kernel)
- ARG(libxl__sprintf(gc, "--kernel=%s", info->u.pv.kernel));
- if (info->u.pv.ramdisk)
- ARG(libxl__sprintf(gc, "--ramdisk=%s", info->u.pv.ramdisk));
- if (info->u.pv.cmdline && *info->u.pv.cmdline != '\0')
- ARG(libxl__sprintf(gc, "--args=%s", info->u.pv.cmdline));
+ if (info->kernel)
+ ARG(libxl__sprintf(gc, "--kernel=%s", info->kernel));
+ if (info->ramdisk)
+ ARG(libxl__sprintf(gc, "--ramdisk=%s", info->ramdisk));
+ if (info->cmdline && *info->cmdline != '\0')
+ ARG(libxl__sprintf(gc, "--args=%s", info->cmdline));
ARG(libxl__sprintf(gc, "--output=%s", bl->outputpath));
ARG("--output-format=simple0");
@@ -325,9 +325,9 @@ void libxl__bootloader_run(libxl__egc *e
if (!info->u.pv.bootloader) {
LOG(DEBUG, "no bootloader configured, using user supplied kernel");
- bl->kernel->path = bl->info->u.pv.kernel;
- bl->ramdisk->path = bl->info->u.pv.ramdisk;
- bl->cmdline = bl->info->u.pv.cmdline;
+ bl->kernel->path = bl->info->kernel;
+ bl->ramdisk->path = bl->info->ramdisk;
+ bl->cmdline = bl->info->cmdline;
rc = 0;
goto out_ok;
}
Index: xen-4.4.1-testing/tools/libxl/libxl_create.c
===================================================================
--- xen-4.4.1-testing.orig/tools/libxl/libxl_create.c
+++ xen-4.4.1-testing/tools/libxl/libxl_create.c
@@ -337,6 +337,25 @@ int libxl__domain_build_info_setdefault(
b_info->shadow_memkb = 0;
if (b_info->u.pv.slack_memkb == LIBXL_MEMKB_DEFAULT)
b_info->u.pv.slack_memkb = 0;
+
+ /* For compatibility, fill in b_info->kernel|ramdisk|cmdline
+ * with the value in u.pv, later processing will use
+ * b_info->kernel|ramdisk|cmdline only.
+ * User with old APIs that passes u.pv.kernel|ramdisk|cmdline
+ * is not affected.
+ */
+ if (!b_info->kernel && b_info->u.pv.kernel) {
+ b_info->kernel = b_info->u.pv.kernel;
+ b_info->u.pv.kernel = NULL;
+ }
+ if (!b_info->ramdisk && b_info->u.pv.ramdisk) {
+ b_info->ramdisk = b_info->u.pv.ramdisk;
+ b_info->u.pv.ramdisk = NULL;
+ }
+ if (!b_info->cmdline && b_info->u.pv.cmdline) {
+ b_info->cmdline = b_info->u.pv.cmdline;
+ b_info->u.pv.cmdline = NULL;
+ }
break;
default:
LIBXL__LOG(CTX, LIBXL__LOG_ERROR,
Index: xen-4.4.1-testing/tools/libxl/libxl_dm.c
===================================================================
--- xen-4.4.1-testing.orig/tools/libxl/libxl_dm.c
+++ xen-4.4.1-testing/tools/libxl/libxl_dm.c
@@ -196,6 +196,12 @@ static char ** libxl__build_device_model
int nr_set_cpus = 0;
char *s;
+ if (b_info->kernel) {
+ LOG(ERROR, "HVM direct kernel boot is not supported by "
+ "qemu-xen-traditional");
+ return NULL;
+ }
+
if (b_info->u.hvm.serial) {
flexarray_vappend(dm_args, "-serial", b_info->u.hvm.serial, NULL);
}
@@ -481,6 +487,15 @@ static char ** libxl__build_device_model
if (b_info->type == LIBXL_DOMAIN_TYPE_HVM) {
int ioemu_nics = 0;
+ if (b_info->kernel)
+ flexarray_vappend(dm_args, "-kernel", b_info->kernel, NULL);
+
+ if (b_info->ramdisk)
+ flexarray_vappend(dm_args, "-initrd", b_info->ramdisk, NULL);
+
+ if (b_info->cmdline)
+ flexarray_vappend(dm_args, "-append", b_info->cmdline, NULL);
+
if (b_info->u.hvm.serial) {
flexarray_vappend(dm_args, "-serial", b_info->u.hvm.serial, NULL);
}
Index: xen-4.4.1-testing/tools/libxl/libxl_types.idl
===================================================================
--- xen-4.4.1-testing.orig/tools/libxl/libxl_types.idl
+++ xen-4.4.1-testing/tools/libxl/libxl_types.idl
@@ -333,6 +333,9 @@ libxl_domain_build_info = Struct("domain
("iomem", Array(libxl_iomem_range, "num_iomem")),
("claim_mode", libxl_defbool),
("event_channels", uint32),
+ ("kernel", string),
+ ("cmdline", string),
+ ("ramdisk", string),
("u", KeyedUnion(None, libxl_domain_type, "type",
[("hvm", Struct(None, [("firmware", string),
("bios", libxl_bios_type),
Index: xen-4.4.1-testing/tools/libxl/xl_cmdimpl.c
===================================================================
--- xen-4.4.1-testing.orig/tools/libxl/xl_cmdimpl.c
+++ xen-4.4.1-testing/tools/libxl/xl_cmdimpl.c
@@ -721,6 +721,29 @@ static void parse_top_level_vnc_options(
xlu_cfg_get_defbool(config, "vncunused", &vnc->findunused, 0);
}
+static char *parse_cmdline(XLU_Config *config)
+{
+ char *cmdline = NULL;
+ const char *root = NULL, *extra = "";
+
+ xlu_cfg_get_string (config, "root", &root, 0);
+ xlu_cfg_get_string (config, "extra", &extra, 0);
+
+ if (root) {
+ if (asprintf(&cmdline, "root=%s %s", root, extra) == -1)
+ cmdline = NULL;
+ } else {
+ cmdline = strdup(extra);
+ }
+
+ if ((root || extra) && !cmdline) {
+ fprintf(stderr, "Failed to allocate memory for cmdline\n");
+ exit(1);
+ }
+
+ return cmdline;
+}
+
static void parse_config_data(const char *config_source,
const char *config_data,
int config_len,
@@ -998,13 +1021,21 @@ static void parse_config_data(const char
if (!xlu_cfg_get_long(config, "max_event_channels", &l, 0))
b_info->event_channels = l;
+ xlu_cfg_replace_string (config, "kernel", &b_info->kernel, 0);
+ xlu_cfg_replace_string (config, "ramdisk", &b_info->ramdisk, 0);
+ b_info->cmdline = parse_cmdline(config);
+
xlu_cfg_get_defbool(config, "driver_domain", &c_info->driver_domain, 0);
switch(b_info->type) {
case LIBXL_DOMAIN_TYPE_HVM:
- if (!xlu_cfg_get_string (config, "kernel", &buf, 0))
- fprintf(stderr, "WARNING: ignoring \"kernel\" directive for HVM guest. "
- "Use \"firmware_override\" instead if you really want a non-default firmware\n");
+ if (!strcmp(libxl_basename(b_info->kernel), "hvmloader")) {
+ fprintf(stderr, "WARNING: you seem to be using \"kernel\" "
+ "directive to override HVM guest firmware. Ignore "
+ "that. Use \"firmware_override\" instead if you "
+ "really want a non-default firmware\n");
+ b_info->kernel = NULL;
+ }
xlu_cfg_replace_string (config, "firmware_override",
&b_info->u.hvm.firmware, 0);
@@ -1056,26 +1087,6 @@ static void parse_config_data(const char
break;
case LIBXL_DOMAIN_TYPE_PV:
{
- char *cmdline = NULL;
- const char *root = NULL, *extra = "";
-
- xlu_cfg_replace_string (config, "kernel", &b_info->u.pv.kernel, 0);
-
- xlu_cfg_get_string (config, "root", &root, 0);
- xlu_cfg_get_string (config, "extra", &extra, 0);
-
- if (root) {
- if (asprintf(&cmdline, "root=%s %s", root, extra) == -1)
- cmdline = NULL;
- } else {
- cmdline = strdup(extra);
- }
-
- if ((root || extra) && !cmdline) {
- fprintf(stderr, "Failed to allocate memory for cmdline\n");
- exit(1);
- }
-
xlu_cfg_replace_string (config, "bootloader", &b_info->u.pv.bootloader, 0);
switch (xlu_cfg_get_list_as_string_list(config, "bootloader_args",
&b_info->u.pv.bootloader_args, 1))
@@ -1098,13 +1109,11 @@ static void parse_config_data(const char
exit(-ERROR_FAIL);
}
- if (!b_info->u.pv.bootloader && !b_info->u.pv.kernel) {
+ if (!b_info->u.pv.bootloader && !b_info->kernel) {
fprintf(stderr, "Neither kernel nor bootloader specified\n");
exit(1);
}
- b_info->u.pv.cmdline = cmdline;
- xlu_cfg_replace_string (config, "ramdisk", &b_info->u.pv.ramdisk, 0);
break;
}
default:

63
README.SUSE
View File

@ -8,9 +8,8 @@ virtualization chapter in the SLES or SUSE Linux manual, or read up-to-date
virtualization information, at
https://www.suse.com/documentation/sles11/singlehtml/book_xen/book_xen.html
For more complete documentation on Xen itself, please install one of the
xen-doc-* packages and read the documentation installed into
/usr/share/doc/packages/xen/.
For more complete documentation on Xen itself, please install the xen-doc-html
package and read the documentation installed into /usr/share/doc/packages/xen/.
About
@ -18,7 +17,7 @@ About
Xen allows you to run multiple virtual machines on a single physical machine.
See the Xen homepage for more information:
http://www.cl.cam.ac.uk/research/srg/netos/xen/
http://www.xenproject.org/
If you want to use Xen, you need to install the Xen hypervisor and a number of
supporting packages. During the initial SUSE installation (or when installing
@ -129,7 +128,7 @@ For more information on how to add options to the hypervisor, see the sections
below called; "Dom0 Memory Ballooning" and "Troubleshooting".
For a more complete discussion of possible parameters, see the user
documentation in the xen-doc-* packages.
documentation in the xen-doc-html package.
Creating a VM with virt-install
@ -137,14 +136,14 @@ Creating a VM with virt-install
The virt-install program (part of the virt-install package, and accessible
through YaST's Control Center) is the recommended method to create VMs. This
program handles creating both the VM's libvirt XML definition and disk(s).
It can help install any operating system, not just SUSE. Virt-install has both
It can help install any operating system, not just SUSE. virt-install has both
a command line only mode and a graphical wizard mode that may be used to define
and start VM installations.
Virt-install may be launched from the virt-manager VM management tool. After
starting virt-manager either from the YaST Control Center or by starting
it from the command line. The installation icon from the main virt-manager
screen may be selected to begin the virt-install installation wizard.
virt-install may be launched from the virt-manager VM management tool. Start
virt-manager either from the YaST Control Center or from the command line.
The installation icon from the main virt-manager screen may be selected to
begin the virt-install installation wizard.
The use of virt-install or virt-manager requires the installation of the
libvirt packages and the libvirt daemon must be running on the host unless
@ -161,9 +160,10 @@ NFS or other networked or cluster filesystems.
When defining the virtual network adapter(s), we recommend using a static MAC
for the VM rather than allowing Xen to randomly select one each time the VM
boots. (See "Network Troubleshooting" below.) XenSource has been allocated a
range of MAC addresses with the OUI of 00-16-3E. By using MACs from this
range you can be sure they will not conflict with any physical adapters.
boots. (See "Network Troubleshooting" below.) The Xen Project has been
allocated a range of MAC addresses with the OUI of 00-16-3E. By using MACs
from this range you can be sure they will not conflict with any physical
adapters.
When the VM shuts down (because the installation -- or at least the first
stage of it -- is done), the wizard finalizes the VM's configuration and
@ -177,7 +177,7 @@ supports it.
Creating a VM with vm-install
-----------------------------
The vm-install program is also provided to create VMs. Like virt-install,
this optional program handles creating both the VM's Libvirt XML definition
this optional program handles creating both the VM's libvirt XML definition
and disk(s). It also creates a legacy configuration file for use with 'xl'.
It can help install any operating system, not just SUSE.
@ -210,16 +210,17 @@ recommended way), you will need to create a disk (or reuse an existing one)
and a configuration file.
If you are using a disk or disk image that is already installed with an
operating system, you'll probably need to replace its kernel with a
Xen-enabled kernel.
operating system and you want the VM to run in paravirtual mode, you'll
probably need to replace its kernel with a Xen-enabled kernel.
The kernel and ramdisk used to bootstrap the VM must match any kernel modules
that might be present in the VM's disk. It is possible to manually copy the
kernel and ramdisk from the VM's disk (for example, after updating the kernel
within that VM) to the VM server's filesystem. However, an easier (and less
error-prone) method is to use something called the "pygrub". Before a new
VM is started, this loader automatically copies the kernel and ramdisk into
the VM server's filesystem, so that it can be used to bootstrap the new VM.
error-prone) method is to use /usr/lib/grub2/x86_64-xen/grub.xen as the VM
kernel. When the new VM is started, it runs grub.xen to read the grub
configuration from the VM disk, selecting the configured kernel and ramdisk
so that it can be used to bootstrap the new VM.
Next, make a copy of one of the /etc/xen/examples/* files, and modify it to
suit your needs. You'll need to change (at very least) the "name" and "disk"
@ -243,9 +244,8 @@ Now to start the VM:
virsh start my-vm
or start it from virt-manager's graphical menu.
Have a look at running sessions with "virsh list". Note the ID of the newly
created VM. Attach to the VM's text console with "virsh console <ID>"
(replacing ID with the VM's ID). Attaching to multiple VM consoles is most
Have a look at running VMs with "virsh list". Attach to the VM's text console
with "virsh console <vm-name>". Attaching to multiple VM consoles is most
conveniently done with the terminal multiplexer "screen".
Have a look at the other virsh commands by typing "virsh help". Note that most
@ -478,7 +478,7 @@ before you can begin using libvirt on VMs that were previously managed by
xm/xend, you must run a conversion tool called /usr/sbin/xen2libvirt for all
VMs.
For example, to convert all managed xend domains:
For example, to convert all domains previously managed by xend:
xen2libvirt -r /var/lib/xend/domains/
Now typing 'virsh list --all' will show your previously xend managed domains
@ -623,33 +623,20 @@ Xen hypervisor will write any error messages to the log file (viewable with
the "xl dmesg" command).
If problems persist, check if a newer version is available. Well-tested
versions will be shipped with SUSE and via YaST Online Update. More frequent
(but less supported) updates are available on Novell's Forge site:
http://forge.novell.com/modules/xfmod/project/?xenpreview
versions will be shipped with SUSE and via YaST Online Update.
Resources
---------
https://www.suse.com/documentation/sles11/singlehtml/book_xen/book_xen.html
http://doc.opensuse.org/products/draft/SLES/SLES-xen_sd_draft/cha.xen.basics.html
http://www.novell.com/documentation/vmserver/.
Disclaimer
----------
Xen performed amazingly well in our tests and proved very stable. Still, you
should be careful when using it, just like you'd be careful if you boot an
experimental kernel. Expect that it may not boot and be prepared to have a
fall-back solution for that scenario. Be prepared that it may not support all
of your hardware. And for the worst of all cases, have your most valuable
data backed up. (This is always a good idea, of course.)
Feedback
--------
In case you have remarks about, problems with, ideas for, or praise for Xen,
please report it back to the xen-devel list:
xen-devel@lists.xensource.com
xen-devel@lists.xen.org
If you find issues with the packaging or setup done by SUSE, please report
it through bugzilla:
https://bugzilla.novell.com

30
libxl.honor-more-top-level-vfb-options.patch
View File

@ -16,11 +16,11 @@ Cc: Ian Jackson <ian.jackson@eu.citrix.com>
tools/libxl/xl_cmdimpl.c | 17 ++++++++++++++---
2 files changed, 16 insertions(+), 5 deletions(-)
diff --git a/docs/man/xl.cfg.pod.5 b/docs/man/xl.cfg.pod.5
index e15a49f..49a9250 100644
--- a/docs/man/xl.cfg.pod.5
+++ b/docs/man/xl.cfg.pod.5
@@ -389,8 +389,8 @@ This options does not control the emulated graphics card presented to
Index: xen-4.4.1-testing/docs/man/xl.cfg.pod.5
===================================================================
--- xen-4.4.1-testing.orig/docs/man/xl.cfg.pod.5
+++ xen-4.4.1-testing/docs/man/xl.cfg.pod.5
@@ -420,8 +420,8 @@ This options does not control the emulat
an HVM guest. See L<Emulated VGA Graphics Device> below for how to
configure the emulated device. If L<Emulated VGA Graphics Device> options
are used in a PV guest configuration, xl will pick up B<vnc>, B<vnclisten>,
@ -31,11 +31,11 @@ index e15a49f..49a9250 100644
Each B<VFB_SPEC_STRING> is a comma-separated list of C<KEY=VALUE>
settings, from the following list:
diff --git a/tools/libxl/xl_cmdimpl.c b/tools/libxl/xl_cmdimpl.c
index 4fc46eb..28212e2 100644
--- a/tools/libxl/xl_cmdimpl.c
+++ b/tools/libxl/xl_cmdimpl.c
@@ -721,6 +721,15 @@ static void parse_top_level_vnc_options(XLU_Config *config,
Index: xen-4.4.1-testing/tools/libxl/xl_cmdimpl.c
===================================================================
--- xen-4.4.1-testing.orig/tools/libxl/xl_cmdimpl.c
+++ xen-4.4.1-testing/tools/libxl/xl_cmdimpl.c
@@ -721,6 +721,15 @@ static void parse_top_level_vnc_options(
xlu_cfg_get_defbool(config, "vncunused", &vnc->findunused, 0);
}
@ -48,10 +48,10 @@ index 4fc46eb..28212e2 100644
+ xlu_cfg_replace_string (config, "xauthority", &sdl->xauthority, 0);
+}
+
static void parse_config_data(const char *config_source,
const char *config_data,
int config_len,
@@ -1657,9 +1666,13 @@ skip_vfb:
static char *parse_cmdline(XLU_Config *config)
{
char *cmdline = NULL;
@@ -1666,9 +1675,13 @@ skip_vfb:
libxl_device_vkb_init);
parse_top_level_vnc_options(config, &vfb->vnc);
@ -66,7 +66,7 @@ index 4fc46eb..28212e2 100644
if (c_info->type == LIBXL_DOMAIN_TYPE_HVM) {
if (!xlu_cfg_get_string (config, "vga", &buf, 0)) {
@@ -1676,8 +1689,6 @@ skip_vfb:
@@ -1685,8 +1698,6 @@ skip_vfb:
LIBXL_VGA_INTERFACE_TYPE_CIRRUS;
xlu_cfg_replace_string (config, "keymap", &b_info->u.hvm.keymap, 0);

20
libxl.pvscsi.patch
View File

@ -35,7 +35,7 @@ Index: xen-4.4.1-testing/docs/man/xl.cfg.pod.5
===================================================================
--- xen-4.4.1-testing.orig/docs/man/xl.cfg.pod.5
+++ xen-4.4.1-testing/docs/man/xl.cfg.pod.5
@@ -380,6 +380,36 @@ value is optional if this is a guest dom
@@ -411,6 +411,36 @@ value is optional if this is a guest dom
=back
@ -444,7 +444,7 @@ Index: xen-4.4.1-testing/tools/libxl/libxl.h
===================================================================
--- xen-4.4.1-testing.orig/tools/libxl/libxl.h
+++ xen-4.4.1-testing/tools/libxl/libxl.h
@@ -951,6 +951,26 @@ libxl_device_vtpm *libxl_device_vtpm_lis
@@ -966,6 +966,26 @@ libxl_device_vtpm *libxl_device_vtpm_lis
int libxl_device_vtpm_getinfo(libxl_ctx *ctx, uint32_t domid,
libxl_device_vtpm *vtpm, libxl_vtpminfo *vtpminfo);
@ -471,7 +471,7 @@ Index: xen-4.4.1-testing/tools/libxl/libxl.h
/* Keyboard */
int libxl_device_vkb_add(libxl_ctx *ctx, uint32_t domid, libxl_device_vkb *vkb,
const libxl_asyncop_how *ao_how)
@@ -1166,6 +1186,27 @@ int libxl_fd_set_nonblock(libxl_ctx *ctx
@@ -1181,6 +1201,27 @@ int libxl_fd_set_nonblock(libxl_ctx *ctx
#include <libxl_event.h>
@ -503,7 +503,7 @@ Index: xen-4.4.1-testing/tools/libxl/libxl_create.c
===================================================================
--- xen-4.4.1-testing.orig/tools/libxl/libxl_create.c
+++ xen-4.4.1-testing/tools/libxl/libxl_create.c
@@ -1029,6 +1029,7 @@ static void domcreate_rebuild_done(libxl
@@ -1048,6 +1048,7 @@ static void domcreate_rebuild_done(libxl
libxl__multidev_begin(ao, &dcs->multidev);
dcs->multidev.callback = domcreate_launch_dm;
libxl__add_disks(egc, ao, domid, d_config, &dcs->multidev);
@ -594,7 +594,7 @@ Index: xen-4.4.1-testing/tools/libxl/libxl_types.idl
===================================================================
--- xen-4.4.1-testing.orig/tools/libxl/libxl_types.idl
+++ xen-4.4.1-testing/tools/libxl/libxl_types.idl
@@ -453,6 +453,26 @@ libxl_device_vtpm = Struct("device_vtpm"
@@ -456,6 +456,26 @@ libxl_device_vtpm = Struct("device_vtpm"
("uuid", libxl_uuid),
])
@ -621,7 +621,7 @@ Index: xen-4.4.1-testing/tools/libxl/libxl_types.idl
libxl_domain_config = Struct("domain_config", [
("c_info", libxl_domain_create_info),
("b_info", libxl_domain_build_info),
@@ -463,6 +483,8 @@ libxl_domain_config = Struct("domain_con
@@ -466,6 +486,8 @@ libxl_domain_config = Struct("domain_con
("vfbs", Array(libxl_device_vfb, "num_vfbs")),
("vkbs", Array(libxl_device_vkb, "num_vkbs")),
("vtpms", Array(libxl_device_vtpm, "num_vtpms")),
@ -630,7 +630,7 @@ Index: xen-4.4.1-testing/tools/libxl/libxl_types.idl
("on_poweroff", libxl_action_on_shutdown),
("on_reboot", libxl_action_on_shutdown),
@@ -505,6 +527,28 @@ libxl_vtpminfo = Struct("vtpminfo", [
@@ -508,6 +530,28 @@ libxl_vtpminfo = Struct("vtpminfo", [
("uuid", libxl_uuid),
], dir=DIR_OUT)
@ -828,7 +828,7 @@ Index: xen-4.4.1-testing/tools/libxl/xl_cmdimpl.c
static void split_string_into_string_list(const char *str,
const char *delim,
libxl_string_list *psl)
@@ -740,7 +858,7 @@ static void parse_config_data(const char
@@ -763,7 +881,7 @@ static void parse_config_data(const char
const char *buf;
long l;
XLU_Config *config;
@ -837,7 +837,7 @@ Index: xen-4.4.1-testing/tools/libxl/xl_cmdimpl.c
XLU_ConfigList *ioports, *irqs, *iomem;
int num_ioports, num_irqs, num_iomem;
int pci_power_mgmt = 0;
@@ -1246,6 +1364,66 @@ static void parse_config_data(const char
@@ -1255,6 +1373,66 @@ static void parse_config_data(const char
}
}
@ -904,7 +904,7 @@ Index: xen-4.4.1-testing/tools/libxl/xl_cmdimpl.c
if (!xlu_cfg_get_list(config, "vtpm", &vtpms, 0, 0)) {
d_config->num_vtpms = 0;
d_config->vtpms = NULL;
@@ -6043,6 +6221,256 @@ int main_blockdetach(int argc, char **ar
@@ -6052,6 +6230,256 @@ int main_blockdetach(int argc, char **ar
return rc;
}

14
libxl.set-migration-constraints-from-cmdline.patch
View File

@ -298,7 +298,7 @@ Index: xen-4.4.1-testing/tools/libxl/libxl.h
===================================================================
--- xen-4.4.1-testing.orig/tools/libxl/libxl.h
+++ xen-4.4.1-testing/tools/libxl/libxl.h
@@ -687,8 +687,23 @@ int libxl_domain_suspend(libxl_ctx *ctx,
@@ -702,8 +702,23 @@ int libxl_domain_suspend(libxl_ctx *ctx,
int flags, /* LIBXL_SUSPEND_* */
const libxl_asyncop_how *ao_how)
LIBXL_EXTERNAL_CALLERS_ONLY;
@ -390,7 +390,7 @@ Index: xen-4.4.1-testing/tools/libxl/xl_cmdimpl.c
===================================================================
--- xen-4.4.1-testing.orig/tools/libxl/xl_cmdimpl.c
+++ xen-4.4.1-testing/tools/libxl/xl_cmdimpl.c
@@ -3647,6 +3647,8 @@ static void migrate_do_preamble(int send
@@ -3656,6 +3656,8 @@ static void migrate_do_preamble(int send
}
static void migrate_domain(uint32_t domid, const char *rune, int debug,
@ -399,7 +399,7 @@ Index: xen-4.4.1-testing/tools/libxl/xl_cmdimpl.c
const char *override_config_file)
{
pid_t child = -1;
@@ -3655,7 +3657,13 @@ static void migrate_domain(uint32_t domi
@@ -3664,7 +3666,13 @@ static void migrate_domain(uint32_t domi
char *away_domname;
char rc_buf;
uint8_t *config_data;
@ -414,7 +414,7 @@ Index: xen-4.4.1-testing/tools/libxl/xl_cmdimpl.c
save_domain_core_begin(domid, override_config_file,
&config_data, &config_len);
@@ -3674,10 +3682,13 @@ static void migrate_domain(uint32_t domi
@@ -3683,10 +3691,13 @@ static void migrate_domain(uint32_t domi
xtl_stdiostream_adjust_flags(logger, XTL_STDIOSTREAM_HIDE_PROGRESS, 0);
if (debug)
@ -431,7 +431,7 @@ Index: xen-4.4.1-testing/tools/libxl/xl_cmdimpl.c
" (rc=%d)\n", rc);
if (rc == ERROR_GUEST_TIMEDOUT)
goto failed_suspend;
@@ -4064,13 +4075,18 @@ int main_migrate(int argc, char **argv)
@@ -4073,13 +4084,18 @@ int main_migrate(int argc, char **argv)
char *rune = NULL;
char *host;
int opt, daemonize = 1, monitor = 1, debug = 0;
@ -451,7 +451,7 @@ Index: xen-4.4.1-testing/tools/libxl/xl_cmdimpl.c
case 'C':
config_filename = optarg;
break;
@@ -4087,6 +4103,18 @@ int main_migrate(int argc, char **argv)
@@ -4096,6 +4112,18 @@ int main_migrate(int argc, char **argv)
case 0x100:
debug = 1;
break;
@ -470,7 +470,7 @@ Index: xen-4.4.1-testing/tools/libxl/xl_cmdimpl.c
}
domid = find_domain(argv[optind]);
@@ -4102,7 +4130,8 @@ int main_migrate(int argc, char **argv)
@@ -4111,7 +4139,8 @@ int main_migrate(int argc, char **argv)
return 1;
}

242
xen-pass-kernel-initrd-to-qemu.patch
View File

@ -1,242 +0,0 @@
From 865406533fe7a163acd5ed299628f1dc8d475803 Mon Sep 17 00:00:00 2001
From: Chunyan Liu <cyliu@suse.com>
Date: Wed, 28 May 2014 14:36:54 +0800
Subject: [PATCH 1/2] xen: pass kernel initrd to qemu
xen side patch to support xen HVM direct kernel boot:
support 'kernel', 'ramdisk', 'root', 'extra' in HVM config file,
parse config file, pass -kernel, -initrd, -append parameters to qemu.
It's working with seabios and non-stubdom. Rombios and stubdom cases
are currently not supported.
[config example]
kernel="/mnt/vmlinuz-3.0.13-0.27-default"
ramdisk="/mnt/initrd-3.0.13-0.27-default"
root="/dev/hda2"
extra="console=tty0 console=ttyS0"
disk=[ 'file:/mnt/images/bjz_04_sles11_sp2/disk0.raw,hda,w', ]
Signed-off-by: Chunyan Liu <cyliu@suse.com>
---
docs/man/xl.cfg.pod.5 | 50 ++++++++++++++++++++++++----------------
tools/libxl/libxl_dm.c | 15 ++++++++++++
tools/libxl/libxl_types.idl | 3 +++
tools/libxl/xl_cmdimpl.c | 56 +++++++++++++++++++++++++++------------------
4 files changed, 82 insertions(+), 42 deletions(-)
Index: xen-4.4.0-testing/docs/man/xl.cfg.pod.5
===================================================================
--- xen-4.4.0-testing.orig/docs/man/xl.cfg.pod.5
+++ xen-4.4.0-testing/docs/man/xl.cfg.pod.5
@@ -296,6 +296,34 @@ Action to take if the domain crashes. D
=back
+=head3 Direct Kernel Boot
+
+Currently, direct kernel boot can be supported by PV guests, and HVM guests
+in some configuration. For HVM guests, in case of stubdom-dm and old rombios,
+direct kernel boot is not supported.
+
+=over 4
+
+=item B<kernel="PATHNAME">
+
+Load the specified file as the kernel image.
+
+=item B<ramdisk="PATHNAME">
+
+Load the specified file as the ramdisk.
+
+=item B<root="STRING">
+
+Append B<root="STRING"> to the kernel command line (Note: it is guest
+specific what meaning this has).
+
+=item B<extra="STRING">
+
+Append B<STRING> to the kernel command line. (Note: it is guest
+specific what meaning this has).
+
+=back
+
=head3 Other Options
=over 4
@@ -655,20 +683,12 @@ The following options apply only to Para
=over 4
-=item B<kernel="PATHNAME">
-
-Load the specified file as the kernel image. Either B<kernel> or
-B<bootloader> must be specified for PV guests.
-
-=item B<ramdisk="PATHNAME">
-
-Load the specified file as the ramdisk.
-
=item B<bootloader="PROGRAM">
Run C<PROGRAM> to find the kernel image and ramdisk to use. Normally
C<PROGRAM> would be C<pygrub>, which is an emulation of
-grub/grub2/syslinux.
+grub/grub2/syslinux. Either B<kernel> or B<bootloader> must be specified
+for PV guests.
=item B<bootloader_args=[ "ARG", "ARG", ...]>
@@ -676,16 +696,6 @@ Append B<ARG>s to the arguments to the B
program. Alternatively if the argument is a simple string then it will
be split into words at whitespace (this second option is deprecated).
-=item B<root="STRING">
-
-Append B<root="STRING"> to the kernel command line (Note: it is guest
-specific what meaning this has).
-
-=item B<extra="STRING">
-
-Append B<STRING> to the kernel command line. Note: it is guest
-specific what meaning this has).
-
=item B<e820_host=BOOLEAN>
Selects whether to expose the host e820 (memory map) to the guest via
Index: xen-4.4.0-testing/tools/libxl/libxl_dm.c
===================================================================
--- xen-4.4.0-testing.orig/tools/libxl/libxl_dm.c
+++ xen-4.4.0-testing/tools/libxl/libxl_dm.c
@@ -196,6 +196,12 @@ static char ** libxl__build_device_model
int nr_set_cpus = 0;
char *s;
+ if (b_info->u.hvm.kernel) {
+ LOG(ERROR, "direct kernel boot is not supported by %s",
+ dm);
+ return NULL;
+ }
+
if (b_info->u.hvm.serial) {
flexarray_vappend(dm_args, "-serial", b_info->u.hvm.serial, NULL);
}
@@ -487,6 +493,15 @@ static char ** libxl__build_device_model
if (b_info->type == LIBXL_DOMAIN_TYPE_HVM) {
int ioemu_nics = 0;
+ if (b_info->u.hvm.kernel)
+ flexarray_vappend(dm_args, "-kernel", b_info->u.hvm.kernel, NULL);
+
+ if (b_info->u.hvm.ramdisk)
+ flexarray_vappend(dm_args, "-initrd", b_info->u.hvm.ramdisk, NULL);
+
+ if (b_info->u.hvm.cmdline)
+ flexarray_vappend(dm_args, "-append", b_info->u.hvm.cmdline, NULL);
+
if (b_info->u.hvm.serial) {
flexarray_vappend(dm_args, "-serial", b_info->u.hvm.serial, NULL);
}
Index: xen-4.4.0-testing/tools/libxl/libxl_types.idl
===================================================================
--- xen-4.4.0-testing.orig/tools/libxl/libxl_types.idl
+++ xen-4.4.0-testing/tools/libxl/libxl_types.idl
@@ -335,6 +335,9 @@ libxl_domain_build_info = Struct("domain
("event_channels", uint32),
("u", KeyedUnion(None, libxl_domain_type, "type",
[("hvm", Struct(None, [("firmware", string),
+ ("kernel", string),
+ ("cmdline", string),
+ ("ramdisk", string),
("bios", libxl_bios_type),
("pae", libxl_defbool),
("apic", libxl_defbool),
Index: xen-4.4.0-testing/tools/libxl/xl_cmdimpl.c
===================================================================
--- xen-4.4.0-testing.orig/tools/libxl/xl_cmdimpl.c
+++ xen-4.4.0-testing/tools/libxl/xl_cmdimpl.c
@@ -848,6 +848,29 @@ static void parse_top_level_sdl_options(
xlu_cfg_replace_string (config, "xauthority", &sdl->xauthority, 0);
}
+static char *parse_cmdline(XLU_Config *config)
+{
+ char *cmdline = NULL;
+ const char *root = NULL, *extra = "";
+
+ xlu_cfg_get_string (config, "root", &root, 0);
+ xlu_cfg_get_string (config, "extra", &extra, 0);
+
+ if (root) {
+ if (asprintf(&cmdline, "root=%s %s", root, extra) == -1)
+ cmdline = NULL;
+ } else {
+ cmdline = strdup(extra);
+ }
+
+ if ((root || extra) && !cmdline) {
+ fprintf(stderr, "Failed to allocate memory for cmdline\n");
+ exit(1);
+ }
+
+ return cmdline;
+}
+
static void parse_config_data(const char *config_source,
const char *config_data,
int config_len,
@@ -1129,9 +1152,16 @@ static void parse_config_data(const char
switch(b_info->type) {
case LIBXL_DOMAIN_TYPE_HVM:
- if (!xlu_cfg_get_string (config, "kernel", &buf, 0))
- fprintf(stderr, "WARNING: ignoring \"kernel\" directive for HVM guest. "
- "Use \"firmware_override\" instead if you really want a non-default firmware\n");
+ if (!xlu_cfg_get_string (config, "kernel", &buf, 0)) {
+ if (strstr(buf, "hvmloader"))
+ fprintf(stderr, "WARNING: ignoring \"kernel\" directive for HVM guest. "
+ "Use \"firmware_override\" instead if you really want a non-default firmware\n");
+ else
+ b_info->u.hvm.kernel = strdup(buf);
+ }
+
+ b_info->u.hvm.cmdline = parse_cmdline(config);
+ xlu_cfg_replace_string (config, "ramdisk", &b_info->u.hvm.ramdisk, 0);
xlu_cfg_replace_string (config, "firmware_override",
&b_info->u.hvm.firmware, 0);
@@ -1183,26 +1213,8 @@ static void parse_config_data(const char
break;
case LIBXL_DOMAIN_TYPE_PV:
{
- char *cmdline = NULL;
- const char *root = NULL, *extra = "";
-
xlu_cfg_replace_string (config, "kernel", &b_info->u.pv.kernel, 0);
- xlu_cfg_get_string (config, "root", &root, 0);
- xlu_cfg_get_string (config, "extra", &extra, 0);
-
- if (root) {
- if (asprintf(&cmdline, "root=%s %s", root, extra) == -1)
- cmdline = NULL;
- } else {
- cmdline = strdup(extra);
- }
-
- if ((root || extra) && !cmdline) {
- fprintf(stderr, "Failed to allocate memory for cmdline\n");
- exit(1);
- }
-
xlu_cfg_replace_string (config, "bootloader", &b_info->u.pv.bootloader, 0);
switch (xlu_cfg_get_list_as_string_list(config, "bootloader_args",
&b_info->u.pv.bootloader_args, 1))
@@ -1230,7 +1242,7 @@ static void parse_config_data(const char
exit(1);
}
- b_info->u.pv.cmdline = cmdline;
+ b_info->u.pv.cmdline = parse_cmdline(config);
xlu_cfg_replace_string (config, "ramdisk", &b_info->u.pv.ramdisk, 0);
break;
}

36
xen.changes
View File

@ -1,3 +1,39 @@
-------------------------------------------------------------------
Mon Sep 22 09:55:35 MDT 2014 - carnold@suse.com
- bnc#897614 - Virtualization/xen: Bug `xen-tools` uninstallable;
grub2-x86_64-xen dependency not available
xen.spec
-------------------------------------------------------------------
Wed Sep 17 16:21:22 MDT 2014 - jfehlig@suse.com
- More cleanup of README.SUSE
-------------------------------------------------------------------
Fri Sep 15 09:37:10 CST 2014 - cyliu@suse.com
- Update xen patch with upstream patch so that latest libvirt
patch can work. (bnc#896044)
+ 53fcebab-xen-pass-kernel-initrd-to-qemu.patch
- xen-pass-kernel-initrd-to-qemu.patch
-------------------------------------------------------------------
Wed Sep 10 09:15:39 MDT 2014 - carnold@suse.com
- bnc#895804 - VUL-0: CVE-2014-6268: xen: XSA-107: Mishandling of
uninitialised FIFO-based event channel control blocks
xsa107.patch
- bnc#895802 - VUL-0: xen: XSA-106: Missing privilege level checks
in x86 emulation of software interrupts
xsa106.patch
- bnc#895799 - VUL-0: xen: XSA-105: Missing privilege level checks
in x86 HLT, LGDT, LIDT, and LMSW emulation
xsa105.patch
- bnc#895798 - VUL-0: xen: XSA-104: Race condition in
HVMOP_track_dirty_vram
xsa104.patch
-------------------------------------------------------------------
Thu Sep 4 17:01:24 CST 2014 - cyliu@suse.com

32
xen.spec
View File

@ -153,7 +153,7 @@ BuildRequires: xorg-x11-util-devel
%endif
%endif
Version: 4.4.1_04
Version: 4.4.1_06
Release: 0
PreReq: %insserv_prereq %fillup_prereq
Summary: Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
@ -229,12 +229,17 @@ Patch14: 53df727b-x86-HVM-extend-LAPIC-shortcuts-around-P2M-lookups.patch
Patch15: 53e8be5f-x86-vHPET-use-rwlock-instead-of-simple-one.patch
Patch16: 53f737b1-VMX-fix-DebugCtl-MSR-clearing.patch
Patch17: 53f7386d-x86-irq-process-softirqs-in-irq-keyhandlers.patch
Patch18: 53ff3659-x86-consolidate-boolean-inputs-in-hvm-and-p2m.patch
Patch19: 53ff36ae-x86-hvm-treat-non-insn-fetch-NPF-also-as-read-violations.patch
Patch20: 53ff36d5-x86-mem_event-deliver-gla-fault-EPT-violation-information.patch
Patch21: 53ff3716-x86-ats-Disable-Address-Translation-Services-by-default.patch
Patch22: 53ff3899-x86-NMI-allow-processing-unknown-NMIs-with-watchdog.patch
Patch23: 54005472-EPT-utilize-GLA-GPA-translation-known-for-certain-faults.patch
Patch18: 53fcebab-xen-pass-kernel-initrd-to-qemu.patch
Patch19: 53ff3659-x86-consolidate-boolean-inputs-in-hvm-and-p2m.patch
Patch20: 53ff36ae-x86-hvm-treat-non-insn-fetch-NPF-also-as-read-violations.patch
Patch21: 53ff36d5-x86-mem_event-deliver-gla-fault-EPT-violation-information.patch
Patch22: 53ff3716-x86-ats-Disable-Address-Translation-Services-by-default.patch
Patch23: 53ff3899-x86-NMI-allow-processing-unknown-NMIs-with-watchdog.patch
Patch24: 54005472-EPT-utilize-GLA-GPA-translation-known-for-certain-faults.patch
Patch104: xsa104.patch
Patch105: xsa105.patch
Patch106: xsa106.patch
Patch107: xsa107.patch
# Upstream qemu
Patch250: VNC-Support-for-ExtendedKeyEvent-client-message.patch
Patch251: 0001-net-move-the-tap-buffer-into-TAPState.patch
@ -362,9 +367,8 @@ Patch467: xl-check-for-libvirt-managed-domain.patch
Patch468: libxl.introduce-an-option-to-disable-the-non-O_DIRECT-workaround.patch
Patch469: libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch
Patch470: qemu-xen-upstream-qdisk-cache-unsafe.patch
Patch471: xen-pass-kernel-initrd-to-qemu.patch
Patch472: qemu-support-xen-hvm-direct-kernel-boot.patch
Patch473: tigervnc-long-press.patch
Patch471: qemu-support-xen-hvm-direct-kernel-boot.patch
Patch472: tigervnc-long-press.patch
# Hypervisor and PV driver Patches
Patch501: x86-ioapic-ack-default.patch
Patch502: x86-cpufreq-report.patch
@ -459,7 +463,9 @@ Authors:
Summary: Xen Virtualization: Control tools for domain 0
Group: System/Kernel
Requires: bridge-utils
%if %suse_version >= 1315
Requires: grub2-x86_64-xen
%endif
Requires: multipath-tools
Requires: python
Requires: python-curses
@ -625,6 +631,11 @@ Authors:
%patch21 -p1
%patch22 -p1
%patch23 -p1
%patch24 -p1
%patch104 -p1
%patch105 -p1
%patch106 -p1
%patch107 -p1
# Upstream qemu patches
%patch250 -p1
%patch251 -p1
@ -753,7 +764,6 @@ Authors:
%patch470 -p1
%patch471 -p1
%patch472 -p1
%patch473 -p1
# Hypervisor and PV driver Patches
%patch501 -p1
%patch502 -p1

50
xend-tools-watchdog-support.patch
View File

@ -1,7 +1,7 @@
Index: xen-4.4.0-testing/tools/python/xen/xm/create.py
Index: xen-4.4.1-testing/tools/python/xen/xm/create.py
===================================================================
--- xen-4.4.0-testing.orig/tools/python/xen/xm/create.py
+++ xen-4.4.0-testing/tools/python/xen/xm/create.py
--- xen-4.4.1-testing.orig/tools/python/xen/xm/create.py
+++ xen-4.4.1-testing/tools/python/xen/xm/create.py
@@ -517,6 +517,21 @@ gopts.var('usbdevice', val='NAME',
fn=set_value, default='',
use="Name of USB device to add?")
@ -32,10 +32,10 @@ Index: xen-4.4.0-testing/tools/python/xen/xm/create.py
'xauthority', 'xen_extended_power_mgmt', 'xen_platform_pci',
'memory_sharing' ]
Index: xen-4.4.0-testing/tools/python/xen/xm/xenapi_create.py
Index: xen-4.4.1-testing/tools/python/xen/xm/xenapi_create.py
===================================================================
--- xen-4.4.0-testing.orig/tools/python/xen/xm/xenapi_create.py
+++ xen-4.4.0-testing/tools/python/xen/xm/xenapi_create.py
--- xen-4.4.1-testing.orig/tools/python/xen/xm/xenapi_create.py
+++ xen-4.4.1-testing/tools/python/xen/xm/xenapi_create.py
@@ -1074,7 +1074,9 @@ class sxp2xml:
'xen_platform_pci',
'tsc_mode'
@ -47,10 +47,10 @@ Index: xen-4.4.0-testing/tools/python/xen/xm/xenapi_create.py
]
platform_configs = []
Index: xen-4.4.0-testing/tools/python/xen/xend/image.py
Index: xen-4.4.1-testing/tools/python/xen/xend/image.py
===================================================================
--- xen-4.4.0-testing.orig/tools/python/xen/xend/image.py
+++ xen-4.4.0-testing/tools/python/xen/xend/image.py
--- xen-4.4.1-testing.orig/tools/python/xen/xend/image.py
+++ xen-4.4.1-testing/tools/python/xen/xend/image.py
@@ -855,7 +855,8 @@ class HVMImageHandler(ImageHandler):
dmargs = [ 'boot', 'fda', 'fdb', 'soundhw',
@ -69,10 +69,10 @@ Index: xen-4.4.0-testing/tools/python/xen/xend/image.py
# Handle booleans gracefully
if a in ['localtime', 'std-vga', 'isa', 'usb', 'acpi']:
Index: xen-4.4.0-testing/tools/python/xen/xend/XendConfig.py
Index: xen-4.4.1-testing/tools/python/xen/xend/XendConfig.py
===================================================================
--- xen-4.4.0-testing.orig/tools/python/xen/xend/XendConfig.py
+++ xen-4.4.0-testing/tools/python/xen/xend/XendConfig.py
--- xen-4.4.1-testing.orig/tools/python/xen/xend/XendConfig.py
+++ xen-4.4.1-testing/tools/python/xen/xend/XendConfig.py
@@ -192,6 +192,8 @@ XENAPI_PLATFORM_CFG_TYPES = {
'xen_platform_pci': int,
"gfx_passthru": int,
@ -82,11 +82,11 @@ Index: xen-4.4.0-testing/tools/python/xen/xend/XendConfig.py
}
# Xen API console 'other_config' keys.
Index: xen-4.4.0-testing/tools/libxl/libxl_dm.c
Index: xen-4.4.1-testing/tools/libxl/libxl_dm.c
===================================================================
--- xen-4.4.0-testing.orig/tools/libxl/libxl_dm.c
+++ xen-4.4.0-testing/tools/libxl/libxl_dm.c
@@ -246,6 +246,12 @@ static char ** libxl__build_device_model
--- xen-4.4.1-testing.orig/tools/libxl/libxl_dm.c
+++ xen-4.4.1-testing/tools/libxl/libxl_dm.c
@@ -252,6 +252,12 @@ static char ** libxl__build_device_model
}
}
}
@ -99,7 +99,7 @@ Index: xen-4.4.0-testing/tools/libxl/libxl_dm.c
if (b_info->u.hvm.soundhw) {
flexarray_vappend(dm_args, "-soundhw", b_info->u.hvm.soundhw, NULL);
}
@@ -581,6 +587,12 @@ static char ** libxl__build_device_model
@@ -596,6 +602,12 @@ static char ** libxl__build_device_model
return NULL;
}
}
@ -112,11 +112,11 @@ Index: xen-4.4.0-testing/tools/libxl/libxl_dm.c
if (b_info->u.hvm.soundhw) {
flexarray_vappend(dm_args, "-soundhw", b_info->u.hvm.soundhw, NULL);
}
Index: xen-4.4.0-testing/tools/libxl/libxl_types.idl
Index: xen-4.4.1-testing/tools/libxl/libxl_types.idl
===================================================================
--- xen-4.4.0-testing.orig/tools/libxl/libxl_types.idl
+++ xen-4.4.0-testing/tools/libxl/libxl_types.idl
@@ -372,6 +372,8 @@ libxl_domain_build_info = Struct("domain
--- xen-4.4.1-testing.orig/tools/libxl/libxl_types.idl
+++ xen-4.4.1-testing/tools/libxl/libxl_types.idl
@@ -375,6 +375,8 @@ libxl_domain_build_info = Struct("domain
("xen_platform_pci", libxl_defbool),
("usbdevice_list", libxl_string_list),
("vendor_device", libxl_vendor_device),
@ -125,11 +125,11 @@ Index: xen-4.4.0-testing/tools/libxl/libxl_types.idl
])),
("pv", Struct(None, [("kernel", string),
("slack_memkb", MemKB),
Index: xen-4.4.0-testing/tools/libxl/xl_cmdimpl.c
Index: xen-4.4.1-testing/tools/libxl/xl_cmdimpl.c
===================================================================
--- xen-4.4.0-testing.orig/tools/libxl/xl_cmdimpl.c
+++ xen-4.4.0-testing/tools/libxl/xl_cmdimpl.c
@@ -1915,6 +1915,8 @@ skip_vfb:
--- xen-4.4.1-testing.orig/tools/libxl/xl_cmdimpl.c
+++ xen-4.4.1-testing/tools/libxl/xl_cmdimpl.c
@@ -1924,6 +1924,8 @@ skip_vfb:
xlu_cfg_replace_string (config, "soundhw", &b_info->u.hvm.soundhw, 0);
xlu_cfg_get_defbool(config, "xen_platform_pci",
&b_info->u.hvm.xen_platform_pci, 0);

48
xsa104.patch Normal file
View File

@ -0,0 +1,48 @@
x86/shadow: fix race condition sampling the dirty vram state
d->arch.hvm_domain.dirty_vram must be read with the domain's paging lock held.
If not, two concurrent hypercalls could both end up attempting to free
dirty_vram (the second of which will free a wild pointer), or both end up
allocating a new dirty_vram structure (the first of which will be leaked).
This is XSA-104.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Tim Deegan <tim@xen.org>
Index: xen-4.4.1-testing/xen/arch/x86/mm/shadow/common.c
===================================================================
--- xen-4.4.1-testing.orig/xen/arch/x86/mm/shadow/common.c
+++ xen-4.4.1-testing/xen/arch/x86/mm/shadow/common.c
@@ -3486,7 +3486,7 @@ int shadow_track_dirty_vram(struct domai
int flush_tlb = 0;
unsigned long i;
p2m_type_t t;
- struct sh_dirty_vram *dirty_vram = d->arch.hvm_domain.dirty_vram;
+ struct sh_dirty_vram *dirty_vram;
struct p2m_domain *p2m = p2m_get_hostp2m(d);
if ( end_pfn < begin_pfn || end_pfn > p2m->max_mapped_pfn + 1 )
@@ -3496,6 +3496,8 @@ int shadow_track_dirty_vram(struct domai
p2m_lock(p2m_get_hostp2m(d));
paging_lock(d);
+ dirty_vram = d->arch.hvm_domain.dirty_vram;
+
if ( dirty_vram && (!nr ||
( begin_pfn != dirty_vram->begin_pfn
|| end_pfn != dirty_vram->end_pfn )) )
Index: xen-4.4.1-testing/xen/include/asm-x86/hvm/domain.h
===================================================================
--- xen-4.4.1-testing.orig/xen/include/asm-x86/hvm/domain.h
+++ xen-4.4.1-testing/xen/include/asm-x86/hvm/domain.h
@@ -67,7 +67,7 @@ struct hvm_domain {
/* Memory ranges with pinned cache attributes. */
struct list_head pinned_cacheattr_ranges;
- /* VRAM dirty support. */
+ /* VRAM dirty support. Protect with the domain paging lock. */
struct sh_dirty_vram *dirty_vram;
/* If one of vcpus of this domain is in no_fill_mode or

35
xsa105.patch Normal file
View File

@ -0,0 +1,35 @@
x86/emulate: check cpl for all privileged instructions
Without this, it is possible for userspace to load its own IDT or GDT.
This is XSA-105.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
--- a/xen/arch/x86/x86_emulate/x86_emulate.c
+++ b/xen/arch/x86/x86_emulate/x86_emulate.c
@@ -3314,6 +3314,7 @@ x86_emulate(
goto swint;
case 0xf4: /* hlt */
+ generate_exception_if(!mode_ring0(), EXC_GP, 0);
ctxt->retire.flags.hlt = 1;
break;
@@ -3710,6 +3711,7 @@ x86_emulate(
break;
case 2: /* lgdt */
case 3: /* lidt */
+ generate_exception_if(!mode_ring0(), EXC_GP, 0);
generate_exception_if(ea.type != OP_MEM, EXC_UD, -1);
fail_if(ops->write_segment == NULL);
memset(&reg, 0, sizeof(reg));
@@ -3738,6 +3740,7 @@ x86_emulate(
case 6: /* lmsw */
fail_if(ops->read_cr == NULL);
fail_if(ops->write_cr == NULL);
+ generate_exception_if(!mode_ring0(), EXC_GP, 0);
if ( (rc = ops->read_cr(0, &cr0, ctxt)) )
goto done;
if ( ea.type == OP_REG )

22
xsa106.patch Normal file
View File

@ -0,0 +1,22 @@
x86emul: only emulate software interrupt injection for real mode
Protected mode emulation currently lacks proper privilege checking of
the referenced IDT entry, and there's currently no legitimate way for
any of the respective instructions to reach the emulator when the guest
is in protected mode.
This is XSA-106.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Keir Fraser <keir@xen.org>
--- a/xen/arch/x86/x86_emulate/x86_emulate.c
+++ b/xen/arch/x86/x86_emulate/x86_emulate.c
@@ -2634,6 +2634,7 @@ x86_emulate(
case 0xcd: /* int imm8 */
src.val = insn_fetch_type(uint8_t);
swint:
+ fail_if(!in_realmode(ctxt, ops)); /* XSA-106 */
fail_if(ops->inject_sw_interrupt == NULL);
rc = ops->inject_sw_interrupt(src.val, _regs.eip - ctxt->regs->eip,
ctxt) ? : X86EMUL_EXCEPTION;

165
xsa107.patch Normal file
View File

@ -0,0 +1,165 @@
evtchn: check control block exists when using FIFO-based events
When using the FIFO-based event channels, there are no checks for the
existance of a control block when binding an event or moving it to a
different VCPU. This is because events may be bound when the ABI is
in 2-level mode (e.g., by the toolstack before the domain is started).
The guest may trigger a Xen crash in evtchn_fifo_set_pending() if:
a) the event is bound to a VCPU without a control block; or
b) VCPU 0 does not have a control block.
In case (a), Xen will crash when looking up the current queue. In
(b), Xen will crash when looking up the old queue (which defaults to a
queue on VCPU 0).
By allocating all the per-VCPU structures when enabling the FIFO ABI,
we can be sure that v->evtchn_fifo is always valid.
EVTCHNOP_init_control_block for all the other CPUs need only map the
shared control block.
A single check in evtchn_fifo_set_pending() before accessing the
control block fixes all cases where the guest has not initialized some
control blocks.
This is XSA-107.
Reported-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Signed-off-by: David Vrabel <david.vrabel@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
--- a/xen/common/event_fifo.c
+++ b/xen/common/event_fifo.c
@@ -178,6 +178,19 @@ static void evtchn_fifo_set_pending(stru
bool_t linked = 0;
/*
+ * Control block not mapped. The guest must not unmask an
+ * event until the control block is initialized, so we can
+ * just drop the event.
+ */
+ if ( unlikely(!v->evtchn_fifo->control_block) )
+ {
+ printk(XENLOG_G_WARNING
+ "d%dv%d has no FIFO event channel control block\n",
+ d->domain_id, v->vcpu_id);
+ goto done;
+ }
+
+ /*
* No locking around getting the queue. This may race with
* changing the priority but we are allowed to signal the
* event once on the old priority.
@@ -385,36 +398,42 @@ static void init_queue(struct vcpu *v, s
{
spin_lock_init(&q->lock);
q->priority = i;
- q->head = &v->evtchn_fifo->control_block->head[i];
}
-static int setup_control_block(struct vcpu *v, uint64_t gfn, uint32_t offset)
+static int setup_control_block(struct vcpu *v)
{
- struct domain *d = v->domain;
struct evtchn_fifo_vcpu *efv;
- void *virt;
unsigned int i;
- int rc;
-
- if ( v->evtchn_fifo )
- return -EINVAL;
efv = xzalloc(struct evtchn_fifo_vcpu);
if ( !efv )
return -ENOMEM;
- rc = map_guest_page(d, gfn, &virt);
+ for ( i = 0; i <= EVTCHN_FIFO_PRIORITY_MIN; i++ )
+ init_queue(v, &efv->queue[i], i);
+
+ v->evtchn_fifo = efv;
+
+ return 0;
+}
+
+static int map_control_block(struct vcpu *v, uint64_t gfn, uint32_t offset)
+{
+ void *virt;
+ unsigned int i;
+ int rc;
+
+ if ( v->evtchn_fifo->control_block )
+ return -EINVAL;
+
+ rc = map_guest_page(v->domain, gfn, &virt);
if ( rc < 0 )
- {
- xfree(efv);
return rc;
- }
- v->evtchn_fifo = efv;
v->evtchn_fifo->control_block = virt + offset;
for ( i = 0; i <= EVTCHN_FIFO_PRIORITY_MIN; i++ )
- init_queue(v, &v->evtchn_fifo->queue[i], i);
+ v->evtchn_fifo->queue[i].head = &v->evtchn_fifo->control_block->head[i];
return 0;
}
@@ -508,28 +527,43 @@ int evtchn_fifo_init_control(struct evtc
spin_lock(&d->event_lock);
- rc = setup_control_block(v, gfn, offset);
-
/*
* If this is the first control block, setup an empty event array
* and switch to the fifo port ops.
*/
- if ( rc == 0 && !d->evtchn_fifo )
+ if ( !d->evtchn_fifo )
{
+ struct vcpu *vcb;
+
+ for_each_vcpu ( d, vcb ) {
+ rc = setup_control_block(vcb);
+ if ( rc < 0 )
+ goto error;
+ }
+
rc = setup_event_array(d);
if ( rc < 0 )
- cleanup_control_block(v);
- else
- {
- d->evtchn_port_ops = &evtchn_port_ops_fifo;
- d->max_evtchns = EVTCHN_FIFO_NR_CHANNELS;
- setup_ports(d);
- }
+ goto error;
+
+ rc = map_control_block(v, gfn, offset);
+ if ( rc < 0 )
+ goto error;
+
+ d->evtchn_port_ops = &evtchn_port_ops_fifo;
+ d->max_evtchns = EVTCHN_FIFO_NR_CHANNELS;
+ setup_ports(d);
}
+ else
+ rc = map_control_block(v, gfn, offset);
spin_unlock(&d->event_lock);
return rc;
+
+ error:
+ evtchn_fifo_destroy(d);
+ spin_unlock(&d->event_lock);
+ return rc;
}
static int add_page_to_event_array(struct domain *d, unsigned long gfn)