pool/xen
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 400898 from Virtualization

Browse Source 
Sync with SLES-12 SP2 Updates

OBS-URL: https://build.opensuse.org/request/show/400898
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xen?expand=0&rev=220
This commit is contained in:
Dominique Leuenberger 2016-06-14 21:05:49 +00:00 committed by Git OBS Bridge
commit 3ed5aef207
70 changed files with 5195 additions and 2477 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

185
0001-libxc-Rework-extra-module-initialisation.patch Normal file
View File

@ -0,0 +1,185 @@
From 270b8e85b5379fe93192f36966384ff07400fe7b Mon Sep 17 00:00:00 2001
From: Anthony PERARD <anthony.perard@citrix.com>
Date: Mon, 14 Mar 2016 17:55:36 +0000
Subject: [PATCH 01/15] libxc: Rework extra module initialisation
This patch use xc_dom_alloc_segment() to allocate the memory space for the
ACPI modules and the SMBIOS modules. This is to replace the arbitrary
placement of 1MB after the hvmloader image.
In later patches, while trying to load a firmware such as OVMF, the later
could easily be loaded past the address 4MB (OVMF is a 2MB binary), but
hvmloader use a range of memory from 4MB to 8MB to perform tests and in the
process, clear the memory, before loading the modules.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
---
tools/libxc/xc_dom_hvmloader.c | 131 ++++++++++++-----------------------------
1 file changed, 38 insertions(+), 93 deletions(-)
Index: xen-4.7.0-testing/tools/libxc/xc_dom_hvmloader.c
===================================================================
--- xen-4.7.0-testing.orig/tools/libxc/xc_dom_hvmloader.c
+++ xen-4.7.0-testing/tools/libxc/xc_dom_hvmloader.c
@@ -129,98 +129,52 @@ static elf_errorstatus xc_dom_parse_hvm_
return rc;
}
-static int modules_init(struct xc_dom_image *dom,
- uint64_t vend, struct elf_binary *elf,
- uint64_t *mstart_out, uint64_t *mend_out)
+static int module_init_one(struct xc_dom_image *dom,
+ struct xc_hvm_firmware_module *module,
+ char *name)
{
-#define MODULE_ALIGN 1UL << 7
-#define MB_ALIGN 1UL << 20
-#define MKALIGN(x, a) (((uint64_t)(x) + (a) - 1) & ~(uint64_t)((a) - 1))
- uint64_t total_len = 0, offset1 = 0;
-
- if ( dom->acpi_module.length == 0 && dom->smbios_module.length == 0 )
- return 0;
-
- /* Find the total length for the firmware modules with a reasonable large
- * alignment size to align each the modules.
- */
- total_len = MKALIGN(dom->acpi_module.length, MODULE_ALIGN);
- offset1 = total_len;
- total_len += MKALIGN(dom->smbios_module.length, MODULE_ALIGN);
-
- /* Want to place the modules 1Mb+change behind the loader image. */
- *mstart_out = MKALIGN(elf->pend, MB_ALIGN) + (MB_ALIGN);
- *mend_out = *mstart_out + total_len;
-
- if ( *mend_out > vend )
- return -1;
-
- if ( dom->acpi_module.length != 0 )
- dom->acpi_module.guest_addr_out = *mstart_out;
- if ( dom->smbios_module.length != 0 )
- dom->smbios_module.guest_addr_out = *mstart_out + offset1;
+ struct xc_dom_seg seg;
+ void *dest;
+
+ if ( module->length )
+ {
+ if ( xc_dom_alloc_segment(dom, &seg, name, 0, module->length) )
+ goto err;
+ dest = xc_dom_seg_to_ptr(dom, &seg);
+ if ( dest == NULL )
+ {
+ DOMPRINTF("%s: xc_dom_seg_to_ptr(dom, &seg) => NULL",
+ __FUNCTION__);
+ goto err;
+ }
+ memcpy(dest, module->data, module->length);
+ module->guest_addr_out = seg.vstart;
+ if ( module->guest_addr_out > UINT32_MAX ||
+ module->guest_addr_out + module->length > UINT32_MAX )
+ {
+ DOMPRINTF("%s: Module %s would be loaded abrove 4GB",
+ __FUNCTION__, name);
+ goto err;
+ }
+ }
return 0;
+err:
+ return -1;
}
-static int loadmodules(struct xc_dom_image *dom,
- uint64_t mstart, uint64_t mend,
- uint32_t domid)
+static int modules_init(struct xc_dom_image *dom)
{
- privcmd_mmap_entry_t *entries = NULL;
- unsigned long pfn_start;
- unsigned long pfn_end;
- size_t pages;
- uint32_t i;
- uint8_t *dest;
- int rc = -1;
- xc_interface *xch = dom->xch;
-
- if ( mstart == 0 || mend == 0 )
- return 0;
-
- pfn_start = (unsigned long)(mstart >> PAGE_SHIFT);
- pfn_end = (unsigned long)((mend + PAGE_SIZE - 1) >> PAGE_SHIFT);
- pages = pfn_end - pfn_start;
+ int rc;
- /* Map address space for module list. */
- entries = calloc(pages, sizeof(privcmd_mmap_entry_t));
- if ( entries == NULL )
- goto error_out;
+ rc = module_init_one(dom, &dom->acpi_module, "acpi module");
+ if ( rc ) goto err;
+ rc = module_init_one(dom, &dom->smbios_module, "smbios module");
+ if ( rc ) goto err;
- for ( i = 0; i < pages; i++ )
- entries[i].mfn = (mstart >> PAGE_SHIFT) + i;
-
- dest = xc_map_foreign_ranges(
- xch, domid, pages << PAGE_SHIFT, PROT_READ | PROT_WRITE, 1 << PAGE_SHIFT,
- entries, pages);
- if ( dest == NULL )
- goto error_out;
-
- /* Zero the range so padding is clear between modules */
- memset(dest, 0, pages << PAGE_SHIFT);
-
- /* Load modules into range */
- if ( dom->acpi_module.length != 0 )
- {
- memcpy(dest,
- dom->acpi_module.data,
- dom->acpi_module.length);
- }
- if ( dom->smbios_module.length != 0 )
- {
- memcpy(dest + (dom->smbios_module.guest_addr_out - mstart),
- dom->smbios_module.data,
- dom->smbios_module.length);
- }
-
- munmap(dest, pages << PAGE_SHIFT);
- rc = 0;
-
- error_out:
- free(entries);
-
- return rc;
+ return 0;
+err:
+ return -1;
}
static elf_errorstatus xc_dom_load_hvm_kernel(struct xc_dom_image *dom)
@@ -229,7 +183,6 @@ static elf_errorstatus xc_dom_load_hvm_k
privcmd_mmap_entry_t *entries = NULL;
size_t pages = (elf->pend - elf->pstart + PAGE_SIZE - 1) >> PAGE_SHIFT;
elf_errorstatus rc;
- uint64_t m_start = 0, m_end = 0;
int i;
/* Map address space for initial elf image. */
@@ -262,15 +215,7 @@ static elf_errorstatus xc_dom_load_hvm_k
munmap(elf->dest_base, elf->dest_size);
- rc = modules_init(dom, dom->total_pages << PAGE_SHIFT, elf, &m_start,
- &m_end);
- if ( rc != 0 )
- {
- DOMPRINTF("%s: insufficient space to load modules.", __func__);
- goto error;
- }
-
- rc = loadmodules(dom, m_start, m_end, dom->guest_domid);
+ rc = modules_init(dom);
if ( rc != 0 )
{
DOMPRINTF("%s: unable to load modules.", __func__);

261
0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch Normal file
View File

@ -0,0 +1,261 @@
From 34cd9218de8579722240d1acdcaae4e4278f667e Mon Sep 17 00:00:00 2001
From: Anthony PERARD <anthony.perard@citrix.com>
Date: Mon, 14 Mar 2016 17:55:37 +0000
Subject: [PATCH 02/15] libxc: Prepare a start info structure for hvmloader
... and load BIOS into guest memory.
This adds a new firmware module, bios_module. It is
loaded in the guest memory and final location is provided to hvmloader
via the hvm_start_info struct.
This patch create the hvm_start_info struct for HVM guest that have a
device model, so this is now common code with HVM guest without device
model.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
---
tools/libxc/include/xc_dom.h | 3 +
tools/libxc/xc_dom_hvmloader.c | 2 +
tools/libxc/xc_dom_x86.c | 132 ++++++++++++++++++++++++++++-------------
xen/include/public/xen.h | 2 +-
4 files changed, 96 insertions(+), 43 deletions(-)
Index: xen-4.7.0-testing/tools/libxc/include/xc_dom.h
===================================================================
--- xen-4.7.0-testing.orig/tools/libxc/include/xc_dom.h
+++ xen-4.7.0-testing/tools/libxc/include/xc_dom.h
@@ -209,6 +209,9 @@ struct xc_dom_image {
/* If unset disables the setup of the IOREQ pages. */
bool device_model;
+ /* BIOS passed to HVMLOADER */
+ struct xc_hvm_firmware_module bios_module;
+
/* Extra ACPI tables passed to HVMLOADER */
struct xc_hvm_firmware_module acpi_module;
Index: xen-4.7.0-testing/tools/libxc/xc_dom_hvmloader.c
===================================================================
--- xen-4.7.0-testing.orig/tools/libxc/xc_dom_hvmloader.c
+++ xen-4.7.0-testing/tools/libxc/xc_dom_hvmloader.c
@@ -167,6 +167,8 @@ static int modules_init(struct xc_dom_im
{
int rc;
+ rc = module_init_one(dom, &dom->bios_module, "bios module");
+ if ( rc ) goto err;
rc = module_init_one(dom, &dom->acpi_module, "acpi module");
if ( rc ) goto err;
rc = module_init_one(dom, &dom->smbios_module, "smbios module");
Index: xen-4.7.0-testing/tools/libxc/xc_dom_x86.c
===================================================================
--- xen-4.7.0-testing.orig/tools/libxc/xc_dom_x86.c
+++ xen-4.7.0-testing/tools/libxc/xc_dom_x86.c
@@ -69,6 +69,9 @@
#define round_up(addr, mask) ((addr) | (mask))
#define round_pg_up(addr) (((addr) + PAGE_SIZE_X86 - 1) & ~(PAGE_SIZE_X86 - 1))
+#define HVMLOADER_MODULE_MAX_COUNT 1
+#define HVMLOADER_MODULE_NAME_SIZE 10
+
struct xc_dom_params {
unsigned levels;
xen_vaddr_t vaddr_mask;
@@ -590,6 +593,7 @@ static int alloc_magic_pages_hvm(struct
xen_pfn_t special_array[X86_HVM_NR_SPECIAL_PAGES];
xen_pfn_t ioreq_server_array[NR_IOREQ_SERVER_PAGES];
xc_interface *xch = dom->xch;
+ size_t start_info_size = sizeof(struct hvm_start_info);
/* Allocate and clear special pages. */
for ( i = 0; i < X86_HVM_NR_SPECIAL_PAGES; i++ )
@@ -624,8 +628,6 @@ static int alloc_magic_pages_hvm(struct
if ( !dom->device_model )
{
- size_t start_info_size = sizeof(struct hvm_start_info);
-
if ( dom->cmdline )
{
dom->cmdline_size = ROUNDUP(strlen(dom->cmdline) + 1, 8);
@@ -635,17 +637,26 @@ static int alloc_magic_pages_hvm(struct
/* Limited to one module. */
if ( dom->ramdisk_blob )
start_info_size += sizeof(struct hvm_modlist_entry);
-
- rc = xc_dom_alloc_segment(dom, &dom->start_info_seg,
- "HVMlite start info", 0, start_info_size);
- if ( rc != 0 )
- {
- DOMPRINTF("Unable to reserve memory for the start info");
- goto out;
- }
}
else
{
+ start_info_size +=
+ sizeof(struct hvm_modlist_entry) * HVMLOADER_MODULE_MAX_COUNT;
+ /* Add extra space to write modules name */
+ start_info_size +=
+ HVMLOADER_MODULE_NAME_SIZE * HVMLOADER_MODULE_MAX_COUNT;
+ }
+
+ rc = xc_dom_alloc_segment(dom, &dom->start_info_seg,
+ "HVMlite start info", 0, start_info_size);
+ if ( rc != 0 )
+ {
+ DOMPRINTF("Unable to reserve memory for the start info");
+ goto out;
+ }
+
+ if ( dom->device_model )
+ {
/*
* Allocate and clear additional ioreq server pages. The default
* server will use the IOREQ and BUFIOREQ special pages above.
@@ -1689,39 +1700,68 @@ static int alloc_pgtables_hvm(struct xc_
return 0;
}
+static void add_module_to_list(struct xc_dom_image *dom,
+ struct xc_hvm_firmware_module *module,
+ const char *name,
+ struct hvm_modlist_entry *modlist,
+ struct hvm_start_info *start_info)
+{
+ uint32_t index = start_info->nr_modules;
+ if ( module->length == 0 )
+ return;
+
+ assert(start_info->nr_modules < HVMLOADER_MODULE_MAX_COUNT);
+ assert(strnlen(name, HVMLOADER_MODULE_NAME_SIZE)
+ < HVMLOADER_MODULE_NAME_SIZE);
+
+ modlist[index].paddr = module->guest_addr_out;
+ modlist[index].size = module->length;
+ strncpy((char*)(modlist + HVMLOADER_MODULE_MAX_COUNT)
+ + HVMLOADER_MODULE_NAME_SIZE * index,
+ name, HVMLOADER_MODULE_NAME_SIZE);
+ modlist[index].cmdline_paddr =
+ (dom->start_info_seg.pfn << PAGE_SHIFT) +
+ ((uintptr_t)modlist - (uintptr_t)start_info) +
+ sizeof(struct hvm_modlist_entry) * HVMLOADER_MODULE_MAX_COUNT +
+ HVMLOADER_MODULE_NAME_SIZE * index;
+
+ start_info->nr_modules++;
+}
+
static int bootlate_hvm(struct xc_dom_image *dom)
{
uint32_t domid = dom->guest_domid;
xc_interface *xch = dom->xch;
+ struct hvm_start_info *start_info;
+ size_t start_info_size;
+ void *start_page;
+ struct hvm_modlist_entry *modlist;
- if ( !dom->device_model )
- {
- struct hvm_start_info *start_info;
- size_t start_info_size;
- void *start_page;
-
- start_info_size = sizeof(*start_info) + dom->cmdline_size;
- if ( dom->ramdisk_blob )
- start_info_size += sizeof(struct hvm_modlist_entry);
+ start_info_size = sizeof(*start_info) + dom->cmdline_size;
+ if ( dom->ramdisk_blob )
+ start_info_size += sizeof(struct hvm_modlist_entry);
- if ( start_info_size >
- dom->start_info_seg.pages << XC_DOM_PAGE_SHIFT(dom) )
- {
- DOMPRINTF("Trying to map beyond start_info_seg");
- return -1;
- }
+ if ( start_info_size >
+ dom->start_info_seg.pages << XC_DOM_PAGE_SHIFT(dom) )
+ {
+ DOMPRINTF("Trying to map beyond start_info_seg");
+ return -1;
+ }
- start_page = xc_map_foreign_range(xch, domid, start_info_size,
- PROT_READ | PROT_WRITE,
- dom->start_info_seg.pfn);
- if ( start_page == NULL )
- {
- DOMPRINTF("Unable to map HVM start info page");
- return -1;
- }
+ start_page = xc_map_foreign_range(xch, domid, start_info_size,
+ PROT_READ | PROT_WRITE,
+ dom->start_info_seg.pfn);
+ if ( start_page == NULL )
+ {
+ DOMPRINTF("Unable to map HVM start info page");
+ return -1;
+ }
- start_info = start_page;
+ start_info = start_page;
+ modlist = start_page + sizeof(*start_info) + dom->cmdline_size;
+ if ( !dom->device_model )
+ {
if ( dom->cmdline )
{
char *cmdline = start_page + sizeof(*start_info);
@@ -1733,22 +1773,30 @@ static int bootlate_hvm(struct xc_dom_im
if ( dom->ramdisk_blob )
{
- struct hvm_modlist_entry *modlist =
- start_page + sizeof(*start_info) + dom->cmdline_size;
modlist[0].paddr = dom->ramdisk_seg.vstart - dom->parms.virt_base;
modlist[0].size = dom->ramdisk_seg.vend - dom->ramdisk_seg.vstart;
- start_info->modlist_paddr = (dom->start_info_seg.pfn << PAGE_SHIFT) +
- ((uintptr_t)modlist - (uintptr_t)start_info);
start_info->nr_modules = 1;
}
-
- start_info->magic = XEN_HVM_START_MAGIC_VALUE;
-
- munmap(start_page, start_info_size);
}
else
{
+ add_module_to_list(dom, &dom->bios_module, "bios",
+ modlist, start_info);
+ }
+
+ if ( start_info->nr_modules )
+ {
+ start_info->modlist_paddr = (dom->start_info_seg.pfn << PAGE_SHIFT) +
+ ((uintptr_t)modlist - (uintptr_t)start_info);
+ }
+
+ start_info->magic = XEN_HVM_START_MAGIC_VALUE;
+
+ munmap(start_page, start_info_size);
+
+ if ( dom->device_model )
+ {
void *hvm_info_page;
if ( (hvm_info_page = xc_map_foreign_range(
Index: xen-4.7.0-testing/xen/include/public/xen.h
===================================================================
--- xen-4.7.0-testing.orig/xen/include/public/xen.h
+++ xen-4.7.0-testing/xen/include/public/xen.h
@@ -814,7 +814,7 @@ struct start_info {
typedef struct start_info start_info_t;
/*
- * Start of day structure passed to PVH guests in %ebx.
+ * Start of day structure passed to PVH guests and to HVM guests in %ebx.
*
* NOTE: nothing will be loaded at physical address 0, so a 0 value in any
* of the address fields should be treated as not present.

38
0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch Normal file
View File

@ -0,0 +1,38 @@
From d12d422d347ca3a8fd8181b78ee2736561cd0e57 Mon Sep 17 00:00:00 2001
From: Anthony PERARD <anthony.perard@citrix.com>
Date: Mon, 14 Mar 2016 17:55:38 +0000
Subject: [PATCH 03/15] configure: #define SEABIOS_PATH and OVMF_PATH
Those paths are to be used by libxl, in order to load the firmware in
memory. If a system path is not define via --with-system-seabios or
--with-system-ovmf, then this default to the Xen firmware directory.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
---
tools/configure.ac | 6 ++++++
1 file changed, 6 insertions(+)
Index: xen-4.7.0-testing/tools/configure.ac
===================================================================
--- xen-4.7.0-testing.orig/tools/configure.ac
+++ xen-4.7.0-testing/tools/configure.ac
@@ -218,6 +218,9 @@ AC_ARG_WITH([system-seabios],
esac
],[])
AC_SUBST(seabios_path)
+AC_DEFINE_UNQUOTED([SEABIOS_PATH],
+ ["${seabios_path:-$XENFIRMWAREDIR/seabios.bin}"],
+ [SeaBIOS path])
AC_ARG_WITH([system-ovmf],
AS_HELP_STRING([--with-system-ovmf@<:@=PATH@:>@],
@@ -229,6 +232,9 @@ AC_ARG_WITH([system-ovmf],
esac
],[])
AC_SUBST(ovmf_path)
+AC_DEFINE_UNQUOTED([OVMF_PATH],
+ ["${ovmf_path:-$XENFIRMWAREDIR/ovmf.bin}"],
+ [OVMF path])
AC_ARG_WITH([extra-qemuu-configure-args],
AS_HELP_STRING([--with-extra-qemuu-configure-args@<:@="--ARG1 ..."@:>@],

43
0004-firmware-makefile-install-BIOS-blob.patch Normal file
View File

@ -0,0 +1,43 @@
From b44077cb7b2844d083ddae0d2174d4ae8a5101b6 Mon Sep 17 00:00:00 2001
From: Anthony PERARD <anthony.perard@citrix.com>
Date: Mon, 14 Mar 2016 17:55:39 +0000
Subject: [PATCH 04/15] firmware/makefile: install BIOS blob ...
... into the firmware directory, along with hvmloader.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
---
tools/firmware/Makefile | 13 +++++++++++++
1 file changed, 13 insertions(+)
Index: xen-4.7.0-testing/tools/firmware/Makefile
===================================================================
--- xen-4.7.0-testing.orig/tools/firmware/Makefile
+++ xen-4.7.0-testing/tools/firmware/Makefile
@@ -19,6 +19,9 @@ SUBDIRS-y += hvmloader
LD32BIT-$(CONFIG_FreeBSD) := LD32BIT_FLAG=-melf_i386_fbsd
+SEABIOS_ROM := seabios-dir/out/bios.bin
+OVMF_ROM := ovmf-dir/ovmf.bin
+
ovmf-dir:
GIT=$(GIT) $(XEN_ROOT)/scripts/git-checkout.sh $(OVMF_UPSTREAM_URL) $(OVMF_UPSTREAM_REVISION) ovmf-dir
cp ovmf-makefile ovmf-dir/Makefile;
@@ -45,6 +48,16 @@ endif
install: all
[ -d $(INST_DIR) ] || $(INSTALL_DIR) $(INST_DIR)
[ ! -e $(TARGET) ] || $(INSTALL_DATA) $(TARGET) $(INST_DIR)
+ifeq ($(CONFIG_SEABIOS),y)
+ifeq ($(SEABIOS_PATH),)
+ $(INSTALL_DATA) $(SEABIOS_ROM) $(INST_DIR)/seabios.bin
+endif
+endif
+ifeq ($(CONFIG_OVMF),y)
+ifeq ($(OVMF_PATH),)
+ $(INSTALL_DATA) $(OVMF_ROM) $(INST_DIR)/ovmf.bin
+endif
+endif
.PHONY: clean
clean: subdirs-clean

212
0005-libxl-Load-guest-BIOS-from-file.patch Normal file
View File

@ -0,0 +1,212 @@
From a8eef037b010662e73428907af761b6d2aef4eae Mon Sep 17 00:00:00 2001
From: Anthony PERARD <anthony.perard@citrix.com>
Date: Mon, 14 Mar 2016 17:55:40 +0000
Subject: [PATCH 05/15] libxl: Load guest BIOS from file
The path to the BIOS blob can be override by the xl's bios_override option,
or provided by u.hvm.bios_firmware in the domain_build_info struct by other
libxl user.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
---
docs/man/xl.cfg.pod.5 | 9 +++++++
tools/libxl/libxl.h | 8 +++++++
tools/libxl/libxl_dom.c | 57 ++++++++++++++++++++++++++++++++++++++++++++
tools/libxl/libxl_internal.h | 2 ++
tools/libxl/libxl_paths.c | 10 ++++++++
tools/libxl/libxl_types.idl | 1 +
tools/libxl/xl_cmdimpl.c | 11 ++++++---
7 files changed, 95 insertions(+), 3 deletions(-)
Index: xen-4.7.0-testing/docs/man/xl.cfg.pod.5
===================================================================
--- xen-4.7.0-testing.orig/docs/man/xl.cfg.pod.5
+++ xen-4.7.0-testing/docs/man/xl.cfg.pod.5
@@ -1268,6 +1268,15 @@ Requires device_model_version=qemu-xen.
=back
+=item B<bios_override="PATH">
+
+Override the path to the blob to be used as BIOS. The blob provided here MUST
+be consistent with the `bios` which you have specified. You should not normally
+need to specify this option.
+
+This options does not have any effect if using bios="rombios" or
+device_model_version="qemu-xen-traditional".
+
=item B<pae=BOOLEAN>
Hide or expose the IA32 Physical Address Extensions. These extensions
Index: xen-4.7.0-testing/tools/libxl/libxl.h
===================================================================
--- xen-4.7.0-testing.orig/tools/libxl/libxl.h
+++ xen-4.7.0-testing/tools/libxl/libxl.h
@@ -947,6 +947,14 @@ void libxl_mac_copy(libxl_ctx *ctx, libx
#define LIBXL_HAVE_CHECKPOINTED_STREAM 1
/*
+ * LIBXL_HAVE_BUILDINFO_HVM_BIOS_FIRMWARE
+ *
+ * libxl_domain_build_info has u.hvm.bios_firmware field which can be use
+ * to provide a different bios blob (like SeaBIOS or OVMF).
+ */
+#define LIBXL_HAVE_BUILDINFO_HVM_BIOS_FIRMWARE
+
+/*
* ERROR_REMUS_XXX error code only exists from Xen 4.5, Xen 4.6 and it
* is changed to ERROR_CHECKPOINT_XXX in Xen 4.7
*/
Index: xen-4.7.0-testing/tools/libxl/libxl_dom.c
===================================================================
--- xen-4.7.0-testing.orig/tools/libxl/libxl_dom.c
+++ xen-4.7.0-testing/tools/libxl/libxl_dom.c
@@ -860,6 +860,38 @@ err:
return ret;
}
+static int libxl__load_hvm_firmware_module(libxl__gc *gc,
+ const char *filename,
+ const char *what,
+ struct xc_hvm_firmware_module *m)
+{
+ int datalen = 0;
+ void *data = NULL;
+ int e;
+
+ LOG(DEBUG, "Loading %s: %s", what, filename);
+ e = libxl_read_file_contents(CTX, filename, &data, &datalen);
+ if (e) {
+ /*
+ * Print a message only on ENOENT, other error are logged by the
+ * function libxl_read_file_contents().
+ */
+ if (e == ENOENT)
+ LOGEV(ERROR, e, "failed to read %s file", what);
+ return ERROR_FAIL;
+ }
+ libxl__ptr_add(gc, data);
+ if (datalen) {
+ /* Only accept non-empty files */
+ m->data = data;
+ m->length = datalen;
+ } else {
+ LOG(ERROR, "file %s for %s is empty", filename, what);
+ return ERROR_INVAL;
+ }
+ return 0;
+}
+
static int libxl__domain_firmware(libxl__gc *gc,
libxl_domain_build_info *info,
struct xc_dom_image *dom)
@@ -869,6 +901,7 @@ static int libxl__domain_firmware(libxl_
int e, rc;
int datalen = 0;
void *data;
+ const char *bios_filename = NULL;
if (info->u.hvm.firmware)
firmware = info->u.hvm.firmware;
@@ -912,6 +945,30 @@ static int libxl__domain_firmware(libxl_
goto out;
}
+ if (info->device_model_version == LIBXL_DEVICE_MODEL_VERSION_QEMU_XEN) {
+ if (info->u.hvm.bios_firmware) {
+ bios_filename = info->u.hvm.bios_firmware;
+ } else {
+ switch (info->u.hvm.bios) {
+ case LIBXL_BIOS_TYPE_SEABIOS:
+ bios_filename = libxl__seabios_path();
+ break;
+ case LIBXL_BIOS_TYPE_OVMF:
+ bios_filename = libxl__ovmf_path();
+ break;
+ case LIBXL_BIOS_TYPE_ROMBIOS:
+ default:
+ abort();
+ }
+ }
+ }
+
+ if (bios_filename) {
+ rc = libxl__load_hvm_firmware_module(gc, bios_filename, "BIOS",
+ &dom->bios_module);
+ if (rc) goto out;
+ }
+
if (info->u.hvm.smbios_firmware) {
data = NULL;
e = libxl_read_file_contents(ctx, info->u.hvm.smbios_firmware,
Index: xen-4.7.0-testing/tools/libxl/libxl_internal.h
===================================================================
--- xen-4.7.0-testing.orig/tools/libxl/libxl_internal.h
+++ xen-4.7.0-testing/tools/libxl/libxl_internal.h
@@ -2317,6 +2317,8 @@ _hidden const char *libxl__xen_config_di
_hidden const char *libxl__xen_script_dir_path(void);
_hidden const char *libxl__lock_dir_path(void);
_hidden const char *libxl__run_dir_path(void);
+_hidden const char *libxl__seabios_path(void);
+_hidden const char *libxl__ovmf_path(void);
/*----- subprocess execution with timeout -----*/
Index: xen-4.7.0-testing/tools/libxl/libxl_paths.c
===================================================================
--- xen-4.7.0-testing.orig/tools/libxl/libxl_paths.c
+++ xen-4.7.0-testing/tools/libxl/libxl_paths.c
@@ -35,6 +35,16 @@ const char *libxl__run_dir_path(void)
return XEN_RUN_DIR;
}
+const char *libxl__seabios_path(void)
+{
+ return SEABIOS_PATH;
+}
+
+const char *libxl__ovmf_path(void)
+{
+ return OVMF_PATH;
+}
+
/*
* Local variables:
* mode: C
Index: xen-4.7.0-testing/tools/libxl/libxl_types.idl
===================================================================
--- xen-4.7.0-testing.orig/tools/libxl/libxl_types.idl
+++ xen-4.7.0-testing/tools/libxl/libxl_types.idl
@@ -513,6 +513,7 @@ libxl_domain_build_info = Struct("domain
("timer_mode", libxl_timer_mode),
("nested_hvm", libxl_defbool),
("altp2m", libxl_defbool),
+ ("bios_firmware", string),
("smbios_firmware", string),
("acpi_firmware", string),
("hdtype", libxl_hdtype),
Index: xen-4.7.0-testing/tools/libxl/xl_cmdimpl.c
===================================================================
--- xen-4.7.0-testing.orig/tools/libxl/xl_cmdimpl.c
+++ xen-4.7.0-testing/tools/libxl/xl_cmdimpl.c
@@ -1562,12 +1562,17 @@ static void parse_config_data(const char
xlu_cfg_replace_string (config, "firmware_override",
&b_info->u.hvm.firmware, 0);
- if (!xlu_cfg_get_string(config, "bios", &buf, 0) &&
- libxl_bios_type_from_string(buf, &b_info->u.hvm.bios)) {
+ xlu_cfg_replace_string (config, "bios_override",
+ &b_info->u.hvm.bios_firmware, 0);
+ if (!xlu_cfg_get_string(config, "bios", &buf, 0)) {
+ if (libxl_bios_type_from_string(buf, &b_info->u.hvm.bios)) {
fprintf(stderr, "ERROR: invalid value \"%s\" for \"bios\"\n",
buf);
exit (1);
- }
+ }
+ } else if (b_info->u.hvm.bios_firmware)
+ fprintf(stderr, "WARNING: "
+ "bios_override given without specific bios name\n");
xlu_cfg_get_defbool(config, "pae", &b_info->u.hvm.pae, 0);
xlu_cfg_get_defbool(config, "apic", &b_info->u.hvm.apic, 0);

99
0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch Normal file
View File

@ -0,0 +1,99 @@
From b920bea09b69c1cdd5bb4c5964ce20d0bf7ced8b Mon Sep 17 00:00:00 2001
From: Anthony PERARD <anthony.perard@citrix.com>
Date: Mon, 14 Mar 2016 17:55:41 +0000
Subject: [PATCH 06/15] xen: Move the hvm_start_info C representation from
libxc to public/xen.h
Instead of having several representation of hvm_start_info in C, define
it in public/xen.h so both libxc and hvmloader can use it.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
---
tools/libxc/include/xc_dom.h | 31 -------------------------------
xen/include/public/xen.h | 31 +++++++++++++++++++++++++++++++
2 files changed, 31 insertions(+), 31 deletions(-)
Index: xen-4.7.0-testing/tools/libxc/include/xc_dom.h
===================================================================
--- xen-4.7.0-testing.orig/tools/libxc/include/xc_dom.h
+++ xen-4.7.0-testing/tools/libxc/include/xc_dom.h
@@ -219,37 +219,6 @@ struct xc_dom_image {
struct xc_hvm_firmware_module smbios_module;
};
-#if defined(__i386__) || defined(__x86_64__)
-/* C representation of the x86/HVM start info layout.
- *
- * The canonical definition of this layout resides in public/xen.h, this
- * is just a way to represent the layout described there using C types.
- *
- * NB: the packed attribute is not really needed, but it helps us enforce
- * the fact this this is just a representation, and it might indeed
- * be required in the future if there are alignment changes.
- */
-struct hvm_start_info {
- uint32_t magic; /* Contains the magic value 0x336ec578 */
- /* ("xEn3" with the 0x80 bit of the "E" set).*/
- uint32_t version; /* Version of this structure. */
- uint32_t flags; /* SIF_xxx flags. */
- uint32_t nr_modules; /* Number of modules passed to the kernel. */
- uint64_t modlist_paddr; /* Physical address of an array of */
- /* hvm_modlist_entry. */
- uint64_t cmdline_paddr; /* Physical address of the command line. */
- uint64_t rsdp_paddr; /* Physical address of the RSDP ACPI data */
- /* structure. */
-} __attribute__((packed));
-
-struct hvm_modlist_entry {
- uint64_t paddr; /* Physical address of the module. */
- uint64_t size; /* Size of the module in bytes. */
- uint64_t cmdline_paddr; /* Physical address of the command line. */
- uint64_t reserved;
-} __attribute__((packed));
-#endif /* x86 */
-
/* --- pluggable kernel loader ------------------------------------- */
struct xc_dom_loader {
Index: xen-4.7.0-testing/xen/include/public/xen.h
===================================================================
--- xen-4.7.0-testing.orig/xen/include/public/xen.h
+++ xen-4.7.0-testing/xen/include/public/xen.h
@@ -859,6 +859,37 @@ typedef struct start_info start_info_t;
*/
#define XEN_HVM_START_MAGIC_VALUE 0x336ec578
+#if defined(__i386__) || defined(__x86_64__)
+/* C representation of the x86/HVM start info layout.
+ *
+ * The canonical definition of this layout resides in public/xen.h, this
+ * is just a way to represent the layout described there using C types.
+ *
+ * NB: the packed attribute is not really needed, but it helps us enforce
+ * the fact this this is just a representation, and it might indeed
+ * be required in the future if there are alignment changes.
+ */
+struct hvm_start_info {
+ uint32_t magic; /* Contains the magic value 0x336ec578 */
+ /* ("xEn3" with the 0x80 bit of the "E" set).*/
+ uint32_t version; /* Version of this structure. */
+ uint32_t flags; /* SIF_xxx flags. */
+ uint32_t nr_modules; /* Number of modules passed to the kernel. */
+ uint64_t modlist_paddr; /* Physical address of an array of */
+ /* hvm_modlist_entry. */
+ uint64_t cmdline_paddr; /* Physical address of the command line. */
+ uint64_t rsdp_paddr; /* Physical address of the RSDP ACPI data */
+ /* structure. */
+} __attribute__((packed));
+
+struct hvm_modlist_entry {
+ uint64_t paddr; /* Physical address of the module. */
+ uint64_t size; /* Size of the module in bytes. */
+ uint64_t cmdline_paddr; /* Physical address of the command line. */
+ uint64_t reserved;
+} __attribute__((packed));
+#endif /* x86 */
+
/* New console union for dom0 introduced in 0x00030203. */
#if __XEN_INTERFACE_VERSION__ < 0x00030203
#define console_mfn console.domU.mfn

55
0007-hvmloader-Grab-the-hvm_start_info-pointer.patch Normal file
View File

@ -0,0 +1,55 @@
From e3d13cec19a919b06dea49edd64a50c68e1094a7 Mon Sep 17 00:00:00 2001
From: Anthony PERARD <anthony.perard@citrix.com>
Date: Mon, 14 Mar 2016 17:55:42 +0000
Subject: [PATCH 07/15] hvmloader: Grab the hvm_start_info pointer
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
---
tools/firmware/hvmloader/hvmloader.c | 5 +++++
tools/firmware/hvmloader/util.h | 3 +++
2 files changed, 8 insertions(+)
Index: xen-4.7.0-testing/tools/firmware/hvmloader/hvmloader.c
===================================================================
--- xen-4.7.0-testing.orig/tools/firmware/hvmloader/hvmloader.c
+++ xen-4.7.0-testing/tools/firmware/hvmloader/hvmloader.c
@@ -29,6 +29,8 @@
#include <xen/version.h>
#include <xen/hvm/params.h>
+const struct hvm_start_info *hvm_start_info;
+
asm (
" .text \n"
" .globl _start \n"
@@ -46,6 +48,8 @@ asm (
" ljmp $"STR(SEL_CODE32)",$1f \n"
"1: movl $stack_top,%esp \n"
" movl %esp,%ebp \n"
+ /* store HVM start info ptr */
+ " mov %ebx, hvm_start_info \n"
" call main \n"
/* Relocate real-mode trampoline to 0x0. */
" mov $trampoline_start,%esi \n"
@@ -258,6 +262,7 @@ int main(void)
memset((void *)HYPERCALL_PHYSICAL_ADDRESS, 0xc3 /* RET */, PAGE_SIZE);
printf("HVM Loader\n");
+ BUG_ON(hvm_start_info->magic != XEN_HVM_START_MAGIC_VALUE);
init_hypercalls();
Index: xen-4.7.0-testing/tools/firmware/hvmloader/util.h
===================================================================
--- xen-4.7.0-testing.orig/tools/firmware/hvmloader/util.h
+++ xen-4.7.0-testing/tools/firmware/hvmloader/util.h
@@ -158,6 +158,9 @@ static inline void cpu_relax(void)
struct hvm_info_table *get_hvm_info_table(void) __attribute__ ((const));
#define hvm_info (get_hvm_info_table())
+/* HVM start info */
+extern const struct hvm_start_info *hvm_start_info;
+
/* String and memory functions */
int strcmp(const char *cs, const char *ct);
int strncmp(const char *s1, const char *s2, uint32_t n);

139
0008-hvmloader-Locate-the-BIOS-blob.patch Normal file
View File

@ -0,0 +1,139 @@
From 463aedc4fd6e09518b4711e931048bf932b6ee39 Mon Sep 17 00:00:00 2001
From: Anthony PERARD <anthony.perard@citrix.com>
Date: Mon, 14 Mar 2016 17:55:43 +0000
Subject: [PATCH 08/15] hvmloader: Locate the BIOS blob
The BIOS can be found an entry called "bios" of the modlist of the
hvm_start_info struct.
The found BIOS blob is not loaded by this patch, but only passed as
argument to bios_load() function. It is going to be used by the next few
patches.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
---
tools/firmware/hvmloader/config.h | 2 +-
tools/firmware/hvmloader/hvmloader.c | 42 ++++++++++++++++++++++++++++++++++--
tools/firmware/hvmloader/ovmf.c | 3 ++-
tools/firmware/hvmloader/rombios.c | 3 ++-
tools/firmware/hvmloader/util.h | 2 ++
5 files changed, 47 insertions(+), 5 deletions(-)
Index: xen-4.7.0-testing/tools/firmware/hvmloader/config.h
===================================================================
--- xen-4.7.0-testing.orig/tools/firmware/hvmloader/config.h
+++ xen-4.7.0-testing/tools/firmware/hvmloader/config.h
@@ -22,7 +22,7 @@ struct bios_config {
/* ROMS */
void (*load_roms)(void);
- void (*bios_load)(const struct bios_config *config);
+ void (*bios_load)(const struct bios_config *config, void *addr, uint32_t size);
void (*bios_info_setup)(void);
void (*bios_info_finish)(void);
Index: xen-4.7.0-testing/tools/firmware/hvmloader/hvmloader.c
===================================================================
--- xen-4.7.0-testing.orig/tools/firmware/hvmloader/hvmloader.c
+++ xen-4.7.0-testing/tools/firmware/hvmloader/hvmloader.c
@@ -253,10 +253,40 @@ static void acpi_enable_sci(void)
BUG_ON(!(pm1a_cnt_val & ACPI_PM1C_SCI_EN));
}
+const struct hvm_modlist_entry *get_module_entry(
+ const struct hvm_start_info *info,
+ const char *name)
+{
+ const struct hvm_modlist_entry *modlist =
+ (struct hvm_modlist_entry *)((uintptr_t)info->modlist_paddr);
+ unsigned int i;
+
+ if ( !modlist )
+ return NULL;
+
+ for ( i = 0; i < info->nr_modules; i++ )
+ {
+ uint32_t module_name = modlist[i].cmdline_paddr;
+
+ BUG_ON(!modlist[i].cmdline_paddr ||
+ modlist[i].cmdline_paddr > UINT_MAX);
+
+ if ( !strcmp(name, (char*)module_name) )
+ {
+ BUG_ON(!modlist[i].paddr || modlist[i].paddr > UINT_MAX ||
+ modlist[i].size > UINT_MAX);
+ return &modlist[i];
+ }
+ }
+
+ return NULL;
+}
+
int main(void)
{
const struct bios_config *bios;
int acpi_enabled;
+ const struct hvm_modlist_entry *bios_module;
/* Initialise hypercall stubs with RET, rendering them no-ops. */
memset((void *)HYPERCALL_PHYSICAL_ADDRESS, 0xc3 /* RET */, PAGE_SIZE);
@@ -292,8 +322,16 @@ int main(void)
}
printf("Loading %s ...\n", bios->name);
- if ( bios->bios_load )
- bios->bios_load(bios);
+ bios_module = get_module_entry(hvm_start_info, "bios");
+ if ( bios_module && bios->bios_load )
+ {
+ uint32_t paddr = bios_module->paddr;
+ bios->bios_load(bios, (void*)paddr, bios_module->size);
+ }
+ else if ( bios->bios_load )
+ {
+ bios->bios_load(bios, 0, 0);
+ }
else
{
BUG_ON(bios->bios_address + bios->image_size >
Index: xen-4.7.0-testing/tools/firmware/hvmloader/ovmf.c
===================================================================
--- xen-4.7.0-testing.orig/tools/firmware/hvmloader/ovmf.c
+++ xen-4.7.0-testing/tools/firmware/hvmloader/ovmf.c
@@ -93,7 +93,8 @@ static void ovmf_finish_bios_info(void)
info->checksum = -checksum;
}
-static void ovmf_load(const struct bios_config *config)
+static void ovmf_load(const struct bios_config *config,
+ void *bios_addr, uint32_t bios_length)
{
xen_pfn_t mfn;
uint64_t addr = OVMF_BEGIN;
Index: xen-4.7.0-testing/tools/firmware/hvmloader/rombios.c
===================================================================
--- xen-4.7.0-testing.orig/tools/firmware/hvmloader/rombios.c
+++ xen-4.7.0-testing/tools/firmware/hvmloader/rombios.c
@@ -121,7 +121,8 @@ static void rombios_load_roms(void)
option_rom_phys_addr + option_rom_sz - 1);
}
-static void rombios_load(const struct bios_config *config)
+static void rombios_load(const struct bios_config *config,
+ void *unused_addr, uint32_t unused_size)
{
uint32_t bioshigh;
struct rombios_info *info;
Index: xen-4.7.0-testing/tools/firmware/hvmloader/util.h
===================================================================
--- xen-4.7.0-testing.orig/tools/firmware/hvmloader/util.h
+++ xen-4.7.0-testing/tools/firmware/hvmloader/util.h
@@ -34,6 +34,8 @@ enum {
#undef NULL
#define NULL ((void*)0)
+#define UINT_MAX (~0U)
+
void __assert_failed(char *assertion, char *file, int line)
__attribute__((noreturn));
#define ASSERT(p) \

44
0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch Normal file
View File

@ -0,0 +1,44 @@
From c3f4c5bcf0d8d93b5116f3e368c4739abe2dc06d Mon Sep 17 00:00:00 2001
From: Anthony PERARD <anthony.perard@citrix.com>
Date: Mon, 14 Mar 2016 17:55:44 +0000
Subject: [PATCH 09/15] hvmloader: Check modules whereabouts in perform_tests
As perform_tests() is going to clear memory past 4MB, we check that the
memory can be use or we skip the tests.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
---
tools/firmware/hvmloader/tests.c | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
Index: xen-4.7.0-testing/tools/firmware/hvmloader/tests.c
===================================================================
--- xen-4.7.0-testing.orig/tools/firmware/hvmloader/tests.c
+++ xen-4.7.0-testing/tools/firmware/hvmloader/tests.c
@@ -210,6 +210,26 @@ void perform_tests(void)
return;
}
+ /* Check that tests does not use memory where modules are stored */
+ if ( ((uint32_t)hvm_start_info + sizeof(struct hvm_start_info)) > 4 << 20
+ && (uint32_t)hvm_start_info < 8 << 20 )
+ {
+ printf("Skipping tests due to memory used by hvm_start_info\n");
+ return;
+ }
+ for ( unsigned i = 0; i < hvm_start_info->nr_modules; i++ )
+ {
+ const struct hvm_modlist_entry *modlist =
+ (struct hvm_modlist_entry *)((uintptr_t)hvm_start_info->modlist_paddr);
+ if ( modlist[i].paddr
+ && modlist[i].paddr + modlist[i].size > 4ul << 20
+ && modlist[i].paddr < 8ul << 20 )
+ {
+ printf("Skipping tests due to memory used by a module\n");
+ return;
+ }
+ }
+
passed = skipped = 0;
for ( i = 0; tests[i].test; i++ )
{

112
0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch Normal file
View File

@ -0,0 +1,112 @@
From df9fdafcfc38c931181dae1de3e6a9eee28829d4 Mon Sep 17 00:00:00 2001
From: Anthony PERARD <anthony.perard@citrix.com>
Date: Mon, 14 Mar 2016 17:55:45 +0000
Subject: [PATCH 10/15] hvmloader: Load SeaBIOS from hvm_start_info modules
... and do not include the SeaBIOS ROM into hvmloader anymore.
This also fix the dependency on roms.inc, hvmloader.o does not include it.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
---
tools/firmware/hvmloader/Makefile | 15 +--------------
tools/firmware/hvmloader/seabios.c | 24 ++++++++++++++----------
2 files changed, 15 insertions(+), 24 deletions(-)
Index: xen-4.7.0-testing/tools/firmware/hvmloader/Makefile
===================================================================
--- xen-4.7.0-testing.orig/tools/firmware/hvmloader/Makefile
+++ xen-4.7.0-testing/tools/firmware/hvmloader/Makefile
@@ -45,7 +45,6 @@ CIRRUSVGA_DEBUG ?= n
OVMF_DIR := ../ovmf-dir
ROMBIOS_DIR := ../rombios
-SEABIOS_DIR := ../seabios-dir
ifeq ($(CONFIG_ROMBIOS),y)
STDVGA_ROM := ../vgabios/VGABIOS-lgpl-latest.bin
@@ -80,19 +79,13 @@ endif
ifeq ($(CONFIG_SEABIOS),y)
OBJS += seabios.o
CFLAGS += -DENABLE_SEABIOS
-ifeq ($(SEABIOS_PATH),)
- SEABIOS_ROM := $(SEABIOS_DIR)/out/bios.bin
-else
- SEABIOS_ROM := $(SEABIOS_PATH)
-endif
-ROMS += $(SEABIOS_ROM)
endif
.PHONY: all
all: subdirs-all
$(MAKE) hvmloader
-ovmf.o rombios.o seabios.o hvmloader.o: roms.inc
+ovmf.o rombios.o: roms.inc
smbios.o: CFLAGS += -D__SMBIOS_DATE__="\"$(SMBIOS_REL_DATE)\""
hvmloader: $(OBJS) acpi/acpi.a
@@ -109,12 +102,6 @@ ifneq ($(ROMBIOS_ROM),)
echo "#endif" >> $@.new
endif
-ifneq ($(SEABIOS_ROM),)
- echo "#ifdef ROM_INCLUDE_SEABIOS" >> $@.new
- sh ./mkhex seabios $(SEABIOS_ROM) >> $@.new
- echo "#endif" >> $@.new
-endif
-
ifneq ($(OVMF_ROM),)
echo "#ifdef ROM_INCLUDE_OVMF" >> $@.new
sh ./mkhex ovmf $(OVMF_ROM) >> $@.new
Index: xen-4.7.0-testing/tools/firmware/hvmloader/seabios.c
===================================================================
--- xen-4.7.0-testing.orig/tools/firmware/hvmloader/seabios.c
+++ xen-4.7.0-testing/tools/firmware/hvmloader/seabios.c
@@ -27,9 +27,6 @@
#include "smbios_types.h"
#include "acpi/acpi2_0.h"
-#define ROM_INCLUDE_SEABIOS
-#include "roms.inc"
-
extern unsigned char dsdt_anycpu_qemu_xen[];
extern int dsdt_anycpu_qemu_xen_len;
@@ -127,22 +124,29 @@ static void seabios_setup_e820(void)
struct e820entry *e820 = scratch_alloc(sizeof(struct e820entry)*16, 0);
info->e820 = (uint32_t)e820;
+ BUG_ON(seabios_config.bios_address < 0xc0000 || seabios_config.bios_address >= 0x100000);
/* SeaBIOS reserves memory in e820 as necessary so no low reservation. */
- info->e820_nr = build_e820_table(e820, 0, 0x100000-sizeof(seabios));
+ info->e820_nr = build_e820_table(e820, 0, seabios_config.bios_address);
dump_e820_table(e820, info->e820_nr);
}
-struct bios_config seabios_config = {
- .name = "SeaBIOS",
+static void seabios_load(const struct bios_config *bios,
+ void *bios_addr, uint32_t bios_length)
+{
+ unsigned int bios_dest = 0x100000 - bios_length;
- .image = seabios,
- .image_size = sizeof(seabios),
+ BUG_ON(bios_dest + bios_length > HVMLOADER_PHYSICAL_ADDRESS);
+ memcpy((void *)bios_dest, bios_addr, bios_length);
+ seabios_config.bios_address = bios_dest;
+ seabios_config.image_size = bios_length;
+}
- .bios_address = 0x100000 - sizeof(seabios),
+struct bios_config seabios_config = {
+ .name = "SeaBIOS",
.load_roms = NULL,
- .bios_load = NULL,
+ .bios_load = seabios_load,
.bios_info_setup = seabios_setup_bios_info,
.bios_info_finish = seabios_finish_bios_info,

131
0011-hvmloader-Load-OVMF-from-modules.patch Normal file
View File

@ -0,0 +1,131 @@
From 009fef2fc4bdffd1c9e5caf557157b4949d3842b Mon Sep 17 00:00:00 2001
From: Anthony PERARD <anthony.perard@citrix.com>
Date: Mon, 14 Mar 2016 17:55:46 +0000
Subject: [PATCH 11/15] hvmloader: Load OVMF from modules
... and do not include the OVMF ROM into hvmloader anymore.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
---
tools/firmware/hvmloader/Makefile | 15 +--------------
tools/firmware/hvmloader/ovmf.c | 30 +++++++++++++-----------------
2 files changed, 14 insertions(+), 31 deletions(-)
Index: xen-4.7.0-testing/tools/firmware/hvmloader/Makefile
===================================================================
--- xen-4.7.0-testing.orig/tools/firmware/hvmloader/Makefile
+++ xen-4.7.0-testing/tools/firmware/hvmloader/Makefile
@@ -43,7 +43,6 @@ endif
CIRRUSVGA_DEBUG ?= n
-OVMF_DIR := ../ovmf-dir
ROMBIOS_DIR := ../rombios
ifeq ($(CONFIG_ROMBIOS),y)
@@ -61,12 +60,6 @@ ROMS :=
ifeq ($(CONFIG_OVMF),y)
OBJS += ovmf.o
CFLAGS += -DENABLE_OVMF
-ifeq ($(OVMF_PATH),)
- OVMF_ROM := $(OVMF_DIR)/ovmf.bin
-else
- OVMF_ROM := $(OVMF_PATH)
-endif
-ROMS += $(OVMF_ROM)
endif
ifeq ($(CONFIG_ROMBIOS),y)
@@ -85,7 +78,7 @@ endif
all: subdirs-all
$(MAKE) hvmloader
-ovmf.o rombios.o: roms.inc
+rombios.o: roms.inc
smbios.o: CFLAGS += -D__SMBIOS_DATE__="\"$(SMBIOS_REL_DATE)\""
hvmloader: $(OBJS) acpi/acpi.a
@@ -102,12 +95,6 @@ ifneq ($(ROMBIOS_ROM),)
echo "#endif" >> $@.new
endif
-ifneq ($(OVMF_ROM),)
- echo "#ifdef ROM_INCLUDE_OVMF" >> $@.new
- sh ./mkhex ovmf $(OVMF_ROM) >> $@.new
- echo "#endif" >> $@.new
-endif
-
ifneq ($(STDVGA_ROM),)
echo "#ifdef ROM_INCLUDE_VGABIOS" >> $@.new
sh ./mkhex vgabios_stdvga $(STDVGA_ROM) >> $@.new
Index: xen-4.7.0-testing/tools/firmware/hvmloader/ovmf.c
===================================================================
--- xen-4.7.0-testing.orig/tools/firmware/hvmloader/ovmf.c
+++ xen-4.7.0-testing/tools/firmware/hvmloader/ovmf.c
@@ -34,17 +34,10 @@
#include <xen/hvm/ioreq.h>
#include <xen/memory.h>
-#define ROM_INCLUDE_OVMF
-#include "roms.inc"
-
-#define OVMF_SIZE (sizeof(ovmf))
#define OVMF_MAXOFFSET 0x000FFFFFULL
-#define OVMF_BEGIN (0x100000000ULL - ((OVMF_SIZE + OVMF_MAXOFFSET) & ~OVMF_MAXOFFSET))
-#define OVMF_END (OVMF_BEGIN + OVMF_SIZE)
#define LOWCHUNK_BEGIN 0x000F0000
#define LOWCHUNK_SIZE 0x00010000
#define LOWCHUNK_MAXOFFSET 0x0000FFFF
-#define LOWCHUNK_END (OVMF_BEGIN + OVMF_SIZE)
#define OVMF_INFO_PHYSICAL_ADDRESS 0x00001000
extern unsigned char dsdt_anycpu_qemu_xen[];
@@ -97,24 +90,31 @@ static void ovmf_load(const struct bios_
void *bios_addr, uint32_t bios_length)
{
xen_pfn_t mfn;
- uint64_t addr = OVMF_BEGIN;
+ uint64_t addr = 0x100000000ULL
+ - ((bios_length + OVMF_MAXOFFSET) & ~OVMF_MAXOFFSET);
+ uint64_t ovmf_end = addr + bios_length;
+
+ ovmf_config.bios_address = addr;
+ ovmf_config.image_size = bios_length;
/* Copy low-reset vector portion. */
- memcpy((void *) LOWCHUNK_BEGIN, (uint8_t *) config->image
- + OVMF_SIZE
- - LOWCHUNK_SIZE,
+ memcpy((void *) LOWCHUNK_BEGIN,
+ (uint8_t *) bios_addr + bios_length - LOWCHUNK_SIZE,
LOWCHUNK_SIZE);
/* Ensure we have backing page prior to moving FD. */
- while ( (addr >> PAGE_SHIFT) != (OVMF_END >> PAGE_SHIFT) )
+ while ( (addr >> PAGE_SHIFT) != (ovmf_end >> PAGE_SHIFT) )
{
mfn = (uint32_t) (addr >> PAGE_SHIFT);
addr += PAGE_SIZE;
mem_hole_populate_ram(mfn, 1);
}
+ /* Check that source and destination does not overlaps. */
+ BUG_ON(addr + bios_length > (unsigned)bios_addr
+ && addr < (unsigned)bios_addr + bios_length);
/* Copy FD. */
- memcpy((void *) OVMF_BEGIN, config->image, OVMF_SIZE);
+ memcpy((void *) ovmf_config.bios_address, bios_addr, bios_length);
}
static void ovmf_acpi_build_tables(void)
@@ -151,10 +151,6 @@ static void ovmf_setup_e820(void)
struct bios_config ovmf_config = {
.name = "OVMF",
- .image = ovmf,
- .image_size = sizeof(ovmf),
-
- .bios_address = OVMF_BEGIN,
.bios_load = ovmf_load,
.load_roms = 0,

51
0012-hvmloader-Specific-bios_load-function-required.patch Normal file
View File

@ -0,0 +1,51 @@
From 258c5050f08bdf69394dd8790398b6dfe453886e Mon Sep 17 00:00:00 2001
From: Anthony PERARD <anthony.perard@citrix.com>
Date: Mon, 14 Mar 2016 17:55:47 +0000
Subject: [PATCH 12/15] hvmloader: Specific bios_load function required
All BIOS but ROMBIOS needs to be loaded via modules.
ROMBIOS is handled as a special case.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Acked-by: Jan Beulich <jbeulich@suse.com>
---
tools/firmware/hvmloader/hvmloader.c | 16 ++++++++++------
1 file changed, 10 insertions(+), 6 deletions(-)
Index: xen-4.7.0-testing/tools/firmware/hvmloader/hvmloader.c
===================================================================
--- xen-4.7.0-testing.orig/tools/firmware/hvmloader/hvmloader.c
+++ xen-4.7.0-testing/tools/firmware/hvmloader/hvmloader.c
@@ -323,21 +323,25 @@ int main(void)
printf("Loading %s ...\n", bios->name);
bios_module = get_module_entry(hvm_start_info, "bios");
- if ( bios_module && bios->bios_load )
+ if ( bios_module )
{
uint32_t paddr = bios_module->paddr;
bios->bios_load(bios, (void*)paddr, bios_module->size);
}
- else if ( bios->bios_load )
+#ifdef ENABLE_ROMBIOS
+ else if ( bios == &rombios_config )
{
bios->bios_load(bios, 0, 0);
}
+#endif
else
{
- BUG_ON(bios->bios_address + bios->image_size >
- HVMLOADER_PHYSICAL_ADDRESS);
- memcpy((void *)bios->bios_address, bios->image,
- bios->image_size);
+ /*
+ * If there is no BIOS module supplied and if there is no embeded BIOS
+ * image, then we failed. Only rombios might have an embedded bios blob.
+ */
+ printf("no BIOS ROM image found\n");
+ BUG();
}
if ( (hvm_info->nr_vcpus > 1) || hvm_info->apic_mode )

65
0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch Normal file
View File

@ -0,0 +1,65 @@
From e7497ead178f01fd5c94cfb8506d31b77cc38c94 Mon Sep 17 00:00:00 2001
From: Anthony PERARD <anthony.perard@citrix.com>
Date: Mon, 14 Mar 2016 17:55:48 +0000
Subject: [PATCH 13/15] hvmloader: Always build-in SeaBIOS and OVMF loader
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Acked-by: Jan Beulich <jbeulich@suse.com>
---
tools/firmware/hvmloader/Makefile | 11 +----------
tools/firmware/hvmloader/hvmloader.c | 4 ----
2 files changed, 1 insertion(+), 14 deletions(-)
Index: xen-4.7.0-testing/tools/firmware/hvmloader/Makefile
===================================================================
--- xen-4.7.0-testing.orig/tools/firmware/hvmloader/Makefile
+++ xen-4.7.0-testing/tools/firmware/hvmloader/Makefile
@@ -37,6 +37,7 @@ OBJS = hvmloader.o mp_tables.o util.o s
OBJS += smp.o cacheattr.o xenbus.o vnuma.o
OBJS += e820.o pci.o pir.o ctype.o
OBJS += hvm_param.o
+OBJS += ovmf.o seabios.o
ifeq ($(debug),y)
OBJS += tests.o
endif
@@ -57,11 +58,6 @@ endif
ROMS :=
-ifeq ($(CONFIG_OVMF),y)
-OBJS += ovmf.o
-CFLAGS += -DENABLE_OVMF
-endif
-
ifeq ($(CONFIG_ROMBIOS),y)
OBJS += optionroms.o 32bitbios_support.o rombios.o
CFLAGS += -DENABLE_ROMBIOS
@@ -69,11 +65,6 @@ ROMBIOS_ROM := $(ROMBIOS_DIR)/BIOS-bochs
ROMS += $(ROMBIOS_ROM) $(STDVGA_ROM) $(CIRRUSVGA_ROM) $(ETHERBOOT_ROMS)
endif
-ifeq ($(CONFIG_SEABIOS),y)
-OBJS += seabios.o
-CFLAGS += -DENABLE_SEABIOS
-endif
-
.PHONY: all
all: subdirs-all
$(MAKE) hvmloader
Index: xen-4.7.0-testing/tools/firmware/hvmloader/hvmloader.c
===================================================================
--- xen-4.7.0-testing.orig/tools/firmware/hvmloader/hvmloader.c
+++ xen-4.7.0-testing/tools/firmware/hvmloader/hvmloader.c
@@ -209,12 +209,8 @@ struct bios_info {
#ifdef ENABLE_ROMBIOS
{ "rombios", &rombios_config, },
#endif
-#ifdef ENABLE_SEABIOS
{ "seabios", &seabios_config, },
-#endif
-#ifdef ENABLE_OVMF
{ "ovmf", &ovmf_config, },
-#endif
{ NULL, NULL }
};

84
0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch Normal file
View File

@ -0,0 +1,84 @@
From d42d9e59472e2c637776245db8e80de0b907d46b Mon Sep 17 00:00:00 2001
From: Anthony PERARD <anthony.perard@citrix.com>
Date: Mon, 14 Mar 2016 17:55:49 +0000
Subject: [PATCH 14/15] configure: do not depend on SEABIOS_PATH or OVMF_PATH
...
... to compile SeaBIOS and OVMF. Only depends on CONFIG_*.
If --with-system-* configure option is used, then set *_CONFIG=n to not
compile SEABIOS and OVMF.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
---
tools/configure.ac | 6 ++++--
tools/firmware/Makefile | 8 --------
2 files changed, 4 insertions(+), 10 deletions(-)
Index: xen-4.7.0-testing/tools/configure.ac
===================================================================
--- xen-4.7.0-testing.orig/tools/configure.ac
+++ xen-4.7.0-testing/tools/configure.ac
@@ -212,12 +212,13 @@ AC_ARG_WITH([system-seabios],
AS_HELP_STRING([--with-system-seabios@<:@=PATH@:>@],
[Use system supplied seabios PATH instead of building and installing
our own version]),[
+ # Disable compilation of SeaBIOS.
+ seabios=n
case $withval in
no) seabios_path= ;;
*) seabios_path=$withval ;;
esac
],[])
-AC_SUBST(seabios_path)
AC_DEFINE_UNQUOTED([SEABIOS_PATH],
["${seabios_path:-$XENFIRMWAREDIR/seabios.bin}"],
[SeaBIOS path])
@@ -226,12 +227,13 @@ AC_ARG_WITH([system-ovmf],
AS_HELP_STRING([--with-system-ovmf@<:@=PATH@:>@],
[Use system supplied OVMF PATH instead of building and installing
our own version]),[
+ # Disable compilation of OVMF.
+ ovmf=n
case $withval in
no) ovmf_path= ;;
*) ovmf_path=$withval ;;
esac
],[])
-AC_SUBST(ovmf_path)
AC_DEFINE_UNQUOTED([OVMF_PATH],
["${ovmf_path:-$XENFIRMWAREDIR/ovmf.bin}"],
[OVMF path])
Index: xen-4.7.0-testing/tools/firmware/Makefile
===================================================================
--- xen-4.7.0-testing.orig/tools/firmware/Makefile
+++ xen-4.7.0-testing/tools/firmware/Makefile
@@ -6,12 +6,8 @@ TARGET := hvmloader/hvmloader
INST_DIR := $(DESTDIR)$(XENFIRMWAREDIR)
SUBDIRS-y :=
-ifeq ($(OVMF_PATH),)
SUBDIRS-$(CONFIG_OVMF) += ovmf-dir
-endif
-ifeq ($(SEABIOS_PATH),)
SUBDIRS-$(CONFIG_SEABIOS) += seabios-dir
-endif
SUBDIRS-$(CONFIG_ROMBIOS) += rombios
SUBDIRS-$(CONFIG_ROMBIOS) += vgabios
SUBDIRS-$(CONFIG_ROMBIOS) += etherboot
@@ -49,15 +45,11 @@ install: all
[ -d $(INST_DIR) ] || $(INSTALL_DIR) $(INST_DIR)
[ ! -e $(TARGET) ] || $(INSTALL_DATA) $(TARGET) $(INST_DIR)
ifeq ($(CONFIG_SEABIOS),y)
-ifeq ($(SEABIOS_PATH),)
$(INSTALL_DATA) $(SEABIOS_ROM) $(INST_DIR)/seabios.bin
endif
-endif
ifeq ($(CONFIG_OVMF),y)
-ifeq ($(OVMF_PATH),)
$(INSTALL_DATA) $(OVMF_ROM) $(INST_DIR)/ovmf.bin
endif
-endif
.PHONY: clean
clean: subdirs-clean

106
55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch
View File

@ -1,106 +0,0 @@
References: bsc#945167
# Commit 6e1e3480c3878bac5d244925974a6852c47c809b
# Date 2015-09-15 11:58:26 +0100
# Author Jan Beulich <JBeulich@suse.com>
# Committer Ian Campbell <ian.campbell@citrix.com>
libxl: slightly refine pci-assignable-{add, remove} handling
While it appears to be intentional for "xl pci-assignable-remove" to
not re-bind the original driver by default (requires the -r option),
permanently losing the information which driver was originally used
seems bad. Make "add; remove; add; remove -r" re-bind the original
driver by allowing "remove" to delete the information only upon
successful re-bind.
In the course of this I also noticed that binding information is lost
when upon first "add" pciback isn't loaded yet, due to its presence not
being checked for early enough. Adjust pciback_dev_is_assigned()
accordingly, and properly distinguish "yes" and "error" returns in the
"add" case (removing a redundant error message from the "remove" path
for consistency).
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: George Dunlap <george.dunlap@citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
--- a/tools/libxl/libxl_pci.c
+++ b/tools/libxl/libxl_pci.c
@@ -543,6 +543,17 @@ static int pciback_dev_is_assigned(libxl
int rc;
struct stat st;
+ if ( access(SYSFS_PCIBACK_DRIVER, F_OK) < 0 ) {
+ if ( errno == ENOENT ) {
+ LIBXL__LOG(ctx, LIBXL__LOG_ERROR,
+ "Looks like pciback driver is not loaded");
+ } else {
+ LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR,
+ "Can't access "SYSFS_PCIBACK_DRIVER);
+ }
+ return -1;
+ }
+
spath = libxl__sprintf(gc, SYSFS_PCIBACK_DRIVER"/"PCI_BDF,
pcidev->domain, pcidev->bus,
pcidev->dev, pcidev->func);
@@ -658,6 +669,7 @@ static int libxl__device_pci_assignable_
libxl_ctx *ctx = libxl__gc_owner(gc);
unsigned dom, bus, dev, func;
char *spath, *driver_path = NULL;
+ int rc;
struct stat st;
/* Local copy for convenience */
@@ -674,7 +686,11 @@ static int libxl__device_pci_assignable_
}
/* Check to see if it's already assigned to pciback */
- if ( pciback_dev_is_assigned(gc, pcidev) ) {
+ rc = pciback_dev_is_assigned(gc, pcidev);
+ if ( rc < 0 ) {
+ return ERROR_FAIL;
+ }
+ if ( rc ) {
LIBXL__LOG(ctx, LIBXL__LOG_WARNING, PCI_BDF" already assigned to pciback",
dom, bus, dev, func);
return 0;
@@ -692,11 +708,18 @@ static int libxl__device_pci_assignable_
if ( rebind ) {
if ( driver_path ) {
pci_assignable_driver_path_write(gc, pcidev, driver_path);
+ } else if ( (driver_path =
+ pci_assignable_driver_path_read(gc, pcidev)) != NULL ) {
+ LIBXL__LOG(ctx, LIBXL__LOG_INFO,
+ PCI_BDF" not bound to a driver, will be rebound to %s",
+ dom, bus, dev, func, driver_path);
} else {
LIBXL__LOG(ctx, LIBXL__LOG_WARNING,
PCI_BDF" not bound to a driver, will not be rebound.",
dom, bus, dev, func);
}
+ } else {
+ pci_assignable_driver_path_remove(gc, pcidev);
}
if ( pciback_dev_assign(gc, pcidev) ) {
@@ -717,7 +740,6 @@ static int libxl__device_pci_assignable_
/* Unbind from pciback */
if ( (rc=pciback_dev_is_assigned(gc, pcidev)) < 0 ) {
- LIBXL__LOG(ctx, LIBXL__LOG_ERROR, "Checking if pciback was assigned");
return ERROR_FAIL;
} else if ( rc ) {
pciback_dev_unassign(gc, pcidev);
@@ -741,9 +763,9 @@ static int libxl__device_pci_assignable_
"Couldn't bind device to %s", driver_path);
return -1;
}
- }
- pci_assignable_driver_path_remove(gc, pcidev);
+ pci_assignable_driver_path_remove(gc, pcidev);
+ }
} else {
if ( rebind ) {
LIBXL__LOG(ctx, LIBXL__LOG_WARNING,

31
5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch
View File

@ -1,31 +0,0 @@
Subject: libxl: No emulated disk driver for xvdX disk
From: Anthony PERARD anthony.perard@citrix.com Wed Oct 14 12:05:17 2015 +0100
Date: Thu Oct 22 16:10:31 2015 +0100:
Git: c0c099d157cc5bc942afef766cf141628a6380a1
When a guest configuration list xvdX for its disks, there is no need to
provide an emulated driver for the same target.
Such configuration can work with the OVMF firmware, as it supports PV
disk.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
Index: xen-4.6.0-testing/tools/libxl/libxl_dm.c
===================================================================
--- xen-4.6.0-testing.orig/tools/libxl/libxl_dm.c
+++ xen-4.6.0-testing/tools/libxl/libxl_dm.c
@@ -1152,6 +1152,12 @@ static int libxl__build_device_model_arg
drive = libxl__sprintf
(gc, "file=%s,if=scsi,bus=0,unit=%d,format=%s,cache=writeback",
pdev_path, disk, format);
+ else if (strncmp(disks[i].vdev, "xvd", 3) == 0)
+ /*
+ * Do not add any emulated disk when PV disk are
+ * explicitly asked for.
+ */
+ continue;
else if (disk < 6 && b_info->u.hvm.hdtype == LIBXL_HDTYPE_AHCI) {
flexarray_vappend(dm_args, "-drive",
GCSPRINTF("file=%s,if=none,id=ahcidisk-%d,format=%s,cache=writeback",

20
5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch
View File

@ -1,20 +0,0 @@
# Commit 057e0e72d2a5d598087c5f167ec6a13203a3cf65
# Date 2015-11-12 16:59:18 +0100
# Author Jan Beulich <jbeulich@suse.com>
# Committer Jan Beulich <jbeulich@suse.com>
x86/HVM: don't inject #DB with error code
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper@citrix.com>
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -4071,7 +4071,7 @@ void hvm_task_switch(
goto out;
if ( (tss.trace & 1) && !exn_raised )
- hvm_inject_hw_exception(TRAP_debug, tss_sel & 0xfff8);
+ hvm_inject_hw_exception(TRAP_debug, HVM_DELIVER_NO_ERROR_CODE);
tr.attr.fields.type = 0xb; /* busy 32-bit tss */
hvm_set_segment_register(v, x86_seg_tr, &tr);

105
5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch
View File

@ -1,105 +0,0 @@
Subject: libxl: relax readonly check introduced by XSA-142 fix
From: Jim Fehlig jfehlig@suse.com Thu Nov 12 19:40:46 2015 -0700
Date: Mon Nov 16 11:23:42 2015 +0000:
Git: ef6cb76026628e26e3d1ae53c50ccde1c3c78b1b
The fix for XSA-142 is quite a big hammer, rejecting readonly
disk configuration even when the requested backend is known to
support readonly. While it is true that qemu doesn't support
readonly for emulated IDE or AHCI disks
$ /usr/lib/xen/bin/qemu-system-i386 \
-drive file=/tmp/disk.raw,if=ide,media=disk,format=raw,readonly=on
qemu-system-i386: Can't use a read-only drive
$ /usr/lib/xen/bin/qemu-system-i386 -device ahci,id=ahci0 \
-drive file=/tmp/disk.raw,if=none,id=ahcidisk-0,format=raw,readonly=on \
-device ide-hd,bus=ahci0.0,unit=0,drive=ahcidisk-0
qemu-system-i386: -device ide-hd,bus=ahci0.0,unit=0,drive=ahcidisk-0:
Can't use a read-only drive
It does support readonly SCSI disks
$ /usr/lib/xen/bin/qemu-system-i386 \
-drive file=/tmp/disk.raw,if=scsi,media=disk,format=raw,readonly=on
[ok]
Inside a guest using such a disk, the SCSI kernel driver sees write
protect on
[ 7.339232] sd 2:0:1:0: [sdb] Write Protect is on
Also, PV drivers support readonly, but the patch rejects such
configuration even when PV drivers (vdev=xvd*) have been explicitly
specified and creation of an emulated twin is skiped.
This follow-up patch loosens the restriction to reject readonly when
creating an emulated IDE or AHCI disk, but allows it when the backend
is known to support readonly.
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Index: xen-4.6.0-testing/tools/libxl/libxl_dm.c
===================================================================
--- xen-4.6.0-testing.orig/tools/libxl/libxl_dm.c
+++ xen-4.6.0-testing/tools/libxl/libxl_dm.c
@@ -1117,11 +1117,6 @@ static int libxl__build_device_model_arg
(gc, "file=%s,if=ide,index=%d,readonly=%s,media=cdrom,format=%s,cache=writeback,id=ide-%i",
disks[i].pdev_path, disk, disks[i].readwrite ? "off" : "on", format, dev_number);
} else {
- if (!disks[i].readwrite) {
- LIBXL__LOG(ctx, LIBXL__LOG_ERROR, "qemu-xen doesn't support read-only disk drivers");
- return ERROR_INVAL;
- }
-
if (disks[i].format == LIBXL_DISK_FORMAT_EMPTY) {
LIBXL__LOG(ctx, LIBXL__LOG_WARNING, "cannot support"
" empty disk format for %s", disks[i].vdev);
@@ -1148,29 +1143,38 @@ static int libxl__build_device_model_arg
* For other disks we translate devices 0..3 into
* hd[a-d] and ignore the rest.
*/
- if (strncmp(disks[i].vdev, "sd", 2) == 0)
+ if (strncmp(disks[i].vdev, "sd", 2) == 0) {
drive = libxl__sprintf
- (gc, "file=%s,if=scsi,bus=0,unit=%d,format=%s,cache=writeback",
- pdev_path, disk, format);
- else if (strncmp(disks[i].vdev, "xvd", 3) == 0)
+ (gc, "file=%s,if=scsi,bus=0,unit=%d,format=%s,readonly=%s,cache=writeback",
+ pdev_path, disk, format, disks[i].readwrite ? "off" : "on");
+ } else if (strncmp(disks[i].vdev, "xvd", 3) == 0) {
/*
* Do not add any emulated disk when PV disk are
* explicitly asked for.
*/
continue;
- else if (disk < 6 && b_info->u.hvm.hdtype == LIBXL_HDTYPE_AHCI) {
+ } else if (disk < 6 && b_info->u.hvm.hdtype == LIBXL_HDTYPE_AHCI) {
+ if (!disks[i].readwrite) {
+ LOG(ERROR, "qemu-xen doesn't support read-only AHCI disk drivers");
+ return ERROR_INVAL;
+ }
flexarray_vappend(dm_args, "-drive",
GCSPRINTF("file=%s,if=none,id=ahcidisk-%d,format=%s,cache=writeback",
pdev_path, disk, format),
"-device", GCSPRINTF("ide-hd,bus=ahci0.%d,unit=0,drive=ahcidisk-%d",
disk, disk), NULL);
continue;
- } else if (disk < 4)
+ } else if (disk < 4) {
+ if (!disks[i].readwrite) {
+ LOG(ERROR, "qemu-xen doesn't support read-only IDE disk drivers");
+ return ERROR_INVAL;
+ }
drive = libxl__sprintf
(gc, "file=%s,if=ide,index=%d,media=disk,format=%s,cache=writeback",
pdev_path, disk, format);
- else
+ } else {
continue; /* Do not emulate this disk */
+ }
}
flexarray_append(dm_args, "-drive");

87
CVE-2014-3672-qemut-xsa180.patch Normal file
View File

@ -0,0 +1,87 @@
References: bsc#981264 CVE-2014-3672 XSA-180
From 7490dab5c1a01b1623e9d87bdc653cb4f963dd8a Mon Sep 17 00:00:00 2001
From: Ian Jackson <ian.jackson@eu.citrix.com>
Date: Thu, 19 May 2016 19:38:35 +0100
Subject: [PATCH] main loop: Big hammer to fix logfile disk DoS in Xen setups
Each time round the main loop, we now fstat stderr. If it is too big,
we dup2 /dev/null onto it. This is not a very pretty patch but it is
very simple, easy to see that it's correct, and has a low risk of
collateral damage.
The limit is 1Mby by default but can be adjusted by setting a new
environment variable.
This fixes CVE-2014-3672.
Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Tested-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
---
vl.c | 46 ++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 46 insertions(+)
Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c
===================================================================
--- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/vl.c
+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c
@@ -3752,6 +3752,50 @@ static void host_main_loop_wait(int *tim
}
#endif
+static void check_cve_2014_3672_xen(void)
+{
+ static unsigned long limit = ~0UL;
+ const int fd = 2;
+ struct stat stab;
+
+ if (limit == ~0UL) {
+ const char *s = getenv("XEN_QEMU_CONSOLE_LIMIT");
+ /* XEN_QEMU_CONSOLE_LIMIT=0 means no limit */
+ limit = s ? strtoul(s,0,0) : 1*1024*1024;
+ }
+ if (limit == 0)
+ return;
+
+ int r = fstat(fd, &stab);
+ if (r) {
+ perror("fstat stderr (for CVE-2014-3672 check)");
+ exit(-1);
+ }
+ if (!S_ISREG(stab.st_mode))
+ return;
+ if (stab.st_size <= limit)
+ return;
+
+ /* oh dear */
+ fprintf(stderr,"\r\n"
+ "Closing stderr due to CVE-2014-3672 limit. "
+ " Set XEN_QEMU_CONSOLE_LIMIT to number of bytes to override,"
+ " or 0 for no limit.\n");
+ fflush(stderr);
+
+ int nfd = open("/dev/null", O_WRONLY);
+ if (nfd < 0) {
+ perror("open /dev/null (for CVE-2014-3672 check)");
+ exit(-1);
+ }
+ r = dup2(nfd, fd);
+ if (r != fd) {
+ perror("dup2 /dev/null (for CVE-2014-3672 check)");
+ exit(-1);
+ }
+ close(nfd);
+}
+
void main_loop_wait(int timeout)
{
IOHandlerRecord *ioh;
@@ -3763,6 +3807,8 @@ void main_loop_wait(int timeout)
host_main_loop_wait(&timeout);
+ check_cve_2014_3672_xen();
+
/* poll any events */
/* XXX: separate device handlers from system ones */
nfds = -1;

33
CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch Normal file
View File

@ -0,0 +1,33 @@
References: bsc#980716 CVE-2016-4439
The 53C9X Fast SCSI Controller(FSC) comes with an internal 16-byte
FIFO buffer. It is used to handle command and data transfer. While
writing to this command buffer 's->cmdbuf[TI_BUFSZ=16]', a check
was missing to validate input length. Add check to avoid OOB write
access.
Fixes CVE-2016-4439
Reported-by: Li Qiang <address@hidden>
Signed-off-by: Prasad J Pandit <address@hidden>
---
hw/scsi/esp.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
Index: xen-4.4.4-testing/tools/qemu-xen-traditional-dir-remote/hw/esp.c
===================================================================
--- xen-4.4.4-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/esp.c
+++ xen-4.4.4-testing/tools/qemu-xen-traditional-dir-remote/hw/esp.c
@@ -471,7 +471,11 @@ static void esp_mem_writeb(void *opaque,
break;
case ESP_FIFO:
if (s->do_cmd) {
- s->cmdbuf[s->cmdlen++] = val & 0xff;
+ if (s->cmdlen < TI_BUFSZ) {
+ s->cmdbuf[s->cmdlen++] = val & 0xff;
+ } else {
+ ESP_ERROR("fifo overrun\n");
+ }
} else if (s->ti_size == TI_BUFSZ - 1) {
ESP_ERROR("fifo overrun\n");
} else {

56
CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch Normal file
View File

@ -0,0 +1,56 @@
References: bsc#980724 CVE-2016-4441
The 53C9X Fast SCSI Controller(FSC) comes with an internal 16-byte
FIFO buffer. It is used to handle command and data transfer.
Routine get_cmd() uses DMA to read scsi commands into this buffer.
Add check to validate DMA length against buffer size to avoid any
overrun.
Fixes CVE-2016-4441
Reported-by: Li Qiang <address@hidden>
Signed-off-by: Prasad J Pandit <address@hidden>
---
hw/scsi/esp.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/esp.c
===================================================================
--- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/esp.c
+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/esp.c
@@ -162,7 +162,7 @@ static void esp_lower_irq(ESPState *s)
}
}
-static uint32_t get_cmd(ESPState *s, uint8_t *buf)
+static uint32_t get_cmd(ESPState *s, uint8_t *buf, uint8_t buflen)
{
uint32_t dmalen;
int target;
@@ -170,6 +170,9 @@ static uint32_t get_cmd(ESPState *s, uin
target = s->wregs[ESP_WBUSID] & BUSID_DID;
if (s->dma) {
dmalen = s->rregs[ESP_TCLO] | (s->rregs[ESP_TCMID] << 8);
+ if (dmalen > buflen) {
+ return 0;
+ }
s->dma_memory_read(s->dma_opaque, buf, dmalen);
} else {
dmalen = s->ti_size;
@@ -231,14 +234,14 @@ static void handle_satn(ESPState *s)
uint8_t buf[32];
int len;
- len = get_cmd(s, buf);
+ len = get_cmd(s, buf, sizeof(buf));
if (len)
do_cmd(s, buf);
}
static void handle_satn_stop(ESPState *s)
{
- s->cmdlen = get_cmd(s, s->cmdbuf);
+ s->cmdlen = get_cmd(s, s->cmdbuf, sizeof(s->cmdbuf));
if (s->cmdlen) {
DPRINTF("Set ATN & Stop: cmdlen %d\n", s->cmdlen);
s->do_cmd = 1;

37
CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch Normal file
View File

@ -0,0 +1,37 @@
References: bsc#982960 CVE-2016-5238
The 53C9X Fast SCSI Controller(FSC) comes with an internal 16-byte
FIFO buffer. It is used to handle command and data transfer.
Routine get_cmd() in non-DMA mode, uses 'ti_size' to read scsi
command into a buffer. Add check to validate command length against
buffer size to avoid any overrun.
Reported-by: Li Qiang <address@hidden>
Signed-off-by: Prasad J Pandit <address@hidden>
---
hw/scsi/esp.c | 3 +++
1 file changed, 3 insertions(+)
Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/esp.c
===================================================================
--- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/esp.c
+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/esp.c
@@ -176,6 +176,9 @@ static uint32_t get_cmd(ESPState *s, uin
s->dma_memory_read(s->dma_opaque, buf, dmalen);
} else {
dmalen = s->ti_size;
+ if (dmalen > TI_BUFSZ) {
+ return 0;
+ }
memcpy(buf, s->ti_buf, dmalen);
buf[0] = 0;
}
@@ -265,7 +268,7 @@ static void write_response(ESPState *s)
} else {
s->ti_size = 2;
s->ti_rptr = 0;
- s->ti_wptr = 0;
+ s->ti_wptr = 2;
s->rregs[ESP_RFLAGS] = 2;
}
esp_raise_irq(s);

65
CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch Normal file
View File

@ -0,0 +1,65 @@
References: bsc#983984 CVE-2016-5338
The 53C9X Fast SCSI Controller(FSC) comes with internal 16-byte
FIFO buffers. One is used to handle commands and other is for
information transfer. Three control variables 'ti_rptr',
'ti_wptr' and 'ti_size' are used to control r/w access to the
information transfer buffer ti_buf[TI_BUFSZ=16]. In that,
'ti_rptr' is used as read index, where read occurs.
'ti_wptr' is a write index, where write would occur.
'ti_size' indicates total bytes to be read from the buffer.
While reading/writing to this buffer, index could exceed its
size. Add check to avoid OOB r/w access.
Reported-by: Huawei PSIRT <address@hidden>
Reported-by: Li Qiang <address@hidden>
Signed-off-by: Prasad J Pandit <address@hidden>
---
hw/scsi/esp.c | 20 +++++++++-----------
1 file changed, 9 insertions(+), 11 deletions(-)
Update as per:
-> https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg01326.html
Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/esp.c
===================================================================
--- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/esp.c
+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/esp.c
@@ -435,18 +435,17 @@ static uint32_t esp_mem_readb(void *opaq
DPRINTF("read reg[%d]: 0x%2.2x\n", saddr, s->rregs[saddr]);
switch (saddr) {
case ESP_FIFO:
- if (s->ti_size > 0) {
+ if ((s->rregs[ESP_RSTAT] & STAT_PIO_MASK) == 0) {
+ /* Data out. */
+ ESP_ERROR("PIO data read not implemented\n");
+ s->rregs[ESP_FIFO] = 0;
+ esp_raise_irq(s);
+ } else if (s->ti_rptr < s->ti_wptr) {
s->ti_size--;
- if ((s->rregs[ESP_RSTAT] & STAT_PIO_MASK) == 0) {
- /* Data out. */
- ESP_ERROR("PIO data read not implemented\n");
- s->rregs[ESP_FIFO] = 0;
- } else {
- s->rregs[ESP_FIFO] = s->ti_buf[s->ti_rptr++];
- }
+ s->rregs[ESP_FIFO] = s->ti_buf[s->ti_rptr++];
esp_raise_irq(s);
}
- if (s->ti_size == 0) {
+ if (s->ti_rptr == s->ti_wptr) {
s->ti_rptr = 0;
s->ti_wptr = 0;
}
@@ -482,7 +481,7 @@ static void esp_mem_writeb(void *opaque,
} else {
ESP_ERROR("fifo overrun\n");
}
- } else if (s->ti_size == TI_BUFSZ - 1) {
+ } else if (s->ti_wptr == TI_BUFSZ - 1) {
ESP_ERROR("fifo overrun\n");
} else {
s->ti_size++;

8
VNC-Support-for-ExtendedKeyEvent-client-message.patch
View File

@ -20,10 +20,10 @@ git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5076 c046a42c-6fe2-441c-8c8
vnc.c | 59 ++++++++++++++++++++++++++++++++++++++++++++++++++---------
1 files changed, 50 insertions(+), 9 deletions(-)
Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/vnc.c
Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/vnc.c
===================================================================
--- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/vnc.c
+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/vnc.c
--- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/vnc.c
+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/vnc.c
@@ -1285,35 +1285,22 @@ static void press_key_altgr_down(VncStat
}
}
@ -140,7 +140,7 @@ Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/vnc.c
default:
printf("Msg: %d\n", data[0]);
vnc_client_error(vs);
@@ -2461,10 +2496,11 @@ void vnc_display_init(DisplayState *ds)
@@ -2486,10 +2521,11 @@ void vnc_display_init(DisplayState *ds)
vs->ds = ds;

8
aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch
View File

@ -10,11 +10,11 @@ Signed-off-by: Olaf Hering <olaf@aepfle.de>
xen/include/public/arch-arm.h | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
Index: xen-4.6.0-testing/xen/include/public/arch-arm.h
Index: xen-4.7.0-testing/xen/include/public/arch-arm.h
===================================================================
--- xen-4.6.0-testing.orig/xen/include/public/arch-arm.h
+++ xen-4.6.0-testing/xen/include/public/arch-arm.h
@@ -365,13 +365,13 @@ typedef uint64_t xen_callback_t;
--- xen-4.7.0-testing.orig/xen/include/public/arch-arm.h
+++ xen-4.7.0-testing/xen/include/public/arch-arm.h
@@ -362,13 +362,13 @@ typedef uint64_t xen_callback_t;
/* 64 bit modes */
#define PSR_MODE_BIT 0x10 /* Set iff AArch32 */

4
block-dmmd
View File

@ -272,7 +272,7 @@ case "$command" in
add)
p=`xenstore-read $XENBUS_PATH/params` || true
claim_lock "dmmd"
dmmd=$p
dmmd=${p#dmmd:}
parse_par activate "$dmmd"
rc=$?
if [ $rc -ne 0 ]; then
@ -291,7 +291,7 @@ case "$command" in
remove)
p=`xenstore-read $XENBUS_PATH/params` || true
claim_lock "dmmd"
dmmd=$p
dmmd=${p#dmmd:}
parse_par noactivate "$dmmd"
cleanup_stack
release_lock "dmmd"

33
gcc6-warnings-as-errors.patch
View File

@ -1,33 +0,0 @@
References: bsc#969377 - xen does not build with GCC 6
--- xen-4.6.1-testing/xen/arch/x86/cpu/mcheck/non-fatal.c.orig 2016-03-04 15:59:08.000000000 -0700
+++ xen-4.6.1-testing/xen/arch/x86/cpu/mcheck/non-fatal.c 2016-03-04 16:00:25.000000000 -0700
@@ -94,8 +94,8 @@ static int __init init_nonfatal_mce_chec
if (mce_disabled || !mce_available(c))
return -ENODEV;
- if ( __get_cpu_var(poll_bankmask) == NULL )
- return -EINVAL;
+ if ( __get_cpu_var(poll_bankmask) == NULL )
+ return -EINVAL;
/*
* Check for non-fatal errors every MCE_RATE s
--- xen-4.6.1-testing/extras/mini-os-remote/lib/sys.c.orig 2016-03-04 15:27:26.000000000 -0700
+++ xen-4.6.1-testing/extras/mini-os-remote/lib/sys.c 2016-03-04 15:30:32.000000000 -0700
@@ -634,6 +634,7 @@ int closedir(DIR *dir)
/* We assume that only the main thread calls select(). */
+#if defined(LIBC_VERBOSE) || defined(LIBC_DEBUG)
static const char file_types[] = {
[FTYPE_NONE] = 'N',
[FTYPE_CONSOLE] = 'C',
@@ -646,6 +647,7 @@ static const char file_types[] = {
[FTYPE_KBD] = 'K',
[FTYPE_FB] = 'G',
};
+#endif
#ifdef LIBC_DEBUG
static void dump_set(int nfds, fd_set *readfds, fd_set *writefds, fd_set *exceptfds, struct timeval *timeout)
{

204
hotplug-Linux-block-performance-fix.patch
View File

@ -1,204 +0,0 @@
Reference: bsc#941074
During the attachment of a loopback mounted image file, the mode of all
curent instances of this device already attached to other domains must be
checked. This requires finding all loopback devices pointing to the inode
of the shared image file, and then comparing the major and minor number of
these devices to the major and minor number of every vbd device found in the
xenstore database.
Prior to this patch, the entire xenstore database is walked for every instance
of every loopback device pointing to the same shared image file. This process
causes the block attachment process to becomes exponentially slower with every
additional attachment of a shared image.
Rather than scanning all of xenstore for every instance of a shared loopback
device, this patch creates a list of the major and minor numbers from all
matching loopback devices. After generating this list, Xenstore is walked
once, and major and minor numbers from every vbd are checked against the list.
If a match is found, the mode of that vbd is checked for compatibility with
the mode of the device being attached.
Signed-off-by: Mike Latimer <mlatimer@xxxxxxxx>
---
tools/hotplug/Linux/block | 89 ++++++++++++++++++++++++++++++-----------------
1 file changed, 57 insertions(+), 32 deletions(-)
Index: xen-4.6.0-testing/tools/hotplug/Linux/block
===================================================================
--- xen-4.6.0-testing.orig/tools/hotplug/Linux/block
+++ xen-4.6.0-testing/tools/hotplug/Linux/block
@@ -38,7 +38,7 @@ find_free_loopback_dev() {
}
##
-# check_sharing device mode
+# check_sharing devtype device mode [inode]
#
# Check whether the device requested is already in use. To use the device in
# read-only mode, it may be in use in read-only mode, but may not be in use in
@@ -47,19 +47,44 @@ find_free_loopback_dev() {
#
# Prints one of
#
-# 'local': the device may not be used because it is mounted in the current
-# (i.e. the privileged domain) in a way incompatible with the
-# requested mode;
-# 'guest': the device may not be used because it already mounted by a guest
-# in a way incompatible with the requested mode; or
-# 'ok': the device may be used.
+# 'local $d': the device ($d) may not be used because it is mounted in the
+# current (i.e. the privileged domain) in a way incompatible
+# with the requested mode;
+# 'guest $d': the device may not be used because it is already mounted
+# through device $d by a guest in a way incompatible with the
+# requested mode; or
+# 'ok': the device may be used.
#
check_sharing()
{
- local dev="$1"
- local mode="$2"
+ local devtype=$1
+ local dev="$2"
+ local mode="$3"
+ local devmm=","
+
+ if [ "$devtype" = "file" ];
+ then
+ local inode="$4"
+
+ shared_list=$(losetup -a |
+ sed -n -e "s@^\([^:]\+\)\(:[[:blank:]]\[0*${dev}\]:${inode}[[:blank:]](.*)\)@\1@p" )
+ for dev in $shared_list
+ do
+ if [ -n "$dev" ]
+ then
+ devmm="${devmm}$(device_major_minor $dev),"
+ fi
+ done
+ # if $devmm is unchanged, file being checked is not a shared loopback device
+ if [ "$devmm" = "," ];
+ then
+ echo 'ok'
+ return
+ fi
+ else
+ devmm=${devmm}$(device_major_minor "$dev")","
+ fi
- local devmm=$(device_major_minor "$dev")
local file
if [ "$mode" = 'w' ]
@@ -75,9 +100,10 @@ check_sharing()
then
local d=$(device_major_minor "$file")
- if [ "$d" = "$devmm" ]
+ # checking for $d in $devmm is best through the [[...]] bashism
+ if [[ "$devmm" == *",$d,"* ]]
then
- echo 'local'
+ echo "local $d"
return
fi
fi
@@ -90,13 +116,14 @@ check_sharing()
do
d=$(xenstore_read_default "$base_path/$dom/$dev/physical-device" "")
- if [ "$d" = "$devmm" ]
+ # checking for $d in $devmm is best through the [[...]] bashism
+ if [ -n "$d" ] && [[ "$devmm" == *",$d,"* ]]
then
if [ "$mode" = 'w' ]
then
if ! same_vm $dom
then
- echo 'guest'
+ echo "guest $d"
return
fi
else
@@ -107,7 +134,7 @@ check_sharing()
then
if ! same_vm $dom
then
- echo 'guest'
+ echo "guest $d"
return
fi
fi
@@ -129,6 +156,7 @@ check_device_sharing()
{
local dev="$1"
local mode=$(canonicalise_mode "$2")
+ local type="device"
local result
if [ "x$mode" = 'x!' ]
@@ -136,33 +164,38 @@ check_device_sharing()
return 0
fi
- result=$(check_sharing "$dev" "$mode")
+ result=$(check_sharing "$type" "$dev" "$mode")
if [ "$result" != 'ok' ]
then
- do_ebusy "Device $dev is mounted " "$mode" "$result"
+ do_ebusy "Device $dev is mounted " "$mode" "${result%% *}"
fi
}
##
-# check_device_sharing file dev mode
+# check_device_sharing file dev mode inode
#
-# Perform the sharing check for the given file mounted through the given
-# loopback interface, in the given mode.
+# Perform the sharing check for the given file, with its corresponding
+# device, inode and mode. As the file can be mounted multiple times,
+# the inode is passed through to check_sharing for all instances to be
+# checked.
#
check_file_sharing()
{
local file="$1"
local dev="$2"
local mode="$3"
+ local inode="$4"
+ local type="file"
+ local result
- result=$(check_sharing "$dev" "$mode")
+ result=$(check_sharing "$type" "$dev" "$mode" "$inode")
if [ "$result" != 'ok' ]
then
- do_ebusy "File $file is loopback-mounted through $dev,
-which is mounted " "$mode" "$result"
+ do_ebusy "File $file is loopback-mounted through ${result#* },
+which is mounted " "$mode" "${result%% *}"
fi
}
@@ -281,15 +314,7 @@ mount it read-write in a guest domain."
fatal "Unable to lookup $file: dev: $dev inode: $inode"
fi
- shared_list=$(losetup -a |
- sed -n -e "s@^\([^:]\+\)\(:[[:blank:]]\[0*${dev}\]:${inode}[[:blank:]](.*)\)@\1@p" )
- for dev in $shared_list
- do
- if [ -n "$dev" ]
- then
- check_file_sharing "$file" "$dev" "$mode"
- fi
- done
+ check_file_sharing "$file" "$dev" "$mode" "$inode"
fi
loopdev=$(losetup -f 2>/dev/null || find_free_loopback_dev)

20
ioemu-disable-emulated-ide-if-pv.patch
View File

@ -1,7 +1,7 @@
Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/qemu-xen.h
Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/qemu-xen.h
===================================================================
--- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/qemu-xen.h
+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/qemu-xen.h
--- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/qemu-xen.h
+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/qemu-xen.h
@@ -1,6 +1,8 @@
#ifndef QEMU_XEN_H
#define QEMU_XEN_H
@ -20,11 +20,11 @@ Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/qemu-xen.h
int xenstore_parse_disable_pf_config(void);
int xenstore_fd(void);
void xenstore_process_event(void *opaque);
Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/vl.c
Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c
===================================================================
--- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/vl.c
+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/vl.c
@@ -5861,9 +5861,9 @@ int main(int argc, char **argv, char **e
--- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/vl.c
+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c
@@ -5907,9 +5907,9 @@ int main(int argc, char **argv, char **e
if ((msg = xenbus_read(XBT_NIL, "domid", &domid_s)))
fprintf(stderr,"Can not read our own domid: %s\n", msg);
else
@ -36,10 +36,10 @@ Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/vl.c
#endif /* CONFIG_STUBDOM */
}
Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/xenstore.c
Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/xenstore.c
===================================================================
--- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/xenstore.c
+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/xenstore.c
--- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/xenstore.c
+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/xenstore.c
@@ -445,7 +445,7 @@ void xenstore_init(void)
}
}

19
ioemu-hvm-pv-support.patch
View File

@ -2,19 +2,24 @@
tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c | 46 ++++++++++++++++
1 file changed, 46 insertions(+)
Index: xen-4.5.0-testing/tools/qemu-xen-traditional-dir-remote/xen-hooks.mak
Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/xen-hooks.mak
===================================================================
--- xen-4.5.0-testing.orig/tools/qemu-xen-traditional-dir-remote/xen-hooks.mak
+++ xen-4.5.0-testing/tools/qemu-xen-traditional-dir-remote/xen-hooks.mak
@@ -1,3 +1,4 @@
--- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/xen-hooks.mak
+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/xen-hooks.mak
@@ -2,6 +2,9 @@ CPPFLAGS+= -I$(XEN_ROOT)/tools/libs/tool
CPPFLAGS+= -I$(XEN_ROOT)/tools/libs/evtchn/include
CPPFLAGS+= -I$(XEN_ROOT)/tools/libs/gnttab/include
CPPFLAGS+= -DXC_WANT_COMPAT_MAP_FOREIGN_API
+CPPFLAGS+= -I$(XEN_ROOT)/tools/libxc
+CPPFLAGS+= -I$(XEN_ROOT)/tools/libs/call/include
+CPPFLAGS+= -I$(XEN_ROOT)/tools/libs/foreignmemory/include
CPPFLAGS+= -I$(XEN_ROOT)/tools/libxc/include
CPPFLAGS+= -I$(XEN_ROOT)/tools/xenstore/include
CPPFLAGS+= -I$(XEN_ROOT)/tools/include
Index: xen-4.4.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c
Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c
===================================================================
--- xen-4.4.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c
+++ xen-4.4.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c
--- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c
+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c
@@ -30,6 +30,8 @@
#include "qemu-xen.h"
#include "net.h"

50
ioemu-watchdog-support.patch
View File

@ -10,10 +10,10 @@ everything that was raised about the previous version ...
Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/Makefile.target
Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/Makefile.target
===================================================================
--- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/Makefile.target
+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/Makefile.target
--- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/Makefile.target
+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/Makefile.target
@@ -580,6 +580,10 @@ OBJS += e1000.o
# Serial mouse
OBJS += msmouse.o
@ -25,10 +25,10 @@ Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/Makefile.target
ifeq ($(TARGET_BASE_ARCH), i386)
# Hardware support
ifdef CONFIG_AUDIO
Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/pc.c
Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/pc.c
===================================================================
--- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/pc.c
+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/pc.c
--- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/pc.c
+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/pc.c
@@ -41,6 +41,7 @@
#include "virtio-balloon.h"
#include "virtio-console.h"
@ -46,10 +46,10 @@ Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/pc.c
for(i = 0; i < nb_nics; i++) {
NICInfo *nd = &nd_table[i];
Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.c
Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.c
===================================================================
--- /dev/null
+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.c
+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.c
@@ -0,0 +1,136 @@
+/*
+ * Virtual hardware watchdog.
@ -187,10 +187,10 @@ Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.c
+ wdt_ib700_init();
+ wdt_i6300esb_init();
+}
Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.h
Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.h
===================================================================
--- /dev/null
+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.h
+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.h
@@ -0,0 +1,65 @@
+/*
+ * Virtual hardware watchdog.
@ -257,10 +257,10 @@ Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.h
+extern void register_watchdogs(void);
+
+#endif /* QEMU_WATCHDOG_H */
Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/wdt_i6300esb.c
Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/wdt_i6300esb.c
===================================================================
--- /dev/null
+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/wdt_i6300esb.c
+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/wdt_i6300esb.c
@@ -0,0 +1,470 @@
+/*
+ * Virtual hardware watchdog.
@ -732,10 +732,10 @@ Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/wdt_i6300esb.c
+{
+ watchdog_add_model(&model);
+}
Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/wdt_ib700.c
Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/wdt_ib700.c
===================================================================
--- /dev/null
+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/wdt_ib700.c
+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/wdt_ib700.c
@@ -0,0 +1,112 @@
+/*
+ * Virtual hardware watchdog.
@ -849,10 +849,10 @@ Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/wdt_ib700.c
+ watchdog_add_model(&model);
+ timer = qemu_new_timer(vm_clock, ib700_timer_expired, NULL);
+}
Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/monitor.c
Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/monitor.c
===================================================================
--- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/monitor.c
+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/monitor.c
--- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/monitor.c
+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/monitor.c
@@ -26,6 +26,7 @@
#include "hw/pcmcia.h"
#include "hw/pc.h"
@ -884,10 +884,10 @@ Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/monitor.c
{ "cpu_set", "is", do_cpu_set_nr,
"cpu [online|offline]", "change cpu state" },
{ NULL, NULL, },
Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/vl.c
Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c
===================================================================
--- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/vl.c
+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/vl.c
--- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/vl.c
+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c
@@ -30,6 +30,7 @@
#include "hw/isa.h"
#include "hw/baum.h"
@ -905,7 +905,7 @@ Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/vl.c
const char *option_rom[MAX_OPTION_ROMS];
int nb_option_roms;
int semihosting_enabled = 0;
@@ -4176,6 +4179,10 @@ static void help(int exitcode)
@@ -4222,6 +4225,10 @@ static void help(int exitcode)
"-startdate select initial date of the clock\n"
"-icount [N|auto]\n"
" enable virtual instruction counter with 2^N clock ticks per instruction\n"
@ -916,7 +916,7 @@ Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/vl.c
"-echr chr set terminal escape character instead of ctrl-a\n"
"-virtioconsole c\n"
" set virtio console\n"
@@ -4323,6 +4330,8 @@ enum {
@@ -4369,6 +4376,8 @@ enum {
QEMU_OPTION_localtime,
QEMU_OPTION_startdate,
QEMU_OPTION_icount,
@ -925,7 +925,7 @@ Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/vl.c
QEMU_OPTION_echr,
QEMU_OPTION_virtiocon,
QEMU_OPTION_show_cursor,
@@ -4449,6 +4458,8 @@ static const QEMUOption qemu_options[] =
@@ -4495,6 +4504,8 @@ static const QEMUOption qemu_options[] =
{ "localtime", 0, QEMU_OPTION_localtime },
{ "startdate", HAS_ARG, QEMU_OPTION_startdate },
{ "icount", HAS_ARG, QEMU_OPTION_icount },
@ -934,7 +934,7 @@ Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/vl.c
{ "echr", HAS_ARG, QEMU_OPTION_echr },
{ "virtioconsole", HAS_ARG, QEMU_OPTION_virtiocon },
{ "show-cursor", 0, QEMU_OPTION_show_cursor },
@@ -4950,6 +4961,8 @@ int main(int argc, char **argv, char **e
@@ -4996,6 +5007,8 @@ int main(int argc, char **argv, char **e
tb_size = 0;
autostart= 1;
@ -943,7 +943,7 @@ Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/vl.c
optind = 1;
for(;;) {
if (optind >= argc)
@@ -5324,6 +5337,17 @@ int main(int argc, char **argv, char **e
@@ -5370,6 +5383,17 @@ int main(int argc, char **argv, char **e
serial_devices[serial_device_index] = optarg;
serial_device_index++;
break;

2
ipxe-use-rpm-opt-flags.patch
View File

@ -12,7 +12,7 @@ Index: xen-4.6.1-testing/tools/firmware/etherboot/patches/ipxe-use-rpm-opt-flags
+
+ CLEANUP :=
+-CFLAGS :=
++CFLAGS := $(RPM_OPT_FLAGS) -Wno-error=array-bounds
++CFLAGS := $(RPM_OPT_FLAGS) -Wno-error=array-bounds -Wno-nonnull-compare -Wno-unused-const-variable -Wno-misleading-indentation -Wno-shift-negative-value
+ ASFLAGS :=
+ LDFLAGS :=
+ MAKEDEPS := Makefile

4
ipxe.tar.bz2
View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:6e448144cdd7d1b12a08094b6f955e2c75c167d05bf8da40ec5b9c085d920eef
size 2877217
oid sha256:cedb8a940072948d3c94933f75d48749ca5f3f7b4b103fab2146d86e7a04250e
size 2877499

46
libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch
View File

@ -7,11 +7,11 @@ https://bugzilla.novell.com/show_bug.cgi?id=879425
tools/libxl/libxlu_disk_l.l | 1 +
5 files changed, 18 insertions(+), 1 deletion(-)
Index: xen-4.6.1-testing/tools/libxl/libxl.c
Index: xen-4.7.0-testing/tools/libxl/libxl.c
===================================================================
--- xen-4.6.1-testing.orig/tools/libxl/libxl.c
+++ xen-4.6.1-testing/tools/libxl/libxl.c
@@ -2833,6 +2833,8 @@ static void device_disk_add(libxl__egc *
--- xen-4.7.0-testing.orig/tools/libxl/libxl.c
+++ xen-4.7.0-testing/tools/libxl/libxl.c
@@ -2575,6 +2575,8 @@ static void device_disk_add(libxl__egc *
flexarray_append_pair(back, "discard-enable",
libxl_defbool_val(disk->discard_enable) ?
"1" : "0");
@ -19,13 +19,13 @@ Index: xen-4.6.1-testing/tools/libxl/libxl.c
+ flexarray_append_pair(back, "suse-diskcache-disable-flush", "1");
flexarray_append(front, "backend-id");
flexarray_append(front, libxl__sprintf(gc, "%d", disk->backend_domid));
Index: xen-4.6.1-testing/tools/libxl/libxl.h
flexarray_append(front, GCSPRINTF("%d", disk->backend_domid));
Index: xen-4.7.0-testing/tools/libxl/libxl.h
===================================================================
--- xen-4.6.1-testing.orig/tools/libxl/libxl.h
+++ xen-4.6.1-testing/tools/libxl/libxl.h
@@ -205,6 +205,18 @@
#define LIBXL_HAVE_BUILDINFO_ARM_GIC_VERSION 1
--- xen-4.7.0-testing.orig/tools/libxl/libxl.h
+++ xen-4.7.0-testing/tools/libxl/libxl.h
@@ -253,6 +253,18 @@
#define LIBXL_HAVE_BUILD_ID 1
/*
+ * The libxl_device_disk has no way to indicate that cache=unsafe is
@ -43,10 +43,10 @@ Index: xen-4.6.1-testing/tools/libxl/libxl.h
* libxl ABI compatibility
*
* The only guarantee which libxl makes regarding ABI compatibility
Index: xen-4.6.1-testing/tools/libxl/libxlu_disk.c
Index: xen-4.7.0-testing/tools/libxl/libxlu_disk.c
===================================================================
--- xen-4.6.1-testing.orig/tools/libxl/libxlu_disk.c
+++ xen-4.6.1-testing/tools/libxl/libxlu_disk.c
--- xen-4.7.0-testing.orig/tools/libxl/libxlu_disk.c
+++ xen-4.7.0-testing/tools/libxl/libxlu_disk.c
@@ -79,6 +79,8 @@ int xlu_disk_parse(XLU_Config *cfg,
if (!disk->pdev_path || !strcmp(disk->pdev_path, ""))
disk->format = LIBXL_DISK_FORMAT_EMPTY;
@ -56,10 +56,10 @@ Index: xen-4.6.1-testing/tools/libxl/libxlu_disk.c
if (!disk->vdev) {
xlu__disk_err(&dpc,0, "no vdev specified");
Index: xen-4.6.1-testing/tools/libxl/libxlu_disk_i.h
Index: xen-4.7.0-testing/tools/libxl/libxlu_disk_i.h
===================================================================
--- xen-4.6.1-testing.orig/tools/libxl/libxlu_disk_i.h
+++ xen-4.6.1-testing/tools/libxl/libxlu_disk_i.h
--- xen-4.7.0-testing.orig/tools/libxl/libxlu_disk_i.h
+++ xen-4.7.0-testing/tools/libxl/libxlu_disk_i.h
@@ -10,7 +10,7 @@ typedef struct {
void *scanner;
YY_BUFFER_STATE buf;
@ -69,14 +69,14 @@ Index: xen-4.6.1-testing/tools/libxl/libxlu_disk_i.h
const char *spec;
} DiskParseContext;
Index: xen-4.6.1-testing/tools/libxl/libxlu_disk_l.l
Index: xen-4.7.0-testing/tools/libxl/libxlu_disk_l.l
===================================================================
--- xen-4.6.1-testing.orig/tools/libxl/libxlu_disk_l.l
+++ xen-4.6.1-testing/tools/libxl/libxlu_disk_l.l
@@ -176,6 +176,7 @@ script=[^,]*,? { STRIP(','); SAVESTRING(
direct-io-safe,? { DPC->disk->direct_io_safe = 1; }
discard,? { libxl_defbool_set(&DPC->disk->discard_enable, true); }
no-discard,? { libxl_defbool_set(&DPC->disk->discard_enable, false); }
--- xen-4.7.0-testing.orig/tools/libxl/libxlu_disk_l.l
+++ xen-4.7.0-testing/tools/libxl/libxlu_disk_l.l
@@ -195,6 +195,7 @@ colo-port=[^,]*,? { STRIP(','); setcolop
colo-export=[^,]*,? { STRIP(','); SAVESTRING("colo-export", colo_export, FROMEQUALS); }
active-disk=[^,]*,? { STRIP(','); SAVESTRING("active-disk", active_disk, FROMEQUALS); }
hidden-disk=[^,]*,? { STRIP(','); SAVESTRING("hidden-disk", hidden_disk, FROMEQUALS); }
+suse-diskcache-disable-flush,? { DPC->suse_diskcache_disable_flush = 1; }
/* the target magic parameter, eats the rest of the string */

3287
libxl.pvscsi.patch
View File

File diff suppressed because it is too large Load Diff

512
libxl.set-migration-constraints-from-cmdline.patch Normal file
View File

@ -0,0 +1,512 @@
From 77deb80879859ed279e24a790ec08e9c5d37dd0e Mon Sep 17 00:00:00 2001
From: Olaf Hering <olaf@aepfle.de>
Date: Wed, 5 Feb 2014 14:37:53 +0100
Subject: libxl: set migration constraints from cmdline
Add new options to xl migrate to control the process of migration.
The intention is to optionally abort the migration if it takes too long
to migrate a busy guest due to the high number of new dirty pages.
Currently the guest is suspended to transfer the remaining dirty pages.
The suspend/resume cycle will cause a time jump. This transfer can take
a long time, which can confuse the guest if the time jump is too far.
The new options allow to override the built-in default values, which are
not changed by this patch.
--max_iters <number> Number of iterations before final suspend (default: 30)
--max_factor <factor> Max amount of memory to transfer before final suspend (default: 3*RAM)
--min_remaing <pages> Number of dirty pages before stop&copy (default: 50)
--abort_if_busy Abort migration instead of doing final suspend.
The changes to libxl change the API, handle LIBXL_API_VERSION == 0x040200.
v8:
- merge --min_remaing changes
- tools/libxc: print stats if migration is aborted
- use special _suse version of lib calls to preserve ABI
v7:
- remove short options
- update description of --abort_if_busy in xl.1
- extend description of --abort_if_busy in xl help
- add comment to libxl_domain_suspend declaration, props is optional
v6:
- update the LIBXL_API_VERSION handling for libxl_domain_suspend
change it to an inline function if LIBXL_API_VERSION is defined to 4.2.0
- rename libxl_save_properties to libxl_domain_suspend_properties
- rename ->xlflags to ->flags within that struct
v5:
- adjust libxl_domain_suspend prototype, move flags, max_iters,
max_factor into a new, optional struct libxl_save_properties
- rename XCFLAGS_DOMSAVE_NOSUSPEND to XCFLAGS_DOMSAVE_ABORT_IF_BUSY
- rename LIBXL_SUSPEND_NO_FINAL_SUSPEND to LIBXL_SUSPEND_ABORT_IF_BUSY
- rename variables no_suspend to abort_if_busy
- rename option -N/--no_suspend to -A/--abort_if_busy
- update xl.1, extend description of -A option
v4:
- update default for no_suspend from None to 0 in XendCheckpoint.py:save
- update logoutput in setMigrateConstraints
- change xm migrate defaults from None to 0
- add new options to xl.1
- fix syntax error in XendDomain.py:domain_migrate_constraints_set
- fix xm migrate -N option name to match xl migrate
v3:
- move logic errors in libxl__domain_suspend and fixed help text in
cmd_table to separate patches
- fix syntax error in XendCheckpoint.py
- really pass max_iters and max_factor in libxl__xc_domain_save
- make libxl_domain_suspend_0x040200 declaration globally visible
- bump libxenlight.so SONAME from 2.0 to 2.1 due to changed
libxl_domain_suspend
v2:
- use LIBXL_API_VERSION and define libxl_domain_suspend_0x040200
- fix logic error in min_reached check in xc_domain_save
- add longopts
- update --help text
- correct description of migrate --help text
Signed-off-by: Olaf Hering <olaf@aepfle.de>
---
docs/man/xl.pod.1 | 20 +++++++++++++++++++
tools/libxc/include/xenguest.h | 7 ++++++
tools/libxc/xc_nomigrate.c | 10 +++++++++
tools/libxc/xc_sr_common.h | 1
tools/libxc/xc_sr_save.c | 22 +++++++++++++++------
tools/libxl/libxl.c | 29 ++++++++++++++++++++++++----
tools/libxl/libxl.h | 15 ++++++++++++++
tools/libxl/libxl_dom_save.c | 1
tools/libxl/libxl_internal.h | 4 +++
tools/libxl/libxl_save_callout.c | 4 ++-
tools/libxl/libxl_save_helper.c | 8 ++++---
tools/libxl/xl_cmdimpl.c | 40 +++++++++++++++++++++++++++++++++------
tools/libxl/xl_cmdtable.c | 23 ++++++++++++++--------
13 files changed, 156 insertions(+), 28 deletions(-)
Index: xen-4.7.0-testing/docs/man/xl.pod.1
===================================================================
--- xen-4.7.0-testing.orig/docs/man/xl.pod.1
+++ xen-4.7.0-testing/docs/man/xl.pod.1
@@ -443,6 +443,26 @@ Send <config> instead of config file fro
Print huge (!) amount of debug during the migration process.
+=item B<--max_iters> I<number>
+
+Number of iterations before final suspend (default: 30)
+
+=item B<--max_factor> I<factor>
+
+Max amount of memory to transfer before final suspend (default: 3*RAM)
+
+=item B<--min_remaining>
+
+Number of remaining dirty pages. If the number of dirty pages drops that
+low the guest is suspended and the remaing pages are transfered to <host>.
+
+=item B<--abort_if_busy>
+
+Abort migration instead of doing final suspend/transfer/resume if the
+guest has still dirty pages after the number of iterations and/or the
+amount of RAM transferred. This avoids long periods of time where the
+guest is suspended.
+
=back
=item B<remus> [I<OPTIONS>] I<domain-id> I<host>
Index: xen-4.7.0-testing/tools/libxc/include/xenguest.h
===================================================================
--- xen-4.7.0-testing.orig/tools/libxc/include/xenguest.h
+++ xen-4.7.0-testing/tools/libxc/include/xenguest.h
@@ -29,6 +29,7 @@
#define XCFLAGS_HVM (1 << 2)
#define XCFLAGS_STDVGA (1 << 3)
#define XCFLAGS_CHECKPOINT_COMPRESS (1 << 4)
+#define XCFLAGS_DOMSAVE_ABORT_IF_BUSY (1 << 5)
#define X86_64_B_SIZE 64
#define X86_32_B_SIZE 32
@@ -105,6 +106,12 @@ int xc_domain_save(xc_interface *xch, in
struct save_callbacks* callbacks, int hvm,
xc_migration_stream_t stream_type, int recv_fd);
+int xc_domain_save_suse(xc_interface *xch, int io_fd, uint32_t dom, uint32_t max_iters,
+ uint32_t max_factor, uint32_t flags /* XCFLAGS_xxx */,
+ uint32_t min_remaining,
+ struct save_callbacks* callbacks, int hvm,
+ xc_migration_stream_t stream_type, int recv_fd);
+
/* callbacks provided by xc_domain_restore */
struct restore_callbacks {
/* Called after a new checkpoint to suspend the guest.
Index: xen-4.7.0-testing/tools/libxc/xc_nomigrate.c
===================================================================
--- xen-4.7.0-testing.orig/tools/libxc/xc_nomigrate.c
+++ xen-4.7.0-testing/tools/libxc/xc_nomigrate.c
@@ -29,6 +29,16 @@ int xc_domain_save(xc_interface *xch, in
return -1;
}
+int xc_domain_save_suse(xc_interface *xch, int io_fd, uint32_t dom, uint32_t max_iters,
+ uint32_t max_factor, uint32_t flags,
+ uint32_t min_remaining,
+ struct save_callbacks* callbacks, int hvm,
+ xc_migration_stream_t stream_type, int recv_fd)
+{
+ errno = ENOSYS;
+ return -1;
+}
+
int xc_domain_restore(xc_interface *xch, int io_fd, uint32_t dom,
unsigned int store_evtchn, unsigned long *store_mfn,
domid_t store_domid, unsigned int console_evtchn,
Index: xen-4.7.0-testing/tools/libxc/xc_sr_common.h
===================================================================
--- xen-4.7.0-testing.orig/tools/libxc/xc_sr_common.h
+++ xen-4.7.0-testing/tools/libxc/xc_sr_common.h
@@ -201,6 +201,7 @@ struct xc_sr_context
/* Parameters for tweaking live migration. */
unsigned max_iterations;
unsigned dirty_threshold;
+ bool abort_if_busy;
unsigned long p2m_size;
Index: xen-4.7.0-testing/tools/libxc/xc_sr_save.c
===================================================================
--- xen-4.7.0-testing.orig/tools/libxc/xc_sr_save.c
+++ xen-4.7.0-testing/tools/libxc/xc_sr_save.c
@@ -511,6 +511,14 @@ static int send_memory_live(struct xc_sr
goto out;
}
+ if (!rc && ctx->save.abort_if_busy && stats.dirty_count > ctx->save.dirty_threshold) {
+ rc = -1;
+ errno = EBUSY;
+ PERROR("%s: domU busy. dirty pages: %u/%u after %u iterations",
+ __func__,
+ stats.dirty_count, ctx->save.dirty_threshold, x);
+ }
+
out:
xc_set_progress_prefix(xch, NULL);
free(progress_str);
@@ -915,10 +923,11 @@ static int save(struct xc_sr_context *ct
return rc;
};
-int xc_domain_save(xc_interface *xch, int io_fd, uint32_t dom,
- uint32_t max_iters, uint32_t max_factor, uint32_t flags,
- struct save_callbacks* callbacks, int hvm,
- xc_migration_stream_t stream_type, int recv_fd)
+int xc_domain_save_suse(xc_interface *xch, int io_fd, uint32_t dom,
+ uint32_t max_iters, uint32_t max_factor, uint32_t flags,
+ uint32_t min_remaining,
+ struct save_callbacks* callbacks, int hvm,
+ xc_migration_stream_t stream_type, int recv_fd)
{
struct xc_sr_context ctx =
{
@@ -930,6 +939,7 @@ int xc_domain_save(xc_interface *xch, in
ctx.save.callbacks = callbacks;
ctx.save.live = !!(flags & XCFLAGS_LIVE);
ctx.save.debug = !!(flags & XCFLAGS_DEBUG);
+ ctx.save.abort_if_busy = !!(flags & XCFLAGS_DOMSAVE_ABORT_IF_BUSY);
ctx.save.checkpointed = stream_type;
ctx.save.recv_fd = recv_fd;
@@ -944,8 +954,8 @@ int xc_domain_save(xc_interface *xch, in
* These parameters are better than the legacy algorithm especially for
* busy guests.
*/
- ctx.save.max_iterations = 5;
- ctx.save.dirty_threshold = 50;
+ ctx.save.max_iterations = max_iters ? : 5;
+ ctx.save.dirty_threshold = min_remaining ? : 50;
/* Sanity checks for callbacks. */
if ( hvm )
Index: xen-4.7.0-testing/tools/libxl/libxl.c
===================================================================
--- xen-4.7.0-testing.orig/tools/libxl/libxl.c
+++ xen-4.7.0-testing/tools/libxl/libxl.c
@@ -934,8 +934,9 @@ static void domain_suspend_cb(libxl__egc
}
-int libxl_domain_suspend(libxl_ctx *ctx, uint32_t domid, int fd, int flags,
- const libxl_asyncop_how *ao_how)
+static int do_libxl_domain_suspend(libxl_ctx *ctx, uint32_t domid, int fd,
+ const libxl_domain_suspend_suse_properties *props,
+ const libxl_asyncop_how *ao_how)
{
AO_CREATE(ctx, domid, ao_how);
int rc;
@@ -955,9 +956,15 @@ int libxl_domain_suspend(libxl_ctx *ctx,
dss->domid = domid;
dss->fd = fd;
dss->type = type;
- dss->live = flags & LIBXL_SUSPEND_LIVE;
- dss->debug = flags & LIBXL_SUSPEND_DEBUG;
dss->checkpointed_stream = LIBXL_CHECKPOINTED_STREAM_NONE;
+ if (props) {
+ dss->live = props->flags & LIBXL_SUSPEND_LIVE;
+ dss->debug = props->flags & LIBXL_SUSPEND_DEBUG;
+ dss->max_iters = props->max_iters;
+ dss->max_factor = props->max_factor;
+ dss->min_remaining = props->min_remaining;
+ dss->xlflags = props->flags;
+ }
rc = libxl__fd_flags_modify_save(gc, dss->fd,
~(O_NONBLOCK|O_NDELAY), 0,
@@ -971,6 +978,20 @@ int libxl_domain_suspend(libxl_ctx *ctx,
return AO_CREATE_FAIL(rc);
}
+int libxl_domain_suspend_suse(libxl_ctx *ctx, uint32_t domid, int fd,
+ const libxl_domain_suspend_suse_properties *props,
+ const libxl_asyncop_how *ao_how)
+{
+ return do_libxl_domain_suspend(ctx, domid, fd, props, ao_how);
+}
+
+int libxl_domain_suspend(libxl_ctx *ctx, uint32_t domid, int fd, int flags,
+ const libxl_asyncop_how *ao_how)
+{
+ libxl_domain_suspend_suse_properties props = { .flags = flags };
+ return do_libxl_domain_suspend(ctx, domid, fd, &props, ao_how);
+}
+
int libxl_domain_pause(libxl_ctx *ctx, uint32_t domid)
{
int ret;
Index: xen-4.7.0-testing/tools/libxl/libxl.h
===================================================================
--- xen-4.7.0-testing.orig/tools/libxl/libxl.h
+++ xen-4.7.0-testing/tools/libxl/libxl.h
@@ -1323,8 +1323,23 @@ int libxl_domain_suspend(libxl_ctx *ctx,
int flags, /* LIBXL_SUSPEND_* */
const libxl_asyncop_how *ao_how)
LIBXL_EXTERNAL_CALLERS_ONLY;
+
+typedef struct {
+ int flags; /* LIBXL_SUSPEND_* */
+ int max_iters;
+ int max_factor;
+ int min_remaining;
+} libxl_domain_suspend_suse_properties;
+
+#define LIBXL_HAVE_DOMAIN_SUSPEND_SUSE
+int libxl_domain_suspend_suse(libxl_ctx *ctx, uint32_t domid, int fd,
+ const libxl_domain_suspend_suse_properties *props, /* optional */
+ const libxl_asyncop_how *ao_how)
+ LIBXL_EXTERNAL_CALLERS_ONLY;
+
#define LIBXL_SUSPEND_DEBUG 1
#define LIBXL_SUSPEND_LIVE 2
+#define LIBXL_SUSPEND_ABORT_IF_BUSY 4
/* @param suspend_cancel [from xenctrl.h:xc_domain_resume( @param fast )]
* If this parameter is true, use co-operative resume. The guest
Index: xen-4.7.0-testing/tools/libxl/libxl_dom_save.c
===================================================================
--- xen-4.7.0-testing.orig/tools/libxl/libxl_dom_save.c
+++ xen-4.7.0-testing/tools/libxl/libxl_dom_save.c
@@ -375,6 +375,7 @@ void libxl__domain_save(libxl__egc *egc,
dss->xcflags = (live ? XCFLAGS_LIVE : 0)
| (debug ? XCFLAGS_DEBUG : 0)
+ | (dss->xlflags & LIBXL_SUSPEND_ABORT_IF_BUSY ? XCFLAGS_DOMSAVE_ABORT_IF_BUSY : 0)
| (dss->hvm ? XCFLAGS_HVM : 0);
/* Disallow saving a guest with vNUMA configured because migration
Index: xen-4.7.0-testing/tools/libxl/libxl_internal.h
===================================================================
--- xen-4.7.0-testing.orig/tools/libxl/libxl_internal.h
+++ xen-4.7.0-testing/tools/libxl/libxl_internal.h
@@ -3292,6 +3292,10 @@ struct libxl__domain_save_state {
/* private */
int rc;
int hvm;
+ int max_iters;
+ int max_factor;
+ int min_remaining;
+ int xlflags;
int xcflags;
libxl__domain_suspend_state dsps;
union {
Index: xen-4.7.0-testing/tools/libxl/libxl_save_callout.c
===================================================================
--- xen-4.7.0-testing.orig/tools/libxl/libxl_save_callout.c
+++ xen-4.7.0-testing/tools/libxl/libxl_save_callout.c
@@ -89,7 +89,9 @@ void libxl__xc_domain_save(libxl__egc *e
libxl__srm_callout_enumcallbacks_save(&shs->callbacks.save.a);
const unsigned long argnums[] = {
- dss->domid, 0, 0, dss->xcflags, dss->hvm,
+ dss->domid,
+ dss->max_iters, dss->max_factor, dss->min_remaining,
+ dss->xcflags, dss->hvm,
cbflags, dss->checkpointed_stream,
};
Index: xen-4.7.0-testing/tools/libxl/libxl_save_helper.c
===================================================================
--- xen-4.7.0-testing.orig/tools/libxl/libxl_save_helper.c
+++ xen-4.7.0-testing/tools/libxl/libxl_save_helper.c
@@ -253,6 +253,7 @@ int main(int argc, char **argv)
uint32_t dom = strtoul(NEXTARG,0,10);
uint32_t max_iters = strtoul(NEXTARG,0,10);
uint32_t max_factor = strtoul(NEXTARG,0,10);
+ uint32_t min_remaining = strtoul(NEXTARG,0,10);
uint32_t flags = strtoul(NEXTARG,0,10);
int hvm = atoi(NEXTARG);
unsigned cbflags = strtoul(NEXTARG,0,10);
@@ -264,9 +265,10 @@ int main(int argc, char **argv)
startup("save");
setup_signals(save_signal_handler);
- r = xc_domain_save(xch, io_fd, dom, max_iters, max_factor, flags,
- &helper_save_callbacks, hvm, stream_type,
- recv_fd);
+ r = xc_domain_save_suse(xch, io_fd, dom, max_iters, max_factor, flags,
+ min_remaining,
+ &helper_save_callbacks, hvm, stream_type,
+ recv_fd);
complete(r);
} else if (!strcmp(mode,"--restore-domain")) {
Index: xen-4.7.0-testing/tools/libxl/xl_cmdimpl.c
===================================================================
--- xen-4.7.0-testing.orig/tools/libxl/xl_cmdimpl.c
+++ xen-4.7.0-testing/tools/libxl/xl_cmdimpl.c
@@ -4615,6 +4615,8 @@ static void migrate_do_preamble(int send
}
static void migrate_domain(uint32_t domid, const char *rune, int debug,
+ int max_iters, int max_factor,
+ int min_remaining, int abort_if_busy,
const char *override_config_file)
{
pid_t child = -1;
@@ -4623,7 +4625,13 @@ static void migrate_domain(uint32_t domi
char *away_domname;
char rc_buf;
uint8_t *config_data;
- int config_len, flags = LIBXL_SUSPEND_LIVE;
+ int config_len;
+ libxl_domain_suspend_suse_properties props = {
+ .flags = LIBXL_SUSPEND_LIVE,
+ .max_iters = max_iters,
+ .max_factor = max_factor,
+ .min_remaining = min_remaining,
+ };
save_domain_core_begin(domid, override_config_file,
&config_data, &config_len);
@@ -4642,10 +4650,12 @@ static void migrate_domain(uint32_t domi
xtl_stdiostream_adjust_flags(logger, XTL_STDIOSTREAM_HIDE_PROGRESS, 0);
if (debug)
- flags |= LIBXL_SUSPEND_DEBUG;
- rc = libxl_domain_suspend(ctx, domid, send_fd, flags, NULL);
+ props.flags |= LIBXL_SUSPEND_DEBUG;
+ if (abort_if_busy)
+ props.flags |= LIBXL_SUSPEND_ABORT_IF_BUSY;
+ rc = libxl_domain_suspend_suse(ctx, domid, send_fd, &props, NULL);
if (rc) {
- fprintf(stderr, "migration sender: libxl_domain_suspend failed"
+ fprintf(stderr, "migration sender: libxl_domain_suspend_suse failed"
" (rc=%d)\n", rc);
if (rc == ERROR_GUEST_TIMEDOUT)
goto failed_suspend;
@@ -5060,13 +5070,18 @@ int main_migrate(int argc, char **argv)
char *rune = NULL;
char *host;
int opt, daemonize = 1, monitor = 1, debug = 0;
+ int max_iters = 0, max_factor = 0, min_remaining = 0, abort_if_busy = 0;
static struct option opts[] = {
{"debug", 0, 0, 0x100},
+ {"max_iters", 1, 0, 0x101},
+ {"max_factor", 1, 0, 0x102},
+ {"min_remaining", 1, 0, 0x103},
+ {"abort_if_busy", 0, 0, 0x104},
{"live", 0, 0, 0x200},
COMMON_LONG_OPTS
};
- SWITCH_FOREACH_OPT(opt, "FC:s:e", opts, "migrate", 2) {
+ SWITCH_FOREACH_OPT(opt, "FC:s:eM:m:A", opts, "migrate", 2) {
case 'C':
config_filename = optarg;
break;
@@ -5083,6 +5098,18 @@ int main_migrate(int argc, char **argv)
case 0x100: /* --debug */
debug = 1;
break;
+ case 0x101:
+ max_iters = atoi(optarg);
+ break;
+ case 0x102:
+ max_factor = atoi(optarg);
+ break;
+ case 0x103:
+ min_remaining = atoi(optarg);
+ break;
+ case 0x104:
+ abort_if_busy = 1;
+ break;
case 0x200: /* --live */
/* ignored for compatibility with xm */
break;
@@ -5115,7 +5142,8 @@ int main_migrate(int argc, char **argv)
debug ? " -d" : "");
}
- migrate_domain(domid, rune, debug, config_filename);
+ migrate_domain(domid, rune, debug, max_iters, max_factor, min_remaining,
+ abort_if_busy, config_filename);
return EXIT_SUCCESS;
}
#endif
Index: xen-4.7.0-testing/tools/libxl/xl_cmdtable.c
===================================================================
--- xen-4.7.0-testing.orig/tools/libxl/xl_cmdtable.c
+++ xen-4.7.0-testing/tools/libxl/xl_cmdtable.c
@@ -157,14 +157,21 @@ struct cmd_spec cmd_table[] = {
&main_migrate, 0, 1,
"Migrate a domain to another host",
"[options] <Domain> <host>",
- "-h Print this help.\n"
- "-C <config> Send <config> instead of config file from creation.\n"
- "-s <sshcommand> Use <sshcommand> instead of ssh. String will be passed\n"
- " to sh. If empty, run <host> instead of ssh <host> xl\n"
- " migrate-receive [-d -e]\n"
- "-e Do not wait in the background (on <host>) for the death\n"
- " of the domain.\n"
- "--debug Print huge (!) amount of debug during the migration process."
+ "-h Print this help.\n"
+ "-C <config> Send <config> instead of config file from creation.\n"
+ "-s <sshcommand> Use <sshcommand> instead of ssh. String will be passed\n"
+ " to sh. If empty, run <host> instead of ssh <host> xl\n"
+ " migrate-receive [-d -e]\n"
+ "-e Do not wait in the background (on <host>) for the death\n"
+ " of the domain.\n"
+ "--debug Print huge (!) amount of debug during the migration process.\n"
+ "\n"
+ "SUSE Linux specific options:\n"
+ "--max_iters <number> Number of iterations before final suspend (default: 30)\n"
+ "--max_factor <factor> Max amount of memory to transfer before final suspend (default: 3*RAM).\n"
+ "--min_remaining <pages> Number of remaining dirty pages before final suspend (default: 50).\n"
+ "--abort_if_busy Abort migration instead of doing final suspend, if number\n"
+ " of iterations or amount of transfered memory is exceeded."
},
{ "restore",
&main_restore, 0, 1,

8
log-guest-console.patch
View File

@ -6,10 +6,10 @@ Signed-off-by: Chunyan Liu <cyliu@novell.com>
hw/xen_console.c | 71 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 71 insertions(+), 0 deletions(-)
Index: xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_console.c
Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_console.c
===================================================================
--- xen-4.2.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/xen_console.c
+++ xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_console.c
--- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/xen_console.c
+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_console.c
@@ -38,6 +38,8 @@
#include "qemu-char.h"
#include "xen_backend.h"
@ -128,7 +128,7 @@ Index: xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_console.c
}
@@ -266,6 +332,12 @@ static void con_disconnect(struct XenDev
xc_gnttab_munmap(xendev->gnttabdev, con->sring, 1);
xengnttab_unmap(xendev->gnttabdev, con->sring, 1);
con->sring = NULL;
}
+

20
magic_ioport_compat.patch
View File

@ -1,20 +0,0 @@
Make our PV drivers work with older hosts that do not recognize the new PV driver protocol.
Signed-off-by: K. Y. Srinivasan <ksrinivasan@novell.com>
Index: xen-4.6.0-testing/unmodified_drivers/linux-2.6/platform-pci/platform-pci.c
===================================================================
--- xen-4.6.0-testing.orig/unmodified_drivers/linux-2.6/platform-pci/platform-pci.c
+++ xen-4.6.0-testing/unmodified_drivers/linux-2.6/platform-pci/platform-pci.c
@@ -336,7 +336,10 @@ static int check_platform_magic(struct d
if (magic != XEN_IOPORT_MAGIC_VAL) {
err = "unrecognised magic value";
- goto no_dev;
+ /*
+ * Older backend; just return 0 to be compatible.
+ */
+ return 0;
}
protocol = inb(XEN_IOPORT_PROTOVER);

4
mini-os.tar.bz2
View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:108d025e6b5068a817b79df33a0fd3b94704f8af94f4199188835d4f5eea14c0
size 250896
oid sha256:436ec6bfe55880d69677fdba7c5c1a50a88d7cbd2781574845488455550d5256
size 255793

14
pygrub-boot-legacy-sles.patch
View File

@ -1,8 +1,8 @@
Index: xen-4.6.0-testing/tools/pygrub/src/pygrub
Index: xen-4.7.0-testing/tools/pygrub/src/pygrub
===================================================================
--- xen-4.6.0-testing.orig/tools/pygrub/src/pygrub
+++ xen-4.6.0-testing/tools/pygrub/src/pygrub
@@ -449,7 +449,7 @@ class Grub:
--- xen-4.7.0-testing.orig/tools/pygrub/src/pygrub
+++ xen-4.7.0-testing/tools/pygrub/src/pygrub
@@ -454,7 +454,7 @@ class Grub:
self.cf.filename = f
break
if self.__dict__.get('cf', None) is None:
@ -11,7 +11,7 @@ Index: xen-4.6.0-testing/tools/pygrub/src/pygrub
f = fs.open_file(self.cf.filename)
# limit read size to avoid pathological cases
buf = f.read(FS_READ_MAX)
@@ -621,6 +621,20 @@ def run_grub(file, entry, fs, cfg_args):
@@ -626,6 +626,20 @@ def run_grub(file, entry, fs, cfg_args):
g = Grub(file, fs)
@ -32,7 +32,7 @@ Index: xen-4.6.0-testing/tools/pygrub/src/pygrub
if list_entries:
for i in range(len(g.cf.images)):
img = g.cf.images[i]
@@ -716,6 +730,19 @@ def sniff_netware(fs, cfg):
@@ -721,6 +735,19 @@ def sniff_netware(fs, cfg):
return cfg
@ -52,7 +52,7 @@ Index: xen-4.6.0-testing/tools/pygrub/src/pygrub
def format_sxp(kernel, ramdisk, args):
s = "linux (kernel %s)" % kernel
if ramdisk:
@@ -796,7 +823,7 @@ if __name__ == "__main__":
@@ -801,7 +828,7 @@ if __name__ == "__main__":
debug = False
not_really = False
output_format = "sxp"

8
pygrub-netware-xnloader.patch
View File

@ -1,7 +1,7 @@
Index: xen-4.6.0-testing/tools/pygrub/src/pygrub
Index: xen-4.7.0-testing/tools/pygrub/src/pygrub
===================================================================
--- xen-4.6.0-testing.orig/tools/pygrub/src/pygrub
+++ xen-4.6.0-testing/tools/pygrub/src/pygrub
--- xen-4.7.0-testing.orig/tools/pygrub/src/pygrub
+++ xen-4.7.0-testing/tools/pygrub/src/pygrub
@@ -25,6 +25,7 @@ import fsimage
import grub.GrubConf
import grub.LiloConf
@ -10,7 +10,7 @@ Index: xen-4.6.0-testing/tools/pygrub/src/pygrub
PYGRUB_VER = 0.6
FS_READ_MAX = 1024 * 1024
@@ -758,6 +759,8 @@ if __name__ == "__main__":
@@ -763,6 +764,8 @@ if __name__ == "__main__":
if len(data) == 0:
os.close(tfd)
del datafile

4
qemu-xen-traditional-dir-remote.tar.bz2
View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:49b46fed34660b33f06539a82abc11421b6396cf9ec6bf1a8b6a2219e0beaa30
size 3213851
oid sha256:5b687988f256884ff76fa098b9e80b35f6b6a4fb1657b9a1b397cfb1cf803a81
size 3237484

3
seabios-dir-remote.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:1cac2c7e38b87f2944ab6833a3e79540480456229ab9a187f16ea8231a4918c6
size 446291

40
set-mtu-from-bridge-for-tap-interface.patch
View File

@ -1,40 +0,0 @@
# HG changeset patch
# User Charles Arnold <carnold@suse.com>
# Date 1379427987 -3600
# Node ID e6da6ffd6749237316d4440799f0a0272bbdae9c
# Parent 5597ce99ec7f2587a29f3b2dee0bde98d59bf327
tools/hotplug: set mtu from bridge for tap interface
With changeset 22885 support was added for setting the MTU in the vif-bridge
script for when a vif interface was set to 'online'. The was not done for the
'add' operation. The 'add' operation was added to the script for when tap
devices were specified (c/s 21944). With the setting of the MTU for the
'online' case was there a reason for omitting the 'add'?
This patch sets the MTU for both 'online' and 'add' in the vif-bridge script.
Signed-off-by: Charles Arnold <carnold@suse.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Index: xen-4.5.0-testing/tools/hotplug/Linux/vif-bridge
===================================================================
--- xen-4.5.0-testing.orig/tools/hotplug/Linux/vif-bridge
+++ xen-4.5.0-testing/tools/hotplug/Linux/vif-bridge
@@ -84,7 +84,7 @@ fi
case "$command" in
online)
setup_virtual_bridge_port "$dev"
- set_mtu $bridge $dev
+ set_mtu "$bridge" "$dev"
add_to_bridge "$bridge" "$dev"
;;
@@ -95,7 +95,7 @@ case "$command" in
add)
setup_virtual_bridge_port "$dev"
- set_mtu $bridge $dev
+ set_mtu "$bridge" "$dev"
add_to_bridge "$bridge" "$dev"
;;
esac

8
stdvga-cache.patch
View File

@ -1,8 +1,8 @@
Index: xen-4.6.1-testing/xen/arch/x86/hvm/stdvga.c
Index: xen-4.7.0-testing/xen/arch/x86/hvm/stdvga.c
===================================================================
--- xen-4.6.1-testing.orig/xen/arch/x86/hvm/stdvga.c
+++ xen-4.6.1-testing/xen/arch/x86/hvm/stdvga.c
@@ -166,7 +166,10 @@ static int stdvga_outb(uint64_t addr, ui
--- xen-4.7.0-testing.orig/xen/arch/x86/hvm/stdvga.c
+++ xen-4.7.0-testing/xen/arch/x86/hvm/stdvga.c
@@ -167,7 +167,10 @@ static int stdvga_outb(uint64_t addr, ui
/* When in standard vga mode, emulate here all writes to the vram buffer
* so we can immediately satisfy reads without waiting for qemu. */

10
stubdom-have-iovec.patch
View File

@ -3,11 +3,11 @@ xc_private.h now contains a definition of iovec. This conflicts
when building qemu traditional xen_platform.c which includes
hw.h which includes qemu-common.h which already has a definition
of iovec
Index: xen-4.6.0-testing/tools/libxc/xc_private.h
Index: xen-4.7.0-testing/tools/libxc/xc_private.h
===================================================================
--- xen-4.6.0-testing.orig/tools/libxc/xc_private.h
+++ xen-4.6.0-testing/tools/libxc/xc_private.h
@@ -42,6 +42,8 @@
--- xen-4.7.0-testing.orig/tools/libxc/xc_private.h
+++ xen-4.7.0-testing/tools/libxc/xc_private.h
@@ -47,6 +47,8 @@
#endif
#if defined(__MINIOS__)
@ -16,7 +16,7 @@ Index: xen-4.6.0-testing/tools/libxc/xc_private.h
/*
* MiniOS's libc doesn't know about sys/uio.h or writev().
* Declare enough of sys/uio.h to compile.
@@ -50,6 +52,7 @@ struct iovec {
@@ -55,6 +57,7 @@ struct iovec {
void *iov_base;
size_t iov_len;
};

4
stubdom.tar.bz2
View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:84630b41c8066eddb78755762e7a8d1261ed9e12fd8733604f8a0ab9d32eac86
size 17477041
oid sha256:668c2c85b21a02203ccd8a559a0f8c7e01ca7f60ef4b12576e35490ec705b5f4
size 17477020

14
suspend_evtchn_lock.patch
View File

@ -6,11 +6,11 @@ http://xen.1045712.n5.nabble.com/Re-PATCH-improve-suspend-evtchn-lock-processing
Signed-off-by: Chunyan Liu <cyliu@suse.com>
Index: xen-4.6.0-testing/tools/libxc/xc_suspend.c
Index: xen-4.7.0-testing/tools/libxc/xc_suspend.c
===================================================================
--- xen-4.6.0-testing.orig/tools/libxc/xc_suspend.c
+++ xen-4.6.0-testing/tools/libxc/xc_suspend.c
@@ -18,6 +18,10 @@
--- xen-4.7.0-testing.orig/tools/libxc/xc_suspend.c
+++ xen-4.7.0-testing/tools/libxc/xc_suspend.c
@@ -20,6 +20,10 @@
#include "xc_private.h"
#include "xenguest.h"
@ -21,7 +21,7 @@ Index: xen-4.6.0-testing/tools/libxc/xc_suspend.c
#define SUSPEND_LOCK_FILE XEN_RUN_DIR "/suspend-evtchn-%d.lock"
@@ -33,6 +37,37 @@
@@ -35,6 +39,37 @@
#define SUSPEND_FILE_BUFLEN (sizeof(SUSPEND_LOCK_FILE) + 10)
@ -59,7 +59,7 @@ Index: xen-4.6.0-testing/tools/libxc/xc_suspend.c
static void get_suspend_file(char buf[], int domid)
{
snprintf(buf, SUSPEND_FILE_BUFLEN, SUSPEND_LOCK_FILE, domid);
@@ -46,6 +81,7 @@ static int lock_suspend_event(xc_interfa
@@ -48,6 +83,7 @@ static int lock_suspend_event(xc_interfa
struct flock fl;
get_suspend_file(suspend_file, domid);
@ -67,7 +67,7 @@ Index: xen-4.6.0-testing/tools/libxc/xc_suspend.c
*lockfd = -1;
@@ -95,6 +131,8 @@ static int lock_suspend_event(xc_interfa
@@ -97,6 +133,8 @@ static int lock_suspend_event(xc_interfa
if (fd >= 0)
close(fd);

10
tmp_build.patch
View File

@ -2,11 +2,11 @@
tools/xenstore/Makefile | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
Index: xen-4.6.0-testing/tools/xenstore/Makefile
Index: xen-4.7.0-testing/tools/xenstore/Makefile
===================================================================
--- xen-4.6.0-testing.orig/tools/xenstore/Makefile
+++ xen-4.6.0-testing/tools/xenstore/Makefile
@@ -92,6 +92,7 @@ $(CLIENTS_DOMU): xenstore
--- xen-4.7.0-testing.orig/tools/xenstore/Makefile
+++ xen-4.7.0-testing/tools/xenstore/Makefile
@@ -86,6 +86,7 @@ $(CLIENTS_DOMU): xenstore
xenstore: xenstore_client.o $(LIBXENSTORE)
$(CC) $< $(LDFLAGS) $(LDLIBS_libxenstore) $(SOCKET_LIBS) -o $@ $(APPEND_LDFLAGS)
@ -14,7 +14,7 @@ Index: xen-4.6.0-testing/tools/xenstore/Makefile
xenstore-control: xenstore_control.o $(LIBXENSTORE)
$(CC) $< $(LDFLAGS) $(LDLIBS_libxenstore) $(SOCKET_LIBS) -o $@ $(APPEND_LDFLAGS)
@@ -145,10 +146,11 @@ endif
@@ -139,10 +140,11 @@ endif
$(INSTALL_PROG) xenstore-control $(DESTDIR)$(bindir)
$(INSTALL_PROG) xenstore $(DESTDIR)$(bindir)
set -e ; for c in $(CLIENTS) ; do \

14
x86-cpufreq-report.patch
View File

@ -1,7 +1,7 @@
Index: xen-4.6.0-testing/xen/arch/x86/platform_hypercall.c
Index: xen-4.7.0-testing/xen/arch/x86/platform_hypercall.c
===================================================================
--- xen-4.6.0-testing.orig/xen/arch/x86/platform_hypercall.c
+++ xen-4.6.0-testing/xen/arch/x86/platform_hypercall.c
--- xen-4.7.0-testing.orig/xen/arch/x86/platform_hypercall.c
+++ xen-4.7.0-testing/xen/arch/x86/platform_hypercall.c
@@ -26,7 +26,7 @@
#include <xen/symbols.h>
#include <asm/current.h>
@ -11,7 +11,7 @@ Index: xen-4.6.0-testing/xen/arch/x86/platform_hypercall.c
#include <asm/edd.h>
#include <asm/mtrr.h>
#include <asm/io_apic.h>
@@ -825,6 +825,41 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA
@@ -820,6 +820,41 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA
ret = -EFAULT;
}
break;
@ -53,10 +53,10 @@ Index: xen-4.6.0-testing/xen/arch/x86/platform_hypercall.c
default:
ret = -ENOSYS;
Index: xen-4.6.0-testing/xen/include/public/platform.h
Index: xen-4.7.0-testing/xen/include/public/platform.h
===================================================================
--- xen-4.6.0-testing.orig/xen/include/public/platform.h
+++ xen-4.6.0-testing/xen/include/public/platform.h
--- xen-4.7.0-testing.orig/xen/include/public/platform.h
+++ xen-4.7.0-testing/xen/include/public/platform.h
@@ -547,6 +547,16 @@ struct xenpf_core_parking {
typedef struct xenpf_core_parking xenpf_core_parking_t;
DEFINE_XEN_GUEST_HANDLE(xenpf_core_parking_t);

8
x86-ioapic-ack-default.patch
View File

@ -1,10 +1,10 @@
Change default IO-APIC ack mode for single IO-APIC systems to old-style.
Index: xen-4.5.0-testing/xen/arch/x86/io_apic.c
Index: xen-4.7.0-testing/xen/arch/x86/io_apic.c
===================================================================
--- xen-4.5.0-testing.orig/xen/arch/x86/io_apic.c
+++ xen-4.5.0-testing/xen/arch/x86/io_apic.c
@@ -2035,7 +2035,10 @@ void __init setup_IO_APIC(void)
--- xen-4.7.0-testing.orig/xen/arch/x86/io_apic.c
+++ xen-4.7.0-testing/xen/arch/x86/io_apic.c
@@ -2030,7 +2030,10 @@ void __init setup_IO_APIC(void)
io_apic_irqs = ~PIC_IRQS;
printk("ENABLING IO-APIC IRQs\n");

3
xen-4.6.1-testing-src.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:713e894ad35fde716ffb0c6987737954fe82e5e0a9adf66eeea491c27c6eabff
size 4088066

3
xen-4.7.0-testing-src.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:d53bd33cf3e5fe1d7ac3145f6cc9a75829e1690fcc26ac9df113c212361dfcb7
size 4465808

15
xen-c99-fix.patch
View File

@ -1,15 +0,0 @@
--- xen-4.5.0-testing/tools/firmware/seabios-dir-remote/src/hw/usb-hid.h.orig 2015-03-12 10:49:39.606373644 +0000
+++ xen-4.5.0-testing/tools/firmware/seabios-dir-remote/src/hw/usb-hid.h 2015-03-12 10:49:55.481555672 +0000
@@ -4,10 +4,10 @@
// usb-hid.c
struct usbdevice_s;
int usb_hid_setup(struct usbdevice_s *usbdev);
-inline int usb_kbd_active(void);
-inline int usb_kbd_command(int command, u8 *param);
-inline int usb_mouse_active(void);
-inline int usb_mouse_command(int command, u8 *param);
+int usb_kbd_active(void);
+int usb_kbd_command(int command, u8 *param);
+int usb_mouse_active(void);
+int usb_mouse_command(int command, u8 *param);
void usb_check_event(void);

20
xen-destdir.patch
View File

@ -1,8 +1,8 @@
Index: xen-4.6.0-testing/tools/xenstore/Makefile
Index: xen-4.7.0-testing/tools/xenstore/Makefile
===================================================================
--- xen-4.6.0-testing.orig/tools/xenstore/Makefile
+++ xen-4.6.0-testing/tools/xenstore/Makefile
@@ -20,6 +20,7 @@ LDFLAGS += $(LDFLAGS-y)
--- xen-4.7.0-testing.orig/tools/xenstore/Makefile
+++ xen-4.7.0-testing/tools/xenstore/Makefile
@@ -21,6 +21,7 @@ LDFLAGS += $(LDFLAGS-y)
CLIENTS := xenstore-exists xenstore-list xenstore-read xenstore-rm xenstore-chmod
CLIENTS += xenstore-write xenstore-ls xenstore-watch
@ -10,7 +10,7 @@ Index: xen-4.6.0-testing/tools/xenstore/Makefile
XENSTORED_OBJS = xenstored_core.o xenstored_watch.o xenstored_domain.o xenstored_transaction.o xs_lib.o talloc.o utils.o tdb.o hashtable.o
@@ -58,7 +59,7 @@ endif
@@ -55,7 +56,7 @@ endif
all: $(ALL_TARGETS)
.PHONY: clients
@ -19,7 +19,7 @@ Index: xen-4.6.0-testing/tools/xenstore/Makefile
ifeq ($(CONFIG_SunOS),y)
xenstored_probes.h: xenstored_probes.d
@@ -86,6 +87,9 @@ xenstored.a: $(XENSTORED_OBJS)
@@ -80,6 +81,9 @@ xenstored.a: $(XENSTORED_OBJS)
$(CLIENTS): xenstore
ln -f xenstore $@
@ -29,7 +29,7 @@ Index: xen-4.6.0-testing/tools/xenstore/Makefile
xenstore: xenstore_client.o $(LIBXENSTORE)
$(CC) $< $(LDFLAGS) $(LDLIBS_libxenstore) $(SOCKET_LIBS) -o $@ $(APPEND_LDFLAGS)
@@ -113,7 +117,7 @@ clean:
@@ -107,7 +111,7 @@ clean:
rm -f *.a *.o *.opic *.so* xenstored_probes.h
rm -f xenstored xs_random xs_stress xs_crashme
rm -f xs_tdb_dump xenstore-control init-xenstore-domain
@ -38,7 +38,7 @@ Index: xen-4.6.0-testing/tools/xenstore/Makefile
$(RM) $(DEPS)
.PHONY: distclean
@@ -136,13 +140,17 @@ ifeq ($(XENSTORE_XENSTORED),y)
@@ -130,12 +134,16 @@ ifeq ($(XENSTORE_XENSTORED),y)
$(INSTALL_DIR) $(DESTDIR)$(sbindir)
$(INSTALL_DIR) $(DESTDIR)$(XEN_LIB_STORED)
$(INSTALL_PROG) xenstored $(DESTDIR)$(sbindir)
@ -49,11 +49,9 @@ Index: xen-4.6.0-testing/tools/xenstore/Makefile
set -e ; for c in $(CLIENTS) ; do \
ln -f $(DESTDIR)$(bindir)/xenstore $(DESTDIR)$(bindir)/$${c} ; \
done
- $(INSTALL_DIR) $(DESTDIR)$(libdir)
+ for client in $(CLIENTS_DOMU); do \
+ $(INSTALL_PROG) $$client $(DESTDIR)$(bindir)/$${client/domu-}; \
+ done
+ $(INSTALL_DIR) $(DESTDIR)$(libdir)
$(INSTALL_DIR) $(DESTDIR)$(libdir)
$(INSTALL_SHLIB) libxenstore.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)
ln -sf libxenstore.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)/libxenstore.so.$(MAJOR)
ln -sf libxenstore.so.$(MAJOR) $(DESTDIR)$(libdir)/libxenstore.so

4
xen-utils-0.1.tar.bz2
View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:7c17e060de0b507ec0673f84dde727c6d583f781051981b75204e46f31704e14
size 6171
oid sha256:2d78844237d1148bedeaee6dd56a170a0f5ebcda45593fddff8128d3336c0792
size 6272

23
xen.build-compare.seabios.patch
View File

@ -1,23 +0,0 @@
Use stable strings to reduce build-compare noise.
---
tools/firmware/seabios-dir-remote/tools/buildversion.sh | 5 +++++
1 file changed, 5 insertions(+)
Index: xen-4.6.0-testing/tools/firmware/seabios-dir-remote/scripts/buildversion.sh
===================================================================
--- xen-4.6.0-testing.orig/tools/firmware/seabios-dir-remote/scripts/buildversion.sh
+++ xen-4.6.0-testing/tools/firmware/seabios-dir-remote/scripts/buildversion.sh
@@ -12,7 +12,12 @@ if [ -z "$BUILD_VERSION" ]; then
else
VERSION="?"
fi
- VERSION="${VERSION}-`date +"%Y%m%d_%H%M%S"`-`hostname`"
+ if test -n "${SEABIOS_DATE}"
+ then
+ VERSION="${SEABIOS_DATE}"
+ else
+ VERSION="${VERSION}-`date +"%Y%m%d_%H%M%S"`-`hostname`"
+ fi
else
VERSION="$BUILD_VERSION"
fi

181
xen.changes
View File

@ -1,3 +1,184 @@
-------------------------------------------------------------------
Thu Jun 9 11:10:33 MDT 2016 - carnold@suse.com
- bsc#983984 - VUL-0: CVE-2016-5338: xen: qemu: scsi: esp: OOB r/w
access while processing ESP_FIFO
CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch
- bsc#982960 - VUL-0: CVE-2016-5238: xen: qemu: scsi: esp: OOB
write when using non-DMA mode in get_cmd
CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch
-------------------------------------------------------------------
Tue Jun 7 08:05:09 MDT 2016 - carnold@suse.com
- fate#319989 - Update to Xen 4.7 RC5
xen-4.7.0-testing-src.tar.bz2
-------------------------------------------------------------------
Tue May 25 08:54:54 MDT 2016 - carnold@suse.com
- fate#319989 - Update to Xen 4.7 RC4
xen-4.7.0-testing-src.tar.bz2
- Dropped
xen.pkgconfig-4.7.patch
xsa164.patch
-------------------------------------------------------------------
Mon May 23 15:24:35 MDT 2016 - carnold@suse.com
- bsc#981264 - VUL-0: CVE-2014-3672: xen: Unrestricted qemu logging
(XSA-180)
CVE-2014-3672-qemut-xsa180.patch
-------------------------------------------------------------------
Thu May 19 10:46:53 MDT 2016 - carnold@suse.com
- bsc#980724 - VUL-0: CVE-2016-4441: Qemu: scsi: esp: OOB write
while writing to 's->cmdbuf' in get_cmd
CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch
- bsc#980716 - VUL-0: CVE-2016-4439: xen: scsi: esp: OOB write
while writing to 's->cmdbuf' in esp_reg_write
CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch
-------------------------------------------------------------------
Tue May 17 10:16:47 MDT 2016 - carnold@suse.com
- fate#319989 - Update to Xen 4.7 RC3
xen-4.7.0-testing-src.tar.bz2
- Dropped
libxl-remove-cdrom-cachemode.patch
x86-PoD-only-reclaim-if-needed.patch
gcc6-warnings-as-errors.patch
-------------------------------------------------------------------
Wed May 11 16:55:23 MDT 2016 - carnold@suse.com
- bsc#954872 - script block-dmmd not working as expected - libxl:
error: libxl_dm.c (another modification)
block-dmmd
-------------------------------------------------------------------
Tue May 10 14:39:00 MDT 2016 - carnold@suse.com
- fate#319989 - Update to Xen 4.7 RC2
xen-4.7.0-testing-src.tar.bz2
-------------------------------------------------------------------
Tue May 10 11:06:56 MDT 2016 - carnold@suse.com
- bsc#961600 - L3: poor performance when Xen HVM domU configured
with max memory > current memory
x86-PoD-only-reclaim-if-needed.patch
-------------------------------------------------------------------
Fri May 6 11:47:24 UTC 2016 - ohering@suse.de
- Mark SONAMEs and pkgconfig as xen 4.7
xen.pkgconfig-4.7.patch
-------------------------------------------------------------------
Tue May 3 17:25:08 UTC 2016 - jfehlig@suse.com
- bsc#977329 - Xen: Cannot boot HVM guests with empty cdrom
libxl-remove-cdrom-cachemode.patch
-------------------------------------------------------------------
Tue May 3 08:25:27 MDT 2016 - carnold@suse.com
- fate#319989 - Update to Xen 4.7 RC1
xen-4.7.0-testing-src.tar.bz2
-------------------------------------------------------------------
Tue May 3 13:48:59 UTC 2016 - ohering@suse.de
- fate#316614: set migration constraints from cmdline
restore libxl.set-migration-constraints-from-cmdline.patch
-------------------------------------------------------------------
Tue May 3 11:49:31 UTC 2016 - ohering@suse.de
- Remove obsolete patch for xen-kmp
magic_ioport_compat.patch
-------------------------------------------------------------------
Tue May 3 07:31:28 UTC 2016 - ohering@suse.de
- fate#316613: update to v12
libxl.pvscsi.patch
-------------------------------------------------------------------
Fri Apr 29 16:50:33 MDT 2016 - carnold@suse.com
- Update to the latest Xen 4.7 pre-release c2994f86 (fate#319989)
Drop libxl.migrate-legacy-stream-read.patch
-------------------------------------------------------------------
Fri Apr 15 09:22:31 UTC 2016 - ohering@suse.de
- bnc#972756 - Can't migrate HVM guest from SLES12SP1 Xen host
to SLES12SP2 Alpha 1 host using xl migrate
libxl.migrate-legacy-stream-read.patch
-------------------------------------------------------------------
Fri Apr 1 20:14:38 UTC 2016 - jfehlig@suse.com
- Add patches from proposed upstream series to load BIOS's from
the toolstack instead of embedding in hvmloader
http://lists.xenproject.org/archives/html/xen-devel/2016-03/msg01626.html
0001-libxc-Rework-extra-module-initialisation.patch,
0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch,
0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch,
0004-firmware-makefile-install-BIOS-blob.patch,
0005-libxl-Load-guest-BIOS-from-file.patch,
0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch,
0007-hvmloader-Grab-the-hvm_start_info-pointer.patch,
0008-hvmloader-Locate-the-BIOS-blob.patch,
0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch,
0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch,
0011-hvmloader-Load-OVMF-from-modules.patch,
0012-hvmloader-Specific-bios_load-function-required.patch,
0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch,
0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch
- Enable support for UEFI on x86_64 using the ovmf-x86_64-ms.bin
firmware from qemu-ovmf-x86_64. The firmware is preloaded with
Microsoft keys to more closely resemble firmware on real hardware
FATE#320490
-------------------------------------------------------------------
Fri Mar 25 14:46:11 MDT 2016 - carnold@suse.com
- fate#319989: Update to Xen 4.7 (pre-release)
xen-4.7.0-testing-src.tar.bz2
- Dropped:
xen-4.6.1-testing-src.tar.bz2
55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch
5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch
5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch
5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch
hotplug-Linux-block-performance-fix.patch
set-mtu-from-bridge-for-tap-interface.patch
xendomains-libvirtd-conflict.patch
xsa154.patch
xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch
xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch
xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch
xsa170.patch
-------------------------------------------------------------------
Tue Mar 22 21:48:06 UTC 2016 - jfehlig@suse.com
- Use system SeaBIOS instead of building/installing another one
FATE#320638
Dropped files:
seabios-dir-remote.tar.bz2
xen-c99-fix.patch
xen.build-compare.seabios.patch
-------------------------------------------------------------------
Wed Mar 16 23:33:01 UTC 2016 - jfehlig@suse.com
- spec: drop BuildRequires that were only needed for qemu-xen
-------------------------------------------------------------------
Fri Mar 4 16:11:02 MST 2016 - carnold@suse.com

80
xen.libxl.dmmd.patch
View File

@ -7,11 +7,11 @@ References: bsc#954872
tools/libxl/libxlu_disk_l.l | 2 ++
4 files changed, 37 insertions(+), 6 deletions(-)
Index: xen-4.6.1-testing/tools/libxl/libxl.c
Index: xen-4.7.0-testing/tools/libxl/libxl.c
===================================================================
--- xen-4.6.1-testing.orig/tools/libxl/libxl.c
+++ xen-4.6.1-testing/tools/libxl/libxl.c
@@ -2791,6 +2791,10 @@ static void device_disk_add(libxl__egc *
--- xen-4.7.0-testing.orig/tools/libxl/libxl.c
+++ xen-4.7.0-testing/tools/libxl/libxl.c
@@ -2522,6 +2522,10 @@ static void device_disk_add(libxl__egc *
/* now create a phy device to export the device to the guest */
goto do_backend_phy;
case LIBXL_DISK_BACKEND_QDISK:
@ -20,13 +20,13 @@ Index: xen-4.6.1-testing/tools/libxl/libxl.c
+ flexarray_append_pair(back, "script", script);
+ }
flexarray_append(back, "params");
flexarray_append(back, libxl__sprintf(gc, "%s:%s",
flexarray_append(back, GCSPRINTF("%s:%s",
libxl__device_disk_string_of_format(disk->format), disk->pdev_path));
Index: xen-4.6.1-testing/tools/libxl/libxl_device.c
Index: xen-4.7.0-testing/tools/libxl/libxl_device.c
===================================================================
--- xen-4.6.1-testing.orig/tools/libxl/libxl_device.c
+++ xen-4.6.1-testing/tools/libxl/libxl_device.c
@@ -235,7 +235,8 @@ static int disk_try_backend(disk_try_bac
--- xen-4.7.0-testing.orig/tools/libxl/libxl_device.c
+++ xen-4.7.0-testing/tools/libxl/libxl_device.c
@@ -293,7 +293,8 @@ static int disk_try_backend(disk_try_bac
return backend;
case LIBXL_DISK_BACKEND_QDISK:
@ -36,12 +36,12 @@ Index: xen-4.6.1-testing/tools/libxl/libxl_device.c
return backend;
default:
Index: xen-4.6.1-testing/tools/libxl/libxl_dm.c
Index: xen-4.7.0-testing/tools/libxl/libxl_dm.c
===================================================================
--- xen-4.6.1-testing.orig/tools/libxl/libxl_dm.c
+++ xen-4.6.1-testing/tools/libxl/libxl_dm.c
@@ -700,6 +700,30 @@ static char *dm_spice_options(libxl__gc
return opt;
--- xen-4.7.0-testing.orig/tools/libxl/libxl_dm.c
+++ xen-4.7.0-testing/tools/libxl/libxl_dm.c
@@ -903,6 +903,30 @@ static char *qemu_disk_ide_drive_string(
return drive;
}
+static void libxl__suse_node_to_path(libxl__gc *gc, int domid, const libxl_device_disk *dp, const char **pdev_path)
@ -71,43 +71,33 @@ Index: xen-4.6.1-testing/tools/libxl/libxl_dm.c
static int libxl__build_device_model_args_new(libxl__gc *gc,
const char *dm, int guest_domid,
const libxl_domain_config *guest_config,
@@ -1099,7 +1123,9 @@ static int libxl__build_device_model_arg
@@ -1326,9 +1350,11 @@ static int libxl__build_device_model_arg
libxl__device_disk_dev_number(disks[i].vdev, &disk, &part);
const char *format = qemu_disk_format_string(disks[i].format);
const char *format;
char *drive;
- const char *pdev_path;
+ const char *pdev_path = disks[i].pdev_path;
- const char *target_path = NULL;
+ const char *target_path = disks[i].pdev_path;
int colo_mode;
+ libxl__suse_node_to_path(gc, guest_domid, disks + i, &target_path);
+
+ libxl__suse_node_to_path(gc, guest_domid, disks + i, &pdev_path);
if (dev_number == -1) {
LIBXL__LOG(ctx, LIBXL__LOG_WARNING, "unable to determine"
@@ -1115,7 +1141,7 @@ static int libxl__build_device_model_arg
LOG(WARN, "unable to determine"" disk number for %s",
disks[i].vdev);
@@ -1369,7 +1395,7 @@ static int libxl__build_device_model_arg
* the bootloader path.
*/
if (disks[i].backend == LIBXL_DISK_BACKEND_TAP)
- target_path = libxl__blktap_devpath(gc, disks[i].pdev_path,
+ target_path = libxl__blktap_devpath(gc, target_path,
disks[i].format);
else
drive = libxl__sprintf
(gc, "file=%s,if=ide,index=%d,readonly=%s,media=cdrom,format=%s,cache=writeback,id=ide-%i",
- disks[i].pdev_path, disk, disks[i].readwrite ? "off" : "on", format, dev_number);
+ pdev_path, disk, disks[i].readwrite ? "off" : "on", format, dev_number);
} else {
if (disks[i].format == LIBXL_DISK_FORMAT_EMPTY) {
LIBXL__LOG(ctx, LIBXL__LOG_WARNING, "cannot support"
@@ -1131,10 +1157,8 @@ static int libxl__build_device_model_arg
if (disks[i].backend == LIBXL_DISK_BACKEND_TAP) {
format = qemu_disk_format_string(LIBXL_DISK_FORMAT_RAW);
- pdev_path = libxl__blktap_devpath(gc, disks[i].pdev_path,
+ pdev_path = libxl__blktap_devpath(gc, pdev_path,
disks[i].format);
- } else {
- pdev_path = disks[i].pdev_path;
}
/*
Index: xen-4.6.1-testing/tools/libxl/libxlu_disk_l.l
target_path = libxl__device_disk_find_local_path(gc,
Index: xen-4.7.0-testing/tools/libxl/libxlu_disk_l.l
===================================================================
--- xen-4.6.1-testing.orig/tools/libxl/libxlu_disk_l.l
+++ xen-4.6.1-testing/tools/libxl/libxlu_disk_l.l
@@ -209,6 +209,8 @@ target=.* { STRIP(','); SAVESTRING("targ
--- xen-4.7.0-testing.orig/tools/libxl/libxlu_disk_l.l
+++ xen-4.7.0-testing/tools/libxl/libxlu_disk_l.l
@@ -228,6 +228,8 @@ target=.* { STRIP(','); SAVESTRING("targ
free(newscript);
}

200
xen.spec
View File

@ -1,7 +1,7 @@
#
# spec file for package xen
#
# Copyright (c) 2016 SUSE LINUX Products GmbH, Nuernberg, Germany.
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -15,12 +15,13 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
# needssslcertforbuild
Name: xen
ExclusiveArch: %ix86 x86_64 %arm aarch64
%define changeset 31594
%define xen_build_dir xen-4.6.1-testing
%define xen_build_dir xen-4.7.0-testing
#
%define with_kmp 0
%define with_debug 0
@ -88,6 +89,10 @@ BuildRequires: libfdt1-devel
BuildRequires: dev86
%endif
#!BuildIgnore: gcc-PIE
# JWF: Until Anthony's series to load BIOS via toolstack is merged,
# autoconf is needed by autogen.sh.
# http://lists.xenproject.org/archives/html/xen-devel/2016-03/msg01626.html
BuildRequires: autoconf >= 2.67
BuildRequires: bison
BuildRequires: fdupes
BuildRequires: figlet
@ -99,13 +104,6 @@ BuildRequires: libpixman-1-0-devel
BuildRequires: libuuid-devel
BuildRequires: libxml2-devel
BuildRequires: libyajl-devel
%ifarch x86_64
%if 0%{?suse_version} > 1230
BuildRequires: libspice-server-devel
BuildRequires: spice-protocol-devel
BuildRequires: usbredir-devel
%endif
%endif
%if %{?with_qemu_traditional}0
BuildRequires: SDL-devel
BuildRequires: pciutils-devel
@ -162,15 +160,14 @@ BuildRequires: xorg-x11-util-devel
%endif
%endif
Version: 4.6.1_01
Version: 4.7.0_06
Release: 0
Summary: Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
License: GPL-2.0
Group: System/Kernel
Source0: xen-4.6.1-testing-src.tar.bz2
Source0: xen-4.7.0-testing-src.tar.bz2
Source1: stubdom.tar.bz2
Source2: qemu-xen-traditional-dir-remote.tar.bz2
Source4: seabios-dir-remote.tar.bz2
Source5: ipxe.tar.bz2
Source6: mini-os.tar.bz2
Source9: xen.changes
@ -201,16 +198,6 @@ Source57: xen-utils-0.1.tar.bz2
# For xen-libs
Source99: baselibs.conf
# Upstream patches
Patch1: 55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch
Patch2: 5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch
Patch3: 5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch
Patch4: 5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch
Patch154: xsa154.patch
Patch15501: xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch
Patch15502: xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch
Patch15503: xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch
Patch164: xsa164.patch
Patch170: xsa170.patch
# Upstream qemu-traditional patches
Patch250: VNC-Support-for-ExtendedKeyEvent-client-message.patch
Patch251: 0001-net-move-the-tap-buffer-into-TAPState.patch
@ -239,6 +226,11 @@ Patch273: CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-v
Patch274: CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
Patch275: CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch
Patch276: CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch
Patch277: CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch
Patch278: CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch
Patch279: CVE-2014-3672-qemut-xsa180.patch
Patch280: CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch
Patch281: CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch
# qemu-traditional patches that are not upstream
Patch350: blktap.patch
Patch351: cdrom-removable.patch
@ -273,9 +265,7 @@ Patch403: xl-conf-default-bridge.patch
# Needs to go upstream
Patch420: suspend_evtchn_lock.patch
Patch421: xenpaging.doc.patch
Patch422: xen-c99-fix.patch
Patch423: stubdom-have-iovec.patch
Patch424: hotplug-Linux-block-performance-fix.patch
Patch422: stubdom-have-iovec.patch
# Other bug fixes or features
Patch451: xenconsole-no-multiple-connections.patch
Patch452: hibernate.patch
@ -283,26 +273,38 @@ Patch453: stdvga-cache.patch
Patch454: ipxe-enable-nics.patch
Patch455: pygrub-netware-xnloader.patch
Patch456: pygrub-boot-legacy-sles.patch
Patch457: set-mtu-from-bridge-for-tap-interface.patch
Patch458: aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch
Patch459: xendomains-libvirtd-conflict.patch
Patch460: CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch
Patch461: libxl.pvscsi.patch
Patch462: xen.libxl.dmmd.patch
Patch463: libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch
Patch464: blktap2-no-uninit.patch
Patch457: aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch
Patch458: CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch
Patch459: libxl.pvscsi.patch
Patch460: xen.libxl.dmmd.patch
Patch461: libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch
Patch462: blktap2-no-uninit.patch
Patch463: libxl.set-migration-constraints-from-cmdline.patch
# Hypervisor and PV driver Patches
Patch501: x86-ioapic-ack-default.patch
Patch502: x86-cpufreq-report.patch
Patch520: xen_pvonhvm.xen_emul_unplug.patch
Patch521: supported_module.patch
Patch522: magic_ioport_compat.patch
Patch601: xen.build-compare.doc_html.patch
Patch602: xen.build-compare.seabios.patch
Patch603: xen.build-compare.man.patch
Patch604: ipxe-no-error-logical-not-parentheses.patch
Patch605: ipxe-use-rpm-opt-flags.patch
Patch606: gcc6-warnings-as-errors.patch
Patch602: xen.build-compare.man.patch
Patch603: ipxe-no-error-logical-not-parentheses.patch
Patch604: ipxe-use-rpm-opt-flags.patch
# Anthony's "load BIOS via toolstack" patches
# http://lists.xenproject.org/archives/html/xen-devel/2016-03/msg01626.html
Patch700: 0001-libxc-Rework-extra-module-initialisation.patch
Patch701: 0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch
Patch702: 0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch
Patch703: 0004-firmware-makefile-install-BIOS-blob.patch
Patch704: 0005-libxl-Load-guest-BIOS-from-file.patch
Patch705: 0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch
Patch706: 0007-hvmloader-Grab-the-hvm_start_info-pointer.patch
Patch707: 0008-hvmloader-Locate-the-BIOS-blob.patch
Patch708: 0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch
Patch709: 0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch
Patch710: 0011-hvmloader-Load-OVMF-from-modules.patch
Patch711: 0012-hvmloader-Specific-bios_load-function-required.patch
Patch712: 0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch
Patch713: 0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch
# Build patches
Patch99996: xen.stubdom.newlib.patch
Patch99998: tmp_build.patch
@ -393,6 +395,7 @@ Requires: bridge-utils
%if %suse_version >= 1315
Requires: grub2-x86_64-xen
%endif
Requires: qemu-ovmf-x86_64
Requires: qemu-x86
%endif
%ifarch %arm aarch64
@ -405,6 +408,7 @@ Requires: python-lxml
Requires: python-openssl
Requires: python-pam
Requires: python-xml
Requires: qemu-seabios
Requires: xen-libs = %{version}
# subpackage existed in 10.3
Provides: xen-tools-ioemu = %{version}
@ -511,18 +515,8 @@ Authors:
%endif
%prep
%setup -q -n %xen_build_dir -a 1 -a 2 -a 4 -a 5 -a 6 -a 57
%setup -q -n %xen_build_dir -a 1 -a 2 -a 5 -a 6 -a 57
# Upstream patches
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch154 -p1
%patch15501 -p1
%patch15502 -p1
%patch15503 -p1
%patch164 -p1
%patch170 -p1
# Upstream qemu patches
%patch250 -p1
%patch251 -p1
@ -551,6 +545,11 @@ Authors:
%patch274 -p1
%patch275 -p1
%patch276 -p1
%patch277 -p1
%patch278 -p1
%patch279 -p1
%patch280 -p1
%patch281 -p1
# Qemu traditional
%patch350 -p1
%patch351 -p1
@ -586,8 +585,6 @@ Authors:
%patch420 -p1
%patch421 -p1
%patch422 -p1
%patch423 -p1
%patch424 -p1
# Other bug fixes or features
%patch451 -p1
%patch452 -p1
@ -602,24 +599,40 @@ Authors:
%patch461 -p1
%patch462 -p1
%patch463 -p1
%patch464 -p1
# Hypervisor and PV driver Patches
%patch501 -p1
%patch502 -p1
%patch520 -p1
%patch521 -p1
%patch522 -p1
%patch601 -p1
%patch602 -p1
%patch603 -p1
%patch604 -p1
%patch605 -p1
%patch606 -p1
# Anthony's "load BIOS via toolstack" patches
# http://lists.xenproject.org/archives/html/xen-devel/2016-03/msg01626.html
%patch700 -p1
%patch701 -p1
%patch702 -p1
%patch703 -p1
%patch704 -p1
%patch705 -p1
%patch706 -p1
%patch707 -p1
%patch708 -p1
%patch709 -p1
%patch710 -p1
%patch711 -p1
%patch712 -p1
%patch713 -p1
# Build patches
%patch99996 -p1
%patch99998 -p1
%build
# JWF: Anthony's series to load BIOS from toolstack requires autogen.sh.
# http://lists.xenproject.org/archives/html/xen-devel/2016-03/msg01626.html
./autogen.sh
# we control the version info of this package
# to gain control of filename of xen.gz
XEN_VERSION=%{version}
@ -637,14 +650,12 @@ XEN_BUILD_DATE="`date -u -d '1970-01-01'`"
XEN_BUILD_TIME="`date -u -d '1970-01-01' +%%T`"
SMBIOS_DATE="`date -u -d '1970-01-01' +%%m/%%d/%%Y`"
RELDATE="`date -u -d '1970-01-01' '+%%d %%b %%Y'`"
SEABIOS_DATE="`date -u -d '1970-01-01' '+?-%%Y%%m%%d_%%H%%M%%S-buildhost'`"
if test -r %{S:9}
then
XEN_BUILD_DATE="` date -u -d \"$(sed -n '/@/{s/ - .*$//p;q}' %{S:9})\" `"
XEN_BUILD_TIME="` date -u -d \"$(sed -n '/@/{s/ - .*$//p;q}' %{S:9})\" +%%T`"
SMBIOS_DATE="` date -u -d \"$(sed -n '/@/{s/ - .*$//p;q}' %{S:9})\" +%%m/%%d/%%Y`"
RELDATE="` date -u -d \"$(sed -n '/@/{s/ - .*$//p;q}' %{S:9})\" '+%%d %%b %%Y'`"
SEABIOS_DATE="` date -u -d \"$(sed -n '/@/{s/ - .*$//p;q}' %{S:9})\" '+?-%%Y%%m%%d_%%H%%M%%S-buildhost'`"
fi
cat > .our_xenversion <<_EOV_
export WGET=$(type -P false)
@ -654,7 +665,6 @@ export EXTRA_CFLAGS_XEN_TOOLS="$RPM_OPT_FLAGS"
export EXTRA_CFLAGS_QEMU_TRADITIONAL="$RPM_OPT_FLAGS"
export SMBIOS_DATE="$SMBIOS_DATE"
export RELDATE="$RELDATE"
export SEABIOS_DATE="$SEABIOS_DATE"
XEN_VERSION=$XEN_VERSION
XEN_SUBVERSION=$XEN_SUBVERSION
XEN_EXTRAVERSION=$XEN_EXTRAVERSION
@ -713,6 +723,8 @@ configure_flags="${configure_flags} --disable-qemu-traditional"
%else
--disable-systemd \
%endif
--with-system-ovmf=%{_datadir}/qemu/ovmf-x86_64-ms.bin \
--with-system-seabios=%{_datadir}/qemu/bios-256k.bin \
--with-system-qemu=%{_bindir}/qemu-system-%{_arch} \
${configure_flags}
make -C tools/include/xen-foreign %{?_smp_mflags}
@ -957,6 +969,7 @@ rm -f $RPM_BUILD_ROOT/%{_bindir}/*store*
rm -f $RPM_BUILD_ROOT/%{_bindir}/*trace*
rm -f $RPM_BUILD_ROOT/%{_bindir}/xenalyze*
rm -f $RPM_BUILD_ROOT/%{_bindir}/xenco*
rm -f $RPM_BUILD_ROOT/%{_bindir}/xen-cpuid
rm -f $RPM_BUILD_ROOT/%{_bindir}/pygrub
rm -f $RPM_BUILD_ROOT/%{_bindir}/remus
rm -f $RPM_BUILD_ROOT/usr/etc/qemu/target-x86_64.conf
@ -991,6 +1004,9 @@ rm -f $RPM_BUILD_ROOT/usr/libexec/qemu-bridge-helper
#%endif
/usr/bin/xencov_split
/usr/bin/xentrace_format
%ifarch x86_64
/usr/bin/xen-cpuid
%endif
/usr/sbin/tap*
/usr/sbin/xenbaked
/usr/sbin/xenconsoled
@ -1014,6 +1030,12 @@ rm -f $RPM_BUILD_ROOT/usr/libexec/qemu-bridge-helper
/usr/sbin/td-util
/usr/sbin/vhd-update
/usr/sbin/vhd-util
/usr/sbin/flask-get-bool
/usr/sbin/flask-getenforce
/usr/sbin/flask-label-pci
/usr/sbin/flask-loadpolicy
/usr/sbin/flask-set-bool
/usr/sbin/flask-setenforce
%if %{?with_gdbsx}0
/usr/sbin/gdbsx
%endif
@ -1029,6 +1051,7 @@ rm -f $RPM_BUILD_ROOT/usr/libexec/qemu-bridge-helper
/usr/sbin/xen-list
/usr/sbin/xen-destroy
/usr/sbin/xen-bugtool
/usr/sbin/xen-livepatch
%dir %attr(700,root,root) /etc/xen
%dir /etc/xen/scripts
%if %{?with_qemu_traditional}0
@ -1047,6 +1070,7 @@ rm -f $RPM_BUILD_ROOT/usr/libexec/qemu-bridge-helper
/etc/xen/scripts/xen-hotplug-*
/etc/xen/scripts/xen-network-common.sh
/etc/xen/scripts/xen-script-common.sh
/etc/xen/scripts/colo-proxy-setup
%{_libexecdir}/xen
/var/adm/fillup-templates/sysconfig.pciback
/var/adm/fillup-templates/sysconfig.xencommons
@ -1118,6 +1142,48 @@ rm -f $RPM_BUILD_ROOT/usr/libexec/qemu-bridge-helper
%{_mandir}/man8/*.8.gz
%{_mandir}/man1/xen-list.1.gz
%if %{?with_oxenstored}0
/usr/sbin/oxenstored
/etc/xen/oxenstored.conf
%dir %{_libdir}/ocaml
%dir %{_libdir}/ocaml/xenbus
%dir %{_libdir}/ocaml/xenctrl
%dir %{_libdir}/ocaml/xeneventchn
%dir %{_libdir}/ocaml/xenlight
%dir %{_libdir}/ocaml/xenmmap
%dir %{_libdir}/ocaml/xenstore
%dir %{_libdir}/ocaml/xentoollog
%{_libdir}/ocaml/xenbus/META
%{_libdir}/ocaml/xenbus/*.so
%{_libdir}/ocaml/xenbus/*.cma
%{_libdir}/ocaml/xenbus/*.cmi
%{_libdir}/ocaml/xenbus/*.cmo
%{_libdir}/ocaml/xenctrl/META
%{_libdir}/ocaml/xenctrl/*.so
%{_libdir}/ocaml/xenctrl/*.cma
%{_libdir}/ocaml/xenctrl/*.cmi
%{_libdir}/ocaml/xeneventchn/META
%{_libdir}/ocaml/xeneventchn/*.so
%{_libdir}/ocaml/xeneventchn/*.cma
%{_libdir}/ocaml/xeneventchn/*.cmi
%{_libdir}/ocaml/xenlight/META
%{_libdir}/ocaml/xenlight/*.so
%{_libdir}/ocaml/xenlight/*.cma
%{_libdir}/ocaml/xenlight/*.cmi
%{_libdir}/ocaml/xenmmap/META
%{_libdir}/ocaml/xenmmap/*.so
%{_libdir}/ocaml/xenmmap/*.cma
%{_libdir}/ocaml/xenmmap/*.cmi
%{_libdir}/ocaml/xenstore/META
%{_libdir}/ocaml/xenstore/*.cma
%{_libdir}/ocaml/xenstore/*.cmi
%{_libdir}/ocaml/xenstore/*.cmo
%{_libdir}/ocaml/xentoollog/META
%{_libdir}/ocaml/xentoollog/*.so
%{_libdir}/ocaml/xentoollog/*.cma
%{_libdir}/ocaml/xentoollog/*.cmi
%endif
# with_dom0_support
%endif
@ -1133,6 +1199,22 @@ rm -f $RPM_BUILD_ROOT/usr/libexec/qemu-bridge-helper
%defattr(-,root,root)
%{_libdir}/*.a
%{_libdir}/*.so
%if %{?with_oxenstored}0
%{_libdir}/ocaml/xenbus/*.a
%{_libdir}/ocaml/xenbus/*.cmx*
%{_libdir}/ocaml/xenctrl/*.a
%{_libdir}/ocaml/xenctrl/*.cmx*
%{_libdir}/ocaml/xeneventchn/*.a
%{_libdir}/ocaml/xeneventchn/*.cmx*
%{_libdir}/ocaml/xenlight/*.a
%{_libdir}/ocaml/xenlight/*.cmx*
%{_libdir}/ocaml/xenmmap/*.a
%{_libdir}/ocaml/xenmmap/*.cmx*
%{_libdir}/ocaml/xenstore/*.a
%{_libdir}/ocaml/xenstore/*.cmx*
%{_libdir}/ocaml/xentoollog/*.a
%{_libdir}/ocaml/xentoollog/*.cmx*
%endif
/usr/include/*
%{_datadir}/pkgconfig/xenlight.pc
%{_datadir}/pkgconfig/xlutil.pc

14
xen.stubdom.newlib.patch
View File

@ -24,10 +24,10 @@ E: xen no-return-in-nonvoid-function ../../../../newlib-1.16.0/libgloss/i386/cyg
Signed-off-by: Olaf Hering <olaf@aepfle.de>
Index: xen-4.6.0-testing/stubdom/Makefile
Index: xen-4.7.0-testing/stubdom/Makefile
===================================================================
--- xen-4.6.0-testing.orig/stubdom/Makefile
+++ xen-4.6.0-testing/stubdom/Makefile
--- xen-4.7.0-testing.orig/stubdom/Makefile
+++ xen-4.7.0-testing/stubdom/Makefile
@@ -80,6 +80,8 @@ newlib-$(NEWLIB_VERSION): newlib-$(NEWLI
patch -d $@ -p0 < newlib.patch
patch -d $@ -p0 < newlib-chk.patch
@ -37,10 +37,10 @@ Index: xen-4.6.0-testing/stubdom/Makefile
find $@ -type f | xargs perl -i.bak \
-pe 's/\b_(tzname|daylight|timezone)\b/$$1/g'
touch $@
Index: xen-4.6.0-testing/stubdom/newlib-cygmon-gmon.patch
Index: xen-4.7.0-testing/stubdom/newlib-cygmon-gmon.patch
===================================================================
--- /dev/null
+++ xen-4.6.0-testing/stubdom/newlib-cygmon-gmon.patch
+++ xen-4.7.0-testing/stubdom/newlib-cygmon-gmon.patch
@@ -0,0 +1,60 @@
+
+I: A function uses a 'return;' statement, but has actually a value
@ -102,10 +102,10 @@ Index: xen-4.6.0-testing/stubdom/newlib-cygmon-gmon.patch
+ moncontrol(mode)
+ int mode;
+ {
Index: xen-4.6.0-testing/stubdom/newlib-makedoc.patch
Index: xen-4.7.0-testing/stubdom/newlib-makedoc.patch
===================================================================
--- /dev/null
+++ xen-4.6.0-testing/stubdom/newlib-makedoc.patch
+++ xen-4.7.0-testing/stubdom/newlib-makedoc.patch
@@ -0,0 +1,10 @@
+--- newlib-1.16.0/newlib/doc/makedoc.c.orig 2015-04-08 11:56:39.283090914 +0200
++++ newlib-1.16.0/newlib/doc/makedoc.c 2015-04-08 11:56:51.245227742 +0200

10
xen_pvonhvm.xen_emul_unplug.patch
View File

@ -9,11 +9,11 @@ what was requested. Kernel cmdline option is prefered over module option.
unmodified_drivers/linux-2.6/platform-pci/platform-pci.c | 15 +++++++++++++++
1 file changed, 15 insertions(+)
Index: xen-4.6.0-testing/unmodified_drivers/linux-2.6/platform-pci/platform-pci.c
Index: xen-4.7.0-testing/unmodified_drivers/linux-2.6/platform-pci/platform-pci.c
===================================================================
--- xen-4.6.0-testing.orig/unmodified_drivers/linux-2.6/platform-pci/platform-pci.c
+++ xen-4.6.0-testing/unmodified_drivers/linux-2.6/platform-pci/platform-pci.c
@@ -38,6 +38,9 @@
--- xen-4.7.0-testing.orig/unmodified_drivers/linux-2.6/platform-pci/platform-pci.c
+++ xen-4.7.0-testing/unmodified_drivers/linux-2.6/platform-pci/platform-pci.c
@@ -39,6 +39,9 @@
#include <xen/interface/hvm/params.h>
#include <xen/features.h>
#include <xen/evtchn.h>
@ -23,7 +23,7 @@ Index: xen-4.6.0-testing/unmodified_drivers/linux-2.6/platform-pci/platform-pci.
#ifdef __ia64__
#include <asm/xen/xencomm.h>
#endif
@@ -289,6 +292,18 @@ static int check_platform_magic(struct d
@@ -290,6 +293,18 @@ static int check_platform_magic(struct d
short magic, unplug = 0;
char protocol, *p, *q, *err;

10
xenconsole-no-multiple-connections.patch
View File

@ -1,8 +1,8 @@
Index: xen-4.6.0-testing/tools/console/client/main.c
Index: xen-4.7.0-testing/tools/console/client/main.c
===================================================================
--- xen-4.6.0-testing.orig/tools/console/client/main.c
+++ xen-4.6.0-testing/tools/console/client/main.c
@@ -99,6 +99,7 @@ static int get_pty_fd(struct xs_handle *
--- xen-4.7.0-testing.orig/tools/console/client/main.c
+++ xen-4.7.0-testing/tools/console/client/main.c
@@ -100,6 +100,7 @@ static int get_pty_fd(struct xs_handle *
* Assumes there is already a watch set in the store for this path. */
{
struct timeval tv;
@ -10,7 +10,7 @@ Index: xen-4.6.0-testing/tools/console/client/main.c
fd_set watch_fdset;
int xs_fd = xs_fileno(xs), pty_fd = -1;
int start, now;
@@ -122,6 +123,14 @@ static int get_pty_fd(struct xs_handle *
@@ -123,6 +124,14 @@ static int get_pty_fd(struct xs_handle *
pty_fd = open(pty_path, O_RDWR | O_NOCTTY);
if (pty_fd == -1)
warn("Could not open tty `%s'", pty_path);

20
xendomains-libvirtd-conflict.patch
View File

@ -1,20 +0,0 @@
xendomains conflicts with libvirtd (bnc#937371)
It saves domains without telling libvirt
It restores domains without telling libvirt
---
tools/hotplug/Linux/systemd/xendomains.service.in | 1 +
1 file changed, 1 insertion(+)
Index: xen-4.5.1-testing/tools/hotplug/Linux/systemd/xendomains.service.in
===================================================================
--- xen-4.5.1-testing.orig/tools/hotplug/Linux/systemd/xendomains.service.in
+++ xen-4.5.1-testing/tools/hotplug/Linux/systemd/xendomains.service.in
@@ -5,6 +5,7 @@ After=proc-xen.mount xenstored.service x
After=network-online.target
After=remote-fs.target
ConditionPathExists=/proc/xen/capabilities
+Conflicts=libvirtd.service
[Service]
Type=oneshot

377
xsa154.patch
View File

@ -1,377 +0,0 @@
References: bsc#965315 - CVE-2016-2270 XSA-154
x86: enforce consistent cachability of MMIO mappings
We've been told by Intel that inconsistent cachability between
multiple mappings of the same page can affect system stability only
when the affected page is an MMIO one. Since the stale data issue is
of no relevance to the hypervisor (since all guest memory accesses go
through proper accessors and validation), handling of RAM pages
remains unchanged here. Any MMIO mapped by domains however needs to be
done consistently (all cachable mappings or all uncachable ones), in
order to avoid Machine Check exceptions. Since converting existing
cachable mappings to uncachable (at the time an uncachable mapping
gets established) would in the PV case require tracking all mappings,
allow MMIO to only get mapped uncachable (UC, UC-, or WC).
This also implies that in the PV case we mustn't use the L1 PTE update
fast path when cachability flags get altered.
Since in the HVM case at least for now we want to continue honoring
pinned cachability attributes for pages not mapped by the hypervisor,
special case handling of r/o MMIO pages (forcing UC) gets added there.
Arguably the counterpart change to p2m-pt.c may not be necessary, since
UC- (which already gets enforced there) is probably strict enough.
Note that the shadow code changes include fixing the write protection
of r/o MMIO ranges: shadow_l1e_remove_flags() and its siblings, other
than l1e_remove_flags() and alike, return the new PTE (and hence
ignoring their return values makes them no-ops).
This is CVE-2016-2270 / XSA-154.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Andrew Cooper <andrew.cooper3@citrix.com>
Index: xen-4.6.1-testing/docs/misc/xen-command-line.markdown
===================================================================
--- xen-4.6.1-testing.orig/docs/misc/xen-command-line.markdown
+++ xen-4.6.1-testing/docs/misc/xen-command-line.markdown
@@ -1080,6 +1080,15 @@ limit is ignored by Xen.
Specify if the MMConfig space should be enabled.
+### mmio-relax
+> `= <boolean> | all`
+
+> Default: `false`
+
+By default, domains may not create cached mappings to MMIO regions.
+This option relaxes the check for Domain 0 (or when using `all`, all PV
+domains), to permit the use of cacheable MMIO mappings.
+
### msi
> `= <boolean>`
Index: xen-4.6.1-testing/xen/arch/x86/hvm/mtrr.c
===================================================================
--- xen-4.6.1-testing.orig/xen/arch/x86/hvm/mtrr.c
+++ xen-4.6.1-testing/xen/arch/x86/hvm/mtrr.c
@@ -807,8 +807,17 @@ int epte_get_entry_emt(struct domain *d,
if ( v->domain != d )
v = d->vcpu ? d->vcpu[0] : NULL;
- if ( !mfn_valid(mfn_x(mfn)) )
+ if ( !mfn_valid(mfn_x(mfn)) ||
+ rangeset_contains_range(mmio_ro_ranges, mfn_x(mfn),
+ mfn_x(mfn) + (1UL << order) - 1) )
+ {
+ *ipat = 1;
return MTRR_TYPE_UNCACHABLE;
+ }
+
+ if ( rangeset_overlaps_range(mmio_ro_ranges, mfn_x(mfn),
+ mfn_x(mfn) + (1UL << order) - 1) )
+ return -1;
switch ( hvm_get_mem_pinned_cacheattr(d, gfn, order, &type) )
{
Index: xen-4.6.1-testing/xen/arch/x86/mm/p2m-pt.c
===================================================================
--- xen-4.6.1-testing.orig/xen/arch/x86/mm/p2m-pt.c
+++ xen-4.6.1-testing/xen/arch/x86/mm/p2m-pt.c
@@ -107,6 +107,8 @@ static unsigned long p2m_type_to_flags(p
case p2m_mmio_direct:
if ( !rangeset_contains_singleton(mmio_ro_ranges, mfn_x(mfn)) )
flags |= _PAGE_RW;
+ else
+ flags |= _PAGE_PWT;
return flags | P2M_BASE_FLAGS | _PAGE_PCD;
}
}
Index: xen-4.6.1-testing/xen/arch/x86/mm/shadow/multi.c
===================================================================
--- xen-4.6.1-testing.orig/xen/arch/x86/mm/shadow/multi.c
+++ xen-4.6.1-testing/xen/arch/x86/mm/shadow/multi.c
@@ -519,6 +519,7 @@ _sh_propagate(struct vcpu *v,
gfn_t target_gfn = guest_l1e_get_gfn(guest_entry);
u32 pass_thru_flags;
u32 gflags, sflags;
+ bool_t mmio_mfn;
/* We don't shadow PAE l3s */
ASSERT(GUEST_PAGING_LEVELS > 3 || level != 3);
@@ -559,7 +560,10 @@ _sh_propagate(struct vcpu *v,
// mfn means that we can not usefully shadow anything, and so we
// return early.
//
- if ( !mfn_valid(target_mfn)
+ mmio_mfn = !mfn_valid(target_mfn)
+ || (level == 1
+ && page_get_owner(mfn_to_page(target_mfn)) == dom_io);
+ if ( mmio_mfn
&& !(level == 1 && (!shadow_mode_refcounts(d)
|| p2mt == p2m_mmio_direct)) )
{
@@ -577,7 +581,7 @@ _sh_propagate(struct vcpu *v,
_PAGE_RW | _PAGE_PRESENT);
if ( guest_supports_nx(v) )
pass_thru_flags |= _PAGE_NX_BIT;
- if ( !shadow_mode_refcounts(d) && !mfn_valid(target_mfn) )
+ if ( level == 1 && !shadow_mode_refcounts(d) && mmio_mfn )
pass_thru_flags |= _PAGE_PAT | _PAGE_PCD | _PAGE_PWT;
sflags = gflags & pass_thru_flags;
@@ -676,10 +680,14 @@ _sh_propagate(struct vcpu *v,
}
/* Read-only memory */
- if ( p2m_is_readonly(p2mt) ||
- (p2mt == p2m_mmio_direct &&
- rangeset_contains_singleton(mmio_ro_ranges, mfn_x(target_mfn))) )
+ if ( p2m_is_readonly(p2mt) )
sflags &= ~_PAGE_RW;
+ else if ( p2mt == p2m_mmio_direct &&
+ rangeset_contains_singleton(mmio_ro_ranges, mfn_x(target_mfn)) )
+ {
+ sflags &= ~(_PAGE_RW | _PAGE_PAT);
+ sflags |= _PAGE_PCD | _PAGE_PWT;
+ }
// protect guest page tables
//
@@ -1185,22 +1193,28 @@ static int shadow_set_l1e(struct domain
&& !sh_l1e_is_magic(new_sl1e) )
{
/* About to install a new reference */
- if ( shadow_mode_refcounts(d) ) {
+ if ( shadow_mode_refcounts(d) )
+ {
+#define PAGE_FLIPPABLE (_PAGE_RW | _PAGE_PWT | _PAGE_PCD | _PAGE_PAT)
+ int rc;
+
TRACE_SHADOW_PATH_FLAG(TRCE_SFLAG_SHADOW_L1_GET_REF);
- switch ( shadow_get_page_from_l1e(new_sl1e, d, new_type) )
+ switch ( rc = shadow_get_page_from_l1e(new_sl1e, d, new_type) )
{
default:
/* Doesn't look like a pagetable. */
flags |= SHADOW_SET_ERROR;
new_sl1e = shadow_l1e_empty();
break;
- case 1:
- shadow_l1e_remove_flags(new_sl1e, _PAGE_RW);
+ case PAGE_FLIPPABLE & -PAGE_FLIPPABLE ... PAGE_FLIPPABLE:
+ ASSERT(!(rc & ~PAGE_FLIPPABLE));
+ new_sl1e = shadow_l1e_flip_flags(new_sl1e, rc);
/* fall through */
case 0:
shadow_vram_get_l1e(new_sl1e, sl1e, sl1mfn, d);
break;
}
+#undef PAGE_FLIPPABLE
}
}
Index: xen-4.6.1-testing/xen/arch/x86/mm/shadow/types.h
===================================================================
--- xen-4.6.1-testing.orig/xen/arch/x86/mm/shadow/types.h
+++ xen-4.6.1-testing/xen/arch/x86/mm/shadow/types.h
@@ -99,6 +99,9 @@ static inline u32 shadow_l4e_get_flags(s
static inline shadow_l1e_t
shadow_l1e_remove_flags(shadow_l1e_t sl1e, u32 flags)
{ l1e_remove_flags(sl1e, flags); return sl1e; }
+static inline shadow_l1e_t
+shadow_l1e_flip_flags(shadow_l1e_t sl1e, u32 flags)
+{ l1e_flip_flags(sl1e, flags); return sl1e; }
static inline shadow_l1e_t shadow_l1e_empty(void)
{ return l1e_empty(); }
Index: xen-4.6.1-testing/xen/include/asm-x86/page.h
===================================================================
--- xen-4.6.1-testing.orig/xen/include/asm-x86/page.h
+++ xen-4.6.1-testing/xen/include/asm-x86/page.h
@@ -157,6 +157,9 @@ static inline l4_pgentry_t l4e_from_padd
#define l3e_remove_flags(x, flags) ((x).l3 &= ~put_pte_flags(flags))
#define l4e_remove_flags(x, flags) ((x).l4 &= ~put_pte_flags(flags))
+/* Flip flags in an existing L1 PTE. */
+#define l1e_flip_flags(x, flags) ((x).l1 ^= put_pte_flags(flags))
+
/* Check if a pte's page mapping or significant access flags have changed. */
#define l1e_has_changed(x,y,flags) \
( !!(((x).l1 ^ (y).l1) & ((PADDR_MASK&PAGE_MASK)|put_pte_flags(flags))) )
Index: xen-4.6.1-testing/xen/arch/x86/mm.c
===================================================================
--- xen-4.6.1-testing.orig/xen/arch/x86/mm.c
+++ xen-4.6.1-testing/xen/arch/x86/mm.c
@@ -178,6 +178,18 @@ static uint32_t base_disallow_mask;
is_pv_domain(d)) ? \
L1_DISALLOW_MASK : (L1_DISALLOW_MASK & ~PAGE_CACHE_ATTRS))
+static s8 __read_mostly opt_mmio_relax;
+static void __init parse_mmio_relax(const char *s)
+{
+ if ( !*s )
+ opt_mmio_relax = 1;
+ else
+ opt_mmio_relax = parse_bool(s);
+ if ( opt_mmio_relax < 0 && strcmp(s, "all") )
+ opt_mmio_relax = 0;
+}
+custom_param("mmio-relax", parse_mmio_relax);
+
static void __init init_frametable_chunk(void *start, void *end)
{
unsigned long s = (unsigned long)start;
@@ -799,10 +811,7 @@ get_page_from_l1e(
if ( !mfn_valid(mfn) ||
(real_pg_owner = page_get_owner_and_reference(page)) == dom_io )
{
-#ifndef NDEBUG
- const unsigned long *ro_map;
- unsigned int seg, bdf;
-#endif
+ int flip = 0;
/* Only needed the reference to confirm dom_io ownership. */
if ( mfn_valid(mfn) )
@@ -836,24 +845,57 @@ get_page_from_l1e(
return -EINVAL;
}
- if ( !(l1f & _PAGE_RW) ||
- !rangeset_contains_singleton(mmio_ro_ranges, mfn) )
- return 0;
+ if ( !rangeset_contains_singleton(mmio_ro_ranges, mfn) )
+ {
+ /* MMIO pages must not be mapped cachable unless requested so. */
+ switch ( opt_mmio_relax )
+ {
+ case 0:
+ break;
+ case 1:
+ if ( !is_hardware_domain(l1e_owner) )
+ break;
+ /* fallthrough */
+ case -1:
+ return 0;
+ default:
+ ASSERT_UNREACHABLE();
+ }
+ }
+ else if ( l1f & _PAGE_RW )
+ {
#ifndef NDEBUG
- if ( !pci_mmcfg_decode(mfn, &seg, &bdf) ||
- ((ro_map = pci_get_ro_map(seg)) != NULL &&
- test_bit(bdf, ro_map)) )
- printk(XENLOG_G_WARNING
- "d%d: Forcing read-only access to MFN %lx\n",
- l1e_owner->domain_id, mfn);
- else
- rangeset_report_ranges(mmio_ro_ranges, 0, ~0UL,
- print_mmio_emul_range,
- &(struct mmio_emul_range_ctxt){
- .d = l1e_owner,
- .mfn = mfn });
+ const unsigned long *ro_map;
+ unsigned int seg, bdf;
+
+ if ( !pci_mmcfg_decode(mfn, &seg, &bdf) ||
+ ((ro_map = pci_get_ro_map(seg)) != NULL &&
+ test_bit(bdf, ro_map)) )
+ printk(XENLOG_G_WARNING
+ "d%d: Forcing read-only access to MFN %lx\n",
+ l1e_owner->domain_id, mfn);
+ else
+ rangeset_report_ranges(mmio_ro_ranges, 0, ~0UL,
+ print_mmio_emul_range,
+ &(struct mmio_emul_range_ctxt){
+ .d = l1e_owner,
+ .mfn = mfn });
#endif
- return 1;
+ flip = _PAGE_RW;
+ }
+
+ switch ( l1f & PAGE_CACHE_ATTRS )
+ {
+ case 0: /* WB */
+ flip |= _PAGE_PWT | _PAGE_PCD;
+ break;
+ case _PAGE_PWT: /* WT */
+ case _PAGE_PWT | _PAGE_PAT: /* WP */
+ flip |= _PAGE_PCD | (l1f & _PAGE_PAT);
+ break;
+ }
+
+ return flip;
}
if ( unlikely( (real_pg_owner != pg_owner) &&
@@ -1243,8 +1285,9 @@ static int alloc_l1_table(struct page_in
goto fail;
case 0:
break;
- case 1:
- l1e_remove_flags(pl1e[i], _PAGE_RW);
+ case _PAGE_RW ... _PAGE_RW | PAGE_CACHE_ATTRS:
+ ASSERT(!(ret & ~(_PAGE_RW | PAGE_CACHE_ATTRS)));
+ l1e_flip_flags(pl1e[i], ret);
break;
}
@@ -1759,8 +1802,9 @@ static int mod_l1_entry(l1_pgentry_t *pl
return -EINVAL;
}
- /* Fast path for identical mapping, r/w and presence. */
- if ( !l1e_has_changed(ol1e, nl1e, _PAGE_RW | _PAGE_PRESENT) )
+ /* Fast path for identical mapping, r/w, presence, and cachability. */
+ if ( !l1e_has_changed(ol1e, nl1e,
+ PAGE_CACHE_ATTRS | _PAGE_RW | _PAGE_PRESENT) )
{
adjust_guest_l1e(nl1e, pt_dom);
if ( UPDATE_ENTRY(l1, pl1e, ol1e, nl1e, gl1mfn, pt_vcpu,
@@ -1783,8 +1827,9 @@ static int mod_l1_entry(l1_pgentry_t *pl
return rc;
case 0:
break;
- case 1:
- l1e_remove_flags(nl1e, _PAGE_RW);
+ case _PAGE_RW ... _PAGE_RW | PAGE_CACHE_ATTRS:
+ ASSERT(!(rc & ~(_PAGE_RW | PAGE_CACHE_ATTRS)));
+ l1e_flip_flags(nl1e, rc);
rc = 0;
break;
}
@@ -5000,6 +5045,7 @@ static int ptwr_emulated_update(
l1_pgentry_t pte, ol1e, nl1e, *pl1e;
struct vcpu *v = current;
struct domain *d = v->domain;
+ int ret;
/* Only allow naturally-aligned stores within the original %cr2 page. */
if ( unlikely(((addr^ptwr_ctxt->cr2) & PAGE_MASK) || (addr & (bytes-1))) )
@@ -5047,7 +5093,7 @@ static int ptwr_emulated_update(
/* Check the new PTE. */
nl1e = l1e_from_intpte(val);
- switch ( get_page_from_l1e(nl1e, d, d) )
+ switch ( ret = get_page_from_l1e(nl1e, d, d) )
{
default:
if ( is_pv_32bit_domain(d) && (bytes == 4) && (unaligned_addr & 4) &&
@@ -5071,8 +5117,9 @@ static int ptwr_emulated_update(
break;
case 0:
break;
- case 1:
- l1e_remove_flags(nl1e, _PAGE_RW);
+ case _PAGE_RW ... _PAGE_RW | PAGE_CACHE_ATTRS:
+ ASSERT(!(ret & ~(_PAGE_RW | PAGE_CACHE_ATTRS)));
+ l1e_flip_flags(nl1e, ret);
break;
}

55
xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch
View File

@ -1,55 +0,0 @@
References: bsc#957988
From 12b11658a9d6a654a1e7acbf2f2d56ce9a396c86 Mon Sep 17 00:00:00 2001
From: David Vrabel <david.vrabel@citrix.com>
Date: Fri, 20 Nov 2015 11:59:05 -0500
Subject: [PATCH 1/3] xen: Add RING_COPY_REQUEST()
Using RING_GET_REQUEST() on a shared ring is easy to use incorrectly
(i.e., by not considering that the other end may alter the data in the
shared ring while it is being inspected). Safe usage of a request
generally requires taking a local copy.
Provide a RING_COPY_REQUEST() macro to use instead of
RING_GET_REQUEST() and an open-coded memcpy(). This takes care of
ensuring that the copy is done correctly regardless of any possible
compiler optimizations.
Use a volatile source to prevent the compiler from reordering or
omitting the copy.
This is part of XSA155.
Signed-off-by: David Vrabel <david.vrabel@citrix.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
---
v2: Add comment about GCC bug.
---
xen/include/public/io/ring.h | 14 ++++++++++++++
1 file changed, 14 insertions(+)
Index: xen-4.6.0-testing/xen/include/public/io/ring.h
===================================================================
--- xen-4.6.0-testing.orig/xen/include/public/io/ring.h
+++ xen-4.6.0-testing/xen/include/public/io/ring.h
@@ -212,6 +212,20 @@ typedef struct __name##_back_ring __name
#define RING_GET_REQUEST(_r, _idx) \
(&((_r)->sring->ring[((_idx) & (RING_SIZE(_r) - 1))].req))
+/*
+ * Get a local copy of a request.
+ *
+ * Use this in preference to RING_GET_REQUEST() so all processing is
+ * done on a local copy that cannot be modified by the other end.
+ *
+ * Note that https://gcc.gnu.org/bugzilla/show_bug.cgi?id=58145 may cause this
+ * to be ineffective where _req is a struct which consists of only bitfields.
+ */
+#define RING_COPY_REQUEST(_r, _idx, _req) do { \
+ /* Use volatile to force the copy into _req. */ \
+ *(_req) = *(volatile typeof(_req))RING_GET_REQUEST(_r, _idx); \
+} while (0)
+
#define RING_GET_RESPONSE(_r, _idx) \
(&((_r)->sring->ring[((_idx) & (RING_SIZE(_r) - 1))].rsp))

74
xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch
View File

@ -1,74 +0,0 @@
References: bsc#957988
From 851ffb4eea917e2708c912291dea4d133026c0ac Mon Sep 17 00:00:00 2001
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Fri, 20 Nov 2015 12:16:02 -0500
Subject: [PATCH 2/3] blktap2: Use RING_COPY_REQUEST
Instead of RING_GET_REQUEST. Using a local copy of the
ring (and also with proper memory barriers) will mean
we can do not have to worry about the compiler optimizing
the code and doing a double-fetch in the shared memory space.
This is part of XSA155.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
---
v2: Fix compile issues with tapdisk-vbd
---
tools/blktap2/drivers/block-log.c | 3 ++-
tools/blktap2/drivers/tapdisk-vbd.c | 8 ++++----
2 files changed, 6 insertions(+), 5 deletions(-)
Index: xen-4.6.0-testing/tools/blktap2/drivers/block-log.c
===================================================================
--- xen-4.6.0-testing.orig/tools/blktap2/drivers/block-log.c
+++ xen-4.6.0-testing/tools/blktap2/drivers/block-log.c
@@ -494,11 +494,12 @@ static int ctl_kick(struct tdlog_state*
reqstart = s->bring.req_cons;
reqend = s->sring->req_prod;
+ xen_mb();
BDPRINTF("ctl: ring kicked (start = %u, end = %u)", reqstart, reqend);
while (reqstart != reqend) {
/* XXX actually submit these! */
- memcpy(&req, RING_GET_REQUEST(&s->bring, reqstart), sizeof(req));
+ RING_COPY_REQUEST(&s->bring, reqstart, &req);
BDPRINTF("ctl: read request %"PRIu64":%u", req.sector, req.count);
s->bring.req_cons = ++reqstart;
Index: xen-4.6.0-testing/tools/blktap2/drivers/tapdisk-vbd.c
===================================================================
--- xen-4.6.0-testing.orig/tools/blktap2/drivers/tapdisk-vbd.c
+++ xen-4.6.0-testing/tools/blktap2/drivers/tapdisk-vbd.c
@@ -1555,7 +1555,7 @@ tapdisk_vbd_pull_ring_requests(td_vbd_t
int idx;
RING_IDX rp, rc;
td_ring_t *ring;
- blkif_request_t *req;
+ blkif_request_t req;
td_vbd_request_t *vreq;
ring = &vbd->ring;
@@ -1566,16 +1566,16 @@ tapdisk_vbd_pull_ring_requests(td_vbd_t
xen_rmb();
for (rc = ring->fe_ring.req_cons; rc != rp; rc++) {
- req = RING_GET_REQUEST(&ring->fe_ring, rc);
+ RING_COPY_REQUEST(&ring->fe_ring, rc, &req);
++ring->fe_ring.req_cons;
- idx = req->id;
+ idx = req.id;
vreq = &vbd->request_list[idx];
ASSERT(list_empty(&vreq->next));
ASSERT(vreq->secs_pending == 0);
- memcpy(&vreq->req, req, sizeof(blkif_request_t));
+ memcpy(&vreq->req, &req, sizeof(blkif_request_t));
vbd->received++;
vreq->vbd = vbd;

38
xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch
View File

@ -1,38 +0,0 @@
From c1fce65e2b720684ea6ba76ae59921542bd154bb Mon Sep 17 00:00:00 2001
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Fri, 20 Nov 2015 12:22:14 -0500
Subject: [PATCH 3/3] libvchan: Read prod/cons only once.
We must ensure that the prod/cons are only read once and that
the compiler won't try to optimize the reads. That is split
the read of these in multiple instructions influencing later
branch code. As such insert barriers when fetching the cons
and prod index.
This is part of XSA155.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
---
tools/libvchan/io.c | 2 ++
1 file changed, 2 insertions(+)
Index: xen-4.6.0-testing/tools/libvchan/io.c
===================================================================
--- xen-4.6.0-testing.orig/tools/libvchan/io.c
+++ xen-4.6.0-testing/tools/libvchan/io.c
@@ -117,6 +117,7 @@ static inline int send_notify(struct lib
static inline int raw_get_data_ready(struct libxenvchan *ctrl)
{
uint32_t ready = rd_prod(ctrl) - rd_cons(ctrl);
+ xen_mb(); /* Ensure 'ready' is read only once. */
if (ready > rd_ring_size(ctrl))
/* We have no way to return errors. Locking up the ring is
* better than the alternatives. */
@@ -158,6 +159,7 @@ int libxenvchan_data_ready(struct libxen
static inline int raw_get_buffer_space(struct libxenvchan *ctrl)
{
uint32_t ready = wr_ring_size(ctrl) - (wr_prod(ctrl) - wr_cons(ctrl));
+ xen_mb(); /* Ensure 'ready' is read only once. */
if (ready > wr_ring_size(ctrl))
/* We have no way to return errors. Locking up the ring is
* better than the alternatives. */

37
xsa164.patch
View File

@ -1,37 +0,0 @@
References: bsc#958007 XSA-164
MSI-X: avoid array overrun upon MSI-X table writes
pt_msix_init() allocates msix->msix_entry[] to just cover
msix->total_entries entries. While pci_msix_readl() resorts to reading
physical memory for out of bounds reads, pci_msix_writel() so far
simply accessed/corrupted unrelated memory.
pt_iomem_map()'s call to cpu_register_physical_memory() registers a
page granular region, which is necessary as the Pending Bit Array may
share space with the MSI-X table (but nothing else is allowed to). This
also explains why pci_msix_readl() actually honors out of bounds reads,
but pci_msi_writel() doesn't need to.
This is XSA-164.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/pt-msi.c
===================================================================
--- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/pt-msi.c
+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/hw/pt-msi.c
@@ -447,6 +447,13 @@ static void pci_msix_writel(void *opaque
return;
}
+ if ( addr - msix->mmio_base_addr >= msix->total_entries * 16 )
+ {
+ PT_LOG("Error: Out of bounds write to MSI-X table,"
+ " addr %016"PRIx64"\n", addr);
+ return;
+ }
+
entry_nr = (addr - msix->mmio_base_addr) / 16;
entry = &msix->msix_entry[entry_nr];
offset = ((addr - msix->mmio_base_addr) % 16) / 4;

83
xsa170.patch
View File

@ -1,83 +0,0 @@
References: bsc#965317 CVE-2016-2271 XSA-170
x86/VMX: sanitize rIP before re-entering guest
... to prevent guest user mode arranging for a guest crash (due to
failed VM entry). (On the AMD system I checked, hardware is doing
exactly the canonicalization being added here.)
Note that fixing this in an architecturally correct way would be quite
a bit more involved: Making the x86 instruction emulator check all
branch targets for validity, plus dealing with invalid rIP resulting
from update_guest_eip() or incoming directly during a VM exit. The only
way to get the latter right would be by not having hardware do the
injection.
Note further that there are a two early returns from
vmx_vmexit_handler(): One (through vmx_failed_vmentry()) leads to
domain_crash() anyway, and the other covers real mode only and can
neither occur with a non-canonical rIP nor result in an altered rIP,
so we don't need to force those paths through the checking logic.
This is XSA-170.
Reported-by: 刘令 <liuling-it@360.cn>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Tested-by: Andrew Cooper <andrew.cooper3@citrix.com>
Index: xen-4.6.1-testing/xen/arch/x86/hvm/vmx/vmx.c
===================================================================
--- xen-4.6.1-testing.orig/xen/arch/x86/hvm/vmx/vmx.c
+++ xen-4.6.1-testing/xen/arch/x86/hvm/vmx/vmx.c
@@ -2879,7 +2879,7 @@ static int vmx_handle_apic_write(void)
void vmx_vmexit_handler(struct cpu_user_regs *regs)
{
unsigned long exit_qualification, exit_reason, idtv_info, intr_info = 0;
- unsigned int vector = 0;
+ unsigned int vector = 0, mode;
struct vcpu *v = current;
__vmread(GUEST_RIP, &regs->rip);
@@ -3468,6 +3468,41 @@ void vmx_vmexit_handler(struct cpu_user_
out:
if ( nestedhvm_vcpu_in_guestmode(v) )
nvmx_idtv_handling();
+
+ /*
+ * VM entry will fail (causing the guest to get crashed) if rIP (and
+ * rFLAGS, but we don't have an issue there) doesn't meet certain
+ * criteria. As we must not allow less than fully privileged mode to have
+ * such an effect on the domain, we correct rIP in that case (accepting
+ * this not being architecturally correct behavior, as the injected #GP
+ * fault will then not see the correct [invalid] return address).
+ * And since we know the guest will crash, we crash it right away if it
+ * already is in most privileged mode.
+ */
+ mode = vmx_guest_x86_mode(v);
+ if ( mode == 8 ? !is_canonical_address(regs->rip)
+ : regs->rip != regs->_eip )
+ {
+ struct segment_register ss;
+
+ gprintk(XENLOG_WARNING, "Bad rIP %lx for mode %u\n", regs->rip, mode);
+
+ vmx_get_segment_register(v, x86_seg_ss, &ss);
+ if ( ss.attr.fields.dpl )
+ {
+ __vmread(VM_ENTRY_INTR_INFO, &intr_info);
+ if ( !(intr_info & INTR_INFO_VALID_MASK) )
+ hvm_inject_hw_exception(TRAP_gp_fault, 0);
+ /* Need to fix rIP nevertheless. */
+ if ( mode == 8 )
+ regs->rip = (long)(regs->rip << (64 - VADDR_BITS)) >>
+ (64 - VADDR_BITS);
+ else
+ regs->rip = regs->_eip;
+ }
+ else
+ domain_crash(v->domain);
+ }
}
void vmx_vmenter_helper(const struct cpu_user_regs *regs)