diff --git a/5347b524-evtchn-eliminate-64k-ports-limitation.patch b/5347b524-evtchn-eliminate-64k-ports-limitation.patch new file mode 100644 index 0000000..54fd6ce --- /dev/null +++ b/5347b524-evtchn-eliminate-64k-ports-limitation.patch @@ -0,0 +1,59 @@ +# Commit 8f7f6ab879a9ad9d2bf66b8c6b46a0653086b79f +# Date 2014-04-11 11:25:56 +0200 +# Author Jan Beulich +# Committer Jan Beulich +evtchn: eliminate 64k ports limitation + +The introduction of FIFO event channels claimed to support over 100k +ports, but failed to widen a number of 16-bit variables/operations. + +Signed-off-by: Jan Beulich +Reviewed-by: David Vrabel +Acked-by: Keir Fraser + +--- a/xen/common/event_channel.c ++++ b/xen/common/event_channel.c +@@ -275,12 +275,12 @@ static long evtchn_bind_interdomain(evtc + goto out; + + lchn->u.interdomain.remote_dom = rd; +- lchn->u.interdomain.remote_port = (u16)rport; ++ lchn->u.interdomain.remote_port = rport; + lchn->state = ECS_INTERDOMAIN; + evtchn_port_init(ld, lchn); + + rchn->u.interdomain.remote_dom = ld; +- rchn->u.interdomain.remote_port = (u16)lport; ++ rchn->u.interdomain.remote_port = lport; + rchn->state = ECS_INTERDOMAIN; + + /* +--- a/xen/include/xen/sched.h ++++ b/xen/include/xen/sched.h +@@ -86,13 +86,13 @@ struct evtchn + domid_t remote_domid; + } unbound; /* state == ECS_UNBOUND */ + struct { +- u16 remote_port; ++ evtchn_port_t remote_port; + struct domain *remote_dom; + } interdomain; /* state == ECS_INTERDOMAIN */ + struct { +- u16 irq; +- u16 next_port; +- u16 prev_port; ++ u32 irq; ++ evtchn_port_t next_port; ++ evtchn_port_t prev_port; + } pirq; /* state == ECS_PIRQ */ + u16 virq; /* state == ECS_VIRQ */ + } u; +@@ -190,7 +190,7 @@ struct vcpu + atomic_t pause_count; + + /* IRQ-safe virq_lock protects against delivering VIRQ to stale evtchn. */ +- u16 virq_to_evtchn[NR_VIRQS]; ++ evtchn_port_t virq_to_evtchn[NR_VIRQS]; + spinlock_t virq_lock; + + /* Bitmask of CPUs on which this VCPU may run. */ diff --git a/5370e03b-pygrub-fix-error-handling-if-no-valid-partitions-are-found.patch b/5370e03b-pygrub-fix-error-handling-if-no-valid-partitions-are-found.patch new file mode 100644 index 0000000..c7c09fe --- /dev/null +++ b/5370e03b-pygrub-fix-error-handling-if-no-valid-partitions-are-found.patch @@ -0,0 +1,40 @@ +Subject: tools/pygrub: Fix error handling if no valid partitions are found +From: Andrew Cooper andrew.cooper3@citrix.com Sat May 10 02:18:33 2014 +0100 +Date: Mon May 12 15:52:43 2014 +0100: +Git: d75215805ce6ed20b3807955fab6a7f7a3368bee + +If no partitions at all are found, pygrub never creates the name 'fs', +resulting in a NameError indicating the lack of fs, rather than a +RuntimeError explaining that no partitions were found. + +Set fs to None right at the start, and use the pythonic idiom "if fs is None:" +to protect against otherwise valid values for fs which compare equal to +0/False. + +Reported-by: Sven Köhler +Signed-off-by: Andrew Cooper +CC: Ian Campbell +Acked-by: Ian Jackson + +Index: xen-4.4.0-testing/tools/pygrub/src/pygrub +=================================================================== +--- xen-4.4.0-testing.orig/tools/pygrub/src/pygrub ++++ xen-4.4.0-testing/tools/pygrub/src/pygrub +@@ -760,7 +760,7 @@ if __name__ == "__main__": + usage() + sys.exit(1) + file = args[0] +- ++ fs = None + output = None + entry = None + interactive = True +@@ -882,7 +882,7 @@ if __name__ == "__main__": + sys.exit(0) + + # Did looping through partitions find us a kernel? +- if not fs: ++ if fs is None: + raise RuntimeError, "Unable to find partition containing kernel" + + bootcfg["kernel"] = copy_from_image(fs, chosencfg["kernel"], "kernel", diff --git a/53aac342-x86-HVM-consolidate-and-sanitize-CR4-guest-reserved-bit-determination.patch b/53aac342-x86-HVM-consolidate-and-sanitize-CR4-guest-reserved-bit-determination.patch new file mode 100644 index 0000000..2303331 --- /dev/null +++ b/53aac342-x86-HVM-consolidate-and-sanitize-CR4-guest-reserved-bit-determination.patch @@ -0,0 +1,165 @@ +# Commit dab11417da4e21f43625f4ebbb68158f07003d04 +# Date 2014-06-25 14:40:34 +0200 +# Author Jan Beulich +# Committer Jan Beulich +x86/HVM: consolidate and sanitize CR4 guest reserved bit determination + +First of all, this is needed by just a single source file, so it gets +moved there instead of getting fed to the compiler for most other +source files too. With that it becomes sensible for this to no longer +be a macro, allowing elimination of the mostly redundant helpers +hvm_vcpu_has_{smep,smap}(). And finally, following the model SMEP and +SMAP already used, tie the determination of reserved bits to the +features the guest is shown rather than the host's. + +Signed-off-by: Jan Beulich +Reviewed-by: Andrew Cooper + +--- a/xen/arch/x86/hvm/hvm.c ++++ b/xen/arch/x86/hvm/hvm.c +@@ -828,6 +828,73 @@ static bool_t hvm_efer_valid(struct doma + ((value & (EFER_LME|EFER_LMA)) == EFER_LMA)); + } + ++/* These reserved bits in lower 32 remain 0 after any load of CR0 */ ++#define HVM_CR0_GUEST_RESERVED_BITS \ ++ (~((unsigned long) \ ++ (X86_CR0_PE | X86_CR0_MP | X86_CR0_EM | \ ++ X86_CR0_TS | X86_CR0_ET | X86_CR0_NE | \ ++ X86_CR0_WP | X86_CR0_AM | X86_CR0_NW | \ ++ X86_CR0_CD | X86_CR0_PG))) ++ ++/* These bits in CR4 cannot be set by the guest. */ ++static unsigned long hvm_cr4_guest_reserved_bits(const struct vcpu *v, ++ bool_t restore) ++{ ++ unsigned int leaf1_ecx = 0, leaf1_edx = 0; ++ unsigned int leaf7_0_ebx = 0, leaf7_0_ecx = 0; ++ ++ if ( likely(!restore) ) ++ { ++ unsigned int level; ++ ++ ASSERT(v == current); ++ hvm_cpuid(0, &level, NULL, NULL, NULL); ++ if ( level >= 1 ) ++ hvm_cpuid(1, NULL, NULL, &leaf1_ecx, &leaf1_edx); ++ if ( level >= 7 ) ++ hvm_cpuid(7, NULL, &leaf7_0_ebx, &leaf7_0_ecx, NULL); ++ } ++ else ++ { ++ leaf1_edx = boot_cpu_data.x86_capability[X86_FEATURE_VME / 32]; ++ leaf1_ecx = boot_cpu_data.x86_capability[X86_FEATURE_PCID / 32]; ++ leaf7_0_ebx = boot_cpu_data.x86_capability[X86_FEATURE_FSGSBASE / 32]; ++ } ++ ++ return ~(unsigned long) ++ ((leaf1_edx & cpufeat_mask(X86_FEATURE_VME) ? ++ X86_CR4_VME | X86_CR4_PVI : 0) | ++ (leaf1_edx & cpufeat_mask(X86_FEATURE_TSC) ? ++ X86_CR4_TSD : 0) | ++ (leaf1_edx & cpufeat_mask(X86_FEATURE_DE) ? ++ X86_CR4_DE : 0) | ++ (leaf1_edx & cpufeat_mask(X86_FEATURE_PSE) ? ++ X86_CR4_PSE : 0) | ++ (leaf1_edx & cpufeat_mask(X86_FEATURE_PAE) ? ++ X86_CR4_PAE : 0) | ++ (leaf1_edx & (cpufeat_mask(X86_FEATURE_MCE) | ++ cpufeat_mask(X86_FEATURE_MCA)) ? ++ X86_CR4_MCE : 0) | ++ (leaf1_edx & cpufeat_mask(X86_FEATURE_PGE) ? ++ X86_CR4_PGE : 0) | ++ X86_CR4_PCE | ++ (leaf1_edx & cpufeat_mask(X86_FEATURE_FXSR) ? ++ X86_CR4_OSFXSR : 0) | ++ (leaf1_edx & cpufeat_mask(X86_FEATURE_XMM) ? ++ X86_CR4_OSXMMEXCPT : 0) | ++ ((restore || nestedhvm_enabled(v->domain)) && ++ (leaf1_ecx & cpufeat_mask(X86_FEATURE_VMXE)) ? ++ X86_CR4_VMXE : 0) | ++ (leaf7_0_ebx & cpufeat_mask(X86_FEATURE_FSGSBASE) ? ++ X86_CR4_FSGSBASE : 0) | ++ (leaf1_ecx & cpufeat_mask(X86_FEATURE_PCID) ? ++ X86_CR4_PCIDE : 0) | ++ (leaf1_ecx & cpufeat_mask(X86_FEATURE_XSAVE) ? ++ X86_CR4_OSXSAVE : 0) | ++ (leaf7_0_ebx & cpufeat_mask(X86_FEATURE_SMEP) ? ++ X86_CR4_SMEP : 0)); ++} ++ + static int hvm_load_cpu_ctxt(struct domain *d, hvm_domain_context_t *h) + { + int vcpuid; +@@ -858,7 +925,7 @@ static int hvm_load_cpu_ctxt(struct doma + return -EINVAL; + } + +- if ( ctxt.cr4 & HVM_CR4_GUEST_RESERVED_BITS(v, 1) ) ++ if ( ctxt.cr4 & hvm_cr4_guest_reserved_bits(v, 1) ) + { + printk(XENLOG_G_ERR "HVM%d restore: bad CR4 %#" PRIx64 "\n", + d->domain_id, ctxt.cr4); +@@ -1977,7 +2044,7 @@ int hvm_set_cr4(unsigned long value) + struct vcpu *v = current; + unsigned long old_cr; + +- if ( value & HVM_CR4_GUEST_RESERVED_BITS(v, 0) ) ++ if ( value & hvm_cr4_guest_reserved_bits(v, 0) ) + { + HVM_DBG_LOG(DBG_LEVEL_1, + "Guest attempts to set reserved bit in CR4: %lx", +--- a/xen/include/asm-x86/hvm/hvm.h ++++ b/xen/include/asm-x86/hvm/hvm.h +@@ -347,51 +347,10 @@ static inline int hvm_event_pending(stru + return hvm_funcs.event_pending(v); + } + +-static inline bool_t hvm_vcpu_has_smep(void) +-{ +- unsigned int eax, ebx; +- +- hvm_cpuid(0, &eax, NULL, NULL, NULL); +- +- if ( eax < 7 ) +- return 0; +- +- hvm_cpuid(7, NULL, &ebx, NULL, NULL); +- return !!(ebx & cpufeat_mask(X86_FEATURE_SMEP)); +-} +- +-/* These reserved bits in lower 32 remain 0 after any load of CR0 */ +-#define HVM_CR0_GUEST_RESERVED_BITS \ +- (~((unsigned long) \ +- (X86_CR0_PE | X86_CR0_MP | X86_CR0_EM | \ +- X86_CR0_TS | X86_CR0_ET | X86_CR0_NE | \ +- X86_CR0_WP | X86_CR0_AM | X86_CR0_NW | \ +- X86_CR0_CD | X86_CR0_PG))) +- + /* These bits in CR4 are owned by the host. */ + #define HVM_CR4_HOST_MASK (mmu_cr4_features & \ + (X86_CR4_VMXE | X86_CR4_PAE | X86_CR4_MCE)) + +-/* These bits in CR4 cannot be set by the guest. */ +-#define HVM_CR4_GUEST_RESERVED_BITS(v, restore) ({ \ +- const struct vcpu *_v = (v); \ +- bool_t _restore = !!(restore); \ +- ASSERT((_restore) || _v == current); \ +- (~((unsigned long) \ +- (X86_CR4_VME | X86_CR4_PVI | X86_CR4_TSD | \ +- X86_CR4_DE | X86_CR4_PSE | X86_CR4_PAE | \ +- X86_CR4_MCE | X86_CR4_PGE | X86_CR4_PCE | \ +- X86_CR4_OSFXSR | X86_CR4_OSXMMEXCPT | \ +- (((_restore) ? cpu_has_smep : \ +- hvm_vcpu_has_smep()) ? \ +- X86_CR4_SMEP : 0) | \ +- (cpu_has_fsgsbase ? X86_CR4_FSGSBASE : 0) | \ +- ((nestedhvm_enabled(_v->domain) && cpu_has_vmx) \ +- ? X86_CR4_VMXE : 0) | \ +- (cpu_has_pcid ? X86_CR4_PCIDE : 0) | \ +- (cpu_has_xsave ? X86_CR4_OSXSAVE : 0)))); \ +-}) +- + /* These exceptions must always be intercepted. */ + #define HVM_TRAP_MASK ((1U << TRAP_machine_check) | (1U << TRAP_invalid_op)) + diff --git a/53b16cd4-VT-d-ATS-correct-and-clean-up-dev_invalidate_iotlb.patch b/53b16cd4-VT-d-ATS-correct-and-clean-up-dev_invalidate_iotlb.patch new file mode 100644 index 0000000..d799b7d --- /dev/null +++ b/53b16cd4-VT-d-ATS-correct-and-clean-up-dev_invalidate_iotlb.patch @@ -0,0 +1,103 @@ +# Commit fd33987ba27607c3cc7da258cf1d86d21beeb735 +# Date 2014-06-30 15:57:40 +0200 +# Author Jan Beulich +# Committer Jan Beulich +VT-d/ATS: correct and clean up dev_invalidate_iotlb() + +While this was intended to only do cleanup (replace the two bogus +"ret |= " constructs, and a simple formatting correction), this now +also +- fixes the bit manipulations for size_order > 0 + a) correct an off-by-one in the use of size_order for shifting (till + now double the requested size got invalidated) + b) in fact setting bit 12 and up if necessary (without which too + small a region might have got invalidated) + c) making them capable of dealing with regions of 4Gb size and up +- corrects the return value handling, such that a later iteration's + success won't clear an earlier iteration's error indication +- uses PCI_BDF2() instead of open coding it +- bail immediately on bad passed in invalidation type, rather than + repeatedly printing the same message for each ATS-capable device, at + once also no longer hiding that failure from the caller + +Signed-off-by: Jan Beulich +Reviewed-by: Andrew Cooper +Acked-by: Yang Zhang + +--- a/xen/drivers/passthrough/vtd/x86/ats.c ++++ b/xen/drivers/passthrough/vtd/x86/ats.c +@@ -110,21 +110,23 @@ int dev_invalidate_iotlb(struct iommu *i + u64 addr, unsigned int size_order, u64 type) + { + struct pci_ats_dev *pdev; +- int sbit, ret = 0; +- u16 sid; ++ int ret = 0; + + if ( !ecap_dev_iotlb(iommu->ecap) ) + return ret; + + list_for_each_entry( pdev, &ats_devices, list ) + { +- sid = (pdev->bus << 8) | pdev->devfn; ++ u16 sid = PCI_BDF2(pdev->bus, pdev->devfn); ++ bool_t sbit; ++ int rc = 0; + + /* Only invalidate devices that belong to this IOMMU */ + if ( pdev->iommu != iommu ) + continue; + +- switch ( type ) { ++ switch ( type ) ++ { + case DMA_TLB_DSI_FLUSH: + if ( !device_in_domain(iommu, pdev, did) ) + break; +@@ -133,32 +135,37 @@ int dev_invalidate_iotlb(struct iommu *i + /* invalidate all translations: sbit=1,bit_63=0,bit[62:12]=1 */ + sbit = 1; + addr = (~0 << PAGE_SHIFT_4K) & 0x7FFFFFFFFFFFFFFF; +- ret |= qinval_device_iotlb(iommu, pdev->ats_queue_depth, +- sid, sbit, addr); ++ rc = qinval_device_iotlb(iommu, pdev->ats_queue_depth, ++ sid, sbit, addr); + break; + case DMA_TLB_PSI_FLUSH: + if ( !device_in_domain(iommu, pdev, did) ) + break; + +- addr &= ~0 << (PAGE_SHIFT + size_order); +- + /* if size <= 4K, set sbit = 0, else set sbit = 1 */ + sbit = size_order ? 1 : 0; + + /* clear lower bits */ +- addr &= (~0 << (PAGE_SHIFT + size_order)); ++ addr &= ~0 << PAGE_SHIFT_4K; + + /* if sbit == 1, zero out size_order bit and set lower bits to 1 */ + if ( sbit ) +- addr &= (~0 & ~(1 << (PAGE_SHIFT + size_order))); ++ { ++ addr &= ~((u64)PAGE_SIZE_4K << (size_order - 1)); ++ addr |= (((u64)1 << (size_order - 1)) - 1) << PAGE_SHIFT_4K; ++ } + +- ret |= qinval_device_iotlb(iommu, pdev->ats_queue_depth, +- sid, sbit, addr); ++ rc = qinval_device_iotlb(iommu, pdev->ats_queue_depth, ++ sid, sbit, addr); + break; + default: + dprintk(XENLOG_WARNING VTDPREFIX, "invalid vt-d flush type\n"); +- break; ++ return -EOPNOTSUPP; + } ++ ++ if ( !ret ) ++ ret = rc; + } ++ + return ret; + } diff --git a/53b56de1-properly-reference-count-DOMCTL_-un-pausedomain-hypercalls.patch b/53b56de1-properly-reference-count-DOMCTL_-un-pausedomain-hypercalls.patch new file mode 100644 index 0000000..d3ee09f --- /dev/null +++ b/53b56de1-properly-reference-count-DOMCTL_-un-pausedomain-hypercalls.patch @@ -0,0 +1,218 @@ +# Commit 3eb1c708ab0fe1067a436498a684907afa14dacf +# Date 2014-07-03 16:51:13 +0200 +# Author Andrew Cooper +# Committer Jan Beulich +properly reference count DOMCTL_{,un}pausedomain hypercalls + +For safety reasons, c/s 6ae2df93c27 "mem_access: Add helper API to setup +ring and enable mem_access" has to pause the domain while it performs a set of +operations. + +However without properly reference counted hypercalls, xc_mem_event_enable() +now unconditionally unpauses a previously paused domain. + +To prevent toolstack software running wild, there is an arbitrary limit of 255 +on the toolstack pause count. This is high enough for several components of +the toolstack to safely use, but prevents over/underflow of d->pause_count. + +The previous domain_{,un}pause_by_systemcontroller() functions are updated to +return an error code. domain_pause_by_systemcontroller() is modified to have +a common stub and take a pause_fn pointer, allowing for both sync and nosync +domain pauses. domain_pause_for_debugger() has a hand-rolled nosync pause +replaced with the new domain_pause_by_systemcontroller_nosync(), and has its +variables shuffled slightly to avoid rereading current multiple times. + +Suggested-by: Don Slutz +Signed-off-by: Andrew Cooper +With a couple of formatting adjustments: +Reviewed-by: Jan Beulich + +--- a/xen/arch/x86/domctl.c ++++ b/xen/arch/x86/domctl.c +@@ -1019,7 +1019,7 @@ long arch_do_domctl( + struct vcpu *v; + + ret = -EBUSY; +- if ( !d->is_paused_by_controller ) ++ if ( !d->controller_pause_count ) + break; + ret = -EINVAL; + if ( domctl->u.gdbsx_pauseunp_vcpu.vcpu >= MAX_VIRT_CPUS || +@@ -1035,7 +1035,7 @@ long arch_do_domctl( + struct vcpu *v; + + ret = -EBUSY; +- if ( !d->is_paused_by_controller ) ++ if ( !d->controller_pause_count ) + break; + ret = -EINVAL; + if ( domctl->u.gdbsx_pauseunp_vcpu.vcpu >= MAX_VIRT_CPUS || +@@ -1053,7 +1053,7 @@ long arch_do_domctl( + struct vcpu *v; + + domctl->u.gdbsx_domstatus.vcpu_id = -1; +- domctl->u.gdbsx_domstatus.paused = d->is_paused_by_controller; ++ domctl->u.gdbsx_domstatus.paused = d->controller_pause_count > 0; + if ( domctl->u.gdbsx_domstatus.paused ) + { + for_each_vcpu ( d, v ) +--- a/xen/common/domain.c ++++ b/xen/common/domain.c +@@ -264,7 +264,7 @@ struct domain *domain_create( + if ( (err = xsm_domain_create(XSM_HOOK, d, ssidref)) != 0 ) + goto fail; + +- d->is_paused_by_controller = 1; ++ d->controller_pause_count = 1; + atomic_inc(&d->pause_count); + + if ( domid ) +@@ -680,18 +680,13 @@ void vcpu_end_shutdown_deferral(struct v + #ifdef HAS_GDBSX + void domain_pause_for_debugger(void) + { +- struct domain *d = current->domain; +- struct vcpu *v; +- +- atomic_inc(&d->pause_count); +- if ( test_and_set_bool(d->is_paused_by_controller) ) +- domain_unpause(d); /* race-free atomic_dec(&d->pause_count) */ ++ struct vcpu *curr = current; ++ struct domain *d = curr->domain; + +- for_each_vcpu ( d, v ) +- vcpu_sleep_nosync(v); ++ domain_pause_by_systemcontroller_nosync(d); + + /* if gdbsx active, we just need to pause the domain */ +- if (current->arch.gdbsx_vcpu_event == 0) ++ if ( curr->arch.gdbsx_vcpu_event == 0 ) + send_global_virq(VIRQ_DEBUGGER); + } + #endif +@@ -839,17 +834,49 @@ void domain_unpause(struct domain *d) + vcpu_wake(v); + } + +-void domain_pause_by_systemcontroller(struct domain *d) ++int __domain_pause_by_systemcontroller(struct domain *d, ++ void (*pause_fn)(struct domain *d)) + { +- domain_pause(d); +- if ( test_and_set_bool(d->is_paused_by_controller) ) +- domain_unpause(d); ++ int old, new, prev = d->controller_pause_count; ++ ++ do ++ { ++ old = prev; ++ new = old + 1; ++ ++ /* ++ * Limit the toolstack pause count to an arbitrary 255 to prevent the ++ * toolstack overflowing d->pause_count with many repeated hypercalls. ++ */ ++ if ( new > 255 ) ++ return -EUSERS; ++ ++ prev = cmpxchg(&d->controller_pause_count, old, new); ++ } while ( prev != old ); ++ ++ pause_fn(d); ++ ++ return 0; + } + +-void domain_unpause_by_systemcontroller(struct domain *d) ++int domain_unpause_by_systemcontroller(struct domain *d) + { +- if ( test_and_clear_bool(d->is_paused_by_controller) ) +- domain_unpause(d); ++ int old, new, prev = d->controller_pause_count; ++ ++ do ++ { ++ old = prev; ++ new = old - 1; ++ ++ if ( new < 0 ) ++ return -EINVAL; ++ ++ prev = cmpxchg(&d->controller_pause_count, old, new); ++ } while ( prev != old ); ++ ++ domain_unpause(d); ++ ++ return 0; + } + + int vcpu_reset(struct vcpu *v) +--- a/xen/common/domctl.c ++++ b/xen/common/domctl.c +@@ -181,7 +181,7 @@ void getdomaininfo(struct domain *d, str + info->flags = (info->nr_online_vcpus ? flags : 0) | + ((d->is_dying == DOMDYING_dead) ? XEN_DOMINF_dying : 0) | + (d->is_shut_down ? XEN_DOMINF_shutdown : 0) | +- (d->is_paused_by_controller ? XEN_DOMINF_paused : 0) | ++ (d->controller_pause_count > 0 ? XEN_DOMINF_paused : 0) | + (d->debugger_attached ? XEN_DOMINF_debugged : 0) | + d->shutdown_code << XEN_DOMINF_shutdownshift; + +@@ -384,22 +384,14 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe + break; + + case XEN_DOMCTL_pausedomain: +- { + ret = -EINVAL; + if ( d != current->domain ) +- { +- domain_pause_by_systemcontroller(d); +- ret = 0; +- } +- } +- break; ++ ret = domain_pause_by_systemcontroller(d); ++ break; + + case XEN_DOMCTL_unpausedomain: +- { +- domain_unpause_by_systemcontroller(d); +- ret = 0; +- } +- break; ++ ret = domain_unpause_by_systemcontroller(d); ++ break; + + case XEN_DOMCTL_resumedomain: + { +--- a/xen/include/xen/sched.h ++++ b/xen/include/xen/sched.h +@@ -338,7 +338,7 @@ struct domain + /* Is this guest dying (i.e., a zombie)? */ + enum { DOMDYING_alive, DOMDYING_dying, DOMDYING_dead } is_dying; + /* Domain is paused by controller software? */ +- bool_t is_paused_by_controller; ++ int controller_pause_count; + /* Domain's VCPUs are pinned 1:1 to physical CPUs? */ + bool_t is_pinned; + +@@ -742,8 +742,17 @@ void domain_pause(struct domain *d); + void domain_pause_nosync(struct domain *d); + void vcpu_unpause(struct vcpu *v); + void domain_unpause(struct domain *d); +-void domain_pause_by_systemcontroller(struct domain *d); +-void domain_unpause_by_systemcontroller(struct domain *d); ++int domain_unpause_by_systemcontroller(struct domain *d); ++int __domain_pause_by_systemcontroller(struct domain *d, ++ void (*pause_fn)(struct domain *d)); ++static inline int domain_pause_by_systemcontroller(struct domain *d) ++{ ++ return __domain_pause_by_systemcontroller(d, domain_pause); ++} ++static inline int domain_pause_by_systemcontroller_nosync(struct domain *d) ++{ ++ return __domain_pause_by_systemcontroller(d, domain_pause_nosync); ++} + void cpu_init(void); + + struct scheduler; diff --git a/53c9151b-Fix-xl-vncviewer-accesses-port-0-by-any-invalid-domid.patch b/53c9151b-Fix-xl-vncviewer-accesses-port-0-by-any-invalid-domid.patch new file mode 100644 index 0000000..a27dd81 --- /dev/null +++ b/53c9151b-Fix-xl-vncviewer-accesses-port-0-by-any-invalid-domid.patch @@ -0,0 +1,39 @@ +Subject: xl: 'xl vncviewer' accesses port 0 by any invalid domid +From: Chunyan Liu cyliu@suse.com Fri Jul 18 14:18:04 2014 +0800 +Date: Fri Jul 18 13:37:47 2014 +0100: +Git: 2a8cc1a55329ead252ed323ec4bbee534d5c0f23 + +Currently, with command: + xl vncviewer invalid_domid +it always brings user to the domU using vncport 5900. +The invalid domid could be an non-existing one or Dom0. +It's better to report error in this case. + +Correct libxl_vncviewer_exec: + In existing code, when vncport is NULL, it still continues + and will show vncport 5900. So, with 'xl vncviewer 0' it also + wrongly shows domU using vncport 5900. Correct it to report error + if vncport is NULL. + +Signed-off-by: Chunyan Liu +Acked-by: Ian Campbell + +Index: xen-4.4.0-testing/tools/libxl/libxl.c +=================================================================== +--- xen-4.4.0-testing.orig/tools/libxl/libxl.c ++++ xen-4.4.0-testing/tools/libxl/libxl.c +@@ -1635,8 +1635,12 @@ int libxl_vncviewer_exec(libxl_ctx *ctx, + vnc_port = libxl__xs_read(gc, XBT_NULL, + libxl__sprintf(gc, + "/local/domain/%d/console/vnc-port", domid)); +- if ( vnc_port ) +- port = atoi(vnc_port) - 5900; ++ if (!vnc_port) { ++ LOG(ERROR, "Cannot get vnc-port of domain %d", domid); ++ goto x_fail; ++ } ++ ++ port = atoi(vnc_port) - 5900; + + vnc_listen = libxl__xs_read(gc, XBT_NULL, + libxl__sprintf(gc, diff --git a/53cfdcc7-avoid-crash-when-doing-shutdown-with-active-cpupools.patch b/53cfdcc7-avoid-crash-when-doing-shutdown-with-active-cpupools.patch new file mode 100644 index 0000000..da646c1 --- /dev/null +++ b/53cfdcc7-avoid-crash-when-doing-shutdown-with-active-cpupools.patch @@ -0,0 +1,46 @@ +# Commit 05377dede434c746e6708f055858378d20f619db +# Date 2014-07-23 18:03:19 +0200 +# Author Juergen Gross +# Committer Jan Beulich +avoid crash when doing shutdown with active cpupools + +When shutting down the machine while there are cpus in a cpupool other than +Pool-0 a crash is triggered due to cpupool handling rejecting offlining the +non-boot cpus in other cpupools. + +It is easy to detect this case and allow offlining those cpus. + +Reported-by: Stefan Bader +Signed-off-by: Juergen Gross +Tested-by: Stefan Bader + +--- a/xen/common/cpupool.c ++++ b/xen/common/cpupool.c +@@ -471,12 +471,24 @@ static void cpupool_cpu_add(unsigned int + */ + static int cpupool_cpu_remove(unsigned int cpu) + { +- int ret = 0; ++ int ret = -EBUSY; ++ struct cpupool **c; + + spin_lock(&cpupool_lock); +- if ( !cpumask_test_cpu(cpu, cpupool0->cpu_valid)) +- ret = -EBUSY; ++ if ( cpumask_test_cpu(cpu, cpupool0->cpu_valid) ) ++ ret = 0; + else ++ { ++ for_each_cpupool(c) ++ { ++ if ( cpumask_test_cpu(cpu, (*c)->cpu_suspended ) ) ++ { ++ ret = 0; ++ break; ++ } ++ } ++ } ++ if ( !ret ) + cpumask_set_cpu(cpu, &cpupool_locked_cpus); + spin_unlock(&cpupool_lock); + diff --git a/53cfddaf-x86-mem_event-validate-the-response-vcpu_id-before-acting-on-it.patch b/53cfddaf-x86-mem_event-validate-the-response-vcpu_id-before-acting-on-it.patch new file mode 100644 index 0000000..34669be --- /dev/null +++ b/53cfddaf-x86-mem_event-validate-the-response-vcpu_id-before-acting-on-it.patch @@ -0,0 +1,86 @@ +# Commit ee75480b3c8856db9ef1aa45418f35ec0d78989d +# Date 2014-07-23 18:07:11 +0200 +# Author Andrew Cooper +# Committer Jan Beulich +x86/mem_event: validate the response vcpu_id before acting on it + +Signed-off-by: Andrew Cooper +Reviewed-by: Tim Deegan +Reviewed-by: Andres Lagar-Cavilla +Tested-by: Razvan Cojocaru + +--- a/xen/arch/x86/mm/mem_sharing.c ++++ b/xen/arch/x86/mm/mem_sharing.c +@@ -596,11 +596,20 @@ int mem_sharing_sharing_resume(struct do + /* Get all requests off the ring */ + while ( mem_event_get_response(d, &d->mem_event->share, &rsp) ) + { ++ struct vcpu *v; ++ + if ( rsp.flags & MEM_EVENT_FLAG_DUMMY ) + continue; ++ ++ /* Validate the vcpu_id in the response. */ ++ if ( (rsp.vcpu_id >= d->max_vcpus) || !d->vcpu[rsp.vcpu_id] ) ++ continue; ++ ++ v = d->vcpu[rsp.vcpu_id]; ++ + /* Unpause domain/vcpu */ + if ( rsp.flags & MEM_EVENT_FLAG_VCPU_PAUSED ) +- vcpu_unpause(d->vcpu[rsp.vcpu_id]); ++ vcpu_unpause(v); + } + + return 0; +--- a/xen/arch/x86/mm/p2m.c ++++ b/xen/arch/x86/mm/p2m.c +@@ -1228,8 +1228,17 @@ void p2m_mem_paging_resume(struct domain + /* Pull all responses off the ring */ + while( mem_event_get_response(d, &d->mem_event->paging, &rsp) ) + { ++ struct vcpu *v; ++ + if ( rsp.flags & MEM_EVENT_FLAG_DUMMY ) + continue; ++ ++ /* Validate the vcpu_id in the response. */ ++ if ( (rsp.vcpu_id >= d->max_vcpus) || !d->vcpu[rsp.vcpu_id] ) ++ continue; ++ ++ v = d->vcpu[rsp.vcpu_id]; ++ + /* Fix p2m entry if the page was not dropped */ + if ( !(rsp.flags & MEM_EVENT_FLAG_DROP_PAGE) ) + { +@@ -1248,7 +1257,7 @@ void p2m_mem_paging_resume(struct domain + } + /* Unpause domain */ + if ( rsp.flags & MEM_EVENT_FLAG_VCPU_PAUSED ) +- vcpu_unpause(d->vcpu[rsp.vcpu_id]); ++ vcpu_unpause(v); + } + } + +@@ -1356,11 +1365,20 @@ void p2m_mem_access_resume(struct domain + /* Pull all responses off the ring */ + while( mem_event_get_response(d, &d->mem_event->access, &rsp) ) + { ++ struct vcpu *v; ++ + if ( rsp.flags & MEM_EVENT_FLAG_DUMMY ) + continue; ++ ++ /* Validate the vcpu_id in the response. */ ++ if ( (rsp.vcpu_id >= d->max_vcpus) || !d->vcpu[rsp.vcpu_id] ) ++ continue; ++ ++ v = d->vcpu[rsp.vcpu_id]; ++ + /* Unpause domain */ + if ( rsp.flags & MEM_EVENT_FLAG_VCPU_PAUSED ) +- vcpu_unpause(d->vcpu[rsp.vcpu_id]); ++ vcpu_unpause(v); + } + } + diff --git a/53cfdde4-x86-mem_event-prevent-underflow-of-vcpu-pause-counts.patch b/53cfdde4-x86-mem_event-prevent-underflow-of-vcpu-pause-counts.patch new file mode 100644 index 0000000..014a395 --- /dev/null +++ b/53cfdde4-x86-mem_event-prevent-underflow-of-vcpu-pause-counts.patch @@ -0,0 +1,145 @@ +# Commit 868d9b99b39c53dc1f6ae9bfd7b148c206fd7240 +# Date 2014-07-23 18:08:04 +0200 +# Author Andrew Cooper +# Committer Jan Beulich +x86/mem_event: prevent underflow of vcpu pause counts + +Signed-off-by: Andrew Cooper +Tested-by: Razvan Cojocaru +Reviewed-by: Andres Lagar-Cavilla +Tested-by: Aravindh Puthiyaparambil + +--- a/xen/arch/x86/hvm/hvm.c ++++ b/xen/arch/x86/hvm/hvm.c +@@ -4762,7 +4762,7 @@ static int hvm_memory_event_traps(long p + if ( (p & HVMPME_MODE_MASK) == HVMPME_mode_sync ) + { + req.flags |= MEM_EVENT_FLAG_VCPU_PAUSED; +- vcpu_pause_nosync(v); ++ mem_event_vcpu_pause(v); + } + + req.gfn = value; +--- a/xen/arch/x86/mm/mem_event.c ++++ b/xen/arch/x86/mm/mem_event.c +@@ -655,6 +655,38 @@ int mem_event_domctl(struct domain *d, x + return rc; + } + ++void mem_event_vcpu_pause(struct vcpu *v) ++{ ++ ASSERT(v == current); ++ ++ atomic_inc(&v->mem_event_pause_count); ++ vcpu_pause_nosync(v); ++} ++ ++void mem_event_vcpu_unpause(struct vcpu *v) ++{ ++ int old, new, prev = v->mem_event_pause_count.counter; ++ ++ /* All unpause requests as a result of toolstack responses. Prevent ++ * underflow of the vcpu pause count. */ ++ do ++ { ++ old = prev; ++ new = old - 1; ++ ++ if ( new < 0 ) ++ { ++ printk(XENLOG_G_WARNING ++ "d%d:v%d mem_event: Too many unpause attempts\n", ++ v->domain->domain_id, v->vcpu_id); ++ return; ++ } ++ ++ prev = cmpxchg(&v->mem_event_pause_count.counter, old, new); ++ } while ( prev != old ); ++ ++ vcpu_unpause(v); ++} + + /* + * Local variables: +--- a/xen/arch/x86/mm/mem_sharing.c ++++ b/xen/arch/x86/mm/mem_sharing.c +@@ -568,7 +568,7 @@ int mem_sharing_notify_enomem(struct dom + if ( v->domain == d ) + { + req.flags = MEM_EVENT_FLAG_VCPU_PAUSED; +- vcpu_pause_nosync(v); ++ mem_event_vcpu_pause(v); + } + + req.p2mt = p2m_ram_shared; +@@ -609,7 +609,7 @@ int mem_sharing_sharing_resume(struct do + + /* Unpause domain/vcpu */ + if ( rsp.flags & MEM_EVENT_FLAG_VCPU_PAUSED ) +- vcpu_unpause(v); ++ mem_event_vcpu_unpause(v); + } + + return 0; +--- a/xen/arch/x86/mm/p2m.c ++++ b/xen/arch/x86/mm/p2m.c +@@ -1094,7 +1094,7 @@ void p2m_mem_paging_populate(struct doma + /* Pause domain if request came from guest and gfn has paging type */ + if ( p2m_is_paging(p2mt) && v->domain == d ) + { +- vcpu_pause_nosync(v); ++ mem_event_vcpu_pause(v); + req.flags |= MEM_EVENT_FLAG_VCPU_PAUSED; + } + /* No need to inform pager if the gfn is not in the page-out path */ +@@ -1257,7 +1257,7 @@ void p2m_mem_paging_resume(struct domain + } + /* Unpause domain */ + if ( rsp.flags & MEM_EVENT_FLAG_VCPU_PAUSED ) +- vcpu_unpause(v); ++ mem_event_vcpu_unpause(v); + } + } + +@@ -1352,7 +1352,7 @@ bool_t p2m_mem_access_check(paddr_t gpa, + + /* Pause the current VCPU */ + if ( p2ma != p2m_access_n2rwx ) +- vcpu_pause_nosync(v); ++ mem_event_vcpu_pause(v); + + /* VCPU may be paused, return whether we promoted automatically */ + return (p2ma == p2m_access_n2rwx); +@@ -1378,7 +1378,7 @@ void p2m_mem_access_resume(struct domain + + /* Unpause domain */ + if ( rsp.flags & MEM_EVENT_FLAG_VCPU_PAUSED ) +- vcpu_unpause(v); ++ mem_event_vcpu_unpause(v); + } + } + +--- a/xen/include/asm-x86/mem_event.h ++++ b/xen/include/asm-x86/mem_event.h +@@ -66,6 +66,9 @@ int do_mem_event_op(int op, uint32_t dom + int mem_event_domctl(struct domain *d, xen_domctl_mem_event_op_t *mec, + XEN_GUEST_HANDLE_PARAM(void) u_domctl); + ++void mem_event_vcpu_pause(struct vcpu *v); ++void mem_event_vcpu_unpause(struct vcpu *v); ++ + #endif /* __MEM_EVENT_H__ */ + + +--- a/xen/include/xen/sched.h ++++ b/xen/include/xen/sched.h +@@ -189,6 +189,9 @@ struct vcpu + unsigned long pause_flags; + atomic_t pause_count; + ++ /* VCPU paused for mem_event replies. */ ++ atomic_t mem_event_pause_count; ++ + /* IRQ-safe virq_lock protects against delivering VIRQ to stale evtchn. */ + evtchn_port_t virq_to_evtchn[NR_VIRQS]; + spinlock_t virq_lock; diff --git a/libxl.add-option-for-discard-support-to-xl-disk-conf.patch b/libxl.add-option-for-discard-support-to-xl-disk-conf.patch index ec12ac5..5fa6696 100644 --- a/libxl.add-option-for-discard-support-to-xl-disk-conf.patch +++ b/libxl.add-option-for-discard-support-to-xl-disk-conf.patch @@ -56,7 +56,7 @@ Index: xen-4.4.0-testing/tools/libxl/libxl.c =================================================================== --- xen-4.4.0-testing.orig/tools/libxl/libxl.c +++ xen-4.4.0-testing/tools/libxl/libxl.c -@@ -2480,6 +2480,8 @@ static void device_disk_add(libxl__egc * +@@ -2484,6 +2484,8 @@ static void device_disk_add(libxl__egc * flexarray_append(back, disk->readwrite ? "w" : "r"); flexarray_append(back, "device-type"); flexarray_append(back, disk->is_cdrom ? "cdrom" : "disk"); diff --git a/libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch b/libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch index dd235da..36536a1 100644 --- a/libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch +++ b/libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch @@ -11,7 +11,7 @@ Index: xen-4.4.0-testing/tools/libxl/libxl.c =================================================================== --- xen-4.4.0-testing.orig/tools/libxl/libxl.c +++ xen-4.4.0-testing/tools/libxl/libxl.c -@@ -2484,6 +2484,8 @@ static void device_disk_add(libxl__egc * +@@ -2488,6 +2488,8 @@ static void device_disk_add(libxl__egc * flexarray_append_pair(back, "direct-io-safe", "1"); if ((disk->readwrite & ~LIBXL_HAVE_LIBXL_DEVICE_DISK_DISCARD_DISABLE_MASK) == LIBXL_HAVE_LIBXL_DEVICE_DISK_DISCARD_DISABLE_MAGIC) flexarray_append_pair(back, "discard-enable", "0"); diff --git a/libxl.introduce-an-option-to-disable-the-non-O_DIRECT-workaround.patch b/libxl.introduce-an-option-to-disable-the-non-O_DIRECT-workaround.patch index e63a3e1..999ac88 100644 --- a/libxl.introduce-an-option-to-disable-the-non-O_DIRECT-workaround.patch +++ b/libxl.introduce-an-option-to-disable-the-non-O_DIRECT-workaround.patch @@ -99,7 +99,7 @@ Index: xen-4.4.0-testing/tools/libxl/libxl.c =================================================================== --- xen-4.4.0-testing.orig/tools/libxl/libxl.c +++ xen-4.4.0-testing/tools/libxl/libxl.c -@@ -2480,6 +2480,8 @@ static void device_disk_add(libxl__egc * +@@ -2484,6 +2484,8 @@ static void device_disk_add(libxl__egc * flexarray_append(back, disk->readwrite ? "w" : "r"); flexarray_append(back, "device-type"); flexarray_append(back, disk->is_cdrom ? "cdrom" : "disk"); diff --git a/libxl.pvscsi.patch b/libxl.pvscsi.patch index 31e759f..9077322 100644 --- a/libxl.pvscsi.patch +++ b/libxl.pvscsi.patch @@ -107,7 +107,7 @@ Index: xen-4.4.0-testing/tools/libxl/libxl.c =================================================================== --- xen-4.4.0-testing.orig/tools/libxl/libxl.c +++ xen-4.4.0-testing/tools/libxl/libxl.c -@@ -2017,6 +2017,273 @@ int libxl_devid_to_device_vtpm(libxl_ctx +@@ -2021,6 +2021,273 @@ int libxl_devid_to_device_vtpm(libxl_ctx return rc; } @@ -381,7 +381,7 @@ Index: xen-4.4.0-testing/tools/libxl/libxl.c /******************************************************************************/ -@@ -3485,6 +3752,8 @@ out: +@@ -3489,6 +3756,8 @@ out: * libxl_device_vkb_destroy * libxl_device_vfb_remove * libxl_device_vfb_destroy @@ -390,7 +390,7 @@ Index: xen-4.4.0-testing/tools/libxl/libxl.c */ #define DEFINE_DEVICE_REMOVE(type, removedestroy, f) \ int libxl_device_##type##_##removedestroy(libxl_ctx *ctx, \ -@@ -3536,6 +3805,10 @@ DEFINE_DEVICE_REMOVE(vfb, destroy, 1) +@@ -3540,6 +3809,10 @@ DEFINE_DEVICE_REMOVE(vfb, destroy, 1) DEFINE_DEVICE_REMOVE(vtpm, remove, 0) DEFINE_DEVICE_REMOVE(vtpm, destroy, 1) @@ -401,7 +401,7 @@ Index: xen-4.4.0-testing/tools/libxl/libxl.c #undef DEFINE_DEVICE_REMOVE /******************************************************************************/ -@@ -3545,6 +3818,7 @@ DEFINE_DEVICE_REMOVE(vtpm, destroy, 1) +@@ -3549,6 +3822,7 @@ DEFINE_DEVICE_REMOVE(vtpm, destroy, 1) * libxl_device_disk_add * libxl_device_nic_add * libxl_device_vtpm_add @@ -409,7 +409,7 @@ Index: xen-4.4.0-testing/tools/libxl/libxl.c */ #define DEFINE_DEVICE_ADD(type) \ -@@ -3574,6 +3848,9 @@ DEFINE_DEVICE_ADD(nic) +@@ -3578,6 +3852,9 @@ DEFINE_DEVICE_ADD(nic) /* vtpm */ DEFINE_DEVICE_ADD(vtpm) @@ -419,7 +419,7 @@ Index: xen-4.4.0-testing/tools/libxl/libxl.c #undef DEFINE_DEVICE_ADD /******************************************************************************/ -@@ -5678,6 +5955,20 @@ int libxl_fd_set_cloexec(libxl_ctx *ctx, +@@ -5682,6 +5959,20 @@ int libxl_fd_set_cloexec(libxl_ctx *ctx, int libxl_fd_set_nonblock(libxl_ctx *ctx, int fd, int nonblock) { return fd_set_flags(ctx,fd, F_GETFL,F_SETFL,"FL", O_NONBLOCK, nonblock); } diff --git a/local_attach_support_for_phy.patch b/local_attach_support_for_phy.patch index fc5877b..ecab4d5 100644 --- a/local_attach_support_for_phy.patch +++ b/local_attach_support_for_phy.patch @@ -14,7 +14,7 @@ Index: xen-4.4.0-testing/tools/libxl/libxl.c =================================================================== --- xen-4.4.0-testing.orig/tools/libxl/libxl.c +++ xen-4.4.0-testing/tools/libxl/libxl.c -@@ -2630,6 +2630,16 @@ void libxl__device_disk_local_initiate_a +@@ -2634,6 +2634,16 @@ void libxl__device_disk_local_initiate_a switch (disk->backend) { case LIBXL_DISK_BACKEND_PHY: @@ -31,7 +31,7 @@ Index: xen-4.4.0-testing/tools/libxl/libxl.c LIBXL__LOG(ctx, LIBXL__LOG_DEBUG, "locally attaching PHY disk %s", disk->pdev_path); dev = disk->pdev_path; -@@ -2709,7 +2719,7 @@ static void local_device_attach_cb(libxl +@@ -2713,7 +2723,7 @@ static void local_device_attach_cb(libxl } dev = GCSPRINTF("/dev/%s", disk->vdev); @@ -40,7 +40,7 @@ Index: xen-4.4.0-testing/tools/libxl/libxl.c rc = libxl__device_from_disk(gc, LIBXL_TOOLSTACK_DOMID, disk, &device); if (rc < 0) -@@ -2749,6 +2759,7 @@ void libxl__device_disk_local_initiate_d +@@ -2753,6 +2763,7 @@ void libxl__device_disk_local_initiate_d if (!dls->diskpath) goto out; switch (disk->backend) { @@ -48,7 +48,7 @@ Index: xen-4.4.0-testing/tools/libxl/libxl.c case LIBXL_DISK_BACKEND_QDISK: if (disk->vdev != NULL) { GCNEW(device); -@@ -2766,7 +2777,6 @@ void libxl__device_disk_local_initiate_d +@@ -2770,7 +2781,6 @@ void libxl__device_disk_local_initiate_d /* disk->vdev == NULL; fall through */ default: /* diff --git a/pygrub-boot-legacy-sles.patch b/pygrub-boot-legacy-sles.patch index 552d1d1..d126f6d 100644 --- a/pygrub-boot-legacy-sles.patch +++ b/pygrub-boot-legacy-sles.patch @@ -17,7 +17,7 @@ Index: xen-4.4.0-testing/tools/pygrub/src/pygrub + # If missing config or grub has no menu entries to select, look for + # vmlinuz-xen and initrd-xen in /boot -+ if g.__dict__.get('cf', None) is None or len(g.cf.images) == 0: ++ if g.__dict__.get('cf', None) is None or len(g.cf.images) == 0 or re.search(r"xen(-pae)?\.gz",g.cf.images[0].kernel[1]): + if not list_entries: + chosencfg = { "kernel": None, "ramdisk": None, "args": "" } + chosencfg = sniff_xen_kernel(fs, incfg) @@ -32,22 +32,27 @@ Index: xen-4.4.0-testing/tools/pygrub/src/pygrub if list_entries: for i in range(len(g.cf.images)): img = g.cf.images[i] -@@ -693,6 +707,14 @@ def sniff_netware(fs, cfg): +@@ -693,6 +707,19 @@ def sniff_netware(fs, cfg): return cfg +def sniff_xen_kernel(fs, cfg): -+ if not cfg["kernel"] and fs.file_exists('/boot/vmlinuz-xen'): -+ cfg["kernel"] = '/boot/vmlinuz-xen' ++ if not cfg["kernel"]: ++ if fs.file_exists('/boot/vmlinuz-xen'): ++ cfg["kernel"] = '/boot/vmlinuz-xen' ++ elif fs.file_exists('/boot/vmlinuz-xenpae'): ++ cfg["kernel"] = '/boot/vmlinuz-xenpae' + if cfg["kernel"] and not cfg["ramdisk"]: + if fs.file_exists('/boot/initrd-xen'): + cfg["ramdisk"] = '/boot/initrd-xen' ++ elif fs.file_exists('/boot/initrd-xenpae'): ++ cfg["ramdisk"] = '/boot/initrd-xenpae' + return cfg + def format_sxp(kernel, ramdisk, args): s = "linux (kernel %s)" % kernel if ramdisk: -@@ -773,7 +795,7 @@ if __name__ == "__main__": +@@ -773,7 +800,7 @@ if __name__ == "__main__": debug = False not_really = False output_format = "sxp" diff --git a/xen-utils-0.1.tar.bz2 b/xen-utils-0.1.tar.bz2 index 2c53bb7..e8780e1 100644 --- a/xen-utils-0.1.tar.bz2 +++ b/xen-utils-0.1.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:991414430321489fa2f31d2ad3cf0fcea00f5cc0312a48b90e14702e02559b42 -size 8438 +oid sha256:7c17e060de0b507ec0673f84dde727c6d583f781051981b75204e46f31704e14 +size 6171 diff --git a/xen.changes b/xen.changes index db2ce2c..1fa5048 100644 --- a/xen.changes +++ b/xen.changes @@ -1,3 +1,58 @@ +------------------------------------------------------------------- +Thu Jul 24 07:54:34 MDT 2014 - carnold@suse.com + +- Upstream patches from Jan + 5347b524-evtchn-eliminate-64k-ports-limitation.patch + 53aac342-x86-HVM-consolidate-and-sanitize-CR4-guest-reserved-bit-determination.patch + 53b16cd4-VT-d-ATS-correct-and-clean-up-dev_invalidate_iotlb.patch + 53b56de1-properly-reference-count-DOMCTL_-un-pausedomain-hypercalls.patch + 53cfdcc7-avoid-crash-when-doing-shutdown-with-active-cpupools.patch + 53cfddaf-x86-mem_event-validate-the-response-vcpu_id-before-acting-on-it.patch + 53cfdde4-x86-mem_event-prevent-underflow-of-vcpu-pause-counts.patch + +------------------------------------------------------------------- +Mon Jul 21 03:05:48 UTC 2014 - cyliu@suse.com + +- bnc#886801 - xl vncviewer: The first domu can be accessed by any id + 53c9151b-Fix-xl-vncviewer-accesses-port-0-by-any-invalid-domid.patch + +------------------------------------------------------------------- +Mon Jul 14 11:14:38 MDT 2014 - carnold@suse.com + +- Upstream pygrub bug fix + 5370e03b-pygrub-fix-error-handling-if-no-valid-partitions-are-found.patch + +------------------------------------------------------------------- +Wed Jul 9 16:45:58 MDT 2014 - carnold@suse.com + +- Fix pygrub to handle old 32 bit VMs + pygrub-boot-legacy-sles.patch (Mike Latimer) + +------------------------------------------------------------------- +Mon Jul 7 17:54:58 MDT 2014 - jfehlig@suse.com + +- Remove xen-vmresync utility. It is an old Platespin Orchestrate + utility that should have never been included in the Xen package. + Updated xen.spec + +------------------------------------------------------------------- +Mon Jul 7 17:01:59 MDT 2014 - jfehlig@suse.com + +- Rework xen-destroy utility included in xen-utils + bnc#885292 and bnc#886063 + Updated xen-utils-0.1.tar.bz2 + +------------------------------------------------------------------- +Mon Jul 07 11:40:32 MDT 2014 - carnold@suse.com + +- bnc#886063 - Xen monitor fails (xl list --long output different + from xm list --long output) +- bnc#885292 - VirtualDomain: pid_status does not know how to check + status on SLE12 + Re-enable building xen-utils for sle12 and include xen-list and + xen-destroy in the xen-tools package for HA. + xen.spec + ------------------------------------------------------------------- Fri Jun 27 12:21:47 MDT 2014 - carnold@suse.com diff --git a/xen.spec b/xen.spec index f66f8f1..0a555d4 100644 --- a/xen.spec +++ b/xen.spec @@ -15,7 +15,6 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # - # needssslcertforbuild Name: xen @@ -154,7 +153,7 @@ BuildRequires: xorg-x11-util-devel %endif %endif -Version: 4.4.0_24 +Version: 4.4.0_26 Release: 0 PreReq: %insserv_prereq %fillup_prereq Summary: Xen Virtualization: Hypervisor (aka VMM aka Microkernel) @@ -239,42 +238,51 @@ Patch23: 533ad1ee-VMX-fix-PAT-value-seen-by-guest.patch Patch24: 533d413b-x86-mm-fix-checks-against-max_mapped_pfn.patch Patch25: 53455585-x86-AMD-feature-masking-is-unavailable-on-Fam11.patch Patch26: 5346a7a0-x86-AMD-support-further-feature-masking-MSRs.patch -Patch27: 534bbd90-x86-nested-HAP-don-t-BUG-on-legitimate-error.patch -Patch28: 534bdf47-x86-HAP-also-flush-TLB-when-altering-a-present-1G-or-intermediate-entry.patch -Patch29: 53563ea4-x86-MSI-drop-workaround-for-insecure-Dom0-kernels.patch -Patch30: 5357baff-x86-add-missing-break-in-dom0_pit_access.patch -Patch31: 535a34eb-VT-d-suppress-UR-signaling-for-server-chipsets.patch -Patch32: 535a3516-VT-d-suppress-UR-signaling-for-desktop-chipsets.patch -Patch33: 535a354b-passthrough-allow-to-suppress-SERR-and-PERR-signaling.patch -Patch34: 535e31bc-x86-HVM-correct-the-SMEP-logic-for-HVM_CR0_GUEST_RESERVED_BITS.patch -Patch35: 535fa503-x86-HVM-restrict-HVMOP_set_mem_type.patch -Patch36: 53636978-hvm_set_ioreq_page-releases-wrong-page-in-error-path.patch -Patch37: 53636ebf-x86-fix-guest-CPUID-handling.patch -Patch38: 53709b77-Nested-VMX-load-current_vmcs-only-when-it-exists.patch -Patch39: 53732f4f-x86-MCE-bypass-uninitialized-vcpu-in-vMCE-injection.patch -Patch40: 537b5e50-VT-d-apply-quirks-at-device-setup-time-rather-than-only-at-boot.patch -Patch41: 537b5e79-VT-d-extend-error-report-masking-workaround-to-newer-chipsets.patch -Patch42: 537b5ede-move-domain-to-cpupool0-before-destroying-it.patch -Patch43: 537cd0b0-hvmloader-also-cover-PCI-MMIO-ranges-above-4G-with-UC-MTRR-ranges.patch -Patch44: 537cd0cc-hvmloader-PA-range-0xfc000000-0xffffffff-should-be-UC.patch -Patch45: 5383167d-ACPI-ERST-fix-table-mapping.patch -Patch46: 5383175e-VT-d-fix-mask-applied-to-DMIBAR-in-desktop-chipset-XSA-59-workaround.patch -Patch47: 53859549-AMD-IOMMU-don-t-free-page-table-prematurely.patch -Patch48: 5385956b-x86-don-t-use-VA-for-cache-flush-when-also-flushing-TLB.patch -Patch49: 53859956-timers-set-the-deadline-more-accurately.patch -Patch50: 538c338f-x86-amd_ucode-flip-revision-numbers-in-printk.patch -Patch51: 538dcada-x86-HVM-eliminate-vulnerabilities-from-hvm_inject_msi.patch -Patch52: 538ee637-ACPI-Prevent-acpi_table_entries-from-falling-into-a-infinite-loop.patch -Patch53: 5390917a-VT-d-honor-APEI-firmware-first-mode-in-XSA-59-workaround-code.patch -Patch54: 53909259-x86-domctl-two-functional-fixes-to-XEN_DOMCTL_-gs-etvcpuextstate.patch -Patch55: 5390927f-x86-fix-reboot-shutdown-with-running-HVM-guests.patch -Patch56: 5396d818-avoid-crash-on-HVM-domain-destroy-with-PCI-passthrough.patch -Patch57: 5396e805-x86-HVM-refine-SMEP-test-in-HVM_CR4_GUEST_RESERVED_BITS.patch -Patch58: 539ebe62-x86-EFI-improve-boot-time-diagnostics.patch -Patch59: 539ec004-x86-mce-don-t-spam-the-console-with-CPUx-Temperature-z.patch -Patch60: 53a040c6-page-alloc-scrub-pages-used-by-hypervisor-upon-freeing.patch -Patch61: 53a1990a-IOMMU-prevent-VT-d-device-IOTLB-operations-on-wrong-IOMMU.patch -Patch62: 53a199d7-x86-EFI-allow-FPU-XMM-use-in-runtime-service-functions.patch +Patch27: 5347b524-evtchn-eliminate-64k-ports-limitation.patch +Patch28: 534bbd90-x86-nested-HAP-don-t-BUG-on-legitimate-error.patch +Patch29: 534bdf47-x86-HAP-also-flush-TLB-when-altering-a-present-1G-or-intermediate-entry.patch +Patch30: 53563ea4-x86-MSI-drop-workaround-for-insecure-Dom0-kernels.patch +Patch31: 5357baff-x86-add-missing-break-in-dom0_pit_access.patch +Patch32: 535a34eb-VT-d-suppress-UR-signaling-for-server-chipsets.patch +Patch33: 535a3516-VT-d-suppress-UR-signaling-for-desktop-chipsets.patch +Patch34: 535a354b-passthrough-allow-to-suppress-SERR-and-PERR-signaling.patch +Patch35: 535e31bc-x86-HVM-correct-the-SMEP-logic-for-HVM_CR0_GUEST_RESERVED_BITS.patch +Patch36: 535fa503-x86-HVM-restrict-HVMOP_set_mem_type.patch +Patch37: 53636978-hvm_set_ioreq_page-releases-wrong-page-in-error-path.patch +Patch38: 53636ebf-x86-fix-guest-CPUID-handling.patch +Patch39: 53709b77-Nested-VMX-load-current_vmcs-only-when-it-exists.patch +Patch40: 5370e03b-pygrub-fix-error-handling-if-no-valid-partitions-are-found.patch +Patch41: 53732f4f-x86-MCE-bypass-uninitialized-vcpu-in-vMCE-injection.patch +Patch42: 537b5e50-VT-d-apply-quirks-at-device-setup-time-rather-than-only-at-boot.patch +Patch43: 537b5e79-VT-d-extend-error-report-masking-workaround-to-newer-chipsets.patch +Patch44: 537b5ede-move-domain-to-cpupool0-before-destroying-it.patch +Patch45: 537cd0b0-hvmloader-also-cover-PCI-MMIO-ranges-above-4G-with-UC-MTRR-ranges.patch +Patch46: 537cd0cc-hvmloader-PA-range-0xfc000000-0xffffffff-should-be-UC.patch +Patch47: 5383167d-ACPI-ERST-fix-table-mapping.patch +Patch48: 5383175e-VT-d-fix-mask-applied-to-DMIBAR-in-desktop-chipset-XSA-59-workaround.patch +Patch49: 53859549-AMD-IOMMU-don-t-free-page-table-prematurely.patch +Patch50: 5385956b-x86-don-t-use-VA-for-cache-flush-when-also-flushing-TLB.patch +Patch51: 53859956-timers-set-the-deadline-more-accurately.patch +Patch52: 538c338f-x86-amd_ucode-flip-revision-numbers-in-printk.patch +Patch53: 538dcada-x86-HVM-eliminate-vulnerabilities-from-hvm_inject_msi.patch +Patch54: 538ee637-ACPI-Prevent-acpi_table_entries-from-falling-into-a-infinite-loop.patch +Patch55: 5390917a-VT-d-honor-APEI-firmware-first-mode-in-XSA-59-workaround-code.patch +Patch56: 53909259-x86-domctl-two-functional-fixes-to-XEN_DOMCTL_-gs-etvcpuextstate.patch +Patch57: 5390927f-x86-fix-reboot-shutdown-with-running-HVM-guests.patch +Patch58: 5396d818-avoid-crash-on-HVM-domain-destroy-with-PCI-passthrough.patch +Patch59: 5396e805-x86-HVM-refine-SMEP-test-in-HVM_CR4_GUEST_RESERVED_BITS.patch +Patch60: 539ebe62-x86-EFI-improve-boot-time-diagnostics.patch +Patch61: 539ec004-x86-mce-don-t-spam-the-console-with-CPUx-Temperature-z.patch +Patch62: 53a040c6-page-alloc-scrub-pages-used-by-hypervisor-upon-freeing.patch +Patch63: 53a1990a-IOMMU-prevent-VT-d-device-IOTLB-operations-on-wrong-IOMMU.patch +Patch64: 53a199d7-x86-EFI-allow-FPU-XMM-use-in-runtime-service-functions.patch +Patch65: 53aac342-x86-HVM-consolidate-and-sanitize-CR4-guest-reserved-bit-determination.patch +Patch66: 53b16cd4-VT-d-ATS-correct-and-clean-up-dev_invalidate_iotlb.patch +Patch67: 53b56de1-properly-reference-count-DOMCTL_-un-pausedomain-hypercalls.patch +Patch68: 53c9151b-Fix-xl-vncviewer-accesses-port-0-by-any-invalid-domid.patch +Patch69: 53cfdcc7-avoid-crash-when-doing-shutdown-with-active-cpupools.patch +Patch70: 53cfddaf-x86-mem_event-validate-the-response-vcpu_id-before-acting-on-it.patch +Patch71: 53cfdde4-x86-mem_event-prevent-underflow-of-vcpu-pause-counts.patch # Upstream qemu Patch250: VNC-Support-for-ExtendedKeyEvent-client-message.patch Patch251: 0001-net-move-the-tap-buffer-into-TAPState.patch @@ -702,6 +710,15 @@ Authors: %patch60 -p1 %patch61 -p1 %patch62 -p1 +%patch63 -p1 +%patch64 -p1 +%patch65 -p1 +%patch66 -p1 +%patch67 -p1 +%patch68 -p1 +%patch69 -p1 +%patch70 -p1 +%patch71 -p1 # Upstream qemu patches %patch250 -p1 %patch251 -p1 @@ -889,9 +906,7 @@ make -C xenalyze.hg CC="gcc -I../xen/include -DMAX_CPUS=%{max_cpus} ${RPM_OPT_FL %endif make -C tools/include/xen-foreign %{?_smp_mflags} make tools docs %{?_smp_mflags} -%if %{?with_xend}0 make -C tools/xen-utils-0.1 XEN_INTREE_BUILD=yes XEN_ROOT=$PWD -%endif %else make -C tools/include/xen-foreign %{?_smp_mflags} make tools docs %{?_smp_mflags} @@ -1041,7 +1056,6 @@ ln -s /etc/init.d/xend $RPM_BUILD_ROOT/usr/sbin/rcxend install -m755 %SOURCE51 $RPM_BUILD_ROOT/etc/xen/scripts/ mkdir -p $RPM_BUILD_ROOT/%{_fwdefdir} install -m 644 %{S:26} $RPM_BUILD_ROOT/%{_fwdefdir}/xend-relocation-server -make -C tools/xen-utils-0.1 install DESTDIR=$RPM_BUILD_ROOT XEN_INTREE_BUILD=yes XEN_ROOT=$PWD install -m755 %SOURCE53 $RPM_BUILD_ROOT/usr/lib/xen/boot/ mv $RPM_BUILD_ROOT/etc/xen/xmexample* $RPM_BUILD_ROOT/etc/xen/examples install -m644 %SOURCE54 %SOURCE55 $RPM_BUILD_ROOT/etc/xen/examples/ @@ -1051,6 +1065,7 @@ mkdir -p %{buildroot}%{_unitdir} install -m 644 %{SOURCE56} %{buildroot}%{_unitdir}/xend.service %endif %endif +make -C tools/xen-utils-0.1 install DESTDIR=$RPM_BUILD_ROOT XEN_INTREE_BUILD=yes XEN_ROOT=$PWD install -m755 %SOURCE37 $RPM_BUILD_ROOT/usr/sbin/xen2libvirt # Example config @@ -1142,9 +1157,6 @@ rm -f $RPM_BUILD_ROOT/usr/sbin/xm rm -f $RPM_BUILD_ROOT/usr/sbin/xend rm -f $RPM_BUILD_ROOT/usr/sbin/xen-bugtool rm -f $RPM_BUILD_ROOT/usr/sbin/xen-python-path -rm -f $RPM_BUILD_ROOT/usr/sbin/xen-list -rm -f $RPM_BUILD_ROOT/usr/sbin/xen-destroy -rm -f $RPM_BUILD_ROOT/usr/sbin/xen-vmresync rm -f $RPM_BUILD_ROOT/usr/sbin/blktapctrl rm -f $RPM_BUILD_ROOT/etc/xen/scripts/xend-relocation.sh rm -f $RPM_BUILD_ROOT/etc/xen/scripts/domain-lock* @@ -1155,7 +1167,6 @@ rm -f $RPM_BUILD_ROOT/etc/xen/*.sxp rm -f $RPM_BUILD_ROOT/usr/share/man/man1/xm* rm -f $RPM_BUILD_ROOT/usr/share/man/man5/xmdomain.cfg* rm -f $RPM_BUILD_ROOT/usr/share/man/man5/xend-config.sxp* -rm -f $RPM_BUILD_ROOT/usr/share/man/man1/xen-list.1.gz %endif # Create symlinks for keymaps @@ -1266,6 +1277,8 @@ rm -f $RPM_BUILD_ROOT/usr/libexec/qemu-bridge-helper /usr/sbin/xen-lowmemd /usr/sbin/kdd %endif +/usr/sbin/xen-list +/usr/sbin/xen-destroy %dir %attr(700,root,root) /etc/xen %dir /etc/xen/scripts %if %{?with_qemu_traditional}0 @@ -1362,6 +1375,7 @@ rm -f $RPM_BUILD_ROOT/usr/libexec/qemu-bridge-helper %{_mandir}/man5/xl.conf.5.gz %{_mandir}/man5/xlcpupool.cfg.5.gz %{_mandir}/man8/*.8.gz +%{_mandir}/man1/xen-list.1.gz %if %{?with_xend}0 %if %{?with_xend_tools_pkg}0 @@ -1374,9 +1388,6 @@ rm -f $RPM_BUILD_ROOT/usr/libexec/qemu-bridge-helper /usr/sbin/xend /usr/sbin/xen-bugtool /usr/sbin/xen-python-path -/usr/sbin/xen-list -/usr/sbin/xen-destroy -/usr/sbin/xen-vmresync /usr/sbin/blktapctrl %dir /var/lib/xen/xend-db %dir /var/lib/xen/xend-db/domain @@ -1410,7 +1421,6 @@ rm -f $RPM_BUILD_ROOT/usr/libexec/qemu-bridge-helper %{_mandir}/man1/xm.1.gz %{_mandir}/man5/xmdomain.cfg.5.gz %{_mandir}/man5/xend-config.sxp.5.gz -%{_mandir}/man1/xen-list.1.gz %endif # with_dom0_support %endif