From f18f683ba64952f19d59309c1e8622542b03c14f52d25886397816e87911a708 Mon Sep 17 00:00:00 2001 From: Charles Arnold Date: Fri, 25 Mar 2016 22:10:02 +0000 Subject: [PATCH] - Update to Xen 4.7 pre-release xen-4.7.0-testing-src.tar.bz2 - Dropped: xen-4.6.1-testing-src.tar.bz2 55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch 5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch 5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch 5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch hotplug-Linux-block-performance-fix.patch set-mtu-from-bridge-for-tap-interface.patch xendomains-libvirtd-conflict.patch xsa154.patch xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch xsa170.patch OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=414 --- ...e-pci-assignable-add-remove-handling.patch | 106 ----- ...o-emulated-disk-driver-for-xvdX-disk.patch | 31 -- ...-HVM-don-t-inject-DB-with-error-code.patch | 20 - ...only-check-introduced-by-XSA-142-fix.patch | 105 ----- ...PSR_MODE_ELxx-to-match-linux-headers.patch | 8 +- gcc6-warnings-as-errors.patch | 19 +- hotplug-Linux-block-performance-fix.patch | 204 ---------- ioemu-hvm-pv-support.patch | 19 +- ipxe.tar.bz2 | 4 +- ...-disable-disk-cache-flushes-in-qdisk.patch | 38 +- libxl.pvscsi.patch | 179 +++++---- log-guest-console.patch | 8 +- mini-os.tar.bz2 | 4 +- pygrub-boot-legacy-sles.patch | 14 +- pygrub-netware-xnloader.patch | 8 +- qemu-xen-traditional-dir-remote.tar.bz2 | 4 +- set-mtu-from-bridge-for-tap-interface.patch | 40 -- stubdom-have-iovec.patch | 10 +- stubdom.tar.bz2 | 4 +- suspend_evtchn_lock.patch | 14 +- tmp_build.patch | 10 +- xen-4.6.1-testing-src.tar.bz2 | 3 - xen-4.7.0-testing-src.tar.bz2 | 3 + xen-destdir.patch | 20 +- xen-utils-0.1.tar.bz2 | 4 +- xen.changes | 20 + xen.libxl.dmmd.patch | 42 +- xen.spec | 49 +-- xenconsole-no-multiple-connections.patch | 10 +- xendomains-libvirtd-conflict.patch | 20 - xsa154.patch | 377 ------------------ ...5-xen-0001-xen-Add-RING_COPY_REQUEST.patch | 55 --- ...n-0002-blktap2-Use-RING_COPY_REQUEST.patch | 74 ---- ...03-libvchan-Read-prod-cons-only-once.patch | 38 -- xsa170.patch | 83 ---- 35 files changed, 243 insertions(+), 1404 deletions(-) delete mode 100644 55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch delete mode 100644 5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch delete mode 100644 5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch delete mode 100644 5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch delete mode 100644 hotplug-Linux-block-performance-fix.patch delete mode 100644 set-mtu-from-bridge-for-tap-interface.patch delete mode 100644 xen-4.6.1-testing-src.tar.bz2 create mode 100644 xen-4.7.0-testing-src.tar.bz2 delete mode 100644 xendomains-libvirtd-conflict.patch delete mode 100644 xsa154.patch delete mode 100644 xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch delete mode 100644 xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch delete mode 100644 xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch delete mode 100644 xsa170.patch diff --git a/55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch b/55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch deleted file mode 100644 index f6ccdb7..0000000 --- a/55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch +++ /dev/null @@ -1,106 +0,0 @@ -References: bsc#945167 - -# Commit 6e1e3480c3878bac5d244925974a6852c47c809b -# Date 2015-09-15 11:58:26 +0100 -# Author Jan Beulich -# Committer Ian Campbell -libxl: slightly refine pci-assignable-{add, remove} handling - -While it appears to be intentional for "xl pci-assignable-remove" to -not re-bind the original driver by default (requires the -r option), -permanently losing the information which driver was originally used -seems bad. Make "add; remove; add; remove -r" re-bind the original -driver by allowing "remove" to delete the information only upon -successful re-bind. - -In the course of this I also noticed that binding information is lost -when upon first "add" pciback isn't loaded yet, due to its presence not -being checked for early enough. Adjust pciback_dev_is_assigned() -accordingly, and properly distinguish "yes" and "error" returns in the -"add" case (removing a redundant error message from the "remove" path -for consistency). - -Signed-off-by: Jan Beulich -Reviewed-by: George Dunlap -Acked-by: Ian Campbell - ---- a/tools/libxl/libxl_pci.c -+++ b/tools/libxl/libxl_pci.c -@@ -543,6 +543,17 @@ static int pciback_dev_is_assigned(libxl - int rc; - struct stat st; - -+ if ( access(SYSFS_PCIBACK_DRIVER, F_OK) < 0 ) { -+ if ( errno == ENOENT ) { -+ LIBXL__LOG(ctx, LIBXL__LOG_ERROR, -+ "Looks like pciback driver is not loaded"); -+ } else { -+ LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR, -+ "Can't access "SYSFS_PCIBACK_DRIVER); -+ } -+ return -1; -+ } -+ - spath = libxl__sprintf(gc, SYSFS_PCIBACK_DRIVER"/"PCI_BDF, - pcidev->domain, pcidev->bus, - pcidev->dev, pcidev->func); -@@ -658,6 +669,7 @@ static int libxl__device_pci_assignable_ - libxl_ctx *ctx = libxl__gc_owner(gc); - unsigned dom, bus, dev, func; - char *spath, *driver_path = NULL; -+ int rc; - struct stat st; - - /* Local copy for convenience */ -@@ -674,7 +686,11 @@ static int libxl__device_pci_assignable_ - } - - /* Check to see if it's already assigned to pciback */ -- if ( pciback_dev_is_assigned(gc, pcidev) ) { -+ rc = pciback_dev_is_assigned(gc, pcidev); -+ if ( rc < 0 ) { -+ return ERROR_FAIL; -+ } -+ if ( rc ) { - LIBXL__LOG(ctx, LIBXL__LOG_WARNING, PCI_BDF" already assigned to pciback", - dom, bus, dev, func); - return 0; -@@ -692,11 +708,18 @@ static int libxl__device_pci_assignable_ - if ( rebind ) { - if ( driver_path ) { - pci_assignable_driver_path_write(gc, pcidev, driver_path); -+ } else if ( (driver_path = -+ pci_assignable_driver_path_read(gc, pcidev)) != NULL ) { -+ LIBXL__LOG(ctx, LIBXL__LOG_INFO, -+ PCI_BDF" not bound to a driver, will be rebound to %s", -+ dom, bus, dev, func, driver_path); - } else { - LIBXL__LOG(ctx, LIBXL__LOG_WARNING, - PCI_BDF" not bound to a driver, will not be rebound.", - dom, bus, dev, func); - } -+ } else { -+ pci_assignable_driver_path_remove(gc, pcidev); - } - - if ( pciback_dev_assign(gc, pcidev) ) { -@@ -717,7 +740,6 @@ static int libxl__device_pci_assignable_ - - /* Unbind from pciback */ - if ( (rc=pciback_dev_is_assigned(gc, pcidev)) < 0 ) { -- LIBXL__LOG(ctx, LIBXL__LOG_ERROR, "Checking if pciback was assigned"); - return ERROR_FAIL; - } else if ( rc ) { - pciback_dev_unassign(gc, pcidev); -@@ -741,9 +763,9 @@ static int libxl__device_pci_assignable_ - "Couldn't bind device to %s", driver_path); - return -1; - } -- } - -- pci_assignable_driver_path_remove(gc, pcidev); -+ pci_assignable_driver_path_remove(gc, pcidev); -+ } - } else { - if ( rebind ) { - LIBXL__LOG(ctx, LIBXL__LOG_WARNING, diff --git a/5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch b/5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch deleted file mode 100644 index 0d98633..0000000 --- a/5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch +++ /dev/null @@ -1,31 +0,0 @@ -Subject: libxl: No emulated disk driver for xvdX disk -From: Anthony PERARD anthony.perard@citrix.com Wed Oct 14 12:05:17 2015 +0100 -Date: Thu Oct 22 16:10:31 2015 +0100: -Git: c0c099d157cc5bc942afef766cf141628a6380a1 - -When a guest configuration list xvdX for its disks, there is no need to -provide an emulated driver for the same target. - -Such configuration can work with the OVMF firmware, as it supports PV -disk. - -Signed-off-by: Anthony PERARD -Acked-by: Ian Jackson - -Index: xen-4.6.0-testing/tools/libxl/libxl_dm.c -=================================================================== ---- xen-4.6.0-testing.orig/tools/libxl/libxl_dm.c -+++ xen-4.6.0-testing/tools/libxl/libxl_dm.c -@@ -1152,6 +1152,12 @@ static int libxl__build_device_model_arg - drive = libxl__sprintf - (gc, "file=%s,if=scsi,bus=0,unit=%d,format=%s,cache=writeback", - pdev_path, disk, format); -+ else if (strncmp(disks[i].vdev, "xvd", 3) == 0) -+ /* -+ * Do not add any emulated disk when PV disk are -+ * explicitly asked for. -+ */ -+ continue; - else if (disk < 6 && b_info->u.hvm.hdtype == LIBXL_HDTYPE_AHCI) { - flexarray_vappend(dm_args, "-drive", - GCSPRINTF("file=%s,if=none,id=ahcidisk-%d,format=%s,cache=writeback", diff --git a/5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch b/5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch deleted file mode 100644 index 3f5734e..0000000 --- a/5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch +++ /dev/null @@ -1,20 +0,0 @@ -# Commit 057e0e72d2a5d598087c5f167ec6a13203a3cf65 -# Date 2015-11-12 16:59:18 +0100 -# Author Jan Beulich -# Committer Jan Beulich -x86/HVM: don't inject #DB with error code - -Signed-off-by: Jan Beulich -Reviewed-by: Andrew Cooper - ---- a/xen/arch/x86/hvm/hvm.c -+++ b/xen/arch/x86/hvm/hvm.c -@@ -4071,7 +4071,7 @@ void hvm_task_switch( - goto out; - - if ( (tss.trace & 1) && !exn_raised ) -- hvm_inject_hw_exception(TRAP_debug, tss_sel & 0xfff8); -+ hvm_inject_hw_exception(TRAP_debug, HVM_DELIVER_NO_ERROR_CODE); - - tr.attr.fields.type = 0xb; /* busy 32-bit tss */ - hvm_set_segment_register(v, x86_seg_tr, &tr); diff --git a/5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch b/5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch deleted file mode 100644 index 7833ace..0000000 --- a/5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch +++ /dev/null @@ -1,105 +0,0 @@ -Subject: libxl: relax readonly check introduced by XSA-142 fix -From: Jim Fehlig jfehlig@suse.com Thu Nov 12 19:40:46 2015 -0700 -Date: Mon Nov 16 11:23:42 2015 +0000: -Git: ef6cb76026628e26e3d1ae53c50ccde1c3c78b1b - -The fix for XSA-142 is quite a big hammer, rejecting readonly -disk configuration even when the requested backend is known to -support readonly. While it is true that qemu doesn't support -readonly for emulated IDE or AHCI disks - -$ /usr/lib/xen/bin/qemu-system-i386 \ - -drive file=/tmp/disk.raw,if=ide,media=disk,format=raw,readonly=on -qemu-system-i386: Can't use a read-only drive - -$ /usr/lib/xen/bin/qemu-system-i386 -device ahci,id=ahci0 \ - -drive file=/tmp/disk.raw,if=none,id=ahcidisk-0,format=raw,readonly=on \ - -device ide-hd,bus=ahci0.0,unit=0,drive=ahcidisk-0 -qemu-system-i386: -device ide-hd,bus=ahci0.0,unit=0,drive=ahcidisk-0: -Can't use a read-only drive - -It does support readonly SCSI disks - -$ /usr/lib/xen/bin/qemu-system-i386 \ - -drive file=/tmp/disk.raw,if=scsi,media=disk,format=raw,readonly=on -[ok] - -Inside a guest using such a disk, the SCSI kernel driver sees write -protect on - -[ 7.339232] sd 2:0:1:0: [sdb] Write Protect is on - -Also, PV drivers support readonly, but the patch rejects such -configuration even when PV drivers (vdev=xvd*) have been explicitly -specified and creation of an emulated twin is skiped. - -This follow-up patch loosens the restriction to reject readonly when -creating an emulated IDE or AHCI disk, but allows it when the backend -is known to support readonly. - -Signed-off-by: Jim Fehlig -Acked-by: Stefano Stabellini -Acked-by: Ian Campbell - -Index: xen-4.6.0-testing/tools/libxl/libxl_dm.c -=================================================================== ---- xen-4.6.0-testing.orig/tools/libxl/libxl_dm.c -+++ xen-4.6.0-testing/tools/libxl/libxl_dm.c -@@ -1117,11 +1117,6 @@ static int libxl__build_device_model_arg - (gc, "file=%s,if=ide,index=%d,readonly=%s,media=cdrom,format=%s,cache=writeback,id=ide-%i", - disks[i].pdev_path, disk, disks[i].readwrite ? "off" : "on", format, dev_number); - } else { -- if (!disks[i].readwrite) { -- LIBXL__LOG(ctx, LIBXL__LOG_ERROR, "qemu-xen doesn't support read-only disk drivers"); -- return ERROR_INVAL; -- } -- - if (disks[i].format == LIBXL_DISK_FORMAT_EMPTY) { - LIBXL__LOG(ctx, LIBXL__LOG_WARNING, "cannot support" - " empty disk format for %s", disks[i].vdev); -@@ -1148,29 +1143,38 @@ static int libxl__build_device_model_arg - * For other disks we translate devices 0..3 into - * hd[a-d] and ignore the rest. - */ -- if (strncmp(disks[i].vdev, "sd", 2) == 0) -+ if (strncmp(disks[i].vdev, "sd", 2) == 0) { - drive = libxl__sprintf -- (gc, "file=%s,if=scsi,bus=0,unit=%d,format=%s,cache=writeback", -- pdev_path, disk, format); -- else if (strncmp(disks[i].vdev, "xvd", 3) == 0) -+ (gc, "file=%s,if=scsi,bus=0,unit=%d,format=%s,readonly=%s,cache=writeback", -+ pdev_path, disk, format, disks[i].readwrite ? "off" : "on"); -+ } else if (strncmp(disks[i].vdev, "xvd", 3) == 0) { - /* - * Do not add any emulated disk when PV disk are - * explicitly asked for. - */ - continue; -- else if (disk < 6 && b_info->u.hvm.hdtype == LIBXL_HDTYPE_AHCI) { -+ } else if (disk < 6 && b_info->u.hvm.hdtype == LIBXL_HDTYPE_AHCI) { -+ if (!disks[i].readwrite) { -+ LOG(ERROR, "qemu-xen doesn't support read-only AHCI disk drivers"); -+ return ERROR_INVAL; -+ } - flexarray_vappend(dm_args, "-drive", - GCSPRINTF("file=%s,if=none,id=ahcidisk-%d,format=%s,cache=writeback", - pdev_path, disk, format), - "-device", GCSPRINTF("ide-hd,bus=ahci0.%d,unit=0,drive=ahcidisk-%d", - disk, disk), NULL); - continue; -- } else if (disk < 4) -+ } else if (disk < 4) { -+ if (!disks[i].readwrite) { -+ LOG(ERROR, "qemu-xen doesn't support read-only IDE disk drivers"); -+ return ERROR_INVAL; -+ } - drive = libxl__sprintf - (gc, "file=%s,if=ide,index=%d,media=disk,format=%s,cache=writeback", - pdev_path, disk, format); -- else -+ } else { - continue; /* Do not emulate this disk */ -+ } - } - - flexarray_append(dm_args, "-drive"); diff --git a/aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch b/aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch index 02f3cfa..0baa686 100644 --- a/aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch +++ b/aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch @@ -10,11 +10,11 @@ Signed-off-by: Olaf Hering xen/include/public/arch-arm.h | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) -Index: xen-4.6.0-testing/xen/include/public/arch-arm.h +Index: xen-4.7.0-testing/xen/include/public/arch-arm.h =================================================================== ---- xen-4.6.0-testing.orig/xen/include/public/arch-arm.h -+++ xen-4.6.0-testing/xen/include/public/arch-arm.h -@@ -365,13 +365,13 @@ typedef uint64_t xen_callback_t; +--- xen-4.7.0-testing.orig/xen/include/public/arch-arm.h ++++ xen-4.7.0-testing/xen/include/public/arch-arm.h +@@ -362,13 +362,13 @@ typedef uint64_t xen_callback_t; /* 64 bit modes */ #define PSR_MODE_BIT 0x10 /* Set iff AArch32 */ diff --git a/gcc6-warnings-as-errors.patch b/gcc6-warnings-as-errors.patch index 79ab47c..cb15ad5 100644 --- a/gcc6-warnings-as-errors.patch +++ b/gcc6-warnings-as-errors.patch @@ -1,20 +1,9 @@ References: bsc#969377 - xen does not build with GCC 6 ---- xen-4.6.1-testing/xen/arch/x86/cpu/mcheck/non-fatal.c.orig 2016-03-04 15:59:08.000000000 -0700 -+++ xen-4.6.1-testing/xen/arch/x86/cpu/mcheck/non-fatal.c 2016-03-04 16:00:25.000000000 -0700 -@@ -94,8 +94,8 @@ static int __init init_nonfatal_mce_chec - if (mce_disabled || !mce_available(c)) - return -ENODEV; - -- if ( __get_cpu_var(poll_bankmask) == NULL ) -- return -EINVAL; -+ if ( __get_cpu_var(poll_bankmask) == NULL ) -+ return -EINVAL; - - /* - * Check for non-fatal errors every MCE_RATE s ---- xen-4.6.1-testing/extras/mini-os-remote/lib/sys.c.orig 2016-03-04 15:27:26.000000000 -0700 -+++ xen-4.6.1-testing/extras/mini-os-remote/lib/sys.c 2016-03-04 15:30:32.000000000 -0700 +Index: xen-4.7.0-testing/extras/mini-os-remote/lib/sys.c +=================================================================== +--- xen-4.7.0-testing.orig/extras/mini-os-remote/lib/sys.c ++++ xen-4.7.0-testing/extras/mini-os-remote/lib/sys.c @@ -634,6 +634,7 @@ int closedir(DIR *dir) /* We assume that only the main thread calls select(). */ diff --git a/hotplug-Linux-block-performance-fix.patch b/hotplug-Linux-block-performance-fix.patch deleted file mode 100644 index 6d1dfdf..0000000 --- a/hotplug-Linux-block-performance-fix.patch +++ /dev/null @@ -1,204 +0,0 @@ -Reference: bsc#941074 - -During the attachment of a loopback mounted image file, the mode of all -curent instances of this device already attached to other domains must be -checked. This requires finding all loopback devices pointing to the inode -of the shared image file, and then comparing the major and minor number of -these devices to the major and minor number of every vbd device found in the -xenstore database. - -Prior to this patch, the entire xenstore database is walked for every instance -of every loopback device pointing to the same shared image file. This process -causes the block attachment process to becomes exponentially slower with every -additional attachment of a shared image. - -Rather than scanning all of xenstore for every instance of a shared loopback -device, this patch creates a list of the major and minor numbers from all -matching loopback devices. After generating this list, Xenstore is walked -once, and major and minor numbers from every vbd are checked against the list. -If a match is found, the mode of that vbd is checked for compatibility with -the mode of the device being attached. - -Signed-off-by: Mike Latimer ---- - tools/hotplug/Linux/block | 89 ++++++++++++++++++++++++++++++----------------- - 1 file changed, 57 insertions(+), 32 deletions(-) - -Index: xen-4.6.0-testing/tools/hotplug/Linux/block -=================================================================== ---- xen-4.6.0-testing.orig/tools/hotplug/Linux/block -+++ xen-4.6.0-testing/tools/hotplug/Linux/block -@@ -38,7 +38,7 @@ find_free_loopback_dev() { - } - - ## --# check_sharing device mode -+# check_sharing devtype device mode [inode] - # - # Check whether the device requested is already in use. To use the device in - # read-only mode, it may be in use in read-only mode, but may not be in use in -@@ -47,19 +47,44 @@ find_free_loopback_dev() { - # - # Prints one of - # --# 'local': the device may not be used because it is mounted in the current --# (i.e. the privileged domain) in a way incompatible with the --# requested mode; --# 'guest': the device may not be used because it already mounted by a guest --# in a way incompatible with the requested mode; or --# 'ok': the device may be used. -+# 'local $d': the device ($d) may not be used because it is mounted in the -+# current (i.e. the privileged domain) in a way incompatible -+# with the requested mode; -+# 'guest $d': the device may not be used because it is already mounted -+# through device $d by a guest in a way incompatible with the -+# requested mode; or -+# 'ok': the device may be used. - # - check_sharing() - { -- local dev="$1" -- local mode="$2" -+ local devtype=$1 -+ local dev="$2" -+ local mode="$3" -+ local devmm="," -+ -+ if [ "$devtype" = "file" ]; -+ then -+ local inode="$4" -+ -+ shared_list=$(losetup -a | -+ sed -n -e "s@^\([^:]\+\)\(:[[:blank:]]\[0*${dev}\]:${inode}[[:blank:]](.*)\)@\1@p" ) -+ for dev in $shared_list -+ do -+ if [ -n "$dev" ] -+ then -+ devmm="${devmm}$(device_major_minor $dev)," -+ fi -+ done -+ # if $devmm is unchanged, file being checked is not a shared loopback device -+ if [ "$devmm" = "," ]; -+ then -+ echo 'ok' -+ return -+ fi -+ else -+ devmm=${devmm}$(device_major_minor "$dev")"," -+ fi - -- local devmm=$(device_major_minor "$dev") - local file - - if [ "$mode" = 'w' ] -@@ -75,9 +100,10 @@ check_sharing() - then - local d=$(device_major_minor "$file") - -- if [ "$d" = "$devmm" ] -+ # checking for $d in $devmm is best through the [[...]] bashism -+ if [[ "$devmm" == *",$d,"* ]] - then -- echo 'local' -+ echo "local $d" - return - fi - fi -@@ -90,13 +116,14 @@ check_sharing() - do - d=$(xenstore_read_default "$base_path/$dom/$dev/physical-device" "") - -- if [ "$d" = "$devmm" ] -+ # checking for $d in $devmm is best through the [[...]] bashism -+ if [ -n "$d" ] && [[ "$devmm" == *",$d,"* ]] - then - if [ "$mode" = 'w' ] - then - if ! same_vm $dom - then -- echo 'guest' -+ echo "guest $d" - return - fi - else -@@ -107,7 +134,7 @@ check_sharing() - then - if ! same_vm $dom - then -- echo 'guest' -+ echo "guest $d" - return - fi - fi -@@ -129,6 +156,7 @@ check_device_sharing() - { - local dev="$1" - local mode=$(canonicalise_mode "$2") -+ local type="device" - local result - - if [ "x$mode" = 'x!' ] -@@ -136,33 +164,38 @@ check_device_sharing() - return 0 - fi - -- result=$(check_sharing "$dev" "$mode") -+ result=$(check_sharing "$type" "$dev" "$mode") - - if [ "$result" != 'ok' ] - then -- do_ebusy "Device $dev is mounted " "$mode" "$result" -+ do_ebusy "Device $dev is mounted " "$mode" "${result%% *}" - fi - } - - - ## --# check_device_sharing file dev mode -+# check_device_sharing file dev mode inode - # --# Perform the sharing check for the given file mounted through the given --# loopback interface, in the given mode. -+# Perform the sharing check for the given file, with its corresponding -+# device, inode and mode. As the file can be mounted multiple times, -+# the inode is passed through to check_sharing for all instances to be -+# checked. - # - check_file_sharing() - { - local file="$1" - local dev="$2" - local mode="$3" -+ local inode="$4" -+ local type="file" -+ local result - -- result=$(check_sharing "$dev" "$mode") -+ result=$(check_sharing "$type" "$dev" "$mode" "$inode") - - if [ "$result" != 'ok' ] - then -- do_ebusy "File $file is loopback-mounted through $dev, --which is mounted " "$mode" "$result" -+ do_ebusy "File $file is loopback-mounted through ${result#* }, -+which is mounted " "$mode" "${result%% *}" - fi - } - -@@ -281,15 +314,7 @@ mount it read-write in a guest domain." - fatal "Unable to lookup $file: dev: $dev inode: $inode" - fi - -- shared_list=$(losetup -a | -- sed -n -e "s@^\([^:]\+\)\(:[[:blank:]]\[0*${dev}\]:${inode}[[:blank:]](.*)\)@\1@p" ) -- for dev in $shared_list -- do -- if [ -n "$dev" ] -- then -- check_file_sharing "$file" "$dev" "$mode" -- fi -- done -+ check_file_sharing "$file" "$dev" "$mode" "$inode" - fi - - loopdev=$(losetup -f 2>/dev/null || find_free_loopback_dev) diff --git a/ioemu-hvm-pv-support.patch b/ioemu-hvm-pv-support.patch index 38838f6..fdbe136 100644 --- a/ioemu-hvm-pv-support.patch +++ b/ioemu-hvm-pv-support.patch @@ -2,19 +2,24 @@ tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c | 46 ++++++++++++++++ 1 file changed, 46 insertions(+) -Index: xen-4.5.0-testing/tools/qemu-xen-traditional-dir-remote/xen-hooks.mak +Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/xen-hooks.mak =================================================================== ---- xen-4.5.0-testing.orig/tools/qemu-xen-traditional-dir-remote/xen-hooks.mak -+++ xen-4.5.0-testing/tools/qemu-xen-traditional-dir-remote/xen-hooks.mak -@@ -1,3 +1,4 @@ +--- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/xen-hooks.mak ++++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/xen-hooks.mak +@@ -2,6 +2,9 @@ CPPFLAGS+= -I$(XEN_ROOT)/tools/libs/tool + CPPFLAGS+= -I$(XEN_ROOT)/tools/libs/evtchn/include + CPPFLAGS+= -I$(XEN_ROOT)/tools/libs/gnttab/include + CPPFLAGS+= -DXC_WANT_COMPAT_MAP_FOREIGN_API +CPPFLAGS+= -I$(XEN_ROOT)/tools/libxc ++CPPFLAGS+= -I$(XEN_ROOT)/tools/libs/call/include ++CPPFLAGS+= -I$(XEN_ROOT)/tools/libs/foreignmemory/include CPPFLAGS+= -I$(XEN_ROOT)/tools/libxc/include CPPFLAGS+= -I$(XEN_ROOT)/tools/xenstore/include CPPFLAGS+= -I$(XEN_ROOT)/tools/include -Index: xen-4.4.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c +Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c =================================================================== ---- xen-4.4.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c -+++ xen-4.4.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c +--- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c ++++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_platform.c @@ -30,6 +30,8 @@ #include "qemu-xen.h" #include "net.h" diff --git a/ipxe.tar.bz2 b/ipxe.tar.bz2 index 2ca0647..eb9d603 100644 --- a/ipxe.tar.bz2 +++ b/ipxe.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:6e448144cdd7d1b12a08094b6f955e2c75c167d05bf8da40ec5b9c085d920eef -size 2877217 +oid sha256:d1b2833f0d502a5d282da11389fc7e48ef674abf5d47777fbc8f7fcf7d744f57 +size 2877551 diff --git a/libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch b/libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch index e21c450..62e71a9 100644 --- a/libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch +++ b/libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch @@ -7,11 +7,11 @@ https://bugzilla.novell.com/show_bug.cgi?id=879425 tools/libxl/libxlu_disk_l.l | 1 + 5 files changed, 18 insertions(+), 1 deletion(-) -Index: xen-4.6.1-testing/tools/libxl/libxl.c +Index: xen-4.7.0-testing/tools/libxl/libxl.c =================================================================== ---- xen-4.6.1-testing.orig/tools/libxl/libxl.c -+++ xen-4.6.1-testing/tools/libxl/libxl.c -@@ -2833,6 +2833,8 @@ static void device_disk_add(libxl__egc * +--- xen-4.7.0-testing.orig/tools/libxl/libxl.c ++++ xen-4.7.0-testing/tools/libxl/libxl.c +@@ -2789,6 +2789,8 @@ static void device_disk_add(libxl__egc * flexarray_append_pair(back, "discard-enable", libxl_defbool_val(disk->discard_enable) ? "1" : "0"); @@ -19,13 +19,13 @@ Index: xen-4.6.1-testing/tools/libxl/libxl.c + flexarray_append_pair(back, "suse-diskcache-disable-flush", "1"); flexarray_append(front, "backend-id"); - flexarray_append(front, libxl__sprintf(gc, "%d", disk->backend_domid)); -Index: xen-4.6.1-testing/tools/libxl/libxl.h + flexarray_append(front, GCSPRINTF("%d", disk->backend_domid)); +Index: xen-4.7.0-testing/tools/libxl/libxl.h =================================================================== ---- xen-4.6.1-testing.orig/tools/libxl/libxl.h -+++ xen-4.6.1-testing/tools/libxl/libxl.h -@@ -205,6 +205,18 @@ - #define LIBXL_HAVE_BUILDINFO_ARM_GIC_VERSION 1 +--- xen-4.7.0-testing.orig/tools/libxl/libxl.h ++++ xen-4.7.0-testing/tools/libxl/libxl.h +@@ -230,6 +230,18 @@ + #define LIBXL_HAVE_APIC_ASSIST 1 /* + * The libxl_device_disk has no way to indicate that cache=unsafe is @@ -43,10 +43,10 @@ Index: xen-4.6.1-testing/tools/libxl/libxl.h * libxl ABI compatibility * * The only guarantee which libxl makes regarding ABI compatibility -Index: xen-4.6.1-testing/tools/libxl/libxlu_disk.c +Index: xen-4.7.0-testing/tools/libxl/libxlu_disk.c =================================================================== ---- xen-4.6.1-testing.orig/tools/libxl/libxlu_disk.c -+++ xen-4.6.1-testing/tools/libxl/libxlu_disk.c +--- xen-4.7.0-testing.orig/tools/libxl/libxlu_disk.c ++++ xen-4.7.0-testing/tools/libxl/libxlu_disk.c @@ -79,6 +79,8 @@ int xlu_disk_parse(XLU_Config *cfg, if (!disk->pdev_path || !strcmp(disk->pdev_path, "")) disk->format = LIBXL_DISK_FORMAT_EMPTY; @@ -56,10 +56,10 @@ Index: xen-4.6.1-testing/tools/libxl/libxlu_disk.c if (!disk->vdev) { xlu__disk_err(&dpc,0, "no vdev specified"); -Index: xen-4.6.1-testing/tools/libxl/libxlu_disk_i.h +Index: xen-4.7.0-testing/tools/libxl/libxlu_disk_i.h =================================================================== ---- xen-4.6.1-testing.orig/tools/libxl/libxlu_disk_i.h -+++ xen-4.6.1-testing/tools/libxl/libxlu_disk_i.h +--- xen-4.7.0-testing.orig/tools/libxl/libxlu_disk_i.h ++++ xen-4.7.0-testing/tools/libxl/libxlu_disk_i.h @@ -10,7 +10,7 @@ typedef struct { void *scanner; YY_BUFFER_STATE buf; @@ -69,10 +69,10 @@ Index: xen-4.6.1-testing/tools/libxl/libxlu_disk_i.h const char *spec; } DiskParseContext; -Index: xen-4.6.1-testing/tools/libxl/libxlu_disk_l.l +Index: xen-4.7.0-testing/tools/libxl/libxlu_disk_l.l =================================================================== ---- xen-4.6.1-testing.orig/tools/libxl/libxlu_disk_l.l -+++ xen-4.6.1-testing/tools/libxl/libxlu_disk_l.l +--- xen-4.7.0-testing.orig/tools/libxl/libxlu_disk_l.l ++++ xen-4.7.0-testing/tools/libxl/libxlu_disk_l.l @@ -176,6 +176,7 @@ script=[^,]*,? { STRIP(','); SAVESTRING( direct-io-safe,? { DPC->disk->direct_io_safe = 1; } discard,? { libxl_defbool_set(&DPC->disk->discard_enable, true); } diff --git a/libxl.pvscsi.patch b/libxl.pvscsi.patch index 1a64cf9..5d2061c 100644 --- a/libxl.pvscsi.patch +++ b/libxl.pvscsi.patch @@ -31,11 +31,11 @@ ee2e7e5 Merge pull request #1 from aaannz/pvscsi 7de6f49 support character devices too c84381b allow /dev/sda as scsi devspec f11e3a2 pvscsi -Index: xen-4.6.0-testing/docs/man/xl.cfg.pod.5 +Index: xen-4.7.0-testing/docs/man/xl.cfg.pod.5 =================================================================== ---- xen-4.6.0-testing.orig/docs/man/xl.cfg.pod.5 -+++ xen-4.6.0-testing/docs/man/xl.cfg.pod.5 -@@ -506,6 +506,36 @@ value is optional if this is a guest dom +--- xen-4.7.0-testing.orig/docs/man/xl.cfg.pod.5 ++++ xen-4.7.0-testing/docs/man/xl.cfg.pod.5 +@@ -517,6 +517,36 @@ value is optional if this is a guest dom =back @@ -72,10 +72,10 @@ Index: xen-4.6.0-testing/docs/man/xl.cfg.pod.5 =item B Specifies the paravirtual framebuffer devices which should be supplied -Index: xen-4.6.0-testing/docs/man/xl.pod.1 +Index: xen-4.7.0-testing/docs/man/xl.pod.1 =================================================================== ---- xen-4.6.0-testing.orig/docs/man/xl.pod.1 -+++ xen-4.6.0-testing/docs/man/xl.pod.1 +--- xen-4.7.0-testing.orig/docs/man/xl.pod.1 ++++ xen-4.7.0-testing/docs/man/xl.pod.1 @@ -1293,6 +1293,26 @@ List virtual trusted platform modules fo =back @@ -103,11 +103,11 @@ Index: xen-4.6.0-testing/docs/man/xl.pod.1 =head1 PCI PASS-THROUGH =over 4 -Index: xen-4.6.0-testing/tools/libxl/libxl.c +Index: xen-4.7.0-testing/tools/libxl/libxl.c =================================================================== ---- xen-4.6.0-testing.orig/tools/libxl/libxl.c -+++ xen-4.6.0-testing/tools/libxl/libxl.c -@@ -2319,6 +2319,273 @@ int libxl_devid_to_device_vtpm(libxl_ctx +--- xen-4.7.0-testing.orig/tools/libxl/libxl.c ++++ xen-4.7.0-testing/tools/libxl/libxl.c +@@ -2278,6 +2278,273 @@ int libxl_devid_to_device_vtpm(libxl_ctx return rc; } @@ -381,16 +381,16 @@ Index: xen-4.6.0-testing/tools/libxl/libxl.c /******************************************************************************/ -@@ -4133,6 +4400,8 @@ out: - * libxl_device_vkb_destroy - * libxl_device_vfb_remove +@@ -4104,6 +4371,8 @@ out: * libxl_device_vfb_destroy + * libxl_device_usbctrl_remove + * libxl_device_usbctrl_destroy + * libxl_device_vscsi_remove + * libxl_device_vscsi_destroy */ - #define DEFINE_DEVICE_REMOVE(type, removedestroy, f) \ + #define DEFINE_DEVICE_REMOVE_EXT(type, remtype, removedestroy, f) \ int libxl_device_##type##_##removedestroy(libxl_ctx *ctx, \ -@@ -4188,6 +4457,10 @@ DEFINE_DEVICE_REMOVE(vtpm, destroy, 1) +@@ -4169,6 +4438,10 @@ DEFINE_DEVICE_REMOVE_CUSTOM(usbctrl, des * 1. add support for secondary consoles to xenconsoled * 2. dynamically add/remove qemu chardevs via qmp messages. */ @@ -399,19 +399,19 @@ Index: xen-4.6.0-testing/tools/libxl/libxl.c +DEFINE_DEVICE_REMOVE(vscsi, destroy, 1) + #undef DEFINE_DEVICE_REMOVE - - /******************************************************************************/ -@@ -4197,6 +4470,7 @@ DEFINE_DEVICE_REMOVE(vtpm, destroy, 1) - * libxl_device_disk_add - * libxl_device_nic_add + #undef DEFINE_DEVICE_REMOVE_CUSTOM + #undef DEFINE_DEVICE_REMOVE_EXT +@@ -4182,6 +4455,7 @@ DEFINE_DEVICE_REMOVE_CUSTOM(usbctrl, des * libxl_device_vtpm_add + * libxl_device_usbctrl_add + * libxl_device_usbdev_add + * libxl_device_vscsi_add */ #define DEFINE_DEVICE_ADD(type) \ -@@ -4228,6 +4502,9 @@ DEFINE_DEVICE_ADD(nic) - /* vtpm */ - DEFINE_DEVICE_ADD(vtpm) +@@ -4219,6 +4493,9 @@ DEFINE_DEVICE_ADD(usbctrl) + /* usb */ + DEFINE_DEVICE_ADD(usbdev) +/* vscsi */ +DEFINE_DEVICE_ADD(vscsi) @@ -419,7 +419,7 @@ Index: xen-4.6.0-testing/tools/libxl/libxl.c #undef DEFINE_DEVICE_ADD /******************************************************************************/ -@@ -6780,6 +7057,20 @@ out: +@@ -6803,6 +7080,20 @@ out: return rc; } @@ -440,11 +440,11 @@ Index: xen-4.6.0-testing/tools/libxl/libxl.c /* * Local variables: * mode: C -Index: xen-4.6.0-testing/tools/libxl/libxl.h +Index: xen-4.7.0-testing/tools/libxl/libxl.h =================================================================== ---- xen-4.6.0-testing.orig/tools/libxl/libxl.h -+++ xen-4.6.0-testing/tools/libxl/libxl.h -@@ -1435,6 +1435,26 @@ libxl_device_vtpm *libxl_device_vtpm_lis +--- xen-4.7.0-testing.orig/tools/libxl/libxl.h ++++ xen-4.7.0-testing/tools/libxl/libxl.h +@@ -1658,6 +1658,26 @@ libxl_device_vtpm *libxl_device_vtpm_lis int libxl_device_vtpm_getinfo(libxl_ctx *ctx, uint32_t domid, libxl_device_vtpm *vtpm, libxl_vtpminfo *vtpminfo); @@ -471,7 +471,7 @@ Index: xen-4.6.0-testing/tools/libxl/libxl.h /* Keyboard */ int libxl_device_vkb_add(libxl_ctx *ctx, uint32_t domid, libxl_device_vkb *vkb, const libxl_asyncop_how *ao_how) -@@ -1740,6 +1760,27 @@ int libxl_fd_set_nonblock(libxl_ctx *ctx +@@ -1966,6 +1986,27 @@ int libxl_fd_set_nonblock(libxl_ctx *ctx #include @@ -499,11 +499,11 @@ Index: xen-4.6.0-testing/tools/libxl/libxl.h #endif /* LIBXL_H */ /* -Index: xen-4.6.0-testing/tools/libxl/libxl_create.c +Index: xen-4.7.0-testing/tools/libxl/libxl_create.c =================================================================== ---- xen-4.6.0-testing.orig/tools/libxl/libxl_create.c -+++ xen-4.6.0-testing/tools/libxl/libxl_create.c -@@ -1149,6 +1149,7 @@ static void domcreate_rebuild_done(libxl +--- xen-4.7.0-testing.orig/tools/libxl/libxl_create.c ++++ xen-4.7.0-testing/tools/libxl/libxl_create.c +@@ -1164,6 +1164,7 @@ static void domcreate_rebuild_done(libxl libxl__multidev_begin(ao, &dcs->multidev); dcs->multidev.callback = domcreate_launch_dm; libxl__add_disks(egc, ao, domid, d_config, &dcs->multidev); @@ -511,24 +511,23 @@ Index: xen-4.6.0-testing/tools/libxl/libxl_create.c libxl__multidev_prepared(egc, &dcs->multidev, 0); return; -Index: xen-4.6.0-testing/tools/libxl/libxl_device.c +Index: xen-4.7.0-testing/tools/libxl/libxl_device.c =================================================================== ---- xen-4.6.0-testing.orig/tools/libxl/libxl_device.c -+++ xen-4.6.0-testing/tools/libxl/libxl_device.c +--- xen-4.7.0-testing.orig/tools/libxl/libxl_device.c ++++ xen-4.7.0-testing/tools/libxl/libxl_device.c @@ -543,6 +543,7 @@ void libxl__multidev_prepared(libxl__egc * The following functions are defined: * libxl__add_disks * libxl__add_nics + * libxl__add_vscsis * libxl__add_vtpms - */ - -@@ -562,10 +563,32 @@ void libxl__multidev_prepared(libxl__egc - - DEFINE_DEVICES_ADD(disk) - DEFINE_DEVICES_ADD(nic) -+// DEFINE_DEVICES_ADD(vscsi) + * libxl__add_usbctrls + * libxl__add_usbs +@@ -567,9 +568,31 @@ DEFINE_DEVICES_ADD(nic) DEFINE_DEVICES_ADD(vtpm) + DEFINE_DEVICES_ADD(usbctrl) + DEFINE_DEVICES_ADD(usbdev) ++// DEFINE_DEVICES_ADD(vscsi) #undef DEFINE_DEVICES_ADD @@ -556,21 +555,21 @@ Index: xen-4.6.0-testing/tools/libxl/libxl_device.c /******************************************************************************/ int libxl__device_destroy(libxl__gc *gc, libxl__device *dev) -Index: xen-4.6.0-testing/tools/libxl/libxl_internal.h +Index: xen-4.7.0-testing/tools/libxl/libxl_internal.h =================================================================== ---- xen-4.6.0-testing.orig/tools/libxl/libxl_internal.h -+++ xen-4.6.0-testing/tools/libxl/libxl_internal.h -@@ -1185,6 +1185,7 @@ _hidden int libxl__device_disk_setdefaul - _hidden int libxl__device_nic_setdefault(libxl__gc *gc, libxl_device_nic *nic, - uint32_t domid); +--- xen-4.7.0-testing.orig/tools/libxl/libxl_internal.h ++++ xen-4.7.0-testing/tools/libxl/libxl_internal.h +@@ -1206,6 +1206,7 @@ _hidden int libxl__device_nic_setdefault + uint32_t domid, + libxl_domain_build_info *info); _hidden int libxl__device_vtpm_setdefault(libxl__gc *gc, libxl_device_vtpm *vtpm); +_hidden int libxl__device_vscsi_setdefault(libxl__gc *gc, libxl_device_vscsi *vscsi); _hidden int libxl__device_vfb_setdefault(libxl__gc *gc, libxl_device_vfb *vfb); _hidden int libxl__device_vkb_setdefault(libxl__gc *gc, libxl_device_vkb *vkb); _hidden int libxl__device_pci_setdefault(libxl__gc *gc, libxl_device_pci *pci); -@@ -2561,6 +2562,10 @@ _hidden void libxl__device_vtpm_add(libx - libxl_device_vtpm *vtpm, - libxl__ao_device *aodev); +@@ -2593,6 +2594,10 @@ _hidden void libxl__device_usbdev_add(li + libxl_device_usbdev *usbdev, + libxl__ao_device *aodev); +_hidden void libxl__device_vscsi_add(libxl__egc *egc, uint32_t domid, + libxl_device_vscsi *vscsi, @@ -579,9 +578,9 @@ Index: xen-4.6.0-testing/tools/libxl/libxl_internal.h /* Internal function to connect a vkb device */ _hidden int libxl__device_vkb_add(libxl__gc *gc, uint32_t domid, libxl_device_vkb *vkb); -@@ -3277,6 +3282,10 @@ _hidden void libxl__add_vtpms(libxl__egc - libxl_domain_config *d_config, - libxl__multidev *multidev); +@@ -3358,6 +3363,10 @@ _hidden void libxl__add_usbdevs(libxl__e + uint32_t domid, libxl_domain_config *d_config, + libxl__multidev *multidev); +_hidden void libxl__add_vscsis(libxl__egc *egc, libxl__ao *ao, uint32_t domid, + libxl_domain_config *d_config, @@ -590,11 +589,11 @@ Index: xen-4.6.0-testing/tools/libxl/libxl_internal.h /*----- device model creation -----*/ /* First layer; wraps libxl__spawn_spawn. */ -Index: xen-4.6.0-testing/tools/libxl/libxl_types.idl +Index: xen-4.7.0-testing/tools/libxl/libxl_types.idl =================================================================== ---- xen-4.6.0-testing.orig/tools/libxl/libxl_types.idl -+++ xen-4.6.0-testing/tools/libxl/libxl_types.idl -@@ -617,6 +617,26 @@ libxl_device_channel = Struct("device_ch +--- xen-4.7.0-testing.orig/tools/libxl/libxl_types.idl ++++ xen-4.7.0-testing/tools/libxl/libxl_types.idl +@@ -666,6 +666,26 @@ libxl_device_channel = Struct("device_ch ])), ]) @@ -621,17 +620,17 @@ Index: xen-4.6.0-testing/tools/libxl/libxl_types.idl libxl_domain_config = Struct("domain_config", [ ("c_info", libxl_domain_create_info), ("b_info", libxl_domain_build_info), -@@ -632,6 +652,8 @@ libxl_domain_config = Struct("domain_con - # a channel manifests as a console with a name, - # see docs/misc/channels.txt +@@ -683,6 +703,8 @@ libxl_domain_config = Struct("domain_con ("channels", Array(libxl_device_channel, "num_channels")), + ("usbctrls", Array(libxl_device_usbctrl, "num_usbctrls")), + ("usbdevs", Array(libxl_device_usbdev, "num_usbdevs")), +# preserve libxl.so.4.4 ABI +# ("vscsis", Array(libxl_device_vscsi, "num_vscsis")), ("on_poweroff", libxl_action_on_shutdown), ("on_reboot", libxl_action_on_shutdown), -@@ -674,6 +696,28 @@ libxl_vtpminfo = Struct("vtpminfo", [ - ("uuid", libxl_uuid), +@@ -741,6 +763,28 @@ libxl_usbctrlinfo = Struct("usbctrlinfo" + ("ref_conn", integer), ], dir=DIR_OUT) +libxl_vscsiinfo = Struct("vscsiinfo", [ @@ -659,23 +658,23 @@ Index: xen-4.6.0-testing/tools/libxl/libxl_types.idl libxl_vcpuinfo = Struct("vcpuinfo", [ ("vcpuid", uint32), ("cpu", uint32), -Index: xen-4.6.0-testing/tools/libxl/libxl_types_internal.idl +Index: xen-4.7.0-testing/tools/libxl/libxl_types_internal.idl =================================================================== ---- xen-4.6.0-testing.orig/tools/libxl/libxl_types_internal.idl -+++ xen-4.6.0-testing/tools/libxl/libxl_types_internal.idl -@@ -22,6 +22,7 @@ libxl__device_kind = Enumeration("device - (6, "VKBD"), +--- xen-4.7.0-testing.orig/tools/libxl/libxl_types_internal.idl ++++ xen-4.7.0-testing/tools/libxl/libxl_types_internal.idl +@@ -23,6 +23,7 @@ libxl__device_kind = Enumeration("device (7, "CONSOLE"), (8, "VTPM"), -+ (9, "VSCSI"), + (9, "VUSB"), ++ (10, "VSCSI"), ]) libxl__console_backend = Enumeration("console_backend", [ -Index: xen-4.6.0-testing/tools/libxl/xl.h +Index: xen-4.7.0-testing/tools/libxl/xl.h =================================================================== ---- xen-4.6.0-testing.orig/tools/libxl/xl.h -+++ xen-4.6.0-testing/tools/libxl/xl.h -@@ -82,6 +82,9 @@ int main_channellist(int argc, char **ar +--- xen-4.7.0-testing.orig/tools/libxl/xl.h ++++ xen-4.7.0-testing/tools/libxl/xl.h +@@ -89,6 +89,9 @@ int main_channellist(int argc, char **ar int main_blockattach(int argc, char **argv); int main_blocklist(int argc, char **argv); int main_blockdetach(int argc, char **argv); @@ -685,10 +684,10 @@ Index: xen-4.6.0-testing/tools/libxl/xl.h int main_vtpmattach(int argc, char **argv); int main_vtpmlist(int argc, char **argv); int main_vtpmdetach(int argc, char **argv); -Index: xen-4.6.0-testing/tools/libxl/xl_cmdimpl.c +Index: xen-4.7.0-testing/tools/libxl/xl_cmdimpl.c =================================================================== ---- xen-4.6.0-testing.orig/tools/libxl/xl_cmdimpl.c -+++ xen-4.6.0-testing/tools/libxl/xl_cmdimpl.c +--- xen-4.7.0-testing.orig/tools/libxl/xl_cmdimpl.c ++++ xen-4.7.0-testing/tools/libxl/xl_cmdimpl.c @@ -17,6 +17,7 @@ #include "libxl_osdeps.h" @@ -705,7 +704,7 @@ Index: xen-4.6.0-testing/tools/libxl/xl_cmdimpl.c #include #include "libxl.h" -@@ -626,6 +628,122 @@ static void set_default_nic_values(libxl +@@ -633,6 +635,122 @@ static void set_default_nic_values(libxl } } @@ -828,16 +827,16 @@ Index: xen-4.6.0-testing/tools/libxl/xl_cmdimpl.c static void split_string_into_string_list(const char *str, const char *delim, libxl_string_list *psl) -@@ -1261,7 +1379,7 @@ static void parse_config_data(const char - const char *buf; - long l, vcpus = 0; +@@ -1322,7 +1440,7 @@ static void parse_config_data(const char XLU_Config *config; -- XLU_ConfigList *cpus, *vbds, *nics, *pcis, *cvfbs, *cpuids, *vtpms; -+ XLU_ConfigList *cpus, *vbds, *nics, *pcis, *cvfbs, *cpuids, *vtpms, *vscsis; - XLU_ConfigList *channels, *ioports, *irqs, *iomem, *viridian, *dtdevs; + XLU_ConfigList *cpus, *vbds, *nics, *pcis, *cvfbs, *cpuids, *vtpms, + *usbctrls, *usbdevs; +- XLU_ConfigList *channels, *ioports, *irqs, *iomem, *viridian, *dtdevs; ++ XLU_ConfigList *channels, *ioports, *irqs, *iomem, *viridian, *dtdevs, *vscsis; int num_ioports, num_irqs, num_iomem, num_cpus, num_viridian; int pci_power_mgmt = 0; -@@ -1782,6 +1900,66 @@ static void parse_config_data(const char + int pci_msitranslate = 0; +@@ -1851,6 +1969,66 @@ static void parse_config_data(const char } } @@ -904,7 +903,7 @@ Index: xen-4.6.0-testing/tools/libxl/xl_cmdimpl.c if (!xlu_cfg_get_list(config, "vtpm", &vtpms, 0, 0)) { d_config->num_vtpms = 0; d_config->vtpms = NULL; -@@ -6702,6 +6880,256 @@ int main_blockdetach(int argc, char **ar +@@ -7058,6 +7236,256 @@ int main_blockdetach(int argc, char **ar return rc; } @@ -1161,10 +1160,10 @@ Index: xen-4.6.0-testing/tools/libxl/xl_cmdimpl.c int main_vtpmattach(int argc, char **argv) { int opt; -Index: xen-4.6.0-testing/tools/libxl/xl_cmdtable.c +Index: xen-4.7.0-testing/tools/libxl/xl_cmdtable.c =================================================================== ---- xen-4.6.0-testing.orig/tools/libxl/xl_cmdtable.c -+++ xen-4.6.0-testing/tools/libxl/xl_cmdtable.c +--- xen-4.7.0-testing.orig/tools/libxl/xl_cmdtable.c ++++ xen-4.7.0-testing/tools/libxl/xl_cmdtable.c @@ -351,6 +351,21 @@ struct cmd_spec cmd_table[] = { "Destroy a domain's virtual block device", " ", diff --git a/log-guest-console.patch b/log-guest-console.patch index c6e0ded..13a8287 100644 --- a/log-guest-console.patch +++ b/log-guest-console.patch @@ -6,10 +6,10 @@ Signed-off-by: Chunyan Liu hw/xen_console.c | 71 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 files changed, 71 insertions(+), 0 deletions(-) -Index: xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_console.c +Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_console.c =================================================================== ---- xen-4.2.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/xen_console.c -+++ xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_console.c +--- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/xen_console.c ++++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_console.c @@ -38,6 +38,8 @@ #include "qemu-char.h" #include "xen_backend.h" @@ -128,7 +128,7 @@ Index: xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_console.c } @@ -266,6 +332,12 @@ static void con_disconnect(struct XenDev - xc_gnttab_munmap(xendev->gnttabdev, con->sring, 1); + xengnttab_unmap(xendev->gnttabdev, con->sring, 1); con->sring = NULL; } + diff --git a/mini-os.tar.bz2 b/mini-os.tar.bz2 index 01f7324..302ce52 100644 --- a/mini-os.tar.bz2 +++ b/mini-os.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:108d025e6b5068a817b79df33a0fd3b94704f8af94f4199188835d4f5eea14c0 -size 250896 +oid sha256:f2a417c47e301a3c5ed5ef50546e3c1d5eb08636cf407d851802c86bcf9f41c3 +size 256310 diff --git a/pygrub-boot-legacy-sles.patch b/pygrub-boot-legacy-sles.patch index fcab20e..6fc13e9 100644 --- a/pygrub-boot-legacy-sles.patch +++ b/pygrub-boot-legacy-sles.patch @@ -1,8 +1,8 @@ -Index: xen-4.6.0-testing/tools/pygrub/src/pygrub +Index: xen-4.7.0-testing/tools/pygrub/src/pygrub =================================================================== ---- xen-4.6.0-testing.orig/tools/pygrub/src/pygrub -+++ xen-4.6.0-testing/tools/pygrub/src/pygrub -@@ -449,7 +449,7 @@ class Grub: +--- xen-4.7.0-testing.orig/tools/pygrub/src/pygrub ++++ xen-4.7.0-testing/tools/pygrub/src/pygrub +@@ -454,7 +454,7 @@ class Grub: self.cf.filename = f break if self.__dict__.get('cf', None) is None: @@ -11,7 +11,7 @@ Index: xen-4.6.0-testing/tools/pygrub/src/pygrub f = fs.open_file(self.cf.filename) # limit read size to avoid pathological cases buf = f.read(FS_READ_MAX) -@@ -621,6 +621,20 @@ def run_grub(file, entry, fs, cfg_args): +@@ -626,6 +626,20 @@ def run_grub(file, entry, fs, cfg_args): g = Grub(file, fs) @@ -32,7 +32,7 @@ Index: xen-4.6.0-testing/tools/pygrub/src/pygrub if list_entries: for i in range(len(g.cf.images)): img = g.cf.images[i] -@@ -716,6 +730,19 @@ def sniff_netware(fs, cfg): +@@ -721,6 +735,19 @@ def sniff_netware(fs, cfg): return cfg @@ -52,7 +52,7 @@ Index: xen-4.6.0-testing/tools/pygrub/src/pygrub def format_sxp(kernel, ramdisk, args): s = "linux (kernel %s)" % kernel if ramdisk: -@@ -796,7 +823,7 @@ if __name__ == "__main__": +@@ -801,7 +828,7 @@ if __name__ == "__main__": debug = False not_really = False output_format = "sxp" diff --git a/pygrub-netware-xnloader.patch b/pygrub-netware-xnloader.patch index dcdf61f..5d1862e 100644 --- a/pygrub-netware-xnloader.patch +++ b/pygrub-netware-xnloader.patch @@ -1,7 +1,7 @@ -Index: xen-4.6.0-testing/tools/pygrub/src/pygrub +Index: xen-4.7.0-testing/tools/pygrub/src/pygrub =================================================================== ---- xen-4.6.0-testing.orig/tools/pygrub/src/pygrub -+++ xen-4.6.0-testing/tools/pygrub/src/pygrub +--- xen-4.7.0-testing.orig/tools/pygrub/src/pygrub ++++ xen-4.7.0-testing/tools/pygrub/src/pygrub @@ -25,6 +25,7 @@ import fsimage import grub.GrubConf import grub.LiloConf @@ -10,7 +10,7 @@ Index: xen-4.6.0-testing/tools/pygrub/src/pygrub PYGRUB_VER = 0.6 FS_READ_MAX = 1024 * 1024 -@@ -758,6 +759,8 @@ if __name__ == "__main__": +@@ -763,6 +764,8 @@ if __name__ == "__main__": if len(data) == 0: os.close(tfd) del datafile diff --git a/qemu-xen-traditional-dir-remote.tar.bz2 b/qemu-xen-traditional-dir-remote.tar.bz2 index 29a86ca..36a6a16 100644 --- a/qemu-xen-traditional-dir-remote.tar.bz2 +++ b/qemu-xen-traditional-dir-remote.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:49b46fed34660b33f06539a82abc11421b6396cf9ec6bf1a8b6a2219e0beaa30 -size 3213851 +oid sha256:e4222728bdf6f6aa97d081e0f51074cb33d7da3e4b49b4071ba8766c0496c4ef +size 3236984 diff --git a/set-mtu-from-bridge-for-tap-interface.patch b/set-mtu-from-bridge-for-tap-interface.patch deleted file mode 100644 index ee492e5..0000000 --- a/set-mtu-from-bridge-for-tap-interface.patch +++ /dev/null @@ -1,40 +0,0 @@ -# HG changeset patch -# User Charles Arnold -# Date 1379427987 -3600 -# Node ID e6da6ffd6749237316d4440799f0a0272bbdae9c -# Parent 5597ce99ec7f2587a29f3b2dee0bde98d59bf327 -tools/hotplug: set mtu from bridge for tap interface - -With changeset 22885 support was added for setting the MTU in the vif-bridge -script for when a vif interface was set to 'online'. The was not done for the -'add' operation. The 'add' operation was added to the script for when tap -devices were specified (c/s 21944). With the setting of the MTU for the -'online' case was there a reason for omitting the 'add'? - -This patch sets the MTU for both 'online' and 'add' in the vif-bridge script. - -Signed-off-by: Charles Arnold -Acked-by: Ian Campbell - -Index: xen-4.5.0-testing/tools/hotplug/Linux/vif-bridge -=================================================================== ---- xen-4.5.0-testing.orig/tools/hotplug/Linux/vif-bridge -+++ xen-4.5.0-testing/tools/hotplug/Linux/vif-bridge -@@ -84,7 +84,7 @@ fi - case "$command" in - online) - setup_virtual_bridge_port "$dev" -- set_mtu $bridge $dev -+ set_mtu "$bridge" "$dev" - add_to_bridge "$bridge" "$dev" - ;; - -@@ -95,7 +95,7 @@ case "$command" in - - add) - setup_virtual_bridge_port "$dev" -- set_mtu $bridge $dev -+ set_mtu "$bridge" "$dev" - add_to_bridge "$bridge" "$dev" - ;; - esac diff --git a/stubdom-have-iovec.patch b/stubdom-have-iovec.patch index f0d9ccc..dd694cf 100644 --- a/stubdom-have-iovec.patch +++ b/stubdom-have-iovec.patch @@ -3,11 +3,11 @@ xc_private.h now contains a definition of iovec. This conflicts when building qemu traditional xen_platform.c which includes hw.h which includes qemu-common.h which already has a definition of iovec -Index: xen-4.6.0-testing/tools/libxc/xc_private.h +Index: xen-4.7.0-testing/tools/libxc/xc_private.h =================================================================== ---- xen-4.6.0-testing.orig/tools/libxc/xc_private.h -+++ xen-4.6.0-testing/tools/libxc/xc_private.h -@@ -42,6 +42,8 @@ +--- xen-4.7.0-testing.orig/tools/libxc/xc_private.h ++++ xen-4.7.0-testing/tools/libxc/xc_private.h +@@ -47,6 +47,8 @@ #endif #if defined(__MINIOS__) @@ -16,7 +16,7 @@ Index: xen-4.6.0-testing/tools/libxc/xc_private.h /* * MiniOS's libc doesn't know about sys/uio.h or writev(). * Declare enough of sys/uio.h to compile. -@@ -50,6 +52,7 @@ struct iovec { +@@ -55,6 +57,7 @@ struct iovec { void *iov_base; size_t iov_len; }; diff --git a/stubdom.tar.bz2 b/stubdom.tar.bz2 index ea00611..52da7bb 100644 --- a/stubdom.tar.bz2 +++ b/stubdom.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:84630b41c8066eddb78755762e7a8d1261ed9e12fd8733604f8a0ab9d32eac86 -size 17477041 +oid sha256:510ee7906630b096e522ce0bbf26e89c201a0fe33441df9a8114e8f8cb84b189 +size 17477234 diff --git a/suspend_evtchn_lock.patch b/suspend_evtchn_lock.patch index deb38b4..d4f5ea4 100644 --- a/suspend_evtchn_lock.patch +++ b/suspend_evtchn_lock.patch @@ -6,11 +6,11 @@ http://xen.1045712.n5.nabble.com/Re-PATCH-improve-suspend-evtchn-lock-processing Signed-off-by: Chunyan Liu -Index: xen-4.6.0-testing/tools/libxc/xc_suspend.c +Index: xen-4.7.0-testing/tools/libxc/xc_suspend.c =================================================================== ---- xen-4.6.0-testing.orig/tools/libxc/xc_suspend.c -+++ xen-4.6.0-testing/tools/libxc/xc_suspend.c -@@ -18,6 +18,10 @@ +--- xen-4.7.0-testing.orig/tools/libxc/xc_suspend.c ++++ xen-4.7.0-testing/tools/libxc/xc_suspend.c +@@ -20,6 +20,10 @@ #include "xc_private.h" #include "xenguest.h" @@ -21,7 +21,7 @@ Index: xen-4.6.0-testing/tools/libxc/xc_suspend.c #define SUSPEND_LOCK_FILE XEN_RUN_DIR "/suspend-evtchn-%d.lock" -@@ -33,6 +37,37 @@ +@@ -35,6 +39,37 @@ #define SUSPEND_FILE_BUFLEN (sizeof(SUSPEND_LOCK_FILE) + 10) @@ -59,7 +59,7 @@ Index: xen-4.6.0-testing/tools/libxc/xc_suspend.c static void get_suspend_file(char buf[], int domid) { snprintf(buf, SUSPEND_FILE_BUFLEN, SUSPEND_LOCK_FILE, domid); -@@ -46,6 +81,7 @@ static int lock_suspend_event(xc_interfa +@@ -48,6 +83,7 @@ static int lock_suspend_event(xc_interfa struct flock fl; get_suspend_file(suspend_file, domid); @@ -67,7 +67,7 @@ Index: xen-4.6.0-testing/tools/libxc/xc_suspend.c *lockfd = -1; -@@ -95,6 +131,8 @@ static int lock_suspend_event(xc_interfa +@@ -97,6 +133,8 @@ static int lock_suspend_event(xc_interfa if (fd >= 0) close(fd); diff --git a/tmp_build.patch b/tmp_build.patch index ecafbdd..8d15371 100644 --- a/tmp_build.patch +++ b/tmp_build.patch @@ -2,11 +2,11 @@ tools/xenstore/Makefile | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) -Index: xen-4.6.0-testing/tools/xenstore/Makefile +Index: xen-4.7.0-testing/tools/xenstore/Makefile =================================================================== ---- xen-4.6.0-testing.orig/tools/xenstore/Makefile -+++ xen-4.6.0-testing/tools/xenstore/Makefile -@@ -92,6 +92,7 @@ $(CLIENTS_DOMU): xenstore +--- xen-4.7.0-testing.orig/tools/xenstore/Makefile ++++ xen-4.7.0-testing/tools/xenstore/Makefile +@@ -86,6 +86,7 @@ $(CLIENTS_DOMU): xenstore xenstore: xenstore_client.o $(LIBXENSTORE) $(CC) $< $(LDFLAGS) $(LDLIBS_libxenstore) $(SOCKET_LIBS) -o $@ $(APPEND_LDFLAGS) @@ -14,7 +14,7 @@ Index: xen-4.6.0-testing/tools/xenstore/Makefile xenstore-control: xenstore_control.o $(LIBXENSTORE) $(CC) $< $(LDFLAGS) $(LDLIBS_libxenstore) $(SOCKET_LIBS) -o $@ $(APPEND_LDFLAGS) -@@ -145,10 +146,11 @@ endif +@@ -139,10 +140,11 @@ endif $(INSTALL_PROG) xenstore-control $(DESTDIR)$(bindir) $(INSTALL_PROG) xenstore $(DESTDIR)$(bindir) set -e ; for c in $(CLIENTS) ; do \ diff --git a/xen-4.6.1-testing-src.tar.bz2 b/xen-4.6.1-testing-src.tar.bz2 deleted file mode 100644 index df073f8..0000000 --- a/xen-4.6.1-testing-src.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:713e894ad35fde716ffb0c6987737954fe82e5e0a9adf66eeea491c27c6eabff -size 4088066 diff --git a/xen-4.7.0-testing-src.tar.bz2 b/xen-4.7.0-testing-src.tar.bz2 new file mode 100644 index 0000000..ffd9a24 --- /dev/null +++ b/xen-4.7.0-testing-src.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:06f60bae6de030ff284a995b951148f3d47a795feb4fbb64092bdd12ec3446cd +size 4363009 diff --git a/xen-destdir.patch b/xen-destdir.patch index cef833c..e871cd8 100644 --- a/xen-destdir.patch +++ b/xen-destdir.patch @@ -1,8 +1,8 @@ -Index: xen-4.6.0-testing/tools/xenstore/Makefile +Index: xen-4.7.0-testing/tools/xenstore/Makefile =================================================================== ---- xen-4.6.0-testing.orig/tools/xenstore/Makefile -+++ xen-4.6.0-testing/tools/xenstore/Makefile -@@ -20,6 +20,7 @@ LDFLAGS += $(LDFLAGS-y) +--- xen-4.7.0-testing.orig/tools/xenstore/Makefile ++++ xen-4.7.0-testing/tools/xenstore/Makefile +@@ -21,6 +21,7 @@ LDFLAGS += $(LDFLAGS-y) CLIENTS := xenstore-exists xenstore-list xenstore-read xenstore-rm xenstore-chmod CLIENTS += xenstore-write xenstore-ls xenstore-watch @@ -10,7 +10,7 @@ Index: xen-4.6.0-testing/tools/xenstore/Makefile XENSTORED_OBJS = xenstored_core.o xenstored_watch.o xenstored_domain.o xenstored_transaction.o xs_lib.o talloc.o utils.o tdb.o hashtable.o -@@ -58,7 +59,7 @@ endif +@@ -55,7 +56,7 @@ endif all: $(ALL_TARGETS) .PHONY: clients @@ -19,7 +19,7 @@ Index: xen-4.6.0-testing/tools/xenstore/Makefile ifeq ($(CONFIG_SunOS),y) xenstored_probes.h: xenstored_probes.d -@@ -86,6 +87,9 @@ xenstored.a: $(XENSTORED_OBJS) +@@ -80,6 +81,9 @@ xenstored.a: $(XENSTORED_OBJS) $(CLIENTS): xenstore ln -f xenstore $@ @@ -29,7 +29,7 @@ Index: xen-4.6.0-testing/tools/xenstore/Makefile xenstore: xenstore_client.o $(LIBXENSTORE) $(CC) $< $(LDFLAGS) $(LDLIBS_libxenstore) $(SOCKET_LIBS) -o $@ $(APPEND_LDFLAGS) -@@ -113,7 +117,7 @@ clean: +@@ -107,7 +111,7 @@ clean: rm -f *.a *.o *.opic *.so* xenstored_probes.h rm -f xenstored xs_random xs_stress xs_crashme rm -f xs_tdb_dump xenstore-control init-xenstore-domain @@ -38,7 +38,7 @@ Index: xen-4.6.0-testing/tools/xenstore/Makefile $(RM) $(DEPS) .PHONY: distclean -@@ -136,13 +140,17 @@ ifeq ($(XENSTORE_XENSTORED),y) +@@ -130,12 +134,16 @@ ifeq ($(XENSTORE_XENSTORED),y) $(INSTALL_DIR) $(DESTDIR)$(sbindir) $(INSTALL_DIR) $(DESTDIR)$(XEN_LIB_STORED) $(INSTALL_PROG) xenstored $(DESTDIR)$(sbindir) @@ -49,11 +49,9 @@ Index: xen-4.6.0-testing/tools/xenstore/Makefile set -e ; for c in $(CLIENTS) ; do \ ln -f $(DESTDIR)$(bindir)/xenstore $(DESTDIR)$(bindir)/$${c} ; \ done -- $(INSTALL_DIR) $(DESTDIR)$(libdir) + for client in $(CLIENTS_DOMU); do \ + $(INSTALL_PROG) $$client $(DESTDIR)$(bindir)/$${client/domu-}; \ + done -+ $(INSTALL_DIR) $(DESTDIR)$(libdir) + $(INSTALL_DIR) $(DESTDIR)$(libdir) $(INSTALL_SHLIB) libxenstore.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir) ln -sf libxenstore.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)/libxenstore.so.$(MAJOR) - ln -sf libxenstore.so.$(MAJOR) $(DESTDIR)$(libdir)/libxenstore.so diff --git a/xen-utils-0.1.tar.bz2 b/xen-utils-0.1.tar.bz2 index e8780e1..9865112 100644 --- a/xen-utils-0.1.tar.bz2 +++ b/xen-utils-0.1.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:7c17e060de0b507ec0673f84dde727c6d583f781051981b75204e46f31704e14 -size 6171 +oid sha256:2d78844237d1148bedeaee6dd56a170a0f5ebcda45593fddff8128d3336c0792 +size 6272 diff --git a/xen.changes b/xen.changes index 1de2b01..4e105d7 100644 --- a/xen.changes +++ b/xen.changes @@ -1,3 +1,23 @@ +------------------------------------------------------------------- +Fri Mar 25 14:46:11 MDT 2016 - carnold@suse.com + +- Update to Xen 4.7 pre-release + xen-4.7.0-testing-src.tar.bz2 +- Dropped: + xen-4.6.1-testing-src.tar.bz2 + 55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch + 5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch + 5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch + 5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch + hotplug-Linux-block-performance-fix.patch + set-mtu-from-bridge-for-tap-interface.patch + xendomains-libvirtd-conflict.patch + xsa154.patch + xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch + xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch + xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch + xsa170.patch + ------------------------------------------------------------------- Tue Mar 22 21:48:06 UTC 2016 - jfehlig@suse.com diff --git a/xen.libxl.dmmd.patch b/xen.libxl.dmmd.patch index 68fc988..c1819a9 100644 --- a/xen.libxl.dmmd.patch +++ b/xen.libxl.dmmd.patch @@ -7,11 +7,11 @@ References: bsc#954872 tools/libxl/libxlu_disk_l.l | 2 ++ 4 files changed, 37 insertions(+), 6 deletions(-) -Index: xen-4.6.1-testing/tools/libxl/libxl.c +Index: xen-4.7.0-testing/tools/libxl/libxl.c =================================================================== ---- xen-4.6.1-testing.orig/tools/libxl/libxl.c -+++ xen-4.6.1-testing/tools/libxl/libxl.c -@@ -2791,6 +2791,10 @@ static void device_disk_add(libxl__egc * +--- xen-4.7.0-testing.orig/tools/libxl/libxl.c ++++ xen-4.7.0-testing/tools/libxl/libxl.c +@@ -2748,6 +2748,10 @@ static void device_disk_add(libxl__egc * /* now create a phy device to export the device to the guest */ goto do_backend_phy; case LIBXL_DISK_BACKEND_QDISK: @@ -20,12 +20,12 @@ Index: xen-4.6.1-testing/tools/libxl/libxl.c + flexarray_append_pair(back, "script", script); + } flexarray_append(back, "params"); - flexarray_append(back, libxl__sprintf(gc, "%s:%s", + flexarray_append(back, GCSPRINTF("%s:%s", libxl__device_disk_string_of_format(disk->format), disk->pdev_path)); -Index: xen-4.6.1-testing/tools/libxl/libxl_device.c +Index: xen-4.7.0-testing/tools/libxl/libxl_device.c =================================================================== ---- xen-4.6.1-testing.orig/tools/libxl/libxl_device.c -+++ xen-4.6.1-testing/tools/libxl/libxl_device.c +--- xen-4.7.0-testing.orig/tools/libxl/libxl_device.c ++++ xen-4.7.0-testing/tools/libxl/libxl_device.c @@ -235,7 +235,8 @@ static int disk_try_backend(disk_try_bac return backend; @@ -36,12 +36,12 @@ Index: xen-4.6.1-testing/tools/libxl/libxl_device.c return backend; default: -Index: xen-4.6.1-testing/tools/libxl/libxl_dm.c +Index: xen-4.7.0-testing/tools/libxl/libxl_dm.c =================================================================== ---- xen-4.6.1-testing.orig/tools/libxl/libxl_dm.c -+++ xen-4.6.1-testing/tools/libxl/libxl_dm.c -@@ -700,6 +700,30 @@ static char *dm_spice_options(libxl__gc - return opt; +--- xen-4.7.0-testing.orig/tools/libxl/libxl_dm.c ++++ xen-4.7.0-testing/tools/libxl/libxl_dm.c +@@ -751,6 +751,30 @@ static int libxl__dm_runas_helper(libxl_ + } } +static void libxl__suse_node_to_path(libxl__gc *gc, int domid, const libxl_device_disk *dp, const char **pdev_path) @@ -71,7 +71,7 @@ Index: xen-4.6.1-testing/tools/libxl/libxl_dm.c static int libxl__build_device_model_args_new(libxl__gc *gc, const char *dm, int guest_domid, const libxl_domain_config *guest_config, -@@ -1099,7 +1123,9 @@ static int libxl__build_device_model_arg +@@ -1169,7 +1193,9 @@ static int libxl__build_device_model_arg libxl__device_disk_dev_number(disks[i].vdev, &disk, &part); const char *format = qemu_disk_format_string(disks[i].format); char *drive; @@ -81,8 +81,8 @@ Index: xen-4.6.1-testing/tools/libxl/libxl_dm.c + libxl__suse_node_to_path(gc, guest_domid, disks + i, &pdev_path); if (dev_number == -1) { - LIBXL__LOG(ctx, LIBXL__LOG_WARNING, "unable to determine" -@@ -1115,7 +1141,7 @@ static int libxl__build_device_model_arg + LOG(WARN, "unable to determine"" disk number for %s", +@@ -1185,7 +1211,7 @@ static int libxl__build_device_model_arg else drive = libxl__sprintf (gc, "file=%s,if=ide,index=%d,readonly=%s,media=cdrom,format=%s,cache=writeback,id=ide-%i", @@ -90,8 +90,8 @@ Index: xen-4.6.1-testing/tools/libxl/libxl_dm.c + pdev_path, disk, disks[i].readwrite ? "off" : "on", format, dev_number); } else { if (disks[i].format == LIBXL_DISK_FORMAT_EMPTY) { - LIBXL__LOG(ctx, LIBXL__LOG_WARNING, "cannot support" -@@ -1131,10 +1157,8 @@ static int libxl__build_device_model_arg + LOG(WARN, "cannot support"" empty disk format for %s", +@@ -1202,10 +1228,8 @@ static int libxl__build_device_model_arg if (disks[i].backend == LIBXL_DISK_BACKEND_TAP) { format = qemu_disk_format_string(LIBXL_DISK_FORMAT_RAW); @@ -103,10 +103,10 @@ Index: xen-4.6.1-testing/tools/libxl/libxl_dm.c } /* -Index: xen-4.6.1-testing/tools/libxl/libxlu_disk_l.l +Index: xen-4.7.0-testing/tools/libxl/libxlu_disk_l.l =================================================================== ---- xen-4.6.1-testing.orig/tools/libxl/libxlu_disk_l.l -+++ xen-4.6.1-testing/tools/libxl/libxlu_disk_l.l +--- xen-4.7.0-testing.orig/tools/libxl/libxlu_disk_l.l ++++ xen-4.7.0-testing/tools/libxl/libxlu_disk_l.l @@ -209,6 +209,8 @@ target=.* { STRIP(','); SAVESTRING("targ free(newscript); } diff --git a/xen.spec b/xen.spec index 9219256..c2dc9c0 100644 --- a/xen.spec +++ b/xen.spec @@ -15,13 +15,12 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # - # needssslcertforbuild Name: xen ExclusiveArch: %ix86 x86_64 %arm aarch64 %define changeset 31594 -%define xen_build_dir xen-4.6.1-testing +%define xen_build_dir xen-4.7.0-testing # %define with_kmp 0 %define with_debug 0 @@ -160,12 +159,12 @@ BuildRequires: xorg-x11-util-devel %endif %endif -Version: 4.6.1_02 +Version: 4.7.0_01 Release: 0 Summary: Xen Virtualization: Hypervisor (aka VMM aka Microkernel) License: GPL-2.0 Group: System/Kernel -Source0: xen-4.6.1-testing-src.tar.bz2 +Source0: xen-4.7.0-testing-src.tar.bz2 Source1: stubdom.tar.bz2 Source2: qemu-xen-traditional-dir-remote.tar.bz2 Source5: ipxe.tar.bz2 @@ -198,16 +197,7 @@ Source57: xen-utils-0.1.tar.bz2 # For xen-libs Source99: baselibs.conf # Upstream patches -Patch1: 55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch -Patch2: 5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch -Patch3: 5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch -Patch4: 5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch -Patch154: xsa154.patch -Patch15501: xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch -Patch15502: xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch -Patch15503: xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch Patch164: xsa164.patch -Patch170: xsa170.patch # Upstream qemu-traditional patches Patch250: VNC-Support-for-ExtendedKeyEvent-client-message.patch Patch251: 0001-net-move-the-tap-buffer-into-TAPState.patch @@ -271,7 +261,6 @@ Patch403: xl-conf-default-bridge.patch Patch420: suspend_evtchn_lock.patch Patch421: xenpaging.doc.patch Patch422: stubdom-have-iovec.patch -Patch423: hotplug-Linux-block-performance-fix.patch # Other bug fixes or features Patch451: xenconsole-no-multiple-connections.patch Patch452: hibernate.patch @@ -279,14 +268,12 @@ Patch453: stdvga-cache.patch Patch454: ipxe-enable-nics.patch Patch455: pygrub-netware-xnloader.patch Patch456: pygrub-boot-legacy-sles.patch -Patch457: set-mtu-from-bridge-for-tap-interface.patch -Patch458: aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch -Patch459: xendomains-libvirtd-conflict.patch -Patch460: CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch -Patch461: libxl.pvscsi.patch -Patch462: xen.libxl.dmmd.patch -Patch463: libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch -Patch464: blktap2-no-uninit.patch +Patch457: aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch +Patch458: CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch +Patch459: libxl.pvscsi.patch +Patch460: xen.libxl.dmmd.patch +Patch461: libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch +Patch462: blktap2-no-uninit.patch # Hypervisor and PV driver Patches Patch501: x86-ioapic-ack-default.patch Patch502: x86-cpufreq-report.patch @@ -509,16 +496,7 @@ Authors: %prep %setup -q -n %xen_build_dir -a 1 -a 2 -a 5 -a 6 -a 57 # Upstream patches -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch154 -p1 -%patch15501 -p1 -%patch15502 -p1 -%patch15503 -p1 %patch164 -p1 -%patch170 -p1 # Upstream qemu patches %patch250 -p1 %patch251 -p1 @@ -582,7 +560,6 @@ Authors: %patch420 -p1 %patch421 -p1 %patch422 -p1 -%patch423 -p1 # Other bug fixes or features %patch451 -p1 %patch452 -p1 @@ -596,8 +573,6 @@ Authors: %patch460 -p1 %patch461 -p1 %patch462 -p1 -%patch463 -p1 -%patch464 -p1 # Hypervisor and PV driver Patches %patch501 -p1 %patch502 -p1 @@ -1006,6 +981,12 @@ rm -f $RPM_BUILD_ROOT/usr/libexec/qemu-bridge-helper /usr/sbin/td-util /usr/sbin/vhd-update /usr/sbin/vhd-util +/usr/sbin/flask-get-bool +/usr/sbin/flask-getenforce +/usr/sbin/flask-label-pci +/usr/sbin/flask-loadpolicy +/usr/sbin/flask-set-bool +/usr/sbin/flask-setenforce %if %{?with_gdbsx}0 /usr/sbin/gdbsx %endif diff --git a/xenconsole-no-multiple-connections.patch b/xenconsole-no-multiple-connections.patch index 8d2044d..504a7e2 100644 --- a/xenconsole-no-multiple-connections.patch +++ b/xenconsole-no-multiple-connections.patch @@ -1,8 +1,8 @@ -Index: xen-4.6.0-testing/tools/console/client/main.c +Index: xen-4.7.0-testing/tools/console/client/main.c =================================================================== ---- xen-4.6.0-testing.orig/tools/console/client/main.c -+++ xen-4.6.0-testing/tools/console/client/main.c -@@ -99,6 +99,7 @@ static int get_pty_fd(struct xs_handle * +--- xen-4.7.0-testing.orig/tools/console/client/main.c ++++ xen-4.7.0-testing/tools/console/client/main.c +@@ -100,6 +100,7 @@ static int get_pty_fd(struct xs_handle * * Assumes there is already a watch set in the store for this path. */ { struct timeval tv; @@ -10,7 +10,7 @@ Index: xen-4.6.0-testing/tools/console/client/main.c fd_set watch_fdset; int xs_fd = xs_fileno(xs), pty_fd = -1; int start, now; -@@ -122,6 +123,14 @@ static int get_pty_fd(struct xs_handle * +@@ -123,6 +124,14 @@ static int get_pty_fd(struct xs_handle * pty_fd = open(pty_path, O_RDWR | O_NOCTTY); if (pty_fd == -1) warn("Could not open tty `%s'", pty_path); diff --git a/xendomains-libvirtd-conflict.patch b/xendomains-libvirtd-conflict.patch deleted file mode 100644 index b103c45..0000000 --- a/xendomains-libvirtd-conflict.patch +++ /dev/null @@ -1,20 +0,0 @@ -xendomains conflicts with libvirtd (bnc#937371) - -It saves domains without telling libvirt -It restores domains without telling libvirt ---- - tools/hotplug/Linux/systemd/xendomains.service.in | 1 + - 1 file changed, 1 insertion(+) - -Index: xen-4.5.1-testing/tools/hotplug/Linux/systemd/xendomains.service.in -=================================================================== ---- xen-4.5.1-testing.orig/tools/hotplug/Linux/systemd/xendomains.service.in -+++ xen-4.5.1-testing/tools/hotplug/Linux/systemd/xendomains.service.in -@@ -5,6 +5,7 @@ After=proc-xen.mount xenstored.service x - After=network-online.target - After=remote-fs.target - ConditionPathExists=/proc/xen/capabilities -+Conflicts=libvirtd.service - - [Service] - Type=oneshot diff --git a/xsa154.patch b/xsa154.patch deleted file mode 100644 index dab2292..0000000 --- a/xsa154.patch +++ /dev/null @@ -1,377 +0,0 @@ -References: bsc#965315 - CVE-2016-2270 XSA-154 - -x86: enforce consistent cachability of MMIO mappings - -We've been told by Intel that inconsistent cachability between -multiple mappings of the same page can affect system stability only -when the affected page is an MMIO one. Since the stale data issue is -of no relevance to the hypervisor (since all guest memory accesses go -through proper accessors and validation), handling of RAM pages -remains unchanged here. Any MMIO mapped by domains however needs to be -done consistently (all cachable mappings or all uncachable ones), in -order to avoid Machine Check exceptions. Since converting existing -cachable mappings to uncachable (at the time an uncachable mapping -gets established) would in the PV case require tracking all mappings, -allow MMIO to only get mapped uncachable (UC, UC-, or WC). - -This also implies that in the PV case we mustn't use the L1 PTE update -fast path when cachability flags get altered. - -Since in the HVM case at least for now we want to continue honoring -pinned cachability attributes for pages not mapped by the hypervisor, -special case handling of r/o MMIO pages (forcing UC) gets added there. -Arguably the counterpart change to p2m-pt.c may not be necessary, since -UC- (which already gets enforced there) is probably strict enough. - -Note that the shadow code changes include fixing the write protection -of r/o MMIO ranges: shadow_l1e_remove_flags() and its siblings, other -than l1e_remove_flags() and alike, return the new PTE (and hence -ignoring their return values makes them no-ops). - -This is CVE-2016-2270 / XSA-154. - -Signed-off-by: Jan Beulich -Acked-by: Andrew Cooper - -Index: xen-4.6.1-testing/docs/misc/xen-command-line.markdown -=================================================================== ---- xen-4.6.1-testing.orig/docs/misc/xen-command-line.markdown -+++ xen-4.6.1-testing/docs/misc/xen-command-line.markdown -@@ -1080,6 +1080,15 @@ limit is ignored by Xen. - - Specify if the MMConfig space should be enabled. - -+### mmio-relax -+> `= | all` -+ -+> Default: `false` -+ -+By default, domains may not create cached mappings to MMIO regions. -+This option relaxes the check for Domain 0 (or when using `all`, all PV -+domains), to permit the use of cacheable MMIO mappings. -+ - ### msi - > `= ` - -Index: xen-4.6.1-testing/xen/arch/x86/hvm/mtrr.c -=================================================================== ---- xen-4.6.1-testing.orig/xen/arch/x86/hvm/mtrr.c -+++ xen-4.6.1-testing/xen/arch/x86/hvm/mtrr.c -@@ -807,8 +807,17 @@ int epte_get_entry_emt(struct domain *d, - if ( v->domain != d ) - v = d->vcpu ? d->vcpu[0] : NULL; - -- if ( !mfn_valid(mfn_x(mfn)) ) -+ if ( !mfn_valid(mfn_x(mfn)) || -+ rangeset_contains_range(mmio_ro_ranges, mfn_x(mfn), -+ mfn_x(mfn) + (1UL << order) - 1) ) -+ { -+ *ipat = 1; - return MTRR_TYPE_UNCACHABLE; -+ } -+ -+ if ( rangeset_overlaps_range(mmio_ro_ranges, mfn_x(mfn), -+ mfn_x(mfn) + (1UL << order) - 1) ) -+ return -1; - - switch ( hvm_get_mem_pinned_cacheattr(d, gfn, order, &type) ) - { -Index: xen-4.6.1-testing/xen/arch/x86/mm/p2m-pt.c -=================================================================== ---- xen-4.6.1-testing.orig/xen/arch/x86/mm/p2m-pt.c -+++ xen-4.6.1-testing/xen/arch/x86/mm/p2m-pt.c -@@ -107,6 +107,8 @@ static unsigned long p2m_type_to_flags(p - case p2m_mmio_direct: - if ( !rangeset_contains_singleton(mmio_ro_ranges, mfn_x(mfn)) ) - flags |= _PAGE_RW; -+ else -+ flags |= _PAGE_PWT; - return flags | P2M_BASE_FLAGS | _PAGE_PCD; - } - } -Index: xen-4.6.1-testing/xen/arch/x86/mm/shadow/multi.c -=================================================================== ---- xen-4.6.1-testing.orig/xen/arch/x86/mm/shadow/multi.c -+++ xen-4.6.1-testing/xen/arch/x86/mm/shadow/multi.c -@@ -519,6 +519,7 @@ _sh_propagate(struct vcpu *v, - gfn_t target_gfn = guest_l1e_get_gfn(guest_entry); - u32 pass_thru_flags; - u32 gflags, sflags; -+ bool_t mmio_mfn; - - /* We don't shadow PAE l3s */ - ASSERT(GUEST_PAGING_LEVELS > 3 || level != 3); -@@ -559,7 +560,10 @@ _sh_propagate(struct vcpu *v, - // mfn means that we can not usefully shadow anything, and so we - // return early. - // -- if ( !mfn_valid(target_mfn) -+ mmio_mfn = !mfn_valid(target_mfn) -+ || (level == 1 -+ && page_get_owner(mfn_to_page(target_mfn)) == dom_io); -+ if ( mmio_mfn - && !(level == 1 && (!shadow_mode_refcounts(d) - || p2mt == p2m_mmio_direct)) ) - { -@@ -577,7 +581,7 @@ _sh_propagate(struct vcpu *v, - _PAGE_RW | _PAGE_PRESENT); - if ( guest_supports_nx(v) ) - pass_thru_flags |= _PAGE_NX_BIT; -- if ( !shadow_mode_refcounts(d) && !mfn_valid(target_mfn) ) -+ if ( level == 1 && !shadow_mode_refcounts(d) && mmio_mfn ) - pass_thru_flags |= _PAGE_PAT | _PAGE_PCD | _PAGE_PWT; - sflags = gflags & pass_thru_flags; - -@@ -676,10 +680,14 @@ _sh_propagate(struct vcpu *v, - } - - /* Read-only memory */ -- if ( p2m_is_readonly(p2mt) || -- (p2mt == p2m_mmio_direct && -- rangeset_contains_singleton(mmio_ro_ranges, mfn_x(target_mfn))) ) -+ if ( p2m_is_readonly(p2mt) ) - sflags &= ~_PAGE_RW; -+ else if ( p2mt == p2m_mmio_direct && -+ rangeset_contains_singleton(mmio_ro_ranges, mfn_x(target_mfn)) ) -+ { -+ sflags &= ~(_PAGE_RW | _PAGE_PAT); -+ sflags |= _PAGE_PCD | _PAGE_PWT; -+ } - - // protect guest page tables - // -@@ -1185,22 +1193,28 @@ static int shadow_set_l1e(struct domain - && !sh_l1e_is_magic(new_sl1e) ) - { - /* About to install a new reference */ -- if ( shadow_mode_refcounts(d) ) { -+ if ( shadow_mode_refcounts(d) ) -+ { -+#define PAGE_FLIPPABLE (_PAGE_RW | _PAGE_PWT | _PAGE_PCD | _PAGE_PAT) -+ int rc; -+ - TRACE_SHADOW_PATH_FLAG(TRCE_SFLAG_SHADOW_L1_GET_REF); -- switch ( shadow_get_page_from_l1e(new_sl1e, d, new_type) ) -+ switch ( rc = shadow_get_page_from_l1e(new_sl1e, d, new_type) ) - { - default: - /* Doesn't look like a pagetable. */ - flags |= SHADOW_SET_ERROR; - new_sl1e = shadow_l1e_empty(); - break; -- case 1: -- shadow_l1e_remove_flags(new_sl1e, _PAGE_RW); -+ case PAGE_FLIPPABLE & -PAGE_FLIPPABLE ... PAGE_FLIPPABLE: -+ ASSERT(!(rc & ~PAGE_FLIPPABLE)); -+ new_sl1e = shadow_l1e_flip_flags(new_sl1e, rc); - /* fall through */ - case 0: - shadow_vram_get_l1e(new_sl1e, sl1e, sl1mfn, d); - break; - } -+#undef PAGE_FLIPPABLE - } - } - -Index: xen-4.6.1-testing/xen/arch/x86/mm/shadow/types.h -=================================================================== ---- xen-4.6.1-testing.orig/xen/arch/x86/mm/shadow/types.h -+++ xen-4.6.1-testing/xen/arch/x86/mm/shadow/types.h -@@ -99,6 +99,9 @@ static inline u32 shadow_l4e_get_flags(s - static inline shadow_l1e_t - shadow_l1e_remove_flags(shadow_l1e_t sl1e, u32 flags) - { l1e_remove_flags(sl1e, flags); return sl1e; } -+static inline shadow_l1e_t -+shadow_l1e_flip_flags(shadow_l1e_t sl1e, u32 flags) -+{ l1e_flip_flags(sl1e, flags); return sl1e; } - - static inline shadow_l1e_t shadow_l1e_empty(void) - { return l1e_empty(); } -Index: xen-4.6.1-testing/xen/include/asm-x86/page.h -=================================================================== ---- xen-4.6.1-testing.orig/xen/include/asm-x86/page.h -+++ xen-4.6.1-testing/xen/include/asm-x86/page.h -@@ -157,6 +157,9 @@ static inline l4_pgentry_t l4e_from_padd - #define l3e_remove_flags(x, flags) ((x).l3 &= ~put_pte_flags(flags)) - #define l4e_remove_flags(x, flags) ((x).l4 &= ~put_pte_flags(flags)) - -+/* Flip flags in an existing L1 PTE. */ -+#define l1e_flip_flags(x, flags) ((x).l1 ^= put_pte_flags(flags)) -+ - /* Check if a pte's page mapping or significant access flags have changed. */ - #define l1e_has_changed(x,y,flags) \ - ( !!(((x).l1 ^ (y).l1) & ((PADDR_MASK&PAGE_MASK)|put_pte_flags(flags))) ) -Index: xen-4.6.1-testing/xen/arch/x86/mm.c -=================================================================== ---- xen-4.6.1-testing.orig/xen/arch/x86/mm.c -+++ xen-4.6.1-testing/xen/arch/x86/mm.c -@@ -178,6 +178,18 @@ static uint32_t base_disallow_mask; - is_pv_domain(d)) ? \ - L1_DISALLOW_MASK : (L1_DISALLOW_MASK & ~PAGE_CACHE_ATTRS)) - -+static s8 __read_mostly opt_mmio_relax; -+static void __init parse_mmio_relax(const char *s) -+{ -+ if ( !*s ) -+ opt_mmio_relax = 1; -+ else -+ opt_mmio_relax = parse_bool(s); -+ if ( opt_mmio_relax < 0 && strcmp(s, "all") ) -+ opt_mmio_relax = 0; -+} -+custom_param("mmio-relax", parse_mmio_relax); -+ - static void __init init_frametable_chunk(void *start, void *end) - { - unsigned long s = (unsigned long)start; -@@ -799,10 +811,7 @@ get_page_from_l1e( - if ( !mfn_valid(mfn) || - (real_pg_owner = page_get_owner_and_reference(page)) == dom_io ) - { --#ifndef NDEBUG -- const unsigned long *ro_map; -- unsigned int seg, bdf; --#endif -+ int flip = 0; - - /* Only needed the reference to confirm dom_io ownership. */ - if ( mfn_valid(mfn) ) -@@ -836,24 +845,57 @@ get_page_from_l1e( - return -EINVAL; - } - -- if ( !(l1f & _PAGE_RW) || -- !rangeset_contains_singleton(mmio_ro_ranges, mfn) ) -- return 0; -+ if ( !rangeset_contains_singleton(mmio_ro_ranges, mfn) ) -+ { -+ /* MMIO pages must not be mapped cachable unless requested so. */ -+ switch ( opt_mmio_relax ) -+ { -+ case 0: -+ break; -+ case 1: -+ if ( !is_hardware_domain(l1e_owner) ) -+ break; -+ /* fallthrough */ -+ case -1: -+ return 0; -+ default: -+ ASSERT_UNREACHABLE(); -+ } -+ } -+ else if ( l1f & _PAGE_RW ) -+ { - #ifndef NDEBUG -- if ( !pci_mmcfg_decode(mfn, &seg, &bdf) || -- ((ro_map = pci_get_ro_map(seg)) != NULL && -- test_bit(bdf, ro_map)) ) -- printk(XENLOG_G_WARNING -- "d%d: Forcing read-only access to MFN %lx\n", -- l1e_owner->domain_id, mfn); -- else -- rangeset_report_ranges(mmio_ro_ranges, 0, ~0UL, -- print_mmio_emul_range, -- &(struct mmio_emul_range_ctxt){ -- .d = l1e_owner, -- .mfn = mfn }); -+ const unsigned long *ro_map; -+ unsigned int seg, bdf; -+ -+ if ( !pci_mmcfg_decode(mfn, &seg, &bdf) || -+ ((ro_map = pci_get_ro_map(seg)) != NULL && -+ test_bit(bdf, ro_map)) ) -+ printk(XENLOG_G_WARNING -+ "d%d: Forcing read-only access to MFN %lx\n", -+ l1e_owner->domain_id, mfn); -+ else -+ rangeset_report_ranges(mmio_ro_ranges, 0, ~0UL, -+ print_mmio_emul_range, -+ &(struct mmio_emul_range_ctxt){ -+ .d = l1e_owner, -+ .mfn = mfn }); - #endif -- return 1; -+ flip = _PAGE_RW; -+ } -+ -+ switch ( l1f & PAGE_CACHE_ATTRS ) -+ { -+ case 0: /* WB */ -+ flip |= _PAGE_PWT | _PAGE_PCD; -+ break; -+ case _PAGE_PWT: /* WT */ -+ case _PAGE_PWT | _PAGE_PAT: /* WP */ -+ flip |= _PAGE_PCD | (l1f & _PAGE_PAT); -+ break; -+ } -+ -+ return flip; - } - - if ( unlikely( (real_pg_owner != pg_owner) && -@@ -1243,8 +1285,9 @@ static int alloc_l1_table(struct page_in - goto fail; - case 0: - break; -- case 1: -- l1e_remove_flags(pl1e[i], _PAGE_RW); -+ case _PAGE_RW ... _PAGE_RW | PAGE_CACHE_ATTRS: -+ ASSERT(!(ret & ~(_PAGE_RW | PAGE_CACHE_ATTRS))); -+ l1e_flip_flags(pl1e[i], ret); - break; - } - -@@ -1759,8 +1802,9 @@ static int mod_l1_entry(l1_pgentry_t *pl - return -EINVAL; - } - -- /* Fast path for identical mapping, r/w and presence. */ -- if ( !l1e_has_changed(ol1e, nl1e, _PAGE_RW | _PAGE_PRESENT) ) -+ /* Fast path for identical mapping, r/w, presence, and cachability. */ -+ if ( !l1e_has_changed(ol1e, nl1e, -+ PAGE_CACHE_ATTRS | _PAGE_RW | _PAGE_PRESENT) ) - { - adjust_guest_l1e(nl1e, pt_dom); - if ( UPDATE_ENTRY(l1, pl1e, ol1e, nl1e, gl1mfn, pt_vcpu, -@@ -1783,8 +1827,9 @@ static int mod_l1_entry(l1_pgentry_t *pl - return rc; - case 0: - break; -- case 1: -- l1e_remove_flags(nl1e, _PAGE_RW); -+ case _PAGE_RW ... _PAGE_RW | PAGE_CACHE_ATTRS: -+ ASSERT(!(rc & ~(_PAGE_RW | PAGE_CACHE_ATTRS))); -+ l1e_flip_flags(nl1e, rc); - rc = 0; - break; - } -@@ -5000,6 +5045,7 @@ static int ptwr_emulated_update( - l1_pgentry_t pte, ol1e, nl1e, *pl1e; - struct vcpu *v = current; - struct domain *d = v->domain; -+ int ret; - - /* Only allow naturally-aligned stores within the original %cr2 page. */ - if ( unlikely(((addr^ptwr_ctxt->cr2) & PAGE_MASK) || (addr & (bytes-1))) ) -@@ -5047,7 +5093,7 @@ static int ptwr_emulated_update( - - /* Check the new PTE. */ - nl1e = l1e_from_intpte(val); -- switch ( get_page_from_l1e(nl1e, d, d) ) -+ switch ( ret = get_page_from_l1e(nl1e, d, d) ) - { - default: - if ( is_pv_32bit_domain(d) && (bytes == 4) && (unaligned_addr & 4) && -@@ -5071,8 +5117,9 @@ static int ptwr_emulated_update( - break; - case 0: - break; -- case 1: -- l1e_remove_flags(nl1e, _PAGE_RW); -+ case _PAGE_RW ... _PAGE_RW | PAGE_CACHE_ATTRS: -+ ASSERT(!(ret & ~(_PAGE_RW | PAGE_CACHE_ATTRS))); -+ l1e_flip_flags(nl1e, ret); - break; - } - diff --git a/xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch b/xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch deleted file mode 100644 index 3437854..0000000 --- a/xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch +++ /dev/null @@ -1,55 +0,0 @@ -References: bsc#957988 - -From 12b11658a9d6a654a1e7acbf2f2d56ce9a396c86 Mon Sep 17 00:00:00 2001 -From: David Vrabel -Date: Fri, 20 Nov 2015 11:59:05 -0500 -Subject: [PATCH 1/3] xen: Add RING_COPY_REQUEST() - -Using RING_GET_REQUEST() on a shared ring is easy to use incorrectly -(i.e., by not considering that the other end may alter the data in the -shared ring while it is being inspected). Safe usage of a request -generally requires taking a local copy. - -Provide a RING_COPY_REQUEST() macro to use instead of -RING_GET_REQUEST() and an open-coded memcpy(). This takes care of -ensuring that the copy is done correctly regardless of any possible -compiler optimizations. - -Use a volatile source to prevent the compiler from reordering or -omitting the copy. - -This is part of XSA155. - -Signed-off-by: David Vrabel -Signed-off-by: Konrad Rzeszutek Wilk ---- -v2: Add comment about GCC bug. ---- - xen/include/public/io/ring.h | 14 ++++++++++++++ - 1 file changed, 14 insertions(+) - -Index: xen-4.6.0-testing/xen/include/public/io/ring.h -=================================================================== ---- xen-4.6.0-testing.orig/xen/include/public/io/ring.h -+++ xen-4.6.0-testing/xen/include/public/io/ring.h -@@ -212,6 +212,20 @@ typedef struct __name##_back_ring __name - #define RING_GET_REQUEST(_r, _idx) \ - (&((_r)->sring->ring[((_idx) & (RING_SIZE(_r) - 1))].req)) - -+/* -+ * Get a local copy of a request. -+ * -+ * Use this in preference to RING_GET_REQUEST() so all processing is -+ * done on a local copy that cannot be modified by the other end. -+ * -+ * Note that https://gcc.gnu.org/bugzilla/show_bug.cgi?id=58145 may cause this -+ * to be ineffective where _req is a struct which consists of only bitfields. -+ */ -+#define RING_COPY_REQUEST(_r, _idx, _req) do { \ -+ /* Use volatile to force the copy into _req. */ \ -+ *(_req) = *(volatile typeof(_req))RING_GET_REQUEST(_r, _idx); \ -+} while (0) -+ - #define RING_GET_RESPONSE(_r, _idx) \ - (&((_r)->sring->ring[((_idx) & (RING_SIZE(_r) - 1))].rsp)) - diff --git a/xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch b/xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch deleted file mode 100644 index d0b4eb2..0000000 --- a/xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch +++ /dev/null @@ -1,74 +0,0 @@ -References: bsc#957988 - -From 851ffb4eea917e2708c912291dea4d133026c0ac Mon Sep 17 00:00:00 2001 -From: Konrad Rzeszutek Wilk -Date: Fri, 20 Nov 2015 12:16:02 -0500 -Subject: [PATCH 2/3] blktap2: Use RING_COPY_REQUEST - -Instead of RING_GET_REQUEST. Using a local copy of the -ring (and also with proper memory barriers) will mean -we can do not have to worry about the compiler optimizing -the code and doing a double-fetch in the shared memory space. - -This is part of XSA155. - -Signed-off-by: Konrad Rzeszutek Wilk - ---- -v2: Fix compile issues with tapdisk-vbd ---- - tools/blktap2/drivers/block-log.c | 3 ++- - tools/blktap2/drivers/tapdisk-vbd.c | 8 ++++---- - 2 files changed, 6 insertions(+), 5 deletions(-) - -Index: xen-4.6.0-testing/tools/blktap2/drivers/block-log.c -=================================================================== ---- xen-4.6.0-testing.orig/tools/blktap2/drivers/block-log.c -+++ xen-4.6.0-testing/tools/blktap2/drivers/block-log.c -@@ -494,11 +494,12 @@ static int ctl_kick(struct tdlog_state* - reqstart = s->bring.req_cons; - reqend = s->sring->req_prod; - -+ xen_mb(); - BDPRINTF("ctl: ring kicked (start = %u, end = %u)", reqstart, reqend); - - while (reqstart != reqend) { - /* XXX actually submit these! */ -- memcpy(&req, RING_GET_REQUEST(&s->bring, reqstart), sizeof(req)); -+ RING_COPY_REQUEST(&s->bring, reqstart, &req); - BDPRINTF("ctl: read request %"PRIu64":%u", req.sector, req.count); - s->bring.req_cons = ++reqstart; - -Index: xen-4.6.0-testing/tools/blktap2/drivers/tapdisk-vbd.c -=================================================================== ---- xen-4.6.0-testing.orig/tools/blktap2/drivers/tapdisk-vbd.c -+++ xen-4.6.0-testing/tools/blktap2/drivers/tapdisk-vbd.c -@@ -1555,7 +1555,7 @@ tapdisk_vbd_pull_ring_requests(td_vbd_t - int idx; - RING_IDX rp, rc; - td_ring_t *ring; -- blkif_request_t *req; -+ blkif_request_t req; - td_vbd_request_t *vreq; - - ring = &vbd->ring; -@@ -1566,16 +1566,16 @@ tapdisk_vbd_pull_ring_requests(td_vbd_t - xen_rmb(); - - for (rc = ring->fe_ring.req_cons; rc != rp; rc++) { -- req = RING_GET_REQUEST(&ring->fe_ring, rc); -+ RING_COPY_REQUEST(&ring->fe_ring, rc, &req); - ++ring->fe_ring.req_cons; - -- idx = req->id; -+ idx = req.id; - vreq = &vbd->request_list[idx]; - - ASSERT(list_empty(&vreq->next)); - ASSERT(vreq->secs_pending == 0); - -- memcpy(&vreq->req, req, sizeof(blkif_request_t)); -+ memcpy(&vreq->req, &req, sizeof(blkif_request_t)); - vbd->received++; - vreq->vbd = vbd; - diff --git a/xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch b/xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch deleted file mode 100644 index 6827e78..0000000 --- a/xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch +++ /dev/null @@ -1,38 +0,0 @@ -From c1fce65e2b720684ea6ba76ae59921542bd154bb Mon Sep 17 00:00:00 2001 -From: Konrad Rzeszutek Wilk -Date: Fri, 20 Nov 2015 12:22:14 -0500 -Subject: [PATCH 3/3] libvchan: Read prod/cons only once. - -We must ensure that the prod/cons are only read once and that -the compiler won't try to optimize the reads. That is split -the read of these in multiple instructions influencing later -branch code. As such insert barriers when fetching the cons -and prod index. - -This is part of XSA155. - -Signed-off-by: Konrad Rzeszutek Wilk ---- - tools/libvchan/io.c | 2 ++ - 1 file changed, 2 insertions(+) - -Index: xen-4.6.0-testing/tools/libvchan/io.c -=================================================================== ---- xen-4.6.0-testing.orig/tools/libvchan/io.c -+++ xen-4.6.0-testing/tools/libvchan/io.c -@@ -117,6 +117,7 @@ static inline int send_notify(struct lib - static inline int raw_get_data_ready(struct libxenvchan *ctrl) - { - uint32_t ready = rd_prod(ctrl) - rd_cons(ctrl); -+ xen_mb(); /* Ensure 'ready' is read only once. */ - if (ready > rd_ring_size(ctrl)) - /* We have no way to return errors. Locking up the ring is - * better than the alternatives. */ -@@ -158,6 +159,7 @@ int libxenvchan_data_ready(struct libxen - static inline int raw_get_buffer_space(struct libxenvchan *ctrl) - { - uint32_t ready = wr_ring_size(ctrl) - (wr_prod(ctrl) - wr_cons(ctrl)); -+ xen_mb(); /* Ensure 'ready' is read only once. */ - if (ready > wr_ring_size(ctrl)) - /* We have no way to return errors. Locking up the ring is - * better than the alternatives. */ diff --git a/xsa170.patch b/xsa170.patch deleted file mode 100644 index d3a5de0..0000000 --- a/xsa170.patch +++ /dev/null @@ -1,83 +0,0 @@ -References: bsc#965317 CVE-2016-2271 XSA-170 - -x86/VMX: sanitize rIP before re-entering guest - -... to prevent guest user mode arranging for a guest crash (due to -failed VM entry). (On the AMD system I checked, hardware is doing -exactly the canonicalization being added here.) - -Note that fixing this in an architecturally correct way would be quite -a bit more involved: Making the x86 instruction emulator check all -branch targets for validity, plus dealing with invalid rIP resulting -from update_guest_eip() or incoming directly during a VM exit. The only -way to get the latter right would be by not having hardware do the -injection. - -Note further that there are a two early returns from -vmx_vmexit_handler(): One (through vmx_failed_vmentry()) leads to -domain_crash() anyway, and the other covers real mode only and can -neither occur with a non-canonical rIP nor result in an altered rIP, -so we don't need to force those paths through the checking logic. - -This is XSA-170. - -Reported-by: 刘令 -Signed-off-by: Jan Beulich -Reviewed-by: Andrew Cooper -Tested-by: Andrew Cooper - -Index: xen-4.6.1-testing/xen/arch/x86/hvm/vmx/vmx.c -=================================================================== ---- xen-4.6.1-testing.orig/xen/arch/x86/hvm/vmx/vmx.c -+++ xen-4.6.1-testing/xen/arch/x86/hvm/vmx/vmx.c -@@ -2879,7 +2879,7 @@ static int vmx_handle_apic_write(void) - void vmx_vmexit_handler(struct cpu_user_regs *regs) - { - unsigned long exit_qualification, exit_reason, idtv_info, intr_info = 0; -- unsigned int vector = 0; -+ unsigned int vector = 0, mode; - struct vcpu *v = current; - - __vmread(GUEST_RIP, ®s->rip); -@@ -3468,6 +3468,41 @@ void vmx_vmexit_handler(struct cpu_user_ - out: - if ( nestedhvm_vcpu_in_guestmode(v) ) - nvmx_idtv_handling(); -+ -+ /* -+ * VM entry will fail (causing the guest to get crashed) if rIP (and -+ * rFLAGS, but we don't have an issue there) doesn't meet certain -+ * criteria. As we must not allow less than fully privileged mode to have -+ * such an effect on the domain, we correct rIP in that case (accepting -+ * this not being architecturally correct behavior, as the injected #GP -+ * fault will then not see the correct [invalid] return address). -+ * And since we know the guest will crash, we crash it right away if it -+ * already is in most privileged mode. -+ */ -+ mode = vmx_guest_x86_mode(v); -+ if ( mode == 8 ? !is_canonical_address(regs->rip) -+ : regs->rip != regs->_eip ) -+ { -+ struct segment_register ss; -+ -+ gprintk(XENLOG_WARNING, "Bad rIP %lx for mode %u\n", regs->rip, mode); -+ -+ vmx_get_segment_register(v, x86_seg_ss, &ss); -+ if ( ss.attr.fields.dpl ) -+ { -+ __vmread(VM_ENTRY_INTR_INFO, &intr_info); -+ if ( !(intr_info & INTR_INFO_VALID_MASK) ) -+ hvm_inject_hw_exception(TRAP_gp_fault, 0); -+ /* Need to fix rIP nevertheless. */ -+ if ( mode == 8 ) -+ regs->rip = (long)(regs->rip << (64 - VADDR_BITS)) >> -+ (64 - VADDR_BITS); -+ else -+ regs->rip = regs->_eip; -+ } -+ else -+ domain_crash(v->domain); -+ } - } - - void vmx_vmenter_helper(const struct cpu_user_regs *regs)