Hello community, here is the log from the commit of package xen for openSUSE:Factory checked in at 2017-01-31 12:27:17 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/xen (Old) and /work/SRC/openSUSE:Factory/.xen.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "xen" Changes: -------- --- /work/SRC/openSUSE:Factory/xen/xen.changes 2016-09-17 14:34:17.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2017-02-03 20:05:39.761672482 +0100 @@ -1,0 +2,274 @@ +Thu Jan 26 10:30:19 MST 2017 - [email protected] + +- Xen 4.8 requires the acpica package (iasl) to build. + fate#322313 and fate#322150 require the acpica package to be + ported to aarch64 which is now down. Enable aarch64 in the spec + for building Xen on aarch64. + xen.spec + +------------------------------------------------------------------- +Wed Jan 25 15:39:26 MST 2017 - [email protected] + +- bsc#1021952 - Virutalization/xen: Bug xen-tools missing + /usr/bin/domu-xenstore; guests fail to launch + tmp_build.patch + xen.spec + +------------------------------------------------------------------- +Wed Jan 18 10:50:52 UTC 2017 - [email protected] + +- No systemd presets for 42.3+ and SLE12SP3+ (bsc#1012842) + +------------------------------------------------------------------- +Thu Jan 12 11:34:06 MST 2017 - [email protected] + +- bsc#1007224 - broken symlinks in /usr/share/doc/packages/xen/misc/ + xen.spec + +------------------------------------------------------------------- +Mon Jan 9 10:54:19 MST 2017 - [email protected] + +- 585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch + Replaces xsa202.patch (bsc#1014298) +- 585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch + Replaces xsa203.patch (bsc#1014300) +- 58580060-x86-emul-correct-SYSCALL-eflags-handling.patch + Replaces xsa204.patch (bsc#1016340) +- Upstream patches from Jan + 58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch + 5853ed37-VT-d-correct-dma_msi_set_affinity.patch + 5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch + 585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch + 586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch + +------------------------------------------------------------------- +Mon Dec 19 10:32:51 MST 2016 - [email protected] + +- bsc#1016340 - VUL-0: CVE-2016-10013: xen: x86: Mishandling of + SYSCALL singlestep during emulation (XSA-204) + xsa204.patch + +------------------------------------------------------------------- +Thu Dec 15 09:08:18 MST 2016 - [email protected] + +- bsc#1012651 - VUL-0: CVE-2016-9932: xen: x86 CMPXCHG8B emulation + fails to ignore operand size override (XSA-200) + 58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch + +------------------------------------------------------------------- +Wed Dec 14 08:24:41 MST 2016 - [email protected] + +- bsc#1014298 - VUL-0: xen: x86 PV guests may be able to mask + interrupts (XSA-202) + xsa202.patch +- bsc#1014300 - VUL-0: xen: x86: missing NULL pointer check in + VMFUNC emulation (XSA-203) + xsa203.patch +- Upstream patches from Jan + 584806ce-x86emul-correct-PUSHF-POPF.patch + 584fc649-fix-determining-when-domain-creation-is-complete.patch + 58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch + 58510cac-x86emul-MOVNTI-no-REP-prefixes.patch + +------------------------------------------------------------------- +Mon Dec 5 15:32:00 MST 2016 - [email protected] + +- Update to Xen 4.8 FCS + xen-4.8.0-testing-src.tar.bz2 +- Dropped + xen-4.7.1-testing-src.tar.bz2 + 0001-libxc-Rework-extra-module-initialisation.patch + 0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch + 0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch + 0004-firmware-makefile-install-BIOS-blob.patch + 0005-libxl-Load-guest-BIOS-from-file.patch + 0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch + 0007-hvmloader-Grab-the-hvm_start_info-pointer.patch + 0008-hvmloader-Locate-the-BIOS-blob.patch + 0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch + 0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch + 0011-hvmloader-Load-OVMF-from-modules.patch + 0012-hvmloader-Specific-bios_load-function-required.patch + 0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch + 0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch + 57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch + 576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch + 5769106e-x86-generate-assembler-equates-for-synthesized.patch + 57a1e603-x86-time-adjust-local-system-time-initialization.patch + 57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch + 57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch + 57a30261-x86-support-newer-Intel-CPU-models.patch + 5810a9cc-x86-emul-Correct-decoding-of-SReg3-operands.patch + 581b2c3b-x86-emul-reject-LGDT-LIDT-with-non-canonical-addresses.patch + 581b647a-x86emul-L-S-G-I-DT-ignore-opsz-overrides-in-64-bit-mode.patch + 58249392-x86-svm-dont-clobber-eax-edx-if-RDMSR-intercept-fails.patch + 582c35d6-x86-vmx-correct-long-mode-check-in-vmx_cpuid_intercept.patch + 582c35ee-x86-traps-dont-call-hvm_hypervisor_cpuid_leaf-for-PV.patch + 58343dc2-x86-hvm-Fix-the-handling-of-non-present-segments.patch + 58343df8-x86-HVM-dont-load-LDTR-with-VM86-mode-attrs-during-task-switch.patch + 58343e24-x86-PV-writes-of-fs-and-gs-base-MSRs-require-canonical-addresses.patch + 58343e9e-libelf-fix-stack-memory-leak-when-loading-32-bit-symbol-tables.patch + 58343ec2-x86emul-fix-huge-bit-offset-handling.patch + 58343f29-x86-emul-correct-the-IDT-entry-calculation-in-inject_swint.patch + 58343f44-x86-svm-fix-injection-of-software-interrupts.patch + 58343f79-pygrub-Properly-quote-results-when-returning-them-to-the-caller.patch + CVE-2016-9381-xsa197-qemut.patch + CVE-2016-9637-xsa199-qemut.patch + +------------------------------------------------------------------- +Tue Nov 22 10:49:36 MST 2016 - [email protected] + +- bsc#1011652 - VUL-0: xen: qemu ioport array overflow + CVE-2016-9637-xsa199-qemut.patch + +------------------------------------------------------------------- +Fri Nov 18 11:30:20 MST 2016 - [email protected] + +- bsc#1009100 - VUL-0: CVE-2016-9386: XSA-191: xen: x86 null + segments not always treated as unusable + 58343dc2-x86-hvm-Fix-the-handling-of-non-present-segments.patch +- bsc#1009103 - VUL-0: CVE-2016-9382: XSA-192: xen: x86 task switch + to VM86 mode mis-handled + 58343df8-x86-HVM-dont-load-LDTR-with-VM86-mode-attrs-during-task-switch.patch +- bsc#1009104 - VUL-0: CVE-2016-9385: XSA-193: xen: x86 segment base + write emulation lacking canonical address checks + 58343e24-x86-PV-writes-of-fs-and-gs-base-MSRs-require-canonical-addresses.patch +- bsc#1009105 - VUL-0: CVE-2016-9384: XSA-194: xen: guest 32-bit + ELF symbol table load leaking host data + 58343e9e-libelf-fix-stack-memory-leak-when-loading-32-bit-symbol-tables.patch +- bsc#1009107 - VUL-0: CVE-2016-9383: XSA-195: xen: x86 64-bit bit + test instruction emulation broken + 58343ec2-x86emul-fix-huge-bit-offset-handling.patch +- bsc#1009108 - VUL-0: CVE-2016-9377,CVE-2016-9378: XSA-196: xen: + x86 software interrupt injection mis-handled + 58343f29-x86-emul-correct-the-IDT-entry-calculation-in-inject_swint.patch + 58343f44-x86-svm-fix-injection-of-software-interrupts.patch +- bsc#1009109 - VUL-0: CVE-2016-9381: XSA-197: xen: qemu incautious + about shared ring processing + CVE-2016-9381-xsa197-qemut.patch +- bsc#1009111 - VUL-0: CVE-2016-9379,CVE-2016-9380: XSA-198: xen: + delimiter injection vulnerabilities in pygrub + 58343f79-pygrub-Properly-quote-results-when-returning-them-to-the-caller.patch +- Upstream patches from Jan + 581b2c3b-x86-emul-reject-LGDT-LIDT-with-non-canonical-addresses.patch + 581b647a-x86emul-L-S-G-I-DT-ignore-opsz-overrides-in-64-bit-mode.patch + 58249392-x86-svm-dont-clobber-eax-edx-if-RDMSR-intercept-fails.patch + 582c35d6-x86-vmx-correct-long-mode-check-in-vmx_cpuid_intercept.patch + 582c35ee-x86-traps-dont-call-hvm_hypervisor_cpuid_leaf-for-PV.patch + +------------------------------------------------------------------- +Tue Nov 15 13:12:40 MST 2016 - [email protected] + +- Update to Xen Version 4.7.1 + xen-4.7.1-testing-src.tar.bz2 +- Dropped patches contained in new tarball + xen-4.7.0-testing-src.tar.bz2 + 575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch + 57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch + 57973099-have-schedulers-revise-initial-placement.patch + 579730e6-remove-buggy-initial-placement-algorithm.patch + 57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch + 57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch + 57ac6316-don-t-restrict-DMA-heap-to-node-0.patch + 57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch + 57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch + 57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch + 57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch + 57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch + 57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch + 57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch + 57c82be2-x86-32on64-adjust-call-gate-emulation.patch + 57c93e52-fix-error-in-libxl_device_usbdev_list.patch + 57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch + 57c96e2c-x86-correct-PT_NOTE-file-position.patch + 57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch + 57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch + 57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch + 57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch + 57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch + 57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch + 57d7ca5f-x86-domctl-fix-TOCTOU-race-in-XEN_DOMCTL_getvcpuextstate.patch + 57d7ca64-x86-domctl-fix-migration-of-guests-not-using-xsave.patch + 57da8883-credit1-fix-mask-to-be-used-for-tickling.patch + 57da8883-credit2-properly-schedule-migration-of-running-vcpu.patch + 57dfb1c5-x86-Intel-hide-CPUID-faulting-capability-from-guests.patch + 57e93e1d-x86emul-correct-loading-of-ss.patch + 57e93e4a-x86emul-don-t-allow-null-selector-for-LTR.patch + 57e93e89-x86-AMD-apply-erratum-665-workaround.patch ++++ 77 more lines (skipped) ++++ between /work/SRC/openSUSE:Factory/xen/xen.changes ++++ and /work/SRC/openSUSE:Factory/.xen.new/xen.changes Old: ---- 0001-libxc-Rework-extra-module-initialisation.patch 0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch 0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch 0004-firmware-makefile-install-BIOS-blob.patch 0005-libxl-Load-guest-BIOS-from-file.patch 0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch 0007-hvmloader-Grab-the-hvm_start_info-pointer.patch 0008-hvmloader-Locate-the-BIOS-blob.patch 0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch 0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch 0011-hvmloader-Load-OVMF-from-modules.patch 0012-hvmloader-Specific-bios_load-function-required.patch 0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch 0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch 57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch 575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch 576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch 57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch 5769106e-x86-generate-assembler-equates-for-synthesized.patch 57973099-have-schedulers-revise-initial-placement.patch 579730e6-remove-buggy-initial-placement-algorithm.patch 57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch 57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch 57a1e603-x86-time-adjust-local-system-time-initialization.patch 57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch 57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch 57a30261-x86-support-newer-Intel-CPU-models.patch 57ac6316-don-t-restrict-DMA-heap-to-node-0.patch 57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch 57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch 57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch 57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch 57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch 57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch 57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch 57c82be2-x86-32on64-adjust-call-gate-emulation.patch 57c93e52-fix-error-in-libxl_device_usbdev_list.patch 57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch 57c96e2c-x86-correct-PT_NOTE-file-position.patch 57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch 57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch 57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch 57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch 57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch 57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch xen-4.7.0-testing-src.tar.bz2 New: ---- 584806ce-x86emul-correct-PUSHF-POPF.patch 584fc649-fix-determining-when-domain-creation-is-complete.patch 58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch 58510cac-x86emul-MOVNTI-no-REP-prefixes.patch 58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch 5853ed37-VT-d-correct-dma_msi_set_affinity.patch 5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch 58580060-x86-emul-correct-SYSCALL-eflags-handling.patch 585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch 585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch 585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch 586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch xen-4.8.0-testing-src.tar.bz2 xen-arch-kconfig-nr_cpus.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ xen.spec ++++++ --- /var/tmp/diff_new_pack.KDvVbc/_old 2017-02-03 20:05:43.749111224 +0100 +++ /var/tmp/diff_new_pack.KDvVbc/_new 2017-02-03 20:05:43.757110098 +0100 @@ -1,7 +1,7 @@ # # spec file for package xen # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,12 +16,10 @@ # -# needssslcertforbuild - Name: xen ExclusiveArch: %ix86 x86_64 %arm aarch64 -%define changeset 31594 -%define xen_build_dir xen-4.7.0-testing +%define changeset 34159 +%define xen_build_dir xen-4.8.0-testing # %define with_kmp 0 %define with_gdbsx 0 @@ -47,15 +45,6 @@ %define with_dom0_support 1 %endif # -%define max_cpus 4 -%ifarch x86_64 -%if %suse_version >= 1315 -%define max_cpus 1024 -%else -%define max_cpus 512 -%endif -%endif -# %define xen_install_suffix %{nil} %ifarch x86_64 %define xen_install_suffix .gz @@ -75,7 +64,7 @@ %if %suse_version > 1220 %define with_systemd 1 %define include_systemd_preset 0 -%if %suse_version <= 1320 +%if %suse_version <= 1320 && 0%{?sle_version} < 120300 %define include_systemd_preset 1 %endif %systemd_requires @@ -139,10 +128,8 @@ %if %suse_version <= 1110 BuildRequires: pmtools %else -%ifarch %ix86 x86_64 BuildRequires: acpica %endif -%endif %ifarch x86_64 %if %{?with_gcc47}0 BuildRequires: gcc47 @@ -165,12 +152,12 @@ %endif %endif -Version: 4.7.0_12 +Version: 4.8.0_03 Release: 0 Summary: Xen Virtualization: Hypervisor (aka VMM aka Microkernel) License: GPL-2.0 Group: System/Kernel -Source0: xen-4.7.0-testing-src.tar.bz2 +Source0: xen-4.8.0-testing-src.tar.bz2 Source1: stubdom.tar.bz2 Source2: qemu-xen-traditional-dir-remote.tar.bz2 Source5: ipxe.tar.bz2 @@ -203,37 +190,18 @@ # For xen-libs Source99: baselibs.conf # Upstream patches -Patch1: 57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch -Patch2: 575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch -Patch3: 576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch -Patch4: 57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch -Patch5: 5769106e-x86-generate-assembler-equates-for-synthesized.patch -Patch6: 57973099-have-schedulers-revise-initial-placement.patch -Patch7: 579730e6-remove-buggy-initial-placement-algorithm.patch -Patch8: 57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch -Patch9: 57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch -Patch10: 57a1e603-x86-time-adjust-local-system-time-initialization.patch -Patch11: 57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch -Patch12: 57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch -Patch13: 57a30261-x86-support-newer-Intel-CPU-models.patch -Patch14: 57ac6316-don-t-restrict-DMA-heap-to-node-0.patch -Patch15: 57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch -Patch16: 57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch -Patch17: 57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch -Patch18: 57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch -Patch19: 57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch -Patch20: 57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch -Patch21: 57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch -Patch22: 57c82be2-x86-32on64-adjust-call-gate-emulation.patch -Patch23: 57c93e52-fix-error-in-libxl_device_usbdev_list.patch -Patch24: 57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch -Patch25: 57c96e2c-x86-correct-PT_NOTE-file-position.patch -Patch26: 57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch -Patch27: 57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch -Patch28: 57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch -Patch29: 57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch -Patch30: 57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch -Patch31: 57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch +Patch1: 584806ce-x86emul-correct-PUSHF-POPF.patch +Patch2: 584fc649-fix-determining-when-domain-creation-is-complete.patch +Patch3: 58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch +Patch4: 58510cac-x86emul-MOVNTI-no-REP-prefixes.patch +Patch5: 58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch +Patch6: 5853ed37-VT-d-correct-dma_msi_set_affinity.patch +Patch7: 5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch +Patch8: 58580060-x86-emul-correct-SYSCALL-eflags-handling.patch +Patch9: 585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch +Patch10: 585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch +Patch11: 585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch +Patch12: 586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch # Upstream qemu-traditional patches Patch250: VNC-Support-for-ExtendedKeyEvent-client-message.patch Patch251: 0001-net-move-the-tap-buffer-into-TAPState.patch @@ -267,6 +235,11 @@ Patch279: CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch Patch280: CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch Patch281: CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch +Patch282: CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch +Patch283: CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch +Patch284: CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch +Patch285: CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch +Patch286: CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch # qemu-traditional patches that are not upstream Patch350: blktap.patch Patch351: cdrom-removable.patch @@ -298,6 +271,7 @@ Patch401: vif-bridge-no-iptables.patch Patch402: vif-bridge-tap-fix.patch Patch403: xl-conf-default-bridge.patch +Patch404: xen-arch-kconfig-nr_cpus.patch # Needs to go upstream Patch420: suspend_evtchn_lock.patch Patch421: xenpaging.doc.patch @@ -327,22 +301,6 @@ Patch602: xen.build-compare.man.patch Patch603: ipxe-no-error-logical-not-parentheses.patch Patch604: ipxe-use-rpm-opt-flags.patch -# Anthony's "load BIOS via toolstack" patches -# http://lists.xenproject.org/archives/html/xen-devel/2016-03/msg01626.html -Patch700: 0001-libxc-Rework-extra-module-initialisation.patch -Patch701: 0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch -Patch702: 0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch -Patch703: 0004-firmware-makefile-install-BIOS-blob.patch -Patch704: 0005-libxl-Load-guest-BIOS-from-file.patch -Patch705: 0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch -Patch706: 0007-hvmloader-Grab-the-hvm_start_info-pointer.patch -Patch707: 0008-hvmloader-Locate-the-BIOS-blob.patch -Patch708: 0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch -Patch709: 0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch -Patch710: 0011-hvmloader-Load-OVMF-from-modules.patch -Patch711: 0012-hvmloader-Specific-bios_load-function-required.patch -Patch712: 0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch -Patch713: 0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch # Build patches Patch99996: xen.stubdom.newlib.patch Patch99998: tmp_build.patch @@ -568,25 +526,6 @@ %patch10 -p1 %patch11 -p1 %patch12 -p1 -%patch13 -p1 -%patch14 -p1 -%patch15 -p1 -%patch16 -p1 -%patch17 -p1 -%patch18 -p1 -%patch19 -p1 -%patch20 -p1 -%patch21 -p1 -%patch22 -p1 -%patch23 -p1 -%patch24 -p1 -%patch25 -p1 -%patch26 -p1 -%patch27 -p1 -%patch28 -p1 -%patch29 -p1 -%patch30 -p1 -%patch31 -p1 # Upstream qemu patches %patch250 -p1 %patch251 -p1 @@ -620,6 +559,11 @@ %patch279 -p1 %patch280 -p1 %patch281 -p1 +%patch282 -p1 +%patch283 -p1 +%patch284 -p1 +%patch285 -p1 +%patch286 -p1 # Qemu traditional %patch350 -p1 %patch351 -p1 @@ -651,6 +595,7 @@ %patch401 -p1 %patch402 -p1 %patch403 -p1 +%patch404 -p1 # Needs to go upstream %patch420 -p1 %patch421 -p1 @@ -666,7 +611,8 @@ %patch457 -p1 %patch458 -p1 %patch459 -p1 -%patch460 -p1 +# libxl.pvscsi.patch +#%patch460 -p1 %patch461 -p1 %patch462 -p1 %patch463 -p1 @@ -680,22 +626,6 @@ %patch602 -p1 %patch603 -p1 %patch604 -p1 -# Anthony's "load BIOS via toolstack" patches -# http://lists.xenproject.org/archives/html/xen-devel/2016-03/msg01626.html -%patch700 -p1 -%patch701 -p1 -%patch702 -p1 -%patch703 -p1 -%patch704 -p1 -%patch705 -p1 -%patch706 -p1 -%patch707 -p1 -%patch708 -p1 -%patch709 -p1 -%patch710 -p1 -%patch711 -p1 -%patch712 -p1 -%patch713 -p1 # Build patches %patch99996 -p1 %patch99998 -p1 @@ -914,7 +844,7 @@ %if %{?with_gcc48}0 CC=gcc-4.8 \ %endif - max_phys_cpus=%{max_cpus} debug=n crash_debug=n DEBUG_DIR=/boot DESTDIR=$RPM_BUILD_ROOT %{?_smp_mflags} + debug=n DEBUG_DIR=/boot DESTDIR=$RPM_BUILD_ROOT %{?_smp_mflags} make -C xen clean install_xen() { @@ -924,6 +854,12 @@ ext="-$1" mv $RPM_BUILD_ROOT/boot/xen-${XEN_FULLVERSION}%{xen_install_suffix} \ $RPM_BUILD_ROOT/boot/xen${ext}-${XEN_FULLVERSION}%{xen_install_suffix} + if test -d $RPM_BUILD_ROOT%{_libdir}/efi; then + mv $RPM_BUILD_ROOT%{_libdir}/efi/xen-${XEN_FULLVERSION}.efi $RPM_BUILD_ROOT%{_libdir}/efi/xen${ext}-${XEN_FULLVERSION}.efi + ln -sf xen${ext}-${XEN_FULLVERSION}.efi $RPM_BUILD_ROOT%{_libdir}/efi/xen${ext}-$XEN_VERSION.$XEN_SUBVERSION.efi + ln -sf xen${ext}-${XEN_FULLVERSION}.efi $RPM_BUILD_ROOT%{_libdir}/efi/xen${ext}-$XEN_VERSION.efi + ln -sf xen${ext}-${XEN_FULLVERSION}.efi $RPM_BUILD_ROOT%{_libdir}/efi/xen${ext}.efi + fi fi rm $RPM_BUILD_ROOT/boot/xen-$XEN_VERSION.$XEN_SUBVERSION%{xen_install_suffix} rm $RPM_BUILD_ROOT/boot/xen-$XEN_VERSION%{xen_install_suffix} @@ -936,11 +872,11 @@ find $RPM_BUILD_ROOT/boot -ls } %if %{with xen_debug} -make -C xen install max_phys_cpus=%{max_cpus} debug=y crash_debug=y DEBUG_DIR=/boot DESTDIR=$RPM_BUILD_ROOT %{?_smp_mflags} +make -C xen install debug=y DEBUG_DIR=/boot DESTDIR=$RPM_BUILD_ROOT %{?_smp_mflags} install_xen dbg make -C xen clean %endif -make -C xen install max_phys_cpus=%{max_cpus} debug=n crash_debug=n DEBUG_DIR=/boot DESTDIR=$RPM_BUILD_ROOT %{?_smp_mflags} +make -C xen install debug=n DEBUG_DIR=/boot DESTDIR=$RPM_BUILD_ROOT %{?_smp_mflags} install_xen make -C xen clean echo > xen.files.txt @@ -1108,11 +1044,11 @@ rm -rf $RPM_BUILD_ROOT/var rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/bash_completion.d/xl.sh rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/init.d/xen* -rm -f $RPM_BUILD_ROOT/%{_bindir}/*store* rm -f $RPM_BUILD_ROOT/%{_bindir}/*trace* rm -f $RPM_BUILD_ROOT/%{_bindir}/xenalyze* rm -f $RPM_BUILD_ROOT/%{_bindir}/xenco* rm -f $RPM_BUILD_ROOT/%{_bindir}/xen-cpuid +rm -f $RPM_BUILD_ROOT/%{_bindir}/xenstore* rm -f $RPM_BUILD_ROOT/%{_bindir}/pygrub rm -f $RPM_BUILD_ROOT/%{_bindir}/remus rm -f $RPM_BUILD_ROOT/usr/etc/qemu/target-x86_64.conf @@ -1167,8 +1103,6 @@ /usr/sbin/xentrace_setsize /usr/sbin/xentrace_setmask /usr/sbin/xenwatchdogd -/usr/sbin/gtracestat -/usr/sbin/gtraceview /usr/sbin/lock-util /usr/sbin/td-util /usr/sbin/vhd-update @@ -1205,6 +1139,7 @@ /etc/xen/scripts/block* /etc/xen/scripts/external-device-migrate /etc/xen/scripts/hotplugpath.sh +/etc/xen/scripts/launch-xenstore /etc/xen/scripts/locking.sh /etc/xen/scripts/logging.sh /etc/xen/scripts/vif2 @@ -1272,7 +1207,6 @@ %{_defaultdocdir}/xen/README.SUSE %{_defaultdocdir}/xen/boot.local.xenU %{_defaultdocdir}/xen/boot.xen -%{_defaultdocdir}/xen/misc %{_mandir}/man1/xentop.1.gz %{_mandir}/man1/xentrace_format.1.gz %{_mandir}/man1/xl.1.gz @@ -1335,7 +1269,7 @@ %ifarch %ix86 x86_64 /usr/bin/xen-detect %endif -/bin/domu-xenstore +/bin/domu-xenstore* /bin/xenstore-* %if %{?with_systemd}0 /usr/lib/udev @@ -1373,6 +1307,7 @@ %files doc-html %defattr(-,root,root) %dir %{_defaultdocdir}/xen +%{_defaultdocdir}/xen/misc %{_defaultdocdir}/xen/html %post ++++++ 584806ce-x86emul-correct-PUSHF-POPF.patch ++++++ # Commit e5c1b8145bccb7fc587ee5b0c95ace6c5e0c7ffd # Date 2016-12-07 13:55:42 +0100 # Author Jan Beulich <[email protected]> # Committer Jan Beulich <[email protected]> x86emul: correct PUSHF/POPF Both need to raise #GP(0) when in VM86 mode with IOPL < 3. Additionally PUSHF is documented to clear VM and RF from the value placed onto the stack. Signed-off-by: Jan Beulich <[email protected]> Reviewed-by: Andrew Cooper <[email protected]> --- a/xen/arch/x86/x86_emulate/x86_emulate.c +++ b/xen/arch/x86/x86_emulate/x86_emulate.c @@ -3085,13 +3085,20 @@ x86_emulate( } case 0x9c: /* pushf */ - src.val = _regs.eflags; + generate_exception_if((_regs.eflags & EFLG_VM) && + MASK_EXTR(_regs.eflags, EFLG_IOPL) != 3, + EXC_GP, 0); + src.val = _regs.eflags & ~(EFLG_VM | EFLG_RF); goto push; case 0x9d: /* popf */ { uint32_t mask = EFLG_VIP | EFLG_VIF | EFLG_VM; + if ( !mode_ring0() ) { + generate_exception_if((_regs.eflags & EFLG_VM) && + MASK_EXTR(_regs.eflags, EFLG_IOPL) != 3, + EXC_GP, 0); mask |= EFLG_IOPL; if ( !mode_iopl() ) mask |= EFLG_IF; ++++++ 584fc649-fix-determining-when-domain-creation-is-complete.patch ++++++ # Commit 9d71e02e8420b5d4a48d92446a1edbff498ee1c6 # Date 2016-12-13 09:58:33 +0000 # Author Andrew Cooper <[email protected]> # Committer Andrew Cooper <[email protected]> xen: Fix determining when domain creation is complete d->creation_finished is used in several places alter behaviour depending on whether the domain is being created, or is already running. However, there is a latent bug if a toolstack component makes a pair of pause/unpause calls, where creation will be considered finished prematurely. Signed-off-by: Andrew Cooper <[email protected]> Reviewed-by: Jan Beulich <[email protected]> Tested-by: Paul Durrant <[email protected]> --- a/xen/common/domain.c +++ b/xen/common/domain.c @@ -1004,13 +1004,6 @@ int domain_unpause_by_systemcontroller(s { int old, new, prev = d->controller_pause_count; - /* - * We record this information here for populate_physmap to figure out - * that the domain has finished being created. In fact, we're only - * allowed to set the MEMF_no_tlbflush flag during VM creation. - */ - d->creation_finished = true; - do { old = prev; @@ -1022,6 +1015,20 @@ int domain_unpause_by_systemcontroller(s prev = cmpxchg(&d->controller_pause_count, old, new); } while ( prev != old ); + /* + * d->controller_pause_count is initialised to 1, and the toolstack is + * responsible for making one unpause hypercall when it wishes the guest + * to start running. + * + * All other toolstack operations should make a pair of pause/unpause + * calls and rely on the reference counting here. + * + * Creation is considered finished when the controller reference count + * first drops to 0. + */ + if ( new == 0 ) + d->creation_finished = true; + domain_unpause(d); return 0; ++++++ 58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch ++++++ # Commit 54abe826c8297e12f805be2bcf318ef75cc7f58d # Date 2016-12-14 10:08:22 +0100 # Author Jan Beulich <[email protected]> # Committer Jan Beulich <[email protected]> x86emul: CMPXCHG{8,16}B ignore prefixes This removes 0F C7 from the list of two-byte opcodes treating prefixes 66, F3, and F2 as opcode extensions. We better manually handle this in the opcode specific code: - CMPXCHG8B ignores all these prefixes (its handling is being adjusted accordingly, with a respective test case added as well, to avoid re-introducing the subject of XSA-200), - RDRAND/RDSEED (support to be added subsequently) honor 66, but treat F3 and F2 as opcode extensions (resolving to RDPID in the RDSEED case, which in turn ignores 66). Signed-off-by: Jan Beulich <[email protected]> Reviewed-by: Andrew Cooper <[email protected]> --- a/tools/tests/x86_emulator/test_x86_emulator.c +++ b/tools/tests/x86_emulator/test_x86_emulator.c @@ -484,6 +484,24 @@ int main(int argc, char **argv) goto fail; printf("okay\n"); + printf("%-40s", "Testing cmpxchg8b (%edi) [opsize]..."); + instr[0] = 0x66; instr[1] = 0x0f; instr[2] = 0xc7; instr[3] = 0x0f; + res[0] = 0x12345678; + res[1] = 0x87654321; + regs.eflags = 0x200; + regs.eip = (unsigned long)&instr[0]; + regs.edi = (unsigned long)res; + rc = x86_emulate(&ctxt, &emulops); + if ( (rc != X86EMUL_OKAY) || + (res[0] != 0x12345678) || + (res[1] != 0x87654321) || + (regs.eax != 0x12345678) || + (regs.edx != 0x87654321) || + ((regs.eflags&0x240) != 0x200) || + (regs.eip != (unsigned long)&instr[4]) ) + goto fail; + printf("okay\n"); + printf("%-40s", "Testing movsxbd (%%eax),%%ecx..."); instr[0] = 0x0f; instr[1] = 0xbe; instr[2] = 0x08; regs.eflags = 0x200; --- a/xen/arch/x86/x86_emulate/x86_emulate.c +++ b/xen/arch/x86/x86_emulate/x86_emulate.c @@ -1848,7 +1848,7 @@ x86_decode_twobyte( case 0x79 ... 0x7f: case 0xae: case 0xc2: - case 0xc4 ... 0xc7: + case 0xc4 ... 0xc6: case 0xd0 ... 0xfe: ctxt->opcode |= MASK_INSR(vex.pfx, X86EMUL_OPC_PFX_MASK); break; @@ -5265,8 +5265,12 @@ x86_emulate( generate_exception_if((modrm_reg & 7) != 1, EXC_UD, -1); generate_exception_if(ea.type != OP_MEM, EXC_UD, -1); if ( op_bytes == 8 ) + { host_and_vcpu_must_have(cx16); - op_bytes *= 2; + op_bytes = 16; + } + else + op_bytes = 8; /* Get actual old value. */ if ( (rc = ops->read(ea.mem.seg, ea.mem.off, old, op_bytes, ++++++ 58510cac-x86emul-MOVNTI-no-REP-prefixes.patch ++++++ # Commit 96a7cb37b921d2b320183d194d143262e1dd5b53 # Date 2016-12-14 10:11:08 +0100 # Author Jan Beulich <[email protected]> # Committer Jan Beulich <[email protected]> x86emul: MOVNTI does not allow REP prefixes Just like 66, prefixes F3 and F2 cause #UD. Also adjust a related comment, which in its previous wording was misleading (as in 16-bit mode there would nothing be undone when adjusting operand size from 2 to 4). Signed-off-by: Jan Beulich <[email protected]> Reviewed-by: Andrew Cooper <[email protected]> --- a/xen/arch/x86/x86_emulate/x86_emulate.c +++ b/xen/arch/x86/x86_emulate/x86_emulate.c @@ -1847,8 +1847,7 @@ x86_decode_twobyte( case 0x50 ... 0x77: case 0x79 ... 0x7f: case 0xae: - case 0xc2: - case 0xc4 ... 0xc6: + case 0xc2 ... 0xc6: case 0xd0 ... 0xfe: ctxt->opcode |= MASK_INSR(vex.pfx, X86EMUL_OPC_PFX_MASK); break; @@ -2388,8 +2387,8 @@ x86_decode( } /* - * Undo the operand-size override effect of prefix 66 when it was - * determined to have another meaning. + * When prefix 66 has a meaning different from operand-size override, + * operand size defaults to 4 and can't be overridden to 2. */ if ( op_bytes == 2 && (ctxt->opcode & X86EMUL_OPC_PFX_MASK) == X86EMUL_OPC_66(0, 0) ) @@ -5255,7 +5254,6 @@ x86_emulate( case X86EMUL_OPC(0x0f, 0xc3): /* movnti */ /* Ignore the non-temporal hint for now. */ vcpu_must_have_sse2(); - generate_exception_if(dst.bytes <= 2, EXC_UD, -1); dst.val = src.val; break; ++++++ 58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch ++++++ # Commit 6e616a3cef4d782253787904bf3d641112eafa14 # Date 2016-12-15 11:13:32 +0100 # Author Jan Beulich <[email protected]> # Committer Jan Beulich <[email protected]> x86emul: ignore most segment bases for 64-bit mode in is_aligned() ops->read_segment() will report whatever is actually there in the register, so we need to actively distinguish ES/CS/SS/DS from FS/GS. Signed-off-by: Jan Beulich <[email protected]> Reviewed-by: Andrew Cooper <[email protected]> --- a/xen/arch/x86/x86_emulate/x86_emulate.c +++ b/xen/arch/x86/x86_emulate/x86_emulate.c @@ -1570,12 +1570,17 @@ static bool is_aligned(enum x86_segment /* Expecting powers of two only. */ ASSERT(!(size & (size - 1))); - /* No alignment checking when we have no way to read segment data. */ - if ( !ops->read_segment ) - return true; + if ( mode_64bit() && seg < x86_seg_fs ) + memset(®, 0, sizeof(reg)); + else + { + /* No alignment checking when we have no way to read segment data. */ + if ( !ops->read_segment ) + return true; - if ( ops->read_segment(seg, ®, ctxt) != X86EMUL_OKAY ) - return false; + if ( ops->read_segment(seg, ®, ctxt) != X86EMUL_OKAY ) + return false; + } return !((reg.base + offs) & (size - 1)); } ++++++ 5853ed37-VT-d-correct-dma_msi_set_affinity.patch ++++++ # Commit 7f885a1f49a75c770360b030666a5c1545156e5c # Date 2016-12-16 14:33:43 +0100 # Author Jan Beulich <[email protected]> # Committer Jan Beulich <[email protected]> VT-d: correct dma_msi_set_affinity() Commit 83cd2038fe ("VT-d: use msi_compose_msg()) together with 15aa6c6748 ("amd iommu: use base platform MSI implementation"), introducing the use of a per-CPU scratch CPU mask, went too far: dma_msi_set_affinity() may, at least in theory, be called in interrupt context, and hence the use of that scratch variable is not correct. Since the function overwrites the destination information anyway, allow msi_compose_msg() to be called with a NULL CPU mask, avoiding the use of that scratch variable. Signed-off-by: Jan Beulich <[email protected]> Reviewed-by: Kevin Tian <[email protected]> Reviewed-by: Andrew Cooper <[email protected]> --- a/xen/arch/x86/msi.c +++ b/xen/arch/x86/msi.c @@ -160,39 +160,37 @@ static bool_t msix_memory_decoded(const */ void msi_compose_msg(unsigned vector, const cpumask_t *cpu_mask, struct msi_msg *msg) { - unsigned dest; - memset(msg, 0, sizeof(*msg)); - if ( !cpumask_intersects(cpu_mask, &cpu_online_map) ) + + if ( vector < FIRST_DYNAMIC_VECTOR ) return; - if ( vector ) + if ( cpu_mask ) { cpumask_t *mask = this_cpu(scratch_mask); - cpumask_and(mask, cpu_mask, &cpu_online_map); - dest = cpu_mask_to_apicid(mask); + if ( !cpumask_intersects(cpu_mask, &cpu_online_map) ) + return; - msg->address_hi = MSI_ADDR_BASE_HI; - msg->address_lo = - MSI_ADDR_BASE_LO | - ((INT_DEST_MODE == 0) ? - MSI_ADDR_DESTMODE_PHYS: - MSI_ADDR_DESTMODE_LOGIC) | - ((INT_DELIVERY_MODE != dest_LowestPrio) ? - MSI_ADDR_REDIRECTION_CPU: - MSI_ADDR_REDIRECTION_LOWPRI) | - MSI_ADDR_DEST_ID(dest); - msg->dest32 = dest; - - msg->data = - MSI_DATA_TRIGGER_EDGE | - MSI_DATA_LEVEL_ASSERT | - ((INT_DELIVERY_MODE != dest_LowestPrio) ? - MSI_DATA_DELIVERY_FIXED: - MSI_DATA_DELIVERY_LOWPRI) | - MSI_DATA_VECTOR(vector); + cpumask_and(mask, cpu_mask, &cpu_online_map); + msg->dest32 = cpu_mask_to_apicid(mask); } + + msg->address_hi = MSI_ADDR_BASE_HI; + msg->address_lo = MSI_ADDR_BASE_LO | + (INT_DEST_MODE ? MSI_ADDR_DESTMODE_LOGIC + : MSI_ADDR_DESTMODE_PHYS) | + ((INT_DELIVERY_MODE != dest_LowestPrio) + ? MSI_ADDR_REDIRECTION_CPU + : MSI_ADDR_REDIRECTION_LOWPRI) | + MSI_ADDR_DEST_ID(msg->dest32); + + msg->data = MSI_DATA_TRIGGER_EDGE | + MSI_DATA_LEVEL_ASSERT | + ((INT_DELIVERY_MODE != dest_LowestPrio) + ? MSI_DATA_DELIVERY_FIXED + : MSI_DATA_DELIVERY_LOWPRI) | + MSI_DATA_VECTOR(vector); } static bool_t read_msi_msg(struct msi_desc *entry, struct msi_msg *msg) --- a/xen/drivers/passthrough/vtd/iommu.c +++ b/xen/drivers/passthrough/vtd/iommu.c @@ -1085,11 +1085,11 @@ static void dma_msi_set_affinity(struct return; } - msi_compose_msg(desc->arch.vector, desc->arch.cpu_mask, &msg); - /* Are these overrides really needed? */ + msi_compose_msg(desc->arch.vector, NULL, &msg); + msg.dest32 = dest; if (x2apic_enabled) msg.address_hi = dest & 0xFFFFFF00; - msg.address_lo &= ~MSI_ADDR_DEST_ID_MASK; + ASSERT(!(msg.address_lo & MSI_ADDR_DEST_ID_MASK)); msg.address_lo |= MSI_ADDR_DEST_ID(dest); iommu->msi.msg = msg; ++++++ 5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch ++++++ # Commit d7d3a82c28a1102ee6c9707071a946164bae0d57 # Date 2016-12-16 14:37:11 +0100 # Author Jan Beulich <[email protected]> # Committer Jan Beulich <[email protected]> x86emul: CMPXCHG16B requires an aligned operand This distinguishes it from CMPXCHG8B. Signed-off-by: Jan Beulich <[email protected]> Reviewed-by: Andrew Cooper <[email protected]> --- a/xen/arch/x86/x86_emulate/x86_emulate.c +++ b/xen/arch/x86/x86_emulate/x86_emulate.c @@ -5270,6 +5270,9 @@ x86_emulate( if ( op_bytes == 8 ) { host_and_vcpu_must_have(cx16); + generate_exception_if(!is_aligned(ea.mem.seg, ea.mem.off, 16, + ctxt, ops), + EXC_GP, 0); op_bytes = 16; } else ++++++ 58580060-x86-emul-correct-SYSCALL-eflags-handling.patch ++++++ # Commit b9a8061bc28930b0c922a5d828447c52e4e873c2 # Date 2016-12-19 15:44:32 +0000 # Author Andrew Cooper <[email protected]> # Committer Andrew Cooper <[email protected]> x86/emul: Correct the handling of eflags with SYSCALL A singlestep #DB is determined by the resulting eflags value from the execution of SYSCALL, not the original eflags value. By using the original eflags value, we negate the guest kernels attempt to protect itself from a privilege escalation by masking TF. (re)introduce a singlestep boolean, defaulting to the original eflags state, but have the SYSCALL emulation recalculate it after masking has occurred. This is XSA-204 Signed-off-by: Andrew Cooper <[email protected]> Reviewed-by: Jan Beulich <[email protected]> --- a/xen/arch/x86/x86_emulate/x86_emulate.c +++ b/xen/arch/x86/x86_emulate/x86_emulate.c @@ -4572,6 +4572,23 @@ x86_emulate( (rc = ops->write_segment(x86_seg_ss, &sreg, ctxt)) ) goto done; + /* + * SYSCALL (unlike most instructions) evaluates its singlestep action + * based on the resulting EFLG_TF, not the starting EFLG_TF. + * + * As the #DB is raised after the CPL change and before the OS can + * switch stack, it is a large risk for privilege escalation. + * + * 64bit kernels should mask EFLG_TF in MSR_FMASK to avoid any + * vulnerability. Running the #DB handler on an IST stack is also a + * mitigation. + * + * 32bit kernels have no ability to mask EFLG_TF at all. Their only + * mitigation is to use a task gate for handling #DB (or to not use + * enable EFER.SCE to start with). + */ + tf = _regs.eflags & EFLG_TF; + break; } @@ -5429,7 +5446,7 @@ x86_emulate( *ctxt->regs = _regs; - /* Inject #DB if single-step tracing was enabled at instruction start. */ + /* Should a singlestep #DB be raised? */ if ( tf && (rc == X86EMUL_OKAY) && ops->inject_hw_exception ) rc = ops->inject_hw_exception(EXC_DB, -1, ctxt) ? : X86EMUL_EXCEPTION; ++++++ 585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch ++++++ # Commit 0e47f92b072548800223f9a21ea051a017173915 # Date 2016-12-21 16:46:13 +0100 # Author Jan Beulich <[email protected]> # Committer Jan Beulich <[email protected]> x86: force EFLAGS.IF on when exiting to PV guests Guest kernels modifying instructions in the process of being emulated for another of their vCPU-s may effect EFLAGS.IF to be cleared upon next exiting to guest context, by converting the being emulated instruction to CLI (at the right point in time). Prevent any such bad effects by always forcing EFLAGS.IF on. And to cover hypothetical other similar issues, also force EFLAGS.{IOPL,NT,VM} to zero. This is CVE-2016-10024 / XSA-202. Signed-off-by: Jan Beulich <[email protected]> Reviewed-by: Andrew Cooper <[email protected]> --- a/xen/arch/x86/x86_64/compat/entry.S +++ b/xen/arch/x86/x86_64/compat/entry.S @@ -109,6 +109,8 @@ compat_process_trap: /* %rbx: struct vcpu, interrupts disabled */ ENTRY(compat_restore_all_guest) ASSERT_INTERRUPTS_DISABLED + mov $~(X86_EFLAGS_IOPL|X86_EFLAGS_NT|X86_EFLAGS_VM),%r11d + and UREGS_eflags(%rsp),%r11d .Lcr4_orig: .skip .Lcr4_alt_end - .Lcr4_alt, 0x90 .Lcr4_orig_end: @@ -144,6 +146,8 @@ ENTRY(compat_restore_all_guest) (.Lcr4_orig_end - .Lcr4_orig), \ (.Lcr4_alt_end - .Lcr4_alt) .popsection + or $X86_EFLAGS_IF,%r11 + mov %r11d,UREGS_eflags(%rsp) RESTORE_ALL adj=8 compat=1 .Lft0: iretq _ASM_PRE_EXTABLE(.Lft0, handle_exception) --- a/xen/arch/x86/x86_64/entry.S +++ b/xen/arch/x86/x86_64/entry.S @@ -40,28 +40,29 @@ restore_all_guest: testw $TRAP_syscall,4(%rsp) jz iret_exit_to_guest + movq 24(%rsp),%r11 # RFLAGS + andq $~(X86_EFLAGS_IOPL|X86_EFLAGS_NT|X86_EFLAGS_VM),%r11 + orq $X86_EFLAGS_IF,%r11 + /* Don't use SYSRET path if the return address is not canonical. */ movq 8(%rsp),%rcx sarq $47,%rcx incl %ecx cmpl $1,%ecx - ja .Lforce_iret + movq 8(%rsp),%rcx # RIP + ja iret_exit_to_guest cmpw $FLAT_USER_CS32,16(%rsp)# CS - movq 8(%rsp),%rcx # RIP - movq 24(%rsp),%r11 # RFLAGS movq 32(%rsp),%rsp # RSP je 1f sysretq 1: sysretl -.Lforce_iret: - /* Mimic SYSRET behavior. */ - movq 8(%rsp),%rcx # RIP - movq 24(%rsp),%r11 # RFLAGS ALIGN /* No special register assumptions. */ iret_exit_to_guest: + andl $~(X86_EFLAGS_IOPL|X86_EFLAGS_NT|X86_EFLAGS_VM),24(%rsp) + orl $X86_EFLAGS_IF,24(%rsp) addq $8,%rsp .Lft0: iretq _ASM_PRE_EXTABLE(.Lft0, handle_exception) ++++++ 585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch ++++++ # Commit 74dcd0ce6f4fadce8093e54f0fc1a45426577e13 # Date 2016-12-21 16:47:19 +0100 # Author Jan Beulich <[email protected]> # Committer Jan Beulich <[email protected]> x86/HVM: add missing NULL check before using VMFUNC hook This is CVE-2016-10025 / XSA-203. Signed-off-by: Jan Beulich <[email protected]> Reviewed-by: Andrew Cooper <[email protected]> --- a/xen/arch/x86/hvm/emulate.c +++ b/xen/arch/x86/hvm/emulate.c @@ -1694,6 +1694,8 @@ static int hvmemul_vmfunc( { int rc; + if ( !hvm_funcs.altp2m_vcpu_emulate_vmfunc ) + return X86EMUL_UNHANDLEABLE; rc = hvm_funcs.altp2m_vcpu_emulate_vmfunc(ctxt->regs); if ( rc != X86EMUL_OKAY ) hvmemul_inject_hw_exception(TRAP_invalid_op, HVM_DELIVER_NO_ERROR_CODE, ++++++ 585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch ++++++ # Commit 3ab1876504d409689824e161a8b04e57e1e5dd46 # Date 2016-12-22 13:32:46 +0000 # Author Andrew Cooper <[email protected]> # Committer Andrew Cooper <[email protected]> x86/emul: Correct the return value handling of VMFUNC The bracketing of x86_emulate() calling the ops->vmfunc() hook is wrong with respect to the assignment to rc, which can trip the new assertions in x86_emulate_wrapper(). The hvmemul_vmfunc() hook should only raise #UD if X86EMUL_EXCEPTION is returned. This is only a latent bug at the moment. Signed-off-by: Andrew Cooper <[email protected]> Reviewed-by: Jan Beulich <[email protected]> --- a/xen/arch/x86/hvm/emulate.c +++ b/xen/arch/x86/hvm/emulate.c @@ -1697,7 +1697,7 @@ static int hvmemul_vmfunc( if ( !hvm_funcs.altp2m_vcpu_emulate_vmfunc ) return X86EMUL_UNHANDLEABLE; rc = hvm_funcs.altp2m_vcpu_emulate_vmfunc(ctxt->regs); - if ( rc != X86EMUL_OKAY ) + if ( rc == X86EMUL_EXCEPTION ) hvmemul_inject_hw_exception(TRAP_invalid_op, HVM_DELIVER_NO_ERROR_CODE, ctxt); --- a/xen/arch/x86/x86_emulate/x86_emulate.c +++ b/xen/arch/x86/x86_emulate/x86_emulate.c @@ -4356,7 +4356,7 @@ x86_emulate( generate_exception_if(lock_prefix | rep_prefix() | (vex.pfx == vex_66), EXC_UD, -1); fail_if(!ops->vmfunc); - if ( (rc = ops->vmfunc(ctxt) != X86EMUL_OKAY) ) + if ( (rc = ops->vmfunc(ctxt)) != X86EMUL_OKAY ) goto done; goto no_writeback; ++++++ 586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch ++++++ # Commit 291dcb4dd0140fac0e439760b4d51b2892ff9264 # Date 2017-01-03 13:33:16 +0000 # Author Andrew Cooper <[email protected]> # Committer Andrew Cooper <[email protected]> x86/cpu: Don't update this_cpu for get_cpu_vendor(, gcv_guest) Otherwise booting a cross-vendor guest would cause PCPU hotplug to malfunction, because of trying to use the wrong CPU driver. Signed-off-by: Andrew Cooper <[email protected]> Reviewed-by: Jan Beulich <[email protected]> --- a/xen/arch/x86/cpu/common.c +++ b/xen/arch/x86/cpu/common.c @@ -166,7 +166,8 @@ int get_cpu_vendor(const char v[], enum if (!strcmp(v,cpu_devs[i]->c_ident[0]) || (cpu_devs[i]->c_ident[1] && !strcmp(v,cpu_devs[i]->c_ident[1]))) { - this_cpu = cpu_devs[i]; + if (mode == gcv_host) + this_cpu = cpu_devs[i]; return i; } } ++++++ CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch ++++++ References: bsc#1003030 CVE-2016-7908 Subject: net: mcf: limit buffer descriptor count From: Prasad J Pandit [email protected] Thu Sep 22 16:02:37 2016 +0530 Date: Tue Sep 27 17:54:22 2016 +0800: Git: 070c4b92b8cd5390889716677a0b92444d6e087a ColdFire Fast Ethernet Controller uses buffer descriptors to manage data flow to/fro receive & transmit queues. While transmitting packets, it could continue to read buffer descriptors if a buffer descriptor has length of zero and has crafted values in bd.flags. Set upper limit to number of buffer descriptors. Reported-by: Li Qiang <[email protected]> Signed-off-by: Prasad J Pandit <[email protected]> Reviewed-by: Paolo Bonzini <[email protected]> Signed-off-by: Jason Wang <[email protected]> Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/mcf_fec.c =================================================================== --- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/mcf_fec.c +++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/mcf_fec.c @@ -20,6 +20,7 @@ do { printf("mcf_fec: " fmt , ##args); } #define DPRINTF(fmt, args...) do {} while(0) #endif +#define FEC_MAX_DESC 1024 #define FEC_MAX_FRAME_SIZE 2032 typedef struct { @@ -144,7 +145,7 @@ static void mcf_fec_do_tx(mcf_fec_state uint32_t addr; mcf_fec_bd bd; int frame_size; - int len; + int len, descnt = 0; uint8_t frame[FEC_MAX_FRAME_SIZE]; uint8_t *ptr; @@ -152,7 +153,7 @@ static void mcf_fec_do_tx(mcf_fec_state ptr = frame; frame_size = 0; addr = s->tx_descriptor; - while (1) { + while (descnt++ < FEC_MAX_DESC) { mcf_fec_read_bd(&bd, addr); DPRINTF("tx_bd %x flags %04x len %d data %08x\n", addr, bd.flags, bd.length, bd.data); ++++++ CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch ++++++ References: bsc#1003032 CVE-2016-7909 The AMD PC-Net II emulator has set of control and status(CSR) registers. Of these, CSR76 and CSR78 hold receive and transmit descriptor ring length respectively. This ring length could range from 1 to 65535. Setting ring length to zero leads to an infinite loop in pcnet_rdra_addr. Add check to avoid it. Reported-by: Li Qiang <address@hidden> Signed-off-by: Prasad J Pandit <address@hidden> --- hw/net/pcnet.c | 3 +++ 1 file changed, 3 insertions(+) Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/pcnet.c =================================================================== --- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/pcnet.c +++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/pcnet.c @@ -1476,8 +1476,11 @@ static void pcnet_csr_writew(PCNetState case 47: /* POLLINT */ case 72: case 74: + break; case 76: /* RCVRL */ case 78: /* XMTRL */ + val = (val > 0) ? val : 512; + break; case 112: if (CSR_STOP(s) || CSR_SPND(s)) break; ++++++ CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch ++++++ References: bsc#1005004 CVE-2016-8667 The JAZZ RC4030 chipset emulator has a periodic timer and associated interval reload register. The reload value is used as divider when computing timer's next tick value. If reload value is large, it could lead to divide by zero error. Limit the interval reload value to avoid it. Reported-by: Huawei PSIRT <address@hidden> Signed-off-by: Prasad J Pandit <address@hidden> --- hw/dma/rc4030.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/rc4030.c =================================================================== --- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/rc4030.c +++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/rc4030.c @@ -366,7 +366,7 @@ static void rc4030_writel(void *opaque, break; /* Interval timer reload */ case 0x0228: - s->itr = val; + s->itr = val & 0x01FF; qemu_irq_lower(s->timer_irq); set_next_tick(s); break; ++++++ CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch ++++++ References: bsc#1005005 CVE-2016-8669 16550A UART device uses an oscillator to generate frequencies (baud base), which decide communication speed. This speed could be changed by dividing it by a divider. If the divider is greater than the baud base, speed is set to zero, leading to a divide by zero error. Add check to avoid it. Reported-by: Huawei PSIRT <address@hidden> Signed-off-by: Prasad J Pandit <address@hidden> --- hw/char/serial.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) Update per -> https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02400.html Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/serial.c =================================================================== --- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/serial.c +++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/serial.c @@ -227,8 +227,9 @@ static void serial_update_parameters(Ser int speed, parity, data_bits, stop_bits, frame_size; QEMUSerialSetParams ssp; - if (s->divider == 0) + if (s->divider == 0 || s->divider > s->baudbase) { return; + } frame_size = 1; if (s->lcr & 0x08) { ++++++ CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch ++++++ References: bsc#1007157 CVE-2016-8910 Subject: net: rtl8139: limit processing of ring descriptors From: Prasad J Pandit [email protected] Fri Oct 21 17:39:29 2016 +0530 Date: Wed Oct 26 09:57:59 2016 +0800: Git: c7c35916692fe010fef25ac338443d3fe40be225 RTL8139 ethernet controller in C+ mode supports multiple descriptor rings, each with maximum of 64 descriptors. While processing transmit descriptor ring in 'rtl8139_cplus_transmit', it does not limit the descriptor count and runs forever. Add check to avoid it. Reported-by: Andrew Henderson <[email protected]> Signed-off-by: Prasad J Pandit <[email protected]> Signed-off-by: Jason Wang <[email protected]> Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/rtl8139.c =================================================================== --- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/rtl8139.c +++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/rtl8139.c @@ -2367,7 +2367,7 @@ static void rtl8139_cplus_transmit(RTL81 { int txcount = 0; - while (rtl8139_cplus_transmit_one(s)) + while (txcount < 64 && rtl8139_cplus_transmit_one(s)) { ++txcount; } ++++++ bdrv_default_rwflag.patch ++++++ --- /var/tmp/diff_new_pack.KDvVbc/_old 2017-02-03 20:05:44.261039166 +0100 +++ /var/tmp/diff_new_pack.KDvVbc/_new 2017-02-03 20:05:44.261039166 +0100 @@ -1,10 +1,10 @@ Subject: modify default read/write flag in bdrv_init. Signed-off by Chunyan Liu <[email protected]> -Index: xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/vl.c +Index: xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c =================================================================== ---- xen-4.6.1-testing.orig/tools/qemu-xen-traditional-dir-remote/vl.c -+++ xen-4.6.1-testing/tools/qemu-xen-traditional-dir-remote/vl.c +--- xen-4.8.0-testing.orig/tools/qemu-xen-traditional-dir-remote/vl.c ++++ xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c @@ -2626,6 +2626,8 @@ int drive_init(struct drive_opt *arg, in strncpy(drives_table[nb_drives].serial, serial, sizeof(serial)); nb_drives++; ++++++ hibernate.patch ++++++ --- /var/tmp/diff_new_pack.KDvVbc/_old 2017-02-03 20:05:44.425016085 +0100 +++ /var/tmp/diff_new_pack.KDvVbc/_new 2017-02-03 20:05:44.425016085 +0100 @@ -1,8 +1,8 @@ -Index: xen-4.6.0-testing/tools/firmware/hvmloader/acpi/ssdt_s3.asl +Index: xen-4.8.0-testing/tools/libacpi/ssdt_s3.asl =================================================================== ---- xen-4.6.0-testing.orig/tools/firmware/hvmloader/acpi/ssdt_s3.asl -+++ xen-4.6.0-testing/tools/firmware/hvmloader/acpi/ssdt_s3.asl -@@ -19,13 +19,9 @@ +--- xen-4.8.0-testing.orig/tools/libacpi/ssdt_s3.asl ++++ xen-4.8.0-testing/tools/libacpi/ssdt_s3.asl +@@ -16,13 +16,9 @@ DefinitionBlock ("SSDT_S3.aml", "SSDT", 2, "Xen", "HVM", 0) { @@ -20,11 +20,11 @@ + */ } -Index: xen-4.6.0-testing/tools/firmware/hvmloader/acpi/ssdt_s4.asl +Index: xen-4.8.0-testing/tools/libacpi/ssdt_s4.asl =================================================================== ---- xen-4.6.0-testing.orig/tools/firmware/hvmloader/acpi/ssdt_s4.asl -+++ xen-4.6.0-testing/tools/firmware/hvmloader/acpi/ssdt_s4.asl -@@ -19,13 +19,9 @@ +--- xen-4.8.0-testing.orig/tools/libacpi/ssdt_s4.asl ++++ xen-4.8.0-testing/tools/libacpi/ssdt_s4.asl +@@ -16,13 +16,9 @@ DefinitionBlock ("SSDT_S4.aml", "SSDT", 2, "Xen", "HVM", 0) { ++++++ ioemu-disable-emulated-ide-if-pv.patch ++++++ --- /var/tmp/diff_new_pack.KDvVbc/_old 2017-02-03 20:05:44.485007641 +0100 +++ /var/tmp/diff_new_pack.KDvVbc/_new 2017-02-03 20:05:44.489007079 +0100 @@ -1,7 +1,7 @@ -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/qemu-xen.h +Index: xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/qemu-xen.h =================================================================== ---- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/qemu-xen.h -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/qemu-xen.h +--- xen-4.8.0-testing.orig/tools/qemu-xen-traditional-dir-remote/qemu-xen.h ++++ xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/qemu-xen.h @@ -1,6 +1,8 @@ #ifndef QEMU_XEN_H #define QEMU_XEN_H @@ -20,10 +20,10 @@ int xenstore_parse_disable_pf_config(void); int xenstore_fd(void); void xenstore_process_event(void *opaque); -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c +Index: xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c =================================================================== ---- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/vl.c -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c +--- xen-4.8.0-testing.orig/tools/qemu-xen-traditional-dir-remote/vl.c ++++ xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c @@ -5907,9 +5907,9 @@ int main(int argc, char **argv, char **e if ((msg = xenbus_read(XBT_NIL, "domid", &domid_s))) fprintf(stderr,"Can not read our own domid: %s\n", msg); @@ -36,10 +36,10 @@ #endif /* CONFIG_STUBDOM */ } -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/xenstore.c +Index: xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/xenstore.c =================================================================== ---- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/xenstore.c -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/xenstore.c +--- xen-4.8.0-testing.orig/tools/qemu-xen-traditional-dir-remote/xenstore.c ++++ xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/xenstore.c @@ -445,7 +445,7 @@ void xenstore_init(void) } } ++++++ ioemu-watchdog-linkage.patch ++++++ --- /var/tmp/diff_new_pack.KDvVbc/_old 2017-02-03 20:05:44.533000886 +0100 +++ /var/tmp/diff_new_pack.KDvVbc/_new 2017-02-03 20:05:44.533000886 +0100 @@ -7,10 +7,10 @@ Signed-off-by: Markus Armbruster <[email protected]> Signed-off-by: Anthony Liguori <[email protected]> -Index: xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.c +Index: xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.c =================================================================== ---- xen-4.2.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/watchdog.c -+++ xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.c +--- xen-4.8.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/watchdog.c ++++ xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.c @@ -26,6 +26,16 @@ #include "sysemu.h" #include "hw/watchdog.h" @@ -28,10 +28,10 @@ static LIST_HEAD(watchdog_list, WatchdogTimerModel) watchdog_list; void watchdog_add_model(WatchdogTimerModel *model) -Index: xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.h +Index: xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.h =================================================================== ---- xen-4.2.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/watchdog.h -+++ xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.h +--- xen-4.8.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/watchdog.h ++++ xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.h @@ -27,13 +27,6 @@ extern void wdt_i6300esb_init(void); extern void wdt_ib700_init(void); @@ -57,10 +57,10 @@ /* in hw/watchdog.c */ extern int select_watchdog(const char *p); extern int select_watchdog_action(const char *action); -Index: xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c +Index: xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c =================================================================== ---- xen-4.2.0-testing.orig/tools/qemu-xen-traditional-dir-remote/vl.c -+++ xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c +--- xen-4.8.0-testing.orig/tools/qemu-xen-traditional-dir-remote/vl.c ++++ xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c @@ -250,8 +250,6 @@ int no_shutdown = 0; int cursor_hide = 1; int graphic_rotate = 0; ++++++ ioemu-watchdog-support.patch ++++++ --- /var/tmp/diff_new_pack.KDvVbc/_old 2017-02-03 20:05:44.552998071 +0100 +++ /var/tmp/diff_new_pack.KDvVbc/_new 2017-02-03 20:05:44.556997509 +0100 @@ -10,10 +10,10 @@ Signed-off-by: Richard W.M. Jones <[email protected]> Signed-off-by: Anthony Liguori <[email protected]> -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/Makefile.target +Index: xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/Makefile.target =================================================================== ---- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/Makefile.target -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/Makefile.target +--- xen-4.8.0-testing.orig/tools/qemu-xen-traditional-dir-remote/Makefile.target ++++ xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/Makefile.target @@ -580,6 +580,10 @@ OBJS += e1000.o # Serial mouse OBJS += msmouse.o @@ -25,10 +25,10 @@ ifeq ($(TARGET_BASE_ARCH), i386) # Hardware support ifdef CONFIG_AUDIO -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/pc.c +Index: xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/hw/pc.c =================================================================== ---- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/pc.c -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/pc.c +--- xen-4.8.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/pc.c ++++ xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/hw/pc.c @@ -41,6 +41,7 @@ #include "virtio-balloon.h" #include "virtio-console.h" @@ -46,10 +46,10 @@ for(i = 0; i < nb_nics; i++) { NICInfo *nd = &nd_table[i]; -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.c +Index: xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.c =================================================================== --- /dev/null -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.c ++++ xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.c @@ -0,0 +1,136 @@ +/* + * Virtual hardware watchdog. @@ -187,10 +187,10 @@ + wdt_ib700_init(); + wdt_i6300esb_init(); +} -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.h +Index: xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.h =================================================================== --- /dev/null -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.h ++++ xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/hw/watchdog.h @@ -0,0 +1,65 @@ +/* + * Virtual hardware watchdog. @@ -257,10 +257,10 @@ +extern void register_watchdogs(void); + +#endif /* QEMU_WATCHDOG_H */ -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/wdt_i6300esb.c +Index: xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/hw/wdt_i6300esb.c =================================================================== --- /dev/null -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/wdt_i6300esb.c ++++ xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/hw/wdt_i6300esb.c @@ -0,0 +1,470 @@ +/* + * Virtual hardware watchdog. @@ -732,10 +732,10 @@ +{ + watchdog_add_model(&model); +} -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/wdt_ib700.c +Index: xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/hw/wdt_ib700.c =================================================================== --- /dev/null -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/hw/wdt_ib700.c ++++ xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/hw/wdt_ib700.c @@ -0,0 +1,112 @@ +/* + * Virtual hardware watchdog. @@ -849,10 +849,10 @@ + watchdog_add_model(&model); + timer = qemu_new_timer(vm_clock, ib700_timer_expired, NULL); +} -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/monitor.c +Index: xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/monitor.c =================================================================== ---- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/monitor.c -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/monitor.c +--- xen-4.8.0-testing.orig/tools/qemu-xen-traditional-dir-remote/monitor.c ++++ xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/monitor.c @@ -26,6 +26,7 @@ #include "hw/pcmcia.h" #include "hw/pc.h" @@ -884,10 +884,10 @@ { "cpu_set", "is", do_cpu_set_nr, "cpu [online|offline]", "change cpu state" }, { NULL, NULL, }, -Index: xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c +Index: xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c =================================================================== ---- xen-4.7.0-testing.orig/tools/qemu-xen-traditional-dir-remote/vl.c -+++ xen-4.7.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c +--- xen-4.8.0-testing.orig/tools/qemu-xen-traditional-dir-remote/vl.c ++++ xen-4.8.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c @@ -30,6 +30,7 @@ #include "hw/isa.h" #include "hw/baum.h" ++++++ ipxe-no-error-logical-not-parentheses.patch ++++++ --- /var/tmp/diff_new_pack.KDvVbc/_old 2017-02-03 20:05:44.588993005 +0100 +++ /var/tmp/diff_new_pack.KDvVbc/_new 2017-02-03 20:05:44.592992441 +0100 @@ -1,7 +1,7 @@ -Index: xen-4.6.0-testing/tools/firmware/etherboot/patches/ipxe-no-error-logical-not-parentheses.patch +Index: xen-4.8.0-testing/tools/firmware/etherboot/patches/ipxe-no-error-logical-not-parentheses.patch =================================================================== --- /dev/null -+++ xen-4.6.0-testing/tools/firmware/etherboot/patches/ipxe-no-error-logical-not-parentheses.patch ++++ xen-4.8.0-testing/tools/firmware/etherboot/patches/ipxe-no-error-logical-not-parentheses.patch @@ -0,0 +1,11 @@ +--- ipxe/src/Makefile.housekeeping.orig 2015-03-12 12:15:50.054891858 +0000 ++++ ipxe/src/Makefile.housekeeping 2015-03-12 12:16:05.978071221 +0000 @@ -14,12 +14,10 @@ + ASFLAGS += --fatal-warnings + endif + -Index: xen-4.6.0-testing/tools/firmware/etherboot/patches/series +Index: xen-4.8.0-testing/tools/firmware/etherboot/patches/series =================================================================== ---- xen-4.6.0-testing.orig/tools/firmware/etherboot/patches/series -+++ xen-4.6.0-testing/tools/firmware/etherboot/patches/series -@@ -4,3 +4,4 @@ build_fix_2.patch - build_fix_3.patch - build-compare.patch - build_fix_4.patch +--- xen-4.8.0-testing.orig/tools/firmware/etherboot/patches/series ++++ xen-4.8.0-testing/tools/firmware/etherboot/patches/series +@@ -1 +1,2 @@ + boot_prompt_option.patch +ipxe-no-error-logical-not-parentheses.patch ++++++ ipxe-use-rpm-opt-flags.patch ++++++ --- /var/tmp/diff_new_pack.KDvVbc/_old 2017-02-03 20:05:44.612989627 +0100 +++ /var/tmp/diff_new_pack.KDvVbc/_new 2017-02-03 20:05:44.612989627 +0100 @@ -1,9 +1,9 @@ References: bsc#969377 - xen does not build with GCC 6 -Index: xen-4.6.1-testing/tools/firmware/etherboot/patches/ipxe-use-rpm-opt-flags.patch +Index: xen-4.8.0-testing/tools/firmware/etherboot/patches/ipxe-use-rpm-opt-flags.patch =================================================================== --- /dev/null -+++ xen-4.6.1-testing/tools/firmware/etherboot/patches/ipxe-use-rpm-opt-flags.patch ++++ xen-4.8.0-testing/tools/firmware/etherboot/patches/ipxe-use-rpm-opt-flags.patch @@ -0,0 +1,11 @@ +--- ipxe/src/Makefile.orig 2016-03-04 15:48:15.000000000 -0700 ++++ ipxe/src/Makefile 2016-03-04 15:48:40.000000000 -0700 @@ -16,12 +16,11 @@ + ASFLAGS := + LDFLAGS := + MAKEDEPS := Makefile -Index: xen-4.6.1-testing/tools/firmware/etherboot/patches/series +Index: xen-4.8.0-testing/tools/firmware/etherboot/patches/series =================================================================== ---- xen-4.6.1-testing.orig/tools/firmware/etherboot/patches/series -+++ xen-4.6.1-testing/tools/firmware/etherboot/patches/series -@@ -5,3 +5,4 @@ build_fix_3.patch - build-compare.patch - build_fix_4.patch +--- xen-4.8.0-testing.orig/tools/firmware/etherboot/patches/series ++++ xen-4.8.0-testing/tools/firmware/etherboot/patches/series +@@ -1,2 +1,3 @@ + boot_prompt_option.patch ipxe-no-error-logical-not-parentheses.patch +ipxe-use-rpm-opt-flags.patch ++++++ ipxe.tar.bz2 ++++++ Binary files old/tools/firmware/etherboot/ipxe.tar.gz and new/tools/firmware/etherboot/ipxe.tar.gz differ ++++++ libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch ++++++ --- /var/tmp/diff_new_pack.KDvVbc/_old 2017-02-03 20:05:45.816820180 +0100 +++ /var/tmp/diff_new_pack.KDvVbc/_new 2017-02-03 20:05:45.824819054 +0100 @@ -7,11 +7,11 @@ tools/libxl/libxlu_disk_l.l | 1 + 5 files changed, 18 insertions(+), 1 deletion(-) -Index: xen-4.7.0-testing/tools/libxl/libxl.c +Index: xen-4.8.0-testing/tools/libxl/libxl.c =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl.c -+++ xen-4.7.0-testing/tools/libxl/libxl.c -@@ -2575,6 +2575,8 @@ static void device_disk_add(libxl__egc * +--- xen-4.8.0-testing.orig/tools/libxl/libxl.c ++++ xen-4.8.0-testing/tools/libxl/libxl.c +@@ -2306,6 +2306,8 @@ static void device_disk_add(libxl__egc * flexarray_append_pair(back, "discard-enable", libxl_defbool_val(disk->discard_enable) ? "1" : "0"); @@ -20,12 +20,12 @@ flexarray_append(front, "backend-id"); flexarray_append(front, GCSPRINTF("%d", disk->backend_domid)); -Index: xen-4.7.0-testing/tools/libxl/libxl.h +Index: xen-4.8.0-testing/tools/libxl/libxl.h =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl.h -+++ xen-4.7.0-testing/tools/libxl/libxl.h -@@ -253,6 +253,18 @@ - #define LIBXL_HAVE_BUILD_ID 1 +--- xen-4.8.0-testing.orig/tools/libxl/libxl.h ++++ xen-4.8.0-testing/tools/libxl/libxl.h +@@ -288,6 +288,18 @@ + #define LIBXL_HAVE_SCHED_CREDIT2_PARAMS 1 /* + * The libxl_device_disk has no way to indicate that cache=unsafe is @@ -43,10 +43,10 @@ * libxl ABI compatibility * * The only guarantee which libxl makes regarding ABI compatibility -Index: xen-4.7.0-testing/tools/libxl/libxlu_disk.c +Index: xen-4.8.0-testing/tools/libxl/libxlu_disk.c =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxlu_disk.c -+++ xen-4.7.0-testing/tools/libxl/libxlu_disk.c +--- xen-4.8.0-testing.orig/tools/libxl/libxlu_disk.c ++++ xen-4.8.0-testing/tools/libxl/libxlu_disk.c @@ -79,6 +79,8 @@ int xlu_disk_parse(XLU_Config *cfg, if (!disk->pdev_path || !strcmp(disk->pdev_path, "")) disk->format = LIBXL_DISK_FORMAT_EMPTY; @@ -56,10 +56,10 @@ if (!disk->vdev) { xlu__disk_err(&dpc,0, "no vdev specified"); -Index: xen-4.7.0-testing/tools/libxl/libxlu_disk_i.h +Index: xen-4.8.0-testing/tools/libxl/libxlu_disk_i.h =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxlu_disk_i.h -+++ xen-4.7.0-testing/tools/libxl/libxlu_disk_i.h +--- xen-4.8.0-testing.orig/tools/libxl/libxlu_disk_i.h ++++ xen-4.8.0-testing/tools/libxl/libxlu_disk_i.h @@ -10,7 +10,7 @@ typedef struct { void *scanner; YY_BUFFER_STATE buf; @@ -69,10 +69,10 @@ const char *spec; } DiskParseContext; -Index: xen-4.7.0-testing/tools/libxl/libxlu_disk_l.l +Index: xen-4.8.0-testing/tools/libxl/libxlu_disk_l.l =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxlu_disk_l.l -+++ xen-4.7.0-testing/tools/libxl/libxlu_disk_l.l +--- xen-4.8.0-testing.orig/tools/libxl/libxlu_disk_l.l ++++ xen-4.8.0-testing/tools/libxl/libxlu_disk_l.l @@ -195,6 +195,7 @@ colo-port=[^,]*,? { STRIP(','); setcolop colo-export=[^,]*,? { STRIP(','); SAVESTRING("colo-export", colo_export, FROMEQUALS); } active-disk=[^,]*,? { STRIP(','); SAVESTRING("active-disk", active_disk, FROMEQUALS); } ++++++ libxl.pvscsi.patch ++++++ --- /var/tmp/diff_new_pack.KDvVbc/_old 2017-02-03 20:05:45.832817929 +0100 +++ /var/tmp/diff_new_pack.KDvVbc/_new 2017-02-03 20:05:45.836817365 +0100 @@ -34,10 +34,10 @@ tools/libxl/xl_cmdtable.c | 15 16 files changed, 2326 insertions(+), 4 deletions(-) -Index: xen-4.7.0-testing/docs/man/xl.cfg.pod.5 +Index: xen-4.7.1-testing/docs/man/xl.cfg.pod.5.in =================================================================== ---- xen-4.7.0-testing.orig/docs/man/xl.cfg.pod.5 -+++ xen-4.7.0-testing/docs/man/xl.cfg.pod.5 +--- xen-4.7.1-testing.orig/docs/man/xl.cfg.pod.5.in ++++ xen-4.7.1-testing/docs/man/xl.cfg.pod.5.in @@ -517,6 +517,62 @@ value is optional if this is a guest dom =back @@ -101,10 +101,10 @@ =item B<vfb=[ "VFB_SPEC_STRING", "VFB_SPEC_STRING", ...]> Specifies the paravirtual framebuffer devices which should be supplied -Index: xen-4.7.0-testing/docs/man/xl.pod.1 +Index: xen-4.7.1-testing/docs/man/xl.pod.1.in =================================================================== ---- xen-4.7.0-testing.orig/docs/man/xl.pod.1 -+++ xen-4.7.0-testing/docs/man/xl.pod.1 +--- xen-4.7.1-testing.orig/docs/man/xl.pod.1.in ++++ xen-4.7.1-testing/docs/man/xl.pod.1.in @@ -1423,6 +1423,24 @@ List virtual trusted platform modules fo =back @@ -130,10 +130,10 @@ =head1 PCI PASS-THROUGH =over 4 -Index: xen-4.7.0-testing/tools/libxl/Makefile +Index: xen-4.7.1-testing/tools/libxl/Makefile =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/Makefile -+++ xen-4.7.0-testing/tools/libxl/Makefile +--- xen-4.7.1-testing.orig/tools/libxl/Makefile ++++ xen-4.7.1-testing/tools/libxl/Makefile @@ -108,6 +108,7 @@ endif LIBXL_LIBS += -lyajl @@ -150,11 +150,11 @@ libxlu_disk_l.o libxlu_disk.o libxlu_vif.o libxlu_pci.o $(LIBXLU_OBJS): CFLAGS += $(CFLAGS_libxenctrl) # For xentoollog.h -Index: xen-4.7.0-testing/tools/libxl/libxl.c +Index: xen-4.7.1-testing/tools/libxl/libxl.c =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl.c -+++ xen-4.7.0-testing/tools/libxl/libxl.c -@@ -4387,6 +4387,7 @@ DEFINE_DEVICE_REMOVE_CUSTOM(usbctrl, des +--- xen-4.7.1-testing.orig/tools/libxl/libxl.c ++++ xen-4.7.1-testing/tools/libxl/libxl.c +@@ -4399,6 +4399,7 @@ DEFINE_DEVICE_REMOVE_CUSTOM(usbctrl, des /* The following functions are defined: * libxl_device_disk_add * libxl_device_nic_add @@ -162,7 +162,7 @@ * libxl_device_vtpm_add * libxl_device_usbctrl_add * libxl_device_usbdev_add -@@ -4418,6 +4419,9 @@ DEFINE_DEVICE_ADD(disk) +@@ -4430,6 +4431,9 @@ DEFINE_DEVICE_ADD(disk) /* nic */ DEFINE_DEVICE_ADD(nic) @@ -172,7 +172,7 @@ /* vtpm */ DEFINE_DEVICE_ADD(vtpm) -@@ -7370,6 +7374,11 @@ int libxl_retrieve_domain_configuration( +@@ -7382,6 +7386,11 @@ int libxl_retrieve_domain_configuration( MERGE(nic, nics, COMPARE_DEVID, {}); @@ -184,10 +184,10 @@ MERGE(vtpm, vtpms, COMPARE_DEVID, {}); MERGE(pci, pcidevs, COMPARE_PCI, {}); -Index: xen-4.7.0-testing/tools/libxl/libxl.h +Index: xen-4.7.1-testing/tools/libxl/libxl.h =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl.h -+++ xen-4.7.0-testing/tools/libxl/libxl.h +--- xen-4.7.1-testing.orig/tools/libxl/libxl.h ++++ xen-4.7.1-testing/tools/libxl/libxl.h @@ -880,6 +880,13 @@ void libxl_mac_copy(libxl_ctx *ctx, libx #define LIBXL_HAVE_PCITOPOLOGY 1 @@ -244,10 +244,10 @@ /* Virtual TPMs */ int libxl_device_vtpm_add(libxl_ctx *ctx, uint32_t domid, libxl_device_vtpm *vtpm, const libxl_asyncop_how *ao_how) -Index: xen-4.7.0-testing/tools/libxl/libxl_create.c +Index: xen-4.7.1-testing/tools/libxl/libxl_create.c =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_create.c -+++ xen-4.7.0-testing/tools/libxl/libxl_create.c +--- xen-4.7.1-testing.orig/tools/libxl/libxl_create.c ++++ xen-4.7.1-testing/tools/libxl/libxl_create.c @@ -742,6 +742,8 @@ static void domcreate_bootloader_done(li static void domcreate_launch_dm(libxl__egc *egc, libxl__multidev *aodevs, int ret); @@ -322,10 +322,10 @@ /* Plug vtpm devices */ if (d_config->num_vtpms > 0) { /* Attach vtpms */ -Index: xen-4.7.0-testing/tools/libxl/libxl_device.c +Index: xen-4.7.1-testing/tools/libxl/libxl_device.c =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_device.c -+++ xen-4.7.0-testing/tools/libxl/libxl_device.c +--- xen-4.7.1-testing.orig/tools/libxl/libxl_device.c ++++ xen-4.7.1-testing/tools/libxl/libxl_device.c @@ -684,6 +684,7 @@ void libxl__multidev_prepared(libxl__egc * The following functions are defined: * libxl__add_disks @@ -342,10 +342,10 @@ DEFINE_DEVICES_ADD(vtpm) DEFINE_DEVICES_ADD(usbctrl) DEFINE_DEVICES_ADD(usbdev) -Index: xen-4.7.0-testing/tools/libxl/libxl_internal.h +Index: xen-4.7.1-testing/tools/libxl/libxl_internal.h =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_internal.h -+++ xen-4.7.0-testing/tools/libxl/libxl_internal.h +--- xen-4.7.1-testing.orig/tools/libxl/libxl_internal.h ++++ xen-4.7.1-testing/tools/libxl/libxl_internal.h @@ -2630,6 +2630,10 @@ _hidden void libxl__device_nic_add(libxl libxl_device_nic *nic, libxl__ao_device *aodev); @@ -368,10 +368,10 @@ _hidden void libxl__add_vtpms(libxl__egc *egc, libxl__ao *ao, uint32_t domid, libxl_domain_config *d_config, libxl__multidev *multidev); -Index: xen-4.7.0-testing/tools/libxl/libxl_types.idl +Index: xen-4.7.1-testing/tools/libxl/libxl_types.idl =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_types.idl -+++ xen-4.7.0-testing/tools/libxl/libxl_types.idl +--- xen-4.7.1-testing.orig/tools/libxl/libxl_types.idl ++++ xen-4.7.1-testing/tools/libxl/libxl_types.idl @@ -698,6 +698,43 @@ libxl_device_channel = Struct("device_ch ])), ]) @@ -446,10 +446,10 @@ libxl_vtpminfo = Struct("vtpminfo", [ ("backend", string), ("backend_id", uint32), -Index: xen-4.7.0-testing/tools/libxl/libxl_types_internal.idl +Index: xen-4.7.1-testing/tools/libxl/libxl_types_internal.idl =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_types_internal.idl -+++ xen-4.7.0-testing/tools/libxl/libxl_types_internal.idl +--- xen-4.7.1-testing.orig/tools/libxl/libxl_types_internal.idl ++++ xen-4.7.1-testing/tools/libxl/libxl_types_internal.idl @@ -24,6 +24,7 @@ libxl__device_kind = Enumeration("device (8, "VTPM"), (9, "VUSB"), @@ -458,10 +458,10 @@ ]) libxl__console_backend = Enumeration("console_backend", [ -Index: xen-4.7.0-testing/tools/libxl/libxl_vscsi.c +Index: xen-4.7.1-testing/tools/libxl/libxl_vscsi.c =================================================================== --- /dev/null -+++ xen-4.7.0-testing/tools/libxl/libxl_vscsi.c ++++ xen-4.7.1-testing/tools/libxl/libxl_vscsi.c @@ -0,0 +1,1169 @@ +/* + * Copyright (C) 2016 SUSE Linux GmbH @@ -1632,10 +1632,10 @@ + * indent-tabs-mode: nil + * End: + */ -Index: xen-4.7.0-testing/tools/libxl/libxlu_vscsi.c +Index: xen-4.7.1-testing/tools/libxl/libxlu_vscsi.c =================================================================== --- /dev/null -+++ xen-4.7.0-testing/tools/libxl/libxlu_vscsi.c ++++ xen-4.7.1-testing/tools/libxl/libxlu_vscsi.c @@ -0,0 +1,667 @@ +/* + * libxlu_vscsi.c - xl configuration file parsing: setup and helper functions @@ -2304,10 +2304,10 @@ + return ERROR_INVAL; +} +#endif -Index: xen-4.7.0-testing/tools/libxl/libxlutil.h +Index: xen-4.7.1-testing/tools/libxl/libxlutil.h =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxlutil.h -+++ xen-4.7.0-testing/tools/libxl/libxlutil.h +--- xen-4.7.1-testing.orig/tools/libxl/libxlutil.h ++++ xen-4.7.1-testing/tools/libxl/libxlutil.h @@ -118,6 +118,25 @@ int xlu_rdm_parse(XLU_Config *cfg, libxl int xlu_vif_parse_rate(XLU_Config *cfg, const char *rate, libxl_device_nic *nic); @@ -2334,10 +2334,10 @@ #endif /* LIBXLUTIL_H */ /* -Index: xen-4.7.0-testing/tools/libxl/xl.h +Index: xen-4.7.1-testing/tools/libxl/xl.h =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/xl.h -+++ xen-4.7.0-testing/tools/libxl/xl.h +--- xen-4.7.1-testing.orig/tools/libxl/xl.h ++++ xen-4.7.1-testing/tools/libxl/xl.h @@ -89,6 +89,9 @@ int main_channellist(int argc, char **ar int main_blockattach(int argc, char **argv); int main_blocklist(int argc, char **argv); @@ -2348,10 +2348,10 @@ int main_vtpmattach(int argc, char **argv); int main_vtpmlist(int argc, char **argv); int main_vtpmdetach(int argc, char **argv); -Index: xen-4.7.0-testing/tools/libxl/xl_cmdimpl.c +Index: xen-4.7.1-testing/tools/libxl/xl_cmdimpl.c =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/xl_cmdimpl.c -+++ xen-4.7.0-testing/tools/libxl/xl_cmdimpl.c +--- xen-4.7.1-testing.orig/tools/libxl/xl_cmdimpl.c ++++ xen-4.7.1-testing/tools/libxl/xl_cmdimpl.c @@ -1325,7 +1325,7 @@ static void parse_config_data(const char long l, vcpus = 0; XLU_Config *config; @@ -2598,10 +2598,10 @@ int main_vtpmattach(int argc, char **argv) { int opt; -Index: xen-4.7.0-testing/tools/libxl/xl_cmdtable.c +Index: xen-4.7.1-testing/tools/libxl/xl_cmdtable.c =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/xl_cmdtable.c -+++ xen-4.7.0-testing/tools/libxl/xl_cmdtable.c +--- xen-4.7.1-testing.orig/tools/libxl/xl_cmdtable.c ++++ xen-4.7.1-testing/tools/libxl/xl_cmdtable.c @@ -354,6 +354,21 @@ struct cmd_spec cmd_table[] = { "Destroy a domain's virtual block device", "<Domain> <DevId>", ++++++ libxl.set-migration-constraints-from-cmdline.patch ++++++ --- /var/tmp/diff_new_pack.KDvVbc/_old 2017-02-03 20:05:45.856814550 +0100 +++ /var/tmp/diff_new_pack.KDvVbc/_new 2017-02-03 20:05:45.856814550 +0100 @@ -89,13 +89,13 @@ tools/libxl/xl_cmdtable.c | 23 ++++++++++++++-------- 13 files changed, 156 insertions(+), 28 deletions(-) -Index: xen-4.7.0-testing/docs/man/xl.pod.1 +Index: xen-4.8.0-testing/docs/man/xl.pod.1.in =================================================================== ---- xen-4.7.0-testing.orig/docs/man/xl.pod.1 -+++ xen-4.7.0-testing/docs/man/xl.pod.1 -@@ -443,6 +443,26 @@ Send <config> instead of config file fro +--- xen-4.8.0-testing.orig/docs/man/xl.pod.1.in ++++ xen-4.8.0-testing/docs/man/xl.pod.1.in +@@ -447,6 +447,26 @@ Print huge (!) amount of debug during th - Print huge (!) amount of debug during the migration process. + Leave the domain on the receive side paused after migration. +=item B<--max_iters> I<number> + @@ -120,10 +120,10 @@ =back =item B<remus> [I<OPTIONS>] I<domain-id> I<host> -Index: xen-4.7.0-testing/tools/libxc/include/xenguest.h +Index: xen-4.8.0-testing/tools/libxc/include/xenguest.h =================================================================== ---- xen-4.7.0-testing.orig/tools/libxc/include/xenguest.h -+++ xen-4.7.0-testing/tools/libxc/include/xenguest.h +--- xen-4.8.0-testing.orig/tools/libxc/include/xenguest.h ++++ xen-4.8.0-testing/tools/libxc/include/xenguest.h @@ -29,6 +29,7 @@ #define XCFLAGS_HVM (1 << 2) #define XCFLAGS_STDVGA (1 << 3) @@ -145,10 +145,10 @@ /* callbacks provided by xc_domain_restore */ struct restore_callbacks { /* Called after a new checkpoint to suspend the guest. -Index: xen-4.7.0-testing/tools/libxc/xc_nomigrate.c +Index: xen-4.8.0-testing/tools/libxc/xc_nomigrate.c =================================================================== ---- xen-4.7.0-testing.orig/tools/libxc/xc_nomigrate.c -+++ xen-4.7.0-testing/tools/libxc/xc_nomigrate.c +--- xen-4.8.0-testing.orig/tools/libxc/xc_nomigrate.c ++++ xen-4.8.0-testing/tools/libxc/xc_nomigrate.c @@ -29,6 +29,16 @@ int xc_domain_save(xc_interface *xch, in return -1; } @@ -166,10 +166,10 @@ int xc_domain_restore(xc_interface *xch, int io_fd, uint32_t dom, unsigned int store_evtchn, unsigned long *store_mfn, domid_t store_domid, unsigned int console_evtchn, -Index: xen-4.7.0-testing/tools/libxc/xc_sr_common.h +Index: xen-4.8.0-testing/tools/libxc/xc_sr_common.h =================================================================== ---- xen-4.7.0-testing.orig/tools/libxc/xc_sr_common.h -+++ xen-4.7.0-testing/tools/libxc/xc_sr_common.h +--- xen-4.8.0-testing.orig/tools/libxc/xc_sr_common.h ++++ xen-4.8.0-testing/tools/libxc/xc_sr_common.h @@ -201,6 +201,7 @@ struct xc_sr_context /* Parameters for tweaking live migration. */ unsigned max_iterations; @@ -178,10 +178,10 @@ unsigned long p2m_size; -Index: xen-4.7.0-testing/tools/libxc/xc_sr_save.c +Index: xen-4.8.0-testing/tools/libxc/xc_sr_save.c =================================================================== ---- xen-4.7.0-testing.orig/tools/libxc/xc_sr_save.c -+++ xen-4.7.0-testing/tools/libxc/xc_sr_save.c +--- xen-4.8.0-testing.orig/tools/libxc/xc_sr_save.c ++++ xen-4.8.0-testing/tools/libxc/xc_sr_save.c @@ -511,6 +511,14 @@ static int send_memory_live(struct xc_sr goto out; } @@ -232,11 +232,11 @@ /* Sanity checks for callbacks. */ if ( hvm ) -Index: xen-4.7.0-testing/tools/libxl/libxl.c +Index: xen-4.8.0-testing/tools/libxl/libxl.c =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl.c -+++ xen-4.7.0-testing/tools/libxl/libxl.c -@@ -934,8 +934,9 @@ static void domain_suspend_cb(libxl__egc +--- xen-4.8.0-testing.orig/tools/libxl/libxl.c ++++ xen-4.8.0-testing/tools/libxl/libxl.c +@@ -926,8 +926,9 @@ static void domain_suspend_cb(libxl__egc } @@ -248,7 +248,7 @@ { AO_CREATE(ctx, domid, ao_how); int rc; -@@ -955,9 +956,15 @@ int libxl_domain_suspend(libxl_ctx *ctx, +@@ -947,9 +948,15 @@ int libxl_domain_suspend(libxl_ctx *ctx, dss->domid = domid; dss->fd = fd; dss->type = type; @@ -266,7 +266,7 @@ rc = libxl__fd_flags_modify_save(gc, dss->fd, ~(O_NONBLOCK|O_NDELAY), 0, -@@ -971,6 +978,20 @@ int libxl_domain_suspend(libxl_ctx *ctx, +@@ -963,6 +970,20 @@ int libxl_domain_suspend(libxl_ctx *ctx, return AO_CREATE_FAIL(rc); } @@ -287,11 +287,11 @@ int libxl_domain_pause(libxl_ctx *ctx, uint32_t domid) { int ret; -Index: xen-4.7.0-testing/tools/libxl/libxl.h +Index: xen-4.8.0-testing/tools/libxl/libxl.h =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl.h -+++ xen-4.7.0-testing/tools/libxl/libxl.h -@@ -1323,8 +1323,23 @@ int libxl_domain_suspend(libxl_ctx *ctx, +--- xen-4.8.0-testing.orig/tools/libxl/libxl.h ++++ xen-4.8.0-testing/tools/libxl/libxl.h +@@ -1371,8 +1371,23 @@ int libxl_domain_suspend(libxl_ctx *ctx, int flags, /* LIBXL_SUSPEND_* */ const libxl_asyncop_how *ao_how) LIBXL_EXTERNAL_CALLERS_ONLY; @@ -315,10 +315,10 @@ /* @param suspend_cancel [from xenctrl.h:xc_domain_resume( @param fast )] * If this parameter is true, use co-operative resume. The guest -Index: xen-4.7.0-testing/tools/libxl/libxl_dom_save.c +Index: xen-4.8.0-testing/tools/libxl/libxl_dom_save.c =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_dom_save.c -+++ xen-4.7.0-testing/tools/libxl/libxl_dom_save.c +--- xen-4.8.0-testing.orig/tools/libxl/libxl_dom_save.c ++++ xen-4.8.0-testing/tools/libxl/libxl_dom_save.c @@ -375,6 +375,7 @@ void libxl__domain_save(libxl__egc *egc, dss->xcflags = (live ? XCFLAGS_LIVE : 0) @@ -327,11 +327,11 @@ | (dss->hvm ? XCFLAGS_HVM : 0); /* Disallow saving a guest with vNUMA configured because migration -Index: xen-4.7.0-testing/tools/libxl/libxl_internal.h +Index: xen-4.8.0-testing/tools/libxl/libxl_internal.h =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_internal.h -+++ xen-4.7.0-testing/tools/libxl/libxl_internal.h -@@ -3292,6 +3292,10 @@ struct libxl__domain_save_state { +--- xen-4.8.0-testing.orig/tools/libxl/libxl_internal.h ++++ xen-4.8.0-testing/tools/libxl/libxl_internal.h +@@ -3279,6 +3279,10 @@ struct libxl__domain_save_state { /* private */ int rc; int hvm; @@ -342,10 +342,10 @@ int xcflags; libxl__domain_suspend_state dsps; union { -Index: xen-4.7.0-testing/tools/libxl/libxl_save_callout.c +Index: xen-4.8.0-testing/tools/libxl/libxl_save_callout.c =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_save_callout.c -+++ xen-4.7.0-testing/tools/libxl/libxl_save_callout.c +--- xen-4.8.0-testing.orig/tools/libxl/libxl_save_callout.c ++++ xen-4.8.0-testing/tools/libxl/libxl_save_callout.c @@ -89,7 +89,9 @@ void libxl__xc_domain_save(libxl__egc *e libxl__srm_callout_enumcallbacks_save(&shs->callbacks.save.a); @@ -357,10 +357,10 @@ cbflags, dss->checkpointed_stream, }; -Index: xen-4.7.0-testing/tools/libxl/libxl_save_helper.c +Index: xen-4.8.0-testing/tools/libxl/libxl_save_helper.c =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_save_helper.c -+++ xen-4.7.0-testing/tools/libxl/libxl_save_helper.c +--- xen-4.8.0-testing.orig/tools/libxl/libxl_save_helper.c ++++ xen-4.8.0-testing/tools/libxl/libxl_save_helper.c @@ -253,6 +253,7 @@ int main(int argc, char **argv) uint32_t dom = strtoul(NEXTARG,0,10); uint32_t max_iters = strtoul(NEXTARG,0,10); @@ -383,11 +383,11 @@ complete(r); } else if (!strcmp(mode,"--restore-domain")) { -Index: xen-4.7.0-testing/tools/libxl/xl_cmdimpl.c +Index: xen-4.8.0-testing/tools/libxl/xl_cmdimpl.c =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/xl_cmdimpl.c -+++ xen-4.7.0-testing/tools/libxl/xl_cmdimpl.c -@@ -4615,6 +4615,8 @@ static void migrate_do_preamble(int send +--- xen-4.8.0-testing.orig/tools/libxl/xl_cmdimpl.c ++++ xen-4.8.0-testing/tools/libxl/xl_cmdimpl.c +@@ -4682,6 +4682,8 @@ static void migrate_do_preamble(int send } static void migrate_domain(uint32_t domid, const char *rune, int debug, @@ -396,7 +396,7 @@ const char *override_config_file) { pid_t child = -1; -@@ -4623,7 +4625,13 @@ static void migrate_domain(uint32_t domi +@@ -4690,7 +4692,13 @@ static void migrate_domain(uint32_t domi char *away_domname; char rc_buf; uint8_t *config_data; @@ -411,7 +411,7 @@ save_domain_core_begin(domid, override_config_file, &config_data, &config_len); -@@ -4642,10 +4650,12 @@ static void migrate_domain(uint32_t domi +@@ -4709,10 +4717,12 @@ static void migrate_domain(uint32_t domi xtl_stdiostream_adjust_flags(logger, XTL_STDIOSTREAM_HIDE_PROGRESS, 0); if (debug) @@ -427,10 +427,10 @@ " (rc=%d)\n", rc); if (rc == ERROR_GUEST_TIMEDOUT) goto failed_suspend; -@@ -5060,13 +5070,18 @@ int main_migrate(int argc, char **argv) +@@ -5135,13 +5145,18 @@ int main_migrate(int argc, char **argv) char *rune = NULL; char *host; - int opt, daemonize = 1, monitor = 1, debug = 0; + int opt, daemonize = 1, monitor = 1, debug = 0, pause_after_migration = 0; + int max_iters = 0, max_factor = 0, min_remaining = 0, abort_if_busy = 0; static struct option opts[] = { {"debug", 0, 0, 0x100}, @@ -442,12 +442,12 @@ COMMON_LONG_OPTS }; -- SWITCH_FOREACH_OPT(opt, "FC:s:e", opts, "migrate", 2) { -+ SWITCH_FOREACH_OPT(opt, "FC:s:eM:m:A", opts, "migrate", 2) { +- SWITCH_FOREACH_OPT(opt, "FC:s:ep", opts, "migrate", 2) { ++ SWITCH_FOREACH_OPT(opt, "FC:s:epM:m:A", opts, "migrate", 2) { case 'C': config_filename = optarg; break; -@@ -5083,6 +5098,18 @@ int main_migrate(int argc, char **argv) +@@ -5161,6 +5176,18 @@ int main_migrate(int argc, char **argv) case 0x100: /* --debug */ debug = 1; break; @@ -466,8 +466,8 @@ case 0x200: /* --live */ /* ignored for compatibility with xm */ break; -@@ -5115,7 +5142,8 @@ int main_migrate(int argc, char **argv) - debug ? " -d" : ""); +@@ -5194,7 +5221,8 @@ int main_migrate(int argc, char **argv) + pause_after_migration ? " -p" : ""); } - migrate_domain(domid, rune, debug, config_filename); @@ -476,11 +476,11 @@ return EXIT_SUCCESS; } #endif -Index: xen-4.7.0-testing/tools/libxl/xl_cmdtable.c +Index: xen-4.8.0-testing/tools/libxl/xl_cmdtable.c =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/xl_cmdtable.c -+++ xen-4.7.0-testing/tools/libxl/xl_cmdtable.c -@@ -157,14 +157,21 @@ struct cmd_spec cmd_table[] = { +--- xen-4.8.0-testing.orig/tools/libxl/xl_cmdtable.c ++++ xen-4.8.0-testing/tools/libxl/xl_cmdtable.c +@@ -157,15 +157,22 @@ struct cmd_spec cmd_table[] = { &main_migrate, 0, 1, "Migrate a domain to another host", "[options] <Domain> <host>", @@ -491,7 +491,8 @@ - " migrate-receive [-d -e]\n" - "-e Do not wait in the background (on <host>) for the death\n" - " of the domain.\n" -- "--debug Print huge (!) amount of debug during the migration process." +- "--debug Print huge (!) amount of debug during the migration process.\n" +- "-p Do not unpause domain after migrating it." + "-h Print this help.\n" + "-C <config> Send <config> instead of config file from creation.\n" + "-s <sshcommand> Use <sshcommand> instead of ssh. String will be passed\n" @@ -500,6 +501,7 @@ + "-e Do not wait in the background (on <host>) for the death\n" + " of the domain.\n" + "--debug Print huge (!) amount of debug during the migration process.\n" ++ "-p Do not unpause domain after migrating it.\n" + "\n" + "SUSE Linux specific options:\n" + "--max_iters <number> Number of iterations before final suspend (default: 30)\n" ++++++ mini-os.tar.bz2 ++++++ ++++ 7770 lines of diff (skipped) ++++++ pygrub-boot-legacy-sles.patch ++++++ --- /var/tmp/diff_new_pack.KDvVbc/_old 2017-02-03 20:05:46.160771767 +0100 +++ /var/tmp/diff_new_pack.KDvVbc/_new 2017-02-03 20:05:46.164771204 +0100 @@ -1,7 +1,7 @@ -Index: xen-4.7.0-testing/tools/pygrub/src/pygrub +Index: xen-4.7.1-testing/tools/pygrub/src/pygrub =================================================================== ---- xen-4.7.0-testing.orig/tools/pygrub/src/pygrub -+++ xen-4.7.0-testing/tools/pygrub/src/pygrub +--- xen-4.7.1-testing.orig/tools/pygrub/src/pygrub ++++ xen-4.7.1-testing/tools/pygrub/src/pygrub @@ -454,7 +454,7 @@ class Grub: self.cf.filename = f break @@ -50,9 +50,9 @@ + return cfg + def format_sxp(kernel, ramdisk, args): - s = "linux (kernel %s)" % kernel + s = "linux (kernel %s)" % repr(kernel) if ramdisk: -@@ -801,7 +828,7 @@ if __name__ == "__main__": +@@ -804,7 +831,7 @@ if __name__ == "__main__": debug = False not_really = False output_format = "sxp" ++++++ pygrub-netware-xnloader.patch ++++++ --- /var/tmp/diff_new_pack.KDvVbc/_old 2017-02-03 20:05:46.184768389 +0100 +++ /var/tmp/diff_new_pack.KDvVbc/_new 2017-02-03 20:05:46.184768389 +0100 @@ -1,7 +1,7 @@ -Index: xen-4.7.0-testing/tools/pygrub/src/pygrub +Index: xen-4.7.1-testing/tools/pygrub/src/pygrub =================================================================== ---- xen-4.7.0-testing.orig/tools/pygrub/src/pygrub -+++ xen-4.7.0-testing/tools/pygrub/src/pygrub +--- xen-4.7.1-testing.orig/tools/pygrub/src/pygrub ++++ xen-4.7.1-testing/tools/pygrub/src/pygrub @@ -25,6 +25,7 @@ import fsimage import grub.GrubConf import grub.LiloConf @@ -10,7 +10,7 @@ PYGRUB_VER = 0.6 FS_READ_MAX = 1024 * 1024 -@@ -763,6 +764,8 @@ if __name__ == "__main__": +@@ -766,6 +767,8 @@ if __name__ == "__main__": if len(data) == 0: os.close(tfd) del datafile ++++++ qemu-xen-traditional-dir-remote.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tools/qemu-xen-traditional-dir-remote/hw/virtio.c new/tools/qemu-xen-traditional-dir-remote/hw/virtio.c --- old/tools/qemu-xen-traditional-dir-remote/hw/virtio.c 2016-06-21 16:25:33.000000000 +0200 +++ new/tools/qemu-xen-traditional-dir-remote/hw/virtio.c 2016-12-05 23:30:47.000000000 +0100 @@ -421,6 +421,11 @@ /* When we start there are none of either input nor output. */ elem->out_num = elem->in_num = 0; + if (vq->inuse >= vq->vring.num) { + fprintf(stderr, "Virtqueue size exceeded"); + exit(1); + } + i = head = virtqueue_get_head(vq, vq->last_avail_idx++); do { struct iovec *sg; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tools/qemu-xen-traditional-dir-remote/i386-dm/helper2.c new/tools/qemu-xen-traditional-dir-remote/i386-dm/helper2.c --- old/tools/qemu-xen-traditional-dir-remote/i386-dm/helper2.c 2016-06-21 16:25:33.000000000 +0200 +++ new/tools/qemu-xen-traditional-dir-remote/i386-dm/helper2.c 2016-12-05 23:30:47.000000000 +0100 @@ -375,6 +375,11 @@ { uint32_t i; + if (req->size > sizeof(unsigned long)) { + fprintf(stderr, "PIO: bad size (%u)\n", req->size); + exit(-1); + } + if (req->dir == IOREQ_READ) { if (!req->data_is_ptr) { req->data = do_inp(env, req->addr, req->size); @@ -404,6 +409,11 @@ { uint32_t i; + if (req->size > sizeof(req->data)) { + fprintf(stderr, "MMIO: bad size (%u)\n", req->size); + exit(-1); + } + if (!req->data_is_ptr) { if (req->dir == IOREQ_READ) { for (i = 0; i < req->count; i++) { @@ -516,11 +526,13 @@ req.df = 1; req.type = buf_req->type; req.data_is_ptr = 0; + xen_rmb(); qw = (req.size == 8); if (qw) { buf_req = &buffered_io_page->buf_ioreq[(rdptr + 1) % IOREQ_BUFFER_SLOT_NUM]; req.data |= ((uint64_t)buf_req->data) << 32; + xen_rmb(); } __handle_ioreq(env, &req); @@ -552,7 +564,11 @@ __handle_buffered_iopage(env); if (req) { - __handle_ioreq(env, req); + ioreq_t copy = *req; + + xen_rmb(); + __handle_ioreq(env, ©); + req->data = copy.data; if (req->state != STATE_IOREQ_INPROCESS) { fprintf(logfile, "Badness in I/O request ... not in service?!: " ++++++ stubdom.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/xen/stubdom.tar.bz2 /work/SRC/openSUSE:Factory/.xen.new/stubdom.tar.bz2 differ: char 11, line 1 ++++++ tmp_build.patch ++++++ --- /var/tmp/diff_new_pack.KDvVbc/_old 2017-02-03 20:05:48.496443005 +0100 +++ /var/tmp/diff_new_pack.KDvVbc/_new 2017-02-03 20:05:48.500442442 +0100 @@ -1,12 +1,21 @@ +Notes: During the make process we can't have both +xenstore and domu-xenstore linking the sub command +files from /usr/bin. For example, +xen-tools: /usr/bin/xenstore-ls -> xenstore +xen-tools-domU: /usr/bin/xenstore-ls -> domu-xenstore +The last thing to do this link wins so messes up +what should be in the packaging. For this reason +we put domu-xenstore and links in /bin + --- tools/xenstore/Makefile | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) -Index: xen-4.7.0-testing/tools/xenstore/Makefile +Index: xen-4.8.0-testing/tools/xenstore/Makefile =================================================================== ---- xen-4.7.0-testing.orig/tools/xenstore/Makefile -+++ xen-4.7.0-testing/tools/xenstore/Makefile -@@ -86,6 +86,7 @@ $(CLIENTS_DOMU): xenstore +--- xen-4.8.0-testing.orig/tools/xenstore/Makefile ++++ xen-4.8.0-testing/tools/xenstore/Makefile +@@ -87,6 +87,7 @@ $(CLIENTS_DOMU): xenstore xenstore: xenstore_client.o $(LIBXENSTORE) $(CC) $< $(LDFLAGS) $(LDLIBS_libxenstore) $(SOCKET_LIBS) -o $@ $(APPEND_LDFLAGS) @@ -14,17 +23,17 @@ xenstore-control: xenstore_control.o $(LIBXENSTORE) $(CC) $< $(LDFLAGS) $(LDLIBS_libxenstore) $(SOCKET_LIBS) -o $@ $(APPEND_LDFLAGS) -@@ -139,10 +140,11 @@ endif +@@ -140,10 +141,11 @@ endif $(INSTALL_PROG) xenstore-control $(DESTDIR)$(bindir) $(INSTALL_PROG) xenstore $(DESTDIR)$(bindir) set -e ; for c in $(CLIENTS) ; do \ - ln -f $(DESTDIR)$(bindir)/xenstore $(DESTDIR)$(bindir)/$${c} ; \ -+ ln -fs xenstore $(DESTDIR)/usr/bin/$${c} ; \ ++ ln -fs xenstore $(DESTDIR)$(bindir)/$${c} ; \ done + $(INSTALL_PROG) domu-xenstore $(DESTDIR)/bin for client in $(CLIENTS_DOMU); do \ - $(INSTALL_PROG) $$client $(DESTDIR)$(bindir)/$${client/domu-}; \ -+ ln -fs domu-xenstore $(DESTDIR)/bin/$${client/domu-}; \ ++ ln -fs domu-xenstore $(DESTDIR)/bin/$${client/domu-} ; \ done $(INSTALL_DIR) $(DESTDIR)$(libdir) $(INSTALL_SHLIB) libxenstore.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir) ++++++ x86-cpufreq-report.patch ++++++ --- /var/tmp/diff_new_pack.KDvVbc/_old 2017-02-03 20:05:48.516440191 +0100 +++ /var/tmp/diff_new_pack.KDvVbc/_new 2017-02-03 20:05:48.520439628 +0100 @@ -1,7 +1,7 @@ -Index: xen-4.7.0-testing/xen/arch/x86/platform_hypercall.c +Index: xen-4.8.0-testing/xen/arch/x86/platform_hypercall.c =================================================================== ---- xen-4.7.0-testing.orig/xen/arch/x86/platform_hypercall.c -+++ xen-4.7.0-testing/xen/arch/x86/platform_hypercall.c +--- xen-4.8.0-testing.orig/xen/arch/x86/platform_hypercall.c ++++ xen-4.8.0-testing/xen/arch/x86/platform_hypercall.c @@ -26,7 +26,7 @@ #include <xen/symbols.h> #include <asm/current.h> @@ -11,7 +11,7 @@ #include <asm/edd.h> #include <asm/mtrr.h> #include <asm/io_apic.h> -@@ -820,6 +820,41 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA +@@ -821,6 +821,41 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA ret = -EFAULT; } break; @@ -53,10 +53,10 @@ default: ret = -ENOSYS; -Index: xen-4.7.0-testing/xen/include/public/platform.h +Index: xen-4.8.0-testing/xen/include/public/platform.h =================================================================== ---- xen-4.7.0-testing.orig/xen/include/public/platform.h -+++ xen-4.7.0-testing/xen/include/public/platform.h +--- xen-4.8.0-testing.orig/xen/include/public/platform.h ++++ xen-4.8.0-testing/xen/include/public/platform.h @@ -547,6 +547,16 @@ struct xenpf_core_parking { typedef struct xenpf_core_parking xenpf_core_parking_t; DEFINE_XEN_GUEST_HANDLE(xenpf_core_parking_t); ++++++ xen-4.7.0-testing-src.tar.bz2 -> xen-4.8.0-testing-src.tar.bz2 ++++++ ++++ 89634 lines of diff (skipped) ++++++ xen-arch-kconfig-nr_cpus.patch ++++++ --- xen-4.7.0-testing/xen/arch/Kconfig.orig 2016-11-02 09:45:22.827366951 -0600 +++ xen-4.7.0-testing/xen/arch/Kconfig 2016-11-02 09:45:43.107366773 -0600 @@ -2,7 +2,7 @@ config NR_CPUS int "Maximum number of physical CPUs" range 1 4095 - default "256" if X86 + default "1024" if X86 default "128" if ARM ---help--- Specifies the maximum number of physical CPUs which Xen will support. ++++++ xen-destdir.patch ++++++ --- /var/tmp/diff_new_pack.KDvVbc/_old 2017-02-03 20:05:51.987951552 +0100 +++ /var/tmp/diff_new_pack.KDvVbc/_new 2017-02-03 20:05:51.991950989 +0100 @@ -1,8 +1,8 @@ -Index: xen-4.7.0-testing/tools/xenstore/Makefile +Index: xen-4.8.0-testing/tools/xenstore/Makefile =================================================================== ---- xen-4.7.0-testing.orig/tools/xenstore/Makefile -+++ xen-4.7.0-testing/tools/xenstore/Makefile -@@ -21,6 +21,7 @@ LDFLAGS += $(LDFLAGS-y) +--- xen-4.8.0-testing.orig/tools/xenstore/Makefile ++++ xen-4.8.0-testing/tools/xenstore/Makefile +@@ -22,6 +22,7 @@ LDFLAGS += $(LDFLAGS-y) CLIENTS := xenstore-exists xenstore-list xenstore-read xenstore-rm xenstore-chmod CLIENTS += xenstore-write xenstore-ls xenstore-watch @@ -10,7 +10,7 @@ XENSTORED_OBJS = xenstored_core.o xenstored_watch.o xenstored_domain.o xenstored_transaction.o xs_lib.o talloc.o utils.o tdb.o hashtable.o -@@ -55,7 +56,7 @@ endif +@@ -56,7 +57,7 @@ endif all: $(ALL_TARGETS) .PHONY: clients @@ -19,7 +19,7 @@ ifeq ($(CONFIG_SunOS),y) xenstored_probes.h: xenstored_probes.d -@@ -80,6 +81,9 @@ xenstored.a: $(XENSTORED_OBJS) +@@ -81,6 +82,9 @@ xenstored.a: $(XENSTORED_OBJS) $(CLIENTS): xenstore ln -f xenstore $@ @@ -29,7 +29,7 @@ xenstore: xenstore_client.o $(LIBXENSTORE) $(CC) $< $(LDFLAGS) $(LDLIBS_libxenstore) $(SOCKET_LIBS) -o $@ $(APPEND_LDFLAGS) -@@ -107,7 +111,7 @@ clean: +@@ -108,7 +112,7 @@ clean: rm -f *.a *.o *.opic *.so* xenstored_probes.h rm -f xenstored xs_random xs_stress xs_crashme rm -f xs_tdb_dump xenstore-control init-xenstore-domain @@ -38,7 +38,7 @@ $(RM) $(DEPS) .PHONY: distclean -@@ -130,12 +134,16 @@ ifeq ($(XENSTORE_XENSTORED),y) +@@ -131,12 +135,16 @@ ifeq ($(XENSTORE_XENSTORED),y) $(INSTALL_DIR) $(DESTDIR)$(sbindir) $(INSTALL_DIR) $(DESTDIR)$(XEN_LIB_STORED) $(INSTALL_PROG) xenstored $(DESTDIR)$(sbindir) ++++++ xen.libxl.dmmd.patch ++++++ --- /var/tmp/diff_new_pack.KDvVbc/_old 2017-02-03 20:05:52.039944234 +0100 +++ /var/tmp/diff_new_pack.KDvVbc/_new 2017-02-03 20:05:52.039944234 +0100 @@ -7,11 +7,11 @@ tools/libxl/libxlu_disk_l.l | 2 ++ 4 files changed, 37 insertions(+), 6 deletions(-) -Index: xen-4.7.0-testing/tools/libxl/libxl.c +Index: xen-4.8.0-testing/tools/libxl/libxl.c =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl.c -+++ xen-4.7.0-testing/tools/libxl/libxl.c -@@ -2522,6 +2522,10 @@ static void device_disk_add(libxl__egc * +--- xen-4.8.0-testing.orig/tools/libxl/libxl.c ++++ xen-4.8.0-testing/tools/libxl/libxl.c +@@ -2253,6 +2253,10 @@ static void device_disk_add(libxl__egc * /* now create a phy device to export the device to the guest */ goto do_backend_phy; case LIBXL_DISK_BACKEND_QDISK: @@ -22,11 +22,11 @@ flexarray_append(back, "params"); flexarray_append(back, GCSPRINTF("%s:%s", libxl__device_disk_string_of_format(disk->format), disk->pdev_path)); -Index: xen-4.7.0-testing/tools/libxl/libxl_device.c +Index: xen-4.8.0-testing/tools/libxl/libxl_device.c =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_device.c -+++ xen-4.7.0-testing/tools/libxl/libxl_device.c -@@ -293,7 +293,8 @@ static int disk_try_backend(disk_try_bac +--- xen-4.8.0-testing.orig/tools/libxl/libxl_device.c ++++ xen-4.8.0-testing/tools/libxl/libxl_device.c +@@ -307,7 +307,8 @@ static int disk_try_backend(disk_try_bac return backend; case LIBXL_DISK_BACKEND_QDISK: @@ -36,11 +36,11 @@ return backend; default: -Index: xen-4.7.0-testing/tools/libxl/libxl_dm.c +Index: xen-4.8.0-testing/tools/libxl/libxl_dm.c =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxl_dm.c -+++ xen-4.7.0-testing/tools/libxl/libxl_dm.c -@@ -903,6 +903,30 @@ static char *qemu_disk_ide_drive_string( +--- xen-4.8.0-testing.orig/tools/libxl/libxl_dm.c ++++ xen-4.8.0-testing/tools/libxl/libxl_dm.c +@@ -905,6 +905,30 @@ static char *qemu_disk_ide_drive_string( return drive; } @@ -71,7 +71,7 @@ static int libxl__build_device_model_args_new(libxl__gc *gc, const char *dm, int guest_domid, const libxl_domain_config *guest_config, -@@ -1326,9 +1350,11 @@ static int libxl__build_device_model_arg +@@ -1328,9 +1352,11 @@ static int libxl__build_device_model_arg libxl__device_disk_dev_number(disks[i].vdev, &disk, &part); const char *format; char *drive; @@ -84,7 +84,7 @@ if (dev_number == -1) { LOG(WARN, "unable to determine"" disk number for %s", disks[i].vdev); -@@ -1369,7 +1395,7 @@ static int libxl__build_device_model_arg +@@ -1371,7 +1397,7 @@ static int libxl__build_device_model_arg * the bootloader path. */ if (disks[i].backend == LIBXL_DISK_BACKEND_TAP) @@ -93,10 +93,10 @@ disks[i].format); else target_path = libxl__device_disk_find_local_path(gc, -Index: xen-4.7.0-testing/tools/libxl/libxlu_disk_l.l +Index: xen-4.8.0-testing/tools/libxl/libxlu_disk_l.l =================================================================== ---- xen-4.7.0-testing.orig/tools/libxl/libxlu_disk_l.l -+++ xen-4.7.0-testing/tools/libxl/libxlu_disk_l.l +--- xen-4.8.0-testing.orig/tools/libxl/libxlu_disk_l.l ++++ xen-4.8.0-testing/tools/libxl/libxlu_disk_l.l @@ -228,6 +228,8 @@ target=.* { STRIP(','); SAVESTRING("targ free(newscript); } ++++++ xen.stubdom.newlib.patch ++++++ --- /var/tmp/diff_new_pack.KDvVbc/_old 2017-02-03 20:05:52.059941419 +0100 +++ /var/tmp/diff_new_pack.KDvVbc/_new 2017-02-03 20:05:52.063940856 +0100 @@ -24,11 +24,11 @@ Signed-off-by: Olaf Hering <[email protected]> -Index: xen-4.7.0-testing/stubdom/Makefile +Index: xen-4.8.0-testing/stubdom/Makefile =================================================================== ---- xen-4.7.0-testing.orig/stubdom/Makefile -+++ xen-4.7.0-testing/stubdom/Makefile -@@ -80,6 +80,8 @@ newlib-$(NEWLIB_VERSION): newlib-$(NEWLI +--- xen-4.8.0-testing.orig/stubdom/Makefile ++++ xen-4.8.0-testing/stubdom/Makefile +@@ -82,6 +82,8 @@ newlib-$(NEWLIB_VERSION): newlib-$(NEWLI patch -d $@ -p0 < newlib.patch patch -d $@ -p0 < newlib-chk.patch patch -d $@ -p1 < newlib-stdint-size_max-fix-from-1.17.0.patch @@ -37,10 +37,10 @@ find $@ -type f | xargs perl -i.bak \ -pe 's/\b_(tzname|daylight|timezone)\b/$$1/g' touch $@ -Index: xen-4.7.0-testing/stubdom/newlib-cygmon-gmon.patch +Index: xen-4.8.0-testing/stubdom/newlib-cygmon-gmon.patch =================================================================== --- /dev/null -+++ xen-4.7.0-testing/stubdom/newlib-cygmon-gmon.patch ++++ xen-4.8.0-testing/stubdom/newlib-cygmon-gmon.patch @@ -0,0 +1,60 @@ + +I: A function uses a 'return;' statement, but has actually a value @@ -102,10 +102,10 @@ + moncontrol(mode) + int mode; + { -Index: xen-4.7.0-testing/stubdom/newlib-makedoc.patch +Index: xen-4.8.0-testing/stubdom/newlib-makedoc.patch =================================================================== --- /dev/null -+++ xen-4.7.0-testing/stubdom/newlib-makedoc.patch ++++ xen-4.8.0-testing/stubdom/newlib-makedoc.patch @@ -0,0 +1,10 @@ +--- newlib-1.16.0/newlib/doc/makedoc.c.orig 2015-04-08 11:56:39.283090914 +0200 ++++ newlib-1.16.0/newlib/doc/makedoc.c 2015-04-08 11:56:51.245227742 +0200 ++++++ xenconsole-no-multiple-connections.patch ++++++ --- /var/tmp/diff_new_pack.KDvVbc/_old 2017-02-03 20:05:52.127931849 +0100 +++ /var/tmp/diff_new_pack.KDvVbc/_new 2017-02-03 20:05:52.127931849 +0100 @@ -1,8 +1,8 @@ -Index: xen-4.7.0-testing/tools/console/client/main.c +Index: xen-4.8.0-testing/tools/console/client/main.c =================================================================== ---- xen-4.7.0-testing.orig/tools/console/client/main.c -+++ xen-4.7.0-testing/tools/console/client/main.c -@@ -100,6 +100,7 @@ static int get_pty_fd(struct xs_handle * +--- xen-4.8.0-testing.orig/tools/console/client/main.c ++++ xen-4.8.0-testing/tools/console/client/main.c +@@ -101,6 +101,7 @@ static int get_pty_fd(struct xs_handle * * Assumes there is already a watch set in the store for this path. */ { struct timeval tv; @@ -10,7 +10,7 @@ fd_set watch_fdset; int xs_fd = xs_fileno(xs), pty_fd = -1; int start, now; -@@ -123,6 +124,14 @@ static int get_pty_fd(struct xs_handle * +@@ -124,6 +125,14 @@ static int get_pty_fd(struct xs_handle * pty_fd = open(pty_path, O_RDWR | O_NOCTTY); if (pty_fd == -1) warn("Could not open tty `%s'", pty_path);
