From 6940e21aabd50feb977065b28ecaf9ba5e88c5d4 Mon Sep 17 00:00:00 2001 From: Nicolás Reynolds Date: Sat, 8 Feb 2014 03:19:20 +0000 Subject: Sat Feb 8 03:17:55 UTC 2014 --- kernels/pax-flags-libre/PKGBUILD | 51 ----- kernels/pax-flags-libre/simple.conf | 63 ------ kernels/xen-docs/PKGBUILD | 24 -- kernels/xen/09_xen | 141 ------------ kernels/xen/ChangeLog | 48 ---- kernels/xen/IVRS-debug.patch | 14 -- kernels/xen/PKGBUILD | 191 ---------------- kernels/xen/TOM-register.patch | 187 ---------------- kernels/xen/ati-passthrough.patch | 415 ----------------------------------- kernels/xen/bios_workaround.patch | 51 ----- kernels/xen/conf.d-xenconsoled | 14 -- kernels/xen/conf.d-xenstored | 2 - kernels/xen/grub.conf | 2 - kernels/xen/tmpfiles.d-xen.conf | 2 - kernels/xen/xen.install | 64 ------ kernels/xen/xenconsoled.service | 18 -- kernels/xen/xendomU@.service | 12 - kernels/xen/xendomains.patch | 108 --------- kernels/xen/xenstored.service | 20 -- kernels/xen/xsa73-4.3-unstable.patch | 105 --------- kernels/xen/xsa75-4.3-unstable.patch | 55 ----- kernels/xen/xsa78.patch | 23 -- 22 files changed, 1610 deletions(-) delete mode 100644 kernels/pax-flags-libre/PKGBUILD delete mode 100644 kernels/pax-flags-libre/simple.conf delete mode 100644 kernels/xen-docs/PKGBUILD delete mode 100755 kernels/xen/09_xen delete mode 100644 kernels/xen/ChangeLog delete mode 100644 kernels/xen/IVRS-debug.patch delete mode 100644 kernels/xen/PKGBUILD delete mode 100644 kernels/xen/TOM-register.patch delete mode 100644 kernels/xen/ati-passthrough.patch delete mode 100644 kernels/xen/bios_workaround.patch delete mode 100644 kernels/xen/conf.d-xenconsoled delete mode 100644 kernels/xen/conf.d-xenstored delete mode 100644 kernels/xen/grub.conf delete mode 100644 kernels/xen/tmpfiles.d-xen.conf delete mode 100644 kernels/xen/xen.install delete mode 100644 kernels/xen/xenconsoled.service delete mode 100644 kernels/xen/xendomU@.service delete mode 100644 kernels/xen/xendomains.patch delete mode 100644 kernels/xen/xenstored.service delete mode 100644 kernels/xen/xsa73-4.3-unstable.patch delete mode 100644 kernels/xen/xsa75-4.3-unstable.patch delete mode 100644 kernels/xen/xsa78.patch (limited to 'kernels') diff --git a/kernels/pax-flags-libre/PKGBUILD b/kernels/pax-flags-libre/PKGBUILD deleted file mode 100644 index 3f5c5e7a2..000000000 --- a/kernels/pax-flags-libre/PKGBUILD +++ /dev/null @@ -1,51 +0,0 @@ -# Contributors: -# henning mueller -# Ahmad24, duncant, echoblack, niki, ShadowKyogre, s1gma, test0 -# -# Forked libre version which blacklists nonfree software for Parabola here: -# https://github.com/g4jc/pax-flags-libre -# - -pkgname=pax-flags-libre -pkgdesc='Deactivates PaX flags for several binaries to work with PaX enabled kernels (a libre fork of linux-pax-flags)' -pkgver=2.0.15.2 -pkgrel=1 -arch=(any) -url='https://github.com/g4jc/pax-flags-libre' -license=(GPL3) -depends=(ruby paxctl) -optdepends=('sudo: Run as root automatically.') -replaces=linux-pax-flags -conflicts=linux-pax-flags -provides=linux-pax-flags -source=( - $pkgname.sh $pkgname.rb $pkgname.8 - replicant.conf clamav.conf games.conf java.conf kde.conf polkit.conf qemu.conf - ruby.conf simple.conf valgrind.conf -) - -package() { - install -D -m755 $srcdir/$pkgname.sh $pkgdir/usr/bin/$pkgname - install -D -m755 $srcdir/$pkgname.rb $pkgdir/usr/bin/$pkgname.rb - install -D -m644 $srcdir/$pkgname.8 $pkgdir/usr/share/man/man8/$pkgname.8 - - for config in $srcdir/*.conf; do - install -D -m600 $config $pkgdir/usr/share/$pkgname/$(basename $config) - done - - mkdir -p $pkgdir/etc/pax-flags -} - -sha256sums=('06295e9d2afea0ea01c42620f0cd5e3ae785bc42c2749d4bef52f7d5b8a043ce' - 'ee66dc1087f501a7ebb89b0ec36125b94dc87ce560aa38c6d606dad1818d5b95' - '9d62896dd51be4979cd85bfcd09de219f6068ec312f27e2a66f7a2f2c78d1f38' - '7bbbad18a19150893916995723cd7e256a7b4e2baa5c2ff57bc27886c40f51fc' - 'bb87f4dce8e20f2ce601bdcb888dd688d8f0e9d0ab367e09c8081daffa15b03a' - '9982ffa4d1dffc979ec7347dfcf3a558e6f441a45c07a2d7a3c3159e02bc4763' - '71afe786955d149fe216ff1a60348562914a6820d3b7f9dc42aa44913062b04e' - '01ddeec77c605e1d3aa00a1fdc4c3537989468ab78da5f37b893cdbcfe34176c' - '1f205fddfb427a696fb00221a3007453e25fbbf180ea026c264d23eeac9e1870' - '2736d0ef20d0127c34e132db38d8993dee3062ba0ac0cdf8d444a8d3665698b8' - '6171eefd363f2c70bed9ac41fae3458d9e03460fdaf079c99445482e9649555a' - '5ea06a1680cf3bd7e57db904829aae5ef0649d6a0f065b35e5dc2e64dd7ed18f' - 'ea003c4201745cd0c4bcf5cec5ca2d0a79cc6b1b04ceaa276ace0ad0287b8c50') diff --git a/kernels/pax-flags-libre/simple.conf b/kernels/pax-flags-libre/simple.conf deleted file mode 100644 index 180b3e18c..000000000 --- a/kernels/pax-flags-libre/simple.conf +++ /dev/null @@ -1,63 +0,0 @@ -# RANDMMAP off -PSMXEr: - - /usr/bin/grub-script-check - -# MPROTECT and RANDMMAP off -PSmXEr: - - /usr/bin/elinks - - /usr/bin/gnome-shell - - /usr/bin/grub-bios-setup - - /usr/lib/iceweasel/iceweasel - - /usr/lib/iceweasel/plugin-container - - /usr/lib/gcc/x86_64-unknown-linux-gnu/*/cc1plus - - /usr/lib/icedove/icedove - - /usr/bin/qupzilla - -# MPROTECT off -PSmXER: - - /usr/bin/blender - - /usr/bin/btsync - - /usr/bin/cabal - - /usr/bin/dolphin-emu - - /usr/bin/dosbox - - /usr/bin/epiphany - - /usr/bin/gendesk - - /usr/bin/glxdemo - - /usr/bin/glxgears - - /usr/bin/glxinfo - - /usr/bin/glxspheres - - /usr/bin/goldendict - - /usr/bin/gtk-query-immodules-* - - /usr/bin/inkscape - - /usr/bin/liferea - - /usr/bin/mono - - /usr/bin/mplayer - - /usr/bin/mumble - - /usr/bin/obex-data-server - - /usr/bin/python2 - - /usr/bin/scheme - - /usr/bin/seahorse - - /usr/bin/spicec - - /usr/bin/systemsettings - - /usr/bin/tcc - - /usr/bin/vlc - - /usr/lib/erlang/erts-*/bin/beam - - /usr/lib/erlang/erts-*/bin/beam.smp - - /usr/lib/ghc-*/ghc - - /usr/lib/libreoffice/program/soffice.bin - - /usr/lib/webkitgtk/WebKitWebProcess - - /usr/lib/xbmc/xbmc.bin - - /usr/sbin/grub-probe - - /usr/sbin/vbetool - - /usr/bin/midori - - /usr/bin/cheese - - /use/bin/minitube - -# PAGEEXEC, MPROTECT, EMUTRAMP and RANDMMAP off -pSmXer: - - /usr/bin/sbcl - -# All off :( -psmxer: - - /usr/bin/wine - - /usr/bin/wine-preloader diff --git a/kernels/xen-docs/PKGBUILD b/kernels/xen-docs/PKGBUILD deleted file mode 100644 index b3fb0899e..000000000 --- a/kernels/xen-docs/PKGBUILD +++ /dev/null @@ -1,24 +0,0 @@ -# Maintainer: M0Rf30 -# Maintainer (Parabola): André Silva - -pkgname=xen-docs -pkgver=4.3.1 -pkgrel=1 -pkgdesc="Xen 4 (docs)" -arch=('i686' 'x86_64' 'mips64el') -url="http://www.xen.org/" -license=('GPL') -makedepends=('markdown' 'transfig' 'ghostscript') -conflicts=('xen4' 'xen3' 'xen-hv-tools' 'libxen4') -source=(http://bits.xensource.com/oss-xen/release/${pkgver}/xen-${pkgver}.tar.gz) - -package() { - cd "$srcdir/xen-$pkgver" - cd docs - unset CFLAGS LDFLAGS - ./configure --prefix=/usr - cd .. - make DESTDIR=$pkgdir install-docs -} - -md5sums=('7616b8704e1ab89c81f011f0e3703bc8') diff --git a/kernels/xen/09_xen b/kernels/xen/09_xen deleted file mode 100755 index ddb20696f..000000000 --- a/kernels/xen/09_xen +++ /dev/null @@ -1,141 +0,0 @@ -#! /bin/sh -e - -if [ -f /usr/share/grub/grub-mkconfig_lib ]; then - . /usr/share/grub/grub-mkconfig_lib -else - # no grub file, so we notify and exit gracefully - echo "Cannot find grub config file, exiting." >&2 - exit 0 -fi - -XEN_HYPERVISOR_CMDLINE="xsave=1" -XEN_LINUX_CMDLINE="console=tty0" -[ -r /etc/xen/grub.conf ] && . /etc/xen/grub.conf - -CLASS="--class gnu-linux --class gnu --class os" - -if [ "x${GRUB_DISTRIBUTOR}" = "x" ] ; then - OS=GNU/Linux -else - if [ "${GRUB_DISTRIBUTOR}" = "Parabola" ] ; then - OS="${GRUB_DISTRIBUTOR} GNU/Linux-libre" - elif [ "${GRUB_DISTRIBUTOR}" = "parabola" ] ; then - OS="${GRUB_DISTRIBUTOR} GNU/Linux-libre" - elif [ "${GRUB_DISTRIBUTOR}" = "Blag" ] ; then - OS="${GRUB_DISTRIBUTOR} Linux and GNU" - elif [ "${GRUB_DISTRIBUTOR}" = "blag" ] ; then - OS="${GRUB_DISTRIBUTOR} Linux and GNU" - elif [ "${GRUB_DISTRIBUTOR}" = "Musix" ] ; then - OS="${GRUB_DISTRIBUTOR} GNU+Linux" - elif [ "${GRUB_DISTRIBUTOR}" = "musix" ] ; then - OS="${GRUB_DISTRIBUTOR} GNU+Linux" - elif [ "${GRUB_DISTRIBUTOR}" = "Dragora" ] ; then - OS="${GRUB_DISTRIBUTOR} GNU/Linux-libre" - elif [ "${GRUB_DISTRIBUTOR}" = "dragora" ] ; then - OS="${GRUB_DISTRIBUTOR} GNU/Linux-libre" - else - OS="${GRUB_DISTRIBUTOR} GNU/Linux" - fi - CLASS="--class $(echo ${GRUB_DISTRIBUTOR} | tr '[A-Z]' '[a-z]' | cut -d' ' -f1) ${CLASS}" -fi - -# loop-AES arranges things so that /dev/loop/X can be our root device, but -# the initrds that Linux uses don't like that. -case ${GRUB_DEVICE} in - /dev/loop/*|/dev/loop[0-9]) - GRUB_DEVICE=`losetup ${GRUB_DEVICE} | sed -e "s/^[^(]*(\([^)]\+\)).*/\1/"` - ;; -esac - -if [ "x${GRUB_DEVICE_UUID}" = "x" ] || [ "x${GRUB_DISABLE_LINUX_UUID}" = "xtrue" ] \ - || ! test -e "/dev/disk/by-uuid/${GRUB_DEVICE_UUID}" \ - || [ "`grub-probe -t abstraction --device ${GRUB_DEVICE} | sed -e 's,.*\(lvm\).*,\1,'`" = "lvm" ] ; then - LINUX_ROOT_DEVICE=${GRUB_DEVICE} -else - LINUX_ROOT_DEVICE=UUID=${GRUB_DEVICE_UUID} -fi - -xen_entry () -{ - os="$1" - xen_version="$2" - version="$3" - xen_args="$4" - args="$5" - printf "menuentry 'Xen %s / %s, with Linux %s' --class xen ${CLASS} {\n" "${xen_version}" "${os}" "${version}" - save_default_entry | sed -e "s/^/\t/" - - if [ -z "${prepare_boot_cache}" ]; then - prepare_boot_cache="$(prepare_grub_to_access_device ${GRUB_DEVICE_BOOT} | sed -e "s/^/\t/")" - fi - printf '%s\n' "${prepare_boot_cache}" - cat << EOF - echo '$(printf "Loading Xen %s ..." ${xen_version})' - multiboot ${rel_dirname}/${xen_basename} ${rel_dirname}/${xen_basename} ${xen_args} - echo $(printf "$(gettext "Loading Linux %s ...")" ${version}) - module ${rel_dirname}/${basename} ${rel_dirname}/${basename} root=${linux_root_device_thisversion} rw ${args} -EOF - if test -n "${initrd}" ; then - cat << EOF - echo "Loading initial ramdisk ..." - module ${rel_dirname}/${initrd} -EOF - fi - cat << EOF -} -EOF -} - -xen_list=`for i in /boot/xen-*.gz /xen-*.gz ; do - if grub_file_is_not_garbage "$i" ; then echo -n "$i "; fi -done` -prepare_boot_cache= - -while [ "x$xen_list" != "x" ] ; do - xen=`version_find_latest $xen_list` - echo "Found Xen hypervisor image: $xen" >&2 - xen_basename=`basename $xen` - xen_dirname=`dirname $xen` - rel_xen_dirname=`make_system_path_relative_to_its_root $xen_dirname` - xen_version=`echo $xen_basename | sed -e "s,^[^0-9]*-,,g" | sed -e "s,.gz,,g"` - alt_xen_version=`echo $xen_version | sed -e "s,\.old$,,g"` - - list=`for i in /boot/vmlinuz-* /vmlinuz-*; do - if grub_file_is_not_garbage "$i" ; then echo -n "$i "; fi - done` - - while [ "x$list" != "x" ] ; do - linux=`version_find_latest $list` - echo -e "\tFound linux image: $linux" >&2 - basename=`basename $linux` - dirname=`dirname $linux` - rel_dirname=`make_system_path_relative_to_its_root $dirname` - version=`echo $basename | sed -e "s,^[^0-9]*-,,g"` - base_init=`echo $basename | sed -e "s,vmlinuz,initramfs,g"` - alt_version="${base_init}-fallback" - linux_root_device_thisversion="${LINUX_ROOT_DEVICE}" - initrd= - - for i in "${base_init}.img"; do - if test -e "${dirname}/${i}" ; then - initrd="$i" - break - fi - done - if test -n "${initrd}" ; then - echo -e "\tFound initrd image: ${dirname}/${initrd}" >&2 - else - # "UUID=" magic is parsed by initrds. Since there's no initrd, it can't work here. - linux_root_device_thisversion=${GRUB_DEVICE} - fi - - xen_entry "${OS}" "${xen_version}" "${version}" \ - "${XEN_HYPERVISOR_CMDLINE}" \ - "${XEN_LINUX_CMDLINE}" - - list=`echo $list | tr ' ' '\n' | grep -vx $linux | tr '\n' ' '` - done - - xen_list=`echo $xen_list | tr ' ' '\n' | grep -vx $xen | tr '\n' ' '` -done - diff --git a/kernels/xen/ChangeLog b/kernels/xen/ChangeLog deleted file mode 100644 index 63c33c223..000000000 --- a/kernels/xen/ChangeLog +++ /dev/null @@ -1,48 +0,0 @@ -2013-11-25 David Sutton - * 4.3.1-2: - Changed bluez dependancy from bluez4 to bluez - Added recent security patches - -2013-10-31 David Sutton - * 4.3.1-1: - New upstream release - Removed unnecessary security patches (already merged) - Fixed BIOS Workaround patch to apply to the new source files - Fixed ATI Passthrough patch to apply to the new source files - Updated paths in all patches - -2013-09-29 David Sutton - * 4.3.0-7: - Fixed optdepends in PKGBUILD - Added in a pre_remove function in xen.install to disable services - Minor text formating changes in xen.install - Added XSA 62,63,64 and 66 patches (Xen Security Advisories) - -2013-09-29 David Sutton - * 4.3.0-6: - Fixed 09_xen so it can detect lts kernels - -2013-09-28 David Sutton - * 4.3.0-5: - Fixed mount option in 09_xen from ro to rw - Added in dummy /etc/xen/grub.conf to control settings in 09_xen - Fix library sanitize so that it returns to the base directory - Move the syms file to /usr/share/xen so that it is out of the way of boot but still accessible - Added optional dependancy for openvswitch - -2013-08-13 David Sutton - * 4.3.0-4 : - Added patch for qemu-xen to add a TOM register for PCI Hole mapping - Protected /etc/conf.d/xendomains from being overwritten - Included ATI Passthrough patch (not enabled by default, compile tested only) - -2013-07-23 David Sutton - - * 4.3.0-3 : - added ChangeLog. - Cleaned up PKGBUILD to match Parabola Package Standards - Fixed some path references - /var/run to /run - Removed some unnecessary empty directories - Updated xenconsoled and xenstored so they use /run for pid file - Updated auto-created /run directories to include xenstored - diff --git a/kernels/xen/IVRS-debug.patch b/kernels/xen/IVRS-debug.patch deleted file mode 100644 index 5f6813cb9..000000000 --- a/kernels/xen/IVRS-debug.patch +++ /dev/null @@ -1,14 +0,0 @@ ---- a/xen/drivers/passthrough/amd/iommu_acpi.c 2013-07-09 05:46:56.000000000 -0500 -+++ b/xen/drivers/passthrough/amd/iommu_acpi.c 2013-08-31 01:26:18.614846438 -0500 -@@ -651,9 +651,9 @@ - return 0; - } - -- AMD_IOMMU_DEBUG("IVHD Special: %04x:%02x:%02x.%u variety %#x handle %#x\n", -+ AMD_IOMMU_DEBUG("IVHD Special: %04x:%02x:%02x.%u variety %#x handle %#x used_id %#x\n", - seg, PCI_BUS(bdf), PCI_SLOT(bdf), PCI_FUNC(bdf), -- special->variety, special->handle); -+ special->variety, special->handle, special->used_id); - add_ivrs_mapping_entry(bdf, bdf, special->header.data_setting, iommu); - - switch ( special->variety ) diff --git a/kernels/xen/PKGBUILD b/kernels/xen/PKGBUILD deleted file mode 100644 index 6ff16c8cd..000000000 --- a/kernels/xen/PKGBUILD +++ /dev/null @@ -1,191 +0,0 @@ -# Maintainer: David Sutton -# Contributor: Limao Luo -# Contributor: Luceo -# Contributor: Revellion -# Maintainer (Parabola): André Silva - -pkgname=xen -pkgver=4.3.1 -pkgrel=2 -pkgdesc="Virtual Machine Hypervisor & Tools (Parabola rebranded)" -arch=(i686 x86_64) -url="http://www.xenproject.org/" -license=(GPL2) -depends=(bin86 bluez bridge-utils curl e2fsprogs gnutls iproute2 libaio libcap-ng libiscsi libjpeg-turbo libpng lzo2 nss pixman pciutils python python2 sdl wget vde2 yajl) -[[ "$CARCH" == "x86_64" ]] && depends+=(lib32-glibc) -makedepends=(cmake dev86 git iasl markdown ocaml-findlib) -optdepends=('xen-docs: Official Xen Documentation' 'openvswitch: Optional Networking support') -conflicts=(xen-4.2{,-testing-hg} xen-{gdbsx,hg-unstable,rc,git} xen-4.3{,-testing-hg}) -backup=(etc/$pkgname/xend-{config,pci-{permissive,quirks}}.sxp etc/modules-load.d/$pkgname.conf etc/$pkgname/xl.conf etc/conf.d/xen{stored,consoled,domains} etc/default/xencommons etc/$pkgname/grub.conf) -options=(!buildflags !strip) -install=$pkgname.install -changelog=ChangeLog -source=(http://bits.xensource.com/oss-xen/release/$pkgver/$pkgname-$pkgver.tar.gz - xen.install - 09_xen - bios_workaround.patch - xendomains.patch - TOM-register.patch - ati-passthrough.patch - IVRS-debug.patch - proc-xen.mount - var-lib-xenstored.mount - xenconsoled.service - conf.d-xenconsoled - xendomains.service - xendomU@.service - xenstored.service - conf.d-xenstored - tmpfiles.d-$pkgname.conf - grub.conf - xsa73-4.3-unstable.patch - xsa75-4.3-unstable.patch - xsa78.patch - $pkgname.conf) -sha256sums=('3b5b7cc508b1739753585b5c25635471cdcef680e8770a78bf6ef9333d26a9fd' - '0f6ebf3437974d1708c9e74005b976479ab8ff28adec394208153bf404b411f8' - '74a957d783458b7481c7a09c3ed94ec2e07ee7943e4b7fa33d3684b8d585139e' - '914cc983da1fe89ff125d751c979b4968f8952da21b19b900fcd4e6b33e14552' - '1938ca36bfb62c76ad0642147017ecfaa64588abaa2d88e868f501c4ae83bfd9' - '0fa9426cc499ea3d6e1aa33a8be0e180aed87936814b9b88bb0ef42f6983654a' - 'd93c2d5bcdf0c3e4c6e8efb357cb4b9d618209025361f5ccd9d03651a8acd7a3' - '54883171ff9cf5f342a2be5c944df16902ef06b6f2d015b675fa9bd5ed899c7c' - '139eed988bfaf8edc8ccdfd0b668382bd63db48ce17be91776182a7e28e9d88c' - 'c19146931c6ab8e53092bd9b2ebbfda5c76fd22ad3b1d42dcda3dd1b61f123ff' - 'e4af7891e816b9549ebeff766a78036626c0e278734e5625b8e7d68729530ded' - '48d76cc6f25caa79b3f527c96a0883b1decb9012f6616f61336c8d43791bf007' - '0bd45d9de6456c4f9adf32e726f2db3a3cd0423c1d161b442e8a1666d2e68e3f' - '012cc60ffdcb0e061d04d404eb9232734554aef4dc4b551f66adf82a655e6e41' - '8ee5c5a14064fc2bbfd38d0ec8a6001f541bbe56b9fb534733209a8af148b297' - '0e1ad0a6a72b0c22025a556c23235a8f663427f1e769c45fe39d1c525bf82eff' - '40e0760810a49f925f2ae9f986940b40eba477dc6d3e83a78baaae096513b3cf' - '78398fb27edfedb432b5f4e4bf87b5dbee41f180c623d29f758234a49d8bf4b4' - '18f62049d714c3460df1f698663e42d0f8a16b9b4f62e66b40fdea635a348be5' - '4bac312d49a4a88633af652c09128ba1bba2ca97e2e56e5fe7da6e4671c56ccb' - 'bb13b280bb456c1d7c8f468e23e336e6b2d06eb364c6823f1b426fcfe09f6ed3' - '50a9b7fd19e8beb1dea09755f07318f36be0b7ec53d3c9e74f3266a63e682c0c') -sha512sums=('f5250ad5ad3defc5dc1207eb6208a3928128ef57ac4162018bd92b750dc1df1eaaf37835528aca33a0f9e04c82d5f8c4ba79c03a1780d2b72cbb90cc26f77275' - '78bfb62166ffcf136e12985809b3f412e0145a7f17388a559071f644970ccdfd2a02fe9aa4a180069b923c2e4354b061a4057096de856497f10d9cac57eae4b3' - '8667a97e10f09c5ce5ba604e38a073b7d7944f4d24c5c78a7235443b65a8cc7b6e7de90e40aa335bb17fda0858d6b517ba1e8b5a0bd6bba4ad75ad44b73f6c9c' - '7118bf02ff5338e70b3f27f8ea390cd05ea37a4ceabb4adc9d32fc57329e35e98330f0e865261dd4e670436e1a725832598888d44b1e2b17b351f59318860878' - '440b3967bf0f0cecde42111bc602f591edeadfdf7044f1f181029b0ded5fb8fa9d640bc4a4a57daadd350594f86065120ea5e4d833004590a8bfe0ee88b4c316' - 'b89f524015c1299c7b19573ae0637f9d33613f3fdbb3d978a07d294ee18a657bd124852f1cbb85e6d1382aca42ed799e8ee245a161340bb4b759eeccce28df7d' - 'c30a4cbdc942ae36364830ab604ecb46a68466bfbaaef2740aa805acf9e432a0dd7877593d6211437db4d2e7c2deb15f301d5a5571fd28936f01228f13256d3f' - 'e8392dbc66bf83b887de963416b1fe9a4eeccb8faca78c6fc1dd4243544b871625d43423f03d19cf91d80295d43073904c9dbe37241e7432b69566b05b267391' - '6afdf16e32bb837faf6333334f86855a746f1f46fee9673a4fddc62eecf41f9856bc34397807203c6f5071f0b1ce74532214084042154585c0d39514450db25c' - '00e340f4d3635e3850ca24baea1da08467523c17815feb74161e18397b607fef904db2165fd9bf4632a6e8a6e37aeddad4e56965e1c99b5213c98b3f9afc6aad' - '580e0645d7f157928f137f3d8b38d3e2834cb5fa091dbcd28217bbaed494415a35c8973487a1eec726c2f49c8b11d4dd28fdcbe75f14c91a4474cacd8dfb2e99' - 'a0bbd9c14ee0f2b9dc9cf304b531aaefde545e56b4ce4847f12faab4952520ce857a92765ae3a1b25ebd2b7511bb24fc820864d7342ac43a311d8c6551958895' - 'f00034f8b826b828659a0177f0a6454113c625e69a817dfe32e461767f6643e0288bfc2a22d23358504240df627af6e3b8f5ffa0077e241e590b33d3f252e74c' - 'f21cc17009957797630c2e82630b5e93ceac8fdadc5eaa3abf0510ca81a49e5680a80ece63b248354122c5fd5d40c9a495fad15e307a694936fa062e984158c4' - '9e95e05ac7cce383530ede0f8f75b4f8990c7d7d55ef59f3e37c64a75ccc012475595bc1123bc4c2072dd2c1c2f4b744f26d6adb799f7a068195aadde383af89' - 'c996d48737ad31528b0b2b1379e3ebae948d290de9ddc71f33c7c56f0634466bc7afb2eab847e851c19e3c13bb99468a0778d908606486959a40ff3272189bd3' - '53ba61587cc2e84044e935531ed161e22c36d9e90b43cab7b8e63bcc531deeefacca301b5dff39ce89210f06f1d1e4f4f5cf49d658ed5d9038c707e3c95c66ef' - '04000a802e96c11929cb94c9a2bcafbb4307620192388441d979ea85836c3395954dea53d449c1cc25c3a0a30c49d318b8de59a053c6254f5a81e87864648a9c' - '78c94d3e473abaf857213754c7f0ef1a0dd06354cd137d1567a48d92b4106cbefd112f1dcecc90bc1f8c75d76a0e8a3425408f777044de8ec754bcda32bb7f97' - '4fb6f678dccc9f23f2c3b27617718bc6c0a87505f7483f4d07563b7b2cc37d57d3b5ef658ee5867258916c5c2695a5086cc7790196aed85357c6d3168c06749b' - 'b55cb25f88acc348e6777063f241269730f06482fe430706ac500cbd7127bc7c70188f84a282dc8a0369cc838999d47a09afc33fc9f24b5c214bdf59352c414c' - 'ccaa2ff82e4203b11e5dec9aeccac2e165721d8067e0094603ecaa7a70b78c9eb9e2287a32687883d26b6ceae6f8d2ad7636ddf949eb658637b3ceaa6999711b') - -prepare() { - cd $pkgname-$pkgver/ - - ### Patching - patch -Np1 -i ../xendomains.patch - patch -Np1 -i ../TOM-register.patch - - # Uncomment line below if you have a bios which is reporting bad IVRS data - #patch -Np1 -i ../bios_workaround.patch - #patch -Np1 -i ../IVRS-debug.patch - - # Uncomment line below if you want to enable ATI Passthrough support (some reported successes) - #patch -Np1 -i ../ati-passthrough.patch - - # Add Security Patches - patch -Np1 -i ../xsa73-4.3-unstable.patch - patch -Np1 -i ../xsa75-4.3-unstable.patch - patch -Np1 -i ../xsa78.patch - - # Fix Install Paths - sed -i 's:/sbin:/bin:' config/StdGNU.mk - -} - -build() { - export CFLAGS+='-Wall -Wstrict-prototypes -Wno-unused-local-typedefs -Wno-sizeof-pointer-memaccess' - cd $pkgname-$pkgver/ - ./autogen.sh - ./configure PYTHON=/usr/bin/python2 --prefix=/usr --localstatedir=/run - unset CFLAGS -} - -package() { - cd $pkgname-$pkgver/ - - make DESTDIR="$pkgdir" LANG=C PYTHON=python2 install-{xen,tools,stubdom} - - cd ../ - for f in ${source[@]}; do - [[ $f =~ .mount || $f =~ .service ]] && install -Dm644 $f "$pkgdir"/usr/lib/systemd/system/$f - done - install -Dm644 tmpfiles.d-$pkgname.conf "$pkgdir"/usr/lib/tmpfiles.d/$pkgname.conf - install -Dm644 $pkgname.conf "$pkgdir"/etc/modules-load.d/$pkgname.conf - install -Dm644 conf.d-xenstored "$pkgdir"/etc/conf.d/xenstored - install -Dm644 conf.d-xenconsoled "$pkgdir"/etc/conf.d/xenconsoled - install -Dm644 grub.conf "$pkgdir"/etc/xen/grub.conf - install -Dm755 09_xen "$pkgdir"/etc/grub.d/09_xen - - cd "$pkgdir" - - # Fix paths in scripts, move to right locations and create missing directories - sed -i 's:/var/lock:/run/lock:' etc/init.d/xendomains - sed -i 's:/var/lock:/run/lock:' etc/init.d/xend - sed -i 's:/var/lock:/run/lock:' etc/xen/scripts/hotplugpath.sh - sed -i 's:/var/run:/run:' etc/xen/scripts/hotplugpath.sh - mv etc/{init,rc}.d - mv etc/rc.d/xendomains etc/xen/scripts/xendomains - mv etc/default/xendomains etc/conf.d/xendomains - mv var/xen/dump var/lib/xen/ - mkdir var/log/xen/console - - # Sanitize library path (if lib64 exists) - if [[ -d usr/lib64 ]]; then - cd usr/ - cp -r lib64/* lib/ - rm -rf lib64 - cd ../ - fi - - # Compress and move syms file to a different directory - if [ "$CARCH" == "x86_64" ]; then - gzip boot/$pkgname-syms-$pkgver - mv boot/$pkgname-syms-$pkgver.gz usr/share/xen - fi - - ##### Kill unwanted stuff ##### - # hypervisor symlinks - rm -f boot/xen{,-4,-4.3}.gz - - # Documentation cleanup ( see xen-docs package ) - rm -rf usr/share/doc - rm -rf usr/share/xen/man - - # Pointless helper cleanup - rm -f usr/bin/xen-python-path - rm -rf usr/libexec - - # Unnecessary qemu support files - rm -rf usr/bin/qemu-*-xen - rm usr/share/qemu-xen/qemu/{palcode,openbios}-* - rm usr/share/xen/qemu/openbios-* - - # Clean up udev rules naming, remove depreciated xend.rules - mv etc/udev/rules.d/xen-backend.rules etc/udev/rules.d/40-xen-backend.rules - rm etc/udev/rules.d/xend.rules - - # Clean up left over empty directories - rm -rf var/run var/lock var/xen - - # adhere to Static Library Packaging Guidelines - rm -rf usr/lib/*.a -} diff --git a/kernels/xen/TOM-register.patch b/kernels/xen/TOM-register.patch deleted file mode 100644 index 88bedbbc0..000000000 --- a/kernels/xen/TOM-register.patch +++ /dev/null @@ -1,187 +0,0 @@ ---- xen-4.3.1/tools/qemu-xen/hw/pc.h -+++ xen-4.3.1-new/tools/qemu-xen/hw/pc.h -@@ -128,15 +128,14 @@ extern int no_hpet; - struct PCII440FXState; - typedef struct PCII440FXState PCII440FXState; - -+#define I440FX_TOM 0xe0000000 -+#define I440FX_XEN_TOM 0xf0000000 -+ - PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix_devfn, - ISABus **isa_bus, qemu_irq *pic, - MemoryRegion *address_space_mem, - MemoryRegion *address_space_io, - ram_addr_t ram_size, -- hwaddr pci_hole_start, -- hwaddr pci_hole_size, -- hwaddr pci_hole64_start, -- hwaddr pci_hole64_size, - MemoryRegion *pci_memory, - MemoryRegion *ram_memory); - ---- xen-4.3.1/tools/qemu-xen/hw/pc_piix.c -+++ xen-4.3.1-new/tools/qemu-xen/hw/pc_piix.c -@@ -92,9 +92,9 @@ static void pc_init1(MemoryRegion *system_memory, - kvmclock_create(); - } - -- if (ram_size >= 0xe0000000 ) { -- above_4g_mem_size = ram_size - 0xe0000000; -- below_4g_mem_size = 0xe0000000; -+ if (ram_size >= I440FX_TOM) { -+ above_4g_mem_size = ram_size - I440FX_TOM; -+ below_4g_mem_size = I440FX_TOM; - } else { - above_4g_mem_size = 0; - below_4g_mem_size = ram_size; -@@ -129,12 +129,6 @@ static void pc_init1(MemoryRegion *system_memory, - if (pci_enabled) { - pci_bus = i440fx_init(&i440fx_state, &piix3_devfn, &isa_bus, gsi, - system_memory, system_io, ram_size, -- below_4g_mem_size, -- 0x100000000ULL - below_4g_mem_size, -- 0x100000000ULL + above_4g_mem_size, -- (sizeof(hwaddr) == 4 -- ? 0 -- : ((uint64_t)1 << 62)), - pci_memory, ram_memory); - } else { - pci_bus = NULL; ---- xen-4.3.1/tools/qemu-xen/hw/piix_pci.c -+++ xen-4.3.1-new/tools/qemu-xen/hw/piix_pci.c -@@ -86,6 +86,14 @@ struct PCII440FXState { - #define I440FX_PAM_SIZE 7 - #define I440FX_SMRAM 0x72 - -+/* The maximum vaule of TOM(top of memory) register in I440FX -+ * is 1G, so it doesn't meet any popular virutal machines, so -+ * define another register to report the base of PCI memory. -+ * Use one byte 0xb0 for the upper 8 bit, they are originally -+ * resevered for host bridge. -+ * */ -+#define I440FX_PCI_HOLE_BASE 0xb0 -+ - static void piix3_set_irq(void *opaque, int pirq, int level); - static PCIINTxRoute piix3_route_intx_pin_to_irq(void *opaque, int pci_intx); - static void piix3_write_config_xen(PCIDevice *dev, -@@ -101,6 +109,43 @@ static int pci_slot_get_pirq(PCIDevice *pci_dev, int pci_intx) - return (pci_intx + slot_addend) & 3; - } - -+ -+static void i440fx_update_pci_mem_hole(PCII440FXState *f, bool del) -+{ -+ ram_addr_t above_4g_mem_size; -+ hwaddr pci_hole_start, pci_hole_size, pci_hole64_start, pci_hole64_size; -+ -+ pci_hole_start = pci_default_read_config(&f->dev, I440FX_PCI_HOLE_BASE, 1) << 24; -+ pci_hole_size = 0x100000000ULL - pci_hole_start; -+ -+ if (ram_size >= pci_hole_start) { -+ above_4g_mem_size = ram_size - pci_hole_start; -+ } else { -+ above_4g_mem_size = 0; -+ } -+ pci_hole64_start = 0x100000000ULL + above_4g_mem_size; -+ pci_hole64_size = sizeof(hwaddr) == 4 ? 0 : ((uint64_t)1 << 62); -+ -+ if (del) { -+ memory_region_del_subregion(f->system_memory, &f->pci_hole); -+ if (pci_hole64_size) { -+ memory_region_del_subregion(f->system_memory, &f->pci_hole_64bit); -+ } -+ } -+ -+ memory_region_init_alias(&f->pci_hole, "pci-hole", f->pci_address_space, -+ pci_hole_start, pci_hole_size); -+ memory_region_add_subregion(f->system_memory, pci_hole_start, &f->pci_hole); -+ memory_region_init_alias(&f->pci_hole_64bit, "pci-hole64", -+ f->pci_address_space, -+ pci_hole64_start, pci_hole64_size); -+ if (pci_hole64_size) { -+ memory_region_add_subregion(f->system_memory, pci_hole64_start, -+ &f->pci_hole_64bit); -+ } -+} -+ -+ - static void i440fx_update_memory_mappings(PCII440FXState *d) - { - int i; -@@ -136,6 +181,9 @@ static void i440fx_write_config(PCIDevice *dev, - range_covers_byte(address, len, I440FX_SMRAM)) { - i440fx_update_memory_mappings(d); - } -+ if (range_covers_byte(address, len, I440FX_PCI_HOLE_BASE)) { -+ i440fx_update_pci_mem_hole(d, true); -+ } - } - - static int i440fx_load_old(QEMUFile* f, void *opaque, int version_id) -@@ -203,6 +251,10 @@ static int i440fx_initfn(PCIDevice *dev) - - d->dev.config[I440FX_SMRAM] = 0x02; - -+ /* Emulate top of memory, here use 0xe0000000 as default val*/ -+ uint32_t addr = xen_enabled() ? I440FX_XEN_TOM : I440FX_TOM; -+ pci_set_byte(dev->config + I440FX_PCI_HOLE_BASE, (uint8_t)(addr >> 24)); -+ - cpu_smm_register(&i440fx_set_smm, d); - return 0; - } -@@ -214,10 +266,6 @@ static PCIBus *i440fx_common_init(const char *device_name, - MemoryRegion *address_space_mem, - MemoryRegion *address_space_io, - ram_addr_t ram_size, -- hwaddr pci_hole_start, -- hwaddr pci_hole_size, -- hwaddr pci_hole64_start, -- hwaddr pci_hole64_size, - MemoryRegion *pci_address_space, - MemoryRegion *ram_memory) - { -@@ -244,16 +292,6 @@ static PCIBus *i440fx_common_init(const char *device_name, - f->system_memory = address_space_mem; - f->pci_address_space = pci_address_space; - f->ram_memory = ram_memory; -- memory_region_init_alias(&f->pci_hole, "pci-hole", f->pci_address_space, -- pci_hole_start, pci_hole_size); -- memory_region_add_subregion(f->system_memory, pci_hole_start, &f->pci_hole); -- memory_region_init_alias(&f->pci_hole_64bit, "pci-hole64", -- f->pci_address_space, -- pci_hole64_start, pci_hole64_size); -- if (pci_hole64_size) { -- memory_region_add_subregion(f->system_memory, pci_hole64_start, -- &f->pci_hole_64bit); -- } - memory_region_init_alias(&f->smram_region, "smram-region", - f->pci_address_space, 0xa0000, 0x20000); - memory_region_add_subregion_overlap(f->system_memory, 0xa0000, -@@ -295,6 +333,7 @@ static PCIBus *i440fx_common_init(const char *device_name, - (*pi440fx_state)->dev.config[0x57]=ram_size; - - i440fx_update_memory_mappings(f); -+ i440fx_update_pci_mem_hole(f, false); - - return b; - } -@@ -304,10 +343,6 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix3_devfn, - MemoryRegion *address_space_mem, - MemoryRegion *address_space_io, - ram_addr_t ram_size, -- hwaddr pci_hole_start, -- hwaddr pci_hole_size, -- hwaddr pci_hole64_start, -- hwaddr pci_hole64_size, - MemoryRegion *pci_memory, MemoryRegion *ram_memory) - - { -@@ -315,8 +350,6 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix3_devfn, - - b = i440fx_common_init("i440FX", pi440fx_state, piix3_devfn, isa_bus, pic, - address_space_mem, address_space_io, ram_size, -- pci_hole_start, pci_hole_size, -- pci_hole64_start, pci_hole64_size, - pci_memory, ram_memory); - return b; - } diff --git a/kernels/xen/ati-passthrough.patch b/kernels/xen/ati-passthrough.patch deleted file mode 100644 index 7c20b1ecd..000000000 --- a/kernels/xen/ati-passthrough.patch +++ /dev/null @@ -1,415 +0,0 @@ ---- xen-4.3.1/tools/qemu-xen-traditional/hw/pass-through.c Thu Sep 6 11:05:30 2012 -+++ xen-4.3.1-new/tools/qemu-xen-traditional/hw/pass-through.c Sat Nov 24 08:27:07 2012 -@@ -1438,9 +1438,17 @@ static void pt_ioport_map(PCIDevice *d, - if (e_phys != -1) - { - /* Create new mapping */ -- ret = xc_domain_ioport_mapping(xc_handle, domid, e_phys, -- assigned_device->bases[i].access.pio_base, e_size, -- DPCI_ADD_MAPPING); -+ if ( vga_skip_ioport_map(d) ) -+ { -+ assigned_device->bases[i].e_physbase = -1; -+ } -+ else -+ { -+ ret = xc_domain_ioport_mapping(xc_handle, domid, e_phys, -+ assigned_device->bases[i].access.pio_base, e_size, -+ DPCI_ADD_MAPPING); -+ } -+ - if ( ret != 0 ) - { - PT_LOG("Error: create new mapping failed!\n"); ---- xen-4.3.1/tools/qemu-xen-traditional/hw/pass-through.h Thu Sep 6 11:05:30 2012 -+++ xen-4.3.1-new/tools/qemu-xen-traditional/hw/pass-through.h Sat Nov 24 08:27:07 2012 -@@ -419,6 +419,11 @@ int pt_pci_host_write(struct pci_dev *pc - void intel_pch_init(PCIBus *bus); - int register_vga_regions(struct pt_dev *real_device); - int unregister_vga_regions(struct pt_dev *real_device); -+int vga_skip_ioport_map(PCIDevice *d); -+int igd_register_vga_regions(struct pt_dev *real_device); -+int igd_unregister_vga_regions(struct pt_dev *real_device); -+int ati_register_vga_regions(struct pt_dev *real_device); -+int ati_unregister_vga_regions(struct pt_dev *real_device); - int setup_vga_pt(struct pt_dev *real_device); - PCIBus *intel_pci_bridge_init(PCIBus *bus, int devfn, uint16_t vid, - uint16_t did, const char *name, uint16_t revision); ---- xen-4.3.1/tools/qemu-xen-traditional/hw/pci.h Thu Sep 6 11:05:30 2012 -+++ xen-4.3.1-new/tools/qemu-xen-traditional/hw/pci.h Sat Nov 24 08:27:07 2012 -@@ -54,6 +54,8 @@ extern target_phys_addr_t pci_mem_base; - - #define PCI_VENDOR_ID_CIRRUS 0x1013 - -+#define PCI_VENDOR_ID_ATI 0x1002 -+ - #define PCI_VENDOR_ID_IBM 0x1014 - #define PCI_DEVICE_ID_IBM_OPENPIC2 0xffff - ---- xen-4.3.1/tools/qemu-xen-traditional/hw/pt-graphics.c Thu Sep 6 11:05:30 2012 -+++ xen-4.3.1-new/tools/qemu-xen-traditional/hw/pt-graphics.c Sat Nov 24 08:28:10 2012 -@@ -13,6 +13,207 @@ - - extern int gfx_passthru; - extern int igd_passthru; -+/*********************************/ -+/* Code for ATI GFX Passthru */ -+/*********************************/ -+/* ATI VBIOS Working Mechanism -+ * -+ * Generally there are three memory resources (two MMIO and one PIO) -+ * associated with modern ATI gfx. VBIOS uses special tricks to figure out -+ * BARs, instead of using regular PCI config space read. -+ * -+ * (1) VBIOS relies on I/O port 0x3C3 to retrieve PIO BAR -+ * (2) VBIOS maintains a shadow copy of PCI configure space. It retries the -+ * MMIO BARs from this shadow copy via sending I/O requests to first two -+ * registers of PIO (MMINDEX and MMDATA). The workflow is like this: -+ * MMINDEX (register 0) is written with an index value, specifying the -+ * register VBIOS wanting to access. Then the shadowed data can be -+ * read/written from MMDATA (register 1). For two MMIO BARs, the index -+ * values are 0x4010 and 0x4014 respectively. -+ * -+ */ -+ -+#define ATI_BAR1_INDEX 0 //MMIO BAR1 -+#define ATI_BAR2_INDEX 1 //MMIO BAR2 -+#define ATI_BAR5_INDEX 4 //PIO BAR == BAR5 -+ -+#define ATI_BAR1_MMINDEX 0x4010 //data written to MMINDEX for MMIO BAR1 -+#define ATI_BAR2_MMINDEX 0x4014 //data written to MMINDEX FOR MMIO BAR2 -+ -+struct ati_gfx_info { -+ int initialized; /* initialized already? */ -+ -+ /* PIO */ -+ uint32_t host_pio_base; /* host base addr of PIO */ -+ uint32_t guest_pio_base; /* guest base addr of PIO */ -+ uint32_t pio_size; /* PIO size */ -+ -+ /* MMIO */ -+ uint32_t guest_mmio_base1; /* guest base addr of MMIO 1 */ -+ uint32_t guest_mmio_base2; /* guest base addr of MMIO 2 */ -+ -+ /* PIO MMINDEX access recording */ -+ uint32_t pre_mmindex_data; /* previous data written to MMINDEX */ -+}; -+ -+static struct ati_gfx_info gfx_info; -+ -+/* Convert guest PIO port to host PIO port */ -+static uint16_t gport_to_hport(uint16_t gport) -+{ -+ return (gport - gfx_info.guest_pio_base) + gfx_info.host_pio_base; -+} -+ -+/* Read host PIO port */ -+static uint32_t ati_hw_in(uint16_t hport) -+{ -+ unsigned val; -+ -+ //iopl(3); -+ asm volatile ("in %1,%0":"=a"(val):"Nd"(hport)); -+ //iopl(0); -+ -+ return val; -+} -+ -+/* Write data to host PIO */ -+static void ati_hw_out(uint16_t hport, uint32_t data) -+{ -+ //iopl(3); -+ asm volatile ("out %1, %0"::"Nd"(hport),"a"(data)); -+ //iopl(0); -+} -+ -+static uint32_t ati_io_regs_read(void *opaque, uint32_t addr) -+{ -+ uint32_t val; -+ -+ val = ati_hw_in(gport_to_hport(addr)); -+ -+ /* tweak the value if VBIOS is reading MMIO BAR1 and BAR2 */ -+ if ( addr == (gfx_info.guest_pio_base + 4) ) -+ { -+ switch ( gfx_info.pre_mmindex_data ) -+ { -+ case ATI_BAR1_MMINDEX: -+ val = gfx_info.guest_mmio_base1 | (val & 0x0000000f); -+ break; -+ case ATI_BAR2_MMINDEX: -+ val = gfx_info.guest_mmio_base2 | (val & 0x0000000f); -+ break; -+ default: -+ break; -+ } -+ } -+ -+ return val; -+} -+ -+static void ati_io_regs_write(void *opaque, uint32_t addr, uint32_t val) -+{ -+ ati_hw_out(gport_to_hport(addr), val); -+ -+ /* book keeping */ -+ if ( addr == gfx_info.guest_pio_base ) -+ gfx_info.pre_mmindex_data = val; -+} -+ -+static void ati_gfx_init(struct pt_dev *assigned) -+{ -+ PCIDevice *dev = (PCIDevice *)&assigned->dev; -+ -+ register_ioport_read(dev->io_regions[ATI_BAR5_INDEX].addr, -+ dev->io_regions[ATI_BAR5_INDEX].size, 4, ati_io_regs_read, assigned); -+ -+ register_ioport_write(dev->io_regions[ATI_BAR5_INDEX].addr, -+ dev->io_regions[ATI_BAR5_INDEX].size, 4, ati_io_regs_write, assigned); -+ -+ /* initialize IO registers */ -+ gfx_info.guest_pio_base = dev->io_regions[ATI_BAR5_INDEX].addr; -+ gfx_info.pio_size = dev->io_regions[ATI_BAR5_INDEX].size; -+ gfx_info.host_pio_base = assigned->bases[ATI_BAR5_INDEX].access.pio_base; -+ -+ gfx_info.guest_mmio_base1 = dev->io_regions[ATI_BAR1_INDEX].addr; -+ gfx_info.guest_mmio_base2 = dev->io_regions[ATI_BAR2_INDEX].addr; -+ gfx_info.initialized = 1; -+ -+ PT_LOG("guest_pio_bar = 0x%x, host_pio_bar = 0x%x, pio_size=0x%x " -+ "guest_mmio_bar1=0x%x, guest_mmio_bar2=0x%x\n", -+ gfx_info.guest_pio_base, gfx_info.host_pio_base, gfx_info.pio_size, -+ gfx_info.guest_mmio_base1, gfx_info.guest_mmio_base2); -+} -+ -+static uint32_t ati_legacy_io_read(void *opaque, uint32_t addr) -+{ -+ struct pt_dev *assigned_device = opaque; -+ PCIDevice *dev = (PCIDevice *)&assigned_device->dev; -+ uint32_t val = 0xFF; -+ -+ switch( addr ) -+ { -+ case 0x3c3: -+ val = dev->io_regions[ATI_BAR5_INDEX].addr >> 8; -+ /* Intercept GFX IO registers. This supposes to happen in -+ * ati_register_vga_regions(). But we cannot get guest phys IO BAR -+ * over there. */ -+ if ( !gfx_info.initialized ) -+ ati_gfx_init(assigned_device); -+ break; -+ default: -+ PT_LOG("ERROR: port 0x%x I/O read not handled\n", addr); -+ break; -+ } -+ -+ return val; -+} -+ -+static void ati_legacy_io_write(void *opaque, uint32_t addr, uint32_t val) -+{ -+ PT_LOG("ERROR: port 0x%x I/O write not handled\n", addr); -+} -+ -+int ati_register_vga_regions(struct pt_dev *real_device) -+{ -+ PCIDevice *dev = (PCIDevice *)&real_device->dev; -+ int ret = 0; -+ -+ /* We need to intercept VBIOS accesses to port 0x3C3, which returns -+ * device port I/O BAR. For the rest of legacy I/O ports, we allow direct -+ * accesses. -+ */ -+ ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3C0, -+ 0x3C0, 0x3, DPCI_ADD_MAPPING); -+ -+ ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3C4, -+ 0x3C4, 0x1C, DPCI_ADD_MAPPING); -+ -+ register_ioport_read(0x3c3, 1, 1, ati_legacy_io_read, real_device); -+ register_ioport_write(0x3c3, 1, 1, ati_legacy_io_write, real_device); -+ -+ /* initialized on the first port 0x3C3 access in ati_gfx_init */ -+ gfx_info.initialized = 0; -+ -+ return ret; -+} -+ -+int ati_unregister_vga_regions(struct pt_dev *real_device) -+{ -+ int ret = 0; -+ -+ ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3C0, -+ 0x3C0, 0x3, DPCI_REMOVE_MAPPING); -+ -+ ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3C4, -+ 0x3C4, 0x1C, DPCI_REMOVE_MAPPING); -+ -+ gfx_info.initialized = 0; -+ -+ return ret; -+} -+ -+/*********************************/ -+/* Code for Intel IGD Passthru */ -+/*********************************/ - - static uint32_t igd_guest_opregion = 0; - -@@ -176,6 +377,77 @@ read_default: - return pci_default_read_config(pci_dev, config_addr, len); - } - -+int igd_register_vga_regions(struct pt_dev *real_device) -+{ -+ u32 vendor_id, igd_opregion; -+ int ret = 0; -+ -+ /* legacy I/O ports 0x3C0 -- 0x3E0 */ -+ ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3C0, -+ 0x3C0, 0x20, DPCI_ADD_MAPPING); -+ -+ /* 1:1 map ASL Storage register value */ -+ vendor_id = pt_pci_host_read(real_device->pci_dev, PCI_VENDOR_ID, 2); -+ igd_opregion = pt_pci_host_read(real_device->pci_dev, PCI_INTEL_OPREGION, 4); -+ if ( (vendor_id == PCI_VENDOR_ID_INTEL) && igd_opregion ) -+ { -+ ret |= xc_domain_memory_mapping(xc_handle, domid, -+ igd_opregion >> XC_PAGE_SHIFT, -+ igd_opregion >> XC_PAGE_SHIFT, -+ 2, -+ DPCI_ADD_MAPPING); -+ PT_LOG("register_vga: igd_opregion = %x\n", igd_opregion); -+ } -+ -+ return ret; -+} -+ -+int igd_unregister_vga_regions(struct pt_dev *real_device) -+{ -+ u32 vendor_id, igd_opregion; -+ int ret = 0; -+ -+ ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3C0, -+ 0x3C0, 0x20, DPCI_REMOVE_MAPPING); -+ -+ vendor_id = pt_pci_host_read(real_device->pci_dev, PCI_VENDOR_ID, 2); -+ igd_opregion = pt_pci_host_read(real_device->pci_dev, PCI_INTEL_OPREGION, 4); -+ if ( (vendor_id == PCI_VENDOR_ID_INTEL) && igd_opregion ) -+ { -+ ret |= xc_domain_memory_mapping(xc_handle, domid, -+ igd_opregion >> XC_PAGE_SHIFT, -+ igd_opregion >> XC_PAGE_SHIFT, -+ 2, -+ DPCI_REMOVE_MAPPING); -+ } -+ -+ return ret; -+} -+/*********************************/ -+/* Generic Code for GFX Passthru */ -+/*********************************/ -+/* This function decides whether I/O port map should be skipped */ -+int vga_skip_ioport_map(PCIDevice *d) -+{ -+ struct pt_dev *dev = (struct pt_dev *)d; -+ int skip = 0; -+ -+ if ( !gfx_passthru || dev->pci_dev->device_class != 0x0300 ) -+ return 0; -+ -+ switch( dev->pci_dev->vendor_id ) -+ { -+ case PCI_VENDOR_ID_ATI: -+ case PCI_VENDOR_ID_AMD: -+ skip = 1; -+ break; -+ default: -+ skip = 0; -+ break; -+ } -+ -+ return skip; -+} - /* - * register VGA resources for the domain with assigned gfx - */ -@@ -187,18 +459,33 @@ int register_vga_regions(struct pt_dev * - if ( !gfx_passthru || real_device->pci_dev->device_class != 0x0300 ) - return ret; - -+ /* legacy I/O ports 0x3B0 - 0x3BC */ - ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3B0, - 0x3B0, 0xC, DPCI_ADD_MAPPING); - -- ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3C0, -- 0x3C0, 0x20, DPCI_ADD_MAPPING); -- -+ /* legacy video MMIO range 0xA0000 - 0xBFFFF */ - ret |= xc_domain_memory_mapping(xc_handle, domid, - 0xa0000 >> XC_PAGE_SHIFT, - 0xa0000 >> XC_PAGE_SHIFT, - 0x20, - DPCI_ADD_MAPPING); - -+ /* Other VGA regions are vendor specific */ -+ switch( real_device->pci_dev->vendor_id ) -+ { -+ case PCI_VENDOR_ID_INTEL: -+ ret = igd_register_vga_regions(real_device); -+ break; -+ case PCI_VENDOR_ID_ATI: -+ case PCI_VENDOR_ID_AMD: -+ ret = ati_register_vga_regions(real_device); -+ break; -+ default: -+ PT_LOG("gfx card wasn't supported by Xen passthru!\n"); -+ ret = 1; -+ break; -+ } -+ - if ( ret != 0 ) - PT_LOG("VGA region mapping failed\n"); - -@@ -216,26 +503,31 @@ int unregister_vga_regions(struct pt_dev - if ( !gfx_passthru || real_device->pci_dev->device_class != 0x0300 ) - return ret; - -+ /* legacy I/O ports 0x3B0 - 0x3BC */ - ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3B0, - 0x3B0, 0xC, DPCI_REMOVE_MAPPING); - -- ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3C0, -- 0x3C0, 0x20, DPCI_REMOVE_MAPPING); -- -+ /* legacy video MMIO range 0xA0000 - 0xBFFFF */ - ret |= xc_domain_memory_mapping(xc_handle, domid, - 0xa0000 >> XC_PAGE_SHIFT, - 0xa0000 >> XC_PAGE_SHIFT, - 20, - DPCI_REMOVE_MAPPING); - -- vendor_id = pt_pci_host_read(real_device->pci_dev, PCI_VENDOR_ID, 2); -- if ( (vendor_id == PCI_VENDOR_ID_INTEL) && igd_guest_opregion ) -+ /* Other VGA regions are vendor specific */ -+ switch( real_device->pci_dev->vendor_id ) - { -- ret |= xc_domain_memory_mapping(xc_handle, domid, -- igd_guest_opregion >> XC_PAGE_SHIFT, -- igd_guest_opregion >> XC_PAGE_SHIFT, -- 2, -- DPCI_REMOVE_MAPPING); -+ case PCI_VENDOR_ID_INTEL: -+ ret = igd_unregister_vga_regions(real_device); -+ break; -+ case PCI_VENDOR_ID_ATI: -+ case PCI_VENDOR_ID_AMD: -+ ret = ati_unregister_vga_regions(real_device); -+ break; -+ default: -+ PT_LOG("gfx card wasn't supported by Xen passthru!\n"); -+ ret = 1; -+ break; - } - - if ( ret != 0 ) diff --git a/kernels/xen/bios_workaround.patch b/kernels/xen/bios_workaround.patch deleted file mode 100644 index 12fc00184..000000000 --- a/kernels/xen/bios_workaround.patch +++ /dev/null @@ -1,51 +0,0 @@ ---- xen-4.3.1.orig/xen/drivers/passthrough/amd/iommu_acpi.c 2013-07-09 05:46:56.000000000 -0500 -+++ xen-4.3.1/xen/drivers/passthrough/amd/iommu_acpi.c 2013-07-18 02:31:38.767195258 -0500 -@@ -668,26 +668,26 @@ - */ - for ( apic = 0; apic < nr_ioapics; apic++ ) - { -- if ( IO_APIC_ID(apic) != special->handle ) -+ if ( ioapic_sbdf[IO_APIC_ID(apic)].bdf != ioapic_sbdf[special->handle].bdf ) - continue; - -- if ( special->handle >= ARRAY_SIZE(ioapic_sbdf) ) -+ if ( IO_APIC_ID(apic) >= ARRAY_SIZE(ioapic_sbdf) ) - { - printk(XENLOG_ERR "IVHD Error: IO-APIC %#x entry beyond bounds\n", -- special->handle); -+ IO_APIC_ID(apic)); - return 0; - } - -- if ( ioapic_sbdf[special->handle].pin_setup ) -+ if ( ioapic_sbdf[IO_APIC_ID(apic)].pin_setup ) - { -- if ( ioapic_sbdf[special->handle].bdf == bdf && -- ioapic_sbdf[special->handle].seg == seg ) -+ if ( ioapic_sbdf[IO_APIC_ID(apic)].bdf == bdf && -+ ioapic_sbdf[IO_APIC_ID(apic)].seg == seg ) - AMD_IOMMU_DEBUG("IVHD Warning: Duplicate IO-APIC %#x entries\n", -- special->handle); -+ IO_APIC_ID(apic)); - else - { - printk(XENLOG_ERR "IVHD Error: Conflicting IO-APIC %#x entries\n", -- special->handle); -+ IO_APIC_ID(apic)); - if ( amd_iommu_perdev_intremap ) - return 0; - } -@@ -695,10 +695,10 @@ - else - { - /* set device id of ioapic */ -- ioapic_sbdf[special->handle].bdf = bdf; -- ioapic_sbdf[special->handle].seg = seg; -+ ioapic_sbdf[IO_APIC_ID(apic)].bdf = bdf; -+ ioapic_sbdf[IO_APIC_ID(apic)].seg = seg; - -- ioapic_sbdf[special->handle].pin_setup = xzalloc_array( -+ ioapic_sbdf[IO_APIC_ID(apic)].pin_setup = xzalloc_array( - unsigned long, BITS_TO_LONGS(nr_ioapic_entries[apic])); - if ( nr_ioapic_entries[apic] && - !ioapic_sbdf[IO_APIC_ID(apic)].pin_setup ) diff --git a/kernels/xen/conf.d-xenconsoled b/kernels/xen/conf.d-xenconsoled deleted file mode 100644 index 9dee0960a..000000000 --- a/kernels/xen/conf.d-xenconsoled +++ /dev/null @@ -1,14 +0,0 @@ -# No logging (default) -#XENCONSOLED_LOG=none -# Log guest console output only -#XENCONSOLED_LOG=guest -# Log hypervisor messages only -#XENCONSOLED_LOG=hv -# Log both guest console output and hypervisor messages -XENCONSOLED_LOG=all - -# Location to store guest & hypervisor logs -XENCONSOLED_LOG_DIR=/var/log/xen/console - -#XENCONSOLED_ARGS= - diff --git a/kernels/xen/conf.d-xenstored b/kernels/xen/conf.d-xenstored deleted file mode 100644 index 366abf9ad..000000000 --- a/kernels/xen/conf.d-xenstored +++ /dev/null @@ -1,2 +0,0 @@ -#XENSTORED_ARGS=" -T /var/log/xen/xenstored-trace.log" -XENDOM0_NAME="Domain-0" diff --git a/kernels/xen/grub.conf b/kernels/xen/grub.conf deleted file mode 100644 index 9b13008d9..000000000 --- a/kernels/xen/grub.conf +++ /dev/null @@ -1,2 +0,0 @@ -#XEN_HYPERVISOR_CMDLINE="xsave=1" -#XEN_LINUX_CMDLINE="console=tty0" diff --git a/kernels/xen/tmpfiles.d-xen.conf b/kernels/xen/tmpfiles.d-xen.conf deleted file mode 100644 index a55258b0f..000000000 --- a/kernels/xen/tmpfiles.d-xen.conf +++ /dev/null @@ -1,2 +0,0 @@ -d /run/xen 0755 root root - -d /run/xenstored 0755 root root - diff --git a/kernels/xen/xen.install b/kernels/xen/xen.install deleted file mode 100644 index f1a34d522..000000000 --- a/kernels/xen/xen.install +++ /dev/null @@ -1,64 +0,0 @@ -install_msg() { - cat << __EOF__ -===> IMPORTANT NOTICE: - -In order to complete the installation, and enable Xen, -at the very least you must: -1. Edit your GRUB2 config files as specified at - https://wiki.parabolagnulinux.org/index.php/Xen#Bootloader_Configuration -2. Issue the following commands to allow you to create and start VMs: - systemctl enable xenstored.service - systemctl enable xenconsoled.service -3. If you want some domains to automatically start up/shutdown, run the following: - systemctl enable xendomains.service - -For more information refer to the Wiki: - https://wiki.parabolagnulinux.org/index.php/Xen - -__EOF__ - -} - -upgrade_msg() { - cat << __EOF__ - -Note: If you are upgrading from one of the previous 4.2 xen builds, and are having issues - with graphics card passthrough, the default device model used has changed and the - newer model can sometimes have issues. To resolve, add (or change ) the following - line into your domain config file: - device_model_version = "qemu-xen-traditional" - - Also remember to rebuild your grub configuration if upgrading from a non-xen 4.3.1 - install. -__EOF__ - -} - -post_install() { - install_msg - upgrade_msg -} - -post_upgrade() { - upgrade_msg -} - -pre_remove() { - systemctl stop xendomains.service - systemctl stop xenconsoled.service - systemctl stop xenstored.service - - systemctl disable xendomains.service - systemctl disable xenconsoled.service - systemctl disable xenstored.service -} - -post_remove() { - cat << __EOF__ -===> IMPORTANT NOTICE: - -In order to finish removing Xen, you will need to modify -your bootloader configuration files to load your Linux -kernel instead of Xen kernel. -__EOF__ -} diff --git a/kernels/xen/xenconsoled.service b/kernels/xen/xenconsoled.service deleted file mode 100644 index 1e06b4537..000000000 --- a/kernels/xen/xenconsoled.service +++ /dev/null @@ -1,18 +0,0 @@ -[Unit] -Description=Xenconsoled - handles logging from guest consoles and hypervisor -Requires=proc-xen.mount -After=proc-xen.mount xenstored.service -ConditionPathExists=/proc/xen - -[Service] -Type=simple -Environment=XENCONSOLED_ARGS= -Environment=XENCONSOLED_LOG=none -Environment=XENCONSOLED_LOG_DIR=/var/log/xen/console -EnvironmentFile=-/etc/conf.d/xenconsoled -PIDFile=/run/xenconsoled.pid -ExecStartPre=/usr/bin/grep -q control_d /proc/xen/capabilities -ExecStart=/usr/bin/xenconsoled --pid-file /run/xenconsoled.pid --log=${XENCONSOLED_LOG} --log-dir=${XENCONSOLED_LOG_DIR} $XENCONSOLED_ARGS - -[Install] -WantedBy=multi-user.target diff --git a/kernels/xen/xendomU@.service b/kernels/xen/xendomU@.service deleted file mode 100644 index b3dd6c7d7..000000000 --- a/kernels/xen/xendomU@.service +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=xen domU service for domain %i -Requires=xenstored.service - -[Service] -Type=oneshot -RemainAfterExit=yes -ExecStart=/usr/bin/xl create /etc/xen/conf/%i.cfg -ExecStop=/usr/bin/xl shutdown %i - -[Install] -WantedBy=multi-user.target diff --git a/kernels/xen/xendomains.patch b/kernels/xen/xendomains.patch deleted file mode 100644 index 16f62b65a..000000000 --- a/kernels/xen/xendomains.patch +++ /dev/null @@ -1,108 +0,0 @@ ---- xen-4.3.1.orig/tools/hotplug/Linux/init.d/xendomains 2013-07-19 14:52:52.159013757 -0500 -+++ xen-4.3.1/tools/hotplug/Linux/init.d/xendomains 2013-07-19 14:56:00.079145322 -0500 -@@ -51,17 +51,13 @@ - fi - - # See docs/misc/distro_mapping.txt --if [ -d /var/lock/subsys ]; then -- LOCKFILE=/var/lock/subsys/xendomains -+if [ -d /run/lock/subsys ]; then -+ LOCKFILE=/run/lock/subsys/xendomains - else -- LOCKFILE=/var/lock/xendomains -+ LOCKFILE=/run/lock/xendomains - fi - --if [ -d /etc/sysconfig ]; then -- XENDOM_CONFIG=/etc/sysconfig/xendomains --else -- XENDOM_CONFIG=/etc/default/xendomains --fi -+XENDOM_CONFIG=/etc/conf.d/xendomains - - test -r $XENDOM_CONFIG || { echo "$XENDOM_CONFIG not existing"; - if [ "$1" = "stop" ]; then exit 0; -@@ -185,8 +181,13 @@ - # read name from xen config file - rdname() - { -- NM=$($CMD create --quiet --dryrun --defconfig "$1" | -- sed -n 's/^.*(name \(.*\))$/\1/p') -+ if [ "$CMD" == "xm" ]; then -+ NM=$($CMD create --quiet --dryrun --defconfig "$1" | -+ sed -n 's/^.*(name \(.*\))$/\1/p') -+ else -+ NM=$($CMD create --quiet --dryrun --defconfig "$1" | -+ perl -pe 's|^.*"name":"(.*?)".*$|$1|') -+ fi - } - - rdnames() -@@ -229,15 +230,15 @@ - rdname $1 - RC=1 - name=;id= -- while read LN; do -- parseln "$LN" || continue -+ while read id; do - if test $id = 0; then continue; fi -+ name=`xenstore-read /local/domain/$id/name` - case $name in - ($NM) - RC=0 - ;; - esac -- done < <($CMD list -l | grep "$LIST_GREP") -+ done < <(xenstore-list /local/domain) - return $RC - } - -@@ -312,6 +313,8 @@ - - all_zombies() - { -+ return 0 -+ - name=;id= - while read LN; do - parseln "$LN" || continue -@@ -363,9 +366,9 @@ - fi - echo -n "Shutting down Xen domains:" - name=;id= -- while read LN; do -- parseln "$LN" || continue -+ while read id; do - if test $id = 0; then continue; fi -+ name=`xenstore-read /local/domain/$id/name` - echo -n " $name" - if test "$XENDOMAINS_AUTO_ONLY" = "true"; then - eval " -@@ -450,7 +453,7 @@ - fi - kill $WDOG_PID >/dev/null 2>&1 - fi -- done < <($CMD list -l | grep "$LIST_GREP") -+ done < <(xenstore-list /local/domain) - - # NB. this shuts down ALL Xen domains (politely), not just the ones in - # AUTODIR/* -@@ -479,15 +482,15 @@ - check_domain_up() - { - name=;id= -- while read LN; do -- parseln "$LN" || continue -+ while read id; do - if test $id = 0; then continue; fi -+ name=`xenstore-read /local/domain/$id/name` - case $name in - ($1) - return 0 - ;; - esac -- done < <($CMD list -l | grep "$LIST_GREP") -+ done < <(xenstore-list /local/domain) - return 1 - } - diff --git a/kernels/xen/xenstored.service b/kernels/xen/xenstored.service deleted file mode 100644 index 46e0b3226..000000000 --- a/kernels/xen/xenstored.service +++ /dev/null @@ -1,20 +0,0 @@ -[Unit] -Description=Xenstored - daemon managing xenstore file system -Requires=proc-xen.mount var-lib-xenstored.mount systemd-tmpfiles-setup.service -After=proc-xen.mount var-lib-xenstored.mount systemd-tmpfiles-setup.service -Before=libvirtd.service libvirt-guests.service -RefuseManualStop=true -ConditionPathExists=/proc/xen - -[Service] -Type=forking -Environment=XENSTORED_ARGS= -Environment=XENDOM0_NAME=Domain-0 -EnvironmentFile=-/etc/conf.d/xenstored -PIDFile=/run/xenstored.pid -ExecStartPre=/usr/bin/grep -q control_d /proc/xen/capabilities -ExecStart=/usr/bin/xenstored --pid-file /run/xenstored.pid $XENSTORED_ARGS -ExecStartPost=/usr/bin/xenstore-write "/local/domain/0/name" "$XENDOM0_NAME" - -[Install] -WantedBy=multi-user.target diff --git a/kernels/xen/xsa73-4.3-unstable.patch b/kernels/xen/xsa73-4.3-unstable.patch deleted file mode 100644 index aa36b40a1..000000000 --- a/kernels/xen/xsa73-4.3-unstable.patch +++ /dev/null @@ -1,105 +0,0 @@ -From 068bfa76bbd52430e65853375e1d5db99d193e2f Mon Sep 17 00:00:00 2001 -From: Andrew Cooper -Date: Thu, 31 Oct 2013 20:49:00 +0000 -Subject: [PATCH] gnttab: correct locking order reversal - -Coverity ID 1087189 - -Correct a lock order reversal between a domains page allocation and grant -table locks. - -This is CVE-2013-4494 / XSA-73. - -Signed-off-by: Andrew Cooper - -Consolidate error handling. - -Signed-off-by: Jan Beulich -Reviewed-by: Keir Fraser -Tested-by: Matthew Daley ---- - xen/common/grant_table.c | 52 +++++++++++++++++++++++++++++++++++++++------- - 1 file changed, 44 insertions(+), 8 deletions(-) - -diff --git a/xen/common/grant_table.c b/xen/common/grant_table.c -index f42bc7a..48df928 100644 ---- a/xen/common/grant_table.c -+++ b/xen/common/grant_table.c -@@ -1518,6 +1518,8 @@ gnttab_transfer( - - for ( i = 0; i < count; i++ ) - { -+ bool_t okay; -+ - if (i && hypercall_preempt_check()) - return i; - -@@ -1626,16 +1628,18 @@ gnttab_transfer( - * pages when it is dying. - */ - if ( unlikely(e->is_dying) || -- unlikely(e->tot_pages >= e->max_pages) || -- unlikely(!gnttab_prepare_for_transfer(e, d, gop.ref)) ) -+ unlikely(e->tot_pages >= e->max_pages) ) - { -- if ( !e->is_dying ) -- gdprintk(XENLOG_INFO, "gnttab_transfer: " -- "Transferee has no reservation " -- "headroom (%d,%d) or provided a bad grant ref (%08x) " -- "or is dying (%d)\n", -- e->tot_pages, e->max_pages, gop.ref, e->is_dying); - spin_unlock(&e->page_alloc_lock); -+ -+ if ( e->is_dying ) -+ gdprintk(XENLOG_INFO, "gnttab_transfer: " -+ "Transferee (d%d) is dying\n", e->domain_id); -+ else -+ gdprintk(XENLOG_INFO, "gnttab_transfer: " -+ "Transferee (d%d) has no headroom (tot %u, max %u)\n", -+ e->domain_id, e->tot_pages, e->max_pages); -+ - rcu_unlock_domain(e); - put_gfn(d, gop.mfn); - page->count_info &= ~(PGC_count_mask|PGC_allocated); -@@ -1647,6 +1651,38 @@ gnttab_transfer( - /* Okay, add the page to 'e'. */ - if ( unlikely(domain_adjust_tot_pages(e, 1) == 1) ) - get_knownalive_domain(e); -+ -+ /* -+ * We must drop the lock to avoid a possible deadlock in -+ * gnttab_prepare_for_transfer. We have reserved a page in e so can -+ * safely drop the lock and re-aquire it later to add page to the -+ * pagelist. -+ */ -+ spin_unlock(&e->page_alloc_lock); -+ okay = gnttab_prepare_for_transfer(e, d, gop.ref); -+ spin_lock(&e->page_alloc_lock); -+ -+ if ( unlikely(!okay) || unlikely(e->is_dying) ) -+ { -+ bool_t drop_dom_ref = (domain_adjust_tot_pages(e, -1) == 0); -+ -+ spin_unlock(&e->page_alloc_lock); -+ -+ if ( okay /* i.e. e->is_dying due to the surrounding if() */ ) -+ gdprintk(XENLOG_INFO, "gnttab_transfer: " -+ "Transferee (d%d) is now dying\n", e->domain_id); -+ -+ if ( drop_dom_ref ) -+ put_domain(e); -+ rcu_unlock_domain(e); -+ -+ put_gfn(d, gop.mfn); -+ page->count_info &= ~(PGC_count_mask|PGC_allocated); -+ free_domheap_page(page); -+ gop.status = GNTST_general_error; -+ goto copyback; -+ } -+ - page_list_add_tail(page, &e->page_list); - page_set_owner(page, e); - --- -1.7.10.4 - diff --git a/kernels/xen/xsa75-4.3-unstable.patch b/kernels/xen/xsa75-4.3-unstable.patch deleted file mode 100644 index 6c0c5bca1..000000000 --- a/kernels/xen/xsa75-4.3-unstable.patch +++ /dev/null @@ -1,55 +0,0 @@ -nested VMX: VMLANUCH/VMRESUME emulation must check permission first thing - -Otherwise uninitialized data may be used, leading to crashes. - -This is XSA-75. - -Reported-and-tested-by: Jeff Zimmerman -Signed-off-by: Jan Beulich -Reviewed-and-tested-by: Andrew Cooper - ---- a/xen/arch/x86/hvm/vmx/vvmx.c -+++ b/xen/arch/x86/hvm/vmx/vvmx.c -@@ -1508,15 +1508,10 @@ static void clear_vvmcs_launched(struct - } - } - --int nvmx_vmresume(struct vcpu *v, struct cpu_user_regs *regs) -+static int nvmx_vmresume(struct vcpu *v, struct cpu_user_regs *regs) - { - struct nestedvmx *nvmx = &vcpu_2_nvmx(v); - struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); -- int rc; -- -- rc = vmx_inst_check_privilege(regs, 0); -- if ( rc != X86EMUL_OKAY ) -- return rc; - - /* check VMCS is valid and IO BITMAP is set */ - if ( (nvcpu->nv_vvmcxaddr != VMCX_EADDR) && -@@ -1535,6 +1530,10 @@ int nvmx_handle_vmresume(struct cpu_user - struct vcpu *v = current; - struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); - struct nestedvmx *nvmx = &vcpu_2_nvmx(v); -+ int rc = vmx_inst_check_privilege(regs, 0); -+ -+ if ( rc != X86EMUL_OKAY ) -+ return rc; - - if ( vcpu_nestedhvm(v).nv_vvmcxaddr == VMCX_EADDR ) - { -@@ -1554,10 +1553,13 @@ int nvmx_handle_vmresume(struct cpu_user - int nvmx_handle_vmlaunch(struct cpu_user_regs *regs) - { - bool_t launched; -- int rc; - struct vcpu *v = current; - struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); - struct nestedvmx *nvmx = &vcpu_2_nvmx(v); -+ int rc = vmx_inst_check_privilege(regs, 0); -+ -+ if ( rc != X86EMUL_OKAY ) -+ return rc; - - if ( vcpu_nestedhvm(v).nv_vvmcxaddr == VMCX_EADDR ) - { diff --git a/kernels/xen/xsa78.patch b/kernels/xen/xsa78.patch deleted file mode 100644 index 180506cdd..000000000 --- a/kernels/xen/xsa78.patch +++ /dev/null @@ -1,23 +0,0 @@ -VT-d: fix TLB flushing in dma_pte_clear_one() - -The third parameter of __intel_iommu_iotlb_flush() is to indicate -whether the to be flushed entry was a present one. A few lines before, -we bailed if !dma_pte_present(*pte), so there's no need to check the -flag here again - we can simply always pass TRUE here. - -This is CVE-2013-6375 / XSA-78. - -Suggested-by: Cheng Yueqiang -Signed-off-by: Jan Beulich - ---- a/xen/drivers/passthrough/vtd/iommu.c -+++ b/xen/drivers/passthrough/vtd/iommu.c -@@ -646,7 +646,7 @@ static void dma_pte_clear_one(struct dom - iommu_flush_cache_entry(pte, sizeof(struct dma_pte)); - - if ( !this_cpu(iommu_dont_flush_iotlb) ) -- __intel_iommu_iotlb_flush(domain, addr >> PAGE_SHIFT_4K , 0, 1); -+ __intel_iommu_iotlb_flush(domain, addr >> PAGE_SHIFT_4K, 1, 1); - - unmap_vtd_domain_page(page); - -- cgit v1.2.3-54-g00ecf