diff options
Diffstat (limited to 'kernels/xen')
-rw-r--r-- | kernels/xen/09_xen | 18 | ||||
-rw-r--r-- | kernels/xen/ChangeLog | 48 | ||||
-rw-r--r-- | kernels/xen/IVRS-debug.patch | 14 | ||||
-rw-r--r-- | kernels/xen/PKGBUILD | 204 | ||||
-rw-r--r-- | kernels/xen/TOM-register.patch | 187 | ||||
-rw-r--r-- | kernels/xen/ati-passthrough.patch | 415 | ||||
-rw-r--r-- | kernels/xen/bios_workaround.patch | 51 | ||||
-rw-r--r-- | kernels/xen/conf.d-xenconsoled | 14 | ||||
-rw-r--r-- | kernels/xen/conf.d-xenstored | 2 | ||||
-rw-r--r-- | kernels/xen/gcc-4.8-typedefs.patch | 12 | ||||
-rw-r--r-- | kernels/xen/gdbsx-glibc-2.17.patch | 10 | ||||
-rw-r--r-- | kernels/xen/grub.conf | 2 | ||||
-rw-r--r-- | kernels/xen/qemu-makefile.patch | 10 | ||||
-rw-r--r-- | kernels/xen/texi2html.patch | 10 | ||||
-rw-r--r-- | kernels/xen/timer-add-lrt-lm.patch | 11 | ||||
-rw-r--r-- | kernels/xen/tmpfiles.d-xen.conf | 1 | ||||
-rw-r--r-- | kernels/xen/xen.install | 35 | ||||
-rw-r--r-- | kernels/xen/xenconsoled.service | 4 | ||||
-rw-r--r-- | kernels/xen/xendomU@.service | 4 | ||||
-rw-r--r-- | kernels/xen/xendomains.patch | 108 | ||||
-rw-r--r-- | kernels/xen/xenstored.service | 7 | ||||
-rw-r--r-- | kernels/xen/xsa73-4.3-unstable.patch | 105 | ||||
-rw-r--r-- | kernels/xen/xsa75-4.3-unstable.patch | 55 | ||||
-rw-r--r-- | kernels/xen/xsa78.patch | 23 |
24 files changed, 1207 insertions, 143 deletions
diff --git a/kernels/xen/09_xen b/kernels/xen/09_xen index 43d050904..ddb20696f 100644 --- a/kernels/xen/09_xen +++ b/kernels/xen/09_xen @@ -21,6 +21,18 @@ else OS="${GRUB_DISTRIBUTOR} GNU/Linux-libre" elif [ "${GRUB_DISTRIBUTOR}" = "parabola" ] ; then OS="${GRUB_DISTRIBUTOR} GNU/Linux-libre" + elif [ "${GRUB_DISTRIBUTOR}" = "Blag" ] ; then + OS="${GRUB_DISTRIBUTOR} Linux and GNU" + elif [ "${GRUB_DISTRIBUTOR}" = "blag" ] ; then + OS="${GRUB_DISTRIBUTOR} Linux and GNU" + elif [ "${GRUB_DISTRIBUTOR}" = "Musix" ] ; then + OS="${GRUB_DISTRIBUTOR} GNU+Linux" + elif [ "${GRUB_DISTRIBUTOR}" = "musix" ] ; then + OS="${GRUB_DISTRIBUTOR} GNU+Linux" + elif [ "${GRUB_DISTRIBUTOR}" = "Dragora" ] ; then + OS="${GRUB_DISTRIBUTOR} GNU/Linux-libre" + elif [ "${GRUB_DISTRIBUTOR}" = "dragora" ] ; then + OS="${GRUB_DISTRIBUTOR} GNU/Linux-libre" else OS="${GRUB_DISTRIBUTOR} GNU/Linux" fi @@ -61,7 +73,7 @@ xen_entry () echo '$(printf "Loading Xen %s ..." ${xen_version})' multiboot ${rel_dirname}/${xen_basename} ${rel_dirname}/${xen_basename} ${xen_args} echo $(printf "$(gettext "Loading Linux %s ...")" ${version}) - module ${rel_dirname}/${basename} ${rel_dirname}/${basename} root=${linux_root_device_thisversion} ro ${args} + module ${rel_dirname}/${basename} ${rel_dirname}/${basename} root=${linux_root_device_thisversion} rw ${args} EOF if test -n "${initrd}" ; then cat << EOF @@ -88,7 +100,9 @@ while [ "x$xen_list" != "x" ] ; do xen_version=`echo $xen_basename | sed -e "s,^[^0-9]*-,,g" | sed -e "s,.gz,,g"` alt_xen_version=`echo $xen_version | sed -e "s,\.old$,,g"` - list="/boot/vmlinuz-linux"; + list=`for i in /boot/vmlinuz-* /vmlinuz-*; do + if grub_file_is_not_garbage "$i" ; then echo -n "$i "; fi + done` while [ "x$list" != "x" ] ; do linux=`version_find_latest $list` diff --git a/kernels/xen/ChangeLog b/kernels/xen/ChangeLog new file mode 100644 index 000000000..63c33c223 --- /dev/null +++ b/kernels/xen/ChangeLog @@ -0,0 +1,48 @@ +2013-11-25 David Sutton <kantras - gmail.com> + * 4.3.1-2: + Changed bluez dependancy from bluez4 to bluez + Added recent security patches + +2013-10-31 David Sutton <kantras - gmail.com> + * 4.3.1-1: + New upstream release + Removed unnecessary security patches (already merged) + Fixed BIOS Workaround patch to apply to the new source files + Fixed ATI Passthrough patch to apply to the new source files + Updated paths in all patches + +2013-09-29 David Sutton <kantras - gmail.com> + * 4.3.0-7: + Fixed optdepends in PKGBUILD + Added in a pre_remove function in xen.install to disable services + Minor text formating changes in xen.install + Added XSA 62,63,64 and 66 patches (Xen Security Advisories) + +2013-09-29 David Sutton <kantras - gmail.com> + * 4.3.0-6: + Fixed 09_xen so it can detect lts kernels + +2013-09-28 David Sutton <kantras - gmail.com> + * 4.3.0-5: + Fixed mount option in 09_xen from ro to rw + Added in dummy /etc/xen/grub.conf to control settings in 09_xen + Fix library sanitize so that it returns to the base directory + Move the syms file to /usr/share/xen so that it is out of the way of boot but still accessible + Added optional dependancy for openvswitch + +2013-08-13 David Sutton <kantras - gmail.com> + * 4.3.0-4 : + Added patch for qemu-xen to add a TOM register for PCI Hole mapping + Protected /etc/conf.d/xendomains from being overwritten + Included ATI Passthrough patch (not enabled by default, compile tested only) + +2013-07-23 David Sutton <kantras - gmail.com> + + * 4.3.0-3 : + added ChangeLog. + Cleaned up PKGBUILD to match Parabola Package Standards + Fixed some path references - /var/run to /run + Removed some unnecessary empty directories + Updated xenconsoled and xenstored so they use /run for pid file + Updated auto-created /run directories to include xenstored + diff --git a/kernels/xen/IVRS-debug.patch b/kernels/xen/IVRS-debug.patch new file mode 100644 index 000000000..5f6813cb9 --- /dev/null +++ b/kernels/xen/IVRS-debug.patch @@ -0,0 +1,14 @@ +--- a/xen/drivers/passthrough/amd/iommu_acpi.c 2013-07-09 05:46:56.000000000 -0500 ++++ b/xen/drivers/passthrough/amd/iommu_acpi.c 2013-08-31 01:26:18.614846438 -0500 +@@ -651,9 +651,9 @@ + return 0; + } + +- AMD_IOMMU_DEBUG("IVHD Special: %04x:%02x:%02x.%u variety %#x handle %#x\n", ++ AMD_IOMMU_DEBUG("IVHD Special: %04x:%02x:%02x.%u variety %#x handle %#x used_id %#x\n", + seg, PCI_BUS(bdf), PCI_SLOT(bdf), PCI_FUNC(bdf), +- special->variety, special->handle); ++ special->variety, special->handle, special->used_id); + add_ivrs_mapping_entry(bdf, bdf, special->header.data_setting, iommu); + + switch ( special->variety ) diff --git a/kernels/xen/PKGBUILD b/kernels/xen/PKGBUILD index a6718a6ae..64cfe6c28 100644 --- a/kernels/xen/PKGBUILD +++ b/kernels/xen/PKGBUILD @@ -1,55 +1,121 @@ -# Contributor: Shanmu Thiagaraja <sthiagaraja+AUR@prshanmu.com> +# Maintainer: David Sutton <kantras - gmail.com> # Contributor: Limao Luo # Contributor: Luceo # Contributor: Revellion # Maintainer (Parabola): André Silva <emulatorman@parabola.nu> pkgname=xen -pkgver=4.2.1 -pkgrel=6 -pkgdesc="Xen Hypervisor & Tools (Parabola rebranded)" +pkgver=4.3.1 +pkgrel=2 +pkgdesc="Virtual Machine Hypervisor & Tools (Parabola rebranded)" arch=(i686 x86_64) -url=http://www.xen.org/ +url="http://www.xenproject.org/" license=(GPL2) -depends=(bin86 bluez bridge-utils glib2 gnutls libaio libjpeg-turbo libpng lzo2 sdl wget vde2 yajl) +depends=(bin86 bluez bridge-utils curl e2fsprogs gnutls iproute2 libaio libcap-ng libiscsi libjpeg-turbo libpng lzo2 nss pixman pciutils python python2 sdl wget vde2 yajl) [[ "$CARCH" == "x86_64" ]] && depends+=(lib32-glibc) -makedepends=(dev86 git iasl markdown ocaml-findlib) -optdepends=('xen-docs: Official Xen Documentation') -conflicts=(xen-4.2{,-testing-hg} xen-{gdbsx,hg-unstable,rc}) -backup=(etc/$pkgname/xend-{config,pci-{permissive,quirks}}.sxp etc/modules-load.d/$pkgname.conf etc/$pkgname/xl.conf) +makedepends=(cmake dev86 git iasl markdown ocaml-findlib) +optdepends=('xen-docs: Official Xen Documentation' 'openvswitch: Optional Networking support') +conflicts=(xen-4.2{,-testing-hg} xen-{gdbsx,hg-unstable,rc,git} xen-4.3{,-testing-hg}) +backup=(etc/$pkgname/xend-{config,pci-{permissive,quirks}}.sxp etc/modules-load.d/$pkgname.conf etc/$pkgname/xl.conf etc/conf.d/xen{stored,consoled,domains} etc/default/xencommons etc/$pkgname/grub.conf) options=(!buildflags !strip) install=$pkgname.install +changelog=ChangeLog source=(http://bits.xensource.com/oss-xen/release/$pkgver/$pkgname-$pkgver.tar.gz + xen.install 09_xen - gcc-4.8-typedefs.patch - gdbsx-glibc-2.17.patch - texi2html.patch - timer-add-lrt-lm.patch - qemu-makefile.patch + bios_workaround.patch + xendomains.patch + TOM-register.patch + ati-passthrough.patch + IVRS-debug.patch proc-xen.mount var-lib-xenstored.mount xenconsoled.service + conf.d-xenconsoled xendomains.service xendomU@.service xenstored.service + conf.d-xenstored tmpfiles.d-$pkgname.conf + grub.conf + xsa73-4.3-unstable.patch + xsa75-4.3-unstable.patch + xsa78.patch $pkgname.conf) +sha256sums=('3b5b7cc508b1739753585b5c25635471cdcef680e8770a78bf6ef9333d26a9fd' + '0f6ebf3437974d1708c9e74005b976479ab8ff28adec394208153bf404b411f8' + '74a957d783458b7481c7a09c3ed94ec2e07ee7943e4b7fa33d3684b8d585139e' + '914cc983da1fe89ff125d751c979b4968f8952da21b19b900fcd4e6b33e14552' + '1938ca36bfb62c76ad0642147017ecfaa64588abaa2d88e868f501c4ae83bfd9' + '0fa9426cc499ea3d6e1aa33a8be0e180aed87936814b9b88bb0ef42f6983654a' + 'd93c2d5bcdf0c3e4c6e8efb357cb4b9d618209025361f5ccd9d03651a8acd7a3' + '54883171ff9cf5f342a2be5c944df16902ef06b6f2d015b675fa9bd5ed899c7c' + '139eed988bfaf8edc8ccdfd0b668382bd63db48ce17be91776182a7e28e9d88c' + 'c19146931c6ab8e53092bd9b2ebbfda5c76fd22ad3b1d42dcda3dd1b61f123ff' + 'e4af7891e816b9549ebeff766a78036626c0e278734e5625b8e7d68729530ded' + '48d76cc6f25caa79b3f527c96a0883b1decb9012f6616f61336c8d43791bf007' + '0bd45d9de6456c4f9adf32e726f2db3a3cd0423c1d161b442e8a1666d2e68e3f' + '012cc60ffdcb0e061d04d404eb9232734554aef4dc4b551f66adf82a655e6e41' + '8ee5c5a14064fc2bbfd38d0ec8a6001f541bbe56b9fb534733209a8af148b297' + '0e1ad0a6a72b0c22025a556c23235a8f663427f1e769c45fe39d1c525bf82eff' + '40e0760810a49f925f2ae9f986940b40eba477dc6d3e83a78baaae096513b3cf' + '78398fb27edfedb432b5f4e4bf87b5dbee41f180c623d29f758234a49d8bf4b4' + '18f62049d714c3460df1f698663e42d0f8a16b9b4f62e66b40fdea635a348be5' + '4bac312d49a4a88633af652c09128ba1bba2ca97e2e56e5fe7da6e4671c56ccb' + 'bb13b280bb456c1d7c8f468e23e336e6b2d06eb364c6823f1b426fcfe09f6ed3' + '50a9b7fd19e8beb1dea09755f07318f36be0b7ec53d3c9e74f3266a63e682c0c') +sha512sums=('f5250ad5ad3defc5dc1207eb6208a3928128ef57ac4162018bd92b750dc1df1eaaf37835528aca33a0f9e04c82d5f8c4ba79c03a1780d2b72cbb90cc26f77275' + '78bfb62166ffcf136e12985809b3f412e0145a7f17388a559071f644970ccdfd2a02fe9aa4a180069b923c2e4354b061a4057096de856497f10d9cac57eae4b3' + '8667a97e10f09c5ce5ba604e38a073b7d7944f4d24c5c78a7235443b65a8cc7b6e7de90e40aa335bb17fda0858d6b517ba1e8b5a0bd6bba4ad75ad44b73f6c9c' + '7118bf02ff5338e70b3f27f8ea390cd05ea37a4ceabb4adc9d32fc57329e35e98330f0e865261dd4e670436e1a725832598888d44b1e2b17b351f59318860878' + '440b3967bf0f0cecde42111bc602f591edeadfdf7044f1f181029b0ded5fb8fa9d640bc4a4a57daadd350594f86065120ea5e4d833004590a8bfe0ee88b4c316' + 'b89f524015c1299c7b19573ae0637f9d33613f3fdbb3d978a07d294ee18a657bd124852f1cbb85e6d1382aca42ed799e8ee245a161340bb4b759eeccce28df7d' + 'c30a4cbdc942ae36364830ab604ecb46a68466bfbaaef2740aa805acf9e432a0dd7877593d6211437db4d2e7c2deb15f301d5a5571fd28936f01228f13256d3f' + 'e8392dbc66bf83b887de963416b1fe9a4eeccb8faca78c6fc1dd4243544b871625d43423f03d19cf91d80295d43073904c9dbe37241e7432b69566b05b267391' + '6afdf16e32bb837faf6333334f86855a746f1f46fee9673a4fddc62eecf41f9856bc34397807203c6f5071f0b1ce74532214084042154585c0d39514450db25c' + '00e340f4d3635e3850ca24baea1da08467523c17815feb74161e18397b607fef904db2165fd9bf4632a6e8a6e37aeddad4e56965e1c99b5213c98b3f9afc6aad' + '580e0645d7f157928f137f3d8b38d3e2834cb5fa091dbcd28217bbaed494415a35c8973487a1eec726c2f49c8b11d4dd28fdcbe75f14c91a4474cacd8dfb2e99' + 'a0bbd9c14ee0f2b9dc9cf304b531aaefde545e56b4ce4847f12faab4952520ce857a92765ae3a1b25ebd2b7511bb24fc820864d7342ac43a311d8c6551958895' + 'f00034f8b826b828659a0177f0a6454113c625e69a817dfe32e461767f6643e0288bfc2a22d23358504240df627af6e3b8f5ffa0077e241e590b33d3f252e74c' + 'f21cc17009957797630c2e82630b5e93ceac8fdadc5eaa3abf0510ca81a49e5680a80ece63b248354122c5fd5d40c9a495fad15e307a694936fa062e984158c4' + '9e95e05ac7cce383530ede0f8f75b4f8990c7d7d55ef59f3e37c64a75ccc012475595bc1123bc4c2072dd2c1c2f4b744f26d6adb799f7a068195aadde383af89' + 'c996d48737ad31528b0b2b1379e3ebae948d290de9ddc71f33c7c56f0634466bc7afb2eab847e851c19e3c13bb99468a0778d908606486959a40ff3272189bd3' + '53ba61587cc2e84044e935531ed161e22c36d9e90b43cab7b8e63bcc531deeefacca301b5dff39ce89210f06f1d1e4f4f5cf49d658ed5d9038c707e3c95c66ef' + '04000a802e96c11929cb94c9a2bcafbb4307620192388441d979ea85836c3395954dea53d449c1cc25c3a0a30c49d318b8de59a053c6254f5a81e87864648a9c' + '78c94d3e473abaf857213754c7f0ef1a0dd06354cd137d1567a48d92b4106cbefd112f1dcecc90bc1f8c75d76a0e8a3425408f777044de8ec754bcda32bb7f97' + '4fb6f678dccc9f23f2c3b27617718bc6c0a87505f7483f4d07563b7b2cc37d57d3b5ef658ee5867258916c5c2695a5086cc7790196aed85357c6d3168c06749b' + 'b55cb25f88acc348e6777063f241269730f06482fe430706ac500cbd7127bc7c70188f84a282dc8a0369cc838999d47a09afc33fc9f24b5c214bdf59352c414c' + 'ccaa2ff82e4203b11e5dec9aeccac2e165721d8067e0094603ecaa7a70b78c9eb9e2287a32687883d26b6ceae6f8d2ad7636ddf949eb658637b3ceaa6999711b') prepare() { cd $pkgname-$pkgver/ - patch -Np1 -i ../gcc-4.8-typedefs.patch - patch -Np1 -i ../gdbsx-glibc-2.17.patch - patch -Np1 -i ../texi2html.patch - patch -Np1 -i ../timer-add-lrt-lm.patch - patch -Np1 -i ../qemu-makefile.patch - sed -i '203i\\t\t--disable-docs \\' tools/Makefile # disable qemu doc generation b/c of an error + + ### Patching + patch -Np1 -i ../xendomains.patch + patch -Np1 -i ../TOM-register.patch + + # Uncomment line below if you have a bios which is reporting bad IVRS data + #patch -Np1 -i ../bios_workaround.patch + #patch -Np1 -i ../IVRS-debug.patch + + # Uncomment line below if you want to enable ATI Passthrough support (some reported successes) + #patch -Np1 -i ../ati-passthrough.patch + + # Add Security Patches + patch -Np1 -i ../xsa73-4.3-unstable.patch + patch -Np1 -i ../xsa75-4.3-unstable.patch + patch -Np1 -i ../xsa78.patch + + # Fix Install Paths + sed -i 's:/sbin:/bin:' config/StdGNU.mk + } build() { export CFLAGS+='-Wall -Wstrict-prototypes -Wno-unused-local-typedefs -Wno-sizeof-pointer-memaccess' cd $pkgname-$pkgver/ ./autogen.sh - ./configure PYTHON=/usr/bin/python2 + ./configure PYTHON=/usr/bin/python2 --prefix=/usr --localstatedir=/run unset CFLAGS } @@ -64,82 +130,60 @@ package() { done install -Dm644 tmpfiles.d-$pkgname.conf "$pkgdir"/usr/lib/tmpfiles.d/$pkgname.conf install -Dm644 $pkgname.conf "$pkgdir"/etc/modules-load.d/$pkgname.conf + install -Dm644 conf.d-xenstored "$pkgdir"/etc/conf.d/xenstored + install -Dm644 conf.d-xenconsoled "$pkgdir"/etc/conf.d/xenconsoled + install -Dm644 grub.conf "$pkgdir"/etc/xen/grub.conf install -Dm755 09_xen "$pkgdir"/etc/grub.d/09_xen cd "$pkgdir" - sed -i ':XENDOM_CONFIG=/etc/:s:sysconfig/xendomains:conf.d/xendomains:' etc/init.d/xendomains - sed -i 's:touch /var/lock/subsys/xend:mkdir -p /var/lock/subsys\n &:' etc/init.d/xend + # Fix paths in scripts, move to right locations and create missing directories + sed -i 's:/var/lock:/run/lock:' etc/init.d/xendomains + sed -i 's:/var/lock:/run/lock:' etc/init.d/xend + sed -i 's:/var/lock:/run/lock:' etc/xen/scripts/hotplugpath.sh + sed -i 's:/var/run:/run:' etc/xen/scripts/hotplugpath.sh + mv etc/{init,rc}.d + mv etc/rc.d/xendomains etc/xen/scripts/xendomains + mv etc/default/xendomains etc/conf.d/xendomains + mv var/xen/dump var/lib/xen/ + mkdir var/log/xen/console + + # Sanitize library path (if lib64 exists) if [[ -d usr/lib64 ]]; then cd usr/ cp -r lib64/* lib/ rm -rf lib64 + cd ../ fi - mv etc/{init,rc}.d - - mv usr/local/etc/qemu/ etc/ - rm -rf usr/local/share/ - mv etc/rc.d/xendomains etc/xen/scripts/xendomains + # Compress and move syms file to a different directory + gzip boot/$pkgname-syms-$pkgver + mv boot/$pkgname-syms-$pkgver.gz usr/share/xen ##### Kill unwanted stuff ##### - # stubdom: newlib - rm -rf usr/*-xen-elf - # hypervisor symlinks - rm -f boot/xen{,-4,-4.2}.gz + rm -f boot/xen{,-4,-4.3}.gz - # silly doc dir fun - rm -rf usr/share/doc/xen - rm -rf usr/share/doc/qemu + # Documentation cleanup ( see xen-docs package ) + rm -rf usr/share/doc + rm -rf usr/share/xen/man - # Pointless helper - rm -f usr/sbin/xen-python-path + # Pointless helper cleanup + rm -f usr/bin/xen-python-path + rm -rf usr/libexec - # qemu stuff (unused or available from upstream) - rm -rf usr/share/xen/man + # Unnecessary qemu support files rm -rf usr/bin/qemu-*-xen - for file in bamboo.dtb bios.bin openbios-ppc openbios-sparc32 openbios-sparc64 \ - ppc_rom.bin pxe-e1000.bin pxe-ne2k_pci.bin pxe-pcnet.bin pxe-rtl8139.bin \ - vgabios-cirrus.bin vgabios.bin video.x; do - rm -f usr/share/xen/qemu/$file - done + rm usr/share/qemu-xen/qemu/{palcode,openbios}-* + rm usr/share/xen/qemu/openbios-* - # adhere to Static Library Packaging Guidelines - rm -rf usr/lib/*.a - - # Fix errors from deprecated xend + # Clean up udev rules naming, remove depreciated xend.rules + mv etc/udev/rules.d/xen-backend.rules etc/udev/rules.d/40-xen-backend.rules rm etc/udev/rules.d/xend.rules - rmdir usr/local/etc etc/xen/auto var/xen/dump var/lock/subsys usr/share/doc var/lib/xen/xenpaging var/run/xend/boot var/log/xen + # Clean up left over empty directories + rm -rf var/run var/lock var/xen + + # adhere to Static Library Packaging Guidelines + rm -rf usr/lib/*.a } -sha256sums=('fb8df5827ce3e2d2d3b078d9e5afde502beb5e7ab9442e51a94087061bd450c6' - 'cee994b4c788808c0148caeb5f798cc98b9268bb9f04448ff7c3ed479bfb7821' - 'e7c77f5fe5b6f4bd5cb3e077d44a2219252592e09e3350316ba4505575f04039' - 'f78593f1b3b4d6201644ecce77c6dd5bb7378dc53eff7cc940a80e3cd1bf72f4' - '08e5bf65c833a608470ad118ce369e32f9c267e1787f2900c06708af321225e6' - '4d55132a8e47fbfe415bf3c88824b6dcf48e4da1fff86d2b07e0c2c9e42c0a63' - '247fbfacf3212c26b673e1d7c3cc29eb0d1e903c217f16ef9dab5ed667ee139d' - '139eed988bfaf8edc8ccdfd0b668382bd63db48ce17be91776182a7e28e9d88c' - 'c19146931c6ab8e53092bd9b2ebbfda5c76fd22ad3b1d42dcda3dd1b61f123ff' - 'ba8f1c10b3f3df1f9fda0782a691fed67661e36f49be74471c86850639fee3ba' - '0bd45d9de6456c4f9adf32e726f2db3a3cd0423c1d161b442e8a1666d2e68e3f' - '1862a14607582d14247b74435dfb16411fd68904aa19e2a93c5e6ac301169d3c' - 'a0ad5a7d9262c2d22a8875a47cff2c821885ddb65c0c9eb7518befb0f42fcce7' - '6bddcea43922f72a1c8ab556c3f20067d7f817220bcd9c1c61d18f3a58dfaa9d' - '50a9b7fd19e8beb1dea09755f07318f36be0b7ec53d3c9e74f3266a63e682c0c') -sha512sums=('fe27a965e2b34035bd025482eda9fc4d4e82523c929323fd30813367d5ffbe2fa1ed3d7d4479f2632e8b5625972448b7bd6a7768e8dc1dcd1b6747d281cc1a9e' - '9f8f53ffbf19dbd56fcc56e994385b99fff537a3e295756c1e9d886f7a5f454577ec20bbd7c26516e4f80f1cf24e6d5af7dae251e32470872128eb52f6e1866f' - '88fa8b499aabd1baee5537cbdc6b8f150badb81e40b77f8e19e5b38c70803a953a2a72725065b74bb228ee242ccbcda57428af349cf17272613f7deb1afcb75c' - 'fb7dbd3d9ca610c0b476cf7202e4bd051d85de2de8e92c0c3ac59dc327bc47820eddfa67a8dc01fde21d1a3209f83b6f8533bdc7ecd0634ff503f2fac61fee6d' - '562f12e723116c705fc9d0fd4a2afd382a93465be7f616d1e20e87daf39c11029fbc57ec46e38d3ff61c482fdc9ac4df9e07600a77515867d9da6f0faf3da7f9' - 'a0baec71e9240fa9a72aa67e0783fe1200afb2ff61c625f5e96e536a8839213ada9908e776ed243a866065084f61a06d286ae2488c158730c1dd2d424cf4b0dc' - '738bfe72ab6c03d6b84c8f594fb8a63adc148edc4f9eb7beb279aa06002171fd957dbcee3b850bfbb5672f3d740047f41f59b5fdea0970a2de1a24b178fd5972' - '6afdf16e32bb837faf6333334f86855a746f1f46fee9673a4fddc62eecf41f9856bc34397807203c6f5071f0b1ce74532214084042154585c0d39514450db25c' - '00e340f4d3635e3850ca24baea1da08467523c17815feb74161e18397b607fef904db2165fd9bf4632a6e8a6e37aeddad4e56965e1c99b5213c98b3f9afc6aad' - '27d7289a8bf6e15bddcb360287001429205b57ee4d791b0337328879ffd76b8e375e3c1dd0de0ab57dd4bd1e2a2bc1748c44cc05b2528632a3e6af60f626de9d' - 'f00034f8b826b828659a0177f0a6454113c625e69a817dfe32e461767f6643e0288bfc2a22d23358504240df627af6e3b8f5ffa0077e241e590b33d3f252e74c' - '31fefc739f0f0e568df03dcf9aa02e0265ff4fbf77e7ae62d6a318fcc34e87a0ffd3fc4b84ff8c9cc95511e2e74b7b61e6b5471cd0b3cd47ee0da86b1ea90268' - 'd93509c53a3f80ab266f75a54633bba070a7ef48f629168f074c7c37d36ee9c98d2d30703bed41b1c163d960f2a3ac9f435b335db6e7b8a6e9c97044ede8b76e' - '97fb10771fad1c59c1168ede6e4a37710937821c0a053e77df7907b0a33137a190731b0130fb1d373c196a04450360a9cd3202617a77b1726613c523613cd194' - 'ccaa2ff82e4203b11e5dec9aeccac2e165721d8067e0094603ecaa7a70b78c9eb9e2287a32687883d26b6ceae6f8d2ad7636ddf949eb658637b3ceaa6999711b') diff --git a/kernels/xen/TOM-register.patch b/kernels/xen/TOM-register.patch new file mode 100644 index 000000000..88bedbbc0 --- /dev/null +++ b/kernels/xen/TOM-register.patch @@ -0,0 +1,187 @@ +--- xen-4.3.1/tools/qemu-xen/hw/pc.h ++++ xen-4.3.1-new/tools/qemu-xen/hw/pc.h +@@ -128,15 +128,14 @@ extern int no_hpet; + struct PCII440FXState; + typedef struct PCII440FXState PCII440FXState; + ++#define I440FX_TOM 0xe0000000 ++#define I440FX_XEN_TOM 0xf0000000 ++ + PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix_devfn, + ISABus **isa_bus, qemu_irq *pic, + MemoryRegion *address_space_mem, + MemoryRegion *address_space_io, + ram_addr_t ram_size, +- hwaddr pci_hole_start, +- hwaddr pci_hole_size, +- hwaddr pci_hole64_start, +- hwaddr pci_hole64_size, + MemoryRegion *pci_memory, + MemoryRegion *ram_memory); + +--- xen-4.3.1/tools/qemu-xen/hw/pc_piix.c ++++ xen-4.3.1-new/tools/qemu-xen/hw/pc_piix.c +@@ -92,9 +92,9 @@ static void pc_init1(MemoryRegion *system_memory, + kvmclock_create(); + } + +- if (ram_size >= 0xe0000000 ) { +- above_4g_mem_size = ram_size - 0xe0000000; +- below_4g_mem_size = 0xe0000000; ++ if (ram_size >= I440FX_TOM) { ++ above_4g_mem_size = ram_size - I440FX_TOM; ++ below_4g_mem_size = I440FX_TOM; + } else { + above_4g_mem_size = 0; + below_4g_mem_size = ram_size; +@@ -129,12 +129,6 @@ static void pc_init1(MemoryRegion *system_memory, + if (pci_enabled) { + pci_bus = i440fx_init(&i440fx_state, &piix3_devfn, &isa_bus, gsi, + system_memory, system_io, ram_size, +- below_4g_mem_size, +- 0x100000000ULL - below_4g_mem_size, +- 0x100000000ULL + above_4g_mem_size, +- (sizeof(hwaddr) == 4 +- ? 0 +- : ((uint64_t)1 << 62)), + pci_memory, ram_memory); + } else { + pci_bus = NULL; +--- xen-4.3.1/tools/qemu-xen/hw/piix_pci.c ++++ xen-4.3.1-new/tools/qemu-xen/hw/piix_pci.c +@@ -86,6 +86,14 @@ struct PCII440FXState { + #define I440FX_PAM_SIZE 7 + #define I440FX_SMRAM 0x72 + ++/* The maximum vaule of TOM(top of memory) register in I440FX ++ * is 1G, so it doesn't meet any popular virutal machines, so ++ * define another register to report the base of PCI memory. ++ * Use one byte 0xb0 for the upper 8 bit, they are originally ++ * resevered for host bridge. ++ * */ ++#define I440FX_PCI_HOLE_BASE 0xb0 ++ + static void piix3_set_irq(void *opaque, int pirq, int level); + static PCIINTxRoute piix3_route_intx_pin_to_irq(void *opaque, int pci_intx); + static void piix3_write_config_xen(PCIDevice *dev, +@@ -101,6 +109,43 @@ static int pci_slot_get_pirq(PCIDevice *pci_dev, int pci_intx) + return (pci_intx + slot_addend) & 3; + } + ++ ++static void i440fx_update_pci_mem_hole(PCII440FXState *f, bool del) ++{ ++ ram_addr_t above_4g_mem_size; ++ hwaddr pci_hole_start, pci_hole_size, pci_hole64_start, pci_hole64_size; ++ ++ pci_hole_start = pci_default_read_config(&f->dev, I440FX_PCI_HOLE_BASE, 1) << 24; ++ pci_hole_size = 0x100000000ULL - pci_hole_start; ++ ++ if (ram_size >= pci_hole_start) { ++ above_4g_mem_size = ram_size - pci_hole_start; ++ } else { ++ above_4g_mem_size = 0; ++ } ++ pci_hole64_start = 0x100000000ULL + above_4g_mem_size; ++ pci_hole64_size = sizeof(hwaddr) == 4 ? 0 : ((uint64_t)1 << 62); ++ ++ if (del) { ++ memory_region_del_subregion(f->system_memory, &f->pci_hole); ++ if (pci_hole64_size) { ++ memory_region_del_subregion(f->system_memory, &f->pci_hole_64bit); ++ } ++ } ++ ++ memory_region_init_alias(&f->pci_hole, "pci-hole", f->pci_address_space, ++ pci_hole_start, pci_hole_size); ++ memory_region_add_subregion(f->system_memory, pci_hole_start, &f->pci_hole); ++ memory_region_init_alias(&f->pci_hole_64bit, "pci-hole64", ++ f->pci_address_space, ++ pci_hole64_start, pci_hole64_size); ++ if (pci_hole64_size) { ++ memory_region_add_subregion(f->system_memory, pci_hole64_start, ++ &f->pci_hole_64bit); ++ } ++} ++ ++ + static void i440fx_update_memory_mappings(PCII440FXState *d) + { + int i; +@@ -136,6 +181,9 @@ static void i440fx_write_config(PCIDevice *dev, + range_covers_byte(address, len, I440FX_SMRAM)) { + i440fx_update_memory_mappings(d); + } ++ if (range_covers_byte(address, len, I440FX_PCI_HOLE_BASE)) { ++ i440fx_update_pci_mem_hole(d, true); ++ } + } + + static int i440fx_load_old(QEMUFile* f, void *opaque, int version_id) +@@ -203,6 +251,10 @@ static int i440fx_initfn(PCIDevice *dev) + + d->dev.config[I440FX_SMRAM] = 0x02; + ++ /* Emulate top of memory, here use 0xe0000000 as default val*/ ++ uint32_t addr = xen_enabled() ? I440FX_XEN_TOM : I440FX_TOM; ++ pci_set_byte(dev->config + I440FX_PCI_HOLE_BASE, (uint8_t)(addr >> 24)); ++ + cpu_smm_register(&i440fx_set_smm, d); + return 0; + } +@@ -214,10 +266,6 @@ static PCIBus *i440fx_common_init(const char *device_name, + MemoryRegion *address_space_mem, + MemoryRegion *address_space_io, + ram_addr_t ram_size, +- hwaddr pci_hole_start, +- hwaddr pci_hole_size, +- hwaddr pci_hole64_start, +- hwaddr pci_hole64_size, + MemoryRegion *pci_address_space, + MemoryRegion *ram_memory) + { +@@ -244,16 +292,6 @@ static PCIBus *i440fx_common_init(const char *device_name, + f->system_memory = address_space_mem; + f->pci_address_space = pci_address_space; + f->ram_memory = ram_memory; +- memory_region_init_alias(&f->pci_hole, "pci-hole", f->pci_address_space, +- pci_hole_start, pci_hole_size); +- memory_region_add_subregion(f->system_memory, pci_hole_start, &f->pci_hole); +- memory_region_init_alias(&f->pci_hole_64bit, "pci-hole64", +- f->pci_address_space, +- pci_hole64_start, pci_hole64_size); +- if (pci_hole64_size) { +- memory_region_add_subregion(f->system_memory, pci_hole64_start, +- &f->pci_hole_64bit); +- } + memory_region_init_alias(&f->smram_region, "smram-region", + f->pci_address_space, 0xa0000, 0x20000); + memory_region_add_subregion_overlap(f->system_memory, 0xa0000, +@@ -295,6 +333,7 @@ static PCIBus *i440fx_common_init(const char *device_name, + (*pi440fx_state)->dev.config[0x57]=ram_size; + + i440fx_update_memory_mappings(f); ++ i440fx_update_pci_mem_hole(f, false); + + return b; + } +@@ -304,10 +343,6 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix3_devfn, + MemoryRegion *address_space_mem, + MemoryRegion *address_space_io, + ram_addr_t ram_size, +- hwaddr pci_hole_start, +- hwaddr pci_hole_size, +- hwaddr pci_hole64_start, +- hwaddr pci_hole64_size, + MemoryRegion *pci_memory, MemoryRegion *ram_memory) + + { +@@ -315,8 +350,6 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix3_devfn, + + b = i440fx_common_init("i440FX", pi440fx_state, piix3_devfn, isa_bus, pic, + address_space_mem, address_space_io, ram_size, +- pci_hole_start, pci_hole_size, +- pci_hole64_start, pci_hole64_size, + pci_memory, ram_memory); + return b; + } diff --git a/kernels/xen/ati-passthrough.patch b/kernels/xen/ati-passthrough.patch new file mode 100644 index 000000000..7c20b1ecd --- /dev/null +++ b/kernels/xen/ati-passthrough.patch @@ -0,0 +1,415 @@ +--- xen-4.3.1/tools/qemu-xen-traditional/hw/pass-through.c Thu Sep 6 11:05:30 2012 ++++ xen-4.3.1-new/tools/qemu-xen-traditional/hw/pass-through.c Sat Nov 24 08:27:07 2012 +@@ -1438,9 +1438,17 @@ static void pt_ioport_map(PCIDevice *d, + if (e_phys != -1) + { + /* Create new mapping */ +- ret = xc_domain_ioport_mapping(xc_handle, domid, e_phys, +- assigned_device->bases[i].access.pio_base, e_size, +- DPCI_ADD_MAPPING); ++ if ( vga_skip_ioport_map(d) ) ++ { ++ assigned_device->bases[i].e_physbase = -1; ++ } ++ else ++ { ++ ret = xc_domain_ioport_mapping(xc_handle, domid, e_phys, ++ assigned_device->bases[i].access.pio_base, e_size, ++ DPCI_ADD_MAPPING); ++ } ++ + if ( ret != 0 ) + { + PT_LOG("Error: create new mapping failed!\n"); +--- xen-4.3.1/tools/qemu-xen-traditional/hw/pass-through.h Thu Sep 6 11:05:30 2012 ++++ xen-4.3.1-new/tools/qemu-xen-traditional/hw/pass-through.h Sat Nov 24 08:27:07 2012 +@@ -419,6 +419,11 @@ int pt_pci_host_write(struct pci_dev *pc + void intel_pch_init(PCIBus *bus); + int register_vga_regions(struct pt_dev *real_device); + int unregister_vga_regions(struct pt_dev *real_device); ++int vga_skip_ioport_map(PCIDevice *d); ++int igd_register_vga_regions(struct pt_dev *real_device); ++int igd_unregister_vga_regions(struct pt_dev *real_device); ++int ati_register_vga_regions(struct pt_dev *real_device); ++int ati_unregister_vga_regions(struct pt_dev *real_device); + int setup_vga_pt(struct pt_dev *real_device); + PCIBus *intel_pci_bridge_init(PCIBus *bus, int devfn, uint16_t vid, + uint16_t did, const char *name, uint16_t revision); +--- xen-4.3.1/tools/qemu-xen-traditional/hw/pci.h Thu Sep 6 11:05:30 2012 ++++ xen-4.3.1-new/tools/qemu-xen-traditional/hw/pci.h Sat Nov 24 08:27:07 2012 +@@ -54,6 +54,8 @@ extern target_phys_addr_t pci_mem_base; + + #define PCI_VENDOR_ID_CIRRUS 0x1013 + ++#define PCI_VENDOR_ID_ATI 0x1002 ++ + #define PCI_VENDOR_ID_IBM 0x1014 + #define PCI_DEVICE_ID_IBM_OPENPIC2 0xffff + +--- xen-4.3.1/tools/qemu-xen-traditional/hw/pt-graphics.c Thu Sep 6 11:05:30 2012 ++++ xen-4.3.1-new/tools/qemu-xen-traditional/hw/pt-graphics.c Sat Nov 24 08:28:10 2012 +@@ -13,6 +13,207 @@ + + extern int gfx_passthru; + extern int igd_passthru; ++/*********************************/ ++/* Code for ATI GFX Passthru */ ++/*********************************/ ++/* ATI VBIOS Working Mechanism ++ * ++ * Generally there are three memory resources (two MMIO and one PIO) ++ * associated with modern ATI gfx. VBIOS uses special tricks to figure out ++ * BARs, instead of using regular PCI config space read. ++ * ++ * (1) VBIOS relies on I/O port 0x3C3 to retrieve PIO BAR ++ * (2) VBIOS maintains a shadow copy of PCI configure space. It retries the ++ * MMIO BARs from this shadow copy via sending I/O requests to first two ++ * registers of PIO (MMINDEX and MMDATA). The workflow is like this: ++ * MMINDEX (register 0) is written with an index value, specifying the ++ * register VBIOS wanting to access. Then the shadowed data can be ++ * read/written from MMDATA (register 1). For two MMIO BARs, the index ++ * values are 0x4010 and 0x4014 respectively. ++ * ++ */ ++ ++#define ATI_BAR1_INDEX 0 //MMIO BAR1 ++#define ATI_BAR2_INDEX 1 //MMIO BAR2 ++#define ATI_BAR5_INDEX 4 //PIO BAR == BAR5 ++ ++#define ATI_BAR1_MMINDEX 0x4010 //data written to MMINDEX for MMIO BAR1 ++#define ATI_BAR2_MMINDEX 0x4014 //data written to MMINDEX FOR MMIO BAR2 ++ ++struct ati_gfx_info { ++ int initialized; /* initialized already? */ ++ ++ /* PIO */ ++ uint32_t host_pio_base; /* host base addr of PIO */ ++ uint32_t guest_pio_base; /* guest base addr of PIO */ ++ uint32_t pio_size; /* PIO size */ ++ ++ /* MMIO */ ++ uint32_t guest_mmio_base1; /* guest base addr of MMIO 1 */ ++ uint32_t guest_mmio_base2; /* guest base addr of MMIO 2 */ ++ ++ /* PIO MMINDEX access recording */ ++ uint32_t pre_mmindex_data; /* previous data written to MMINDEX */ ++}; ++ ++static struct ati_gfx_info gfx_info; ++ ++/* Convert guest PIO port to host PIO port */ ++static uint16_t gport_to_hport(uint16_t gport) ++{ ++ return (gport - gfx_info.guest_pio_base) + gfx_info.host_pio_base; ++} ++ ++/* Read host PIO port */ ++static uint32_t ati_hw_in(uint16_t hport) ++{ ++ unsigned val; ++ ++ //iopl(3); ++ asm volatile ("in %1,%0":"=a"(val):"Nd"(hport)); ++ //iopl(0); ++ ++ return val; ++} ++ ++/* Write data to host PIO */ ++static void ati_hw_out(uint16_t hport, uint32_t data) ++{ ++ //iopl(3); ++ asm volatile ("out %1, %0"::"Nd"(hport),"a"(data)); ++ //iopl(0); ++} ++ ++static uint32_t ati_io_regs_read(void *opaque, uint32_t addr) ++{ ++ uint32_t val; ++ ++ val = ati_hw_in(gport_to_hport(addr)); ++ ++ /* tweak the value if VBIOS is reading MMIO BAR1 and BAR2 */ ++ if ( addr == (gfx_info.guest_pio_base + 4) ) ++ { ++ switch ( gfx_info.pre_mmindex_data ) ++ { ++ case ATI_BAR1_MMINDEX: ++ val = gfx_info.guest_mmio_base1 | (val & 0x0000000f); ++ break; ++ case ATI_BAR2_MMINDEX: ++ val = gfx_info.guest_mmio_base2 | (val & 0x0000000f); ++ break; ++ default: ++ break; ++ } ++ } ++ ++ return val; ++} ++ ++static void ati_io_regs_write(void *opaque, uint32_t addr, uint32_t val) ++{ ++ ati_hw_out(gport_to_hport(addr), val); ++ ++ /* book keeping */ ++ if ( addr == gfx_info.guest_pio_base ) ++ gfx_info.pre_mmindex_data = val; ++} ++ ++static void ati_gfx_init(struct pt_dev *assigned) ++{ ++ PCIDevice *dev = (PCIDevice *)&assigned->dev; ++ ++ register_ioport_read(dev->io_regions[ATI_BAR5_INDEX].addr, ++ dev->io_regions[ATI_BAR5_INDEX].size, 4, ati_io_regs_read, assigned); ++ ++ register_ioport_write(dev->io_regions[ATI_BAR5_INDEX].addr, ++ dev->io_regions[ATI_BAR5_INDEX].size, 4, ati_io_regs_write, assigned); ++ ++ /* initialize IO registers */ ++ gfx_info.guest_pio_base = dev->io_regions[ATI_BAR5_INDEX].addr; ++ gfx_info.pio_size = dev->io_regions[ATI_BAR5_INDEX].size; ++ gfx_info.host_pio_base = assigned->bases[ATI_BAR5_INDEX].access.pio_base; ++ ++ gfx_info.guest_mmio_base1 = dev->io_regions[ATI_BAR1_INDEX].addr; ++ gfx_info.guest_mmio_base2 = dev->io_regions[ATI_BAR2_INDEX].addr; ++ gfx_info.initialized = 1; ++ ++ PT_LOG("guest_pio_bar = 0x%x, host_pio_bar = 0x%x, pio_size=0x%x " ++ "guest_mmio_bar1=0x%x, guest_mmio_bar2=0x%x\n", ++ gfx_info.guest_pio_base, gfx_info.host_pio_base, gfx_info.pio_size, ++ gfx_info.guest_mmio_base1, gfx_info.guest_mmio_base2); ++} ++ ++static uint32_t ati_legacy_io_read(void *opaque, uint32_t addr) ++{ ++ struct pt_dev *assigned_device = opaque; ++ PCIDevice *dev = (PCIDevice *)&assigned_device->dev; ++ uint32_t val = 0xFF; ++ ++ switch( addr ) ++ { ++ case 0x3c3: ++ val = dev->io_regions[ATI_BAR5_INDEX].addr >> 8; ++ /* Intercept GFX IO registers. This supposes to happen in ++ * ati_register_vga_regions(). But we cannot get guest phys IO BAR ++ * over there. */ ++ if ( !gfx_info.initialized ) ++ ati_gfx_init(assigned_device); ++ break; ++ default: ++ PT_LOG("ERROR: port 0x%x I/O read not handled\n", addr); ++ break; ++ } ++ ++ return val; ++} ++ ++static void ati_legacy_io_write(void *opaque, uint32_t addr, uint32_t val) ++{ ++ PT_LOG("ERROR: port 0x%x I/O write not handled\n", addr); ++} ++ ++int ati_register_vga_regions(struct pt_dev *real_device) ++{ ++ PCIDevice *dev = (PCIDevice *)&real_device->dev; ++ int ret = 0; ++ ++ /* We need to intercept VBIOS accesses to port 0x3C3, which returns ++ * device port I/O BAR. For the rest of legacy I/O ports, we allow direct ++ * accesses. ++ */ ++ ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3C0, ++ 0x3C0, 0x3, DPCI_ADD_MAPPING); ++ ++ ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3C4, ++ 0x3C4, 0x1C, DPCI_ADD_MAPPING); ++ ++ register_ioport_read(0x3c3, 1, 1, ati_legacy_io_read, real_device); ++ register_ioport_write(0x3c3, 1, 1, ati_legacy_io_write, real_device); ++ ++ /* initialized on the first port 0x3C3 access in ati_gfx_init */ ++ gfx_info.initialized = 0; ++ ++ return ret; ++} ++ ++int ati_unregister_vga_regions(struct pt_dev *real_device) ++{ ++ int ret = 0; ++ ++ ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3C0, ++ 0x3C0, 0x3, DPCI_REMOVE_MAPPING); ++ ++ ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3C4, ++ 0x3C4, 0x1C, DPCI_REMOVE_MAPPING); ++ ++ gfx_info.initialized = 0; ++ ++ return ret; ++} ++ ++/*********************************/ ++/* Code for Intel IGD Passthru */ ++/*********************************/ + + static uint32_t igd_guest_opregion = 0; + +@@ -176,6 +377,77 @@ read_default: + return pci_default_read_config(pci_dev, config_addr, len); + } + ++int igd_register_vga_regions(struct pt_dev *real_device) ++{ ++ u32 vendor_id, igd_opregion; ++ int ret = 0; ++ ++ /* legacy I/O ports 0x3C0 -- 0x3E0 */ ++ ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3C0, ++ 0x3C0, 0x20, DPCI_ADD_MAPPING); ++ ++ /* 1:1 map ASL Storage register value */ ++ vendor_id = pt_pci_host_read(real_device->pci_dev, PCI_VENDOR_ID, 2); ++ igd_opregion = pt_pci_host_read(real_device->pci_dev, PCI_INTEL_OPREGION, 4); ++ if ( (vendor_id == PCI_VENDOR_ID_INTEL) && igd_opregion ) ++ { ++ ret |= xc_domain_memory_mapping(xc_handle, domid, ++ igd_opregion >> XC_PAGE_SHIFT, ++ igd_opregion >> XC_PAGE_SHIFT, ++ 2, ++ DPCI_ADD_MAPPING); ++ PT_LOG("register_vga: igd_opregion = %x\n", igd_opregion); ++ } ++ ++ return ret; ++} ++ ++int igd_unregister_vga_regions(struct pt_dev *real_device) ++{ ++ u32 vendor_id, igd_opregion; ++ int ret = 0; ++ ++ ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3C0, ++ 0x3C0, 0x20, DPCI_REMOVE_MAPPING); ++ ++ vendor_id = pt_pci_host_read(real_device->pci_dev, PCI_VENDOR_ID, 2); ++ igd_opregion = pt_pci_host_read(real_device->pci_dev, PCI_INTEL_OPREGION, 4); ++ if ( (vendor_id == PCI_VENDOR_ID_INTEL) && igd_opregion ) ++ { ++ ret |= xc_domain_memory_mapping(xc_handle, domid, ++ igd_opregion >> XC_PAGE_SHIFT, ++ igd_opregion >> XC_PAGE_SHIFT, ++ 2, ++ DPCI_REMOVE_MAPPING); ++ } ++ ++ return ret; ++} ++/*********************************/ ++/* Generic Code for GFX Passthru */ ++/*********************************/ ++/* This function decides whether I/O port map should be skipped */ ++int vga_skip_ioport_map(PCIDevice *d) ++{ ++ struct pt_dev *dev = (struct pt_dev *)d; ++ int skip = 0; ++ ++ if ( !gfx_passthru || dev->pci_dev->device_class != 0x0300 ) ++ return 0; ++ ++ switch( dev->pci_dev->vendor_id ) ++ { ++ case PCI_VENDOR_ID_ATI: ++ case PCI_VENDOR_ID_AMD: ++ skip = 1; ++ break; ++ default: ++ skip = 0; ++ break; ++ } ++ ++ return skip; ++} + /* + * register VGA resources for the domain with assigned gfx + */ +@@ -187,18 +459,33 @@ int register_vga_regions(struct pt_dev * + if ( !gfx_passthru || real_device->pci_dev->device_class != 0x0300 ) + return ret; + ++ /* legacy I/O ports 0x3B0 - 0x3BC */ + ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3B0, + 0x3B0, 0xC, DPCI_ADD_MAPPING); + +- ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3C0, +- 0x3C0, 0x20, DPCI_ADD_MAPPING); +- ++ /* legacy video MMIO range 0xA0000 - 0xBFFFF */ + ret |= xc_domain_memory_mapping(xc_handle, domid, + 0xa0000 >> XC_PAGE_SHIFT, + 0xa0000 >> XC_PAGE_SHIFT, + 0x20, + DPCI_ADD_MAPPING); + ++ /* Other VGA regions are vendor specific */ ++ switch( real_device->pci_dev->vendor_id ) ++ { ++ case PCI_VENDOR_ID_INTEL: ++ ret = igd_register_vga_regions(real_device); ++ break; ++ case PCI_VENDOR_ID_ATI: ++ case PCI_VENDOR_ID_AMD: ++ ret = ati_register_vga_regions(real_device); ++ break; ++ default: ++ PT_LOG("gfx card wasn't supported by Xen passthru!\n"); ++ ret = 1; ++ break; ++ } ++ + if ( ret != 0 ) + PT_LOG("VGA region mapping failed\n"); + +@@ -216,26 +503,31 @@ int unregister_vga_regions(struct pt_dev + if ( !gfx_passthru || real_device->pci_dev->device_class != 0x0300 ) + return ret; + ++ /* legacy I/O ports 0x3B0 - 0x3BC */ + ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3B0, + 0x3B0, 0xC, DPCI_REMOVE_MAPPING); + +- ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3C0, +- 0x3C0, 0x20, DPCI_REMOVE_MAPPING); +- ++ /* legacy video MMIO range 0xA0000 - 0xBFFFF */ + ret |= xc_domain_memory_mapping(xc_handle, domid, + 0xa0000 >> XC_PAGE_SHIFT, + 0xa0000 >> XC_PAGE_SHIFT, + 20, + DPCI_REMOVE_MAPPING); + +- vendor_id = pt_pci_host_read(real_device->pci_dev, PCI_VENDOR_ID, 2); +- if ( (vendor_id == PCI_VENDOR_ID_INTEL) && igd_guest_opregion ) ++ /* Other VGA regions are vendor specific */ ++ switch( real_device->pci_dev->vendor_id ) + { +- ret |= xc_domain_memory_mapping(xc_handle, domid, +- igd_guest_opregion >> XC_PAGE_SHIFT, +- igd_guest_opregion >> XC_PAGE_SHIFT, +- 2, +- DPCI_REMOVE_MAPPING); ++ case PCI_VENDOR_ID_INTEL: ++ ret = igd_unregister_vga_regions(real_device); ++ break; ++ case PCI_VENDOR_ID_ATI: ++ case PCI_VENDOR_ID_AMD: ++ ret = ati_unregister_vga_regions(real_device); ++ break; ++ default: ++ PT_LOG("gfx card wasn't supported by Xen passthru!\n"); ++ ret = 1; ++ break; + } + + if ( ret != 0 ) diff --git a/kernels/xen/bios_workaround.patch b/kernels/xen/bios_workaround.patch new file mode 100644 index 000000000..12fc00184 --- /dev/null +++ b/kernels/xen/bios_workaround.patch @@ -0,0 +1,51 @@ +--- xen-4.3.1.orig/xen/drivers/passthrough/amd/iommu_acpi.c 2013-07-09 05:46:56.000000000 -0500 ++++ xen-4.3.1/xen/drivers/passthrough/amd/iommu_acpi.c 2013-07-18 02:31:38.767195258 -0500 +@@ -668,26 +668,26 @@ + */ + for ( apic = 0; apic < nr_ioapics; apic++ ) + { +- if ( IO_APIC_ID(apic) != special->handle ) ++ if ( ioapic_sbdf[IO_APIC_ID(apic)].bdf != ioapic_sbdf[special->handle].bdf ) + continue; + +- if ( special->handle >= ARRAY_SIZE(ioapic_sbdf) ) ++ if ( IO_APIC_ID(apic) >= ARRAY_SIZE(ioapic_sbdf) ) + { + printk(XENLOG_ERR "IVHD Error: IO-APIC %#x entry beyond bounds\n", +- special->handle); ++ IO_APIC_ID(apic)); + return 0; + } + +- if ( ioapic_sbdf[special->handle].pin_setup ) ++ if ( ioapic_sbdf[IO_APIC_ID(apic)].pin_setup ) + { +- if ( ioapic_sbdf[special->handle].bdf == bdf && +- ioapic_sbdf[special->handle].seg == seg ) ++ if ( ioapic_sbdf[IO_APIC_ID(apic)].bdf == bdf && ++ ioapic_sbdf[IO_APIC_ID(apic)].seg == seg ) + AMD_IOMMU_DEBUG("IVHD Warning: Duplicate IO-APIC %#x entries\n", +- special->handle); ++ IO_APIC_ID(apic)); + else + { + printk(XENLOG_ERR "IVHD Error: Conflicting IO-APIC %#x entries\n", +- special->handle); ++ IO_APIC_ID(apic)); + if ( amd_iommu_perdev_intremap ) + return 0; + } +@@ -695,10 +695,10 @@ + else + { + /* set device id of ioapic */ +- ioapic_sbdf[special->handle].bdf = bdf; +- ioapic_sbdf[special->handle].seg = seg; ++ ioapic_sbdf[IO_APIC_ID(apic)].bdf = bdf; ++ ioapic_sbdf[IO_APIC_ID(apic)].seg = seg; + +- ioapic_sbdf[special->handle].pin_setup = xzalloc_array( ++ ioapic_sbdf[IO_APIC_ID(apic)].pin_setup = xzalloc_array( + unsigned long, BITS_TO_LONGS(nr_ioapic_entries[apic])); + if ( nr_ioapic_entries[apic] && + !ioapic_sbdf[IO_APIC_ID(apic)].pin_setup ) diff --git a/kernels/xen/conf.d-xenconsoled b/kernels/xen/conf.d-xenconsoled new file mode 100644 index 000000000..9dee0960a --- /dev/null +++ b/kernels/xen/conf.d-xenconsoled @@ -0,0 +1,14 @@ +# No logging (default) +#XENCONSOLED_LOG=none +# Log guest console output only +#XENCONSOLED_LOG=guest +# Log hypervisor messages only +#XENCONSOLED_LOG=hv +# Log both guest console output and hypervisor messages +XENCONSOLED_LOG=all + +# Location to store guest & hypervisor logs +XENCONSOLED_LOG_DIR=/var/log/xen/console + +#XENCONSOLED_ARGS= + diff --git a/kernels/xen/conf.d-xenstored b/kernels/xen/conf.d-xenstored new file mode 100644 index 000000000..366abf9ad --- /dev/null +++ b/kernels/xen/conf.d-xenstored @@ -0,0 +1,2 @@ +#XENSTORED_ARGS=" -T /var/log/xen/xenstored-trace.log" +XENDOM0_NAME="Domain-0" diff --git a/kernels/xen/gcc-4.8-typedefs.patch b/kernels/xen/gcc-4.8-typedefs.patch deleted file mode 100644 index 6cda7cb80..000000000 --- a/kernels/xen/gcc-4.8-typedefs.patch +++ /dev/null @@ -1,12 +0,0 @@ ---- a/Config.mk 2012-12-17 09:59:58.000000000 -0500 -+++ b/Config.mk 2013-04-12 17:32:44.673277553 -0400 -@@ -166,6 +166,9 @@ - $(call cc-option-add,HOSTCFLAGS,HOSTCC,-Wdeclaration-after-statement) - $(call cc-option-add,CFLAGS,CC,-Wdeclaration-after-statement) - $(call cc-option-add,CFLAGS,CC,-Wno-unused-but-set-variable) -+$(call cc-option-add,CFLAGS,CC,-Wno-unused-local-typedefs) -+$(call cc-option-add,CFLAGS,CC,-Wno-sizeof-pointer-memaccess) -+$(call cc-option-add,CFLAGS,CC,-Wformat) - - LDFLAGS += $(foreach i, $(EXTRA_LIB), -L$(i)) - CFLAGS += $(foreach i, $(EXTRA_INCLUDES), -I$(i)) diff --git a/kernels/xen/gdbsx-glibc-2.17.patch b/kernels/xen/gdbsx-glibc-2.17.patch deleted file mode 100644 index 310010180..000000000 --- a/kernels/xen/gdbsx-glibc-2.17.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- a/tools/debugger/gdbsx/xg/xg_main.c -+++ b/tools/debugger/gdbsx/xg/xg_main.c -@@ -34,6 +34,7 @@ - * XGTRC(): generic trace utility - */ - -+#include <sys/types.h> - #include <stdio.h> - #include <stddef.h> - #include <stdarg.h> diff --git a/kernels/xen/grub.conf b/kernels/xen/grub.conf new file mode 100644 index 000000000..9b13008d9 --- /dev/null +++ b/kernels/xen/grub.conf @@ -0,0 +1,2 @@ +#XEN_HYPERVISOR_CMDLINE="xsave=1" +#XEN_LINUX_CMDLINE="console=tty0" diff --git a/kernels/xen/qemu-makefile.patch b/kernels/xen/qemu-makefile.patch deleted file mode 100644 index d66cf043f..000000000 --- a/kernels/xen/qemu-makefile.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- a/tools/qemu-xen/Makefile.target 2013-04-05 23:39:54.000000000 +0000 -+++ b/tools/qemu-xen/Makefile.target 2013-04-25 13:54:59.360000000 +0000 -@@ -206,6 +206,7 @@ - obj-$(CONFIG_NO_KVM) += kvm-stub.o - obj-y += memory.o - LIBS+=-lz -+LIBS+=-lrt - - QEMU_CFLAGS += $(VNC_TLS_CFLAGS) - QEMU_CFLAGS += $(VNC_SASL_CFLAGS) diff --git a/kernels/xen/texi2html.patch b/kernels/xen/texi2html.patch deleted file mode 100644 index 8f22773c9..000000000 --- a/kernels/xen/texi2html.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- a/tools/Makefile 2012-09-17 22:25:54.683349679 -0500 -+++ b/tools/Makefile 2012-09-17 22:49:08.923331802 -0500 -@@ -164,6 +164,7 @@ - $(QEMU_ROOT)/xen-setup \ - --extra-cflags="$(EXTRA_CFLAGS_QEMU_TRADITIONAL)" \ - $(IOEMU_CONFIGURE_CROSS); \ -+ sed -i 's/number[ ]/number-sections /' Makefile; \ - $(MAKE) install - - subdir-clean-qemu-xen-traditional-dir: diff --git a/kernels/xen/timer-add-lrt-lm.patch b/kernels/xen/timer-add-lrt-lm.patch deleted file mode 100644 index 4a170f9fe..000000000 --- a/kernels/xen/timer-add-lrt-lm.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/tools/qemu-xen-traditional/Makefile.target -+++ b/tools/qemu-xen-traditional/Makefile.target -@@ -520,7 +520,7 @@ - OBJS+=block-raw-posix.o - endif - --LIBS+=-lz -+LIBS+=-lz -lm -lrt - ifdef CONFIG_ALSA - LIBS += -lasound - endif diff --git a/kernels/xen/tmpfiles.d-xen.conf b/kernels/xen/tmpfiles.d-xen.conf index 504101772..a55258b0f 100644 --- a/kernels/xen/tmpfiles.d-xen.conf +++ b/kernels/xen/tmpfiles.d-xen.conf @@ -1 +1,2 @@ d /run/xen 0755 root root - +d /run/xenstored 0755 root root - diff --git a/kernels/xen/xen.install b/kernels/xen/xen.install index 6a109ac63..f1a34d522 100644 --- a/kernels/xen/xen.install +++ b/kernels/xen/xen.install @@ -9,15 +9,48 @@ at the very least you must: 2. Issue the following commands to allow you to create and start VMs: systemctl enable xenstored.service systemctl enable xenconsoled.service +3. If you want some domains to automatically start up/shutdown, run the following: systemctl enable xendomains.service + For more information refer to the Wiki: https://wiki.parabolagnulinux.org/index.php/Xen + __EOF__ } -post_upgrade() { +upgrade_msg() { + cat << __EOF__ + +Note: If you are upgrading from one of the previous 4.2 xen builds, and are having issues + with graphics card passthrough, the default device model used has changed and the + newer model can sometimes have issues. To resolve, add (or change ) the following + line into your domain config file: + device_model_version = "qemu-xen-traditional" + + Also remember to rebuild your grub configuration if upgrading from a non-xen 4.3.1 + install. +__EOF__ + +} + +post_install() { install_msg + upgrade_msg +} + +post_upgrade() { + upgrade_msg +} + +pre_remove() { + systemctl stop xendomains.service + systemctl stop xenconsoled.service + systemctl stop xenstored.service + + systemctl disable xendomains.service + systemctl disable xenconsoled.service + systemctl disable xenstored.service } post_remove() { diff --git a/kernels/xen/xenconsoled.service b/kernels/xen/xenconsoled.service index edcc8e69f..1e06b4537 100644 --- a/kernels/xen/xenconsoled.service +++ b/kernels/xen/xenconsoled.service @@ -10,9 +10,9 @@ Environment=XENCONSOLED_ARGS= Environment=XENCONSOLED_LOG=none Environment=XENCONSOLED_LOG_DIR=/var/log/xen/console EnvironmentFile=-/etc/conf.d/xenconsoled -PIDFile=/var/run/xenconsoled.pid +PIDFile=/run/xenconsoled.pid ExecStartPre=/usr/bin/grep -q control_d /proc/xen/capabilities -ExecStart=/usr/sbin/xenconsoled --log=${XENCONSOLED_LOG} --log-dir=${XENCONSOLED_LOG_DIR} $XENCONSOLED_ARGS +ExecStart=/usr/bin/xenconsoled --pid-file /run/xenconsoled.pid --log=${XENCONSOLED_LOG} --log-dir=${XENCONSOLED_LOG_DIR} $XENCONSOLED_ARGS [Install] WantedBy=multi-user.target diff --git a/kernels/xen/xendomU@.service b/kernels/xen/xendomU@.service index 57d6e520d..b3dd6c7d7 100644 --- a/kernels/xen/xendomU@.service +++ b/kernels/xen/xendomU@.service @@ -5,8 +5,8 @@ Requires=xenstored.service [Service] Type=oneshot RemainAfterExit=yes -ExecStart=/usr/sbin/xl create /etc/xen/conf/%i.cfg -ExecStop=/usr/sbin/xl shutdown %i +ExecStart=/usr/bin/xl create /etc/xen/conf/%i.cfg +ExecStop=/usr/bin/xl shutdown %i [Install] WantedBy=multi-user.target diff --git a/kernels/xen/xendomains.patch b/kernels/xen/xendomains.patch new file mode 100644 index 000000000..16f62b65a --- /dev/null +++ b/kernels/xen/xendomains.patch @@ -0,0 +1,108 @@ +--- xen-4.3.1.orig/tools/hotplug/Linux/init.d/xendomains 2013-07-19 14:52:52.159013757 -0500 ++++ xen-4.3.1/tools/hotplug/Linux/init.d/xendomains 2013-07-19 14:56:00.079145322 -0500 +@@ -51,17 +51,13 @@ + fi + + # See docs/misc/distro_mapping.txt +-if [ -d /var/lock/subsys ]; then +- LOCKFILE=/var/lock/subsys/xendomains ++if [ -d /run/lock/subsys ]; then ++ LOCKFILE=/run/lock/subsys/xendomains + else +- LOCKFILE=/var/lock/xendomains ++ LOCKFILE=/run/lock/xendomains + fi + +-if [ -d /etc/sysconfig ]; then +- XENDOM_CONFIG=/etc/sysconfig/xendomains +-else +- XENDOM_CONFIG=/etc/default/xendomains +-fi ++XENDOM_CONFIG=/etc/conf.d/xendomains + + test -r $XENDOM_CONFIG || { echo "$XENDOM_CONFIG not existing"; + if [ "$1" = "stop" ]; then exit 0; +@@ -185,8 +181,13 @@ + # read name from xen config file + rdname() + { +- NM=$($CMD create --quiet --dryrun --defconfig "$1" | +- sed -n 's/^.*(name \(.*\))$/\1/p') ++ if [ "$CMD" == "xm" ]; then ++ NM=$($CMD create --quiet --dryrun --defconfig "$1" | ++ sed -n 's/^.*(name \(.*\))$/\1/p') ++ else ++ NM=$($CMD create --quiet --dryrun --defconfig "$1" | ++ perl -pe 's|^.*"name":"(.*?)".*$|$1|') ++ fi + } + + rdnames() +@@ -229,15 +230,15 @@ + rdname $1 + RC=1 + name=;id= +- while read LN; do +- parseln "$LN" || continue ++ while read id; do + if test $id = 0; then continue; fi ++ name=`xenstore-read /local/domain/$id/name` + case $name in + ($NM) + RC=0 + ;; + esac +- done < <($CMD list -l | grep "$LIST_GREP") ++ done < <(xenstore-list /local/domain) + return $RC + } + +@@ -312,6 +313,8 @@ + + all_zombies() + { ++ return 0 ++ + name=;id= + while read LN; do + parseln "$LN" || continue +@@ -363,9 +366,9 @@ + fi + echo -n "Shutting down Xen domains:" + name=;id= +- while read LN; do +- parseln "$LN" || continue ++ while read id; do + if test $id = 0; then continue; fi ++ name=`xenstore-read /local/domain/$id/name` + echo -n " $name" + if test "$XENDOMAINS_AUTO_ONLY" = "true"; then + eval " +@@ -450,7 +453,7 @@ + fi + kill $WDOG_PID >/dev/null 2>&1 + fi +- done < <($CMD list -l | grep "$LIST_GREP") ++ done < <(xenstore-list /local/domain) + + # NB. this shuts down ALL Xen domains (politely), not just the ones in + # AUTODIR/* +@@ -479,15 +482,15 @@ + check_domain_up() + { + name=;id= +- while read LN; do +- parseln "$LN" || continue ++ while read id; do + if test $id = 0; then continue; fi ++ name=`xenstore-read /local/domain/$id/name` + case $name in + ($1) + return 0 + ;; + esac +- done < <($CMD list -l | grep "$LIST_GREP") ++ done < <(xenstore-list /local/domain) + return 1 + } + diff --git a/kernels/xen/xenstored.service b/kernels/xen/xenstored.service index c898fd24b..46e0b3226 100644 --- a/kernels/xen/xenstored.service +++ b/kernels/xen/xenstored.service @@ -9,11 +9,12 @@ ConditionPathExists=/proc/xen [Service] Type=forking Environment=XENSTORED_ARGS= +Environment=XENDOM0_NAME=Domain-0 EnvironmentFile=-/etc/conf.d/xenstored -PIDFile=/var/run/xenstored.pid +PIDFile=/run/xenstored.pid ExecStartPre=/usr/bin/grep -q control_d /proc/xen/capabilities -ExecStart=/usr/sbin/xenstored --pid-file /var/run/xenstored.pid $XENSTORED_ARGS -ExecStartPost=/usr/bin/xenstore-write "/local/domain/0/name" "Domain-0" +ExecStart=/usr/bin/xenstored --pid-file /run/xenstored.pid $XENSTORED_ARGS +ExecStartPost=/usr/bin/xenstore-write "/local/domain/0/name" "$XENDOM0_NAME" [Install] WantedBy=multi-user.target diff --git a/kernels/xen/xsa73-4.3-unstable.patch b/kernels/xen/xsa73-4.3-unstable.patch new file mode 100644 index 000000000..aa36b40a1 --- /dev/null +++ b/kernels/xen/xsa73-4.3-unstable.patch @@ -0,0 +1,105 @@ +From 068bfa76bbd52430e65853375e1d5db99d193e2f Mon Sep 17 00:00:00 2001 +From: Andrew Cooper <andrew.cooper3@citrix.com> +Date: Thu, 31 Oct 2013 20:49:00 +0000 +Subject: [PATCH] gnttab: correct locking order reversal + +Coverity ID 1087189 + +Correct a lock order reversal between a domains page allocation and grant +table locks. + +This is CVE-2013-4494 / XSA-73. + +Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> + +Consolidate error handling. + +Signed-off-by: Jan Beulich <jbeulich@suse.com> +Reviewed-by: Keir Fraser <keir@xen.org> +Tested-by: Matthew Daley <mattjd@gmail.com> +--- + xen/common/grant_table.c | 52 +++++++++++++++++++++++++++++++++++++++------- + 1 file changed, 44 insertions(+), 8 deletions(-) + +diff --git a/xen/common/grant_table.c b/xen/common/grant_table.c +index f42bc7a..48df928 100644 +--- a/xen/common/grant_table.c ++++ b/xen/common/grant_table.c +@@ -1518,6 +1518,8 @@ gnttab_transfer( + + for ( i = 0; i < count; i++ ) + { ++ bool_t okay; ++ + if (i && hypercall_preempt_check()) + return i; + +@@ -1626,16 +1628,18 @@ gnttab_transfer( + * pages when it is dying. + */ + if ( unlikely(e->is_dying) || +- unlikely(e->tot_pages >= e->max_pages) || +- unlikely(!gnttab_prepare_for_transfer(e, d, gop.ref)) ) ++ unlikely(e->tot_pages >= e->max_pages) ) + { +- if ( !e->is_dying ) +- gdprintk(XENLOG_INFO, "gnttab_transfer: " +- "Transferee has no reservation " +- "headroom (%d,%d) or provided a bad grant ref (%08x) " +- "or is dying (%d)\n", +- e->tot_pages, e->max_pages, gop.ref, e->is_dying); + spin_unlock(&e->page_alloc_lock); ++ ++ if ( e->is_dying ) ++ gdprintk(XENLOG_INFO, "gnttab_transfer: " ++ "Transferee (d%d) is dying\n", e->domain_id); ++ else ++ gdprintk(XENLOG_INFO, "gnttab_transfer: " ++ "Transferee (d%d) has no headroom (tot %u, max %u)\n", ++ e->domain_id, e->tot_pages, e->max_pages); ++ + rcu_unlock_domain(e); + put_gfn(d, gop.mfn); + page->count_info &= ~(PGC_count_mask|PGC_allocated); +@@ -1647,6 +1651,38 @@ gnttab_transfer( + /* Okay, add the page to 'e'. */ + if ( unlikely(domain_adjust_tot_pages(e, 1) == 1) ) + get_knownalive_domain(e); ++ ++ /* ++ * We must drop the lock to avoid a possible deadlock in ++ * gnttab_prepare_for_transfer. We have reserved a page in e so can ++ * safely drop the lock and re-aquire it later to add page to the ++ * pagelist. ++ */ ++ spin_unlock(&e->page_alloc_lock); ++ okay = gnttab_prepare_for_transfer(e, d, gop.ref); ++ spin_lock(&e->page_alloc_lock); ++ ++ if ( unlikely(!okay) || unlikely(e->is_dying) ) ++ { ++ bool_t drop_dom_ref = (domain_adjust_tot_pages(e, -1) == 0); ++ ++ spin_unlock(&e->page_alloc_lock); ++ ++ if ( okay /* i.e. e->is_dying due to the surrounding if() */ ) ++ gdprintk(XENLOG_INFO, "gnttab_transfer: " ++ "Transferee (d%d) is now dying\n", e->domain_id); ++ ++ if ( drop_dom_ref ) ++ put_domain(e); ++ rcu_unlock_domain(e); ++ ++ put_gfn(d, gop.mfn); ++ page->count_info &= ~(PGC_count_mask|PGC_allocated); ++ free_domheap_page(page); ++ gop.status = GNTST_general_error; ++ goto copyback; ++ } ++ + page_list_add_tail(page, &e->page_list); + page_set_owner(page, e); + +-- +1.7.10.4 + diff --git a/kernels/xen/xsa75-4.3-unstable.patch b/kernels/xen/xsa75-4.3-unstable.patch new file mode 100644 index 000000000..6c0c5bca1 --- /dev/null +++ b/kernels/xen/xsa75-4.3-unstable.patch @@ -0,0 +1,55 @@ +nested VMX: VMLANUCH/VMRESUME emulation must check permission first thing + +Otherwise uninitialized data may be used, leading to crashes. + +This is XSA-75. + +Reported-and-tested-by: Jeff Zimmerman <Jeff_Zimmerman@McAfee.com> +Signed-off-by: Jan Beulich <jbeulich@suse.com> +Reviewed-and-tested-by: Andrew Cooper <andrew.cooper3@citrix.com> + +--- a/xen/arch/x86/hvm/vmx/vvmx.c ++++ b/xen/arch/x86/hvm/vmx/vvmx.c +@@ -1508,15 +1508,10 @@ static void clear_vvmcs_launched(struct + } + } + +-int nvmx_vmresume(struct vcpu *v, struct cpu_user_regs *regs) ++static int nvmx_vmresume(struct vcpu *v, struct cpu_user_regs *regs) + { + struct nestedvmx *nvmx = &vcpu_2_nvmx(v); + struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); +- int rc; +- +- rc = vmx_inst_check_privilege(regs, 0); +- if ( rc != X86EMUL_OKAY ) +- return rc; + + /* check VMCS is valid and IO BITMAP is set */ + if ( (nvcpu->nv_vvmcxaddr != VMCX_EADDR) && +@@ -1535,6 +1530,10 @@ int nvmx_handle_vmresume(struct cpu_user + struct vcpu *v = current; + struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); + struct nestedvmx *nvmx = &vcpu_2_nvmx(v); ++ int rc = vmx_inst_check_privilege(regs, 0); ++ ++ if ( rc != X86EMUL_OKAY ) ++ return rc; + + if ( vcpu_nestedhvm(v).nv_vvmcxaddr == VMCX_EADDR ) + { +@@ -1554,10 +1553,13 @@ int nvmx_handle_vmresume(struct cpu_user + int nvmx_handle_vmlaunch(struct cpu_user_regs *regs) + { + bool_t launched; +- int rc; + struct vcpu *v = current; + struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); + struct nestedvmx *nvmx = &vcpu_2_nvmx(v); ++ int rc = vmx_inst_check_privilege(regs, 0); ++ ++ if ( rc != X86EMUL_OKAY ) ++ return rc; + + if ( vcpu_nestedhvm(v).nv_vvmcxaddr == VMCX_EADDR ) + { diff --git a/kernels/xen/xsa78.patch b/kernels/xen/xsa78.patch new file mode 100644 index 000000000..180506cdd --- /dev/null +++ b/kernels/xen/xsa78.patch @@ -0,0 +1,23 @@ +VT-d: fix TLB flushing in dma_pte_clear_one() + +The third parameter of __intel_iommu_iotlb_flush() is to indicate +whether the to be flushed entry was a present one. A few lines before, +we bailed if !dma_pte_present(*pte), so there's no need to check the +flag here again - we can simply always pass TRUE here. + +This is CVE-2013-6375 / XSA-78. + +Suggested-by: Cheng Yueqiang <yqcheng.2008@phdis.smu.edu.sg> +Signed-off-by: Jan Beulich <jbeulich@suse.com> + +--- a/xen/drivers/passthrough/vtd/iommu.c ++++ b/xen/drivers/passthrough/vtd/iommu.c +@@ -646,7 +646,7 @@ static void dma_pte_clear_one(struct dom + iommu_flush_cache_entry(pte, sizeof(struct dma_pte)); + + if ( !this_cpu(iommu_dont_flush_iotlb) ) +- __intel_iommu_iotlb_flush(domain, addr >> PAGE_SHIFT_4K , 0, 1); ++ __intel_iommu_iotlb_flush(domain, addr >> PAGE_SHIFT_4K, 1, 1); + + unmap_vtd_domain_page(page); + |