summaryrefslogtreecommitdiff
path: root/kernels/xen
diff options
context:
space:
mode:
Diffstat (limited to 'kernels/xen')
-rw-r--r--kernels/xen/09_xen18
-rw-r--r--kernels/xen/ChangeLog48
-rw-r--r--kernels/xen/IVRS-debug.patch14
-rw-r--r--kernels/xen/PKGBUILD204
-rw-r--r--kernels/xen/TOM-register.patch187
-rw-r--r--kernels/xen/ati-passthrough.patch415
-rw-r--r--kernels/xen/bios_workaround.patch51
-rw-r--r--kernels/xen/conf.d-xenconsoled14
-rw-r--r--kernels/xen/conf.d-xenstored2
-rw-r--r--kernels/xen/gcc-4.8-typedefs.patch12
-rw-r--r--kernels/xen/gdbsx-glibc-2.17.patch10
-rw-r--r--kernels/xen/grub.conf2
-rw-r--r--kernels/xen/qemu-makefile.patch10
-rw-r--r--kernels/xen/texi2html.patch10
-rw-r--r--kernels/xen/timer-add-lrt-lm.patch11
-rw-r--r--kernels/xen/tmpfiles.d-xen.conf1
-rw-r--r--kernels/xen/xen.install35
-rw-r--r--kernels/xen/xenconsoled.service4
-rw-r--r--kernels/xen/xendomU@.service4
-rw-r--r--kernels/xen/xendomains.patch108
-rw-r--r--kernels/xen/xenstored.service7
-rw-r--r--kernels/xen/xsa73-4.3-unstable.patch105
-rw-r--r--kernels/xen/xsa75-4.3-unstable.patch55
-rw-r--r--kernels/xen/xsa78.patch23
24 files changed, 1207 insertions, 143 deletions
diff --git a/kernels/xen/09_xen b/kernels/xen/09_xen
index 43d050904..ddb20696f 100644
--- a/kernels/xen/09_xen
+++ b/kernels/xen/09_xen
@@ -21,6 +21,18 @@ else
OS="${GRUB_DISTRIBUTOR} GNU/Linux-libre"
elif [ "${GRUB_DISTRIBUTOR}" = "parabola" ] ; then
OS="${GRUB_DISTRIBUTOR} GNU/Linux-libre"
+ elif [ "${GRUB_DISTRIBUTOR}" = "Blag" ] ; then
+ OS="${GRUB_DISTRIBUTOR} Linux and GNU"
+ elif [ "${GRUB_DISTRIBUTOR}" = "blag" ] ; then
+ OS="${GRUB_DISTRIBUTOR} Linux and GNU"
+ elif [ "${GRUB_DISTRIBUTOR}" = "Musix" ] ; then
+ OS="${GRUB_DISTRIBUTOR} GNU+Linux"
+ elif [ "${GRUB_DISTRIBUTOR}" = "musix" ] ; then
+ OS="${GRUB_DISTRIBUTOR} GNU+Linux"
+ elif [ "${GRUB_DISTRIBUTOR}" = "Dragora" ] ; then
+ OS="${GRUB_DISTRIBUTOR} GNU/Linux-libre"
+ elif [ "${GRUB_DISTRIBUTOR}" = "dragora" ] ; then
+ OS="${GRUB_DISTRIBUTOR} GNU/Linux-libre"
else
OS="${GRUB_DISTRIBUTOR} GNU/Linux"
fi
@@ -61,7 +73,7 @@ xen_entry ()
echo '$(printf "Loading Xen %s ..." ${xen_version})'
multiboot ${rel_dirname}/${xen_basename} ${rel_dirname}/${xen_basename} ${xen_args}
echo $(printf "$(gettext "Loading Linux %s ...")" ${version})
- module ${rel_dirname}/${basename} ${rel_dirname}/${basename} root=${linux_root_device_thisversion} ro ${args}
+ module ${rel_dirname}/${basename} ${rel_dirname}/${basename} root=${linux_root_device_thisversion} rw ${args}
EOF
if test -n "${initrd}" ; then
cat << EOF
@@ -88,7 +100,9 @@ while [ "x$xen_list" != "x" ] ; do
xen_version=`echo $xen_basename | sed -e "s,^[^0-9]*-,,g" | sed -e "s,.gz,,g"`
alt_xen_version=`echo $xen_version | sed -e "s,\.old$,,g"`
- list="/boot/vmlinuz-linux";
+ list=`for i in /boot/vmlinuz-* /vmlinuz-*; do
+ if grub_file_is_not_garbage "$i" ; then echo -n "$i "; fi
+ done`
while [ "x$list" != "x" ] ; do
linux=`version_find_latest $list`
diff --git a/kernels/xen/ChangeLog b/kernels/xen/ChangeLog
new file mode 100644
index 000000000..63c33c223
--- /dev/null
+++ b/kernels/xen/ChangeLog
@@ -0,0 +1,48 @@
+2013-11-25 David Sutton <kantras - gmail.com>
+ * 4.3.1-2:
+ Changed bluez dependancy from bluez4 to bluez
+ Added recent security patches
+
+2013-10-31 David Sutton <kantras - gmail.com>
+ * 4.3.1-1:
+ New upstream release
+ Removed unnecessary security patches (already merged)
+ Fixed BIOS Workaround patch to apply to the new source files
+ Fixed ATI Passthrough patch to apply to the new source files
+ Updated paths in all patches
+
+2013-09-29 David Sutton <kantras - gmail.com>
+ * 4.3.0-7:
+ Fixed optdepends in PKGBUILD
+ Added in a pre_remove function in xen.install to disable services
+ Minor text formating changes in xen.install
+ Added XSA 62,63,64 and 66 patches (Xen Security Advisories)
+
+2013-09-29 David Sutton <kantras - gmail.com>
+ * 4.3.0-6:
+ Fixed 09_xen so it can detect lts kernels
+
+2013-09-28 David Sutton <kantras - gmail.com>
+ * 4.3.0-5:
+ Fixed mount option in 09_xen from ro to rw
+ Added in dummy /etc/xen/grub.conf to control settings in 09_xen
+ Fix library sanitize so that it returns to the base directory
+ Move the syms file to /usr/share/xen so that it is out of the way of boot but still accessible
+ Added optional dependancy for openvswitch
+
+2013-08-13 David Sutton <kantras - gmail.com>
+ * 4.3.0-4 :
+ Added patch for qemu-xen to add a TOM register for PCI Hole mapping
+ Protected /etc/conf.d/xendomains from being overwritten
+ Included ATI Passthrough patch (not enabled by default, compile tested only)
+
+2013-07-23 David Sutton <kantras - gmail.com>
+
+ * 4.3.0-3 :
+ added ChangeLog.
+ Cleaned up PKGBUILD to match Parabola Package Standards
+ Fixed some path references - /var/run to /run
+ Removed some unnecessary empty directories
+ Updated xenconsoled and xenstored so they use /run for pid file
+ Updated auto-created /run directories to include xenstored
+
diff --git a/kernels/xen/IVRS-debug.patch b/kernels/xen/IVRS-debug.patch
new file mode 100644
index 000000000..5f6813cb9
--- /dev/null
+++ b/kernels/xen/IVRS-debug.patch
@@ -0,0 +1,14 @@
+--- a/xen/drivers/passthrough/amd/iommu_acpi.c 2013-07-09 05:46:56.000000000 -0500
++++ b/xen/drivers/passthrough/amd/iommu_acpi.c 2013-08-31 01:26:18.614846438 -0500
+@@ -651,9 +651,9 @@
+ return 0;
+ }
+
+- AMD_IOMMU_DEBUG("IVHD Special: %04x:%02x:%02x.%u variety %#x handle %#x\n",
++ AMD_IOMMU_DEBUG("IVHD Special: %04x:%02x:%02x.%u variety %#x handle %#x used_id %#x\n",
+ seg, PCI_BUS(bdf), PCI_SLOT(bdf), PCI_FUNC(bdf),
+- special->variety, special->handle);
++ special->variety, special->handle, special->used_id);
+ add_ivrs_mapping_entry(bdf, bdf, special->header.data_setting, iommu);
+
+ switch ( special->variety )
diff --git a/kernels/xen/PKGBUILD b/kernels/xen/PKGBUILD
index a6718a6ae..64cfe6c28 100644
--- a/kernels/xen/PKGBUILD
+++ b/kernels/xen/PKGBUILD
@@ -1,55 +1,121 @@
-# Contributor: Shanmu Thiagaraja <sthiagaraja+AUR@prshanmu.com>
+# Maintainer: David Sutton <kantras - gmail.com>
# Contributor: Limao Luo
# Contributor: Luceo
# Contributor: Revellion
# Maintainer (Parabola): André Silva <emulatorman@parabola.nu>
pkgname=xen
-pkgver=4.2.1
-pkgrel=6
-pkgdesc="Xen Hypervisor & Tools (Parabola rebranded)"
+pkgver=4.3.1
+pkgrel=2
+pkgdesc="Virtual Machine Hypervisor & Tools (Parabola rebranded)"
arch=(i686 x86_64)
-url=http://www.xen.org/
+url="http://www.xenproject.org/"
license=(GPL2)
-depends=(bin86 bluez bridge-utils glib2 gnutls libaio libjpeg-turbo libpng lzo2 sdl wget vde2 yajl)
+depends=(bin86 bluez bridge-utils curl e2fsprogs gnutls iproute2 libaio libcap-ng libiscsi libjpeg-turbo libpng lzo2 nss pixman pciutils python python2 sdl wget vde2 yajl)
[[ "$CARCH" == "x86_64" ]] && depends+=(lib32-glibc)
-makedepends=(dev86 git iasl markdown ocaml-findlib)
-optdepends=('xen-docs: Official Xen Documentation')
-conflicts=(xen-4.2{,-testing-hg} xen-{gdbsx,hg-unstable,rc})
-backup=(etc/$pkgname/xend-{config,pci-{permissive,quirks}}.sxp etc/modules-load.d/$pkgname.conf etc/$pkgname/xl.conf)
+makedepends=(cmake dev86 git iasl markdown ocaml-findlib)
+optdepends=('xen-docs: Official Xen Documentation' 'openvswitch: Optional Networking support')
+conflicts=(xen-4.2{,-testing-hg} xen-{gdbsx,hg-unstable,rc,git} xen-4.3{,-testing-hg})
+backup=(etc/$pkgname/xend-{config,pci-{permissive,quirks}}.sxp etc/modules-load.d/$pkgname.conf etc/$pkgname/xl.conf etc/conf.d/xen{stored,consoled,domains} etc/default/xencommons etc/$pkgname/grub.conf)
options=(!buildflags !strip)
install=$pkgname.install
+changelog=ChangeLog
source=(http://bits.xensource.com/oss-xen/release/$pkgver/$pkgname-$pkgver.tar.gz
+ xen.install
09_xen
- gcc-4.8-typedefs.patch
- gdbsx-glibc-2.17.patch
- texi2html.patch
- timer-add-lrt-lm.patch
- qemu-makefile.patch
+ bios_workaround.patch
+ xendomains.patch
+ TOM-register.patch
+ ati-passthrough.patch
+ IVRS-debug.patch
proc-xen.mount
var-lib-xenstored.mount
xenconsoled.service
+ conf.d-xenconsoled
xendomains.service
xendomU@.service
xenstored.service
+ conf.d-xenstored
tmpfiles.d-$pkgname.conf
+ grub.conf
+ xsa73-4.3-unstable.patch
+ xsa75-4.3-unstable.patch
+ xsa78.patch
$pkgname.conf)
+sha256sums=('3b5b7cc508b1739753585b5c25635471cdcef680e8770a78bf6ef9333d26a9fd'
+ '0f6ebf3437974d1708c9e74005b976479ab8ff28adec394208153bf404b411f8'
+ '74a957d783458b7481c7a09c3ed94ec2e07ee7943e4b7fa33d3684b8d585139e'
+ '914cc983da1fe89ff125d751c979b4968f8952da21b19b900fcd4e6b33e14552'
+ '1938ca36bfb62c76ad0642147017ecfaa64588abaa2d88e868f501c4ae83bfd9'
+ '0fa9426cc499ea3d6e1aa33a8be0e180aed87936814b9b88bb0ef42f6983654a'
+ 'd93c2d5bcdf0c3e4c6e8efb357cb4b9d618209025361f5ccd9d03651a8acd7a3'
+ '54883171ff9cf5f342a2be5c944df16902ef06b6f2d015b675fa9bd5ed899c7c'
+ '139eed988bfaf8edc8ccdfd0b668382bd63db48ce17be91776182a7e28e9d88c'
+ 'c19146931c6ab8e53092bd9b2ebbfda5c76fd22ad3b1d42dcda3dd1b61f123ff'
+ 'e4af7891e816b9549ebeff766a78036626c0e278734e5625b8e7d68729530ded'
+ '48d76cc6f25caa79b3f527c96a0883b1decb9012f6616f61336c8d43791bf007'
+ '0bd45d9de6456c4f9adf32e726f2db3a3cd0423c1d161b442e8a1666d2e68e3f'
+ '012cc60ffdcb0e061d04d404eb9232734554aef4dc4b551f66adf82a655e6e41'
+ '8ee5c5a14064fc2bbfd38d0ec8a6001f541bbe56b9fb534733209a8af148b297'
+ '0e1ad0a6a72b0c22025a556c23235a8f663427f1e769c45fe39d1c525bf82eff'
+ '40e0760810a49f925f2ae9f986940b40eba477dc6d3e83a78baaae096513b3cf'
+ '78398fb27edfedb432b5f4e4bf87b5dbee41f180c623d29f758234a49d8bf4b4'
+ '18f62049d714c3460df1f698663e42d0f8a16b9b4f62e66b40fdea635a348be5'
+ '4bac312d49a4a88633af652c09128ba1bba2ca97e2e56e5fe7da6e4671c56ccb'
+ 'bb13b280bb456c1d7c8f468e23e336e6b2d06eb364c6823f1b426fcfe09f6ed3'
+ '50a9b7fd19e8beb1dea09755f07318f36be0b7ec53d3c9e74f3266a63e682c0c')
+sha512sums=('f5250ad5ad3defc5dc1207eb6208a3928128ef57ac4162018bd92b750dc1df1eaaf37835528aca33a0f9e04c82d5f8c4ba79c03a1780d2b72cbb90cc26f77275'
+ '78bfb62166ffcf136e12985809b3f412e0145a7f17388a559071f644970ccdfd2a02fe9aa4a180069b923c2e4354b061a4057096de856497f10d9cac57eae4b3'
+ '8667a97e10f09c5ce5ba604e38a073b7d7944f4d24c5c78a7235443b65a8cc7b6e7de90e40aa335bb17fda0858d6b517ba1e8b5a0bd6bba4ad75ad44b73f6c9c'
+ '7118bf02ff5338e70b3f27f8ea390cd05ea37a4ceabb4adc9d32fc57329e35e98330f0e865261dd4e670436e1a725832598888d44b1e2b17b351f59318860878'
+ '440b3967bf0f0cecde42111bc602f591edeadfdf7044f1f181029b0ded5fb8fa9d640bc4a4a57daadd350594f86065120ea5e4d833004590a8bfe0ee88b4c316'
+ 'b89f524015c1299c7b19573ae0637f9d33613f3fdbb3d978a07d294ee18a657bd124852f1cbb85e6d1382aca42ed799e8ee245a161340bb4b759eeccce28df7d'
+ 'c30a4cbdc942ae36364830ab604ecb46a68466bfbaaef2740aa805acf9e432a0dd7877593d6211437db4d2e7c2deb15f301d5a5571fd28936f01228f13256d3f'
+ 'e8392dbc66bf83b887de963416b1fe9a4eeccb8faca78c6fc1dd4243544b871625d43423f03d19cf91d80295d43073904c9dbe37241e7432b69566b05b267391'
+ '6afdf16e32bb837faf6333334f86855a746f1f46fee9673a4fddc62eecf41f9856bc34397807203c6f5071f0b1ce74532214084042154585c0d39514450db25c'
+ '00e340f4d3635e3850ca24baea1da08467523c17815feb74161e18397b607fef904db2165fd9bf4632a6e8a6e37aeddad4e56965e1c99b5213c98b3f9afc6aad'
+ '580e0645d7f157928f137f3d8b38d3e2834cb5fa091dbcd28217bbaed494415a35c8973487a1eec726c2f49c8b11d4dd28fdcbe75f14c91a4474cacd8dfb2e99'
+ 'a0bbd9c14ee0f2b9dc9cf304b531aaefde545e56b4ce4847f12faab4952520ce857a92765ae3a1b25ebd2b7511bb24fc820864d7342ac43a311d8c6551958895'
+ 'f00034f8b826b828659a0177f0a6454113c625e69a817dfe32e461767f6643e0288bfc2a22d23358504240df627af6e3b8f5ffa0077e241e590b33d3f252e74c'
+ 'f21cc17009957797630c2e82630b5e93ceac8fdadc5eaa3abf0510ca81a49e5680a80ece63b248354122c5fd5d40c9a495fad15e307a694936fa062e984158c4'
+ '9e95e05ac7cce383530ede0f8f75b4f8990c7d7d55ef59f3e37c64a75ccc012475595bc1123bc4c2072dd2c1c2f4b744f26d6adb799f7a068195aadde383af89'
+ 'c996d48737ad31528b0b2b1379e3ebae948d290de9ddc71f33c7c56f0634466bc7afb2eab847e851c19e3c13bb99468a0778d908606486959a40ff3272189bd3'
+ '53ba61587cc2e84044e935531ed161e22c36d9e90b43cab7b8e63bcc531deeefacca301b5dff39ce89210f06f1d1e4f4f5cf49d658ed5d9038c707e3c95c66ef'
+ '04000a802e96c11929cb94c9a2bcafbb4307620192388441d979ea85836c3395954dea53d449c1cc25c3a0a30c49d318b8de59a053c6254f5a81e87864648a9c'
+ '78c94d3e473abaf857213754c7f0ef1a0dd06354cd137d1567a48d92b4106cbefd112f1dcecc90bc1f8c75d76a0e8a3425408f777044de8ec754bcda32bb7f97'
+ '4fb6f678dccc9f23f2c3b27617718bc6c0a87505f7483f4d07563b7b2cc37d57d3b5ef658ee5867258916c5c2695a5086cc7790196aed85357c6d3168c06749b'
+ 'b55cb25f88acc348e6777063f241269730f06482fe430706ac500cbd7127bc7c70188f84a282dc8a0369cc838999d47a09afc33fc9f24b5c214bdf59352c414c'
+ 'ccaa2ff82e4203b11e5dec9aeccac2e165721d8067e0094603ecaa7a70b78c9eb9e2287a32687883d26b6ceae6f8d2ad7636ddf949eb658637b3ceaa6999711b')
prepare() {
cd $pkgname-$pkgver/
- patch -Np1 -i ../gcc-4.8-typedefs.patch
- patch -Np1 -i ../gdbsx-glibc-2.17.patch
- patch -Np1 -i ../texi2html.patch
- patch -Np1 -i ../timer-add-lrt-lm.patch
- patch -Np1 -i ../qemu-makefile.patch
- sed -i '203i\\t\t--disable-docs \\' tools/Makefile # disable qemu doc generation b/c of an error
+
+ ### Patching
+ patch -Np1 -i ../xendomains.patch
+ patch -Np1 -i ../TOM-register.patch
+
+ # Uncomment line below if you have a bios which is reporting bad IVRS data
+ #patch -Np1 -i ../bios_workaround.patch
+ #patch -Np1 -i ../IVRS-debug.patch
+
+ # Uncomment line below if you want to enable ATI Passthrough support (some reported successes)
+ #patch -Np1 -i ../ati-passthrough.patch
+
+ # Add Security Patches
+ patch -Np1 -i ../xsa73-4.3-unstable.patch
+ patch -Np1 -i ../xsa75-4.3-unstable.patch
+ patch -Np1 -i ../xsa78.patch
+
+ # Fix Install Paths
+ sed -i 's:/sbin:/bin:' config/StdGNU.mk
+
}
build() {
export CFLAGS+='-Wall -Wstrict-prototypes -Wno-unused-local-typedefs -Wno-sizeof-pointer-memaccess'
cd $pkgname-$pkgver/
./autogen.sh
- ./configure PYTHON=/usr/bin/python2
+ ./configure PYTHON=/usr/bin/python2 --prefix=/usr --localstatedir=/run
unset CFLAGS
}
@@ -64,82 +130,60 @@ package() {
done
install -Dm644 tmpfiles.d-$pkgname.conf "$pkgdir"/usr/lib/tmpfiles.d/$pkgname.conf
install -Dm644 $pkgname.conf "$pkgdir"/etc/modules-load.d/$pkgname.conf
+ install -Dm644 conf.d-xenstored "$pkgdir"/etc/conf.d/xenstored
+ install -Dm644 conf.d-xenconsoled "$pkgdir"/etc/conf.d/xenconsoled
+ install -Dm644 grub.conf "$pkgdir"/etc/xen/grub.conf
install -Dm755 09_xen "$pkgdir"/etc/grub.d/09_xen
cd "$pkgdir"
- sed -i ':XENDOM_CONFIG=/etc/:s:sysconfig/xendomains:conf.d/xendomains:' etc/init.d/xendomains
- sed -i 's:touch /var/lock/subsys/xend:mkdir -p /var/lock/subsys\n &:' etc/init.d/xend
+ # Fix paths in scripts, move to right locations and create missing directories
+ sed -i 's:/var/lock:/run/lock:' etc/init.d/xendomains
+ sed -i 's:/var/lock:/run/lock:' etc/init.d/xend
+ sed -i 's:/var/lock:/run/lock:' etc/xen/scripts/hotplugpath.sh
+ sed -i 's:/var/run:/run:' etc/xen/scripts/hotplugpath.sh
+ mv etc/{init,rc}.d
+ mv etc/rc.d/xendomains etc/xen/scripts/xendomains
+ mv etc/default/xendomains etc/conf.d/xendomains
+ mv var/xen/dump var/lib/xen/
+ mkdir var/log/xen/console
+
+ # Sanitize library path (if lib64 exists)
if [[ -d usr/lib64 ]]; then
cd usr/
cp -r lib64/* lib/
rm -rf lib64
+ cd ../
fi
- mv etc/{init,rc}.d
-
- mv usr/local/etc/qemu/ etc/
- rm -rf usr/local/share/
- mv etc/rc.d/xendomains etc/xen/scripts/xendomains
+ # Compress and move syms file to a different directory
+ gzip boot/$pkgname-syms-$pkgver
+ mv boot/$pkgname-syms-$pkgver.gz usr/share/xen
##### Kill unwanted stuff #####
- # stubdom: newlib
- rm -rf usr/*-xen-elf
-
# hypervisor symlinks
- rm -f boot/xen{,-4,-4.2}.gz
+ rm -f boot/xen{,-4,-4.3}.gz
- # silly doc dir fun
- rm -rf usr/share/doc/xen
- rm -rf usr/share/doc/qemu
+ # Documentation cleanup ( see xen-docs package )
+ rm -rf usr/share/doc
+ rm -rf usr/share/xen/man
- # Pointless helper
- rm -f usr/sbin/xen-python-path
+ # Pointless helper cleanup
+ rm -f usr/bin/xen-python-path
+ rm -rf usr/libexec
- # qemu stuff (unused or available from upstream)
- rm -rf usr/share/xen/man
+ # Unnecessary qemu support files
rm -rf usr/bin/qemu-*-xen
- for file in bamboo.dtb bios.bin openbios-ppc openbios-sparc32 openbios-sparc64 \
- ppc_rom.bin pxe-e1000.bin pxe-ne2k_pci.bin pxe-pcnet.bin pxe-rtl8139.bin \
- vgabios-cirrus.bin vgabios.bin video.x; do
- rm -f usr/share/xen/qemu/$file
- done
+ rm usr/share/qemu-xen/qemu/{palcode,openbios}-*
+ rm usr/share/xen/qemu/openbios-*
- # adhere to Static Library Packaging Guidelines
- rm -rf usr/lib/*.a
-
- # Fix errors from deprecated xend
+ # Clean up udev rules naming, remove depreciated xend.rules
+ mv etc/udev/rules.d/xen-backend.rules etc/udev/rules.d/40-xen-backend.rules
rm etc/udev/rules.d/xend.rules
- rmdir usr/local/etc etc/xen/auto var/xen/dump var/lock/subsys usr/share/doc var/lib/xen/xenpaging var/run/xend/boot var/log/xen
+ # Clean up left over empty directories
+ rm -rf var/run var/lock var/xen
+
+ # adhere to Static Library Packaging Guidelines
+ rm -rf usr/lib/*.a
}
-sha256sums=('fb8df5827ce3e2d2d3b078d9e5afde502beb5e7ab9442e51a94087061bd450c6'
- 'cee994b4c788808c0148caeb5f798cc98b9268bb9f04448ff7c3ed479bfb7821'
- 'e7c77f5fe5b6f4bd5cb3e077d44a2219252592e09e3350316ba4505575f04039'
- 'f78593f1b3b4d6201644ecce77c6dd5bb7378dc53eff7cc940a80e3cd1bf72f4'
- '08e5bf65c833a608470ad118ce369e32f9c267e1787f2900c06708af321225e6'
- '4d55132a8e47fbfe415bf3c88824b6dcf48e4da1fff86d2b07e0c2c9e42c0a63'
- '247fbfacf3212c26b673e1d7c3cc29eb0d1e903c217f16ef9dab5ed667ee139d'
- '139eed988bfaf8edc8ccdfd0b668382bd63db48ce17be91776182a7e28e9d88c'
- 'c19146931c6ab8e53092bd9b2ebbfda5c76fd22ad3b1d42dcda3dd1b61f123ff'
- 'ba8f1c10b3f3df1f9fda0782a691fed67661e36f49be74471c86850639fee3ba'
- '0bd45d9de6456c4f9adf32e726f2db3a3cd0423c1d161b442e8a1666d2e68e3f'
- '1862a14607582d14247b74435dfb16411fd68904aa19e2a93c5e6ac301169d3c'
- 'a0ad5a7d9262c2d22a8875a47cff2c821885ddb65c0c9eb7518befb0f42fcce7'
- '6bddcea43922f72a1c8ab556c3f20067d7f817220bcd9c1c61d18f3a58dfaa9d'
- '50a9b7fd19e8beb1dea09755f07318f36be0b7ec53d3c9e74f3266a63e682c0c')
-sha512sums=('fe27a965e2b34035bd025482eda9fc4d4e82523c929323fd30813367d5ffbe2fa1ed3d7d4479f2632e8b5625972448b7bd6a7768e8dc1dcd1b6747d281cc1a9e'
- '9f8f53ffbf19dbd56fcc56e994385b99fff537a3e295756c1e9d886f7a5f454577ec20bbd7c26516e4f80f1cf24e6d5af7dae251e32470872128eb52f6e1866f'
- '88fa8b499aabd1baee5537cbdc6b8f150badb81e40b77f8e19e5b38c70803a953a2a72725065b74bb228ee242ccbcda57428af349cf17272613f7deb1afcb75c'
- 'fb7dbd3d9ca610c0b476cf7202e4bd051d85de2de8e92c0c3ac59dc327bc47820eddfa67a8dc01fde21d1a3209f83b6f8533bdc7ecd0634ff503f2fac61fee6d'
- '562f12e723116c705fc9d0fd4a2afd382a93465be7f616d1e20e87daf39c11029fbc57ec46e38d3ff61c482fdc9ac4df9e07600a77515867d9da6f0faf3da7f9'
- 'a0baec71e9240fa9a72aa67e0783fe1200afb2ff61c625f5e96e536a8839213ada9908e776ed243a866065084f61a06d286ae2488c158730c1dd2d424cf4b0dc'
- '738bfe72ab6c03d6b84c8f594fb8a63adc148edc4f9eb7beb279aa06002171fd957dbcee3b850bfbb5672f3d740047f41f59b5fdea0970a2de1a24b178fd5972'
- '6afdf16e32bb837faf6333334f86855a746f1f46fee9673a4fddc62eecf41f9856bc34397807203c6f5071f0b1ce74532214084042154585c0d39514450db25c'
- '00e340f4d3635e3850ca24baea1da08467523c17815feb74161e18397b607fef904db2165fd9bf4632a6e8a6e37aeddad4e56965e1c99b5213c98b3f9afc6aad'
- '27d7289a8bf6e15bddcb360287001429205b57ee4d791b0337328879ffd76b8e375e3c1dd0de0ab57dd4bd1e2a2bc1748c44cc05b2528632a3e6af60f626de9d'
- 'f00034f8b826b828659a0177f0a6454113c625e69a817dfe32e461767f6643e0288bfc2a22d23358504240df627af6e3b8f5ffa0077e241e590b33d3f252e74c'
- '31fefc739f0f0e568df03dcf9aa02e0265ff4fbf77e7ae62d6a318fcc34e87a0ffd3fc4b84ff8c9cc95511e2e74b7b61e6b5471cd0b3cd47ee0da86b1ea90268'
- 'd93509c53a3f80ab266f75a54633bba070a7ef48f629168f074c7c37d36ee9c98d2d30703bed41b1c163d960f2a3ac9f435b335db6e7b8a6e9c97044ede8b76e'
- '97fb10771fad1c59c1168ede6e4a37710937821c0a053e77df7907b0a33137a190731b0130fb1d373c196a04450360a9cd3202617a77b1726613c523613cd194'
- 'ccaa2ff82e4203b11e5dec9aeccac2e165721d8067e0094603ecaa7a70b78c9eb9e2287a32687883d26b6ceae6f8d2ad7636ddf949eb658637b3ceaa6999711b')
diff --git a/kernels/xen/TOM-register.patch b/kernels/xen/TOM-register.patch
new file mode 100644
index 000000000..88bedbbc0
--- /dev/null
+++ b/kernels/xen/TOM-register.patch
@@ -0,0 +1,187 @@
+--- xen-4.3.1/tools/qemu-xen/hw/pc.h
++++ xen-4.3.1-new/tools/qemu-xen/hw/pc.h
+@@ -128,15 +128,14 @@ extern int no_hpet;
+ struct PCII440FXState;
+ typedef struct PCII440FXState PCII440FXState;
+
++#define I440FX_TOM 0xe0000000
++#define I440FX_XEN_TOM 0xf0000000
++
+ PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix_devfn,
+ ISABus **isa_bus, qemu_irq *pic,
+ MemoryRegion *address_space_mem,
+ MemoryRegion *address_space_io,
+ ram_addr_t ram_size,
+- hwaddr pci_hole_start,
+- hwaddr pci_hole_size,
+- hwaddr pci_hole64_start,
+- hwaddr pci_hole64_size,
+ MemoryRegion *pci_memory,
+ MemoryRegion *ram_memory);
+
+--- xen-4.3.1/tools/qemu-xen/hw/pc_piix.c
++++ xen-4.3.1-new/tools/qemu-xen/hw/pc_piix.c
+@@ -92,9 +92,9 @@ static void pc_init1(MemoryRegion *system_memory,
+ kvmclock_create();
+ }
+
+- if (ram_size >= 0xe0000000 ) {
+- above_4g_mem_size = ram_size - 0xe0000000;
+- below_4g_mem_size = 0xe0000000;
++ if (ram_size >= I440FX_TOM) {
++ above_4g_mem_size = ram_size - I440FX_TOM;
++ below_4g_mem_size = I440FX_TOM;
+ } else {
+ above_4g_mem_size = 0;
+ below_4g_mem_size = ram_size;
+@@ -129,12 +129,6 @@ static void pc_init1(MemoryRegion *system_memory,
+ if (pci_enabled) {
+ pci_bus = i440fx_init(&i440fx_state, &piix3_devfn, &isa_bus, gsi,
+ system_memory, system_io, ram_size,
+- below_4g_mem_size,
+- 0x100000000ULL - below_4g_mem_size,
+- 0x100000000ULL + above_4g_mem_size,
+- (sizeof(hwaddr) == 4
+- ? 0
+- : ((uint64_t)1 << 62)),
+ pci_memory, ram_memory);
+ } else {
+ pci_bus = NULL;
+--- xen-4.3.1/tools/qemu-xen/hw/piix_pci.c
++++ xen-4.3.1-new/tools/qemu-xen/hw/piix_pci.c
+@@ -86,6 +86,14 @@ struct PCII440FXState {
+ #define I440FX_PAM_SIZE 7
+ #define I440FX_SMRAM 0x72
+
++/* The maximum vaule of TOM(top of memory) register in I440FX
++ * is 1G, so it doesn't meet any popular virutal machines, so
++ * define another register to report the base of PCI memory.
++ * Use one byte 0xb0 for the upper 8 bit, they are originally
++ * resevered for host bridge.
++ * */
++#define I440FX_PCI_HOLE_BASE 0xb0
++
+ static void piix3_set_irq(void *opaque, int pirq, int level);
+ static PCIINTxRoute piix3_route_intx_pin_to_irq(void *opaque, int pci_intx);
+ static void piix3_write_config_xen(PCIDevice *dev,
+@@ -101,6 +109,43 @@ static int pci_slot_get_pirq(PCIDevice *pci_dev, int pci_intx)
+ return (pci_intx + slot_addend) & 3;
+ }
+
++
++static void i440fx_update_pci_mem_hole(PCII440FXState *f, bool del)
++{
++ ram_addr_t above_4g_mem_size;
++ hwaddr pci_hole_start, pci_hole_size, pci_hole64_start, pci_hole64_size;
++
++ pci_hole_start = pci_default_read_config(&f->dev, I440FX_PCI_HOLE_BASE, 1) << 24;
++ pci_hole_size = 0x100000000ULL - pci_hole_start;
++
++ if (ram_size >= pci_hole_start) {
++ above_4g_mem_size = ram_size - pci_hole_start;
++ } else {
++ above_4g_mem_size = 0;
++ }
++ pci_hole64_start = 0x100000000ULL + above_4g_mem_size;
++ pci_hole64_size = sizeof(hwaddr) == 4 ? 0 : ((uint64_t)1 << 62);
++
++ if (del) {
++ memory_region_del_subregion(f->system_memory, &f->pci_hole);
++ if (pci_hole64_size) {
++ memory_region_del_subregion(f->system_memory, &f->pci_hole_64bit);
++ }
++ }
++
++ memory_region_init_alias(&f->pci_hole, "pci-hole", f->pci_address_space,
++ pci_hole_start, pci_hole_size);
++ memory_region_add_subregion(f->system_memory, pci_hole_start, &f->pci_hole);
++ memory_region_init_alias(&f->pci_hole_64bit, "pci-hole64",
++ f->pci_address_space,
++ pci_hole64_start, pci_hole64_size);
++ if (pci_hole64_size) {
++ memory_region_add_subregion(f->system_memory, pci_hole64_start,
++ &f->pci_hole_64bit);
++ }
++}
++
++
+ static void i440fx_update_memory_mappings(PCII440FXState *d)
+ {
+ int i;
+@@ -136,6 +181,9 @@ static void i440fx_write_config(PCIDevice *dev,
+ range_covers_byte(address, len, I440FX_SMRAM)) {
+ i440fx_update_memory_mappings(d);
+ }
++ if (range_covers_byte(address, len, I440FX_PCI_HOLE_BASE)) {
++ i440fx_update_pci_mem_hole(d, true);
++ }
+ }
+
+ static int i440fx_load_old(QEMUFile* f, void *opaque, int version_id)
+@@ -203,6 +251,10 @@ static int i440fx_initfn(PCIDevice *dev)
+
+ d->dev.config[I440FX_SMRAM] = 0x02;
+
++ /* Emulate top of memory, here use 0xe0000000 as default val*/
++ uint32_t addr = xen_enabled() ? I440FX_XEN_TOM : I440FX_TOM;
++ pci_set_byte(dev->config + I440FX_PCI_HOLE_BASE, (uint8_t)(addr >> 24));
++
+ cpu_smm_register(&i440fx_set_smm, d);
+ return 0;
+ }
+@@ -214,10 +266,6 @@ static PCIBus *i440fx_common_init(const char *device_name,
+ MemoryRegion *address_space_mem,
+ MemoryRegion *address_space_io,
+ ram_addr_t ram_size,
+- hwaddr pci_hole_start,
+- hwaddr pci_hole_size,
+- hwaddr pci_hole64_start,
+- hwaddr pci_hole64_size,
+ MemoryRegion *pci_address_space,
+ MemoryRegion *ram_memory)
+ {
+@@ -244,16 +292,6 @@ static PCIBus *i440fx_common_init(const char *device_name,
+ f->system_memory = address_space_mem;
+ f->pci_address_space = pci_address_space;
+ f->ram_memory = ram_memory;
+- memory_region_init_alias(&f->pci_hole, "pci-hole", f->pci_address_space,
+- pci_hole_start, pci_hole_size);
+- memory_region_add_subregion(f->system_memory, pci_hole_start, &f->pci_hole);
+- memory_region_init_alias(&f->pci_hole_64bit, "pci-hole64",
+- f->pci_address_space,
+- pci_hole64_start, pci_hole64_size);
+- if (pci_hole64_size) {
+- memory_region_add_subregion(f->system_memory, pci_hole64_start,
+- &f->pci_hole_64bit);
+- }
+ memory_region_init_alias(&f->smram_region, "smram-region",
+ f->pci_address_space, 0xa0000, 0x20000);
+ memory_region_add_subregion_overlap(f->system_memory, 0xa0000,
+@@ -295,6 +333,7 @@ static PCIBus *i440fx_common_init(const char *device_name,
+ (*pi440fx_state)->dev.config[0x57]=ram_size;
+
+ i440fx_update_memory_mappings(f);
++ i440fx_update_pci_mem_hole(f, false);
+
+ return b;
+ }
+@@ -304,10 +343,6 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix3_devfn,
+ MemoryRegion *address_space_mem,
+ MemoryRegion *address_space_io,
+ ram_addr_t ram_size,
+- hwaddr pci_hole_start,
+- hwaddr pci_hole_size,
+- hwaddr pci_hole64_start,
+- hwaddr pci_hole64_size,
+ MemoryRegion *pci_memory, MemoryRegion *ram_memory)
+
+ {
+@@ -315,8 +350,6 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix3_devfn,
+
+ b = i440fx_common_init("i440FX", pi440fx_state, piix3_devfn, isa_bus, pic,
+ address_space_mem, address_space_io, ram_size,
+- pci_hole_start, pci_hole_size,
+- pci_hole64_start, pci_hole64_size,
+ pci_memory, ram_memory);
+ return b;
+ }
diff --git a/kernels/xen/ati-passthrough.patch b/kernels/xen/ati-passthrough.patch
new file mode 100644
index 000000000..7c20b1ecd
--- /dev/null
+++ b/kernels/xen/ati-passthrough.patch
@@ -0,0 +1,415 @@
+--- xen-4.3.1/tools/qemu-xen-traditional/hw/pass-through.c Thu Sep 6 11:05:30 2012
++++ xen-4.3.1-new/tools/qemu-xen-traditional/hw/pass-through.c Sat Nov 24 08:27:07 2012
+@@ -1438,9 +1438,17 @@ static void pt_ioport_map(PCIDevice *d,
+ if (e_phys != -1)
+ {
+ /* Create new mapping */
+- ret = xc_domain_ioport_mapping(xc_handle, domid, e_phys,
+- assigned_device->bases[i].access.pio_base, e_size,
+- DPCI_ADD_MAPPING);
++ if ( vga_skip_ioport_map(d) )
++ {
++ assigned_device->bases[i].e_physbase = -1;
++ }
++ else
++ {
++ ret = xc_domain_ioport_mapping(xc_handle, domid, e_phys,
++ assigned_device->bases[i].access.pio_base, e_size,
++ DPCI_ADD_MAPPING);
++ }
++
+ if ( ret != 0 )
+ {
+ PT_LOG("Error: create new mapping failed!\n");
+--- xen-4.3.1/tools/qemu-xen-traditional/hw/pass-through.h Thu Sep 6 11:05:30 2012
++++ xen-4.3.1-new/tools/qemu-xen-traditional/hw/pass-through.h Sat Nov 24 08:27:07 2012
+@@ -419,6 +419,11 @@ int pt_pci_host_write(struct pci_dev *pc
+ void intel_pch_init(PCIBus *bus);
+ int register_vga_regions(struct pt_dev *real_device);
+ int unregister_vga_regions(struct pt_dev *real_device);
++int vga_skip_ioport_map(PCIDevice *d);
++int igd_register_vga_regions(struct pt_dev *real_device);
++int igd_unregister_vga_regions(struct pt_dev *real_device);
++int ati_register_vga_regions(struct pt_dev *real_device);
++int ati_unregister_vga_regions(struct pt_dev *real_device);
+ int setup_vga_pt(struct pt_dev *real_device);
+ PCIBus *intel_pci_bridge_init(PCIBus *bus, int devfn, uint16_t vid,
+ uint16_t did, const char *name, uint16_t revision);
+--- xen-4.3.1/tools/qemu-xen-traditional/hw/pci.h Thu Sep 6 11:05:30 2012
++++ xen-4.3.1-new/tools/qemu-xen-traditional/hw/pci.h Sat Nov 24 08:27:07 2012
+@@ -54,6 +54,8 @@ extern target_phys_addr_t pci_mem_base;
+
+ #define PCI_VENDOR_ID_CIRRUS 0x1013
+
++#define PCI_VENDOR_ID_ATI 0x1002
++
+ #define PCI_VENDOR_ID_IBM 0x1014
+ #define PCI_DEVICE_ID_IBM_OPENPIC2 0xffff
+
+--- xen-4.3.1/tools/qemu-xen-traditional/hw/pt-graphics.c Thu Sep 6 11:05:30 2012
++++ xen-4.3.1-new/tools/qemu-xen-traditional/hw/pt-graphics.c Sat Nov 24 08:28:10 2012
+@@ -13,6 +13,207 @@
+
+ extern int gfx_passthru;
+ extern int igd_passthru;
++/*********************************/
++/* Code for ATI GFX Passthru */
++/*********************************/
++/* ATI VBIOS Working Mechanism
++ *
++ * Generally there are three memory resources (two MMIO and one PIO)
++ * associated with modern ATI gfx. VBIOS uses special tricks to figure out
++ * BARs, instead of using regular PCI config space read.
++ *
++ * (1) VBIOS relies on I/O port 0x3C3 to retrieve PIO BAR
++ * (2) VBIOS maintains a shadow copy of PCI configure space. It retries the
++ * MMIO BARs from this shadow copy via sending I/O requests to first two
++ * registers of PIO (MMINDEX and MMDATA). The workflow is like this:
++ * MMINDEX (register 0) is written with an index value, specifying the
++ * register VBIOS wanting to access. Then the shadowed data can be
++ * read/written from MMDATA (register 1). For two MMIO BARs, the index
++ * values are 0x4010 and 0x4014 respectively.
++ *
++ */
++
++#define ATI_BAR1_INDEX 0 //MMIO BAR1
++#define ATI_BAR2_INDEX 1 //MMIO BAR2
++#define ATI_BAR5_INDEX 4 //PIO BAR == BAR5
++
++#define ATI_BAR1_MMINDEX 0x4010 //data written to MMINDEX for MMIO BAR1
++#define ATI_BAR2_MMINDEX 0x4014 //data written to MMINDEX FOR MMIO BAR2
++
++struct ati_gfx_info {
++ int initialized; /* initialized already? */
++
++ /* PIO */
++ uint32_t host_pio_base; /* host base addr of PIO */
++ uint32_t guest_pio_base; /* guest base addr of PIO */
++ uint32_t pio_size; /* PIO size */
++
++ /* MMIO */
++ uint32_t guest_mmio_base1; /* guest base addr of MMIO 1 */
++ uint32_t guest_mmio_base2; /* guest base addr of MMIO 2 */
++
++ /* PIO MMINDEX access recording */
++ uint32_t pre_mmindex_data; /* previous data written to MMINDEX */
++};
++
++static struct ati_gfx_info gfx_info;
++
++/* Convert guest PIO port to host PIO port */
++static uint16_t gport_to_hport(uint16_t gport)
++{
++ return (gport - gfx_info.guest_pio_base) + gfx_info.host_pio_base;
++}
++
++/* Read host PIO port */
++static uint32_t ati_hw_in(uint16_t hport)
++{
++ unsigned val;
++
++ //iopl(3);
++ asm volatile ("in %1,%0":"=a"(val):"Nd"(hport));
++ //iopl(0);
++
++ return val;
++}
++
++/* Write data to host PIO */
++static void ati_hw_out(uint16_t hport, uint32_t data)
++{
++ //iopl(3);
++ asm volatile ("out %1, %0"::"Nd"(hport),"a"(data));
++ //iopl(0);
++}
++
++static uint32_t ati_io_regs_read(void *opaque, uint32_t addr)
++{
++ uint32_t val;
++
++ val = ati_hw_in(gport_to_hport(addr));
++
++ /* tweak the value if VBIOS is reading MMIO BAR1 and BAR2 */
++ if ( addr == (gfx_info.guest_pio_base + 4) )
++ {
++ switch ( gfx_info.pre_mmindex_data )
++ {
++ case ATI_BAR1_MMINDEX:
++ val = gfx_info.guest_mmio_base1 | (val & 0x0000000f);
++ break;
++ case ATI_BAR2_MMINDEX:
++ val = gfx_info.guest_mmio_base2 | (val & 0x0000000f);
++ break;
++ default:
++ break;
++ }
++ }
++
++ return val;
++}
++
++static void ati_io_regs_write(void *opaque, uint32_t addr, uint32_t val)
++{
++ ati_hw_out(gport_to_hport(addr), val);
++
++ /* book keeping */
++ if ( addr == gfx_info.guest_pio_base )
++ gfx_info.pre_mmindex_data = val;
++}
++
++static void ati_gfx_init(struct pt_dev *assigned)
++{
++ PCIDevice *dev = (PCIDevice *)&assigned->dev;
++
++ register_ioport_read(dev->io_regions[ATI_BAR5_INDEX].addr,
++ dev->io_regions[ATI_BAR5_INDEX].size, 4, ati_io_regs_read, assigned);
++
++ register_ioport_write(dev->io_regions[ATI_BAR5_INDEX].addr,
++ dev->io_regions[ATI_BAR5_INDEX].size, 4, ati_io_regs_write, assigned);
++
++ /* initialize IO registers */
++ gfx_info.guest_pio_base = dev->io_regions[ATI_BAR5_INDEX].addr;
++ gfx_info.pio_size = dev->io_regions[ATI_BAR5_INDEX].size;
++ gfx_info.host_pio_base = assigned->bases[ATI_BAR5_INDEX].access.pio_base;
++
++ gfx_info.guest_mmio_base1 = dev->io_regions[ATI_BAR1_INDEX].addr;
++ gfx_info.guest_mmio_base2 = dev->io_regions[ATI_BAR2_INDEX].addr;
++ gfx_info.initialized = 1;
++
++ PT_LOG("guest_pio_bar = 0x%x, host_pio_bar = 0x%x, pio_size=0x%x "
++ "guest_mmio_bar1=0x%x, guest_mmio_bar2=0x%x\n",
++ gfx_info.guest_pio_base, gfx_info.host_pio_base, gfx_info.pio_size,
++ gfx_info.guest_mmio_base1, gfx_info.guest_mmio_base2);
++}
++
++static uint32_t ati_legacy_io_read(void *opaque, uint32_t addr)
++{
++ struct pt_dev *assigned_device = opaque;
++ PCIDevice *dev = (PCIDevice *)&assigned_device->dev;
++ uint32_t val = 0xFF;
++
++ switch( addr )
++ {
++ case 0x3c3:
++ val = dev->io_regions[ATI_BAR5_INDEX].addr >> 8;
++ /* Intercept GFX IO registers. This supposes to happen in
++ * ati_register_vga_regions(). But we cannot get guest phys IO BAR
++ * over there. */
++ if ( !gfx_info.initialized )
++ ati_gfx_init(assigned_device);
++ break;
++ default:
++ PT_LOG("ERROR: port 0x%x I/O read not handled\n", addr);
++ break;
++ }
++
++ return val;
++}
++
++static void ati_legacy_io_write(void *opaque, uint32_t addr, uint32_t val)
++{
++ PT_LOG("ERROR: port 0x%x I/O write not handled\n", addr);
++}
++
++int ati_register_vga_regions(struct pt_dev *real_device)
++{
++ PCIDevice *dev = (PCIDevice *)&real_device->dev;
++ int ret = 0;
++
++ /* We need to intercept VBIOS accesses to port 0x3C3, which returns
++ * device port I/O BAR. For the rest of legacy I/O ports, we allow direct
++ * accesses.
++ */
++ ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3C0,
++ 0x3C0, 0x3, DPCI_ADD_MAPPING);
++
++ ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3C4,
++ 0x3C4, 0x1C, DPCI_ADD_MAPPING);
++
++ register_ioport_read(0x3c3, 1, 1, ati_legacy_io_read, real_device);
++ register_ioport_write(0x3c3, 1, 1, ati_legacy_io_write, real_device);
++
++ /* initialized on the first port 0x3C3 access in ati_gfx_init */
++ gfx_info.initialized = 0;
++
++ return ret;
++}
++
++int ati_unregister_vga_regions(struct pt_dev *real_device)
++{
++ int ret = 0;
++
++ ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3C0,
++ 0x3C0, 0x3, DPCI_REMOVE_MAPPING);
++
++ ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3C4,
++ 0x3C4, 0x1C, DPCI_REMOVE_MAPPING);
++
++ gfx_info.initialized = 0;
++
++ return ret;
++}
++
++/*********************************/
++/* Code for Intel IGD Passthru */
++/*********************************/
+
+ static uint32_t igd_guest_opregion = 0;
+
+@@ -176,6 +377,77 @@ read_default:
+ return pci_default_read_config(pci_dev, config_addr, len);
+ }
+
++int igd_register_vga_regions(struct pt_dev *real_device)
++{
++ u32 vendor_id, igd_opregion;
++ int ret = 0;
++
++ /* legacy I/O ports 0x3C0 -- 0x3E0 */
++ ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3C0,
++ 0x3C0, 0x20, DPCI_ADD_MAPPING);
++
++ /* 1:1 map ASL Storage register value */
++ vendor_id = pt_pci_host_read(real_device->pci_dev, PCI_VENDOR_ID, 2);
++ igd_opregion = pt_pci_host_read(real_device->pci_dev, PCI_INTEL_OPREGION, 4);
++ if ( (vendor_id == PCI_VENDOR_ID_INTEL) && igd_opregion )
++ {
++ ret |= xc_domain_memory_mapping(xc_handle, domid,
++ igd_opregion >> XC_PAGE_SHIFT,
++ igd_opregion >> XC_PAGE_SHIFT,
++ 2,
++ DPCI_ADD_MAPPING);
++ PT_LOG("register_vga: igd_opregion = %x\n", igd_opregion);
++ }
++
++ return ret;
++}
++
++int igd_unregister_vga_regions(struct pt_dev *real_device)
++{
++ u32 vendor_id, igd_opregion;
++ int ret = 0;
++
++ ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3C0,
++ 0x3C0, 0x20, DPCI_REMOVE_MAPPING);
++
++ vendor_id = pt_pci_host_read(real_device->pci_dev, PCI_VENDOR_ID, 2);
++ igd_opregion = pt_pci_host_read(real_device->pci_dev, PCI_INTEL_OPREGION, 4);
++ if ( (vendor_id == PCI_VENDOR_ID_INTEL) && igd_opregion )
++ {
++ ret |= xc_domain_memory_mapping(xc_handle, domid,
++ igd_opregion >> XC_PAGE_SHIFT,
++ igd_opregion >> XC_PAGE_SHIFT,
++ 2,
++ DPCI_REMOVE_MAPPING);
++ }
++
++ return ret;
++}
++/*********************************/
++/* Generic Code for GFX Passthru */
++/*********************************/
++/* This function decides whether I/O port map should be skipped */
++int vga_skip_ioport_map(PCIDevice *d)
++{
++ struct pt_dev *dev = (struct pt_dev *)d;
++ int skip = 0;
++
++ if ( !gfx_passthru || dev->pci_dev->device_class != 0x0300 )
++ return 0;
++
++ switch( dev->pci_dev->vendor_id )
++ {
++ case PCI_VENDOR_ID_ATI:
++ case PCI_VENDOR_ID_AMD:
++ skip = 1;
++ break;
++ default:
++ skip = 0;
++ break;
++ }
++
++ return skip;
++}
+ /*
+ * register VGA resources for the domain with assigned gfx
+ */
+@@ -187,18 +459,33 @@ int register_vga_regions(struct pt_dev *
+ if ( !gfx_passthru || real_device->pci_dev->device_class != 0x0300 )
+ return ret;
+
++ /* legacy I/O ports 0x3B0 - 0x3BC */
+ ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3B0,
+ 0x3B0, 0xC, DPCI_ADD_MAPPING);
+
+- ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3C0,
+- 0x3C0, 0x20, DPCI_ADD_MAPPING);
+-
++ /* legacy video MMIO range 0xA0000 - 0xBFFFF */
+ ret |= xc_domain_memory_mapping(xc_handle, domid,
+ 0xa0000 >> XC_PAGE_SHIFT,
+ 0xa0000 >> XC_PAGE_SHIFT,
+ 0x20,
+ DPCI_ADD_MAPPING);
+
++ /* Other VGA regions are vendor specific */
++ switch( real_device->pci_dev->vendor_id )
++ {
++ case PCI_VENDOR_ID_INTEL:
++ ret = igd_register_vga_regions(real_device);
++ break;
++ case PCI_VENDOR_ID_ATI:
++ case PCI_VENDOR_ID_AMD:
++ ret = ati_register_vga_regions(real_device);
++ break;
++ default:
++ PT_LOG("gfx card wasn't supported by Xen passthru!\n");
++ ret = 1;
++ break;
++ }
++
+ if ( ret != 0 )
+ PT_LOG("VGA region mapping failed\n");
+
+@@ -216,26 +503,31 @@ int unregister_vga_regions(struct pt_dev
+ if ( !gfx_passthru || real_device->pci_dev->device_class != 0x0300 )
+ return ret;
+
++ /* legacy I/O ports 0x3B0 - 0x3BC */
+ ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3B0,
+ 0x3B0, 0xC, DPCI_REMOVE_MAPPING);
+
+- ret |= xc_domain_ioport_mapping(xc_handle, domid, 0x3C0,
+- 0x3C0, 0x20, DPCI_REMOVE_MAPPING);
+-
++ /* legacy video MMIO range 0xA0000 - 0xBFFFF */
+ ret |= xc_domain_memory_mapping(xc_handle, domid,
+ 0xa0000 >> XC_PAGE_SHIFT,
+ 0xa0000 >> XC_PAGE_SHIFT,
+ 20,
+ DPCI_REMOVE_MAPPING);
+
+- vendor_id = pt_pci_host_read(real_device->pci_dev, PCI_VENDOR_ID, 2);
+- if ( (vendor_id == PCI_VENDOR_ID_INTEL) && igd_guest_opregion )
++ /* Other VGA regions are vendor specific */
++ switch( real_device->pci_dev->vendor_id )
+ {
+- ret |= xc_domain_memory_mapping(xc_handle, domid,
+- igd_guest_opregion >> XC_PAGE_SHIFT,
+- igd_guest_opregion >> XC_PAGE_SHIFT,
+- 2,
+- DPCI_REMOVE_MAPPING);
++ case PCI_VENDOR_ID_INTEL:
++ ret = igd_unregister_vga_regions(real_device);
++ break;
++ case PCI_VENDOR_ID_ATI:
++ case PCI_VENDOR_ID_AMD:
++ ret = ati_unregister_vga_regions(real_device);
++ break;
++ default:
++ PT_LOG("gfx card wasn't supported by Xen passthru!\n");
++ ret = 1;
++ break;
+ }
+
+ if ( ret != 0 )
diff --git a/kernels/xen/bios_workaround.patch b/kernels/xen/bios_workaround.patch
new file mode 100644
index 000000000..12fc00184
--- /dev/null
+++ b/kernels/xen/bios_workaround.patch
@@ -0,0 +1,51 @@
+--- xen-4.3.1.orig/xen/drivers/passthrough/amd/iommu_acpi.c 2013-07-09 05:46:56.000000000 -0500
++++ xen-4.3.1/xen/drivers/passthrough/amd/iommu_acpi.c 2013-07-18 02:31:38.767195258 -0500
+@@ -668,26 +668,26 @@
+ */
+ for ( apic = 0; apic < nr_ioapics; apic++ )
+ {
+- if ( IO_APIC_ID(apic) != special->handle )
++ if ( ioapic_sbdf[IO_APIC_ID(apic)].bdf != ioapic_sbdf[special->handle].bdf )
+ continue;
+
+- if ( special->handle >= ARRAY_SIZE(ioapic_sbdf) )
++ if ( IO_APIC_ID(apic) >= ARRAY_SIZE(ioapic_sbdf) )
+ {
+ printk(XENLOG_ERR "IVHD Error: IO-APIC %#x entry beyond bounds\n",
+- special->handle);
++ IO_APIC_ID(apic));
+ return 0;
+ }
+
+- if ( ioapic_sbdf[special->handle].pin_setup )
++ if ( ioapic_sbdf[IO_APIC_ID(apic)].pin_setup )
+ {
+- if ( ioapic_sbdf[special->handle].bdf == bdf &&
+- ioapic_sbdf[special->handle].seg == seg )
++ if ( ioapic_sbdf[IO_APIC_ID(apic)].bdf == bdf &&
++ ioapic_sbdf[IO_APIC_ID(apic)].seg == seg )
+ AMD_IOMMU_DEBUG("IVHD Warning: Duplicate IO-APIC %#x entries\n",
+- special->handle);
++ IO_APIC_ID(apic));
+ else
+ {
+ printk(XENLOG_ERR "IVHD Error: Conflicting IO-APIC %#x entries\n",
+- special->handle);
++ IO_APIC_ID(apic));
+ if ( amd_iommu_perdev_intremap )
+ return 0;
+ }
+@@ -695,10 +695,10 @@
+ else
+ {
+ /* set device id of ioapic */
+- ioapic_sbdf[special->handle].bdf = bdf;
+- ioapic_sbdf[special->handle].seg = seg;
++ ioapic_sbdf[IO_APIC_ID(apic)].bdf = bdf;
++ ioapic_sbdf[IO_APIC_ID(apic)].seg = seg;
+
+- ioapic_sbdf[special->handle].pin_setup = xzalloc_array(
++ ioapic_sbdf[IO_APIC_ID(apic)].pin_setup = xzalloc_array(
+ unsigned long, BITS_TO_LONGS(nr_ioapic_entries[apic]));
+ if ( nr_ioapic_entries[apic] &&
+ !ioapic_sbdf[IO_APIC_ID(apic)].pin_setup )
diff --git a/kernels/xen/conf.d-xenconsoled b/kernels/xen/conf.d-xenconsoled
new file mode 100644
index 000000000..9dee0960a
--- /dev/null
+++ b/kernels/xen/conf.d-xenconsoled
@@ -0,0 +1,14 @@
+# No logging (default)
+#XENCONSOLED_LOG=none
+# Log guest console output only
+#XENCONSOLED_LOG=guest
+# Log hypervisor messages only
+#XENCONSOLED_LOG=hv
+# Log both guest console output and hypervisor messages
+XENCONSOLED_LOG=all
+
+# Location to store guest & hypervisor logs
+XENCONSOLED_LOG_DIR=/var/log/xen/console
+
+#XENCONSOLED_ARGS=
+
diff --git a/kernels/xen/conf.d-xenstored b/kernels/xen/conf.d-xenstored
new file mode 100644
index 000000000..366abf9ad
--- /dev/null
+++ b/kernels/xen/conf.d-xenstored
@@ -0,0 +1,2 @@
+#XENSTORED_ARGS=" -T /var/log/xen/xenstored-trace.log"
+XENDOM0_NAME="Domain-0"
diff --git a/kernels/xen/gcc-4.8-typedefs.patch b/kernels/xen/gcc-4.8-typedefs.patch
deleted file mode 100644
index 6cda7cb80..000000000
--- a/kernels/xen/gcc-4.8-typedefs.patch
+++ /dev/null
@@ -1,12 +0,0 @@
---- a/Config.mk 2012-12-17 09:59:58.000000000 -0500
-+++ b/Config.mk 2013-04-12 17:32:44.673277553 -0400
-@@ -166,6 +166,9 @@
- $(call cc-option-add,HOSTCFLAGS,HOSTCC,-Wdeclaration-after-statement)
- $(call cc-option-add,CFLAGS,CC,-Wdeclaration-after-statement)
- $(call cc-option-add,CFLAGS,CC,-Wno-unused-but-set-variable)
-+$(call cc-option-add,CFLAGS,CC,-Wno-unused-local-typedefs)
-+$(call cc-option-add,CFLAGS,CC,-Wno-sizeof-pointer-memaccess)
-+$(call cc-option-add,CFLAGS,CC,-Wformat)
-
- LDFLAGS += $(foreach i, $(EXTRA_LIB), -L$(i))
- CFLAGS += $(foreach i, $(EXTRA_INCLUDES), -I$(i))
diff --git a/kernels/xen/gdbsx-glibc-2.17.patch b/kernels/xen/gdbsx-glibc-2.17.patch
deleted file mode 100644
index 310010180..000000000
--- a/kernels/xen/gdbsx-glibc-2.17.patch
+++ /dev/null
@@ -1,10 +0,0 @@
---- a/tools/debugger/gdbsx/xg/xg_main.c
-+++ b/tools/debugger/gdbsx/xg/xg_main.c
-@@ -34,6 +34,7 @@
- * XGTRC(): generic trace utility
- */
-
-+#include <sys/types.h>
- #include <stdio.h>
- #include <stddef.h>
- #include <stdarg.h>
diff --git a/kernels/xen/grub.conf b/kernels/xen/grub.conf
new file mode 100644
index 000000000..9b13008d9
--- /dev/null
+++ b/kernels/xen/grub.conf
@@ -0,0 +1,2 @@
+#XEN_HYPERVISOR_CMDLINE="xsave=1"
+#XEN_LINUX_CMDLINE="console=tty0"
diff --git a/kernels/xen/qemu-makefile.patch b/kernels/xen/qemu-makefile.patch
deleted file mode 100644
index d66cf043f..000000000
--- a/kernels/xen/qemu-makefile.patch
+++ /dev/null
@@ -1,10 +0,0 @@
---- a/tools/qemu-xen/Makefile.target 2013-04-05 23:39:54.000000000 +0000
-+++ b/tools/qemu-xen/Makefile.target 2013-04-25 13:54:59.360000000 +0000
-@@ -206,6 +206,7 @@
- obj-$(CONFIG_NO_KVM) += kvm-stub.o
- obj-y += memory.o
- LIBS+=-lz
-+LIBS+=-lrt
-
- QEMU_CFLAGS += $(VNC_TLS_CFLAGS)
- QEMU_CFLAGS += $(VNC_SASL_CFLAGS)
diff --git a/kernels/xen/texi2html.patch b/kernels/xen/texi2html.patch
deleted file mode 100644
index 8f22773c9..000000000
--- a/kernels/xen/texi2html.patch
+++ /dev/null
@@ -1,10 +0,0 @@
---- a/tools/Makefile 2012-09-17 22:25:54.683349679 -0500
-+++ b/tools/Makefile 2012-09-17 22:49:08.923331802 -0500
-@@ -164,6 +164,7 @@
- $(QEMU_ROOT)/xen-setup \
- --extra-cflags="$(EXTRA_CFLAGS_QEMU_TRADITIONAL)" \
- $(IOEMU_CONFIGURE_CROSS); \
-+ sed -i 's/number[ ]/number-sections /' Makefile; \
- $(MAKE) install
-
- subdir-clean-qemu-xen-traditional-dir:
diff --git a/kernels/xen/timer-add-lrt-lm.patch b/kernels/xen/timer-add-lrt-lm.patch
deleted file mode 100644
index 4a170f9fe..000000000
--- a/kernels/xen/timer-add-lrt-lm.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- a/tools/qemu-xen-traditional/Makefile.target
-+++ b/tools/qemu-xen-traditional/Makefile.target
-@@ -520,7 +520,7 @@
- OBJS+=block-raw-posix.o
- endif
-
--LIBS+=-lz
-+LIBS+=-lz -lm -lrt
- ifdef CONFIG_ALSA
- LIBS += -lasound
- endif
diff --git a/kernels/xen/tmpfiles.d-xen.conf b/kernels/xen/tmpfiles.d-xen.conf
index 504101772..a55258b0f 100644
--- a/kernels/xen/tmpfiles.d-xen.conf
+++ b/kernels/xen/tmpfiles.d-xen.conf
@@ -1 +1,2 @@
d /run/xen 0755 root root -
+d /run/xenstored 0755 root root -
diff --git a/kernels/xen/xen.install b/kernels/xen/xen.install
index 6a109ac63..f1a34d522 100644
--- a/kernels/xen/xen.install
+++ b/kernels/xen/xen.install
@@ -9,15 +9,48 @@ at the very least you must:
2. Issue the following commands to allow you to create and start VMs:
systemctl enable xenstored.service
systemctl enable xenconsoled.service
+3. If you want some domains to automatically start up/shutdown, run the following:
systemctl enable xendomains.service
+
For more information refer to the Wiki:
https://wiki.parabolagnulinux.org/index.php/Xen
+
__EOF__
}
-post_upgrade() {
+upgrade_msg() {
+ cat << __EOF__
+
+Note: If you are upgrading from one of the previous 4.2 xen builds, and are having issues
+ with graphics card passthrough, the default device model used has changed and the
+ newer model can sometimes have issues. To resolve, add (or change ) the following
+ line into your domain config file:
+ device_model_version = "qemu-xen-traditional"
+
+ Also remember to rebuild your grub configuration if upgrading from a non-xen 4.3.1
+ install.
+__EOF__
+
+}
+
+post_install() {
install_msg
+ upgrade_msg
+}
+
+post_upgrade() {
+ upgrade_msg
+}
+
+pre_remove() {
+ systemctl stop xendomains.service
+ systemctl stop xenconsoled.service
+ systemctl stop xenstored.service
+
+ systemctl disable xendomains.service
+ systemctl disable xenconsoled.service
+ systemctl disable xenstored.service
}
post_remove() {
diff --git a/kernels/xen/xenconsoled.service b/kernels/xen/xenconsoled.service
index edcc8e69f..1e06b4537 100644
--- a/kernels/xen/xenconsoled.service
+++ b/kernels/xen/xenconsoled.service
@@ -10,9 +10,9 @@ Environment=XENCONSOLED_ARGS=
Environment=XENCONSOLED_LOG=none
Environment=XENCONSOLED_LOG_DIR=/var/log/xen/console
EnvironmentFile=-/etc/conf.d/xenconsoled
-PIDFile=/var/run/xenconsoled.pid
+PIDFile=/run/xenconsoled.pid
ExecStartPre=/usr/bin/grep -q control_d /proc/xen/capabilities
-ExecStart=/usr/sbin/xenconsoled --log=${XENCONSOLED_LOG} --log-dir=${XENCONSOLED_LOG_DIR} $XENCONSOLED_ARGS
+ExecStart=/usr/bin/xenconsoled --pid-file /run/xenconsoled.pid --log=${XENCONSOLED_LOG} --log-dir=${XENCONSOLED_LOG_DIR} $XENCONSOLED_ARGS
[Install]
WantedBy=multi-user.target
diff --git a/kernels/xen/xendomU@.service b/kernels/xen/xendomU@.service
index 57d6e520d..b3dd6c7d7 100644
--- a/kernels/xen/xendomU@.service
+++ b/kernels/xen/xendomU@.service
@@ -5,8 +5,8 @@ Requires=xenstored.service
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStart=/usr/sbin/xl create /etc/xen/conf/%i.cfg
-ExecStop=/usr/sbin/xl shutdown %i
+ExecStart=/usr/bin/xl create /etc/xen/conf/%i.cfg
+ExecStop=/usr/bin/xl shutdown %i
[Install]
WantedBy=multi-user.target
diff --git a/kernels/xen/xendomains.patch b/kernels/xen/xendomains.patch
new file mode 100644
index 000000000..16f62b65a
--- /dev/null
+++ b/kernels/xen/xendomains.patch
@@ -0,0 +1,108 @@
+--- xen-4.3.1.orig/tools/hotplug/Linux/init.d/xendomains 2013-07-19 14:52:52.159013757 -0500
++++ xen-4.3.1/tools/hotplug/Linux/init.d/xendomains 2013-07-19 14:56:00.079145322 -0500
+@@ -51,17 +51,13 @@
+ fi
+
+ # See docs/misc/distro_mapping.txt
+-if [ -d /var/lock/subsys ]; then
+- LOCKFILE=/var/lock/subsys/xendomains
++if [ -d /run/lock/subsys ]; then
++ LOCKFILE=/run/lock/subsys/xendomains
+ else
+- LOCKFILE=/var/lock/xendomains
++ LOCKFILE=/run/lock/xendomains
+ fi
+
+-if [ -d /etc/sysconfig ]; then
+- XENDOM_CONFIG=/etc/sysconfig/xendomains
+-else
+- XENDOM_CONFIG=/etc/default/xendomains
+-fi
++XENDOM_CONFIG=/etc/conf.d/xendomains
+
+ test -r $XENDOM_CONFIG || { echo "$XENDOM_CONFIG not existing";
+ if [ "$1" = "stop" ]; then exit 0;
+@@ -185,8 +181,13 @@
+ # read name from xen config file
+ rdname()
+ {
+- NM=$($CMD create --quiet --dryrun --defconfig "$1" |
+- sed -n 's/^.*(name \(.*\))$/\1/p')
++ if [ "$CMD" == "xm" ]; then
++ NM=$($CMD create --quiet --dryrun --defconfig "$1" |
++ sed -n 's/^.*(name \(.*\))$/\1/p')
++ else
++ NM=$($CMD create --quiet --dryrun --defconfig "$1" |
++ perl -pe 's|^.*"name":"(.*?)".*$|$1|')
++ fi
+ }
+
+ rdnames()
+@@ -229,15 +230,15 @@
+ rdname $1
+ RC=1
+ name=;id=
+- while read LN; do
+- parseln "$LN" || continue
++ while read id; do
+ if test $id = 0; then continue; fi
++ name=`xenstore-read /local/domain/$id/name`
+ case $name in
+ ($NM)
+ RC=0
+ ;;
+ esac
+- done < <($CMD list -l | grep "$LIST_GREP")
++ done < <(xenstore-list /local/domain)
+ return $RC
+ }
+
+@@ -312,6 +313,8 @@
+
+ all_zombies()
+ {
++ return 0
++
+ name=;id=
+ while read LN; do
+ parseln "$LN" || continue
+@@ -363,9 +366,9 @@
+ fi
+ echo -n "Shutting down Xen domains:"
+ name=;id=
+- while read LN; do
+- parseln "$LN" || continue
++ while read id; do
+ if test $id = 0; then continue; fi
++ name=`xenstore-read /local/domain/$id/name`
+ echo -n " $name"
+ if test "$XENDOMAINS_AUTO_ONLY" = "true"; then
+ eval "
+@@ -450,7 +453,7 @@
+ fi
+ kill $WDOG_PID >/dev/null 2>&1
+ fi
+- done < <($CMD list -l | grep "$LIST_GREP")
++ done < <(xenstore-list /local/domain)
+
+ # NB. this shuts down ALL Xen domains (politely), not just the ones in
+ # AUTODIR/*
+@@ -479,15 +482,15 @@
+ check_domain_up()
+ {
+ name=;id=
+- while read LN; do
+- parseln "$LN" || continue
++ while read id; do
+ if test $id = 0; then continue; fi
++ name=`xenstore-read /local/domain/$id/name`
+ case $name in
+ ($1)
+ return 0
+ ;;
+ esac
+- done < <($CMD list -l | grep "$LIST_GREP")
++ done < <(xenstore-list /local/domain)
+ return 1
+ }
+
diff --git a/kernels/xen/xenstored.service b/kernels/xen/xenstored.service
index c898fd24b..46e0b3226 100644
--- a/kernels/xen/xenstored.service
+++ b/kernels/xen/xenstored.service
@@ -9,11 +9,12 @@ ConditionPathExists=/proc/xen
[Service]
Type=forking
Environment=XENSTORED_ARGS=
+Environment=XENDOM0_NAME=Domain-0
EnvironmentFile=-/etc/conf.d/xenstored
-PIDFile=/var/run/xenstored.pid
+PIDFile=/run/xenstored.pid
ExecStartPre=/usr/bin/grep -q control_d /proc/xen/capabilities
-ExecStart=/usr/sbin/xenstored --pid-file /var/run/xenstored.pid $XENSTORED_ARGS
-ExecStartPost=/usr/bin/xenstore-write "/local/domain/0/name" "Domain-0"
+ExecStart=/usr/bin/xenstored --pid-file /run/xenstored.pid $XENSTORED_ARGS
+ExecStartPost=/usr/bin/xenstore-write "/local/domain/0/name" "$XENDOM0_NAME"
[Install]
WantedBy=multi-user.target
diff --git a/kernels/xen/xsa73-4.3-unstable.patch b/kernels/xen/xsa73-4.3-unstable.patch
new file mode 100644
index 000000000..aa36b40a1
--- /dev/null
+++ b/kernels/xen/xsa73-4.3-unstable.patch
@@ -0,0 +1,105 @@
+From 068bfa76bbd52430e65853375e1d5db99d193e2f Mon Sep 17 00:00:00 2001
+From: Andrew Cooper <andrew.cooper3@citrix.com>
+Date: Thu, 31 Oct 2013 20:49:00 +0000
+Subject: [PATCH] gnttab: correct locking order reversal
+
+Coverity ID 1087189
+
+Correct a lock order reversal between a domains page allocation and grant
+table locks.
+
+This is CVE-2013-4494 / XSA-73.
+
+Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
+
+Consolidate error handling.
+
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-by: Keir Fraser <keir@xen.org>
+Tested-by: Matthew Daley <mattjd@gmail.com>
+---
+ xen/common/grant_table.c | 52 +++++++++++++++++++++++++++++++++++++++-------
+ 1 file changed, 44 insertions(+), 8 deletions(-)
+
+diff --git a/xen/common/grant_table.c b/xen/common/grant_table.c
+index f42bc7a..48df928 100644
+--- a/xen/common/grant_table.c
++++ b/xen/common/grant_table.c
+@@ -1518,6 +1518,8 @@ gnttab_transfer(
+
+ for ( i = 0; i < count; i++ )
+ {
++ bool_t okay;
++
+ if (i && hypercall_preempt_check())
+ return i;
+
+@@ -1626,16 +1628,18 @@ gnttab_transfer(
+ * pages when it is dying.
+ */
+ if ( unlikely(e->is_dying) ||
+- unlikely(e->tot_pages >= e->max_pages) ||
+- unlikely(!gnttab_prepare_for_transfer(e, d, gop.ref)) )
++ unlikely(e->tot_pages >= e->max_pages) )
+ {
+- if ( !e->is_dying )
+- gdprintk(XENLOG_INFO, "gnttab_transfer: "
+- "Transferee has no reservation "
+- "headroom (%d,%d) or provided a bad grant ref (%08x) "
+- "or is dying (%d)\n",
+- e->tot_pages, e->max_pages, gop.ref, e->is_dying);
+ spin_unlock(&e->page_alloc_lock);
++
++ if ( e->is_dying )
++ gdprintk(XENLOG_INFO, "gnttab_transfer: "
++ "Transferee (d%d) is dying\n", e->domain_id);
++ else
++ gdprintk(XENLOG_INFO, "gnttab_transfer: "
++ "Transferee (d%d) has no headroom (tot %u, max %u)\n",
++ e->domain_id, e->tot_pages, e->max_pages);
++
+ rcu_unlock_domain(e);
+ put_gfn(d, gop.mfn);
+ page->count_info &= ~(PGC_count_mask|PGC_allocated);
+@@ -1647,6 +1651,38 @@ gnttab_transfer(
+ /* Okay, add the page to 'e'. */
+ if ( unlikely(domain_adjust_tot_pages(e, 1) == 1) )
+ get_knownalive_domain(e);
++
++ /*
++ * We must drop the lock to avoid a possible deadlock in
++ * gnttab_prepare_for_transfer. We have reserved a page in e so can
++ * safely drop the lock and re-aquire it later to add page to the
++ * pagelist.
++ */
++ spin_unlock(&e->page_alloc_lock);
++ okay = gnttab_prepare_for_transfer(e, d, gop.ref);
++ spin_lock(&e->page_alloc_lock);
++
++ if ( unlikely(!okay) || unlikely(e->is_dying) )
++ {
++ bool_t drop_dom_ref = (domain_adjust_tot_pages(e, -1) == 0);
++
++ spin_unlock(&e->page_alloc_lock);
++
++ if ( okay /* i.e. e->is_dying due to the surrounding if() */ )
++ gdprintk(XENLOG_INFO, "gnttab_transfer: "
++ "Transferee (d%d) is now dying\n", e->domain_id);
++
++ if ( drop_dom_ref )
++ put_domain(e);
++ rcu_unlock_domain(e);
++
++ put_gfn(d, gop.mfn);
++ page->count_info &= ~(PGC_count_mask|PGC_allocated);
++ free_domheap_page(page);
++ gop.status = GNTST_general_error;
++ goto copyback;
++ }
++
+ page_list_add_tail(page, &e->page_list);
+ page_set_owner(page, e);
+
+--
+1.7.10.4
+
diff --git a/kernels/xen/xsa75-4.3-unstable.patch b/kernels/xen/xsa75-4.3-unstable.patch
new file mode 100644
index 000000000..6c0c5bca1
--- /dev/null
+++ b/kernels/xen/xsa75-4.3-unstable.patch
@@ -0,0 +1,55 @@
+nested VMX: VMLANUCH/VMRESUME emulation must check permission first thing
+
+Otherwise uninitialized data may be used, leading to crashes.
+
+This is XSA-75.
+
+Reported-and-tested-by: Jeff Zimmerman <Jeff_Zimmerman@McAfee.com>
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-and-tested-by: Andrew Cooper <andrew.cooper3@citrix.com>
+
+--- a/xen/arch/x86/hvm/vmx/vvmx.c
++++ b/xen/arch/x86/hvm/vmx/vvmx.c
+@@ -1508,15 +1508,10 @@ static void clear_vvmcs_launched(struct
+ }
+ }
+
+-int nvmx_vmresume(struct vcpu *v, struct cpu_user_regs *regs)
++static int nvmx_vmresume(struct vcpu *v, struct cpu_user_regs *regs)
+ {
+ struct nestedvmx *nvmx = &vcpu_2_nvmx(v);
+ struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v);
+- int rc;
+-
+- rc = vmx_inst_check_privilege(regs, 0);
+- if ( rc != X86EMUL_OKAY )
+- return rc;
+
+ /* check VMCS is valid and IO BITMAP is set */
+ if ( (nvcpu->nv_vvmcxaddr != VMCX_EADDR) &&
+@@ -1535,6 +1530,10 @@ int nvmx_handle_vmresume(struct cpu_user
+ struct vcpu *v = current;
+ struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v);
+ struct nestedvmx *nvmx = &vcpu_2_nvmx(v);
++ int rc = vmx_inst_check_privilege(regs, 0);
++
++ if ( rc != X86EMUL_OKAY )
++ return rc;
+
+ if ( vcpu_nestedhvm(v).nv_vvmcxaddr == VMCX_EADDR )
+ {
+@@ -1554,10 +1553,13 @@ int nvmx_handle_vmresume(struct cpu_user
+ int nvmx_handle_vmlaunch(struct cpu_user_regs *regs)
+ {
+ bool_t launched;
+- int rc;
+ struct vcpu *v = current;
+ struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v);
+ struct nestedvmx *nvmx = &vcpu_2_nvmx(v);
++ int rc = vmx_inst_check_privilege(regs, 0);
++
++ if ( rc != X86EMUL_OKAY )
++ return rc;
+
+ if ( vcpu_nestedhvm(v).nv_vvmcxaddr == VMCX_EADDR )
+ {
diff --git a/kernels/xen/xsa78.patch b/kernels/xen/xsa78.patch
new file mode 100644
index 000000000..180506cdd
--- /dev/null
+++ b/kernels/xen/xsa78.patch
@@ -0,0 +1,23 @@
+VT-d: fix TLB flushing in dma_pte_clear_one()
+
+The third parameter of __intel_iommu_iotlb_flush() is to indicate
+whether the to be flushed entry was a present one. A few lines before,
+we bailed if !dma_pte_present(*pte), so there's no need to check the
+flag here again - we can simply always pass TRUE here.
+
+This is CVE-2013-6375 / XSA-78.
+
+Suggested-by: Cheng Yueqiang <yqcheng.2008@phdis.smu.edu.sg>
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+
+--- a/xen/drivers/passthrough/vtd/iommu.c
++++ b/xen/drivers/passthrough/vtd/iommu.c
+@@ -646,7 +646,7 @@ static void dma_pte_clear_one(struct dom
+ iommu_flush_cache_entry(pte, sizeof(struct dma_pte));
+
+ if ( !this_cpu(iommu_dont_flush_iotlb) )
+- __intel_iommu_iotlb_flush(domain, addr >> PAGE_SHIFT_4K , 0, 1);
++ __intel_iommu_iotlb_flush(domain, addr >> PAGE_SHIFT_4K, 1, 1);
+
+ unmap_vtd_domain_page(page);
+