summaryrefslogtreecommitdiff
path: root/kernels/xen
diff options
context:
space:
mode:
Diffstat (limited to 'kernels/xen')
-rw-r--r--kernels/xen/09_xen322
-rw-r--r--kernels/xen/ChangeLog23
-rw-r--r--kernels/xen/IVRS-debug.patch14
-rw-r--r--kernels/xen/PKGBUILD137
-rw-r--r--kernels/xen/TOM-register.patch187
-rw-r--r--kernels/xen/bios_workaround.patch51
-rw-r--r--kernels/xen/grub.conf1
-rw-r--r--kernels/xen/localgcc490fix.patch114
-rw-r--r--kernels/xen/pvh_pit_init.patch107
-rw-r--r--kernels/xen/xen.install14
-rw-r--r--kernels/xen/xendomains.patch108
-rw-r--r--kernels/xen/xenstored.service1
-rw-r--r--kernels/xen/xsa89.patch96
-rw-r--r--kernels/xen/xsa92.patch36
14 files changed, 659 insertions, 552 deletions
diff --git a/kernels/xen/09_xen b/kernels/xen/09_xen
index ddb20696f..c00d1ab96 100644
--- a/kernels/xen/09_xen
+++ b/kernels/xen/09_xen
@@ -1,141 +1,231 @@
-#! /bin/sh -e
+#!/usr/bin/env bash
+
+##
+## grub-mkconfig helper script specific to Parabola GNU/Linux-libre
+## Contributed by "Keshav Amburay" <the ddoott ridikulus ddoott rat aatt geemmayil ddoott ccoomm>
+## Rebranded for Parabola by "André Silva" <emulatorman@parabola.nu>
+## Updated on 08 February 2014
+##
+## Script based on do_grub_config() function in Arch Archboot ISO Installer/Setup script
+## Some parts taken from /etc/grub.d/10_linux script shipped by GRUB(2) upstream
+##
+## This script can be freely distributed and/or modified
+## under the terms of the GNU General Public License as published by
+## the Free Software Foundation, either version 3 of the License, or
+## (at your option) any later version.
+##
+## This script is distributed in the hope that it will be useful,
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+## GNU General Public License for more details.
+##
+
+## Adapted for use with the xen package, to ensure feature comparity
+## Modified by "David Sutton" <kantras - gmail com>
+
+_FUNC_GRUB_FILE_PRESENT() {
+
+ [[ -z "${GRUB_PLATFORM}" ]] && GRUB_PLATFORM="x86"
+
+ if [[ "${GRUB_PLATFORM}" == "x86" ]]; then
+ check="--is-x86-linux32"
+ elif [[ "${GRUB_PLATFORM}" == "i386-xen-pae" ]]; then
+ check="--is-i386-xen-pae-domu"
+ elif [[ "${GRUB_PLATFORM}" == "x86_64-xen" ]]; then
+ check="--is-x86_64-xen-domu"
+ else
+ check="--is-${GRUB_PLATFORM}-linux"
+ fi
+
+ case "${GRUB_PLATFORM}" in
+ x86)
+ list="$(for i in "${GRUB_ROOT}"/boot/vmlinuz-linux* ; do
+ if grub_file_is_not_garbage "${i}" && "${grub_file}" ${check} "${i}" ; then echo -n "${i} " ; fi
+ done)" ;;
+ *)
+ list="$(for i in "${GRUB_ROOT}"/boot/vmlinuz-linux* ; do
+ if grub_file_is_not_garbage "${i}" && "${grub_file}" ${check} "${i}" ; then echo -n "${i} " ; fi
+ done)" ;;
+ esac
+}
-if [ -f /usr/share/grub/grub-mkconfig_lib ]; then
- . /usr/share/grub/grub-mkconfig_lib
-else
- # no grub file, so we notify and exit gracefully
- echo "Cannot find grub config file, exiting." >&2
- exit 0
-fi
+set -e
-XEN_HYPERVISOR_CMDLINE="xsave=1"
-XEN_LINUX_CMDLINE="console=tty0"
-[ -r /etc/xen/grub.conf ] && . /etc/xen/grub.conf
+prefix="/usr"
+exec_prefix="${prefix}"
+datarootdir="/usr/share"
+datadir="${datarootdir}"
+sysconfdir="/etc"
-CLASS="--class gnu-linux --class gnu --class os"
+. "${datarootdir}/grub/grub-mkconfig_lib"
-if [ "x${GRUB_DISTRIBUTOR}" = "x" ] ; then
- OS=GNU/Linux
-else
- if [ "${GRUB_DISTRIBUTOR}" = "Parabola" ] ; then
- OS="${GRUB_DISTRIBUTOR} GNU/Linux-libre"
- elif [ "${GRUB_DISTRIBUTOR}" = "parabola" ] ; then
- OS="${GRUB_DISTRIBUTOR} GNU/Linux-libre"
- elif [ "${GRUB_DISTRIBUTOR}" = "Blag" ] ; then
- OS="${GRUB_DISTRIBUTOR} Linux and GNU"
- elif [ "${GRUB_DISTRIBUTOR}" = "blag" ] ; then
- OS="${GRUB_DISTRIBUTOR} Linux and GNU"
- elif [ "${GRUB_DISTRIBUTOR}" = "Musix" ] ; then
- OS="${GRUB_DISTRIBUTOR} GNU+Linux"
- elif [ "${GRUB_DISTRIBUTOR}" = "musix" ] ; then
- OS="${GRUB_DISTRIBUTOR} GNU+Linux"
- elif [ "${GRUB_DISTRIBUTOR}" = "Dragora" ] ; then
- OS="${GRUB_DISTRIBUTOR} GNU/Linux-libre"
- elif [ "${GRUB_DISTRIBUTOR}" = "dragora" ] ; then
- OS="${GRUB_DISTRIBUTOR} GNU/Linux-libre"
- else
- OS="${GRUB_DISTRIBUTOR} GNU/Linux"
- fi
- CLASS="--class $(echo ${GRUB_DISTRIBUTOR} | tr '[A-Z]' '[a-z]' | cut -d' ' -f1) ${CLASS}"
+. "${sysconfdir}/default/grub"
+
+export XEN_HYPERVISOR_CMDLINE="xsave=1"
+export XEN_LINUX_CMDLINE="console=tty0"
+
+[[ -r "${sysconfdir}/xen/grub.conf" ]] && . "${sysconfdir}/xen/grub.conf"
+
+[[ -z "${XEN_LINUX_CMDLINE_OVERRIDE}" ]] && XEN_LINUX_CMDLINE_OVERRIDE="0"
+
+export TEXTDOMAIN="grub"
+export TEXTDOMAINDIR="${datarootdir}/locale"
+
+CLASS="--class xen --class parabola --class gnu-linux --class gnu --class os"
+
+[[ "${grub_file}" != "" ]] && _FUNC_GRUB_FILE_PRESENT
+
+BOOT_PART_FS_UUID="$(${grub_probe} --target="fs_uuid" "/boot" 2>/dev/null)"
+BOOT_PART_HINTS_STRING="$(${grub_probe} --target="hints_string" "/boot" 2>/dev/null || true)"
+BOOT_PART_FS="$(${grub_probe} --target="fs" "/boot" 2>/dev/null)"
+
+ROOT_PART_GRUB_DEVICE="$(${grub_probe} --target=device / || true)"
+ROOT_PART_FS="$(${grub_probe} --device ${ROOT_PART_GRUB_DEVICE} --target=fs 2> /dev/null || echo "unknown")"
+
+if [[ "${GRUB_LINUX_ROOT_DEVICE}" == "" ]]; then
+
+ case "${ROOT_PART_FS}" in
+ btrfs)
+ rootsubvol="$(make_system_path_relative_to_its_root /)"
+ rootsubvol="${rootsubvol#/}"
+ if [[ "${rootsubvol}" != "" ]]; then
+ GRUB_LINUX_ROOT_DEVICE="subvol=${rootsubvol}"
+ fi
+ ;;
+ zfs)
+ rpool="$(${grub_probe} --device ${GRUB_DEVICE} --target=fs_label 2>/dev/null || true)"
+ bootfs="$(make_system_path_relative_to_its_root / | sed -e "s,@$,,")"
+ GRUB_LINUX_ROOT_DEVICE="ZFS=${rpool}${bootfs}"
+ ;;
+ esac
+
+ if [[ "${GRUB_DEVICE_UUID}" == "" ]] || \
+ [[ "${GRUB_DISABLE_LINUX_UUID}" == "true" ]] || \
+ [[ ! -e "/dev/disk/by-uuid/${GRUB_DEVICE_UUID}" ]] || \
+ uses_abstraction "${GRUB_DEVICE}" lvm ; then
+ GRUB_LINUX_ROOT_DEVICE="${GRUB_DEVICE}"
+ else
+ GRUB_LINUX_ROOT_DEVICE="UUID=${GRUB_DEVICE_UUID}"
+ fi
fi
-# loop-AES arranges things so that /dev/loop/X can be our root device, but
-# the initrds that Linux uses don't like that.
-case ${GRUB_DEVICE} in
- /dev/loop/*|/dev/loop[0-9])
- GRUB_DEVICE=`losetup ${GRUB_DEVICE} | sed -e "s/^[^(]*(\([^)]\+\)).*/\1/"`
- ;;
-esac
-
-if [ "x${GRUB_DEVICE_UUID}" = "x" ] || [ "x${GRUB_DISABLE_LINUX_UUID}" = "xtrue" ] \
- || ! test -e "/dev/disk/by-uuid/${GRUB_DEVICE_UUID}" \
- || [ "`grub-probe -t abstraction --device ${GRUB_DEVICE} | sed -e 's,.*\(lvm\).*,\1,'`" = "lvm" ] ; then
- LINUX_ROOT_DEVICE=${GRUB_DEVICE}
+[[ "${GRUB_LINUX_PARAMS}" == "" ]] && GRUB_LINUX_PARAMS="${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}"
+if [[ "${XEN_LINUX_CMDLINE_OVERRIDE}" == "0" ]]; then
+ GRUB_LINUX_PARAMS="${GRUB_LINUX_PARAMS} ${XEN_LINUX_CMDLINE}"
else
- LINUX_ROOT_DEVICE=UUID=${GRUB_DEVICE_UUID}
+ GRUB_LINUX_PARAMS="${XEN_LINUX_CMDLINE}"
fi
-xen_entry ()
-{
- os="$1"
- xen_version="$2"
- version="$3"
- xen_args="$4"
- args="$5"
- printf "menuentry 'Xen %s / %s, with Linux %s' --class xen ${CLASS} {\n" "${xen_version}" "${os}" "${version}"
- save_default_entry | sed -e "s/^/\t/"
-
- if [ -z "${prepare_boot_cache}" ]; then
- prepare_boot_cache="$(prepare_grub_to_access_device ${GRUB_DEVICE_BOOT} | sed -e "s/^/\t/")"
- fi
- printf '%s\n' "${prepare_boot_cache}"
- cat << EOF
- echo '$(printf "Loading Xen %s ..." ${xen_version})'
- multiboot ${rel_dirname}/${xen_basename} ${rel_dirname}/${xen_basename} ${xen_args}
- echo $(printf "$(gettext "Loading Linux %s ...")" ${version})
- module ${rel_dirname}/${basename} ${rel_dirname}/${basename} root=${linux_root_device_thisversion} rw ${args}
-EOF
- if test -n "${initrd}" ; then
- cat << EOF
- echo "Loading initial ramdisk ..."
- module ${rel_dirname}/${initrd}
-EOF
- fi
- cat << EOF
-}
-EOF
-}
-
xen_list=`for i in /boot/xen-*.gz /xen-*.gz ; do
if grub_file_is_not_garbage "$i" ; then echo -n "$i "; fi
done`
-prepare_boot_cache=
while [ "x$xen_list" != "x" ] ; do
xen=`version_find_latest $xen_list`
echo "Found Xen hypervisor image: $xen" >&2
- xen_basename=`basename $xen`
- xen_dirname=`dirname $xen`
- rel_xen_dirname=`make_system_path_relative_to_its_root $xen_dirname`
- xen_version=`echo $xen_basename | sed -e "s,^[^0-9]*-,,g" | sed -e "s,.gz,,g"`
- alt_xen_version=`echo $xen_version | sed -e "s,\.old$,,g"`
+ XEN_BASENAME=`basename $xen`
+ XEN_VERSION=`echo $XEN_BASENAME | sed -e "s,^[^0-9]*-,,g" | sed -e "s,.gz,,g"`
+
+ for _KERNEL_ in ${list} ; do
+
+ echo "Found linux image: ${_KERNEL_}" >&2
+
+ basename="$(basename "${_KERNEL_}")"
+ dirname="$(dirname "${_KERNEL_}")"
+ REAL_DIR="$(make_system_path_relative_to_its_root "${dirname}")"
+
+ _KERNEL_FILE_="$(echo ${_KERNEL_} | sed 's,/boot/,,g')"
+ _KERNEL_PKG_="pkg-$(echo ${_KERNEL_FILE_} | sed 's,vmlinuz-,,g')"
+
+ _INITRAMFS_="${_KERNEL_FILE_/vmlinuz-/initramfs-}.img"
+
+ if [[ -e "/boot/${_INITRAMFS_}" ]]; then
+
+ echo "Found initramfs image: /boot/${_INITRAMFS_}" >&2
+
+ cat << EOF
+
+menuentry "Xen ${XEN_VERSION} / Parabola GNU/Linux-libre ${_KERNEL_PKG_} kernel" ${CLASS} {
+ $(save_default_entry)
+ if [ x\$feature_all_video_module = xy ]; then
+ insmod all_video
+ fi
+ set gfxpayload=keep
+ insmod ${BOOT_PART_FS}
+ if [ x\$feature_platform_search_hint = xy ]; then
+ search --no-floppy --fs-uuid --set=root ${BOOT_PART_HINTS_STRING} ${BOOT_PART_FS_UUID}
+ else
+ search --no-floppy --fs-uuid --set=root ${BOOT_PART_FS_UUID}
+ fi
+ echo '$(printf "Loading Xen %s ..." ${XEN_VERSION})'
+ multiboot ${REAL_DIR}/${XEN_BASENAME} ${REAL_DIR}/${XEN_BASENAME} ${XEN_HYPERVISOR_CMDLINE}
+ echo 'Loading Parabola GNU/Linux-libre ${_KERNEL_PKG_} kernel ...'
+ module ${REAL_DIR}/${_KERNEL_FILE_} ${REAL_DIR}/${_KERNEL_FILE_} root=${GRUB_LINUX_ROOT_DEVICE} rw ${GRUB_LINUX_PARAMS}
+ echo 'Loading Parabola GNU/Linux-libre ${_KERNEL_PKG_} kernel initramfs ...'
+ module ${REAL_DIR}/${_INITRAMFS_}
+}
- list=`for i in /boot/vmlinuz-* /vmlinuz-*; do
- if grub_file_is_not_garbage "$i" ; then echo -n "$i "; fi
- done`
-
- while [ "x$list" != "x" ] ; do
- linux=`version_find_latest $list`
- echo -e "\tFound linux image: $linux" >&2
- basename=`basename $linux`
- dirname=`dirname $linux`
- rel_dirname=`make_system_path_relative_to_its_root $dirname`
- version=`echo $basename | sed -e "s,^[^0-9]*-,,g"`
- base_init=`echo $basename | sed -e "s,vmlinuz,initramfs,g"`
- alt_version="${base_init}-fallback"
- linux_root_device_thisversion="${LINUX_ROOT_DEVICE}"
- initrd=
-
- for i in "${base_init}.img"; do
- if test -e "${dirname}/${i}" ; then
- initrd="$i"
- break
- fi
- done
- if test -n "${initrd}" ; then
- echo -e "\tFound initrd image: ${dirname}/${initrd}" >&2
- else
- # "UUID=" magic is parsed by initrds. Since there's no initrd, it can't work here.
- linux_root_device_thisversion=${GRUB_DEVICE}
+EOF
fi
+
+ _INITRAMFS_FALLBACK_="${_KERNEL_FILE_/vmlinuz-/initramfs-}-fallback.img"
+
+ if [[ -e "/boot/${_INITRAMFS_FALLBACK_}" ]]; then
+
+ echo "Found fallback initramfs image: /boot/${_INITRAMFS_FALLBACK_}" >&2
+
+ cat << EOF
+
+menuentry "Xen ${XEN_VERSION} / Parabola GNU/Linux-libre ${_KERNEL_PKG_} kernel (fallback initramfs)" ${CLASS} {
+ $(save_default_entry)
+ if [ x\$feature_all_video_module = xy ]; then
+ insmod all_video
+ fi
+ set gfxpayload=keep
+ insmod ${BOOT_PART_FS}
+ if [ x\$feature_platform_search_hint = xy ]; then
+ search --no-floppy --fs-uuid --set=root ${BOOT_PART_HINTS_STRING} ${BOOT_PART_FS_UUID}
+ else
+ search --no-floppy --fs-uuid --set=root ${BOOT_PART_FS_UUID}
+ fi
+ echo '$(printf "Loading Xen %s ..." ${XEN_VERSION})'
+ multiboot ${REAL_DIR}/${XEN_BASENAME} ${REAL_DIR}/${XEN_BASENAME} ${XEN_HYPERVISOR_CMDLINE}
+ echo 'Loading Parabola GNU/Linux-libre ${_KERNEL_PKG_} kernel ...'
+ module ${REAL_DIR}/${_KERNEL_FILE_} ${REAL_DIR}/${_KERNEL_FILE_} root=${GRUB_LINUX_ROOT_DEVICE} rw ${GRUB_LINUX_PARAMS}
+ echo 'Loading Parabola GNU/Linux-libre ${_KERNEL_PKG_} kernel fallback initramfs ...'
+ module ${REAL_DIR}/${_INITRAMFS_FALLBACK_}
+}
- xen_entry "${OS}" "${xen_version}" "${version}" \
- "${XEN_HYPERVISOR_CMDLINE}" \
- "${XEN_LINUX_CMDLINE}"
+EOF
+ fi
+
+ if [[ ! -e "/boot/${_INITRAMFS_}" ]] && [[ ! -e "/boot/${_INITRAMFS_FALLBACK_}" ]]; then
+ cat << EOF
+
+menuentry "Xen ${XEN_VERSION} / Parabola GNU/Linux-libre ${_KERNEL_PKG_} kernel (no initramfs)" ${CLASS} {
+ $(save_default_entry)
+ if [ x\$feature_all_video_module = xy ]; then
+ insmod all_video
+ fi
+ set gfxpayload=keep
+ insmod ${BOOT_PART_FS}
+ if [ x\$feature_platform_search_hint = xy ]; then
+ search --no-floppy --fs-uuid --set=root ${BOOT_PART_HINTS_STRING} ${BOOT_PART_FS_UUID}
+ else
+ search --no-floppy --fs-uuid --set=root ${BOOT_PART_FS_UUID}
+ fi
+ echo '$(printf "Loading Xen %s ..." ${XEN_VERSION})'
+ multiboot ${REAL_DIR}/${XEN_BASENAME} ${REAL_DIR}/${XEN_BASENAME} ${XEN_HYPERVISOR_CMDLINE}
+ echo 'Loading Parabola GNU/Linux-libre ${_KERNEL_PKG_} kernel ...'
+ module ${REAL_DIR}/${_KERNEL_FILE_} ${REAL_DIR}/${_KERNEL_FILE_} root=${GRUB_LINUX_ROOT_DEVICE} rw ${GRUB_LINUX_PARAMS}
+}
- list=`echo $list | tr ' ' '\n' | grep -vx $linux | tr '\n' ' '`
+EOF
+ fi
+
done
xen_list=`echo $xen_list | tr ' ' '\n' | grep -vx $xen | tr '\n' ' '`
done
+
diff --git a/kernels/xen/ChangeLog b/kernels/xen/ChangeLog
index 8f9ef80fe..17133d08c 100644
--- a/kernels/xen/ChangeLog
+++ b/kernels/xen/ChangeLog
@@ -1,3 +1,24 @@
+2014-05-17 David Sutton <kantras - gmail.com>
+ * 4.4.0-4:
+ Added patch to fix shutdown issues with pvh domains
+
+2014-05-01 David Sutton <kantras - gmail.com>
+ * 4.4.0-3:
+ Added XSA 92 Security patch
+ Added fix for compiling under GCC 4.9.0 (From Fedora Rawhide SRPM)
+ Added updates to 09_xen to closer match system 10_linux
+
+2014-03-11 David Sutton <kantras - gmail.com>
+ * 4.4.0-2:
+ Moved xen-syms file so 09_xen won't pick it up as a potential kernel.
+ Added XSA 89 Security patch
+ Minor PKGBUILD cleanup/changes
+
+2014-03-10 David Sutton <kantras - gmail.com>
+ * 4.4.0-1:
+ New upstream release
+ Cleaned up old unnecessary patches
+
2014-02-19 David Sutton <kantras - gmail.com>
* 4.3.2-1:
New upstream release
@@ -47,7 +68,7 @@
* 4.3.0-3 :
added ChangeLog.
- Cleaned up PKGBUILD to match Parabola Package Standards
+ Cleaned up PKGBUILD to match Package Standards
Fixed some path references - /var/run to /run
Removed some unnecessary empty directories
Updated xenconsoled and xenstored so they use /run for pid file
diff --git a/kernels/xen/IVRS-debug.patch b/kernels/xen/IVRS-debug.patch
deleted file mode 100644
index 5f6813cb9..000000000
--- a/kernels/xen/IVRS-debug.patch
+++ /dev/null
@@ -1,14 +0,0 @@
---- a/xen/drivers/passthrough/amd/iommu_acpi.c 2013-07-09 05:46:56.000000000 -0500
-+++ b/xen/drivers/passthrough/amd/iommu_acpi.c 2013-08-31 01:26:18.614846438 -0500
-@@ -651,9 +651,9 @@
- return 0;
- }
-
-- AMD_IOMMU_DEBUG("IVHD Special: %04x:%02x:%02x.%u variety %#x handle %#x\n",
-+ AMD_IOMMU_DEBUG("IVHD Special: %04x:%02x:%02x.%u variety %#x handle %#x used_id %#x\n",
- seg, PCI_BUS(bdf), PCI_SLOT(bdf), PCI_FUNC(bdf),
-- special->variety, special->handle);
-+ special->variety, special->handle, special->used_id);
- add_ivrs_mapping_entry(bdf, bdf, special->header.data_setting, iommu);
-
- switch ( special->variety )
diff --git a/kernels/xen/PKGBUILD b/kernels/xen/PKGBUILD
index 28dc5a786..7313bfd75 100644
--- a/kernels/xen/PKGBUILD
+++ b/kernels/xen/PKGBUILD
@@ -1,22 +1,23 @@
# Maintainer (Arch): David Sutton <kantras - gmail.com>
+# Contributor (Arch): Shanmu Thiagaraja <sthiagaraja+AUR@prshanmu.com>
# Contributor (Arch): Limao Luo
# Contributor (Arch): Luceo
# Contributor (Arch): Revellion
# Maintainer: André Silva <emulatorman@parabola.nu>
pkgname=xen
-pkgver=4.3.2
-pkgrel=1
+pkgver=4.4.0
+pkgrel=4
pkgdesc="Virtual Machine Hypervisor & Tools (Parabola rebranded)"
arch=(i686 x86_64)
url="http://www.xenproject.org/"
license=(GPL2)
-depends=(bin86 bluez bridge-utils curl e2fsprogs gnutls iproute2 libaio libcap-ng libiscsi libjpeg-turbo libpng lzo2 nss pixman pciutils python python2 sdl wget vde2 yajl)
+depends=(bin86 bluez bridge-utils curl e2fsprogs gnutls iproute2 libaio libcap-ng libiscsi libjpeg-turbo libpng libseccomp lzo2 nss pixman pciutils python python2 sdl wget vde2 yajl)
[[ "$CARCH" == "x86_64" ]] && depends+=(lib32-glibc)
makedepends=(cmake dev86 git iasl markdown ocaml-findlib)
optdepends=('xen-docs: Official Xen Documentation' 'openvswitch: Optional Networking support')
conflicts=(xen-4.2{,-testing-hg} xen-{gdbsx,hg-unstable,rc,git} xen-4.3{,-testing-hg})
-backup=(etc/$pkgname/xend-{config,pci-{permissive,quirks}}.sxp etc/modules-load.d/$pkgname.conf etc/$pkgname/xl.conf etc/conf.d/xen{stored,consoled,domains} etc/default/xencommons etc/$pkgname/grub.conf)
+backup=(etc/modules-load.d/$pkgname.conf etc/$pkgname/xl.conf etc/conf.d/xen{stored,consoled,domains,commons} etc/$pkgname/grub.conf)
options=(!buildflags !strip)
install=$pkgname.install
changelog=ChangeLog
@@ -32,11 +33,11 @@ source=(http://bits.xensource.com/oss-xen/release/$pkgver/$pkgname-$pkgver.tar.g
http://xenbits.xen.org/xen-extfiles/gmp-4.3.2.tar.bz2
xen.install
09_xen
- bios_workaround.patch
- xendomains.patch
- TOM-register.patch
ati-passthrough.patch
- IVRS-debug.patch
+ localgcc490fix.patch
+ pvh_pit_init.patch
+ xsa89.patch
+ xsa92.patch
proc-xen.mount
var-lib-xenstored.mount
xenconsoled.service
@@ -58,7 +59,7 @@ noextract=(lwip-1.3.0.tar.gz
gmp-4.3.2.tar.bz2
ipxe-git-9a93db3f0947484e30e753bbd61a10b17336e20e.tar.gz)
-sha256sums=('17611d95f955302560ff72d97c08933b4e62bc2e8ffb71400fc54e388746ff69'
+sha256sums=('6910a504fe2ffe8db0e7a44756ce1c4c95e1ccbef942a1fc8da27aced5aac021'
'632ce8c193ccacc3012bd354bdb733a4be126f7c098e111930aa41dad537405c'
'772e4d550e07826665ed0528c071dd5404ef7dbe1825a38c8adbc2a00bca948f'
'1795c7d067a43174113fdf03447532f373e1c6c57c08d61d9e4e9be5e244b05e'
@@ -68,79 +69,58 @@ sha256sums=('17611d95f955302560ff72d97c08933b4e62bc2e8ffb71400fc54e388746ff69'
'4e1d15d12dbd3e9208111d6b806ad5a9857ca8850c47877d36575b904559260b'
'4e48ea0d83dd9441cc1af04ab18cd6c961b9fa54d5cbf2c2feee038988dea459'
'936162c0312886c21581002b79932829aa048cfaf9937c6265aeaa14f1cd1775'
- '0f6ebf3437974d1708c9e74005b976479ab8ff28adec394208153bf404b411f8'
- '74a957d783458b7481c7a09c3ed94ec2e07ee7943e4b7fa33d3684b8d585139e'
- '914cc983da1fe89ff125d751c979b4968f8952da21b19b900fcd4e6b33e14552'
- '1938ca36bfb62c76ad0642147017ecfaa64588abaa2d88e868f501c4ae83bfd9'
- '0fa9426cc499ea3d6e1aa33a8be0e180aed87936814b9b88bb0ef42f6983654a'
+ '9d41f4456f1ce82ab912467a230b6e78b69b39579bccca1337328945ae7e3edb'
+ 'b0a3cfe2d524371ee04a26a29ad04cd9f3dae8c5d4a18b6b41576c6c7547f946'
'd93c2d5bcdf0c3e4c6e8efb357cb4b9d618209025361f5ccd9d03651a8acd7a3'
- '54883171ff9cf5f342a2be5c944df16902ef06b6f2d015b675fa9bd5ed899c7c'
+ '83d4672470437e0a6d2c371681384d67f2056ba85fe3b7898e2b806edecaebd6'
+ '7dcf63e1f7158e0d8d5144f549f4e5fe9a532f9da2650c13968aa39b2730d8b2'
+ '741c8fbbfa8e425d8debba17135d4c2e1e962d15717769bc93d68a65b5dc5ea6'
+ '184dcb88dfb4540fca33016ffcfe0f4f557449ab5b4ec6a4bf486c75926d23f3'
'139eed988bfaf8edc8ccdfd0b668382bd63db48ce17be91776182a7e28e9d88c'
'c19146931c6ab8e53092bd9b2ebbfda5c76fd22ad3b1d42dcda3dd1b61f123ff'
'e4af7891e816b9549ebeff766a78036626c0e278734e5625b8e7d68729530ded'
'48d76cc6f25caa79b3f527c96a0883b1decb9012f6616f61336c8d43791bf007'
'0bd45d9de6456c4f9adf32e726f2db3a3cd0423c1d161b442e8a1666d2e68e3f'
'012cc60ffdcb0e061d04d404eb9232734554aef4dc4b551f66adf82a655e6e41'
- '8ee5c5a14064fc2bbfd38d0ec8a6001f541bbe56b9fb534733209a8af148b297'
+ '633d334c55395fac3f16dbe56dd7b7524d560b513d1895b53c89943033a45f39'
'0e1ad0a6a72b0c22025a556c23235a8f663427f1e769c45fe39d1c525bf82eff'
'40e0760810a49f925f2ae9f986940b40eba477dc6d3e83a78baaae096513b3cf'
- '78398fb27edfedb432b5f4e4bf87b5dbee41f180c623d29f758234a49d8bf4b4'
+ '3f0af16958c3e057b9baa5afc47050d9adf7dd553274dd97ae4f35938fefb568'
'50a9b7fd19e8beb1dea09755f07318f36be0b7ec53d3c9e74f3266a63e682c0c')
-sha512sums=('ec94d849b56ec590b89022075ce43768d8ef44b7be9580ce032509b44c085f0f66495845607a18cd3dea6b89c69bc2a18012705556f59288cd8653c3e5eca302'
- 'c5cb1cdff40d2d71fd3e692a9d0efadf2aa17290daf5195391a1c81ddd9dfc913a8e44d5be2b12be85b2a5565ea31631c99c7053564f2fb2225c80ea0bb0e4a4'
- '1465b58279af1647f909450e394fe002ca165f0ff4a0254bfa9fe0e64316f50facdde2729d79a4e632565b4500cf4d6c74192ac0dd3bc9fe09129bbd67ba089d'
- '021b958fcd0d346c4ba761bcf0cc40f3522de6186cf5a0a6ea34a70504ce9622b1c2626fce40675bc8282cf5f5ade18473656abc38050f72f5d6480507a2106e'
- '40eb96bbc6736a16b6399e0cdb73e853d0d90b685c967e77899183446664d64570277a633fdafdefc351b46ce210a99115769a1d9f47ac749d7e82837d4d1ac3'
- '2b3d98d027e46d8c08037366dde6f0781ca03c610ef2b380984639e4ef39899ed8d8b8e4cd9c9dc54df101279b95879bd66bfd4d04ad07fef41e847ea7ae32b5'
- '88da614e4d3f4409c4fd3bb3e44c7587ba051e3fed4e33d526069a67e8180212e1ea22da984656f50e290049f60ddca65383e5983c0f8884f648d71f698303ad'
- 'c2bc9ffc8583aeae71cee9ddcc4418969768d4e3764d47307da54f93981c0109fb07d84b061b3a3628bd00ba4d14a54742bc04848110eb3ae8ca25dbfbaabadb'
- '4928b5b82f57645be9408362706ff2c4d9baa635b21b0d41b1c82930e8c60a759b1ea4fa74d7e6c7cae1b7692d006aa5cb72df0c3b88bf049779aa2b566f9d35'
- '2e0b0fd23e6f10742a5517981e5171c6e88b0a93c83da701b296f5c0861d72c19782daab589a7eac3f9032152a0fc7eff7f5362db8fccc4859564a9aa82329cf'
- '78bfb62166ffcf136e12985809b3f412e0145a7f17388a559071f644970ccdfd2a02fe9aa4a180069b923c2e4354b061a4057096de856497f10d9cac57eae4b3'
- '8667a97e10f09c5ce5ba604e38a073b7d7944f4d24c5c78a7235443b65a8cc7b6e7de90e40aa335bb17fda0858d6b517ba1e8b5a0bd6bba4ad75ad44b73f6c9c'
- '7118bf02ff5338e70b3f27f8ea390cd05ea37a4ceabb4adc9d32fc57329e35e98330f0e865261dd4e670436e1a725832598888d44b1e2b17b351f59318860878'
- '440b3967bf0f0cecde42111bc602f591edeadfdf7044f1f181029b0ded5fb8fa9d640bc4a4a57daadd350594f86065120ea5e4d833004590a8bfe0ee88b4c316'
- 'b89f524015c1299c7b19573ae0637f9d33613f3fdbb3d978a07d294ee18a657bd124852f1cbb85e6d1382aca42ed799e8ee245a161340bb4b759eeccce28df7d'
- 'c30a4cbdc942ae36364830ab604ecb46a68466bfbaaef2740aa805acf9e432a0dd7877593d6211437db4d2e7c2deb15f301d5a5571fd28936f01228f13256d3f'
- 'e8392dbc66bf83b887de963416b1fe9a4eeccb8faca78c6fc1dd4243544b871625d43423f03d19cf91d80295d43073904c9dbe37241e7432b69566b05b267391'
- '6afdf16e32bb837faf6333334f86855a746f1f46fee9673a4fddc62eecf41f9856bc34397807203c6f5071f0b1ce74532214084042154585c0d39514450db25c'
- '00e340f4d3635e3850ca24baea1da08467523c17815feb74161e18397b607fef904db2165fd9bf4632a6e8a6e37aeddad4e56965e1c99b5213c98b3f9afc6aad'
- '580e0645d7f157928f137f3d8b38d3e2834cb5fa091dbcd28217bbaed494415a35c8973487a1eec726c2f49c8b11d4dd28fdcbe75f14c91a4474cacd8dfb2e99'
- 'a0bbd9c14ee0f2b9dc9cf304b531aaefde545e56b4ce4847f12faab4952520ce857a92765ae3a1b25ebd2b7511bb24fc820864d7342ac43a311d8c6551958895'
- 'f00034f8b826b828659a0177f0a6454113c625e69a817dfe32e461767f6643e0288bfc2a22d23358504240df627af6e3b8f5ffa0077e241e590b33d3f252e74c'
- 'f21cc17009957797630c2e82630b5e93ceac8fdadc5eaa3abf0510ca81a49e5680a80ece63b248354122c5fd5d40c9a495fad15e307a694936fa062e984158c4'
- '9e95e05ac7cce383530ede0f8f75b4f8990c7d7d55ef59f3e37c64a75ccc012475595bc1123bc4c2072dd2c1c2f4b744f26d6adb799f7a068195aadde383af89'
- 'c996d48737ad31528b0b2b1379e3ebae948d290de9ddc71f33c7c56f0634466bc7afb2eab847e851c19e3c13bb99468a0778d908606486959a40ff3272189bd3'
- '53ba61587cc2e84044e935531ed161e22c36d9e90b43cab7b8e63bcc531deeefacca301b5dff39ce89210f06f1d1e4f4f5cf49d658ed5d9038c707e3c95c66ef'
- '04000a802e96c11929cb94c9a2bcafbb4307620192388441d979ea85836c3395954dea53d449c1cc25c3a0a30c49d318b8de59a053c6254f5a81e87864648a9c'
- 'ccaa2ff82e4203b11e5dec9aeccac2e165721d8067e0094603ecaa7a70b78c9eb9e2287a32687883d26b6ceae6f8d2ad7636ddf949eb658637b3ceaa6999711b')
prepare() {
cd $pkgname-$pkgver/
- ### Patching
- patch -Np1 -i ../xendomains.patch
- patch -Np1 -i ../TOM-register.patch
+ ### Patching
- # Uncomment line below if you have a bios which is reporting bad IVRS data
- #patch -Np1 -i ../bios_workaround.patch
- #patch -Np1 -i ../IVRS-debug.patch
+ # Security Patches
+ patch -Np1 -i $srcdir/xsa89.patch
+ patch -Np1 -i $srcdir/xsa92.patch
- # Uncomment line below if you want to enable ATI Passthrough support (some reported successes)
+ # GCC 4.9.0 compile workaround
+ patch -Np1 -i $srcdir/localgcc490fix.patch
+
+ # Issue resolution patches
+ patch -Np1 -i $srcdir/pvh_pit_init.patch
+
+ # Uncomment line below if you want to enable ATI Passthrough support (some reported successes, untested with 4.4)
#patch -Np1 -i ../ati-passthrough.patch
# Fix Install Paths
sed -i 's:/sbin:/bin:' config/StdGNU.mk
+ sed -i 's:/var/lock:/run/lock:' config/StdGNU.mk
+ sed -i 's:/var/run:/run:' config/StdGNU.mk
# Copy supporting tarballs into place
- cp ../lwip-1.3.0.tar.gz stubdom/
- cp ../zlib-1.2.3.tar.gz stubdom/
- cp ../newlib-1.16.0.tar.gz stubdom/
- cp ../pciutils-2.2.9.tar.bz2 stubdom/
- cp ../polarssl-1.1.4-gpl.tgz stubdom/
- cp ../grub-0.97.tar.gz stubdom/
- cp ../tpm_emulator-0.7.4.tar.gz stubdom/
- cp ../gmp-4.3.2.tar.bz2 stubdom/
+ cp $srcdir/lwip-1.3.0.tar.gz stubdom/
+ cp $srcdir/zlib-1.2.3.tar.gz stubdom/
+ cp $srcdir/newlib-1.16.0.tar.gz stubdom/
+ cp $srcdir/pciutils-2.2.9.tar.bz2 stubdom/
+ cp $srcdir/polarssl-1.1.4-gpl.tgz stubdom/
+ cp $srcdir/grub-0.97.tar.gz stubdom/
+ cp $srcdir/tpm_emulator-0.7.4.tar.gz stubdom/
+ cp $srcdir/gmp-4.3.2.tar.bz2 stubdom/
+ cp $srcdir/ipxe-git-9a93db3f0947484e30e753bbd61a10b17336e20e.tar.gz tools/firmware/etherboot/ipxe.tar.gz
}
@@ -157,6 +137,7 @@ package() {
make DESTDIR="$pkgdir" LANG=C PYTHON=python2 install-{xen,tools,stubdom}
+ # Install files
cd ../
for f in ${source[@]}; do
[[ $f =~ .mount || $f =~ .service ]] && install -Dm644 $f "$pkgdir"/usr/lib/systemd/system/$f
@@ -171,12 +152,17 @@ package() {
cd "$pkgdir"
# Fix paths in scripts, move to right locations and create missing directories
+ sed -i 's:/etc/sysconfig:/etc/conf.d:' etc/init.d/xendomains
sed -i 's:/var/lock:/run/lock:' etc/init.d/xendomains
- sed -i 's:/var/lock:/run/lock:' etc/init.d/xend
sed -i 's:/var/lock:/run/lock:' etc/xen/scripts/hotplugpath.sh
+ sed -i 's:/var/run:/run:' etc/init.d/xencommons
sed -i 's:/var/run:/run:' etc/xen/scripts/hotplugpath.sh
- mv etc/{init,rc}.d
- mv etc/rc.d/xendomains etc/xen/scripts/xendomains
+ sed -i 's:/var/run:/run:' etc/xen/scripts/locking.sh
+
+ mv etc/init.d/xencommons etc/xen/scripts/xencommons
+ mv etc/init.d/xendomains etc/xen/scripts/xendomains
+ mv etc/init.d/xen-watchdog etc/xen/scripts/xen-watchdog
+ mv etc/default/xencommons etc/conf.d/xencommons
mv etc/default/xendomains etc/conf.d/xendomains
mv var/xen/dump var/lib/xen/
mkdir var/log/xen/console
@@ -189,33 +175,40 @@ package() {
cd ../
fi
- # Compress and move syms file to a different directory
- gzip boot/$pkgname-syms-$pkgver
- mv boot/$pkgname-syms-$pkgver.gz usr/share/xen
+ # Compress syms file and move to a share location
+ if [[ $CARCH == x86_64 ]]; then
+ gzip boot/$pkgname-syms-*
+ mv boot/$pkgname-syms-*.gz usr/share/xen
+ fi
##### Kill unwanted stuff #####
# hypervisor symlinks
- rm -f boot/xen{,-4,-4.3}.gz
+ rm -f boot/xen{,-4,-4.4}.gz
# Documentation cleanup ( see xen-docs package )
rm -rf usr/share/doc
- rm -rf usr/share/xen/man
+ rm -rf usr/share/man
# Pointless helper cleanup
rm -f usr/bin/xen-python-path
- rm -rf usr/libexec
# Unnecessary qemu support files
rm -rf usr/bin/qemu-*-xen
+ rm -rf usr/etc
+ rm -rf usr/libexec
rm usr/share/qemu-xen/qemu/{palcode,openbios}-*
rm usr/share/xen/qemu/openbios-*
- # Clean up udev rules naming, remove depreciated xend.rules
+ # Clean up udev rules naming
mv etc/udev/rules.d/xen-backend.rules etc/udev/rules.d/40-xen-backend.rules
- rm etc/udev/rules.d/xend.rules
+
+ # Cleanup additional leftover files
+ rm -rf usr/include/cacard
+ rm -f usr/lib/libcacard*
+ rm -f usr/lib/pkgconfig/libcacard.pc
# Clean up left over empty directories
- rm -rf var/run var/lock var/xen
+ rm -rf var/run var/lock var/xen etc/default etc/init.d
# adhere to Static Library Packaging Guidelines
rm -rf usr/lib/*.a
diff --git a/kernels/xen/TOM-register.patch b/kernels/xen/TOM-register.patch
deleted file mode 100644
index 88bedbbc0..000000000
--- a/kernels/xen/TOM-register.patch
+++ /dev/null
@@ -1,187 +0,0 @@
---- xen-4.3.1/tools/qemu-xen/hw/pc.h
-+++ xen-4.3.1-new/tools/qemu-xen/hw/pc.h
-@@ -128,15 +128,14 @@ extern int no_hpet;
- struct PCII440FXState;
- typedef struct PCII440FXState PCII440FXState;
-
-+#define I440FX_TOM 0xe0000000
-+#define I440FX_XEN_TOM 0xf0000000
-+
- PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix_devfn,
- ISABus **isa_bus, qemu_irq *pic,
- MemoryRegion *address_space_mem,
- MemoryRegion *address_space_io,
- ram_addr_t ram_size,
-- hwaddr pci_hole_start,
-- hwaddr pci_hole_size,
-- hwaddr pci_hole64_start,
-- hwaddr pci_hole64_size,
- MemoryRegion *pci_memory,
- MemoryRegion *ram_memory);
-
---- xen-4.3.1/tools/qemu-xen/hw/pc_piix.c
-+++ xen-4.3.1-new/tools/qemu-xen/hw/pc_piix.c
-@@ -92,9 +92,9 @@ static void pc_init1(MemoryRegion *system_memory,
- kvmclock_create();
- }
-
-- if (ram_size >= 0xe0000000 ) {
-- above_4g_mem_size = ram_size - 0xe0000000;
-- below_4g_mem_size = 0xe0000000;
-+ if (ram_size >= I440FX_TOM) {
-+ above_4g_mem_size = ram_size - I440FX_TOM;
-+ below_4g_mem_size = I440FX_TOM;
- } else {
- above_4g_mem_size = 0;
- below_4g_mem_size = ram_size;
-@@ -129,12 +129,6 @@ static void pc_init1(MemoryRegion *system_memory,
- if (pci_enabled) {
- pci_bus = i440fx_init(&i440fx_state, &piix3_devfn, &isa_bus, gsi,
- system_memory, system_io, ram_size,
-- below_4g_mem_size,
-- 0x100000000ULL - below_4g_mem_size,
-- 0x100000000ULL + above_4g_mem_size,
-- (sizeof(hwaddr) == 4
-- ? 0
-- : ((uint64_t)1 << 62)),
- pci_memory, ram_memory);
- } else {
- pci_bus = NULL;
---- xen-4.3.1/tools/qemu-xen/hw/piix_pci.c
-+++ xen-4.3.1-new/tools/qemu-xen/hw/piix_pci.c
-@@ -86,6 +86,14 @@ struct PCII440FXState {
- #define I440FX_PAM_SIZE 7
- #define I440FX_SMRAM 0x72
-
-+/* The maximum vaule of TOM(top of memory) register in I440FX
-+ * is 1G, so it doesn't meet any popular virutal machines, so
-+ * define another register to report the base of PCI memory.
-+ * Use one byte 0xb0 for the upper 8 bit, they are originally
-+ * resevered for host bridge.
-+ * */
-+#define I440FX_PCI_HOLE_BASE 0xb0
-+
- static void piix3_set_irq(void *opaque, int pirq, int level);
- static PCIINTxRoute piix3_route_intx_pin_to_irq(void *opaque, int pci_intx);
- static void piix3_write_config_xen(PCIDevice *dev,
-@@ -101,6 +109,43 @@ static int pci_slot_get_pirq(PCIDevice *pci_dev, int pci_intx)
- return (pci_intx + slot_addend) & 3;
- }
-
-+
-+static void i440fx_update_pci_mem_hole(PCII440FXState *f, bool del)
-+{
-+ ram_addr_t above_4g_mem_size;
-+ hwaddr pci_hole_start, pci_hole_size, pci_hole64_start, pci_hole64_size;
-+
-+ pci_hole_start = pci_default_read_config(&f->dev, I440FX_PCI_HOLE_BASE, 1) << 24;
-+ pci_hole_size = 0x100000000ULL - pci_hole_start;
-+
-+ if (ram_size >= pci_hole_start) {
-+ above_4g_mem_size = ram_size - pci_hole_start;
-+ } else {
-+ above_4g_mem_size = 0;
-+ }
-+ pci_hole64_start = 0x100000000ULL + above_4g_mem_size;
-+ pci_hole64_size = sizeof(hwaddr) == 4 ? 0 : ((uint64_t)1 << 62);
-+
-+ if (del) {
-+ memory_region_del_subregion(f->system_memory, &f->pci_hole);
-+ if (pci_hole64_size) {
-+ memory_region_del_subregion(f->system_memory, &f->pci_hole_64bit);
-+ }
-+ }
-+
-+ memory_region_init_alias(&f->pci_hole, "pci-hole", f->pci_address_space,
-+ pci_hole_start, pci_hole_size);
-+ memory_region_add_subregion(f->system_memory, pci_hole_start, &f->pci_hole);
-+ memory_region_init_alias(&f->pci_hole_64bit, "pci-hole64",
-+ f->pci_address_space,
-+ pci_hole64_start, pci_hole64_size);
-+ if (pci_hole64_size) {
-+ memory_region_add_subregion(f->system_memory, pci_hole64_start,
-+ &f->pci_hole_64bit);
-+ }
-+}
-+
-+
- static void i440fx_update_memory_mappings(PCII440FXState *d)
- {
- int i;
-@@ -136,6 +181,9 @@ static void i440fx_write_config(PCIDevice *dev,
- range_covers_byte(address, len, I440FX_SMRAM)) {
- i440fx_update_memory_mappings(d);
- }
-+ if (range_covers_byte(address, len, I440FX_PCI_HOLE_BASE)) {
-+ i440fx_update_pci_mem_hole(d, true);
-+ }
- }
-
- static int i440fx_load_old(QEMUFile* f, void *opaque, int version_id)
-@@ -203,6 +251,10 @@ static int i440fx_initfn(PCIDevice *dev)
-
- d->dev.config[I440FX_SMRAM] = 0x02;
-
-+ /* Emulate top of memory, here use 0xe0000000 as default val*/
-+ uint32_t addr = xen_enabled() ? I440FX_XEN_TOM : I440FX_TOM;
-+ pci_set_byte(dev->config + I440FX_PCI_HOLE_BASE, (uint8_t)(addr >> 24));
-+
- cpu_smm_register(&i440fx_set_smm, d);
- return 0;
- }
-@@ -214,10 +266,6 @@ static PCIBus *i440fx_common_init(const char *device_name,
- MemoryRegion *address_space_mem,
- MemoryRegion *address_space_io,
- ram_addr_t ram_size,
-- hwaddr pci_hole_start,
-- hwaddr pci_hole_size,
-- hwaddr pci_hole64_start,
-- hwaddr pci_hole64_size,
- MemoryRegion *pci_address_space,
- MemoryRegion *ram_memory)
- {
-@@ -244,16 +292,6 @@ static PCIBus *i440fx_common_init(const char *device_name,
- f->system_memory = address_space_mem;
- f->pci_address_space = pci_address_space;
- f->ram_memory = ram_memory;
-- memory_region_init_alias(&f->pci_hole, "pci-hole", f->pci_address_space,
-- pci_hole_start, pci_hole_size);
-- memory_region_add_subregion(f->system_memory, pci_hole_start, &f->pci_hole);
-- memory_region_init_alias(&f->pci_hole_64bit, "pci-hole64",
-- f->pci_address_space,
-- pci_hole64_start, pci_hole64_size);
-- if (pci_hole64_size) {
-- memory_region_add_subregion(f->system_memory, pci_hole64_start,
-- &f->pci_hole_64bit);
-- }
- memory_region_init_alias(&f->smram_region, "smram-region",
- f->pci_address_space, 0xa0000, 0x20000);
- memory_region_add_subregion_overlap(f->system_memory, 0xa0000,
-@@ -295,6 +333,7 @@ static PCIBus *i440fx_common_init(const char *device_name,
- (*pi440fx_state)->dev.config[0x57]=ram_size;
-
- i440fx_update_memory_mappings(f);
-+ i440fx_update_pci_mem_hole(f, false);
-
- return b;
- }
-@@ -304,10 +343,6 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix3_devfn,
- MemoryRegion *address_space_mem,
- MemoryRegion *address_space_io,
- ram_addr_t ram_size,
-- hwaddr pci_hole_start,
-- hwaddr pci_hole_size,
-- hwaddr pci_hole64_start,
-- hwaddr pci_hole64_size,
- MemoryRegion *pci_memory, MemoryRegion *ram_memory)
-
- {
-@@ -315,8 +350,6 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix3_devfn,
-
- b = i440fx_common_init("i440FX", pi440fx_state, piix3_devfn, isa_bus, pic,
- address_space_mem, address_space_io, ram_size,
-- pci_hole_start, pci_hole_size,
-- pci_hole64_start, pci_hole64_size,
- pci_memory, ram_memory);
- return b;
- }
diff --git a/kernels/xen/bios_workaround.patch b/kernels/xen/bios_workaround.patch
deleted file mode 100644
index 12fc00184..000000000
--- a/kernels/xen/bios_workaround.patch
+++ /dev/null
@@ -1,51 +0,0 @@
---- xen-4.3.1.orig/xen/drivers/passthrough/amd/iommu_acpi.c 2013-07-09 05:46:56.000000000 -0500
-+++ xen-4.3.1/xen/drivers/passthrough/amd/iommu_acpi.c 2013-07-18 02:31:38.767195258 -0500
-@@ -668,26 +668,26 @@
- */
- for ( apic = 0; apic < nr_ioapics; apic++ )
- {
-- if ( IO_APIC_ID(apic) != special->handle )
-+ if ( ioapic_sbdf[IO_APIC_ID(apic)].bdf != ioapic_sbdf[special->handle].bdf )
- continue;
-
-- if ( special->handle >= ARRAY_SIZE(ioapic_sbdf) )
-+ if ( IO_APIC_ID(apic) >= ARRAY_SIZE(ioapic_sbdf) )
- {
- printk(XENLOG_ERR "IVHD Error: IO-APIC %#x entry beyond bounds\n",
-- special->handle);
-+ IO_APIC_ID(apic));
- return 0;
- }
-
-- if ( ioapic_sbdf[special->handle].pin_setup )
-+ if ( ioapic_sbdf[IO_APIC_ID(apic)].pin_setup )
- {
-- if ( ioapic_sbdf[special->handle].bdf == bdf &&
-- ioapic_sbdf[special->handle].seg == seg )
-+ if ( ioapic_sbdf[IO_APIC_ID(apic)].bdf == bdf &&
-+ ioapic_sbdf[IO_APIC_ID(apic)].seg == seg )
- AMD_IOMMU_DEBUG("IVHD Warning: Duplicate IO-APIC %#x entries\n",
-- special->handle);
-+ IO_APIC_ID(apic));
- else
- {
- printk(XENLOG_ERR "IVHD Error: Conflicting IO-APIC %#x entries\n",
-- special->handle);
-+ IO_APIC_ID(apic));
- if ( amd_iommu_perdev_intremap )
- return 0;
- }
-@@ -695,10 +695,10 @@
- else
- {
- /* set device id of ioapic */
-- ioapic_sbdf[special->handle].bdf = bdf;
-- ioapic_sbdf[special->handle].seg = seg;
-+ ioapic_sbdf[IO_APIC_ID(apic)].bdf = bdf;
-+ ioapic_sbdf[IO_APIC_ID(apic)].seg = seg;
-
-- ioapic_sbdf[special->handle].pin_setup = xzalloc_array(
-+ ioapic_sbdf[IO_APIC_ID(apic)].pin_setup = xzalloc_array(
- unsigned long, BITS_TO_LONGS(nr_ioapic_entries[apic]));
- if ( nr_ioapic_entries[apic] &&
- !ioapic_sbdf[IO_APIC_ID(apic)].pin_setup )
diff --git a/kernels/xen/grub.conf b/kernels/xen/grub.conf
index 9b13008d9..e456973db 100644
--- a/kernels/xen/grub.conf
+++ b/kernels/xen/grub.conf
@@ -1,2 +1,3 @@
#XEN_HYPERVISOR_CMDLINE="xsave=1"
#XEN_LINUX_CMDLINE="console=tty0"
+#XEN_LINUX_CMDLINE_OVERRIDE=0
diff --git a/kernels/xen/localgcc490fix.patch b/kernels/xen/localgcc490fix.patch
new file mode 100644
index 000000000..c24cdddfb
--- /dev/null
+++ b/kernels/xen/localgcc490fix.patch
@@ -0,0 +1,114 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns='http://www.w3.org/1999/xhtml' xml:lang='en' lang='en'>
+<head>
+<title>xen.git - xen</title>
+<meta name='generator' content='cgit v0.10.1'/>
+<meta name='robots' content='index, nofollow'/>
+<link rel='stylesheet' type='text/css' href='/cgit-data/cgit.css'/>
+<link rel='shortcut icon' href='/favicon.ico'/>
+<link rel='alternate' title='Atom feed' href='http://pkgs.fedoraproject.org/cgit/xen.git/atom/localgcc490fix.patch?h=master' type='application/atom+xml'/>
+</head>
+<body>
+<div id='cgit'><table id='header'>
+<tr>
+<td class='logo' rowspan='2'><a href='/cgit/'><img src='/cgit-data/cgit.png' alt='cgit logo'/></a></td>
+<td class='main'><a href='/cgit/'>index</a> : <a title='xen.git' href='/cgit/xen.git/'>xen.git</a></td><td class='form'><form method='get' action=''>
+<select name='h' onchange='this.form.submit();'>
+<option value='f10'>f10</option>
+<option value='f11'>f11</option>
+<option value='f12'>f12</option>
+<option value='f13'>f13</option>
+<option value='f14'>f14</option>
+<option value='f15'>f15</option>
+<option value='f16'>f16</option>
+<option value='f17'>f17</option>
+<option value='f18'>f18</option>
+<option value='f19'>f19</option>
+<option value='f20'>f20</option>
+<option value='f7'>f7</option>
+<option value='f8'>f8</option>
+<option value='f9'>f9</option>
+<option value='master' selected='selected'>master</option>
+<option value='private-20060208-sct-branch'>private-20060208-sct-branch</option>
+</select> <input type='submit' name='' value='switch'/></form></td></tr>
+<tr><td class='sub'>xen</td><td class='sub right'>Jesse Keating</td></tr></table>
+<table class='tabs'><tr><td>
+<a href='/cgit/xen.git/'>summary</a><a href='/cgit/xen.git/refs/'>refs</a><a href='/cgit/xen.git/log/localgcc490fix.patch'>log</a><a class='active' href='/cgit/xen.git/tree/localgcc490fix.patch'>tree</a><a href='/cgit/xen.git/commit/localgcc490fix.patch'>commit</a><a href='/cgit/xen.git/diff/localgcc490fix.patch'>diff</a><a href='/cgit/xen.git/stats/localgcc490fix.patch'>stats</a></td><td class='form'><form class='right' method='get' action='/cgit/xen.git/log/localgcc490fix.patch'>
+<select name='qt'>
+<option value='grep'>log msg</option>
+<option value='author'>author</option>
+<option value='committer'>committer</option>
+<option value='range'>range</option>
+</select>
+<input class='txt' type='text' size='10' name='q' value=''/>
+<input type='submit' value='search'/>
+</form>
+</td></tr></table>
+<div class='path'>path: <a href='/cgit/xen.git/tree/'>root</a>/<a href='/cgit/xen.git/tree/localgcc490fix.patch'>localgcc490fix.patch</a></div><div class='content'>blob: e34f4d723267328a82ea993aae117d6ce9ed8c6e (<a href='/cgit/xen.git/plain/localgcc490fix.patch'>plain</a>)
+<table summary='blob content' class='blob'>
+<tr><td class='linenumbers'><pre><a id='n1' href='#n1'>1</a>
+<a id='n2' href='#n2'>2</a>
+<a id='n3' href='#n3'>3</a>
+<a id='n4' href='#n4'>4</a>
+<a id='n5' href='#n5'>5</a>
+<a id='n6' href='#n6'>6</a>
+<a id='n7' href='#n7'>7</a>
+<a id='n8' href='#n8'>8</a>
+<a id='n9' href='#n9'>9</a>
+<a id='n10' href='#n10'>10</a>
+<a id='n11' href='#n11'>11</a>
+<a id='n12' href='#n12'>12</a>
+<a id='n13' href='#n13'>13</a>
+<a id='n14' href='#n14'>14</a>
+<a id='n15' href='#n15'>15</a>
+<a id='n16' href='#n16'>16</a>
+<a id='n17' href='#n17'>17</a>
+<a id='n18' href='#n18'>18</a>
+<a id='n19' href='#n19'>19</a>
+<a id='n20' href='#n20'>20</a>
+<a id='n21' href='#n21'>21</a>
+<a id='n22' href='#n22'>22</a>
+<a id='n23' href='#n23'>23</a>
+<a id='n24' href='#n24'>24</a>
+<a id='n25' href='#n25'>25</a>
+<a id='n26' href='#n26'>26</a>
+<a id='n27' href='#n27'>27</a>
+<a id='n28' href='#n28'>28</a>
+<a id='n29' href='#n29'>29</a>
+</pre></td>
+<td class='lines'><pre><code>--- xen-4.4.0/Config.mk.orig 2014-04-29 20:54:43.117010822 +0100
++++ xen-4.4.0/Config.mk 2014-04-29 20:58:23.100055325 +0100
+@@ -188,6 +188,8 @@
+ CFLAGS += -std=gnu99
+
+ CFLAGS += -Wall -Wstrict-prototypes
++# add temporary build flags to identify build issues using gcc 4.9.0
++CFLAGS += -Wno-error=maybe-uninitialized
+
+ # Clang complains about macros that expand to 'if ( ( foo == bar ) ) ...'
+ # and is over-zealous with the printf format lint
+--- xen-4.4.0/tools/blktap2/drivers/block-qcow.c.orig 2014-03-10 10:43:57.000000000 +0000
++++ xen-4.4.0/tools/blktap2/drivers/block-qcow.c 2014-04-30 21:10:26.270699187 +0100
+@@ -427,6 +427,7 @@
+
+ if (posix_memalign((void **)&amp;tmp_ptr, 4096, 4096) != 0) {
+ DPRINTF("ERROR allocating memory for L1 table\n");
++ return -1;
+ }
+ memcpy(tmp_ptr, l1_ptr, 4096);
+
+@@ -600,6 +601,7 @@
+
+ if (posix_memalign((void **)&amp;tmp_ptr2, 4096, 4096) != 0) {
+ DPRINTF("ERROR allocating memory for L1 table\n");
++ return -1;
+ }
+ memcpy(tmp_ptr2, l2_ptr, 4096);
+ lseek(s-&gt;fd, l2_offset + (l2_sector &lt;&lt; 12), SEEK_SET);
+</code></pre></td></tr></table>
+</div> <!-- class=content -->
+<div class='footer'>generated by cgit v0.10.1 at 2014-05-04 21:13:33 (GMT)</div>
+</div> <!-- id=cgit -->
+</body>
+</html>
diff --git a/kernels/xen/pvh_pit_init.patch b/kernels/xen/pvh_pit_init.patch
new file mode 100644
index 000000000..4f14e5ddf
--- /dev/null
+++ b/kernels/xen/pvh_pit_init.patch
@@ -0,0 +1,107 @@
+From 3a148e0a7ee0ae56a498be5ba973314ec50cd999 Mon Sep 17 00:00:00 2001
+From: Mukesh Rathor <mukesh.rathor@oracle.com>
+Date: Fri, 4 Apr 2014 10:36:29 +0200
+Subject: [PATCH] x86: call pit_init for pvh also
+
+During halt of a pvh guest, the guest may do speaker shutdown. This
+results in call to handle_speaker_io in xen. It will hang on the vpit
+spin lock because it has not been initialized.
+Since, pit_init is also called for both pv and hvm, the call is
+moved to a more generic place.
+
+Signed-off-by: Mukesh Rathor <mukesh.rathor@oracle.com>
+Reviewed-by: Jan Beulich <jbeulich@suse.com>
+master commit: c30c544b199f70eada597c7352cdcb44648f6dcd
+master date: 2014-03-11 13:56:50 +0100
+---
+ xen/arch/x86/domain.c | 9 +++++----
+ xen/arch/x86/hvm/hvm.c | 2 --
+ xen/arch/x86/hvm/i8254.c | 3 +--
+ xen/include/asm-x86/hvm/vpt.h | 2 +-
+ 4 files changed, 7 insertions(+), 9 deletions(-)
+
+diff --git a/xen/arch/x86/domain.c b/xen/arch/x86/domain.c
+index 6618ae6..bc073e5 100644
+--- a/xen/arch/x86/domain.c
++++ b/xen/arch/x86/domain.c
+@@ -422,10 +422,6 @@ int vcpu_initialise(struct vcpu *v)
+
+ /* PV guests by default have a 100Hz ticker. */
+ v->periodic_period = MILLISECS(10);
+-
+- /* PV guests get an emulated PIT too for video BIOSes to use. */
+- if ( v->vcpu_id == 0 )
+- pit_init(v, cpu_khz);
+ }
+
+ v->arch.schedule_tail = continue_nonidle_domain;
+@@ -579,6 +575,9 @@ int arch_domain_create(struct domain *d, unsigned int domcr_flags)
+ tsc_set_info(d, TSC_MODE_DEFAULT, 0UL, 0, 0);
+ spin_lock_init(&d->arch.vtsc_lock);
+
++ /* PV/PVH guests get an emulated PIT too for video BIOSes to use. */
++ pit_init(d, cpu_khz);
++
+ return 0;
+
+ fail:
+@@ -1980,6 +1979,8 @@ int domain_relinquish_resources(struct domain *d)
+ BUG();
+ }
+
++ pit_deinit(d);
++
+ if ( has_hvm_container_domain(d) )
+ hvm_domain_relinquish_resources(d);
+
+diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
+index 6150899..a666471 100644
+--- a/xen/arch/x86/hvm/hvm.c
++++ b/xen/arch/x86/hvm/hvm.c
+@@ -643,7 +643,6 @@ void hvm_domain_relinquish_resources(struct domain *d)
+ rtc_deinit(d);
+ if ( d->vcpu != NULL && d->vcpu[0] != NULL )
+ {
+- pit_deinit(d);
+ pmtimer_deinit(d);
+ hpet_deinit(d);
+ }
+@@ -1217,7 +1216,6 @@ int hvm_vcpu_initialise(struct vcpu *v)
+ if ( v->vcpu_id == 0 )
+ {
+ /* NB. All these really belong in hvm_domain_initialise(). */
+- pit_init(v, cpu_khz);
+ pmtimer_init(v);
+ hpet_init(v);
+
+diff --git a/xen/arch/x86/hvm/i8254.c b/xen/arch/x86/hvm/i8254.c
+index c0d6bc2..f7493b8 100644
+--- a/xen/arch/x86/hvm/i8254.c
++++ b/xen/arch/x86/hvm/i8254.c
+@@ -447,9 +447,8 @@ void pit_reset(struct domain *d)
+ spin_unlock(&pit->lock);
+ }
+
+-void pit_init(struct vcpu *v, unsigned long cpu_khz)
++void pit_init(struct domain *d, unsigned long cpu_khz)
+ {
+- struct domain *d = v->domain;
+ PITState *pit = domain_vpit(d);
+
+ spin_lock_init(&pit->lock);
+diff --git a/xen/include/asm-x86/hvm/vpt.h b/xen/include/asm-x86/hvm/vpt.h
+index 87c3a66..9f3ec8d 100644
+--- a/xen/include/asm-x86/hvm/vpt.h
++++ b/xen/include/asm-x86/hvm/vpt.h
+@@ -175,7 +175,7 @@ void destroy_periodic_time(struct periodic_time *pt);
+ int pv_pit_handler(int port, int data, int write);
+ void pit_reset(struct domain *d);
+
+-void pit_init(struct vcpu *v, unsigned long cpu_khz);
++void pit_init(struct domain *d, unsigned long cpu_khz);
+ void pit_stop_channel0_irq(PITState * pit);
+ void pit_deinit(struct domain *d);
+ void rtc_init(struct domain *d);
+--
+1.7.2.5
+
diff --git a/kernels/xen/xen.install b/kernels/xen/xen.install
index f1a34d522..aabe063c3 100644
--- a/kernels/xen/xen.install
+++ b/kernels/xen/xen.install
@@ -1,6 +1,6 @@
install_msg() {
cat << __EOF__
-===> IMPORTANT NOTICE:
+===> IMPORTANT NOTICES:
In order to complete the installation, and enable Xen,
at the very least you must:
@@ -11,6 +11,7 @@ at the very least you must:
systemctl enable xenconsoled.service
3. If you want some domains to automatically start up/shutdown, run the following:
systemctl enable xendomains.service
+4. xen 4.4 no longer includes the xend daemon or the xm binary
For more information refer to the Wiki:
https://wiki.parabolagnulinux.org/index.php/Xen
@@ -28,8 +29,15 @@ Note: If you are upgrading from one of the previous 4.2 xen builds, and are havi
line into your domain config file:
device_model_version = "qemu-xen-traditional"
- Also remember to rebuild your grub configuration if upgrading from a non-xen 4.3.1
+ Also remember to rebuild your grub configuration if upgrading from a non-xen 4.4.0
install.
+
+ xen 4.4 no longer includes the xend daemon or the xm toolset
+
+ This install is now using a new version of the 09_xen file, used when generating
+ a new grub.cfg file. The new version inherits the default linux-libre kernel command
+ line settings; to use the old method, uncomment the 'XEN_LINUX_CMDLINE_OVERRIDE'
+ option in /etc/xen/grub.conf and change the '0' to '1'
__EOF__
}
@@ -58,7 +66,7 @@ post_remove() {
===> IMPORTANT NOTICE:
In order to finish removing Xen, you will need to modify
-your bootloader configuration files to load your Linux
+your bootloader configuration files to load your Linux-libre
kernel instead of Xen kernel.
__EOF__
}
diff --git a/kernels/xen/xendomains.patch b/kernels/xen/xendomains.patch
deleted file mode 100644
index 16f62b65a..000000000
--- a/kernels/xen/xendomains.patch
+++ /dev/null
@@ -1,108 +0,0 @@
---- xen-4.3.1.orig/tools/hotplug/Linux/init.d/xendomains 2013-07-19 14:52:52.159013757 -0500
-+++ xen-4.3.1/tools/hotplug/Linux/init.d/xendomains 2013-07-19 14:56:00.079145322 -0500
-@@ -51,17 +51,13 @@
- fi
-
- # See docs/misc/distro_mapping.txt
--if [ -d /var/lock/subsys ]; then
-- LOCKFILE=/var/lock/subsys/xendomains
-+if [ -d /run/lock/subsys ]; then
-+ LOCKFILE=/run/lock/subsys/xendomains
- else
-- LOCKFILE=/var/lock/xendomains
-+ LOCKFILE=/run/lock/xendomains
- fi
-
--if [ -d /etc/sysconfig ]; then
-- XENDOM_CONFIG=/etc/sysconfig/xendomains
--else
-- XENDOM_CONFIG=/etc/default/xendomains
--fi
-+XENDOM_CONFIG=/etc/conf.d/xendomains
-
- test -r $XENDOM_CONFIG || { echo "$XENDOM_CONFIG not existing";
- if [ "$1" = "stop" ]; then exit 0;
-@@ -185,8 +181,13 @@
- # read name from xen config file
- rdname()
- {
-- NM=$($CMD create --quiet --dryrun --defconfig "$1" |
-- sed -n 's/^.*(name \(.*\))$/\1/p')
-+ if [ "$CMD" == "xm" ]; then
-+ NM=$($CMD create --quiet --dryrun --defconfig "$1" |
-+ sed -n 's/^.*(name \(.*\))$/\1/p')
-+ else
-+ NM=$($CMD create --quiet --dryrun --defconfig "$1" |
-+ perl -pe 's|^.*"name":"(.*?)".*$|$1|')
-+ fi
- }
-
- rdnames()
-@@ -229,15 +230,15 @@
- rdname $1
- RC=1
- name=;id=
-- while read LN; do
-- parseln "$LN" || continue
-+ while read id; do
- if test $id = 0; then continue; fi
-+ name=`xenstore-read /local/domain/$id/name`
- case $name in
- ($NM)
- RC=0
- ;;
- esac
-- done < <($CMD list -l | grep "$LIST_GREP")
-+ done < <(xenstore-list /local/domain)
- return $RC
- }
-
-@@ -312,6 +313,8 @@
-
- all_zombies()
- {
-+ return 0
-+
- name=;id=
- while read LN; do
- parseln "$LN" || continue
-@@ -363,9 +366,9 @@
- fi
- echo -n "Shutting down Xen domains:"
- name=;id=
-- while read LN; do
-- parseln "$LN" || continue
-+ while read id; do
- if test $id = 0; then continue; fi
-+ name=`xenstore-read /local/domain/$id/name`
- echo -n " $name"
- if test "$XENDOMAINS_AUTO_ONLY" = "true"; then
- eval "
-@@ -450,7 +453,7 @@
- fi
- kill $WDOG_PID >/dev/null 2>&1
- fi
-- done < <($CMD list -l | grep "$LIST_GREP")
-+ done < <(xenstore-list /local/domain)
-
- # NB. this shuts down ALL Xen domains (politely), not just the ones in
- # AUTODIR/*
-@@ -479,15 +482,15 @@
- check_domain_up()
- {
- name=;id=
-- while read LN; do
-- parseln "$LN" || continue
-+ while read id; do
- if test $id = 0; then continue; fi
-+ name=`xenstore-read /local/domain/$id/name`
- case $name in
- ($1)
- return 0
- ;;
- esac
-- done < <($CMD list -l | grep "$LIST_GREP")
-+ done < <(xenstore-list /local/domain)
- return 1
- }
-
diff --git a/kernels/xen/xenstored.service b/kernels/xen/xenstored.service
index 46e0b3226..b090ce860 100644
--- a/kernels/xen/xenstored.service
+++ b/kernels/xen/xenstored.service
@@ -15,6 +15,7 @@ PIDFile=/run/xenstored.pid
ExecStartPre=/usr/bin/grep -q control_d /proc/xen/capabilities
ExecStart=/usr/bin/xenstored --pid-file /run/xenstored.pid $XENSTORED_ARGS
ExecStartPost=/usr/bin/xenstore-write "/local/domain/0/name" "$XENDOM0_NAME"
+ExecStartPost=/usr/bin/xenstore-write "/local/domain/0/domid" 0
[Install]
WantedBy=multi-user.target
diff --git a/kernels/xen/xsa89.patch b/kernels/xen/xsa89.patch
new file mode 100644
index 000000000..3443e3360
--- /dev/null
+++ b/kernels/xen/xsa89.patch
@@ -0,0 +1,96 @@
+x86: enforce preemption in HVM_set_mem_access / p2m_set_mem_access()
+
+Processing up to 4G PFNs may take almost arbitrarily long, so
+preemption is needed here.
+
+This is XSA-89.
+
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-by: Tim Deegan <tim@xen.org>
+
+--- a/xen/arch/x86/hvm/hvm.c
++++ b/xen/arch/x86/hvm/hvm.c
+@@ -4593,6 +4593,15 @@ long do_hvm_op(unsigned long op, XEN_GUE
+ goto param_fail5;
+
+ rc = p2m_set_mem_access(d, a.first_pfn, a.nr, a.hvmmem_access);
++ if ( rc > 0 )
++ {
++ a.first_pfn += a.nr - rc;
++ a.nr = rc;
++ if ( __copy_to_guest(arg, &a, 1) )
++ rc = -EFAULT;
++ else
++ rc = -EAGAIN;
++ }
+
+ param_fail5:
+ rcu_unlock_domain(d);
+--- a/xen/arch/x86/mm/p2m.c
++++ b/xen/arch/x86/mm/p2m.c
+@@ -1333,15 +1333,14 @@ void p2m_mem_access_resume(struct domain
+
+ /* Set access type for a region of pfns.
+ * If start_pfn == -1ul, sets the default access type */
+-int p2m_set_mem_access(struct domain *d, unsigned long start_pfn,
+- uint32_t nr, hvmmem_access_t access)
++long p2m_set_mem_access(struct domain *d, unsigned long pfn, uint32_t nr,
++ hvmmem_access_t access)
+ {
+ struct p2m_domain *p2m = p2m_get_hostp2m(d);
+- unsigned long pfn;
+ p2m_access_t a, _a;
+ p2m_type_t t;
+ mfn_t mfn;
+- int rc = 0;
++ long rc;
+
+ /* N.B. _not_ static: initializer depends on p2m->default_access */
+ p2m_access_t memaccess[] = {
+@@ -1364,14 +1363,17 @@ int p2m_set_mem_access(struct domain *d,
+ a = memaccess[access];
+
+ /* If request to set default access */
+- if ( start_pfn == ~0ull )
++ if ( pfn == ~0ul )
+ {
+ p2m->default_access = a;
+ return 0;
+ }
+
++ if ( !nr )
++ return 0;
++
+ p2m_lock(p2m);
+- for ( pfn = start_pfn; pfn < start_pfn + nr; pfn++ )
++ for ( ; ; ++pfn )
+ {
+ mfn = p2m->get_entry(p2m, pfn, &t, &_a, 0, NULL);
+ if ( p2m->set_entry(p2m, pfn, mfn, PAGE_ORDER_4K, t, a) == 0 )
+@@ -1379,6 +1381,13 @@ int p2m_set_mem_access(struct domain *d,
+ rc = -ENOMEM;
+ break;
+ }
++
++ /* Check for continuation if it's not the last interation. */
++ if ( !--nr || hypercall_preempt_check() )
++ {
++ rc = nr;
++ break;
++ }
+ }
+ p2m_unlock(p2m);
+ return rc;
+--- a/xen/include/asm-x86/p2m.h
++++ b/xen/include/asm-x86/p2m.h
+@@ -576,8 +576,8 @@ void p2m_mem_access_resume(struct domain
+
+ /* Set access type for a region of pfns.
+ * If start_pfn == -1ul, sets the default access type */
+-int p2m_set_mem_access(struct domain *d, unsigned long start_pfn,
+- uint32_t nr, hvmmem_access_t access);
++long p2m_set_mem_access(struct domain *d, unsigned long start_pfn,
++ uint32_t nr, hvmmem_access_t access);
+
+ /* Get access type for a pfn
+ * If pfn == -1ul, gets the default access type */
diff --git a/kernels/xen/xsa92.patch b/kernels/xen/xsa92.patch
new file mode 100644
index 000000000..60ef934aa
--- /dev/null
+++ b/kernels/xen/xsa92.patch
@@ -0,0 +1,36 @@
+x86/HVM: restrict HVMOP_set_mem_type
+
+Permitting arbitrary type changes here has the potential of creating
+present P2M (and hence EPT/NPT/IOMMU) entries pointing to an invalid
+MFN (INVALID_MFN truncated to the respective hardware structure field's
+width). This would become a problem the latest when something real sat
+at the end of the physical address space; I'm suspecting though that
+other things might break with such bogus entries.
+
+Along with that drop a bogus (and otherwise becoming stale) log
+message.
+
+Afaict the similar operation in p2m_set_mem_access() is safe.
+
+This is XSA-92.
+
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-by: Tim Deegan <tim@xen.org>
+
+--- a/xen/arch/x86/hvm/hvm.c
++++ b/xen/arch/x86/hvm/hvm.c
+@@ -4541,12 +4541,10 @@ long do_hvm_op(unsigned long op, XEN_GUE
+ rc = -EINVAL;
+ goto param_fail4;
+ }
+- if ( p2m_is_grant(t) )
++ if ( !p2m_is_ram(t) &&
++ (!p2m_is_hole(t) || a.hvmmem_type != HVMMEM_mmio_dm) )
+ {
+ put_gfn(d, pfn);
+- gdprintk(XENLOG_WARNING,
+- "type for pfn %#lx changed to grant while "
+- "we were working?\n", pfn);
+ goto param_fail4;
+ }
+ else