Index: emulators/xen-kernel/Makefile =================================================================== --- emulators/xen-kernel/Makefile +++ emulators/xen-kernel/Makefile @@ -2,10 +2,12 @@ PORTNAME= xen PKGNAMESUFFIX= -kernel -PORTVERSION= 4.5.2 -PORTREVISION= 2 +PORTVERSION= 4.7.0 +PORTREVISION= 0 +RCVERSION= 4 +DISTNAME= ${PORTNAME}-${DISTVERSION}-rc${RCVERSION} CATEGORIES= emulators -MASTER_SITES= http://bits.xensource.com/oss-xen/release/${PORTVERSION}/ +MASTER_SITES= http://bits.xensource.com/oss-xen/release/${DISTVERSION}-rc${RCVERSION}/ MAINTAINER= royger@FreeBSD.org COMMENT= Hypervisor using a microkernel design @@ -15,31 +17,32 @@ ONLY_FOR_ARCHS= amd64 USES= cpe gmake python:build -MAKE_ARGS= HOSTCC="${CC}" CC="${CC}" PYTHON=${PYTHON_CMD} \ - NM="${NM}" LD="${LD}" -USE_GCC= yes + +# We need to use ld from ports because the version in base doesn't +# support the '--build-id' switch that's needed for live hypervisor +# hot-patching. Once the ld version in base supports this option the +# dependency can be removed. +# +# GNU objcopy is used instead of elftc objcopy because of bug #533: +# https://sourceforge.net/p/elftoolchain/tickets/533/ +# Once this is solved we should be able to switch to elfcopy. +# +# And finally we also need to use nm from binutils because the one +# from base cannot deal with i386pep binary files which is the format +# of the Xen EFI image (note that FreeBSD cannot yet boot as Dom0 from EFI, +# but the image is built anyway). This is reported to elftc as bug #534: +# https://sourceforge.net/p/elftoolchain/tickets/534/ +MAKE_ARGS= clang=y PYTHON=${PYTHON_CMD} LD="${LD}" OBJCOPY="${OBJCOPY}" \ + NM="${NM}" +USE_BINUTILS= yes NO_MTREE= yes +STRIP= # PLIST_FILES= /boot/xen \ /boot/xen.4th -ALL_TARGET= build -STRIP= # -WRKSRC_SUBDIR= xen -EXTRA_PATCHES= ${FILESDIR}/0001-introduce-a-helper-to-allocate-non-contiguous-memory.patch:-p2 \ - ${FILESDIR}/0002-vmap-avoid-hitting-an-ASSERT-with-vfree-NULL.patch:-p2 \ - ${FILESDIR}/0003-x86-shadow-fix-shadow_track_dirty_vram-to-work-on-hv.patch:-p2 \ - ${FILESDIR}/0004-x86-hap-make-hap_track_dirty_vram-use-non-contiguous.patch:-p2 \ - ${FILESDIR}/0005-x86-rework-paging_log_dirty_op-to-work-with-hvm-gues.patch:-p2 \ - ${FILESDIR}/0006-xen-pvh-enable-mmu_update-hypercall.patch:-p2 \ - ${FILESDIR}/0007-iommu-fix-usage-of-shared-EPT-IOMMU-page-tables-on-P.patch:-p2 \ - ${FILESDIR}/0001-x86-pvh-use-a-custom-IO-bitmap-for-PVH-hardware-doma.patch:-p2 \ - ${FILESDIR}/0002-x86-pvh-trap-access-to-sensitive-IO-ports.patch:-p2 \ - ${FILESDIR}/xsa156-4.5.patch:-p2 \ - ${FILESDIR}/xsa159.patch:-p2 \ - ${FILESDIR}/xsa165-4.5.patch:-p2 \ - ${FILESDIR}/xsa166-4.5.patch:-p2 \ - ${FILESDIR}/xsa167-4.6.patch:-p2 \ - ${FILESDIR}/xsa168.patch:-p2 \ - ${FILESDIR}/xsa170-4.5.patch:-p2 +EXTRA_PATCHES= ${FILESDIR}/0001-xen-logdirty-prevent-preemption-if-finished.patch:-p1 \ + ${FILESDIR}/0002-xen-rework-paging_log_dirty_op-to-work-with-hvm-gues.patch:-p1 \ + ${FILESDIR}/0001-build-fix-assembler-instruction-tests-again.patch:-p1 \ + ${FILESDIR}/kconf_arch.patch:-p1 .include @@ -52,13 +55,20 @@ IGNORE= Only supported on recent FreeBSD 11 .endif +pre-build: + ${MAKE_CMD} -C ${WRKSRC}/xen defconfig ${MAKE_ARGS} + # Enable hypervisor hot-patching. + echo 'CONFIG_XSPLICE=y' >> ${WRKSRC}/xen/.config + echo 'CONFIG_FAST_SYMBOL_LOOKUP=y' >> ${WRKSRC}/xen/.config + +# The ports native 'build' target cannot be used because it sets +# CFLAGS, and that breaks the Xen build system. +do-build: + ${MAKE_CMD} -j${MAKE_JOBS_NUMBER} -C ${WRKSRC}/xen build ${MAKE_ARGS} + do-install: ${MKDIR} ${STAGEDIR}/boot - ${INSTALL_PROGRAM} ${WRKSRC}/xen ${STAGEDIR}/boot + ${INSTALL_PROGRAM} ${WRKSRC}/xen/xen ${STAGEDIR}/boot ${INSTALL_DATA} ${FILESDIR}/xen.4th ${STAGEDIR}/boot .include - -#Filter out LDFLAGS -.undef LDFLAGS -RUN_DEPENDS:= ${RUN_DEPENDS:N*gcc*} Index: emulators/xen-kernel/distinfo =================================================================== --- emulators/xen-kernel/distinfo +++ emulators/xen-kernel/distinfo @@ -1,2 +1,3 @@ -SHA256 (xen-4.5.2.tar.gz) = 4c9e5dac4eea484974e9f76da2756c8e0973b4e884d28d37e955df9ebf00e7e8 -SIZE (xen-4.5.2.tar.gz) = 18416220 +TIMESTAMP = 1464704290 +SHA256 (xen-4.7.0-rc4.tar.gz) = ad752bc80da2ab31287e5249adbeea2536b8141eefd7e8a45a3df42db727c630 +SIZE (xen-4.7.0-rc4.tar.gz) = 20696897 Index: emulators/xen-kernel/files/0001-build-fix-assembler-instruction-tests-again.patch =================================================================== --- /dev/null +++ emulators/xen-kernel/files/0001-build-fix-assembler-instruction-tests-again.patch @@ -0,0 +1,37 @@ +From 1dda826420fff634983e94f97fb8411486acda0d Mon Sep 17 00:00:00 2001 +From: Jan Beulich +Date: Tue, 31 May 2016 18:14:22 +0200 +Subject: [PATCH] build: fix assembler instruction tests again +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Commit 7fb252bd41 ("build/xen: fix assembler instruction tests") added +$(AFLAGS) here, which results in all of those tests now failing. +Certain items need to be removed for things to work again. + +Signed-off-by: Jan Beulich +Acked-by: Wei Liu +Acked-by: Roger Pau Monné +Release-acked-by: Wei Liu +--- + Config.mk | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/Config.mk b/Config.mk +index 5ddfbf8..bc5c456 100644 +--- a/Config.mk ++++ b/Config.mk +@@ -150,7 +150,8 @@ endif + # as-insn: Check whether assembler supports an instruction. + # Usage: cflags-y += $(call as-insn "insn",option-yes,option-no) + as-insn = $(if $(shell echo 'void _(void) { asm volatile ( $(2) ); }' \ +- | $(1) $(AFLAGS) -c -x c -o /dev/null - 2>&1),$(4),$(3)) ++ | $(1) $(filter-out -M% %.d -include %/include/xen/config.h,$(AFLAGS)) \ ++ -c -x c -o /dev/null - 2>&1),$(4),$(3)) + + # as-insn-check: Add an option to compilation flags, but only if insn is + # supported by assembler. +-- +2.7.4 (Apple Git-66) + Index: emulators/xen-kernel/files/0001-introduce-a-helper-to-allocate-non-contiguous-memory.patch =================================================================== --- emulators/xen-kernel/files/0001-introduce-a-helper-to-allocate-non-contiguous-memory.patch +++ /dev/null @@ -1,141 +0,0 @@ -From 411801087603a1a070de7abbfa4373afe91ca3f5 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= -Date: Fri, 9 Oct 2015 12:57:31 +0200 -Subject: [PATCH 1/8] introduce a helper to allocate non-contiguous memory -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The allocator uses independent calls to alloc_domheap_pages in order to get -the desired amount of memory and then maps all the independent physical -addresses into a contiguous virtual address space. - -Signed-off-by: Roger Pau Monné -Tested-by: Julien Grall (ARM) -Reviewed-by: Tim Deegan ---- - xen/common/vmap.c | 67 ++++++++++++++++++++++++++++++++++++++++++++++ - xen/include/asm-arm/mm.h | 2 ++ - xen/include/asm-x86/page.h | 2 ++ - xen/include/xen/vmap.h | 3 +++ - 4 files changed, 74 insertions(+) - -diff --git a/xen/common/vmap.c b/xen/common/vmap.c -index 783cea3..b6827b5 100644 ---- a/xen/common/vmap.c -+++ b/xen/common/vmap.c -@@ -215,4 +215,71 @@ void vunmap(const void *va) - #endif - vm_free(va); - } -+ -+void *vmalloc(size_t size) -+{ -+ unsigned long *mfn; -+ size_t pages, i; -+ struct page_info *pg; -+ void *va; -+ -+ ASSERT(size); -+ -+ pages = PFN_UP(size); -+ mfn = xmalloc_array(unsigned long, pages); -+ if ( mfn == NULL ) -+ return NULL; -+ -+ for ( i = 0; i < pages; i++ ) -+ { -+ pg = alloc_domheap_page(NULL, 0); -+ if ( pg == NULL ) -+ goto error; -+ mfn[i] = page_to_mfn(pg); -+ } -+ -+ va = vmap(mfn, pages); -+ if ( va == NULL ) -+ goto error; -+ -+ xfree(mfn); -+ return va; -+ -+ error: -+ while ( i-- ) -+ free_domheap_page(mfn_to_page(mfn[i])); -+ xfree(mfn); -+ return NULL; -+} -+ -+void *vzalloc(size_t size) -+{ -+ void *p = vmalloc(size); -+ int i; -+ -+ if ( p == NULL ) -+ return NULL; -+ -+ for ( i = 0; i < size; i += PAGE_SIZE ) -+ clear_page(p + i); -+ -+ return p; -+} -+ -+void vfree(void *va) -+{ -+ unsigned int i, pages = vm_size(va); -+ struct page_info *pg; -+ PAGE_LIST_HEAD(pg_list); -+ -+ ASSERT(pages); -+ -+ for ( i = 0; i < pages; i++ ) -+ page_list_add(vmap_to_page(va + i * PAGE_SIZE), &pg_list); -+ -+ vunmap(va); -+ -+ while ( (pg = page_list_remove_head(&pg_list)) != NULL ) -+ free_domheap_page(pg); -+} - #endif -diff --git a/xen/include/asm-arm/mm.h b/xen/include/asm-arm/mm.h -index d25e485..c0afcec 100644 ---- a/xen/include/asm-arm/mm.h -+++ b/xen/include/asm-arm/mm.h -@@ -208,6 +208,8 @@ static inline void __iomem *ioremap_wc(paddr_t start, size_t len) - #define pfn_to_paddr(pfn) ((paddr_t)(pfn) << PAGE_SHIFT) - #define paddr_to_pfn(pa) ((unsigned long)((pa) >> PAGE_SHIFT)) - #define paddr_to_pdx(pa) pfn_to_pdx(paddr_to_pfn(pa)) -+#define vmap_to_mfn(va) paddr_to_pfn(virt_to_maddr((vaddr_t)va)) -+#define vmap_to_page(va) mfn_to_page(vmap_to_mfn(va)) - - /* Page-align address and convert to frame number format */ - #define paddr_to_pfn_aligned(paddr) paddr_to_pfn(PAGE_ALIGN(paddr)) -diff --git a/xen/include/asm-x86/page.h b/xen/include/asm-x86/page.h -index ccf0752..27c2ae7 100644 ---- a/xen/include/asm-x86/page.h -+++ b/xen/include/asm-x86/page.h -@@ -262,6 +262,8 @@ void copy_page_sse2(void *, const void *); - #define pfn_to_paddr(pfn) __pfn_to_paddr(pfn) - #define paddr_to_pfn(pa) __paddr_to_pfn(pa) - #define paddr_to_pdx(pa) pfn_to_pdx(paddr_to_pfn(pa)) -+#define vmap_to_mfn(va) l1e_get_pfn(*virt_to_xen_l1e((unsigned long)(va))) -+#define vmap_to_page(va) mfn_to_page(vmap_to_mfn(va)) - - #endif /* !defined(__ASSEMBLY__) */ - -diff --git a/xen/include/xen/vmap.h b/xen/include/xen/vmap.h -index b1923dd..a13591d 100644 ---- a/xen/include/xen/vmap.h -+++ b/xen/include/xen/vmap.h -@@ -11,6 +11,9 @@ void *__vmap(const unsigned long *mfn, unsigned int granularity, - unsigned int nr, unsigned int align, unsigned int flags); - void *vmap(const unsigned long *mfn, unsigned int nr); - void vunmap(const void *); -+void *vmalloc(size_t size); -+void *vzalloc(size_t size); -+void vfree(void *va); - - void __iomem *ioremap(paddr_t, size_t); - --- -1.9.5 (Apple Git-50.3) - Index: emulators/xen-kernel/files/0001-x86-pvh-use-a-custom-IO-bitmap-for-PVH-hardware-doma.patch =================================================================== --- emulators/xen-kernel/files/0001-x86-pvh-use-a-custom-IO-bitmap-for-PVH-hardware-doma.patch +++ /dev/null @@ -1,197 +0,0 @@ -From 8ddb99287cd18da99a95a9f70904a97b52893599 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= -Date: Wed, 20 May 2015 13:26:43 +0200 -Subject: [PATCH 1/2] x86/pvh: use a custom IO bitmap for PVH hardware domains -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Since a PVH hardware domain has access to the physical hardware create a -custom more permissive IO bitmap. The permissions set on the bitmap are -populated based on the contents of the ioports rangeset. - -Signed-off-by: Roger Pau Monné -Signed-off-by: Jan Beulich ---- - xen/arch/x86/hvm/hvm.c | 24 ++++++++++++++++++++++-- - xen/arch/x86/hvm/svm/vmcb.c | 2 +- - xen/arch/x86/hvm/vmx/vmcs.c | 4 ++-- - xen/arch/x86/setup.c | 28 ++++++++++++++++++++++++++++ - xen/common/domain.c | 3 +++ - xen/include/asm-x86/hvm/domain.h | 2 ++ - xen/include/asm-x86/setup.h | 1 + - 7 files changed, 59 insertions(+), 5 deletions(-) - -diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c -index 689e402..89423fa 100644 ---- a/xen/arch/x86/hvm/hvm.c -+++ b/xen/arch/x86/hvm/hvm.c -@@ -77,9 +77,13 @@ integer_param("hvm_debug", opt_hvm_debug_level); - - struct hvm_function_table hvm_funcs __read_mostly; - --/* I/O permission bitmap is globally shared by all HVM guests. */ -+/* -+ * The I/O permission bitmap is globally shared by all HVM guests except -+ * the hardware domain which needs a more permissive one. -+ */ -+#define HVM_IOBITMAP_SIZE (3 * PAGE_SIZE) - unsigned long __attribute__ ((__section__ (".bss.page_aligned"))) -- hvm_io_bitmap[3*PAGE_SIZE/BYTES_PER_LONG]; -+ hvm_io_bitmap[HVM_IOBITMAP_SIZE / BYTES_PER_LONG]; - - /* Xen command-line option to enable HAP */ - static bool_t __initdata opt_hap_enabled = 1; -@@ -1461,6 +1465,20 @@ int hvm_domain_initialise(struct domain *d) - goto fail1; - d->arch.hvm_domain.io_handler->num_slot = 0; - -+ /* Set the default IO Bitmap. */ -+ if ( is_hardware_domain(d) ) -+ { -+ d->arch.hvm_domain.io_bitmap = _xmalloc(HVM_IOBITMAP_SIZE, PAGE_SIZE); -+ if ( d->arch.hvm_domain.io_bitmap == NULL ) -+ { -+ rc = -ENOMEM; -+ goto fail1; -+ } -+ memset(d->arch.hvm_domain.io_bitmap, ~0, HVM_IOBITMAP_SIZE); -+ } -+ else -+ d->arch.hvm_domain.io_bitmap = hvm_io_bitmap; -+ - if ( is_pvh_domain(d) ) - { - register_portio_handler(d, 0, 0x10003, handle_pvh_io); -@@ -1496,6 +1514,8 @@ int hvm_domain_initialise(struct domain *d) - stdvga_deinit(d); - vioapic_deinit(d); - fail1: -+ if ( is_hardware_domain(d) ) -+ xfree(d->arch.hvm_domain.io_bitmap); - xfree(d->arch.hvm_domain.io_handler); - xfree(d->arch.hvm_domain.params); - fail0: -diff --git a/xen/arch/x86/hvm/svm/vmcb.c b/xen/arch/x86/hvm/svm/vmcb.c -index 21292bb..6339d2a 100644 ---- a/xen/arch/x86/hvm/svm/vmcb.c -+++ b/xen/arch/x86/hvm/svm/vmcb.c -@@ -118,7 +118,7 @@ static int construct_vmcb(struct vcpu *v) - svm_disable_intercept_for_msr(v, MSR_AMD64_LWP_CBADDR); - - vmcb->_msrpm_base_pa = (u64)virt_to_maddr(arch_svm->msrpm); -- vmcb->_iopm_base_pa = (u64)virt_to_maddr(hvm_io_bitmap); -+ vmcb->_iopm_base_pa = __pa(v->domain->arch.hvm_domain.io_bitmap); - - /* Virtualise EFLAGS.IF and LAPIC TPR (CR8). */ - vmcb->_vintr.fields.intr_masking = 1; -diff --git a/xen/arch/x86/hvm/vmx/vmcs.c b/xen/arch/x86/hvm/vmx/vmcs.c -index 3123706..355d1b5 100644 ---- a/xen/arch/x86/hvm/vmx/vmcs.c -+++ b/xen/arch/x86/hvm/vmx/vmcs.c -@@ -1032,8 +1032,8 @@ static int construct_vmcs(struct vcpu *v) - } - - /* I/O access bitmap. */ -- __vmwrite(IO_BITMAP_A, virt_to_maddr((char *)hvm_io_bitmap + 0)); -- __vmwrite(IO_BITMAP_B, virt_to_maddr((char *)hvm_io_bitmap + PAGE_SIZE)); -+ __vmwrite(IO_BITMAP_A, __pa(d->arch.hvm_domain.io_bitmap)); -+ __vmwrite(IO_BITMAP_B, __pa(d->arch.hvm_domain.io_bitmap) + PAGE_SIZE); - - if ( cpu_has_vmx_virtual_intr_delivery ) - { -diff --git a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c -index 2b9787a..cd333f9 100644 ---- a/xen/arch/x86/setup.c -+++ b/xen/arch/x86/setup.c -@@ -1446,6 +1446,8 @@ void __init noreturn __start_xen(unsigned long mbi_p) - - dmi_end_boot(); - -+ setup_io_bitmap(dom0); -+ - system_state = SYS_STATE_active; - - domain_unpause_by_systemcontroller(dom0); -@@ -1509,6 +1511,32 @@ int __hwdom_init xen_in_range(unsigned long mfn) - return 0; - } - -+static int __hwdom_init io_bitmap_cb(unsigned long s, unsigned long e, -+ void *ctx) -+{ -+ struct domain *d = ctx; -+ unsigned int i; -+ -+ ASSERT(e <= INT_MAX); -+ for ( i = s; i <= e; i++ ) -+ __clear_bit(i, d->arch.hvm_domain.io_bitmap); -+ -+ return 0; -+} -+ -+void __hwdom_init setup_io_bitmap(struct domain *d) -+{ -+ int rc; -+ -+ if ( has_hvm_container_domain(d) ) -+ { -+ bitmap_fill(d->arch.hvm_domain.io_bitmap, 0x10000); -+ rc = rangeset_report_ranges(d->arch.ioport_caps, 0, 0x10000, -+ io_bitmap_cb, d); -+ BUG_ON(rc); -+ } -+} -+ - /* - * Local variables: - * mode: C -diff --git a/xen/common/domain.c b/xen/common/domain.c -index 6803c4d..b0e83f5 100644 ---- a/xen/common/domain.c -+++ b/xen/common/domain.c -@@ -42,6 +42,7 @@ - #include - #include - #include -+#include - - /* Linux config option: propageted to domain0 */ - /* xen_processor_pmbits: xen control Cx, Px, ... */ -@@ -219,6 +220,8 @@ static int late_hwdom_init(struct domain *d) - rangeset_swap(d->iomem_caps, dom0->iomem_caps); - #ifdef CONFIG_X86 - rangeset_swap(d->arch.ioport_caps, dom0->arch.ioport_caps); -+ setup_io_bitmap(d); -+ setup_io_bitmap(dom0); - #endif - - rcu_unlock_domain(dom0); -diff --git a/xen/include/asm-x86/hvm/domain.h b/xen/include/asm-x86/hvm/domain.h -index 0f8b19a..bdab45d 100644 ---- a/xen/include/asm-x86/hvm/domain.h -+++ b/xen/include/asm-x86/hvm/domain.h -@@ -141,6 +141,8 @@ struct hvm_domain { - */ - uint64_t sync_tsc; - -+ unsigned long *io_bitmap; -+ - union { - struct vmx_domain vmx; - struct svm_domain svm; -diff --git a/xen/include/asm-x86/setup.h b/xen/include/asm-x86/setup.h -index 08bc23a..381d9f8 100644 ---- a/xen/include/asm-x86/setup.h -+++ b/xen/include/asm-x86/setup.h -@@ -32,6 +32,7 @@ int construct_dom0( - module_t *initrd, - void *(*bootstrap_map)(const module_t *), - char *cmdline); -+void setup_io_bitmap(struct domain *d); - - unsigned long initial_images_nrpages(nodeid_t node); - void discard_initial_images(void); --- -2.5.4 (Apple Git-61) - Index: emulators/xen-kernel/files/0001-xen-logdirty-prevent-preemption-if-finished.patch =================================================================== --- /dev/null +++ emulators/xen-kernel/files/0001-xen-logdirty-prevent-preemption-if-finished.patch @@ -0,0 +1,44 @@ +From 7a0ed7f3c2dcb1f104b6f70223d48d8826aec7f2 Mon Sep 17 00:00:00 2001 +From: Roger Pau Monne +Date: Tue, 31 May 2016 16:07:26 +0200 +Subject: [PATCH 1/2] xen/logdirty: prevent preemption if finished +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +While working on PVH migration support I've realized that +paging_log_dirty_op sometimes restarts with sc->pages == pages, which means +there's no more work to do. Avoid this by adding a check in the preemption +points of the function. + +Signed-off-by: Roger Pau Monné +--- + xen/arch/x86/mm/paging.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/xen/arch/x86/mm/paging.c b/xen/arch/x86/mm/paging.c +index 8219bb6..ed94ff7 100644 +--- a/xen/arch/x86/mm/paging.c ++++ b/xen/arch/x86/mm/paging.c +@@ -519,7 +519,8 @@ static int paging_log_dirty_op(struct domain *d, + if ( l2 ) + unmap_domain_page(l2); + +- if ( i3 < LOGDIRTY_NODE_ENTRIES - 1 && hypercall_preempt_check() ) ++ if ( i3 < LOGDIRTY_NODE_ENTRIES - 1 && hypercall_preempt_check() && ++ sc->pages != pages ) + { + d->arch.paging.preempt.log_dirty.i4 = i4; + d->arch.paging.preempt.log_dirty.i3 = i3 + 1; +@@ -531,7 +532,7 @@ static int paging_log_dirty_op(struct domain *d, + unmap_domain_page(l3); + + if ( !rv && i4 < LOGDIRTY_NODE_ENTRIES - 1 && +- hypercall_preempt_check() ) ++ hypercall_preempt_check() && sc->pages != pages ) + { + d->arch.paging.preempt.log_dirty.i4 = i4 + 1; + d->arch.paging.preempt.log_dirty.i3 = 0; +-- +2.7.4 (Apple Git-66) + Index: emulators/xen-kernel/files/0002-vmap-avoid-hitting-an-ASSERT-with-vfree-NULL.patch =================================================================== --- emulators/xen-kernel/files/0002-vmap-avoid-hitting-an-ASSERT-with-vfree-NULL.patch +++ /dev/null @@ -1,43 +0,0 @@ -From ed4a7917a6faa8b7e8f211eaeda270f96e45de7d Mon Sep 17 00:00:00 2001 -From: Andrew Cooper -Date: Fri, 9 Oct 2015 12:57:31 +0200 -Subject: [PATCH 2/8] vmap: avoid hitting an ASSERT with vfree(NULL) -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -and unconditionally defer the vm_size() call, as it doesn't have a NULL -short circuit. - -Reported-by: Wei Liu -Signed-off-by: Andrew Cooper -Tested-by: Wei Liu -Reviewed-by: Roger Pau Monné -Acked-by: Tim Deegan ---- - xen/common/vmap.c | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/xen/common/vmap.c b/xen/common/vmap.c -index b6827b5..9028802 100644 ---- a/xen/common/vmap.c -+++ b/xen/common/vmap.c -@@ -268,10 +268,14 @@ void *vzalloc(size_t size) - - void vfree(void *va) - { -- unsigned int i, pages = vm_size(va); -+ unsigned int i, pages; - struct page_info *pg; - PAGE_LIST_HEAD(pg_list); - -+ if ( !va ) -+ return; -+ -+ pages = vm_size(va); - ASSERT(pages); - - for ( i = 0; i < pages; i++ ) --- -1.9.5 (Apple Git-50.3) - Index: emulators/xen-kernel/files/0002-x86-pvh-trap-access-to-sensitive-IO-ports.patch =================================================================== --- emulators/xen-kernel/files/0002-x86-pvh-trap-access-to-sensitive-IO-ports.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 72d5acdc1d5b83107066e25054f9119e7771cf70 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= -Date: Wed, 20 May 2015 13:27:23 +0200 -Subject: [PATCH 2/2] x86/pvh: trap access to sensitive IO ports -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This is needed so Xen can properly trap 4 byte accesses to 0xcf8 in order to -keep consistency with accesses to 0xcfc. - -The access to RTC ports also needs to be trapped in order to keep -consistency, this includes RTC_PORT(0) and RTC_PORT(1) (0x70 and 0x71 -respectively). - -Signed-off-by: Roger Pau Monné ---- - xen/arch/x86/setup.c | 11 +++++++++++ - 1 file changed, 11 insertions(+) - -diff --git a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c -index cd333f9..2cc9185 100644 ---- a/xen/arch/x86/setup.c -+++ b/xen/arch/x86/setup.c -@@ -49,6 +49,7 @@ - #include - #include - #include -+#include - - /* opt_nosmp: If true, secondary processors are ignored. */ - static bool_t __initdata opt_nosmp; -@@ -1534,6 +1535,16 @@ void __hwdom_init setup_io_bitmap(struct domain *d) - rc = rangeset_report_ranges(d->arch.ioport_caps, 0, 0x10000, - io_bitmap_cb, d); - BUG_ON(rc); -+ /* -+ * NB: we need to trap accesses to 0xcf8 in order to intercept -+ * 4 byte accesses, that need to be handled by Xen in order to -+ * keep consistency. -+ * Access to 1 byte RTC ports also needs to be trapped in order -+ * to keep consistency with PV. -+ */ -+ __set_bit(0xcf8, d->arch.hvm_domain.io_bitmap); -+ __set_bit(RTC_PORT(0), d->arch.hvm_domain.io_bitmap); -+ __set_bit(RTC_PORT(1), d->arch.hvm_domain.io_bitmap); - } - } - --- -2.5.4 (Apple Git-61) - Index: emulators/xen-kernel/files/0002-xen-rework-paging_log_dirty_op-to-work-with-hvm-gues.patch =================================================================== --- emulators/xen-kernel/files/0002-xen-rework-paging_log_dirty_op-to-work-with-hvm-gues.patch +++ emulators/xen-kernel/files/0002-xen-rework-paging_log_dirty_op-to-work-with-hvm-gues.patch @@ -1,7 +1,7 @@ -From 63d4838f2f5644060c064f356078a748ca413364 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= -Date: Fri, 9 Oct 2015 12:57:32 +0200 -Subject: [PATCH 5/8] x86: rework paging_log_dirty_op to work with hvm guests +From e253a2e2fb45197273cee7a7fa2b77f7a87cb67f Mon Sep 17 00:00:00 2001 +From: Roger Pau Monne +Date: Tue, 31 May 2016 16:07:26 +0200 +Subject: [PATCH 2/2] xen: rework paging_log_dirty_op to work with hvm guests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -14,17 +14,43 @@ without the paging lock held. Signed-off-by: Roger Pau Monné -Reviewed-by: Tim Deegan +Cc: Tim Deegan +Cc: Jan Beulich +Cc: Andrew Cooper --- - xen/arch/x86/mm/paging.c | 98 +++++++++++++++++++++++++++++++++++++++----- +Changes since v6: + - Move the again label to the start of the function. + - Set all the preempt fields if we need to map a new page (just like on the + preempt case). + +Changes since v4: + - Indent again label. + - Replace bogus paddr_t cast with proper type. + - Update preempt.log_dirty before dropping the paging lock. + +Changes since v3: + - Drop last parameter from map_dirty_bitmap. + - Drop pointless initializers in paging_log_dirty_op. + - Add a new field to paging_domain in order to copy i2 position. + - Move the again case up to make sure we don't hold cached values of the + contents of log_dirty. + - Replace the BUG_ON in paging_log_dirty_op with an ASSERT. + +Changes since v2: + - Add checks for p2m_is_ram and p2m_is_discard_write when mapping a guest + page. + - Remove error checking from memset/memcpy, they unconditionally return + dst. +--- + xen/arch/x86/mm/paging.c | 97 +++++++++++++++++++++++++++++++++++++++----- xen/include/asm-x86/domain.h | 1 + - 2 files changed, 88 insertions(+), 11 deletions(-) + 2 files changed, 87 insertions(+), 11 deletions(-) diff --git a/xen/arch/x86/mm/paging.c b/xen/arch/x86/mm/paging.c -index 6b788f7..06dc7fa 100644 +index ed94ff7..595c9d6 100644 --- a/xen/arch/x86/mm/paging.c +++ b/xen/arch/x86/mm/paging.c -@@ -397,6 +397,51 @@ int paging_mfn_is_dirty(struct domain *d, mfn_t gmfn) +@@ -406,6 +406,51 @@ int paging_mfn_is_dirty(struct domain *d, mfn_t gmfn) return rv; } @@ -55,7 +81,7 @@ + p2m_mem_paging_populate(current->domain, gfn); + return NULL; + } -+ if ( p2m_is_shared(p2mt) ) ++ if ( p2m_is_shared(p2mt) || p2m_is_discard_write(p2mt) ) + { + put_page(*page); + return NULL; @@ -76,7 +102,7 @@ /* Read a domain's log-dirty bitmap and stats. If the operation is a CLEAN, * clear the bitmap and stats as well. */ -@@ -409,9 +454,22 @@ static int paging_log_dirty_op(struct domain *d, +@@ -418,7 +463,11 @@ static int paging_log_dirty_op(struct domain *d, mfn_t *l4 = NULL, *l3 = NULL, *l2 = NULL; unsigned long *l1 = NULL; int i4, i3, i2; @@ -86,8 +112,12 @@ + again: if ( !resuming ) - domain_pause(d); -+ + { + /* +@@ -439,6 +488,14 @@ static int paging_log_dirty_op(struct domain *d, + p2m_flush_hardware_cached_dirty(d); + } + + index_mapped = resuming ? d->arch.paging.preempt.log_dirty.done : 0; + dirty_bitmap = map_dirty_bitmap(sc->dirty_bitmap, index_mapped, &page); + if ( dirty_bitmap == NULL ) @@ -99,7 +129,7 @@ paging_lock(d); if ( !d->arch.paging.preempt.dom ) -@@ -451,18 +509,18 @@ static int paging_log_dirty_op(struct domain *d, +@@ -478,18 +535,18 @@ static int paging_log_dirty_op(struct domain *d, l4 = paging_map_log_dirty_bitmap(d); i4 = d->arch.paging.preempt.log_dirty.i4; i3 = d->arch.paging.preempt.log_dirty.i3; @@ -108,13 +138,13 @@ for ( ; (pages < sc->pages) && (i4 < LOGDIRTY_NODE_ENTRIES); i4++, i3 = 0 ) { - l3 = (l4 && mfn_valid(l4[i4])) ? map_domain_page(mfn_x(l4[i4])) : NULL; + l3 = (l4 && mfn_valid(l4[i4])) ? map_domain_page(l4[i4]) : NULL; - for ( ; (pages < sc->pages) && (i3 < LOGDIRTY_NODE_ENTRIES); i3++ ) + for ( ; (pages < sc->pages) && (i3 < LOGDIRTY_NODE_ENTRIES); + i3++, i2 = 0 ) { l2 = ((l3 && mfn_valid(l3[i3])) ? - map_domain_page(mfn_x(l3[i3])) : NULL); + map_domain_page(l3[i3]) : NULL); - for ( i2 = 0; - (pages < sc->pages) && (i2 < LOGDIRTY_NODE_ENTRIES); - i2++ ) @@ -122,7 +152,7 @@ { unsigned int bytes = PAGE_SIZE; l1 = ((l2 && mfn_valid(l2[i2])) ? -@@ -471,15 +529,28 @@ static int paging_log_dirty_op(struct domain *d, +@@ -498,15 +555,28 @@ static int paging_log_dirty_op(struct domain *d, bytes = (unsigned int)((sc->pages - pages + 7) >> 3); if ( likely(peek) ) { @@ -158,7 +188,7 @@ } pages += bytes << 3; if ( l1 ) -@@ -496,6 +567,7 @@ static int paging_log_dirty_op(struct domain *d, +@@ -524,6 +594,7 @@ static int paging_log_dirty_op(struct domain *d, { d->arch.paging.preempt.log_dirty.i4 = i4; d->arch.paging.preempt.log_dirty.i3 = i3 + 1; @@ -166,7 +196,7 @@ rv = -ERESTART; break; } -@@ -508,6 +580,7 @@ static int paging_log_dirty_op(struct domain *d, +@@ -536,6 +607,7 @@ static int paging_log_dirty_op(struct domain *d, { d->arch.paging.preempt.log_dirty.i4 = i4 + 1; d->arch.paging.preempt.log_dirty.i3 = 0; @@ -174,7 +204,7 @@ rv = -ERESTART; } if ( rv ) -@@ -537,6 +610,7 @@ static int paging_log_dirty_op(struct domain *d, +@@ -565,6 +637,7 @@ static int paging_log_dirty_op(struct domain *d, if ( rv ) { /* Never leave the domain paused on real errors. */ @@ -182,7 +212,7 @@ ASSERT(rv == -ERESTART); return rv; } -@@ -549,12 +623,14 @@ static int paging_log_dirty_op(struct domain *d, +@@ -577,12 +650,14 @@ static int paging_log_dirty_op(struct domain *d, * paging modes (shadow or hap). Safe because the domain is paused. */ d->arch.paging.log_dirty.clean_dirty_bitmap(d); } @@ -198,10 +228,10 @@ if ( l1 ) diff --git a/xen/include/asm-x86/domain.h b/xen/include/asm-x86/domain.h -index 6a77a93..63dea9c 100644 +index 165e533..0dc1ed8 100644 --- a/xen/include/asm-x86/domain.h +++ b/xen/include/asm-x86/domain.h -@@ -197,6 +197,7 @@ struct paging_domain { +@@ -206,6 +206,7 @@ struct paging_domain { unsigned long done:PADDR_BITS - PAGE_SHIFT; unsigned long i4:PAGETABLE_ORDER; unsigned long i3:PAGETABLE_ORDER; @@ -210,5 +240,5 @@ }; } preempt; -- -1.9.5 (Apple Git-50.3) +2.7.4 (Apple Git-66) Index: emulators/xen-kernel/files/0003-x86-shadow-fix-shadow_track_dirty_vram-to-work-on-hv.patch =================================================================== --- emulators/xen-kernel/files/0003-x86-shadow-fix-shadow_track_dirty_vram-to-work-on-hv.patch +++ /dev/null @@ -1,120 +0,0 @@ -From 055ee44e3cc7c40dc3a3319370d287591771a7f3 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= -Date: Fri, 9 Oct 2015 12:57:32 +0200 -Subject: [PATCH 3/8] x86/shadow: fix shadow_track_dirty_vram to work on hvm - guests -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Modify shadow_track_dirty_vram to use a local buffer and then flush to the -guest without the paging_lock held. This is modeled after -hap_track_dirty_vram. - -Signed-off-by: Roger Pau Monné -Reviewed-by: Tim Deegan ---- - xen/arch/x86/mm/shadow/common.c | 49 +++++++++++++++++++++++++---------------- - 1 file changed, 30 insertions(+), 19 deletions(-) - -diff --git a/xen/arch/x86/mm/shadow/common.c b/xen/arch/x86/mm/shadow/common.c -index a5eed28..6b91b8c 100644 ---- a/xen/arch/x86/mm/shadow/common.c -+++ b/xen/arch/x86/mm/shadow/common.c -@@ -3478,7 +3478,7 @@ void shadow_clean_dirty_bitmap(struct domain *d) - int shadow_track_dirty_vram(struct domain *d, - unsigned long begin_pfn, - unsigned long nr, -- XEN_GUEST_HANDLE_64(uint8) dirty_bitmap) -+ XEN_GUEST_HANDLE_64(uint8) guest_dirty_bitmap) - { - int rc; - unsigned long end_pfn = begin_pfn + nr; -@@ -3488,6 +3488,7 @@ int shadow_track_dirty_vram(struct domain *d, - p2m_type_t t; - struct sh_dirty_vram *dirty_vram; - struct p2m_domain *p2m = p2m_get_hostp2m(d); -+ uint8_t *dirty_bitmap = NULL; - - if ( end_pfn < begin_pfn || end_pfn > p2m->max_mapped_pfn + 1 ) - return -EINVAL; -@@ -3516,6 +3517,12 @@ int shadow_track_dirty_vram(struct domain *d, - goto out; - } - -+ dirty_bitmap = vzalloc(dirty_size); -+ if ( dirty_bitmap == NULL ) -+ { -+ rc = -ENOMEM; -+ goto out; -+ } - /* This should happen seldomly (Video mode change), - * no need to be careful. */ - if ( !dirty_vram ) -@@ -3546,12 +3553,8 @@ int shadow_track_dirty_vram(struct domain *d, - rc = -ENODATA; - } - else if (dirty_vram->last_dirty == -1) -- { - /* still completely clean, just copy our empty bitmap */ -- rc = -EFAULT; -- if ( copy_to_guest(dirty_bitmap, dirty_vram->dirty_bitmap, dirty_size) == 0 ) -- rc = 0; -- } -+ memcpy(dirty_bitmap, dirty_vram->dirty_bitmap, dirty_size); - else - { - unsigned long map_mfn = INVALID_MFN; -@@ -3630,21 +3633,19 @@ int shadow_track_dirty_vram(struct domain *d, - if ( map_sl1p ) - sh_unmap_domain_page(map_sl1p); - -- rc = -EFAULT; -- if ( copy_to_guest(dirty_bitmap, dirty_vram->dirty_bitmap, dirty_size) == 0 ) { -- memset(dirty_vram->dirty_bitmap, 0, dirty_size); -- if (dirty_vram->last_dirty + SECONDS(2) < NOW()) -+ memcpy(dirty_bitmap, dirty_vram->dirty_bitmap, dirty_size); -+ memset(dirty_vram->dirty_bitmap, 0, dirty_size); -+ if ( dirty_vram->last_dirty + SECONDS(2) < NOW() ) -+ { -+ /* was clean for more than two seconds, try to disable guest -+ * write access */ -+ for ( i = begin_pfn; i < end_pfn; i++ ) - { -- /* was clean for more than two seconds, try to disable guest -- * write access */ -- for ( i = begin_pfn; i < end_pfn; i++ ) { -- mfn_t mfn = get_gfn_query_unlocked(d, i, &t); -- if (mfn_x(mfn) != INVALID_MFN) -- flush_tlb |= sh_remove_write_access(d->vcpu[0], mfn, 1, 0); -- } -- dirty_vram->last_dirty = -1; -+ mfn_t mfn = get_gfn_query_unlocked(d, i, &t); -+ if ( mfn_x(mfn) != INVALID_MFN ) -+ flush_tlb |= sh_remove_write_access(d->vcpu[0], mfn, 1, 0); - } -- rc = 0; -+ dirty_vram->last_dirty = -1; - } - } - if ( flush_tlb ) -@@ -3659,6 +3660,16 @@ out_dirty_vram: - - out: - paging_unlock(d); -+ if ( rc == 0 && dirty_bitmap != NULL && -+ copy_to_guest(guest_dirty_bitmap, dirty_bitmap, dirty_size) ) -+ { -+ paging_lock(d); -+ for ( i = 0; i < dirty_size; i++ ) -+ dirty_vram->dirty_bitmap[i] |= dirty_bitmap[i]; -+ paging_unlock(d); -+ rc = -EFAULT; -+ } -+ vfree(dirty_bitmap); - p2m_unlock(p2m_get_hostp2m(d)); - return rc; - } --- -1.9.5 (Apple Git-50.3) - Index: emulators/xen-kernel/files/0004-x86-hap-make-hap_track_dirty_vram-use-non-contiguous.patch =================================================================== --- emulators/xen-kernel/files/0004-x86-hap-make-hap_track_dirty_vram-use-non-contiguous.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 50ca52274eda838f0562938fae3432a0f05f2585 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= -Date: Fri, 9 Oct 2015 12:57:32 +0200 -Subject: [PATCH 4/8] x86/hap: make hap_track_dirty_vram use non-contiguous - memory for temporary map -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Just like it's done for shadow_track_dirty_vram allocate the temporary -buffer using non-contiguous memory. - -Signed-off-by: Roger Pau Monné -Reviewed-by: Tim Deegan ---- - xen/arch/x86/mm/hap/hap.c | 5 ++--- - 1 file changed, 2 insertions(+), 3 deletions(-) - -diff --git a/xen/arch/x86/mm/hap/hap.c b/xen/arch/x86/mm/hap/hap.c -index abf3d7a..f7b12a8 100644 ---- a/xen/arch/x86/mm/hap/hap.c -+++ b/xen/arch/x86/mm/hap/hap.c -@@ -87,7 +87,7 @@ int hap_track_dirty_vram(struct domain *d, - } - - rc = -ENOMEM; -- dirty_bitmap = xzalloc_bytes(size); -+ dirty_bitmap = vzalloc(size); - if ( !dirty_bitmap ) - goto out; - -@@ -168,8 +168,7 @@ int hap_track_dirty_vram(struct domain *d, - p2m_ram_logdirty, p2m_ram_rw); - } - out: -- if ( dirty_bitmap ) -- xfree(dirty_bitmap); -+ vfree(dirty_bitmap); - - return rc; - } --- -1.9.5 (Apple Git-50.3) - Index: emulators/xen-kernel/files/0006-xen-pvh-enable-mmu_update-hypercall.patch =================================================================== --- emulators/xen-kernel/files/0006-xen-pvh-enable-mmu_update-hypercall.patch +++ /dev/null @@ -1,33 +0,0 @@ -From bec71ff2b61acc42e71a2bd79ec5cf172130e5f8 Mon Sep 17 00:00:00 2001 -From: Roger Pau Monne -Date: Fri, 9 Oct 2015 12:57:32 +0200 -Subject: [PATCH 6/8] xen/pvh: enable mmu_update hypercall -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This is needed for performing save/restore of PV guests. - -Signed-off-by: Roger Pau Monné -Cc: Tim Deegan -Cc: Jan Beulich -Cc: Andrew Cooper ---- - xen/arch/x86/hvm/hvm.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c -index 7d53c6c..d3fdc3d 100644 ---- a/xen/arch/x86/hvm/hvm.c -+++ b/xen/arch/x86/hvm/hvm.c -@@ -4843,6 +4843,7 @@ static hvm_hypercall_t *const pvh_hypercall64_table[NR_hypercalls] = { - [ __HYPERVISOR_grant_table_op ] = (hvm_hypercall_t *)hvm_grant_table_op, - HYPERCALL(vcpu_op), - HYPERCALL(mmuext_op), -+ HYPERCALL(mmu_update), - HYPERCALL(xsm_op), - HYPERCALL(sched_op), - HYPERCALL(event_channel_op), --- -1.9.5 (Apple Git-50.3) - Index: emulators/xen-kernel/files/0007-iommu-fix-usage-of-shared-EPT-IOMMU-page-tables-on-P.patch =================================================================== --- emulators/xen-kernel/files/0007-iommu-fix-usage-of-shared-EPT-IOMMU-page-tables-on-P.patch +++ /dev/null @@ -1,86 +0,0 @@ -From 43f76b1443c8fc3b54dbb9fb466becbb9d584d6d Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= -Date: Fri, 9 Oct 2015 12:57:33 +0200 -Subject: [PATCH 7/8] iommu: fix usage of shared EPT/IOMMU page tables on PVH - guests -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -iommu_share_p2m_table should not prevent PVH guests from using a shared page -table between the IOMMU and EPT. Clean the code by removing the asserts in -the vendor specific implementations (amd_iommu_share_p2m, iommu_set_pgd), -and moving the hap_enabled assert to the caller (iommu_share_p2m_table). - -Also fix another incorrect usage of is_hvm_domain usage in -arch_iommu_populate_page_table. This has not given problems so far because -all the pages in PVH guests are of type PGT_writable_page. - -Signed-off-by: Roger Pau Monné -Reviewed-by: Jan Beulich -Tested-by: David Vrabel -Reviewed-by: Tim Deegan -Acked-by: Kevin Tian ---- - xen/drivers/passthrough/amd/iommu_map.c | 2 -- - xen/drivers/passthrough/iommu.c | 3 ++- - xen/drivers/passthrough/vtd/iommu.c | 2 -- - xen/drivers/passthrough/x86/iommu.c | 2 +- - 4 files changed, 3 insertions(+), 6 deletions(-) - -diff --git a/xen/drivers/passthrough/amd/iommu_map.c b/xen/drivers/passthrough/amd/iommu_map.c -index a8c60ec..31dc05d 100644 ---- a/xen/drivers/passthrough/amd/iommu_map.c -+++ b/xen/drivers/passthrough/amd/iommu_map.c -@@ -785,8 +785,6 @@ void amd_iommu_share_p2m(struct domain *d) - struct page_info *p2m_table; - mfn_t pgd_mfn; - -- ASSERT( is_hvm_domain(d) && d->arch.hvm_domain.hap_enabled ); -- - if ( !iommu_use_hap_pt(d) ) - return; - -diff --git a/xen/drivers/passthrough/iommu.c b/xen/drivers/passthrough/iommu.c -index cc12735..7fcbbb1 100644 ---- a/xen/drivers/passthrough/iommu.c -+++ b/xen/drivers/passthrough/iommu.c -@@ -332,7 +332,8 @@ void iommu_share_p2m_table(struct domain* d) - { - const struct iommu_ops *ops = iommu_get_ops(); - -- if ( iommu_enabled && is_hvm_domain(d) ) -+ ASSERT( hap_enabled(d) ); -+ if ( iommu_enabled ) - ops->share_p2m(d); - } - -diff --git a/xen/drivers/passthrough/vtd/iommu.c b/xen/drivers/passthrough/vtd/iommu.c -index 5a946d4..a5a111c 100644 ---- a/xen/drivers/passthrough/vtd/iommu.c -+++ b/xen/drivers/passthrough/vtd/iommu.c -@@ -1802,8 +1802,6 @@ static void iommu_set_pgd(struct domain *d) - struct hvm_iommu *hd = domain_hvm_iommu(d); - mfn_t pgd_mfn; - -- ASSERT( is_hvm_domain(d) && d->arch.hvm_domain.hap_enabled ); -- - if ( !iommu_use_hap_pt(d) ) - return; - -diff --git a/xen/drivers/passthrough/x86/iommu.c b/xen/drivers/passthrough/x86/iommu.c -index ce0ca5a..3d2c12a 100644 ---- a/xen/drivers/passthrough/x86/iommu.c -+++ b/xen/drivers/passthrough/x86/iommu.c -@@ -56,7 +56,7 @@ int arch_iommu_populate_page_table(struct domain *d) - - while ( !rc && (page = page_list_remove_head(&d->page_list)) ) - { -- if ( is_hvm_domain(d) || -+ if ( has_hvm_container_domain(d) || - (page->u.inuse.type_info & PGT_type_mask) == PGT_writable_page ) - { - BUG_ON(SHARED_M2P(mfn_to_gmfn(d, page_to_mfn(page)))); --- -1.9.5 (Apple Git-50.3) - Index: emulators/xen-kernel/files/xsa156-4.5.patch =================================================================== --- emulators/xen-kernel/files/xsa156-4.5.patch +++ /dev/null @@ -1,127 +0,0 @@ -x86/HVM: always intercept #AC and #DB - -Both being benign exceptions, and both being possible to get triggered -by exception delivery, this is required to prevent a guest from locking -up a CPU (resulting from no other VM exits occurring once getting into -such a loop). - -The specific scenarios: - -1) #AC may be raised during exception delivery if the handler is set to -be a ring-3 one by a 32-bit guest, and the stack is misaligned. - -2) #DB may be raised during exception delivery when a breakpoint got -placed on a data structure involved in delivering the exception. This -can result in an endless loop when a 64-bit guest uses a non-zero IST -for the vector 1 IDT entry, but even without use of IST the time it -takes until a contributory fault would get raised (results depending -on the handler) may be quite long. - -This is XSA-156. - -Reported-by: Benjamin Serebrin -Signed-off-by: Jan Beulich -Reviewed-by: Andrew Cooper -Tested-by: Andrew Cooper - ---- a/xen/arch/x86/hvm/svm/svm.c -+++ b/xen/arch/x86/hvm/svm/svm.c -@@ -1045,10 +1045,11 @@ static void noreturn svm_do_resume(struc - unlikely(v->arch.hvm_vcpu.debug_state_latch != debug_state) ) - { - uint32_t intercepts = vmcb_get_exception_intercepts(vmcb); -- uint32_t mask = (1U << TRAP_debug) | (1U << TRAP_int3); -+ - v->arch.hvm_vcpu.debug_state_latch = debug_state; - vmcb_set_exception_intercepts( -- vmcb, debug_state ? (intercepts | mask) : (intercepts & ~mask)); -+ vmcb, debug_state ? (intercepts | (1U << TRAP_int3)) -+ : (intercepts & ~(1U << TRAP_int3))); - } - - if ( v->arch.hvm_svm.launch_core != smp_processor_id() ) -@@ -2435,8 +2436,9 @@ void svm_vmexit_handler(struct cpu_user_ - - case VMEXIT_EXCEPTION_DB: - if ( !v->domain->debugger_attached ) -- goto unexpected_exit_type; -- domain_pause_for_debugger(); -+ hvm_inject_hw_exception(TRAP_debug, HVM_DELIVER_NO_ERROR_CODE); -+ else -+ domain_pause_for_debugger(); - break; - - case VMEXIT_EXCEPTION_BP: -@@ -2484,6 +2486,11 @@ void svm_vmexit_handler(struct cpu_user_ - break; - } - -+ case VMEXIT_EXCEPTION_AC: -+ HVMTRACE_1D(TRAP, TRAP_alignment_check); -+ hvm_inject_hw_exception(TRAP_alignment_check, vmcb->exitinfo1); -+ break; -+ - case VMEXIT_EXCEPTION_UD: - svm_vmexit_ud_intercept(regs); - break; ---- a/xen/arch/x86/hvm/vmx/vmx.c -+++ b/xen/arch/x86/hvm/vmx/vmx.c -@@ -1186,16 +1186,10 @@ static void vmx_update_host_cr3(struct v - - void vmx_update_debug_state(struct vcpu *v) - { -- unsigned long mask; -- -- mask = 1u << TRAP_int3; -- if ( !cpu_has_monitor_trap_flag ) -- mask |= 1u << TRAP_debug; -- - if ( v->arch.hvm_vcpu.debug_state_latch ) -- v->arch.hvm_vmx.exception_bitmap |= mask; -+ v->arch.hvm_vmx.exception_bitmap |= 1U << TRAP_int3; - else -- v->arch.hvm_vmx.exception_bitmap &= ~mask; -+ v->arch.hvm_vmx.exception_bitmap &= ~(1U << TRAP_int3); - - vmx_vmcs_enter(v); - vmx_update_exception_bitmap(v); -@@ -2801,9 +2795,10 @@ void vmx_vmexit_handler(struct cpu_user_ - __vmread(EXIT_QUALIFICATION, &exit_qualification); - HVMTRACE_1D(TRAP_DEBUG, exit_qualification); - write_debugreg(6, exit_qualification | 0xffff0ff0); -- if ( !v->domain->debugger_attached || cpu_has_monitor_trap_flag ) -- goto exit_and_crash; -- domain_pause_for_debugger(); -+ if ( !v->domain->debugger_attached ) -+ hvm_inject_hw_exception(vector, HVM_DELIVER_NO_ERROR_CODE); -+ else -+ domain_pause_for_debugger(); - break; - case TRAP_int3: - { -@@ -2868,6 +2863,11 @@ void vmx_vmexit_handler(struct cpu_user_ - - hvm_inject_page_fault(regs->error_code, exit_qualification); - break; -+ case TRAP_alignment_check: -+ HVMTRACE_1D(TRAP, vector); -+ __vmread(VM_EXIT_INTR_ERROR_CODE, &ecode); -+ hvm_inject_hw_exception(vector, ecode); -+ break; - case TRAP_nmi: - if ( (intr_info & INTR_INFO_INTR_TYPE_MASK) != - (X86_EVENTTYPE_NMI << 8) ) ---- a/xen/include/asm-x86/hvm/hvm.h -+++ b/xen/include/asm-x86/hvm/hvm.h -@@ -378,7 +378,10 @@ static inline int hvm_event_pending(stru - (X86_CR4_VMXE | X86_CR4_PAE | X86_CR4_MCE)) - - /* These exceptions must always be intercepted. */ --#define HVM_TRAP_MASK ((1U << TRAP_machine_check) | (1U << TRAP_invalid_op)) -+#define HVM_TRAP_MASK ((1U << TRAP_debug) | \ -+ (1U << TRAP_invalid_op) | \ -+ (1U << TRAP_alignment_check) | \ -+ (1U << TRAP_machine_check)) - - /* - * x86 event types. This enumeration is valid for: Index: emulators/xen-kernel/files/xsa159.patch =================================================================== --- emulators/xen-kernel/files/xsa159.patch +++ /dev/null @@ -1,47 +0,0 @@ -memory: fix XENMEM_exchange error handling - -assign_pages() can fail due to the domain getting killed in parallel, -which should not result in a hypervisor crash. - -Also delete a redundant put_gfn() - all relevant paths leading to the -"fail" label already do this (and there are also paths where it was -plain wrong). All of the put_gfn()-s got introduced by 51032ca058 -("Modify naming of queries into the p2m"), including the otherwise -unneeded initializer for k (with even a kind of misleading comment - -the compiler warning could actually have served as a hint that the use -is wrong). - -This is XSA-159. - -Reported-by: Julien Grall -Signed-off-by: Jan Beulich -Acked-by: Ian Campbell - ---- a/xen/common/memory.c -+++ b/xen/common/memory.c -@@ -334,7 +334,7 @@ static long memory_exchange(XEN_GUEST_HA - PAGE_LIST_HEAD(out_chunk_list); - unsigned long in_chunk_order, out_chunk_order; - xen_pfn_t gpfn, gmfn, mfn; -- unsigned long i, j, k = 0; /* gcc ... */ -+ unsigned long i, j, k; - unsigned int memflags = 0; - long rc = 0; - struct domain *d; -@@ -572,11 +572,12 @@ static long memory_exchange(XEN_GUEST_HA - fail: - /* Reassign any input pages we managed to steal. */ - while ( (page = page_list_remove_head(&in_chunk_list)) ) -- { -- put_gfn(d, gmfn + k--); - if ( assign_pages(d, page, 0, MEMF_no_refcount) ) -- BUG(); -- } -+ { -+ BUG_ON(!d->is_dying); -+ if ( test_and_clear_bit(_PGC_allocated, &page->count_info) ) -+ put_page(page); -+ } - - dying: - rcu_unlock_domain(d); Index: emulators/xen-kernel/files/xsa165-4.5.patch =================================================================== --- emulators/xen-kernel/files/xsa165-4.5.patch +++ /dev/null @@ -1,85 +0,0 @@ -x86: don't leak ST(n)/XMMn values to domains first using them - -FNINIT doesn't alter these registers, and hence using it is -insufficient to initialize a guest's initial state. - -This is XSA-165. - -Signed-off-by: Jan Beulich -Reviewed-by: Andrew Cooper - ---- a/xen/arch/x86/domain.c -+++ b/xen/arch/x86/domain.c -@@ -798,6 +798,17 @@ int arch_set_info_guest( - if ( v->arch.xsave_area ) - v->arch.xsave_area->xsave_hdr.xstate_bv = XSTATE_FP_SSE; - } -+ else if ( v->arch.xsave_area ) -+ memset(&v->arch.xsave_area->xsave_hdr, 0, -+ sizeof(v->arch.xsave_area->xsave_hdr)); -+ else -+ { -+ typeof(v->arch.xsave_area->fpu_sse) *fpu_sse = v->arch.fpu_ctxt; -+ -+ memset(fpu_sse, 0, sizeof(*fpu_sse)); -+ fpu_sse->fcw = FCW_DEFAULT; -+ fpu_sse->mxcsr = MXCSR_DEFAULT; -+ } - - if ( !compat ) - { ---- a/xen/arch/x86/i387.c -+++ b/xen/arch/x86/i387.c -@@ -17,19 +17,6 @@ - #include - #include - --static void fpu_init(void) --{ -- unsigned long val; -- -- asm volatile ( "fninit" ); -- if ( cpu_has_xmm ) -- { -- /* load default value into MXCSR control/status register */ -- val = MXCSR_DEFAULT; -- asm volatile ( "ldmxcsr %0" : : "m" (val) ); -- } --} -- - /*******************************/ - /* FPU Restore Functions */ - /*******************************/ -@@ -248,15 +235,8 @@ void vcpu_restore_fpu_lazy(struct vcpu * - - if ( cpu_has_xsave ) - fpu_xrstor(v, XSTATE_LAZY); -- else if ( v->fpu_initialised ) -- { -- if ( cpu_has_fxsr ) -- fpu_fxrstor(v); -- else -- fpu_frstor(v); -- } - else -- fpu_init(); -+ fpu_fxrstor(v); - - v->fpu_initialised = 1; - v->fpu_dirtied = 1; -@@ -317,7 +297,14 @@ int vcpu_init_fpu(struct vcpu *v) - else - { - v->arch.fpu_ctxt = _xzalloc(sizeof(v->arch.xsave_area->fpu_sse), 16); -- if ( !v->arch.fpu_ctxt ) -+ if ( v->arch.fpu_ctxt ) -+ { -+ typeof(v->arch.xsave_area->fpu_sse) *fpu_sse = v->arch.fpu_ctxt; -+ -+ fpu_sse->fcw = FCW_DEFAULT; -+ fpu_sse->mxcsr = MXCSR_DEFAULT; -+ } -+ else - { - rc = -ENOMEM; - goto done; Index: emulators/xen-kernel/files/xsa166-4.5.patch =================================================================== --- emulators/xen-kernel/files/xsa166-4.5.patch +++ /dev/null @@ -1,44 +0,0 @@ -x86/HVM: avoid reading ioreq state more than once - -Otherwise, especially when the compiler chooses to translate the -switch() to a jump table, unpredictable behavior (and in the jump table -case arbitrary code execution) can result. - -This is XSA-166. - -Signed-off-by: Jan Beulich -Acked-by: Ian Campbell - ---- a/xen/arch/x86/hvm/hvm.c -+++ b/xen/arch/x86/hvm/hvm.c -@@ -400,23 +400,23 @@ bool_t hvm_io_pending(struct vcpu *v) - - static bool_t hvm_wait_for_io(struct hvm_ioreq_vcpu *sv, ioreq_t *p) - { -+ unsigned int state; -+ - /* NB. Optimised for common case (p->state == STATE_IOREQ_NONE). */ -- while ( p->state != STATE_IOREQ_NONE ) -+ while ( (state = p->state) != STATE_IOREQ_NONE ) - { -- switch ( p->state ) -+ rmb(); -+ switch ( state ) - { - case STATE_IORESP_READY: /* IORESP_READY -> NONE */ -- rmb(); /* see IORESP_READY /then/ read contents of ioreq */ - hvm_io_assist(p); - break; - case STATE_IOREQ_READY: /* IOREQ_{READY,INPROCESS} -> IORESP_READY */ - case STATE_IOREQ_INPROCESS: -- wait_on_xen_event_channel(sv->ioreq_evtchn, -- (p->state != STATE_IOREQ_READY) && -- (p->state != STATE_IOREQ_INPROCESS)); -+ wait_on_xen_event_channel(sv->ioreq_evtchn, p->state != state); - break; - default: -- gdprintk(XENLOG_ERR, "Weird HVM iorequest state %d.\n", p->state); -+ gdprintk(XENLOG_ERR, "Weird HVM iorequest state %u\n", state); - domain_crash(sv->vcpu->domain); - return 0; /* bail */ - } Index: emulators/xen-kernel/files/xsa167-4.6.patch =================================================================== --- emulators/xen-kernel/files/xsa167-4.6.patch +++ /dev/null @@ -1,77 +0,0 @@ -x86/mm: PV superpage handling lacks sanity checks - -MMUEXT_{,UN}MARK_SUPER fail to check the input MFN for validity before -dereferencing pointers into the superpage frame table. - -get_superpage() has a similar issue. - -This is XSA-167. - -Reported-by: Qinghao Tang -Signed-off-by: Jan Beulich -Acked-by: Ian Campbell - ---- a/xen/arch/x86/mm.c -+++ b/xen/arch/x86/mm.c -@@ -2624,6 +2624,9 @@ int get_superpage(unsigned long mfn, str - - ASSERT(opt_allow_superpage); - -+ if ( !mfn_valid(mfn | (L1_PAGETABLE_ENTRIES - 1)) ) -+ return -EINVAL; -+ - spage = mfn_to_spage(mfn); - y = spage->type_info; - do { -@@ -3401,42 +3404,26 @@ long do_mmuext_op( - } - - case MMUEXT_MARK_SUPER: -+ case MMUEXT_UNMARK_SUPER: - { - unsigned long mfn = op.arg1.mfn; - -- if ( unlikely(d != pg_owner) ) -- rc = -EPERM; -- else if ( mfn & (L1_PAGETABLE_ENTRIES-1) ) -- { -- MEM_LOG("Unaligned superpage reference mfn %lx", mfn); -- okay = 0; -- } -- else if ( !opt_allow_superpage ) -+ if ( !opt_allow_superpage ) - { - MEM_LOG("Superpages disallowed"); - rc = -ENOSYS; - } -- else -- rc = mark_superpage(mfn_to_spage(mfn), d); -- break; -- } -- -- case MMUEXT_UNMARK_SUPER: -- { -- unsigned long mfn = op.arg1.mfn; -- -- if ( unlikely(d != pg_owner) ) -+ else if ( unlikely(d != pg_owner) ) - rc = -EPERM; -- else if ( mfn & (L1_PAGETABLE_ENTRIES-1) ) -+ else if ( mfn & (L1_PAGETABLE_ENTRIES - 1) ) - { - MEM_LOG("Unaligned superpage reference mfn %lx", mfn); -- okay = 0; -- } -- else if ( !opt_allow_superpage ) -- { -- MEM_LOG("Superpages disallowed"); -- rc = -ENOSYS; -+ rc = -EINVAL; - } -+ else if ( !mfn_valid(mfn | (L1_PAGETABLE_ENTRIES - 1)) ) -+ rc = -EINVAL; -+ else if ( op.cmd == MMUEXT_MARK_SUPER ) -+ rc = mark_superpage(mfn_to_spage(mfn), d); - else - rc = unmark_superpage(mfn_to_spage(mfn)); - break; Index: emulators/xen-kernel/files/xsa168.patch =================================================================== --- emulators/xen-kernel/files/xsa168.patch +++ /dev/null @@ -1,27 +0,0 @@ -x86/VMX: prevent INVVPID failure due to non-canonical guest address - -While INVLPG (and on SVM INVLPGA) don't fault on non-canonical -addresses, INVVPID fails (in the "individual address" case) when passed -such an address. - -Since such intercepted INVLPG are effectively no-ops anyway, don't fix -this in vmx_invlpg_intercept(), but instead have paging_invlpg() never -return true in such a case. - -This is XSA-168. - -Signed-off-by: Jan Beulich -Reviewed-by: Andrew Cooper -Acked-by: Ian Campbell - ---- a/xen/include/asm-x86/paging.h -+++ b/xen/include/asm-x86/paging.h -@@ -245,7 +245,7 @@ paging_fault(unsigned long va, struct cp - * or 0 if it's safe not to do so. */ - static inline int paging_invlpg(struct vcpu *v, unsigned long va) - { -- return paging_get_hostmode(v)->invlpg(v, va); -+ return is_canonical_address(va) && paging_get_hostmode(v)->invlpg(v, va); - } - - /* Translate a guest virtual address to the frame number that the Index: emulators/xen-kernel/files/xsa170-4.5.patch =================================================================== --- emulators/xen-kernel/files/xsa170-4.5.patch +++ /dev/null @@ -1,79 +0,0 @@ -x86/VMX: sanitize rIP before re-entering guest - -... to prevent guest user mode arranging for a guest crash (due to -failed VM entry). (On the AMD system I checked, hardware is doing -exactly the canonicalization being added here.) - -Note that fixing this in an architecturally correct way would be quite -a bit more involved: Making the x86 instruction emulator check all -branch targets for validity, plus dealing with invalid rIP resulting -from update_guest_eip() or incoming directly during a VM exit. The only -way to get the latter right would be by not having hardware do the -injection. - -Note further that there are a two early returns from -vmx_vmexit_handler(): One (through vmx_failed_vmentry()) leads to -domain_crash() anyway, and the other covers real mode only and can -neither occur with a non-canonical rIP nor result in an altered rIP, -so we don't need to force those paths through the checking logic. - -This is XSA-170. - -Reported-by: 刘令 -Signed-off-by: Jan Beulich -Reviewed-by: Andrew Cooper -Tested-by: Andrew Cooper - ---- a/xen/arch/x86/hvm/vmx/vmx.c -+++ b/xen/arch/x86/hvm/vmx/vmx.c -@@ -2675,7 +2675,7 @@ void vmx_handle_EOI_induced_exit(struct - void vmx_vmexit_handler(struct cpu_user_regs *regs) - { - unsigned long exit_qualification, exit_reason, idtv_info, intr_info = 0; -- unsigned int vector = 0; -+ unsigned int vector = 0, mode; - struct vcpu *v = current; - - __vmread(GUEST_RIP, ®s->rip); -@@ -3219,6 +3219,41 @@ void vmx_vmexit_handler(struct cpu_user_ - out: - if ( nestedhvm_vcpu_in_guestmode(v) ) - nvmx_idtv_handling(); -+ -+ /* -+ * VM entry will fail (causing the guest to get crashed) if rIP (and -+ * rFLAGS, but we don't have an issue there) doesn't meet certain -+ * criteria. As we must not allow less than fully privileged mode to have -+ * such an effect on the domain, we correct rIP in that case (accepting -+ * this not being architecturally correct behavior, as the injected #GP -+ * fault will then not see the correct [invalid] return address). -+ * And since we know the guest will crash, we crash it right away if it -+ * already is in most privileged mode. -+ */ -+ mode = vmx_guest_x86_mode(v); -+ if ( mode == 8 ? !is_canonical_address(regs->rip) -+ : regs->rip != regs->_eip ) -+ { -+ struct segment_register ss; -+ -+ gdprintk(XENLOG_WARNING, "Bad rIP %lx for mode %u\n", regs->rip, mode); -+ -+ vmx_get_segment_register(v, x86_seg_ss, &ss); -+ if ( ss.attr.fields.dpl ) -+ { -+ __vmread(VM_ENTRY_INTR_INFO, &intr_info); -+ if ( !(intr_info & INTR_INFO_VALID_MASK) ) -+ hvm_inject_hw_exception(TRAP_gp_fault, 0); -+ /* Need to fix rIP nevertheless. */ -+ if ( mode == 8 ) -+ regs->rip = (long)(regs->rip << (64 - VADDR_BITS)) >> -+ (64 - VADDR_BITS); -+ else -+ regs->rip = regs->_eip; -+ } -+ else -+ domain_crash(v->domain); -+ } - } - - void vmx_vmenter_helper(const struct cpu_user_regs *regs) Index: sysutils/xen-tools/Makefile =================================================================== --- sysutils/xen-tools/Makefile +++ sysutils/xen-tools/Makefile @@ -1,11 +1,13 @@ # $FreeBSD$ PORTNAME= xen -PORTVERSION= 4.5.2 -PORTREVISION= 3 -CATEGORIES= sysutils emulators -MASTER_SITES= http://bits.xensource.com/oss-xen/release/${PORTVERSION}/ PKGNAMESUFFIX= -tools +PORTVERSION= 4.7.0 +PORTREVISION= 0 +RCVERSION= 4 +DISTNAME= ${PORTNAME}-${DISTVERSION}-rc${RCVERSION} +CATEGORIES= sysutils emulators +MASTER_SITES= http://bits.xensource.com/oss-xen/release/${DISTVERSION}-rc${RCVERSION}/ MAINTAINER= royger@FreeBSD.org COMMENT= Xen management tool, based on LibXenlight @@ -17,42 +19,40 @@ LIB_DEPENDS= libyajl.so:devel/yajl \ liblzo2.so:archivers/lzo2 \ - libpixman-1.so:x11/pixman + libpixman-1.so:x11/pixman \ + libargp.so:devel/argp-standalone BUILD_DEPENDS= dev86>0:devel/dev86 \ - seabios>0:misc/seabios + seabios>0:misc/seabios \ + markdown>0:textproc/markdown OPTIONS_DEFINE= DOCS ONLY_FOR_ARCHS= amd64 ONLY_FOR_ARCHS_REASON= "not yet ported to anything other than amd64" -WRKSRC= ${WRKDIR}/xen-${PORTVERSION} - -USES= cpe gmake libtool perl5 pkgconfig python shebangfix localbase +USES= cpe gmake libtool perl5 pkgconfig python shebangfix localbase \ + gettext USE_GNOME= glib20 USE_LDCONFIG= yes GNU_CONFIGURE= yes -CONFIGURE_ENV= HOSTCC="${CC}" CC="${CC}" \ - ac_cv_path_BASH=${TRUE} \ - ac_cv_path_XGETTEXT=${TRUE} -MAKE_ARGS= HOSTCC="${CC}" CC="${CC}" GCC="${CC}" cc="${GCC}" \ - HOSTCFLAGS="${CFLAGS}" SEABIOS_PATH="${LOCALBASE}/share/seabios/bios.bin" +MAKE_ARGS= clang=y QEMU_ARGS= --disable-gtk \ --disable-smartcard-nss \ --disable-sdl \ --disable-vte \ - --disable-glx \ --disable-curses \ --disable-tools \ --disable-curl \ --cxx=c++ -CFLAGS= -Wno-ignored-attributes -Qunused-arguments -Wno-header-guard \ - -Wno-tautological-compare -Wno-format-extra-args -w -EXTRA_PATCHES= ${FILESDIR}/0002-libxc-fix-xc_dom_load_elf_symtab.patch:-p1 \ - ${FILESDIR}/xsa160-4.6.patch:-p1 +EXTRA_PATCHES= ${FILESDIR}/var_paths.patch:-p1 + +CONFIGURE_ARGS+= --with-extra-qemuu-configure-args="${QEMU_ARGS}" \ + --with-system-seabios=${LOCALBASE}/share/seabios/bios.bin + +# Disable bash and xgettext tests, they are not needed on FreeBSD. +CONFIGURE_ENV+= ac_cv_path_BASH=${TRUE} -CONFIGURE_ARGS+= --with-extra-qemuu-configure-args="${QEMU_ARGS}" SHEBANG_FILES= tools/misc/xencov_split \ tools/misc/xen-ringwatch ALL_TARGET= tools docs @@ -73,7 +73,7 @@ ${WRKSRC}/tools/libxl/libxl_dm.c \ ${WRKSRC}/tools/qemu-xen-traditional/i386-dm/helper2.c \ ${WRKSRC}/docs/man/* - @for p in ${FILESDIR}/*qemuu*.patch; do \ + @for p in `ls ${FILESDIR}/*qemuu*.patch 2>/dev/null`; do \ ${ECHO_CMD} "====> Applying $${p##*/}" ; \ ${PATCH} -s -p1 -i $${p} -d ${WRKSRC}/tools/qemu-xen ; \ done Index: sysutils/xen-tools/distinfo =================================================================== --- sysutils/xen-tools/distinfo +++ sysutils/xen-tools/distinfo @@ -1,2 +1,3 @@ -SHA256 (xen-4.5.2.tar.gz) = 4c9e5dac4eea484974e9f76da2756c8e0973b4e884d28d37e955df9ebf00e7e8 -SIZE (xen-4.5.2.tar.gz) = 18416220 +TIMESTAMP = 1464773219 +SHA256 (xen-4.7.0-rc4.tar.gz) = ad752bc80da2ab31287e5249adbeea2536b8141eefd7e8a45a3df42db727c630 +SIZE (xen-4.7.0-rc4.tar.gz) = 20696897 Index: sysutils/xen-tools/files/0002-libxc-fix-xc_dom_load_elf_symtab.patch =================================================================== --- sysutils/xen-tools/files/0002-libxc-fix-xc_dom_load_elf_symtab.patch +++ /dev/null @@ -1,125 +0,0 @@ -From e438f954ae3c6685ccf83b3bd01983f3224af3ab Mon Sep 17 00:00:00 2001 -From: Roger Pau Monne -Date: Thu, 11 Jun 2015 17:31:43 +0200 -Subject: [PATCH 2/2] libxc: fix xc_dom_load_elf_symtab -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -xc_dom_load_elf_symtab was incorrectly trying to perform the same -calculations already done in elf_parse_bsdsyms when load == 0 is used. -Instead of trying to repeat the calculations, just trust what -elf_parse_bsdsyms has already accounted for. - -This also simplifies the code by allowing the non-load case to return -earlier. - -Signed-off-by: Roger Pau Monné -Cc: Ian Jackson -Cc: Stefano Stabellini -Cc: Ian Campbell -Cc: Wei Liu ---- - tools/libxc/xc_dom_elfloader.c | 33 ++++++++++++++------------------- - 1 file changed, 14 insertions(+), 19 deletions(-) - -diff --git a/tools/libxc/xc_dom_elfloader.c b/tools/libxc/xc_dom_elfloader.c -index 9843b1f..6ce1062 100644 ---- a/tools/libxc/xc_dom_elfloader.c -+++ b/tools/libxc/xc_dom_elfloader.c -@@ -128,6 +128,8 @@ static elf_errorstatus xc_dom_load_elf_symtab(struct xc_dom_image *dom, - return 0; - } - -+ size = elf->bsd_symtab_pend - elf->bsd_symtab_pstart; -+ - if ( load ) - { - char *hdr_ptr; -@@ -135,11 +137,10 @@ static elf_errorstatus xc_dom_load_elf_symtab(struct xc_dom_image *dom, - - if ( !dom->bsd_symtab_start ) - return 0; -- size = dom->kernel_seg.vend - dom->bsd_symtab_start; - hdr_ptr = xc_dom_vaddr_to_ptr(dom, dom->bsd_symtab_start, &allow_size); - if ( hdr_ptr == NULL ) - { -- DOMPRINTF("%s/load: xc_dom_vaddr_to_ptr(dom,dom->bsd_symtab_start" -+ DOMPRINTF("%s: xc_dom_vaddr_to_ptr(dom,dom->bsd_symtab_start" - " => NULL", __FUNCTION__); - return -1; - } -@@ -152,8 +153,6 @@ static elf_errorstatus xc_dom_load_elf_symtab(struct xc_dom_image *dom, - { - char *hdr_ptr; - -- size = sizeof(unsigned) + elf_size(elf, elf->ehdr) + -- elf_shdr_count(elf) * elf_size(elf, shdr); - hdr_ptr = xc_dom_malloc(dom, size); - if ( hdr_ptr == NULL ) - return 0; -@@ -161,6 +160,8 @@ static elf_errorstatus xc_dom_load_elf_symtab(struct xc_dom_image *dom, - elf->caller_xdest_size = size; - hdr = ELF_REALPTR2PTRVAL(hdr_ptr); - dom->bsd_symtab_start = elf_round_up(elf, dom->kernel_seg.vend); -+ dom->kernel_seg.vend = elf_round_up(elf, dom->bsd_symtab_start + size); -+ return 0; - } - - elf_memcpy_safe(elf, hdr + sizeof(unsigned), -@@ -189,9 +190,8 @@ static elf_errorstatus xc_dom_load_elf_symtab(struct xc_dom_image *dom, - } - if ( elf->caller_xdest_size < sizeof(unsigned) ) - { -- DOMPRINTF("%s/%s: header size %"PRIx64" too small", -- __FUNCTION__, load ? "load" : "parse", -- (uint64_t)elf->caller_xdest_size); -+ DOMPRINTF("%s: header size %"PRIx64" too small", -+ __FUNCTION__, (uint64_t)elf->caller_xdest_size); - return -1; - } - if ( elf_init(&syms, elf->caller_xdest_base + sizeof(unsigned), -@@ -219,10 +219,9 @@ static elf_errorstatus xc_dom_load_elf_symtab(struct xc_dom_image *dom, - maxaddr = elf_round_up(&syms, symtab + elf_size(&syms, syms.ehdr) + - elf_shdr_count(&syms) * elf_size(&syms, shdr)); - -- DOMPRINTF("%s/%s: bsd_symtab_start=%" PRIx64 ", kernel.end=0x%" PRIx64 -+ DOMPRINTF("%s: bsd_symtab_start=%" PRIx64 ", kernel.end=0x%" PRIx64 - " -- symtab=0x%" PRIx64 ", maxaddr=0x%" PRIx64 "", -- __FUNCTION__, load ? "load" : "parse", -- dom->bsd_symtab_start, dom->kernel_seg.vend, -+ __FUNCTION__, dom->bsd_symtab_start, dom->kernel_seg.vend, - symtab, maxaddr); - - count = elf_shdr_count(&syms); -@@ -279,13 +278,10 @@ static elf_errorstatus xc_dom_load_elf_symtab(struct xc_dom_image *dom, - type == SHT_SYMTAB ? "symtab" : "strtab", - size, maxaddr); - -- if ( load ) -- { -- shdr2 = elf_shdr_by_index(elf, h); -- elf_memcpy_safe(elf, elf_section_start(&syms, shdr), -- elf_section_start(elf, shdr2), -- size); -- } -+ shdr2 = elf_shdr_by_index(elf, h); -+ elf_memcpy_safe(elf, elf_section_start(&syms, shdr), -+ elf_section_start(elf, shdr2), -+ size); - } - - /* Name is NULL. */ -@@ -308,8 +304,7 @@ static elf_errorstatus xc_dom_load_elf_symtab(struct xc_dom_image *dom, - dom->bsd_symtab_start = 0; - return 0; - } -- if ( !load ) -- dom->kernel_seg.vend = maxaddr; -+ - return 0; - } - --- -1.9.5 (Apple Git-50.3) - Index: sysutils/xen-tools/files/patch-configure =================================================================== --- sysutils/xen-tools/files/patch-configure +++ /dev/null @@ -1,27 +0,0 @@ ---- configure.orig 2015-01-12 16:53:24 UTC -+++ configure -@@ -1936,7 +1936,7 @@ XEN_RUN_DIR=$localstatedir/run/xen - XEN_LOG_DIR=$localstatedir/log/xen - - --XEN_LIB_STORED=$localstatedir/lib/xenstored -+XEN_LIB_STORED=$localstatedir/db/xenstored - - - SHAREDIR=$prefix/share -@@ -1955,13 +1955,13 @@ XEN_SCRIPT_DIR=$XEN_CONFIG_DIR/scripts - - - case "$host_os" in --*freebsd*) XEN_LOCK_DIR=$localstatedir/lib ;; -+*freebsd*) XEN_LOCK_DIR=$localstatedir/db ;; - *netbsd*) XEN_LOCK_DIR=$localstatedir/lib ;; - *) XEN_LOCK_DIR=$localstatedir/lock ;; - esac - - --XEN_PAGING_DIR=$localstatedir/lib/xen/xenpaging -+XEN_PAGING_DIR=$localstatedir/db/xen/xenpaging - - - Index: sysutils/xen-tools/files/patch-tools_configure =================================================================== --- sysutils/xen-tools/files/patch-tools_configure +++ /dev/null @@ -1,27 +0,0 @@ ---- tools/configure.orig 2015-01-12 16:53:24 UTC -+++ tools/configure -@@ -3776,7 +3776,7 @@ XEN_RUN_DIR=$localstatedir/run/xen - XEN_LOG_DIR=$localstatedir/log/xen - - --XEN_LIB_STORED=$localstatedir/lib/xenstored -+XEN_LIB_STORED=$localstatedir/db/xenstored - - - SHAREDIR=$prefix/share -@@ -3795,13 +3795,13 @@ XEN_SCRIPT_DIR=$XEN_CONFIG_DIR/scripts - - - case "$host_os" in --*freebsd*) XEN_LOCK_DIR=$localstatedir/lib ;; -+*freebsd*) XEN_LOCK_DIR=$localstatedir/db ;; - *netbsd*) XEN_LOCK_DIR=$localstatedir/lib ;; - *) XEN_LOCK_DIR=$localstatedir/lock ;; - esac - - --XEN_PAGING_DIR=$localstatedir/lib/xen/xenpaging -+XEN_PAGING_DIR=$localstatedir/db/xen/xenpaging - - - Index: sysutils/xen-tools/files/patch-tools_libxc_xc__dom__bzimageloader.c =================================================================== --- sysutils/xen-tools/files/patch-tools_libxc_xc__dom__bzimageloader.c +++ /dev/null @@ -1,11 +0,0 @@ ---- tools/libxc/xc_dom_bzimageloader.c.orig 2015-11-03 09:11:18 UTC -+++ tools/libxc/xc_dom_bzimageloader.c -@@ -469,7 +469,7 @@ static int xc_try_lzo1x_decode( - - for ( *size = 0; ; ) - { -- lzo_uint src_len, dst_len, out_len; -+ lzo_uint src_len, dst_len, out_len = 0; - unsigned char *tmp_buf; - - msg = "Short input"; Index: sysutils/xen-tools/files/patch-tools_misc_xenpm.c =================================================================== --- sysutils/xen-tools/files/patch-tools_misc_xenpm.c +++ /dev/null @@ -1,13 +0,0 @@ ---- tools/misc/xenpm.c.orig 2015-11-03 09:11:18 UTC -+++ tools/misc/xenpm.c -@@ -97,8 +97,8 @@ static void parse_cpuid_and_int(int argc - - if ( argc == 0 || sscanf(argv[argc > 1], "%d", val) != 1 ) - { -- fprintf(stderr, argc ? "Invalid %s '%s'\n" : "Missing %s\n", -- what, argv[argc > 1]); -+ fprintf(stderr, argc ? "Invalid %s '%s'\n" : "Missing %s\n%s", -+ what, argc ? argv[argc > 1] : ""); - exit(EINVAL); - } - } Index: sysutils/xen-tools/files/patch-tools_qemu-xen_configure =================================================================== --- sysutils/xen-tools/files/patch-tools_qemu-xen_configure +++ /dev/null @@ -1,10 +0,0 @@ ---- tools/qemu-xen/configure.orig 2015-06-10 11:43:51 UTC -+++ tools/qemu-xen/configure -@@ -1451,6 +1451,7 @@ if test "$stack_protector" != "no" ; the - # We need to check both a compile and a link, since some compiler - # setups fail only on a .c->.o compile and some only at link time - if do_cc $QEMU_CFLAGS -Werror $flag -c -o $TMPO $TMPC && -+ do_cxx $QEMU_CXXFLAGS -Werror $flag -o $TMPE $TMPCXX $TMPO $LDFLAGS && - compile_prog "-Werror $flag" ""; then - QEMU_CFLAGS="$QEMU_CFLAGS $flag" - LIBTOOLFLAGS="$LIBTOOLFLAGS -Wc,$flag" Index: sysutils/xen-tools/files/var_paths.patch =================================================================== --- /dev/null +++ sysutils/xen-tools/files/var_paths.patch @@ -0,0 +1,13 @@ +diff --git a/config/FreeBSD.mk b/config/FreeBSD.mk +index bb3a5d0..b072030 100644 +--- a/config/FreeBSD.mk ++++ b/config/FreeBSD.mk +@@ -2,3 +2,8 @@ include $(XEN_ROOT)/config/StdGNU.mk + + # No wget on FreeBSD base system + WGET = ftp ++ ++XEN_LIB_STORED := ${localstatedir}/db/xenstored ++XEN_LOCK_DIR := ${localstatedir}/db ++XEN_PAGING_DIR := ${localstatedir}/db/xen/xenpaging ++XEN_DUMP_DIR := ${localstatedir}/crash/xen Index: sysutils/xen-tools/files/xsa160-4.6.patch =================================================================== --- sysutils/xen-tools/files/xsa160-4.6.patch +++ /dev/null @@ -1,69 +0,0 @@ -From adcbd15b1aec8367f790774c998db199c9b577bf Mon Sep 17 00:00:00 2001 -From: Ian Jackson -Date: Wed, 18 Nov 2015 15:34:54 +0000 -Subject: [PATCH] libxl: Fix bootloader-related virtual memory leak on pv - build failure - -The bootloader may call libxl__file_reference_map(), which mmap's the -pv_kernel and pv_ramdisk into process memory. This was only unmapped, -however, on the success path of libxl__build_pv(). If there were a -failure anywhere between libxl_bootloader.c:parse_bootloader_result() -and the end of libxl__build_pv(), the calls to -libxl__file_reference_unmap() would be skipped, leaking the mapped -virtual memory. - -Ideally this would be fixed by adding the unmap calls to the -destruction path for libxl__domain_build_state. Unfortunately the -lifetime of the libxl__domain_build_state is opaque, and it doesn't -have a proper destruction path. But, the only thing in it that isn't -from the gc are these bootloader references, and they are only ever -set for one libxl__domain_build_state, the one which is -libxl__domain_create_state.build_state. - -So we can clean up in the exit path from libxl__domain_create_*, which -always comes through domcreate_complete. - -Remove the now-redundant unmaps in libxl__build_pv's success path. - -This is XSA-160. - -Signed-off-by: George Dunlap -Signed-off-by: Ian Jackson -Tested-by: George Dunlap -Acked-by: Ian Campbell ---- - tools/libxl/libxl_create.c | 3 +++ - tools/libxl/libxl_dom.c | 3 --- - 2 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/tools/libxl/libxl_create.c b/tools/libxl/libxl_create.c -index f5771da..278b9ed 100644 ---- a/tools/libxl/libxl_create.c -+++ b/tools/libxl/libxl_create.c -@@ -1484,6 +1484,9 @@ static void domcreate_complete(libxl__egc *egc, - libxl_domain_config *const d_config = dcs->guest_config; - libxl_domain_config *d_config_saved = &dcs->guest_config_saved; - -+ libxl__file_reference_unmap(&dcs->build_state.pv_kernel); -+ libxl__file_reference_unmap(&dcs->build_state.pv_ramdisk); -+ - if (!rc && d_config->b_info.exec_ssidref) - rc = xc_flask_relabel_domain(CTX->xch, dcs->guest_domid, d_config->b_info.exec_ssidref); - -diff --git a/tools/libxl/libxl_dom.c b/tools/libxl/libxl_dom.c -index 8019f4e..2da3ac4 100644 ---- a/tools/libxl/libxl_dom.c -+++ b/tools/libxl/libxl_dom.c -@@ -750,9 +750,6 @@ int libxl__build_pv(libxl__gc *gc, uint32_t domid, - state->store_mfn = xc_dom_p2m_host(dom, dom->xenstore_pfn); - } - -- libxl__file_reference_unmap(&state->pv_kernel); -- libxl__file_reference_unmap(&state->pv_ramdisk); -- - ret = 0; - out: - xc_dom_release(dom); --- -1.7.10.4 - Index: sysutils/xen-tools/files/xsa162-qemuu.patch =================================================================== --- sysutils/xen-tools/files/xsa162-qemuu.patch +++ /dev/null @@ -1,42 +0,0 @@ -net: pcnet: add check to validate receive data size(CVE-2015-7504) - -In loopback mode, pcnet_receive routine appends CRC code to the -receive buffer. If the data size given is same as the buffer size, -the appended CRC code overwrites 4 bytes after s->buffer. Added a -check to avoid that. - -Reported-by: Qinghao Tang -Signed-off-by: Prasad J Pandit ---- - hw/net/pcnet.c | 10 ++++++---- - 1 file changed, 6 insertions(+), 4 deletions(-) - -diff --git a/hw/net/pcnet.c b/hw/net/pcnet.c -index 3437376..5f55591 100644 ---- a/hw/net/pcnet.c -+++ b/hw/net/pcnet.c -@@ -1085,7 +1085,7 @@ ssize_t pcnet_receive(NetClientState *nc, const uint8_t *buf, size_t size_) - uint32_t fcs = ~0; - uint8_t *p = src; - -- while (p != &src[size-4]) -+ while (p != &src[size]) - CRC(fcs, *p++); - crc_err = (*(uint32_t *)p != htonl(fcs)); - } -@@ -1234,8 +1234,10 @@ static void pcnet_transmit(PCNetState *s) - bcnt = 4096 - GET_FIELD(tmd.length, TMDL, BCNT); - - /* if multi-tmd packet outsizes s->buffer then skip it silently. -- Note: this is not what real hw does */ -- if (s->xmit_pos + bcnt > sizeof(s->buffer)) { -+ * Note: this is not what real hw does. -+ * Last four bytes of s->buffer are used to store CRC FCS code. -+ */ -+ if (s->xmit_pos + bcnt > sizeof(s->buffer) - 4) { - s->xmit_pos = -1; - goto txdone; - } --- -2.4.3 - Index: sysutils/xen-tools/pkg-plist =================================================================== --- sysutils/xen-tools/pkg-plist +++ sysutils/xen-tools/pkg-plist @@ -1,5 +1,7 @@ bin/pygrub +bin/xen-cpuid bin/xen-detect +bin/xenalyze bin/xencons bin/xencov_split bin/xenstore @@ -12,14 +14,14 @@ bin/xenstore-rm bin/xenstore-watch bin/xenstore-write -bin/xentrace bin/xentrace_format -bin/xentrace_setsize etc/bash_completion.d/xl.sh etc/rc.d/xencommons +etc/rc.d/xendriverdomain %%ETCDIR%%/README %%ETCDIR%%/README.incompatibilities %%ETCDIR%%/cpupool +%%ETCDIR%%/scripts/block %%ETCDIR%%/scripts/hotplugpath.sh %%ETCDIR%%/scripts/vif-bridge %%ETCDIR%%/xl.conf @@ -40,8 +42,10 @@ include/xen/COPYING include/xen/arch-arm.h include/xen/arch-arm/hvm/save.h +include/xen/arch-x86/cpufeatureset.h include/xen/arch-x86/cpuid.h include/xen/arch-x86/hvm/save.h +include/xen/arch-x86/pmu.h include/xen/arch-x86/xen-mca.h include/xen/arch-x86/xen-x86_32.h include/xen/arch-x86/xen-x86_64.h @@ -52,6 +56,7 @@ include/xen/dom0_ops.h include/xen/domctl.h include/xen/elfnote.h +include/xen/errno.h include/xen/event_channel.h include/xen/features.h include/xen/foreign/arm32.h @@ -63,6 +68,7 @@ include/xen/hvm/e820.h include/xen/hvm/hvm_info_table.h include/xen/hvm/hvm_op.h +include/xen/hvm/hvm_vcpu.h include/xen/hvm/hvm_xs_strings.h include/xen/hvm/ioreq.h include/xen/hvm/params.h @@ -84,11 +90,11 @@ include/xen/io/xenbus.h include/xen/io/xs_wire.h include/xen/kexec.h -include/xen/mem_event.h include/xen/memory.h include/xen/nmi.h include/xen/physdev.h include/xen/platform.h +include/xen/pmu.h include/xen/sched.h include/xen/sys/evtchn.h include/xen/sys/privcmd.h @@ -97,13 +103,18 @@ include/xen/trace.h include/xen/vcpu.h include/xen/version.h +include/xen/vm_event.h include/xen/xen-compat.h include/xen/xen.h include/xen/xencomm.h include/xen/xenoprof.h include/xen/xsm/flask_op.h +include/xencall.h include/xenctrl.h -include/xenctrlosdep.h +include/xenctrl_compat.h +include/xenevtchn.h +include/xenforeignmemory.h +include/xengnttab.h include/xenguest.h include/xenstat.h include/xenstore-compat/xs.h @@ -123,18 +134,34 @@ lib/libfsimage.so lib/libfsimage.so.1.0 lib/libfsimage.so.1.0.0 +lib/libxencall.a +lib/libxencall.so +lib/libxencall.so.1 +lib/libxencall.so.1.0 lib/libxenctrl.a lib/libxenctrl.so -lib/libxenctrl.so.4.5 -lib/libxenctrl.so.4.5.0 +lib/libxenctrl.so.4.7 +lib/libxenctrl.so.4.7.0 +lib/libxenevtchn.a +lib/libxenevtchn.so +lib/libxenevtchn.so.1 +lib/libxenevtchn.so.1.0 +lib/libxenforeignmemory.a +lib/libxenforeignmemory.so +lib/libxenforeignmemory.so.1 +lib/libxenforeignmemory.so.1.0 +lib/libxengnttab.a +lib/libxengnttab.so +lib/libxengnttab.so.1 +lib/libxengnttab.so.1.0 lib/libxenguest.a lib/libxenguest.so -lib/libxenguest.so.4.5 -lib/libxenguest.so.4.5.0 +lib/libxenguest.so.4.7 +lib/libxenguest.so.4.7.0 lib/libxenlight.a lib/libxenlight.so -lib/libxenlight.so.4.5 -lib/libxenlight.so.4.5.0 +lib/libxenlight.so.4.7 +lib/libxenlight.so.4.7.0 lib/libxenstat.a lib/libxenstat.so lib/libxenstat.so.0 @@ -143,10 +170,14 @@ lib/libxenstore.so lib/libxenstore.so.3.0 lib/libxenstore.so.3.0.3 +lib/libxentoollog.a +lib/libxentoollog.so +lib/libxentoollog.so.1 +lib/libxentoollog.so.1.0 lib/libxlutil.a lib/libxlutil.so -lib/libxlutil.so.4.3 -lib/libxlutil.so.4.3.0 +lib/libxlutil.so.4.7 +lib/libxlutil.so.4.7.0 %%PYTHON_SITELIBDIR%%/fsimage.so %%PYTHON_SITELIBDIR%%/grub/ExtLinuxConf.py %%PYTHON_SITELIBDIR%%/grub/ExtLinuxConf.pyc @@ -164,18 +195,35 @@ %%PYTHON_SITELIBDIR%%/xen/lowlevel/__init__.pyc %%PYTHON_SITELIBDIR%%/xen/lowlevel/xc.so %%PYTHON_SITELIBDIR%%/xen/lowlevel/xs.so +%%PYTHON_SITELIBDIR%%/xen/migration/__init__.py +%%PYTHON_SITELIBDIR%%/xen/migration/__init__.pyc +%%PYTHON_SITELIBDIR%%/xen/migration/legacy.py +%%PYTHON_SITELIBDIR%%/xen/migration/legacy.pyc +%%PYTHON_SITELIBDIR%%/xen/migration/libxc.py +%%PYTHON_SITELIBDIR%%/xen/migration/libxc.pyc +%%PYTHON_SITELIBDIR%%/xen/migration/libxl.py +%%PYTHON_SITELIBDIR%%/xen/migration/libxl.pyc +%%PYTHON_SITELIBDIR%%/xen/migration/public.py +%%PYTHON_SITELIBDIR%%/xen/migration/public.pyc +%%PYTHON_SITELIBDIR%%/xen/migration/tests.py +%%PYTHON_SITELIBDIR%%/xen/migration/tests.pyc +%%PYTHON_SITELIBDIR%%/xen/migration/verify.py +%%PYTHON_SITELIBDIR%%/xen/migration/verify.pyc +%%PYTHON_SITELIBDIR%%/xen/migration/xl.py +%%PYTHON_SITELIBDIR%%/xen/migration/xl.pyc +lib/xen/bin/convert-legacy-stream lib/xen/bin/libxl-save-helper lib/xen/bin/lsevtchn lib/xen/bin/pygrub lib/xen/bin/qemu-system-i386 lib/xen/bin/readnotes +lib/xen/bin/verify-stream-v2 lib/xen/bin/xen-init-dom0 lib/xen/bin/xenconsole lib/xen/bin/xenctx lib/xen/bin/xenpaging lib/xen/bin/xenpvnetboot lib/xen/boot/hvmloader -lib/xen/etc/qemu/target-x86_64.conf man/man1/xenstore-chmod.1.gz man/man1/xenstore-ls.1.gz man/man1/xenstore.1.gz @@ -186,6 +234,12 @@ man/man5/xl.conf.5.gz man/man5/xlcpupool.cfg.5.gz man/man8/xentrace.8.gz +sbin/flask-get-bool +sbin/flask-getenforce +sbin/flask-label-pci +sbin/flask-loadpolicy +sbin/flask-set-bool +sbin/flask-setenforce sbin/gdbsx sbin/gtracestat sbin/gtraceview @@ -198,6 +252,7 @@ sbin/xen-mfndump sbin/xen-ringwatch sbin/xen-tmem-list-parse +sbin/xen-xsplice sbin/xenbaked sbin/xenconsoled sbin/xencov @@ -208,10 +263,11 @@ sbin/xenpmd sbin/xenstored sbin/xentop +sbin/xentrace sbin/xentrace_setmask +sbin/xentrace_setsize sbin/xenwatchdogd sbin/xl -%%PORTDOCS%%%%DOCSDIR%%/README.xenmon %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/.deps %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,arch-arm,hvm,save.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,arch-arm.h.html @@ -219,6 +275,7 @@ %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,dom0_ops.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,domctl.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,elfnote.h.html +%%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,errno.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,event_channel.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,features.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,gcov.h.html @@ -226,6 +283,7 @@ %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,hvm,e820.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,hvm,hvm_info_table.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,hvm,hvm_op.h.html +%%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,hvm,hvm_vcpu.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,hvm,hvm_xs_strings.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,hvm,ioreq.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,hvm,params.h.html @@ -247,17 +305,18 @@ %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,io,xenbus.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,io,xs_wire.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,kexec.h.html -%%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,mem_event.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,memory.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,nmi.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,physdev.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,platform.h.html +%%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,pmu.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,sched.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,sysctl.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,tmem.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,trace.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,vcpu.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,version.h.html +%%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,vm_event.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,xen-compat.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,xen.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/include,public,xencomm.h.html @@ -267,8 +326,10 @@ %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/arm/index.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/index.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/.deps +%%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,arch-x86,cpufeatureset.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,arch-x86,cpuid.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,arch-x86,hvm,save.h.html +%%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,arch-x86,pmu.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,arch-x86,xen-mca.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,arch-x86,xen-x86_32.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,arch-x86,xen.h.html @@ -277,6 +338,7 @@ %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,dom0_ops.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,domctl.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,elfnote.h.html +%%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,errno.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,event_channel.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,features.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,gcov.h.html @@ -284,6 +346,7 @@ %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,hvm,e820.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,hvm,hvm_info_table.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,hvm,hvm_op.h.html +%%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,hvm,hvm_vcpu.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,hvm,hvm_xs_strings.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,hvm,ioreq.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,hvm,params.h.html @@ -305,17 +368,18 @@ %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,io,xenbus.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,io,xs_wire.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,kexec.h.html -%%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,mem_event.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,memory.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,nmi.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,physdev.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,platform.h.html +%%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,pmu.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,sched.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,sysctl.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,tmem.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,trace.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,vcpu.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,version.h.html +%%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,vm_event.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,xen-compat.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,xen.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,public,xencomm.h.html @@ -324,8 +388,10 @@ %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/include,xen,errno.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_32/index.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/.deps +%%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,arch-x86,cpufeatureset.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,arch-x86,cpuid.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,arch-x86,hvm,save.h.html +%%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,arch-x86,pmu.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,arch-x86,xen-mca.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,arch-x86,xen-x86_64.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,arch-x86,xen.h.html @@ -334,6 +400,7 @@ %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,dom0_ops.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,domctl.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,elfnote.h.html +%%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,errno.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,event_channel.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,features.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,gcov.h.html @@ -341,6 +408,7 @@ %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,hvm,e820.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,hvm,hvm_info_table.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,hvm,hvm_op.h.html +%%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,hvm,hvm_vcpu.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,hvm,hvm_xs_strings.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,hvm,ioreq.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,hvm,params.h.html @@ -362,17 +430,18 @@ %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,io,xenbus.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,io,xs_wire.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,kexec.h.html -%%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,mem_event.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,memory.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,nmi.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,physdev.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,platform.h.html +%%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,pmu.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,sched.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,sysctl.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,tmem.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,trace.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,vcpu.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,version.h.html +%%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,vm_event.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,xen-compat.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,xen.h.html %%PORTDOCS%%%%DOCSDIR%%/html/hypercall/x86_64/include,public,xencomm.h.html @@ -385,36 +454,68 @@ %%PORTDOCS%%%%DOCSDIR%%/html/man/xenstore-chmod.1.html %%PORTDOCS%%%%DOCSDIR%%/html/man/xenstore-ls.1.html %%PORTDOCS%%%%DOCSDIR%%/html/man/xenstore.1.html +%%PORTDOCS%%%%DOCSDIR%%/html/man/xentop.1.html +%%PORTDOCS%%%%DOCSDIR%%/html/man/xentrace.8.html +%%PORTDOCS%%%%DOCSDIR%%/html/man/xentrace_format.1.html %%PORTDOCS%%%%DOCSDIR%%/html/man/xl.1.html %%PORTDOCS%%%%DOCSDIR%%/html/man/xl.cfg.5.html %%PORTDOCS%%%%DOCSDIR%%/html/man/xl.conf.5.html %%PORTDOCS%%%%DOCSDIR%%/html/man/xlcpupool.cfg.5.html %%PORTDOCS%%%%DOCSDIR%%/html/misc/amd-ucode-container.txt +%%PORTDOCS%%%%DOCSDIR%%/html/misc/arm/booting.txt +%%PORTDOCS%%%%DOCSDIR%%/html/misc/arm/device-tree/booting.txt +%%PORTDOCS%%%%DOCSDIR%%/html/misc/arm/device-tree/guest.txt +%%PORTDOCS%%%%DOCSDIR%%/html/misc/arm/device-tree/index.html +%%PORTDOCS%%%%DOCSDIR%%/html/misc/arm/device-tree/passthrough.txt +%%PORTDOCS%%%%DOCSDIR%%/html/misc/arm/early-printk.txt +%%PORTDOCS%%%%DOCSDIR%%/html/misc/arm/index.html +%%PORTDOCS%%%%DOCSDIR%%/html/misc/arm/passthrough.txt +%%PORTDOCS%%%%DOCSDIR%%/html/misc/block-scripts.txt %%PORTDOCS%%%%DOCSDIR%%/html/misc/channel.txt %%PORTDOCS%%%%DOCSDIR%%/html/misc/console.txt +%%PORTDOCS%%%%DOCSDIR%%/html/misc/coverage.html %%PORTDOCS%%%%DOCSDIR%%/html/misc/crashdb.txt %%PORTDOCS%%%%DOCSDIR%%/html/misc/distro_mapping.txt %%PORTDOCS%%%%DOCSDIR%%/html/misc/dump-core-format.txt +%%PORTDOCS%%%%DOCSDIR%%/html/misc/efi.html %%PORTDOCS%%%%DOCSDIR%%/html/misc/grant-tables.txt +%%PORTDOCS%%%%DOCSDIR%%/html/misc/hvm-emulated-unplug.html +%%PORTDOCS%%%%DOCSDIR%%/html/misc/hvmlite.html %%PORTDOCS%%%%DOCSDIR%%/html/misc/index.html +%%PORTDOCS%%%%DOCSDIR%%/html/misc/kconfig-language.txt +%%PORTDOCS%%%%DOCSDIR%%/html/misc/kconfig.txt %%PORTDOCS%%%%DOCSDIR%%/html/misc/kexec_and_kdump.txt %%PORTDOCS%%%%DOCSDIR%%/html/misc/libxl_memory.txt %%PORTDOCS%%%%DOCSDIR%%/html/misc/pci-device-reservations.txt %%PORTDOCS%%%%DOCSDIR%%/html/misc/printk-formats.txt %%PORTDOCS%%%%DOCSDIR%%/html/misc/pvh-readme.txt -%%PORTDOCS%%%%DOCSDIR%%/html/misc/sedf_scheduler_mini-HOWTO.txt +%%PORTDOCS%%%%DOCSDIR%%/html/misc/pvh.html +%%PORTDOCS%%%%DOCSDIR%%/html/misc/qemu-backends.txt +%%PORTDOCS%%%%DOCSDIR%%/html/misc/qemu-deprivilege.txt +%%PORTDOCS%%%%DOCSDIR%%/html/misc/stubdom.txt %%PORTDOCS%%%%DOCSDIR%%/html/misc/tscmode.txt %%PORTDOCS%%%%DOCSDIR%%/html/misc/vbd-interface.txt +%%PORTDOCS%%%%DOCSDIR%%/html/misc/vtd-pi.txt %%PORTDOCS%%%%DOCSDIR%%/html/misc/vtd.txt %%PORTDOCS%%%%DOCSDIR%%/html/misc/vtpm-platforms.txt %%PORTDOCS%%%%DOCSDIR%%/html/misc/vtpm.txt %%PORTDOCS%%%%DOCSDIR%%/html/misc/vtpmmgr.txt +%%PORTDOCS%%%%DOCSDIR%%/html/misc/x86-xenpv-bootloader.html +%%PORTDOCS%%%%DOCSDIR%%/html/misc/xen-command-line.html %%PORTDOCS%%%%DOCSDIR%%/html/misc/xen-error-handling.txt +%%PORTDOCS%%%%DOCSDIR%%/html/misc/xenmon.txt %%PORTDOCS%%%%DOCSDIR%%/html/misc/xenpaging.txt +%%PORTDOCS%%%%DOCSDIR%%/html/misc/xenstore-paths.html %%PORTDOCS%%%%DOCSDIR%%/html/misc/xenstore-ring.txt %%PORTDOCS%%%%DOCSDIR%%/html/misc/xenstore.txt %%PORTDOCS%%%%DOCSDIR%%/html/misc/xl-disk-configuration.txt +%%PORTDOCS%%%%DOCSDIR%%/html/misc/xl-network-configuration.html +%%PORTDOCS%%%%DOCSDIR%%/html/misc/xl-numa-placement.html +%%PORTDOCS%%%%DOCSDIR%%/html/misc/xl-psr.html %%PORTDOCS%%%%DOCSDIR%%/html/misc/xsm-flask.txt +%%PORTDOCS%%%%DOCSDIR%%/html/misc/xsplice.html +share/pkgconfig/xenlight.pc +share/pkgconfig/xlutil.pc share/qemu-xen/qemu/QEMU,cgthree.bin share/qemu-xen/qemu/QEMU,tcx.bin share/qemu-xen/qemu/acpi-dsdt.aml @@ -488,16 +589,18 @@ share/qemu-xen/qemu/sgabios.bin share/qemu-xen/qemu/slof.bin share/qemu-xen/qemu/spapr-rtas.bin +share/qemu-xen/qemu/trace-events +share/qemu-xen/qemu/u-boot.e500 share/qemu-xen/qemu/vgabios-cirrus.bin share/qemu-xen/qemu/vgabios-qxl.bin share/qemu-xen/qemu/vgabios-stdvga.bin +share/qemu-xen/qemu/vgabios-virtio.bin share/qemu-xen/qemu/vgabios-vmware.bin share/qemu-xen/qemu/vgabios.bin @dir %%ETCDIR%%/auto +@dir /var/crash/xen @dir /var/db/xen/xenpaging @dir /var/db/xen @dir /var/db/xenstored @dir /var/log/xen -@dir /var/xen/dump -@dir /var/xen @dir /var/run/xen