Index: head/emulators/xen-kernel/Makefile =================================================================== --- head/emulators/xen-kernel/Makefile (revision 429073) +++ head/emulators/xen-kernel/Makefile (revision 429074) @@ -1,77 +1,78 @@ # $FreeBSD$ PORTNAME= xen PKGNAMESUFFIX= -kernel PORTVERSION= 4.7.1 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= emulators MASTER_SITES= http://downloads.xenproject.org/release/xen/${PORTVERSION}/ MAINTAINER= royger@FreeBSD.org COMMENT= Hypervisor using a microkernel design LICENSE= GPLv2 ONLY_FOR_ARCHS= amd64 USES= cpe gmake python:build # We need to use ld from ports because the version in base doesn't # support the '--build-id' switch that's needed for live hypervisor # hot-patching. Once the ld version in base supports this option the # dependency can be removed. # # GNU objcopy is used instead of elftc objcopy because of bug #533: # https://sourceforge.net/p/elftoolchain/tickets/533/ # Once this is solved we should be able to switch to elfcopy. # # And finally we also need to use nm from binutils because the one # from base cannot deal with i386pep binary files which is the format # of the Xen EFI image (note that FreeBSD cannot yet boot as Dom0 from EFI, # but the image is built anyway). This is reported to elftc as bug #534: # https://sourceforge.net/p/elftoolchain/tickets/534/ MAKE_ARGS= clang=y PYTHON=${PYTHON_CMD} LD="${LD}" OBJCOPY="${OBJCOPY}" \ NM="${NM}" USE_BINUTILS= yes NO_MTREE= yes STRIP= # PLIST_FILES= /boot/xen \ /boot/xen.4th EXTRA_PATCHES= ${FILESDIR}/0001-xen-logdirty-prevent-preemption-if-finished.patch:-p1 \ ${FILESDIR}/0002-xen-rework-paging_log_dirty_op-to-work-with-hvm-gues.patch:-p1 \ ${FILESDIR}/kconf_arch.patch:-p1 \ ${FILESDIR}/xsa191.patch \ ${FILESDIR}/xsa192.patch \ ${FILESDIR}/xsa193-4.7.patch \ ${FILESDIR}/xsa194.patch \ ${FILESDIR}/xsa195.patch \ ${FILESDIR}/xsa200-4.7.patch \ - ${FILESDIR}/xsa204-4.7.patch + ${FILESDIR}/xsa204-4.7.patch \ + ${FILESDIR}/xsa202.patch .include .if ${OPSYS} != FreeBSD IGNORE= Only supported on FreeBSD .endif .if ${OSVERSION} < 1100055 IGNORE= Only supported on recent FreeBSD 11 .endif pre-build: ${MAKE_CMD} -C ${WRKSRC}/xen defconfig ${MAKE_ARGS} # Enable hypervisor hot-patching. echo 'CONFIG_XSPLICE=y' >> ${WRKSRC}/xen/.config echo 'CONFIG_FAST_SYMBOL_LOOKUP=y' >> ${WRKSRC}/xen/.config # The ports native 'build' target cannot be used because it sets # CFLAGS, and that breaks the Xen build system. do-build: ${MAKE_CMD} -j${MAKE_JOBS_NUMBER} -C ${WRKSRC}/xen build ${MAKE_ARGS} do-install: ${MKDIR} ${STAGEDIR}/boot ${INSTALL_PROGRAM} ${WRKSRC}/xen/xen ${STAGEDIR}/boot ${INSTALL_DATA} ${FILESDIR}/xen.4th ${STAGEDIR}/boot .include Index: head/emulators/xen-kernel/files/xsa202.patch =================================================================== --- head/emulators/xen-kernel/files/xsa202.patch (nonexistent) +++ head/emulators/xen-kernel/files/xsa202.patch (revision 429074) @@ -0,0 +1,75 @@ +From: Jan Beulich +Subject: x86: force EFLAGS.IF on when exiting to PV guests + +Guest kernels modifying instructions in the process of being emulated +for another of their vCPU-s may effect EFLAGS.IF to be cleared upon +next exiting to guest context, by converting the being emulated +instruction to CLI (at the right point in time). Prevent any such bad +effects by always forcing EFLAGS.IF on. And to cover hypothetical other +similar issues, also force EFLAGS.{IOPL,NT,VM} to zero. + +This is XSA-202. + +Signed-off-by: Jan Beulich +Reviewed-by: Andrew Cooper +--- + +--- a/xen/arch/x86/x86_64/compat/entry.S ++++ b/xen/arch/x86/x86_64/compat/entry.S +@@ -109,6 +109,8 @@ compat_process_trap: + /* %rbx: struct vcpu, interrupts disabled */ + ENTRY(compat_restore_all_guest) + ASSERT_INTERRUPTS_DISABLED ++ mov $~(X86_EFLAGS_IOPL|X86_EFLAGS_NT|X86_EFLAGS_VM),%r11d ++ and UREGS_eflags(%rsp),%r11d + .Lcr4_orig: + .skip .Lcr4_alt_end - .Lcr4_alt, 0x90 + .Lcr4_orig_end: +@@ -144,6 +146,8 @@ ENTRY(compat_restore_all_guest) + (.Lcr4_orig_end - .Lcr4_orig), \ + (.Lcr4_alt_end - .Lcr4_alt) + .popsection ++ or $X86_EFLAGS_IF,%r11 ++ mov %r11d,UREGS_eflags(%rsp) + RESTORE_ALL adj=8 compat=1 + .Lft0: iretq + _ASM_PRE_EXTABLE(.Lft0, handle_exception) +--- a/xen/arch/x86/x86_64/entry.S ++++ b/xen/arch/x86/x86_64/entry.S +@@ -40,28 +40,29 @@ restore_all_guest: + testw $TRAP_syscall,4(%rsp) + jz iret_exit_to_guest + ++ movq 24(%rsp),%r11 # RFLAGS ++ andq $~(X86_EFLAGS_IOPL|X86_EFLAGS_NT|X86_EFLAGS_VM),%r11 ++ orq $X86_EFLAGS_IF,%r11 ++ + /* Don't use SYSRET path if the return address is not canonical. */ + movq 8(%rsp),%rcx + sarq $47,%rcx + incl %ecx + cmpl $1,%ecx +- ja .Lforce_iret ++ movq 8(%rsp),%rcx # RIP ++ ja iret_exit_to_guest + + cmpw $FLAT_USER_CS32,16(%rsp)# CS +- movq 8(%rsp),%rcx # RIP +- movq 24(%rsp),%r11 # RFLAGS + movq 32(%rsp),%rsp # RSP + je 1f + sysretq + 1: sysretl + +-.Lforce_iret: +- /* Mimic SYSRET behavior. */ +- movq 8(%rsp),%rcx # RIP +- movq 24(%rsp),%r11 # RFLAGS + ALIGN + /* No special register assumptions. */ + iret_exit_to_guest: ++ andl $~(X86_EFLAGS_IOPL|X86_EFLAGS_NT|X86_EFLAGS_VM),24(%rsp) ++ orl $X86_EFLAGS_IF,24(%rsp) + addq $8,%rsp + .Lft0: iretq + _ASM_PRE_EXTABLE(.Lft0, handle_exception) Property changes on: head/emulators/xen-kernel/files/xsa202.patch ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property