Hello community,
here is the log from the commit of package xen for openSUSE:Factory checked in
at 2017-06-04 01:49:50
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/xen (Old)
and /work/SRC/openSUSE:Factory/.xen.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "xen"
Sun Jun 4 01:49:50 2017 rev:229 rq:500486 version:4.9.0_07
Changes:
--------
--- /work/SRC/openSUSE:Factory/xen/xen.changes 2017-05-27 13:09:39.973294867
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2017-06-04
01:50:28.259526615 +0200
@@ -1,0 +2,26 @@
+Thu Jun 1 13:24:26 MDT 2017 - carn...@suse.com
+
+- bsc#1042160 - VUL-1: CVE-2017-9330: xen: usb: ohci: infinite loop
+ due to incorrect return value
+
CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch
+
+-------------------------------------------------------------------
+Tue May 30 11:24:41 MDT 2017 - carn...@suse.com
+
+- bsc#1037243 - VUL-1: CVE-2017-8309: xen: audio: host memory
+ leakage via capture buffer
+ CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch
+
+-------------------------------------------------------------------
+Fri May 26 12:58:06 MDT 2017 - carn...@suse.com
+
+- Update to Xen 4.9.0-rc7 (fate#321394, fate#323108)
+ xen-4.9.0-testing-src.tar.bz2
+
+-------------------------------------------------------------------
+Mon May 22 14:43:01 MDT 2017 - carn...@suse.com
+
+- Update to Xen 4.9.0-rc6 (fate#321394, fate#323108)
+ xen-4.9.0-testing-src.tar.bz2
+
+-------------------------------------------------------------------
New:
----
CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch
CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ xen.spec ++++++
--- /var/tmp/diff_new_pack.uB4tUt/_old 2017-06-04 01:50:31.191112417 +0200
+++ /var/tmp/diff_new_pack.uB4tUt/_new 2017-06-04 01:50:31.195111852 +0200
@@ -159,7 +159,7 @@
%endif
%endif
-Version: 4.9.0_04
+Version: 4.9.0_07
Release: 0
Summary: Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
License: GPL-2.0
@@ -237,6 +237,8 @@
Patch286:
CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch
Patch287:
CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch
Patch288:
CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch
+Patch289:
CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch
+Patch290:
CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch
# qemu-traditional patches that are not upstream
Patch350: blktap.patch
Patch351: cdrom-removable.patch
@@ -557,6 +559,8 @@
%patch286 -p1
%patch287 -p1
%patch288 -p1
+%patch289 -p1
+%patch290 -p1
# Qemu traditional
%patch350 -p1
%patch351 -p1
++++++ CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch
++++++
References: bsc#1037243 CVE-2017-8309
Subject: audio: release capture buffers
From: Gerd Hoffmann kra...@redhat.com Fri Apr 28 09:56:12 2017 +0200
Date: Thu May 4 08:31:48 2017 +0200:
Git: 3268a845f41253fb55852a8429c32b50f36f349a
AUD_add_capture() allocates two buffers which are never released.
Add the missing calls to AUD_del_capture().
Impact: Allows vnc clients to exhaust host memory by repeatedly
starting and stopping audio capture.
Fixes: CVE-2017-8309
Cc: P J P <ppan...@redhat.com>
Cc: Huawei PSIRT <ps...@huawei.com>
Reported-by: "Jiangxin (hunter, SCC)" <jiangx...@huawei.com>
Signed-off-by: Gerd Hoffmann <kra...@redhat.com>
Reviewed-by: Prasad J Pandit <p...@fedoraproject.org>
Message-id: 20170428075612.9997-1-kra...@redhat.com
Index: xen-4.9.0-testing/tools/qemu-xen-traditional-dir-remote/audio/audio.c
===================================================================
--- xen-4.9.0-testing.orig/tools/qemu-xen-traditional-dir-remote/audio/audio.c
+++ xen-4.9.0-testing/tools/qemu-xen-traditional-dir-remote/audio/audio.c
@@ -1937,6 +1937,8 @@ void AUD_del_capture (CaptureVoiceOut *c
sw = sw1;
}
LIST_REMOVE (cap, entries);
+ qemu_free (cap->hw.mix_buf);
+ qemu_free (cap->buf);
qemu_free (cap);
}
return;
++++++
CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch
++++++
References: bsc#1042160 CVE-2017-9330
Index: xen-4.9.0-testing/tools/qemu-xen-traditional-dir-remote/hw/usb-ohci.c
===================================================================
--- xen-4.9.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/usb-ohci.c
+++ xen-4.9.0-testing/tools/qemu-xen-traditional-dir-remote/hw/usb-ohci.c
@@ -583,7 +583,7 @@ static int ohci_service_iso_td(OHCIState
if (!ohci_read_iso_td(addr, &iso_td)) {
printf("usb-ohci: ISO_TD read error at %x\n", addr);
- return 0;
+ return 1;
}
starting_frame = OHCI_BM(iso_td.flags, TD_SF);
++++++ aarch64-maybe-uninitialized.patch ++++++
--- /var/tmp/diff_new_pack.uB4tUt/_old 2017-06-04 01:50:31.371086989 +0200
+++ /var/tmp/diff_new_pack.uB4tUt/_new 2017-06-04 01:50:31.375086424 +0200
@@ -1,6 +1,8 @@
---- xen-4.9.0-testing/tools/libxl/libxl_arm_acpi.c.orig 2017-04-28
09:40:33.038730388 -0600
-+++ xen-4.9.0-testing/tools/libxl/libxl_arm_acpi.c 2017-04-28
09:41:20.332937907 -0600
-@@ -98,7 +98,7 @@ int libxl__get_acpi_size(libxl__gc *gc,
+Index: xen-4.9.0-testing/tools/libxl/libxl_arm_acpi.c
+===================================================================
+--- xen-4.9.0-testing.orig/tools/libxl/libxl_arm_acpi.c
++++ xen-4.9.0-testing/tools/libxl/libxl_arm_acpi.c
+@@ -99,7 +99,7 @@ int libxl__get_acpi_size(libxl__gc *gc,
const libxl_domain_build_info *info,
uint64_t *out)
{
@@ -9,7 +11,7 @@
int rc = 0;
-@@ -123,7 +123,7 @@ static int libxl__allocate_acpi_tables(l
+@@ -124,7 +124,7 @@ static int libxl__allocate_acpi_tables(l
struct acpitable acpitables[])
{
int rc;
++++++ libxl.pvscsi.patch ++++++
--- /var/tmp/diff_new_pack.uB4tUt/_old 2017-06-04 01:50:31.603054215 +0200
+++ /var/tmp/diff_new_pack.uB4tUt/_new 2017-06-04 01:50:31.603054215 +0200
@@ -226,7 +226,7 @@
===================================================================
--- xen-4.9.0-testing.orig/tools/libxl/libxl_internal.h
+++ xen-4.9.0-testing/tools/libxl/libxl_internal.h
-@@ -3527,6 +3527,7 @@ static inline int *libxl__device_type_ge
+@@ -3531,6 +3531,7 @@ static inline int *libxl__device_type_ge
extern const struct libxl_device_type libxl__disk_devtype;
extern const struct libxl_device_type libxl__nic_devtype;
extern const struct libxl_device_type libxl__vtpm_devtype;
++++++ libxl.set-migration-constraints-from-cmdline.patch ++++++
--- /var/tmp/diff_new_pack.uB4tUt/_old 2017-06-04 01:50:31.615052520 +0200
+++ /var/tmp/diff_new_pack.uB4tUt/_new 2017-06-04 01:50:31.619051954 +0200
@@ -331,7 +331,7 @@
===================================================================
--- xen-4.9.0-testing.orig/tools/libxl/libxl_internal.h
+++ xen-4.9.0-testing/tools/libxl/libxl_internal.h
-@@ -3302,6 +3302,10 @@ struct libxl__domain_save_state {
+@@ -3306,6 +3306,10 @@ struct libxl__domain_save_state {
/* private */
int rc;
int hvm;
++++++ xen-4.9.0-testing-src.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/ChangeLog
new/xen-4.9.0-testing/ChangeLog
--- old/xen-4.9.0-testing/ChangeLog 2017-05-16 17:03:05.000000000 +0200
+++ new/xen-4.9.0-testing/ChangeLog 2017-05-26 20:56:48.000000000 +0200
@@ -1,13 +1,130 @@
-commit 17880a0f10421c5e456d593c70da03b1688d34ac
-Author: Jan Beulich <jbeul...@suse.com>
-Date: Fri May 12 17:24:17 2017 +0200
+commit 876800d5f9de8b15355172794cb82f505dd26e18
+Author: Ian Jackson <ian.jack...@eu.citrix.com>
+Date: Wed May 24 16:54:11 2017 +0100
- public/elfnote: document non-alignment of relocated init-P2M
+ Makefile: Regularise subdir targets and their dependencies
- Since PV kernels can't use large pages anyway, when the init-P2M
- support was added it was decided to keep the implementation simple and
- not align large pages in PFN space. Document this.
+ Recent changes to this Makefile have broken some build targets, and
+ some parallel builds.
- Signed-off-by: Jan Beulich <jbeul...@suse.com>
- Acked-by: Andrew Cooper <andrew.coop...@citrix.com>
+ Looking at it, I think I have identified the undocumented design
+ intent in the top-level Makefile. So in this patch I document it, and
+ also make it true.
+
+ In detail:
+
+ * Add a comment with the new design intent
+ * Get rid of the ad-hoc rules for recursing into tools/include,
+ and replace them with a pattern rule
+ * Add an appropriate dependency on TARGET-tools-public-headers from
+ TARGET-tools and TARGET-stubdom (but not dist-*).
+ * Get rid of all the separate invocations of $(MAKE) -C tools/include
+ which are now obsolete
+ * Un-deprecate the simple `tools' etc. targets (aliases for `dist-tools')
+ which we seem not to be making any effort to get rid of
+
+ I have verified with the following shell script that after my change,
+ the tree producese the same results for various build targets as
+ 3fafdc28eb98 (before the Makefile-hacking started).
+
+ My tests failed as expected for make -C tools, both before and after.
+
+ Separately, there is a bug in the Makefiles that `make distclean-tools'
+ fails. I have not investigated that bug in detail.
+
+ #!/bin/bash
+
+ set -e
+ set -o pipefail
+
+ listings=../listings
+
+ rm -rf $listings
+ mkdir $listings
+
+ chks () {
+ reskey="C$subdir $*"
+ reskey="${reskey// /_}"
+ reskey="${reskey//\//:}"
+ lk=$listings/$reskey
+ for suffix in '' -xen -tools -stubdom -docs; do
+ case "$subdir:$suffix" in
+ .:*) ;;
+ *:) ;;
+ *) continue;;
+ esac
+ git clean -qxdff
+ rm -rf $output
+ printf '%s' "running -C$subdir suffix=$suffix "
+ case "$subdir $suffix" in
+ *xen*) ;;
+ *) printf 'configure '; ./configure >$lk.cfg 2>&1 ;;
+ esac
+ fail=''
+ for targ in $*; do
+ realtarg=$targ$suffix
+ printf '%s ' "$realtarg"
+ if ! make -C $subdir -j10 $realtarg
>${lk}_${realtarg}.log 2>&1
+ then
+ fail=$realtarg
+ break
+ fi
+ done
+ if [ "$fail" ]; then
+ echo fail!
+ echo "$fail failed" >$lk.list
+ else
+ echo ok.
+ (test ! -e "$output" || find $output) |sort >$lk.list
+ fi
+ done
+ }
+
+ subdirs='. xen docs tools'
+
+ output=$PWD/dist
+ for subdir in $subdirs; do
+ chks build clean distclean
+ done
+
+ output=$PWD/dist
+ subdir=.
+ chks dist
+
+ export DESTDIR=$PWD/destdir
+ output=$PWD/destdir
+ for subdir in $subdirs; do
+ chks install
+ done
+
+ And the output:
+
+ (64)iwj@mariner:~/work/xen.git$ ~/junk/chks
+ running -C. suffix= configure build clean distclean ok.
+ running -C. suffix=-xen build-xen clean-xen distclean-xen ok.
+ running -C. suffix=-tools configure build-tools clean-tools
distclean-tools fail!
+ running -C. suffix=-stubdom configure build-stubdom clean-stubdom
distclean-stubdom ok.
+ running -C. suffix=-docs configure build-docs clean-docs
distclean-docs ok.
+ running -Cxen suffix= build clean distclean ok.
+ running -Cdocs suffix= configure build clean distclean ok.
+ running -Ctools suffix= configure build fail!
+ running -C. suffix= configure dist ok.
+ running -C. suffix=-xen dist-xen ok.
+ running -C. suffix=-tools configure dist-tools ok.
+ running -C. suffix=-stubdom configure dist-stubdom ok.
+ running -C. suffix=-docs configure dist-docs ok.
+ running -C. suffix= configure install ok.
+ running -C. suffix=-xen install-xen ok.
+ running -C. suffix=-tools configure install-tools ok.
+ running -C. suffix=-stubdom configure install-stubdom ok.
+ running -C. suffix=-docs configure install-docs ok.
+ running -Cxen suffix= install ok.
+ running -Cdocs suffix= configure install ok.
+ running -Ctools suffix= configure install fail!
+ (64)iwj@mariner:~/work/xen.git$
+
+ CC: Wei Liu <wei.l...@citrix.com>
+ Signed-off-by: Ian Jackson <ian.jack...@eu.citrix.com>
+ Tested-by: M A Young <m.a.yo...@durham.ac.uk>
+ Tested-by: Andrew Cooper <andrew.coop...@citrix.com>
Release-acked-by: Julien Grall <julien.gr...@arm.com>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/Makefile
new/xen-4.9.0-testing/Makefile
--- old/xen-4.9.0-testing/Makefile 2017-05-16 17:03:05.000000000 +0200
+++ new/xen-4.9.0-testing/Makefile 2017-05-26 20:56:48.000000000 +0200
@@ -38,6 +38,10 @@
export XEN_TARGET_ARCH
export DESTDIR
+.PHONY: %-tools-public-headers
+%-tools-public-headers:
+ $(MAKE) -C tools/include $*
+
# build and install everything into the standard system directories
.PHONY: install
install: $(TARGS_INSTALL)
@@ -50,11 +54,11 @@
$(MAKE) -C xen build
.PHONY: build-tools
-build-tools:
+build-tools: build-tools-public-headers
$(MAKE) -C tools build
.PHONY: build-stubdom
-build-stubdom: mini-os-dir
+build-stubdom: mini-os-dir build-tools-public-headers
$(MAKE) -C stubdom build
ifeq (x86_64,$(XEN_TARGET_ARCH))
XEN_TARGET_ARCH=x86_32 $(MAKE) -C stubdom pv-grub
@@ -71,7 +75,22 @@
test:
$(MAKE) -C tools/python test
-# build and install everything into local dist directory
+# For most targets here,
+# make COMPONENT-TARGET
+# is implemented, more or less, by
+# make -C COMPONENT TARGET
+#
+# Each rule that does this needs to have dependencies on any
+# other COMPONENTs that have to be processed first. See
+# The install-tools target here for an example.
+#
+# dist* targets are special: these do not occur in lower-level
+# Makefiles. Instead, these are all implemented only here.
+# They run the appropriate install targets with DESTDIR set.
+#
+# Also, we have a number of targets COMPONENT which run
+# dist-COMPONENT, for convenience.
+
.PHONY: dist
dist: DESTDIR=$(DISTDIR)/install
dist: $(TARGS_DIST) dist-misc
@@ -81,11 +100,12 @@
$(INSTALL_DATA) ./COPYING $(DISTDIR)
$(INSTALL_DATA) ./README $(DISTDIR)
$(INSTALL_PROG) ./install.sh $(DISTDIR)
+
+
dist-%: DESTDIR=$(DISTDIR)/install
dist-%: install-%
@: # do nothing
-# Legacy dist targets
.PHONY: xen tools stubdom docs
xen: dist-xen
tools: dist-tools
@@ -97,11 +117,11 @@
$(MAKE) -C xen install
.PHONY: install-tools
-install-tools:
+install-tools: install-tools-public-headers
$(MAKE) -C tools install
.PHONY: install-stubdom
-install-stubdom: mini-os-dir
+install-stubdom: mini-os-dir install-tools-public-headers
$(MAKE) -C stubdom install
ifeq (x86_64,$(XEN_TARGET_ARCH))
XEN_TARGET_ARCH=x86_32 $(MAKE) -C stubdom install-grub
@@ -174,11 +194,11 @@
$(MAKE) -C xen clean
.PHONY: clean-tools
-clean-tools:
+clean-tools: clean-tools-public-headers
$(MAKE) -C tools clean
.PHONY: clean-stubdom
-clean-stubdom:
+clean-stubdom: clean-tools-public-headers
$(MAKE) -C stubdom crossclean
ifeq (x86_64,$(XEN_TARGET_ARCH))
XEN_TARGET_ARCH=x86_32 $(MAKE) -C stubdom crossclean
@@ -191,6 +211,7 @@
# clean, but blow away tarballs
.PHONY: distclean
distclean: $(TARGS_DISTCLEAN)
+ $(MAKE) -C tools/include distclean
rm -f config/Toplevel.mk
rm -rf dist
rm -rf config.log config.status config.cache autom4te.cache
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/stubdom/Makefile
new/xen-4.9.0-testing/stubdom/Makefile
--- old/xen-4.9.0-testing/stubdom/Makefile 2017-05-16 17:03:05.000000000
+0200
+++ new/xen-4.9.0-testing/stubdom/Makefile 2017-05-26 20:56:48.000000000
+0200
@@ -295,10 +295,12 @@
$(buildmakevars2shellvars);
\
cd ioemu;
\
src="$$XEN_ROOT/tools/qemu-xen-traditional-dir"; export src;
\
- (cd $$src && find * -type d -print) | xargs mkdir -p;
\
- (cd $$src && find * ! -type l -type f $(addprefix ! -name ,
\
+ (cd $$src && find * -type d
\
+ $(addprefix ! -path , '*-softmmu*' '*-linux-user*') -print)
\
+ | xargs mkdir -p;
\
+ (cd $$src && find * ! -type l -type f $(addprefix ! -path ,
\
'*.[oda1]' 'config-*' config.mak qemu-dm qemu-img-xen
\
- '*.html' '*.pod'
\
+ '*.html' '*.pod' '*-softmmu*' '*-linux-user*'
\
)) >linkfarm.stamp.tmp; \
cmp -s linkfarm.stamp.tmp linkfarm.stamp && \
rm linkfarm.stamp.tmp || { \
@@ -353,7 +355,6 @@
LINK_STAMPS := $(foreach dir,$(LINK_DIRS),$(dir)/stamp)
mk-headers-$(XEN_TARGET_ARCH): $(IOEMU_LINKFARM_TARGET) $(LINK_STAMPS)
- $(MAKE) -C $(XEN_ROOT)/tools/include
mkdir -p include/xen && \
ln -sf $(wildcard $(XEN_ROOT)/xen/include/public/*.h) include/xen &&
\
ln -sf $(addprefix $(XEN_ROOT)/xen/include/public/,arch-x86 hvm io
xsm) include/xen && \
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/tools/Makefile
new/xen-4.9.0-testing/tools/Makefile
--- old/xen-4.9.0-testing/tools/Makefile 2017-05-16 17:03:05.000000000
+0200
+++ new/xen-4.9.0-testing/tools/Makefile 2017-05-26 20:56:48.000000000
+0200
@@ -5,7 +5,6 @@
include $(XEN_ROOT)/tools/Rules.mk
SUBDIRS-y :=
-SUBDIRS-y += include
SUBDIRS-y += libs
SUBDIRS-y += libxc
SUBDIRS-y += flask
@@ -50,7 +49,7 @@
endif
ifeq ($(CONFIG_RUMP),y)
-SUBDIRS-y := include libxc xenstore
+SUBDIRS-y := libxc xenstore
endif
# For the sake of linking, set the sys-root
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/tools/Rules.mk
new/xen-4.9.0-testing/tools/Rules.mk
--- old/xen-4.9.0-testing/tools/Rules.mk 2017-05-16 17:03:05.000000000
+0200
+++ new/xen-4.9.0-testing/tools/Rules.mk 2017-05-26 20:56:48.000000000
+0200
@@ -30,7 +30,7 @@
XENSTORE_XENSTORED ?= y
# A debug build of tools?
-debug ?= y
+debug ?= n
debug_symbols ?= $(debug)
# Set CONFIG_GOLANG=y in .config (or in make) to build golang
@@ -175,6 +175,7 @@
SHDEPS_libblktapctl =
LDLIBS_libblktapctl =
SHLIB_libblktapctl =
+PKG_CONFIG_REMOVE += xenblktapctl
endif
CFLAGS_libxenlight = -I$(XEN_XENLIGHT) $(CFLAGS_libxenctrl)
$(CFLAGS_xeninclude)
@@ -250,6 +251,8 @@
PKG_CONFIG_DIR ?= $(XEN_ROOT)/tools/pkg-config
+PKG_CONFIG_FILTER = $(foreach l,$(PKG_CONFIG_REMOVE),-e 's!\([ ,]\)$(l),!\1!g'
-e 's![ ,]$(l)$$!!g')
+
$(PKG_CONFIG_DIR)/%.pc: %.pc.in Makefile
mkdir -p $(PKG_CONFIG_DIR)
@sed -e 's!@@version@@!$(PKG_CONFIG_VERSION)!g' \
@@ -259,7 +262,8 @@
-e 's!@@firmwaredir@@!$(XENFIRMWAREDIR)!g' \
-e 's!@@libexecbin@@!$(LIBEXEC_BIN)!g' \
-e 's!@@cflagslocal@@!$(PKG_CONFIG_CFLAGS_LOCAL)!g' \
- -e 's!@@libsflag@@!-Wl,-rpath-link=!g' < $< > $@
+ -e 's!@@libsflag@@!-Wl,-rpath-link=!g' \
+ $(PKG_CONFIG_FILTER) < $< > $@
%.pc: %.pc.in Makefile
@sed -e 's!@@version@@!$(PKG_CONFIG_VERSION)!g' \
@@ -269,4 +273,5 @@
-e 's!@@firmwaredir@@!$(XENFIRMWAREDIR)!g' \
-e 's!@@libexecbin@@!$(LIBEXEC_BIN)!g' \
-e 's!@@cflagslocal@@!!g' \
- -e 's!@@libsflag@@!-L!g' < $< > $@
+ -e 's!@@libsflag@@!-L!g' \
+ $(PKG_CONFIG_FILTER) < $< > $@
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/tools/console/daemon/io.c
new/xen-4.9.0-testing/tools/console/daemon/io.c
--- old/xen-4.9.0-testing/tools/console/daemon/io.c 2017-05-16
17:03:05.000000000 +0200
+++ new/xen-4.9.0-testing/tools/console/daemon/io.c 2017-05-26
20:56:48.000000000 +0200
@@ -1117,8 +1117,12 @@
ret = poll(fds, nr_fds, next_timeout ? poll_timeout : -1);
if (log_reload) {
+ int saved_errno = errno;
+
handle_log_reload();
log_reload = 0;
+
+ errno = saved_errno;
}
/* Abort if poll failed, except for EINTR cases
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/tools/firmware/hvmloader/tests.c
new/xen-4.9.0-testing/tools/firmware/hvmloader/tests.c
--- old/xen-4.9.0-testing/tools/firmware/hvmloader/tests.c 2017-05-16
17:03:05.000000000 +0200
+++ new/xen-4.9.0-testing/tools/firmware/hvmloader/tests.c 2017-05-26
20:56:48.000000000 +0200
@@ -19,7 +19,9 @@
* this program; If not, see <http://www.gnu.org/licenses/>.
*/
+#include "config.h"
#include "util.h"
+#include <xen/arch-x86/hvm/start_info.h>
#define TEST_FAIL 0
#define TEST_PASS 1
@@ -28,11 +30,13 @@
/*
* Memory layout during tests:
* 4MB to 8MB is cleared.
- * Page directory resides at 8MB.
- * 4 page table pages reside at 8MB+4kB to 8MB+20kB.
- * Pagetables identity-map 0-16MB, except 4kB at va 6MB maps to pa 5MB.
+ * Page directory resides at 4MB.
+ * 2 page table pages reside at 4MB+4kB to 4MB+12kB.
+ * Pagetables identity-map 0-8MB, except 4kB at va 6MB maps to pa 5MB.
*/
-#define PD_START (8ul << 20)
+#define TEST_MEM_BASE (4ul << 20)
+#define TEST_MEM_SIZE (4ul << 20)
+#define PD_START TEST_MEM_BASE
#define PT_START (PD_START + 4096)
static void setup_paging(void)
@@ -41,10 +45,10 @@
uint32_t *pt = (uint32_t *)PT_START;
uint32_t i;
- /* Identity map 0-16MB. */
- for ( i = 0; i < 4; i++ )
+ /* Identity map 0-8MB. */
+ for ( i = 0; i < 2; i++ )
pd[i] = (unsigned long)pt + (i<<12) + 3;
- for ( i = 0; i < (4*1024); i++ )
+ for ( i = 0; i < 2 * 1024; i++ )
pt[i] = (i << 12) + 3;
/* Page at virtual 6MB maps to physical 5MB. */
@@ -112,7 +116,7 @@
stop_paging();
i = 0;
- for ( p = (uint32_t *)0x400000ul; p < (uint32_t *)0x700000ul; p++ )
+ for ( p = (uint32_t *)0x4ff000ul; p < (uint32_t *)0x602000ul; p++ )
{
uint32_t expected = 0;
if ( check[i].addr == (unsigned long)p )
@@ -144,12 +148,12 @@
if ( !(edx & (1u<<29)) )
return TEST_SKIP;
- /* Long mode pagetable setup: Identity map 0-16MB with 2MB mappings. */
+ /* Long mode pagetable setup: Identity map 0-8MB with 2MB mappings. */
*pd = (unsigned long)pd + 0x1007; /* Level 4 */
pd += 512;
*pd = (unsigned long)pd + 0x1007; /* Level 3 */
pd += 512;
- for ( i = 0; i < 8; i++ ) /* Level 2 */
+ for ( i = 0; i < 4; i++ ) /* Level 2 */
*pd++ = (i << 21) + 0x1e3;
asm volatile (
@@ -191,8 +195,7 @@
void perform_tests(void)
{
- int i, passed, skipped;
-
+ unsigned int i, passed, skipped;
static struct {
int (* const test)(void);
const char *description;
@@ -204,12 +207,80 @@
printf("Testing HVM environment:\n");
- if ( hvm_info->low_mem_pgend < 0x1000 )
+ BUILD_BUG_ON(SCRATCH_PHYSICAL_ADDRESS > HVMLOADER_PHYSICAL_ADDRESS);
+ if ( hvm_info->low_mem_pgend <
+ ((TEST_MEM_BASE + TEST_MEM_SIZE) >> PAGE_SHIFT) )
+ {
+ printf("Skipping tests due to insufficient memory (<%luMB)\n",
+ (TEST_MEM_BASE + TEST_MEM_SIZE) >> 20);
+ return;
+ }
+
+ if ( (unsigned long)_end > TEST_MEM_BASE )
+ {
+ printf("Skipping tests due to overlap with base image\n");
+ return;
+ }
+
+ if ( hvm_start_info->cmdline_paddr &&
+ hvm_start_info->cmdline_paddr < TEST_MEM_BASE + TEST_MEM_SIZE &&
+ ((hvm_start_info->cmdline_paddr +
+ strlen((char *)(uintptr_t)hvm_start_info->cmdline_paddr)) >=
+ TEST_MEM_BASE) )
+ {
+ printf("Skipping tests due to overlap with command line\n");
+ return;
+ }
+
+ if ( hvm_start_info->rsdp_paddr )
{
- printf("Skipping tests due to insufficient memory (<16MB)\n");
+ printf("Skipping tests due to non-zero RSDP address\n");
return;
}
+ if ( hvm_start_info->nr_modules )
+ {
+ const struct hvm_modlist_entry *modlist =
+ (void *)(uintptr_t)hvm_start_info->modlist_paddr;
+
+ if ( hvm_start_info->modlist_paddr > UINTPTR_MAX ||
+ ((UINTPTR_MAX - (uintptr_t)modlist) / sizeof(*modlist) <
+ hvm_start_info->nr_modules) )
+ {
+ printf("Skipping tests due to inaccessible module list\n");
+ return;
+ }
+
+ if ( TEST_MEM_BASE < (uintptr_t)(modlist +
+ hvm_start_info->nr_modules) &&
+ (uintptr_t)modlist < TEST_MEM_BASE + TEST_MEM_SIZE )
+ {
+ printf("Skipping tests due to overlap with module list\n");
+ return;
+ }
+
+ for ( i = 0; i < hvm_start_info->nr_modules; ++i )
+ {
+ if ( TEST_MEM_BASE < modlist[i].paddr + modlist[i].size &&
+ modlist[i].paddr < TEST_MEM_BASE + TEST_MEM_SIZE )
+ {
+ printf("Skipping tests due to overlap with module %u\n", i);
+ return;
+ }
+
+ if ( modlist[i].cmdline_paddr &&
+ modlist[i].cmdline_paddr < TEST_MEM_BASE + TEST_MEM_SIZE &&
+ ((modlist[i].cmdline_paddr +
+ strlen((char *)(uintptr_t)modlist[i].cmdline_paddr)) >=
+ TEST_MEM_BASE) )
+ {
+ printf("Skipping tests due to overlap with module %u
cmdline\n",
+ i);
+ return;
+ }
+ }
+ }
+
passed = skipped = 0;
for ( i = 0; tests[i].test; i++ )
{
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/tools/firmware/hvmloader/xenbus.c
new/xen-4.9.0-testing/tools/firmware/hvmloader/xenbus.c
--- old/xen-4.9.0-testing/tools/firmware/hvmloader/xenbus.c 2017-05-16
17:03:05.000000000 +0200
+++ new/xen-4.9.0-testing/tools/firmware/hvmloader/xenbus.c 2017-05-26
20:56:48.000000000 +0200
@@ -141,7 +141,19 @@
/* Don't overrun the producer pointer */
while ( (part = MASK_XENSTORE_IDX(rings->rsp_prod -
rings->rsp_cons)) == 0 )
+ {
+ /*
+ * Don't wait for producer to fill the ring if it is already full.
+ * Condition happens when you write string > 1K into the ring.
+ * eg case prod=1272 cons=248.
+ */
+ if ( rings->rsp_prod - rings->rsp_cons == XENSTORE_RING_SIZE )
+ {
+ part = XENSTORE_RING_SIZE;
+ break;
+ }
ring_wait();
+ }
/* Don't overrun the end of the ring */
if ( part > (XENSTORE_RING_SIZE - MASK_XENSTORE_IDX(rings->rsp_cons)) )
part = XENSTORE_RING_SIZE - MASK_XENSTORE_IDX(rings->rsp_cons);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/tools/include/Makefile
new/xen-4.9.0-testing/tools/include/Makefile
--- old/xen-4.9.0-testing/tools/include/Makefile 2017-05-16
17:03:05.000000000 +0200
+++ new/xen-4.9.0-testing/tools/include/Makefile 2017-05-26
20:56:48.000000000 +0200
@@ -4,8 +4,8 @@
# Relative to $(XEN_ROOT)/xen/xsm/flask
FLASK_H_DEPEND := policy/initial_sids
-.PHONY: all
-all: xen-foreign xen/.dir xen-xsm/.dir
+.PHONY: all build
+all build: xen-foreign xen/.dir xen-xsm/.dir
.PHONY: xen-foreign
xen-foreign:
@@ -63,6 +63,8 @@
rm -rf xen xen-xsm acpi
$(MAKE) -C xen-foreign clean
+.PHONY: dist
+dist: install
.PHONY: distclean
distclean: clean
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/tools/libxl/libxl_arm_acpi.c
new/xen-4.9.0-testing/tools/libxl/libxl_arm_acpi.c
--- old/xen-4.9.0-testing/tools/libxl/libxl_arm_acpi.c 2017-05-16
17:03:05.000000000 +0200
+++ new/xen-4.9.0-testing/tools/libxl/libxl_arm_acpi.c 2017-05-26
20:56:48.000000000 +0200
@@ -87,6 +87,7 @@
break;
default:
LOG(ERROR, "Unknown GIC version");
+ *size = 0;
rc = ERROR_FAIL;
break;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/tools/libxl/libxl_device.c
new/xen-4.9.0-testing/tools/libxl/libxl_device.c
--- old/xen-4.9.0-testing/tools/libxl/libxl_device.c 2017-05-16
17:03:05.000000000 +0200
+++ new/xen-4.9.0-testing/tools/libxl/libxl_device.c 2017-05-26
20:56:48.000000000 +0200
@@ -1415,9 +1415,6 @@
libxl__device_action_to_string(aodev->action),
aodev->rc ? "failed" : "succeed");
- if (aodev->action == LIBXL__DEVICE_ACTION_REMOVE)
- free(aodev->dev);
-
libxl__nested_ao_free(aodev->ao);
}
@@ -1496,6 +1493,24 @@
return NULL;
}
+static void check_and_maybe_remove_guest(libxl__gc *gc,
+ libxl__ddomain *ddomain,
+ libxl__ddomain_guest *dguest)
+{
+ assert(ddomain);
+
+ if (dguest != NULL &&
+ dguest->num_vifs + dguest->num_vbds + dguest->num_qdisks == 0) {
+ LIBXL_SLIST_REMOVE(&ddomain->guests, dguest, libxl__ddomain_guest,
+ next);
+ LOGD(DEBUG, dguest->domid, "Removed domain from the list of active
guests");
+ /* Clear any leftovers in libxl/<domid> */
+ libxl__xs_rm_checked(gc, XBT_NULL,
+ GCSPRINTF("libxl/%u", dguest->domid));
+ free(dguest);
+ }
+}
+
/*
* The following comment applies to both add_device and remove_device.
*
@@ -1505,14 +1520,25 @@
*/
static int add_device(libxl__egc *egc, libxl__ao *ao,
libxl__ddomain_guest *dguest,
- libxl__ddomain_device *ddev)
+ libxl__device *dev)
{
AO_GC;
- libxl__device *dev = ddev->dev;
libxl__ao_device *aodev;
+ libxl__ddomain_device *ddev;
libxl__dm_spawn_state *dmss;
int rc = 0;
+ /*
+ * New device addition, allocate a struct to hold it and add it
+ * to the list of active devices for a given guest.
+ */
+ ddev = libxl__zalloc(NOGC, sizeof(*ddev));
+ ddev->dev = libxl__zalloc(NOGC, sizeof(*ddev->dev));
+ *ddev->dev = *dev;
+ LIBXL_SLIST_INSERT_HEAD(&dguest->devices, ddev, next);
+ LOGD(DEBUG, dev->domid, "Added device %s to the list of active devices",
+ libxl__device_backend_path(gc, dev));
+
switch(dev->backend_kind) {
case LIBXL__DEVICE_KIND_VBD:
case LIBXL__DEVICE_KIND_VIF:
@@ -1521,7 +1547,12 @@
GCNEW(aodev);
libxl__prepare_ao_device(ao, aodev);
- aodev->dev = dev;
+ /*
+ * Clone the libxl__device to avoid races if remove_device is called
+ * before the device addition has finished.
+ */
+ GCNEW(aodev->dev);
+ *aodev->dev = *dev;
aodev->action = LIBXL__DEVICE_ACTION_ADD;
aodev->callback = device_complete;
libxl__wait_device_connection(egc, aodev);
@@ -1564,7 +1595,12 @@
GCNEW(aodev);
libxl__prepare_ao_device(ao, aodev);
- aodev->dev = dev;
+ /*
+ * Clone the libxl__device to avoid races if there's a add_device
+ * running in parallel.
+ */
+ GCNEW(aodev->dev);
+ *aodev->dev = *dev;
aodev->action = LIBXL__DEVICE_ACTION_REMOVE;
aodev->callback = device_complete;
libxl__initiate_device_generic_remove(egc, aodev);
@@ -1576,13 +1612,28 @@
goto out;
}
libxl__device_destroy(gc, dev);
- free(dev);
/* Fall through to return > 0, no ao has been dispatched */
default:
rc = 1;
break;
}
+ /*
+ * Removal of an active device, remove it from the list and
+ * free it's data structures if they are no longer needed.
+ *
+ * NB: the freeing is safe because all the async ops launched
+ * above or from add_device make a copy of the data they use, so
+ * there's no risk of dereferencing.
+ */
+ LIBXL_SLIST_REMOVE(&dguest->devices, ddev, libxl__ddomain_device,
+ next);
+ LOGD(DEBUG, dev->domid, "Removed device %s from the list of active
devices",
+ libxl__device_backend_path(gc, dev));
+
+ free(ddev->dev);
+ free(ddev);
+
out:
return rc;
}
@@ -1596,8 +1647,8 @@
STATE_AO_GC(nested_ao);
char *p, *path;
const char *sstate, *sonline;
- int state, online, rc, num_devs;
- libxl__device *dev = NULL;
+ int state, online, rc;
+ libxl__device *dev;
libxl__ddomain_device *ddev = NULL;
libxl__ddomain_guest *dguest = NULL;
bool free_ao = false;
@@ -1625,7 +1676,7 @@
goto skip;
online = atoi(sonline);
- dev = libxl__zalloc(NOGC, sizeof(*dev));
+ GCNEW(dev);
rc = libxl__parse_backend_path(gc, path, dev);
if (rc)
goto skip;
@@ -1654,46 +1705,14 @@
*/
goto skip;
} else if (ddev == NULL) {
- /*
- * New device addition, allocate a struct to hold it and add it
- * to the list of active devices for a given guest.
- */
- ddev = libxl__zalloc(NOGC, sizeof(*ddev));
- ddev->dev = dev;
- LIBXL_SLIST_INSERT_HEAD(&dguest->devices, ddev, next);
- LOGD(DEBUG, dev->domid, "Added device %s to the list of active
devices",
- path);
- rc = add_device(egc, nested_ao, dguest, ddev);
+ rc = add_device(egc, nested_ao, dguest, dev);
if (rc > 0)
free_ao = true;
} else if (state == XenbusStateClosed && online == 0) {
- /*
- * Removal of an active device, remove it from the list and
- * free it's data structures if they are no longer needed.
- *
- * The free of the associated libxl__device is left to the
- * helper remove_device function.
- */
- LIBXL_SLIST_REMOVE(&dguest->devices, ddev, libxl__ddomain_device,
- next);
- LOGD(DEBUG, dev->domid, "Removed device %s from the list of active
devices",
- path);
rc = remove_device(egc, nested_ao, dguest, ddev);
if (rc > 0)
free_ao = true;
-
- free(ddev);
- /* If this was the last device in the domain, remove it from the list
*/
- num_devs = dguest->num_vifs + dguest->num_vbds + dguest->num_qdisks;
- if (num_devs == 0) {
- LIBXL_SLIST_REMOVE(&ddomain->guests, dguest, libxl__ddomain_guest,
- next);
- LOGD(DEBUG, dguest->domid, "Removed domain from the list of active
guests");
- /* Clear any leftovers in libxl/<domid> */
- libxl__xs_rm_checked(gc, XBT_NULL,
- GCSPRINTF("libxl/%u", dguest->domid));
- free(dguest);
- }
+ check_and_maybe_remove_guest(gc, ddomain, dguest);
}
if (free_ao)
@@ -1703,9 +1722,7 @@
skip:
libxl__nested_ao_free(nested_ao);
- free(dev);
- free(ddev);
- free(dguest);
+ check_and_maybe_remove_guest(gc, ddomain, dguest);
return;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/tools/libxl/libxl_internal.h
new/xen-4.9.0-testing/tools/libxl/libxl_internal.h
--- old/xen-4.9.0-testing/tools/libxl/libxl_internal.h 2017-05-16
17:03:05.000000000 +0200
+++ new/xen-4.9.0-testing/tools/libxl/libxl_internal.h 2017-05-26
20:56:48.000000000 +0200
@@ -501,6 +501,10 @@
libxl_version_info version_info;
};
+/*
+ * libxl__device is a transparent structure that doesn't contain private fields
+ * or external memory references, and as such can be copied by assignment.
+ */
typedef struct {
uint32_t backend_devid;
uint32_t backend_domid;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/xen/Kconfig.debug
new/xen-4.9.0-testing/xen/Kconfig.debug
--- old/xen-4.9.0-testing/xen/Kconfig.debug 2017-05-16 17:03:05.000000000
+0200
+++ new/xen-4.9.0-testing/xen/Kconfig.debug 2017-05-26 20:56:48.000000000
+0200
@@ -3,7 +3,7 @@
config DEBUG
bool "Developer Checks"
- default y
+ default n
---help---
If you say Y here this will enable developer checks such as asserts
and extra printks. This option is intended for development purposes
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/xen/arch/arm/p2m.c
new/xen-4.9.0-testing/xen/arch/arm/p2m.c
--- old/xen-4.9.0-testing/xen/arch/arm/p2m.c 2017-05-16 17:03:05.000000000
+0200
+++ new/xen-4.9.0-testing/xen/arch/arm/p2m.c 2017-05-26 20:56:48.000000000
+0200
@@ -1005,12 +1005,18 @@
while ( nr )
{
+ unsigned long mask;
+ unsigned long order;
+
/*
+ * Don't take into account the MFN when removing mapping (i.e
+ * MFN_INVALID) to calculate the correct target order.
+ *
* XXX: Support superpage mappings if nr is not aligned to a
* superpage size.
*/
- unsigned long mask = gfn_x(sgfn) | mfn_x(smfn) | nr;
- unsigned long order;
+ mask = !mfn_eq(smfn, INVALID_MFN) ? mfn_x(smfn) : 0;
+ mask |= gfn_x(sgfn) | nr;
/* Always map 4k by 4k when memaccess is enabled */
if ( unlikely(p2m->mem_access_enabled) )
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/xen/arch/arm/platforms/brcm.c
new/xen-4.9.0-testing/xen/arch/arm/platforms/brcm.c
--- old/xen-4.9.0-testing/xen/arch/arm/platforms/brcm.c 2017-05-16
17:03:05.000000000 +0200
+++ new/xen-4.9.0-testing/xen/arch/arm/platforms/brcm.c 2017-05-26
20:56:48.000000000 +0200
@@ -271,7 +271,7 @@
return brcm_populate_plat_regs();
}
-static const char const *brcm_dt_compat[] __initconst =
+static const char *const brcm_dt_compat[] __initconst =
{
"brcm,bcm7445d0",
NULL
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/xen/arch/arm/platforms/rcar2.c
new/xen-4.9.0-testing/xen/arch/arm/platforms/rcar2.c
--- old/xen-4.9.0-testing/xen/arch/arm/platforms/rcar2.c 2017-05-16
17:03:05.000000000 +0200
+++ new/xen-4.9.0-testing/xen/arch/arm/platforms/rcar2.c 2017-05-26
20:56:48.000000000 +0200
@@ -46,7 +46,7 @@
return 0;
}
-static const char const *rcar2_dt_compat[] __initdata =
+static const char *const rcar2_dt_compat[] __initconst =
{
"renesas,lager",
NULL
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/xen/arch/x86/hvm/dm.c
new/xen-4.9.0-testing/xen/arch/x86/hvm/dm.c
--- old/xen-4.9.0-testing/xen/arch/x86/hvm/dm.c 2017-05-16 17:03:05.000000000
+0200
+++ new/xen-4.9.0-testing/xen/arch/x86/hvm/dm.c 2017-05-26 20:56:48.000000000
+0200
@@ -490,8 +490,9 @@
first_gfn <= p2m->max_mapped_pfn )
{
/* Iterate p2m table for 256 gfns each time. */
- p2m_finish_type_change(d, _gfn(first_gfn), 256,
- p2m_ioreq_server, p2m_ram_rw);
+ rc = p2m_finish_type_change(d, _gfn(first_gfn), 256);
+ if ( rc < 0 )
+ break;
first_gfn += 256;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/xen/arch/x86/hvm/hvm.c
new/xen-4.9.0-testing/xen/arch/x86/hvm/hvm.c
--- old/xen-4.9.0-testing/xen/arch/x86/hvm/hvm.c 2017-05-16
17:03:05.000000000 +0200
+++ new/xen-4.9.0-testing/xen/arch/x86/hvm/hvm.c 2017-05-26
20:56:48.000000000 +0200
@@ -4544,6 +4544,13 @@
{
long rc = 0;
+ /*
+ * NB: hvm_op can be part of a restarted hypercall; but at the
+ * moment the only hypercalls which do continuations don't need to
+ * store any iteration information (since they're just re-trying
+ * the acquisition of a lock).
+ */
+
switch ( op )
{
case HVMOP_set_evtchn_upcall_vector:
@@ -4636,6 +4643,10 @@
}
}
+ if ( rc == -ERESTART )
+ rc = hypercall_create_continuation(__HYPERVISOR_hvm_op, "lh",
+ op, arg);
+
return rc;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/xen/arch/x86/mm/guest_walk.c
new/xen-4.9.0-testing/xen/arch/x86/mm/guest_walk.c
--- old/xen-4.9.0-testing/xen/arch/x86/mm/guest_walk.c 2017-05-16
17:03:05.000000000 +0200
+++ new/xen-4.9.0-testing/xen/arch/x86/mm/guest_walk.c 2017-05-26
20:56:48.000000000 +0200
@@ -197,12 +197,12 @@
int flags = (_PAGE_PRESENT|_PAGE_USER|_PAGE_RW|
_PAGE_ACCESSED|_PAGE_DIRTY);
/*
- * Import cache-control bits. Note that _PAGE_PAT is actually
- * _PAGE_PSE, and it is always set. We will clear it in case
- * _PAGE_PSE_PAT (bit 12, i.e. first bit of gfn) is clear.
+ * Import protection key and cache-control bits. Note that _PAGE_PAT
+ * is actually _PAGE_PSE, and it is always set. We will clear it in
+ * case _PAGE_PSE_PAT (bit 12, i.e. first bit of gfn) is clear.
*/
flags |= (guest_l3e_get_flags(gw->l3e)
- & (_PAGE_PAT|_PAGE_PWT|_PAGE_PCD));
+ & (_PAGE_PKEY_BITS|_PAGE_PAT|_PAGE_PWT|_PAGE_PCD));
if ( !(gfn_x(start) & 1) )
/* _PAGE_PSE_PAT not set: remove _PAGE_PAT from flags. */
flags &= ~_PAGE_PAT;
@@ -302,12 +302,12 @@
int flags = (_PAGE_PRESENT|_PAGE_USER|_PAGE_RW|
_PAGE_ACCESSED|_PAGE_DIRTY);
/*
- * Import cache-control bits. Note that _PAGE_PAT is actually
- * _PAGE_PSE, and it is always set. We will clear it in case
- * _PAGE_PSE_PAT (bit 12, i.e. first bit of gfn) is clear.
+ * Import protection key and cache-control bits. Note that _PAGE_PAT
+ * is actually _PAGE_PSE, and it is always set. We will clear it in
+ * case _PAGE_PSE_PAT (bit 12, i.e. first bit of gfn) is clear.
*/
flags |= (guest_l2e_get_flags(gw->l2e)
- & (_PAGE_PAT|_PAGE_PWT|_PAGE_PCD));
+ & (_PAGE_PKEY_BITS|_PAGE_PAT|_PAGE_PWT|_PAGE_PCD));
if ( !(gfn_x(start) & 1) )
/* _PAGE_PSE_PAT not set: remove _PAGE_PAT from flags. */
flags &= ~_PAGE_PAT;
@@ -365,6 +365,30 @@
*/
ar = (ar_and & AR_ACCUM_AND) | (ar_or & AR_ACCUM_OR);
+#if GUEST_PAGING_LEVELS >= 4 /* 64-bit only... */
+ /*
+ * If all access checks are thus far ok, check Protection Key for 64bit
+ * data accesses to user mappings.
+ *
+ * N.B. In the case that the walk ended with a superpage, the fabricated
+ * gw->l1e contains the appropriate leaf pkey.
+ */
+ if ( (ar & _PAGE_USER) && !(walk & PFEC_insn_fetch) &&
+ guest_pku_enabled(v) )
+ {
+ unsigned int pkey = guest_l1e_get_pkey(gw->l1e);
+ unsigned int pkru = read_pkru();
+
+ if ( read_pkru_ad(pkru, pkey) ||
+ ((walk & PFEC_write_access) && read_pkru_wd(pkru, pkey) &&
+ ((walk & PFEC_user_mode) || guest_wp_enabled(v))) )
+ {
+ gw->pfec |= PFEC_prot_key;
+ goto out;
+ }
+ }
+#endif
+
if ( (walk & PFEC_insn_fetch) && (ar & _PAGE_NX_BIT) )
/* Requested an instruction fetch and found NX? Fail. */
goto out;
@@ -400,29 +424,6 @@
goto out;
}
-#if GUEST_PAGING_LEVELS >= 4 /* 64-bit only... */
- /*
- * If all access checks are thusfar ok, check Protection Key for 64bit
- * user data accesses.
- *
- * N.B. In the case that the walk ended with a superpage, the fabricated
- * gw->l1e contains the appropriate leaf pkey.
- */
- if ( (walk & PFEC_user_mode) && !(walk & PFEC_insn_fetch) &&
- guest_pku_enabled(v) )
- {
- unsigned int pkey = guest_l1e_get_pkey(gw->l1e);
- unsigned int pkru = read_pkru();
-
- if ( read_pkru_ad(pkru, pkey) ||
- ((ar & PFEC_write_access) && read_pkru_wd(pkru, pkey)) )
- {
- gw->pfec |= PFEC_prot_key;
- goto out;
- }
- }
-#endif
-
walk_ok = true;
/*
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/xen/arch/x86/mm/p2m-ept.c
new/xen-4.9.0-testing/xen/arch/x86/mm/p2m-ept.c
--- old/xen-4.9.0-testing/xen/arch/x86/mm/p2m-ept.c 2017-05-16
17:03:05.000000000 +0200
+++ new/xen-4.9.0-testing/xen/arch/x86/mm/p2m-ept.c 2017-05-26
20:56:48.000000000 +0200
@@ -681,6 +681,7 @@
ept_entry_t *table, *ept_entry = NULL;
unsigned long gfn_remainder = gfn;
unsigned int i, target = order / EPT_TABLE_ORDER;
+ unsigned long fn_mask = !mfn_eq(mfn, INVALID_MFN) ? (gfn | mfn_x(mfn)) :
gfn;
int ret, rc = 0;
bool_t entry_written = 0;
bool_t direct_mmio = (p2mt == p2m_mmio_direct);
@@ -701,7 +702,7 @@
* 2. gfn not exceeding guest physical address width.
* 3. passing a valid order.
*/
- if ( ((gfn | mfn_x(mfn)) & ((1UL << order) - 1)) ||
+ if ( (fn_mask & ((1UL << order) - 1)) ||
((u64)gfn >> ((ept->wl + 1) * EPT_TABLE_ORDER)) ||
(order % EPT_TABLE_ORDER) )
return -EINVAL;
@@ -1238,6 +1239,7 @@
p2m->set_entry = ept_set_entry;
p2m->get_entry = ept_get_entry;
+ p2m->recalc = resolve_misconfig;
p2m->change_entry_type_global = ept_change_entry_type_global;
p2m->change_entry_type_range = ept_change_entry_type_range;
p2m->memory_type_changed = ept_memory_type_changed;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/xen/arch/x86/mm/p2m-pt.c
new/xen-4.9.0-testing/xen/arch/x86/mm/p2m-pt.c
--- old/xen-4.9.0-testing/xen/arch/x86/mm/p2m-pt.c 2017-05-16
17:03:05.000000000 +0200
+++ new/xen-4.9.0-testing/xen/arch/x86/mm/p2m-pt.c 2017-05-26
20:56:48.000000000 +0200
@@ -1153,6 +1153,7 @@
{
p2m->set_entry = p2m_pt_set_entry;
p2m->get_entry = p2m_pt_get_entry;
+ p2m->recalc = do_recalc;
p2m->change_entry_type_global = p2m_pt_change_entry_type_global;
p2m->change_entry_type_range = p2m_pt_change_entry_type_range;
p2m->write_p2m_entry = paging_write_p2m_entry;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/xen/arch/x86/mm/p2m.c
new/xen-4.9.0-testing/xen/arch/x86/mm/p2m.c
--- old/xen-4.9.0-testing/xen/arch/x86/mm/p2m.c 2017-05-16 17:03:05.000000000
+0200
+++ new/xen-4.9.0-testing/xen/arch/x86/mm/p2m.c 2017-05-26 20:56:48.000000000
+0200
@@ -559,12 +559,15 @@
while ( todo )
{
if ( hap_enabled(d) )
- order = (!((gfn | mfn_x(mfn) | todo) &
- ((1ul << PAGE_ORDER_1G) - 1)) &&
+ {
+ unsigned long fn_mask = !mfn_eq(mfn, INVALID_MFN) ?
+ (gfn | mfn_x(mfn) | todo) : (gfn | todo);
+
+ order = (!(fn_mask & ((1ul << PAGE_ORDER_1G) - 1)) &&
hap_has_1gb) ? PAGE_ORDER_1G :
- (!((gfn | mfn_x(mfn) | todo) &
- ((1ul << PAGE_ORDER_2M) - 1)) &&
+ (!(fn_mask & ((1ul << PAGE_ORDER_2M) - 1)) &&
hap_has_2mb) ? PAGE_ORDER_2M : PAGE_ORDER_4K;
+ }
else
order = 0;
@@ -1027,33 +1030,44 @@
p2m_unlock(p2m);
}
-/* Synchronously modify the p2m type for a range of gfns from ot to nt. */
-void p2m_finish_type_change(struct domain *d,
- gfn_t first_gfn, unsigned long max_nr,
- p2m_type_t ot, p2m_type_t nt)
+/*
+ * Finish p2m type change for gfns which are marked as need_recalc in a range.
+ * Returns: 0/1 for success, negative for failure
+ */
+int p2m_finish_type_change(struct domain *d,
+ gfn_t first_gfn, unsigned long max_nr)
{
struct p2m_domain *p2m = p2m_get_hostp2m(d);
- p2m_type_t t;
unsigned long gfn = gfn_x(first_gfn);
unsigned long last_gfn = gfn + max_nr - 1;
-
- ASSERT(ot != nt);
- ASSERT(p2m_is_changeable(ot) && p2m_is_changeable(nt));
+ int rc = 0;
p2m_lock(p2m);
last_gfn = min(last_gfn, p2m->max_mapped_pfn);
while ( gfn <= last_gfn )
{
- get_gfn_query_unlocked(d, gfn, &t);
-
- if ( t == ot )
- p2m_change_type_one(d, gfn, t, nt);
+ rc = p2m->recalc(p2m, gfn);
+ /*
+ * ept->recalc could return 0/1/-ENOMEM. pt->recalc could return
+ * 0/-ENOMEM/-ENOENT, -ENOENT isn't an error as we are looping
+ * gfn here.
+ */
+ if ( rc == -ENOENT )
+ rc = 0;
+ else if ( rc < 0 )
+ {
+ gdprintk(XENLOG_ERR, "p2m->recalc failed! Dom%d gfn=%lx\n",
+ d->domain_id, gfn);
+ break;
+ }
gfn++;
}
p2m_unlock(p2m);
+
+ return rc;
}
/*
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/xen/arch/x86/traps.c
new/xen-4.9.0-testing/xen/arch/x86/traps.c
--- old/xen-4.9.0-testing/xen/arch/x86/traps.c 2017-05-16 17:03:05.000000000
+0200
+++ new/xen-4.9.0-testing/xen/arch/x86/traps.c 2017-05-26 20:56:48.000000000
+0200
@@ -632,11 +632,20 @@
struct trap_bounce *tb;
const struct trap_info *ti;
const uint8_t vector = event->vector;
- const bool use_error_code =
- ((vector < 32) && (TRAP_HAVE_EC & (1u << vector)));
unsigned int error_code = event->error_code;
+ bool use_error_code;
ASSERT(vector == event->vector); /* Confirm no truncation. */
+ if ( event->type == X86_EVENTTYPE_HW_EXCEPTION )
+ {
+ ASSERT(vector < 32);
+ use_error_code = TRAP_HAVE_EC & (1u << vector);
+ }
+ else
+ {
+ ASSERT(event->type == X86_EVENTTYPE_SW_INTERRUPT);
+ use_error_code = false;
+ }
if ( use_error_code )
ASSERT(error_code != X86_EVENT_NO_EC);
else
@@ -649,7 +658,8 @@
tb->cs = ti->cs;
tb->eip = ti->address;
- if ( vector == TRAP_page_fault )
+ if ( event->type == X86_EVENTTYPE_HW_EXCEPTION &&
+ vector == TRAP_page_fault )
{
v->arch.pv_vcpu.ctrlreg[2] = event->cr2;
arch_set_cr2(v, event->cr2);
@@ -689,6 +699,7 @@
{
const struct x86_event event = {
.vector = trapnr,
+ .type = X86_EVENTTYPE_HW_EXCEPTION,
.error_code = (((trapnr < 32) && (TRAP_HAVE_EC & (1u << trapnr)))
? regs->error_code : X86_EVENT_NO_EC),
};
@@ -3307,7 +3318,7 @@
return;
}
stkp = (unsigned int *)(unsigned long)((unsigned int)base + esp);
- if ( !compat_access_ok(stkp - 4 - nparm, (4 + nparm) * 4) )
+ if ( !compat_access_ok(stkp - 4 - nparm, 16 + nparm * 4) )
{
do_guest_trap(TRAP_gp_fault, regs);
return;
@@ -3327,7 +3338,7 @@
return do_guest_trap(TRAP_gp_fault, regs);
ustkp = (unsigned int *)(unsigned long)
((unsigned int)base + regs->esp + nparm * 4);
- if ( !compat_access_ok(ustkp - nparm, nparm * 4) )
+ if ( !compat_access_ok(ustkp - nparm, 0 + nparm * 4) )
{
do_guest_trap(TRAP_gp_fault, regs);
return;
@@ -3427,7 +3438,7 @@
if ( permit_softint(TI_GET_DPL(ti), v, regs) )
{
regs->rip += 2;
- do_guest_trap(vector, regs);
+ pv_inject_sw_interrupt(vector);
return;
}
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/xen/include/Makefile
new/xen-4.9.0-testing/xen/include/Makefile
--- old/xen-4.9.0-testing/xen/include/Makefile 2017-05-16 17:03:05.000000000
+0200
+++ new/xen-4.9.0-testing/xen/include/Makefile 2017-05-26 20:56:48.000000000
+0200
@@ -120,7 +120,10 @@
headers++.chk: $(PUBLIC_HEADERS) Makefile
rm -f $@.new
- $(CXX) -v >/dev/null 2>&1 || exit 0; \
+ if ! $(CXX) -v >/dev/null 2>&1; then \
+ touch $@.new; \
+ exit 0; \
+ fi; \
$(foreach i, $(filter %.h,$^), \
echo "#include "\"$(i)\" \
| $(CXX) -x c++ -std=gnu++98 -Wall -Werror -D__XEN_TOOLS__ \
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/xen/include/asm-arm/guest_access.h
new/xen-4.9.0-testing/xen/include/asm-arm/guest_access.h
--- old/xen-4.9.0-testing/xen/include/asm-arm/guest_access.h 2017-05-16
17:03:05.000000000 +0200
+++ new/xen-4.9.0-testing/xen/include/asm-arm/guest_access.h 2017-05-26
20:56:48.000000000 +0200
@@ -8,7 +8,8 @@
#define access_ok(addr,size) (1)
#define array_access_ok(addr,count,size) \
- (likely(count < (~0UL/size)) && access_ok(addr,count*size))
+ (likely((count) < (~0UL / (size))) && \
+ access_ok(addr, 0 + (count) * (size)))
unsigned long raw_copy_to_guest(void *to, const void *from, unsigned len);
unsigned long raw_copy_to_guest_flush_dcache(void *to, const void *from,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/xen/include/asm-x86/domain.h
new/xen-4.9.0-testing/xen/include/asm-x86/domain.h
--- old/xen-4.9.0-testing/xen/include/asm-x86/domain.h 2017-05-16
17:03:05.000000000 +0200
+++ new/xen-4.9.0-testing/xen/include/asm-x86/domain.h 2017-05-26
20:56:48.000000000 +0200
@@ -655,6 +655,17 @@
pv_inject_event(&event);
}
+static inline void pv_inject_sw_interrupt(unsigned int vector)
+{
+ const struct x86_event event = {
+ .vector = vector,
+ .type = X86_EVENTTYPE_SW_INTERRUPT,
+ .error_code = X86_EVENT_NO_EC,
+ };
+
+ pv_inject_event(&event);
+}
+
#endif /* __ASM_DOMAIN_H__ */
/*
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/xen/include/asm-x86/p2m.h
new/xen-4.9.0-testing/xen/include/asm-x86/p2m.h
--- old/xen-4.9.0-testing/xen/include/asm-x86/p2m.h 2017-05-16
17:03:05.000000000 +0200
+++ new/xen-4.9.0-testing/xen/include/asm-x86/p2m.h 2017-05-26
20:56:48.000000000 +0200
@@ -246,6 +246,8 @@
p2m_query_t q,
unsigned int *page_order,
bool_t *sve);
+ int (*recalc)(struct p2m_domain *p2m,
+ unsigned long gfn);
void (*enable_hardware_log_dirty)(struct p2m_domain *p2m);
void (*disable_hardware_log_dirty)(struct p2m_domain *p2m);
void (*flush_hardware_cached_dirty)(struct p2m_domain *p2m);
@@ -607,10 +609,9 @@
p2m_type_t ot, p2m_type_t nt);
/* Synchronously change the p2m type for a range of gfns */
-void p2m_finish_type_change(struct domain *d,
- gfn_t first_gfn,
- unsigned long max_nr,
- p2m_type_t ot, p2m_type_t nt);
+int p2m_finish_type_change(struct domain *d,
+ gfn_t first_gfn,
+ unsigned long max_nr);
/* Report a change affecting memory types. */
void p2m_memory_type_changed(struct domain *d);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/xen-4.9.0-testing/xen/include/asm-x86/x86_64/uaccess.h
new/xen-4.9.0-testing/xen/include/asm-x86/x86_64/uaccess.h
--- old/xen-4.9.0-testing/xen/include/asm-x86/x86_64/uaccess.h 2017-05-16
17:03:05.000000000 +0200
+++ new/xen-4.9.0-testing/xen/include/asm-x86/x86_64/uaccess.h 2017-05-26
20:56:48.000000000 +0200
@@ -42,7 +42,7 @@
#define array_access_ok(addr, count, size) \
(likely(((count) ?: 0UL) < (~0UL / (size))) && \
- access_ok(addr, (count) * (size)))
+ access_ok(addr, 0 + (count) * (size)))
#define __compat_addr_ok(d, addr) \
((unsigned long)(addr) < HYPERVISOR_COMPAT_VIRT_START(d))
@@ -55,7 +55,7 @@
#define compat_array_access_ok(addr,count,size) \
(likely((count) < (~0U / (size))) && \
- compat_access_ok(addr, (count) * (size)))
+ compat_access_ok(addr, 0 + (count) * (size)))
#define __put_user_size(x,ptr,size,retval,errret) \
do { \
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xen-4.9.0-testing/xen/include/xen/xmalloc.h
new/xen-4.9.0-testing/xen/include/xen/xmalloc.h
--- old/xen-4.9.0-testing/xen/include/xen/xmalloc.h 2017-05-16
17:03:05.000000000 +0200
+++ new/xen-4.9.0-testing/xen/include/xen/xmalloc.h 2017-05-26
20:56:48.000000000 +0200
@@ -33,17 +33,17 @@
static inline void *_xmalloc_array(
unsigned long size, unsigned long align, unsigned long num)
{
- /* Check for overflow. */
- if (size && num > UINT_MAX / size)
- return NULL;
- return _xmalloc(size * num, align);
+ /* Check for overflow. */
+ if ( size && num > UINT_MAX / size )
+ return NULL;
+ return _xmalloc(size * num, align);
}
static inline void *_xzalloc_array(
unsigned long size, unsigned long align, unsigned long num)
{
/* Check for overflow. */
- if (size && num > UINT_MAX / size)
+ if ( size && num > UINT_MAX / size )
return NULL;
return _xzalloc(size * num, align);
}
