commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2020-09-25 16:21:02

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.4249 (New)


Package is "xen"

Fri Sep 25 16:21:02 2020 rev:291 rq:836146 version:4.14.0_08

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2020-09-18 14:28:08.459274689 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new.4249/xen.changes2020-09-25 
16:21:30.839358028 +0200
@@ -1,0 +2,59 @@
+Tue Sep 22 10:54:28 MDT 2020 - carn...@suse.com
+
+- bsc#1176339 - VUL-0: CVE-2020-25602: xen: x86 pv: Crash when
+  handling guest access to MSR_MISC_ENABLE (XSA-333)
+  5f6a05a0-pv-Handle-the-Intel-specific-MSR_MISC_ENABLE-correctly.patch
+- bsc#1176341 - VUL-0: CVE-2020-25598: xen: Missing unlock in
+  XENMEM_acquire_resource error path (XSA-334)
+  5f6a05b7-xen-memory-Dont-skip-the-RCU-unlock-path-in-acquire_resource.patch
+- bsc#1176343 - VUL-0: CVE-2020-25604: xen: race when migrating
+  timers between x86 HVM vCPU-s (XSA-336)
+  5f6a05dd-vpt-fix-race-when-migrating-timers-between-vCPUs.patch
+- bsc#1176344 - VUL-0: CVE-2020-25595: xen: PCI passthrough code
+  reading back hardware registers (XSA-337)
+  5f6a05fa-msi-get-rid-of-read_msi_msg.patch
+  5f6a061a-MSI-X-restrict-reading-of-table-PBA-bases-from-BARs.patch
+- bsc#1176346 - VUL-0: CVE-2020-25597: xen: once valid event
+  channels may not turn invalid (XSA-338)
+  5f6a062c-evtchn-relax-port_is_valid.patch
+- bsc#1176345 - VUL-0: CVE-2020-25596: xen: x86 pv guest kernel
+  DoS via SYSENTER (XSA-339)
+  5f6a065c-pv-Avoid-double-exception-injection.patch
+- bsc#1176347 - VUL-0: CVE-2020-25603: xen: Missing barrier
+  barriers when accessing/allocating an event channel (XSA-340)
+  
5f6a0674-xen-evtchn-Add-missing-barriers-when-accessing-allocating-an-event-channel.patch
+- bsc#1176348 - VUL-0: CVE-2020-25600: xen: out of bounds event
+  channels available to 32-bit x86 domains (XSA-342)
+  5f6a068e-evtchn-x86-enforce-correct-upper-limit-for-32-bit-guests.patch
+- bsc#1176349 - VUL-0: CVE-2020-25599: xen: races with
+  evtchn_reset() (XSA-343)
+  5f6a06be-evtchn-evtchn_reset-shouldnt-succeed-with-still-open-ports.patch
+  5f6a06e0-evtchn-convert-per-channel-lock-to-be-IRQ-safe.patch
+  5f6a06f2-evtchn-address-races-with-evtchn_reset.patch
+- bsc#1176350 - VUL-0: CVE-2020-25601: xen: lack of preemption in
+  evtchn_reset() / evtchn_destroy() (XSA-344)
+  5f6a071f-evtchn-arrange-for-preemption-in-evtchn_destroy.patch
+  5f6a0754-evtchn-arrange-for-preemption-in-evtchn_reset.patch
+- Upstream bug fix (bsc#1027519)
+  5f5b6951-x86-PV-64bit-segbase-consistency.patch
+
+---
+Mon Sep 21 14:03:02 MDT 2020 - carn...@suse.com
+
+- Fix problems in xen.spec with building on aarch64
+
+---
+Fri Sep 18 15:20:31 MDT 2020 - carn...@suse.com
+
+- Make use of %service_del_postun_without_restart while preserving
+  the old behavior for older distros.
+- In %post tools, remove unnecessary qemu symlinks.
+
+---
+Thu Sep 17 11:11:11 UTC 2020 - oher...@suse.de
+
+- Fix error in xen-tools %post when linking pvgrub64.bin
+- Make paths below libexec more explicit
+- Create symlink also for pvgrub32.bin
+
+---

New:

  5f5b6951-x86-PV-64bit-segbase-consistency.patch
  5f6a05a0-pv-Handle-the-Intel-specific-MSR_MISC_ENABLE-correctly.patch
  5f6a05b7-xen-memory-Dont-skip-the-RCU-unlock-path-in-acquire_resource.patch
  5f6a05dd-vpt-fix-race-when-migrating-timers-between-vCPUs.patch
  5f6a05fa-msi-get-rid-of-read_msi_msg.patch
  5f6a061a-MSI-X-restrict-reading-of-table-PBA-bases-from-BARs.patch
  5f6a062c-evtchn-relax-port_is_valid.patch
  5f6a065c-pv-Avoid-double-exception-injection.patch
  
5f6a0674-xen-evtchn-Add-missing-barriers-when-accessing-allocating-an-event-channel.patch
  5f6a068e-evtchn-x86-enforce-correct-upper-limit-for-32-bit-guests.patch
  5f6a06be-evtchn-evtchn_reset-shouldnt-succeed-with-still-open-ports.patch
  5f6a06e0-evtchn-convert-per-channel-lock-to-be-IRQ-safe.patch
  5f6a06f2-evtchn-address-races-with-evtchn_reset.patch
  5f6a071f-evtchn-arrange-for-preemption-in-evtchn_destroy.patch
  5f6a0754-evtchn-arrange-for-preemption-in-evtchn_reset.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.juoBW6/_old  2020-09-25 16:21:32.367359381 +0200
+++ /var/tmp/diff_new_pack.juoBW6/_new  2020-09-25 16:21:32.371359385 +0200
@@ -38,6 +38,7 @@
 %bcond_withxen_stubdom
 %endif
 #
+%define qemu_arch i386
 %ifarch x86_64
 %define 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2020-09-18 14:26:58

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.4249 (New)


Package is "xen"

Fri Sep 18 14:26:58 2020 rev:290 rq:834358 version:4.14.0_06

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2020-09-05 23:57:08.383095719 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new.4249/xen.changes2020-09-18 
14:28:08.459274689 +0200
@@ -1,0 +2,23 @@
+Fri Sep 11 11:11:11 UTC 2020 - oher...@suse.de
+
+- Revert previous libexec change for qemu compat wrapper
+  The path is used in existing domU.xml files in the emulator field
+- Escape some % chars in xen.spec, they have to appear verbatim
+
+---
+Wed Sep  9 10:11:12 UTC 2020 - oher...@suse.de
+
+- Enhance libxc.migrate_tracking.patch
+  Print number of allocated pages on sending side, this is more
+  accurate than p2m_size.
+
+---
+Wed Sep  2 12:53:47 MDT 2020 - carn...@suse.com
+
+- jsc#SLE-15926 - Dev: XEN: drop netware support
+  Dropped the following patches
+  pygrub-netware-xnloader.patch
+  xnloader.py
+  Refreshed pygrub-boot-legacy-sles.patch
+
+---

Old:

  pygrub-netware-xnloader.patch
  xnloader.py



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.mH2Vb6/_old  2020-09-18 14:28:10.459276703 +0200
+++ /var/tmp/diff_new_pack.mH2Vb6/_new  2020-09-18 14:28:10.467276711 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package xen
 #
-# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -123,7 +123,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.14.0_02
+Version:4.14.0_06
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0-only
@@ -149,8 +149,7 @@
 # Init script and sysconf file for pciback
 Source34:   init.pciback
 Source35:   sysconfig.pciback
-Source36:   xnloader.py
-Source37:   xen2libvirt.py
+Source36:   xen2libvirt.py
 # Systemd service files
 Source41:   xencommons.service
 Source42:   xen-dom0-modules.service
@@ -186,7 +185,6 @@
 Patch452:   hibernate.patch
 Patch453:   stdvga-cache.patch
 Patch454:   ipxe-enable-nics.patch
-Patch455:   pygrub-netware-xnloader.patch
 Patch456:   pygrub-boot-legacy-sles.patch
 Patch457:   pygrub-handle-one-line-menu-entries.patch
 Patch458:   aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch
@@ -217,7 +215,7 @@
 Patch6: xen.stubdom.newlib.patch
 Patch8: tmp_build.patch
 Patch9: reproducible.patch
-Url:http://www.cl.cam.ac.uk/Research/SRG/netos/xen/
+URL:http://www.cl.cam.ac.uk/Research/SRG/netos/xen/
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 %define pyver %(python3 -c "import sys; print(sys.version[:3])")
 
@@ -416,7 +414,6 @@
 %patch452 -p1
 %patch453 -p1
 %patch454 -p1
-%patch455 -p1
 %patch456 -p1
 %patch457 -p1
 %patch458 -p1
@@ -564,7 +561,7 @@
 find %{buildroot} -ls
 for i in %{buildroot}/%{_fillupdir}/*
 do
-   mv -v $i ${i%/*}/sysconfig.${i##*/}
+   mv -v $i ${i%%/*}/sysconfig.${i##*/}
 done
 
 #
@@ -602,7 +599,7 @@
   : just started
   ;;
 cpu/[0-9]/availability|cpu/[0-9][0-9]/availability)
-  vcpu="${REPLY%/*}"
+  vcpu="${REPLY%%/*}"
   vcpu="${vcpu#*/}"
   sysfs="/sys/devices/system/cpu/cpu${vcpu}/online"
   if test -f "${sysfs}"
@@ -649,9 +646,9 @@
 _EOR_
 #
 tee ${udev_rulesdir}/80-%{name}-channel-setup.rules <<'_EOF_'
-SUBSYSTEM=="xen", DEVPATH=="/devices/console-[0-9]", 
IMPORT{program}=="xen-channel-setup.sh $attr{nodename} %n"
+SUBSYSTEM=="xen", DEVPATH=="/devices/console-[0-9]", 
IMPORT{program}=="xen-channel-setup.sh $attr{nodename} %%n"
 
-SUBSYSTEM=="xen", DEVPATH=="/devices/console-[0-9]", 
ENV{XEN_CHANNEL_NAME}=="org.qemu.guest_agent.0", TAG+="systemd", 
ENV{SYSTEMD_WANTS}+="qemu-ga@hvc%n.service"
+SUBSYSTEM=="xen", DEVPATH=="/devices/console-[0-9]", 
ENV{XEN_CHANNEL_NAME}=="org.qemu.guest_agent.0", TAG+="systemd", 
ENV{SYSTEMD_WANTS}+="qemu-ga@hvc%%n.service"
 _EOF_
 #
 dracut_moduledir=%{buildroot}/usr/lib/dracut/modules.d/50%{name}-tools-domU
@@ -781,14 +778,14 @@
 rm -fv xen/.config
 %if %{with xen_debug}
 echo CONFIG_DEBUG=y > xen/.config
-echo "CONFIG_DOM0_MEM=\"1G+10%,max:64G\"" >> xen/.config
+echo 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2020-09-05 23:56:59

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.3399 (New)


Package is "xen"

Sat Sep  5 23:56:59 2020 rev:289 rq:831266 version:4.14.0_02

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2020-08-06 17:31:49.581090252 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new.3399/xen.changes2020-09-05 
23:57:08.383095719 +0200
@@ -1,0 +2,6 @@
+Tue Sep  1 12:28:43 UTC 2020 - Guillaume GARDET 
+
+- Fix build on aarch64 with gcc10
+- Package xenhypfs for aarch64
+
+---



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.3kYUaA/_old  2020-09-05 23:57:11.275097167 +0200
+++ /var/tmp/diff_new_pack.3kYUaA/_new  2020-09-05 23:57:11.283097171 +0200
@@ -12,7 +12,7 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
 # needssslcertforbuild
 
@@ -479,6 +479,10 @@
 export WGET=$(type -P false)
 export FTP=$(type -P false)
 export GIT=$(type -P false)
+%ifarch aarch64
+# GCC10+ enables outline-atomics option by default and breaks the build, so 
disable it
+export CFLAGS="%{optflags} -mno-outline-atomics"
+%endif
 export EXTRA_CFLAGS_XEN_TOOLS="%{optflags}"
 export EXTRA_CFLAGS_QEMU_TRADITIONAL="%{optflags}"
 export SMBIOS_REL_DATE="$SMBIOS_REL_DATE"
@@ -1032,8 +1036,8 @@
 /usr/sbin/xen-hvmctx
 /usr/sbin/xen-lowmemd
 /usr/sbin/xen-kdd
-/usr/sbin/xenhypfs
 %endif
+/usr/sbin/xenhypfs
 /usr/sbin/xen-list
 /usr/sbin/xen-destroy
 /usr/sbin/xen-livepatch

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2020-08-06 17:31:00

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.3399 (New)


Package is "xen"

Thu Aug  6 17:31:00 2020 rev:288 rq:824549 version:4.14.0_02

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2020-07-14 07:44:35.838938763 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new.3399/xen.changes2020-08-06 
17:31:49.581090252 +0200
@@ -1,0 +2,70 @@
+Wed Aug  5 19:30:23 UTC 2020 - Callum Farmer 
+
+- Correct license name
+  * GPL-3.0+ is now GPL-3.0-or-later
+
+---
+Mon Aug  3 06:26:08 MDT 2020 - carn...@suse.com
+
+- Upstream bug fixes (bsc#1027519)
+  5f1a9916-x86-S3-put-data-sregs-into-known-state.patch
+  5f21b9fd-x86-cpuid-APIC-bit-clearing.patch
+
+---
+Fri Jul 24 16:27:29 MDT 2020 - carn...@suse.com
+
+- Update to Xen 4.14.0 FCS release
+  xen-4.14.0-testing-src.tar.bz2
+  * Linux stubdomains (contributed by QUBES OS)
+  * Control-flow Enforcement Technology (CET) Shadow Stack support 
(contributed by Citrix)
+  * Lightweight VM fork for fuzzing / introspection. (contributed by Intel)
+  * Livepatch: buildid and hotpatch stack requirements
+  * CONFIG_PV32
+  * Hypervisor FS support
+  * Running Xen as a Hyper-V Guest
+  * Domain ID randomization, persistence across save / restore
+  * Golang binding autogeneration
+  * KDD support for Windows 7, 8.x and 10
+- Dropped patches contained in new tarball
+  5eb51be6-cpupool-fix-removing-cpu-from-pool.patch
+  5eb51caa-sched-vcpu-pause-flags-atomic.patch
+  5ec2a760-x86-determine-MXCSR-mask-always.patch
+  5ec50b05-x86-idle-rework-C6-EOI-workaround.patch
+  5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch
+  5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch
+  5ec82237-x86-extend-ISR-C6-workaround-to-Haswell.patch
+  5ece1b91-x86-clear-RDRAND-CPUID-bit-on-AMD-fam-15-16.patch
+  5ece8ac4-x86-load_system_tables-NMI-MC-safe.patch
+  5ed69804-x86-ucode-fix-start-end-update.patch
+  5eda60cb-SVM-split-recalc-NPT-fault-handling.patch
+  5edf6ad8-ioreq-pending-emulation-server-destruction-race.patch
+  5edfbbea-x86-spec-ctrl-CPUID-MSR-defs-for-SRBDS.patch
+  5edfbbea-x86-spec-ctrl-mitigate-SRBDS.patch
+  5ee24d0e-x86-spec-ctrl-document-SRBDS-workaround.patch
+  xsa317.patch
+  xsa319.patch
+  xsa321-1.patch
+  xsa321-2.patch
+  xsa321-3.patch
+  xsa321-4.patch
+  xsa321-5.patch
+  xsa321-6.patch
+  xsa321-7.patch
+  xsa328-1.patch
+  xsa328-2.patch
+
+---
+Thu Jul 23 11:12:58 MDT 2020 - carn...@suse.com
+
+- bsc#1172356 - Not able to hot-plug NIC via virt-manager, asks to
+  attach on next reboot while it should be live attached
+  ignore-ip-command-script-errors.patch
+
+---
+Fri Jul 17 14:14:14 UTC 2020 - oher...@suse.de
+
+- Enhance libxc.migrate_tracking.patch
+  After transfer of domU memory, the target host has to assemble
+  the backend devices. Track the time prior xc_domain_unpause.
+
+---

Old:

  5eb51be6-cpupool-fix-removing-cpu-from-pool.patch
  5eb51caa-sched-vcpu-pause-flags-atomic.patch
  5ec2a760-x86-determine-MXCSR-mask-always.patch
  5ec50b05-x86-idle-rework-C6-EOI-workaround.patch
  5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch
  5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch
  5ec82237-x86-extend-ISR-C6-workaround-to-Haswell.patch
  5ece1b91-x86-clear-RDRAND-CPUID-bit-on-AMD-fam-15-16.patch
  5ece8ac4-x86-load_system_tables-NMI-MC-safe.patch
  5ed69804-x86-ucode-fix-start-end-update.patch
  5eda60cb-SVM-split-recalc-NPT-fault-handling.patch
  5edf6ad8-ioreq-pending-emulation-server-destruction-race.patch
  5edfbbea-x86-spec-ctrl-CPUID-MSR-defs-for-SRBDS.patch
  5edfbbea-x86-spec-ctrl-mitigate-SRBDS.patch
  5ee24d0e-x86-spec-ctrl-document-SRBDS-workaround.patch
  xen-4.13.1-testing-src.tar.bz2
  xsa317.patch
  xsa319.patch
  xsa321-1.patch
  xsa321-2.patch
  xsa321-3.patch
  xsa321-4.patch
  xsa321-5.patch
  xsa321-6.patch
  xsa321-7.patch
  xsa328-1.patch
  xsa328-2.patch

New:

  5f1a9916-x86-S3-put-data-sregs-into-known-state.patch
  5f21b9fd-x86-cpuid-APIC-bit-clearing.patch
  ignore-ip-command-script-errors.patch
  xen-4.14.0-testing-src.tar.bz2



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.nerjUn/_old  2020-08-06 17:31:53.541091180 +0200
+++ /var/tmp/diff_new_pack.nerjUn/_new  2020-08-06 17:31:53.545091181 +0200
@@ -12,7 +12,7 @@
 # license that conforms to the Open 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2020-07-14 07:44:00

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.3060 (New)


Package is "xen"

Tue Jul 14 07:44:00 2020 rev:287 rq:820049 version:4.13.1_04

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2020-06-11 14:47:29.105868961 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new.3060/xen.changes2020-07-14 
07:44:35.838938763 +0200
@@ -1,0 +2,49 @@
+Tue Jun 30 18:03:40 UTC 2020 - oher...@suse.de
+
+- Add libxc.migrate_tracking.patch to track live migrations
+  unconditionally in logfiles, especially in libvirt.
+  This will track how long a domU was suspended during transit.
+
+---
+Mon Jun 29 11:28:27 MDT 2020 - carn...@suse.com
+
+- bsc#1173376 - VUL-0: CVE-2020-15566: xen: XSA-317 - Incorrect
+  error handling in event channel port allocation
+  xsa317.patch
+- bsc#1173377 - VUL-0: CVE-2020-15563: xen: XSA-319 - inverted code
+  paths in x86 dirty VRAM tracking
+  xsa319.patch
+- bsc#1173378 - VUL-0: CVE-2020-15565: xen: XSA-321 - insufficient
+  cache write- back under VT-d
+  xsa321-1.patch
+  xsa321-2.patch
+  xsa321-3.patch
+  xsa321-4.patch
+  xsa321-5.patch
+  xsa321-6.patch
+  xsa321-7.patch
+- bsc#1173380 - VUL-0: CVE-2020-15567: xen: XSA-328 - non-atomic
+  modification of live EPT PTE
+  xsa328-1.patch
+  xsa328-2.patch
+
+---
+Mon Jun 22 11:24:48 MDT 2020 - carn...@suse.com
+
+- bsc#1172205 - VUL-0: CVE-2020-0543: xen: Special Register Buffer
+  Data Sampling (SRBDS) aka "CrossTalk" (XSA-320)
+  5ee24d0e-x86-spec-ctrl-document-SRBDS-workaround.patch
+  5edfbbea-x86-spec-ctrl-CPUID-MSR-defs-for-SRBDS.patch (Replaces 
xsa320-1.patch)
+  5edfbbea-x86-spec-ctrl-mitigate-SRBDS.patch (Replaces xsa320-2.patch)
+- Upstream bug fixes (bsc#1027519)
+  5ec50b05-x86-idle-rework-C6-EOI-workaround.patch
+  5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch
+  5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch
+  5ec82237-x86-extend-ISR-C6-workaround-to-Haswell.patch
+  5ece1b91-x86-clear-RDRAND-CPUID-bit-on-AMD-fam-15-16.patch
+  5ece8ac4-x86-load_system_tables-NMI-MC-safe.patch
+  5ed69804-x86-ucode-fix-start-end-update.patch
+  5eda60cb-SVM-split-recalc-NPT-fault-handling.patch
+  5edf6ad8-ioreq-pending-emulation-server-destruction-race.patch
+
+---
@@ -114,0 +164,7 @@
+
+---
+Wed Mar 25 18:18:18 UTC 2020 - oher...@suse.de
+
+- bsc#1167608 - unbound limit for max_event_channels
+  domUs with many vcpus and/or resources fail to start
+  libxl.max_event_channels.patch

Old:

  xsa320-1.patch
  xsa320-2.patch

New:

  5ec50b05-x86-idle-rework-C6-EOI-workaround.patch
  5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch
  5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch
  5ec82237-x86-extend-ISR-C6-workaround-to-Haswell.patch
  5ece1b91-x86-clear-RDRAND-CPUID-bit-on-AMD-fam-15-16.patch
  5ece8ac4-x86-load_system_tables-NMI-MC-safe.patch
  5ed69804-x86-ucode-fix-start-end-update.patch
  5eda60cb-SVM-split-recalc-NPT-fault-handling.patch
  5edf6ad8-ioreq-pending-emulation-server-destruction-race.patch
  5edfbbea-x86-spec-ctrl-CPUID-MSR-defs-for-SRBDS.patch
  5edfbbea-x86-spec-ctrl-mitigate-SRBDS.patch
  5ee24d0e-x86-spec-ctrl-document-SRBDS-workaround.patch
  libxc.migrate_tracking.patch
  libxl.max_event_channels.patch
  xsa317.patch
  xsa319.patch
  xsa321-1.patch
  xsa321-2.patch
  xsa321-3.patch
  xsa321-4.patch
  xsa321-5.patch
  xsa321-6.patch
  xsa321-7.patch
  xsa328-1.patch
  xsa328-2.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.Lgx3u0/_old  2020-07-14 07:44:54.186997996 +0200
+++ /var/tmp/diff_new_pack.Lgx3u0/_new  2020-07-14 07:44:54.190998010 +0200
@@ -123,7 +123,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.13.1_02
+Version:4.13.1_04
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0-only
@@ -165,8 +165,29 @@
 Patch1: 5eb51be6-cpupool-fix-removing-cpu-from-pool.patch
 Patch2: 5eb51caa-sched-vcpu-pause-flags-atomic.patch
 Patch3: 5ec2a760-x86-determine-MXCSR-mask-always.patch
-Patch100:   xsa320-1.patch
-Patch101:   xsa320-2.patch
+Patch4: 5ec50b05-x86-idle-rework-C6-EOI-workaround.patch
+Patch5: 5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch
+Patch6: 5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch
+Patch7: 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2020-06-11 14:46:57

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.3606 (New)


Package is "xen"

Thu Jun 11 14:46:57 2020 rev:286 rq:813013 version:4.13.1_02

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2020-06-04 17:50:50.619962048 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new.3606/xen.changes2020-06-11 
14:47:29.105868961 +0200
@@ -1,0 +2,13 @@
+Fri Jun  5 16:42:16 UTC 2020 - Callum Farmer 
+
+- Fixes for %_libexecdir changing to /usr/libexec
+
+---
+Thu May 28 08:35:20 MDT 2020 - carn...@suse.com
+
+- bsc#1172205 - VUL-0: CVE-2020-0543: xen: Special Register Buffer
+  Data Sampling (SRBDS) aka "CrossTalk" (XSA-320)
+  xsa320-1.patch
+  xsa320-2.patch
+
+---

New:

  xsa320-1.patch
  xsa320-2.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.oYKmv6/_old  2020-06-11 14:47:32.241878097 +0200
+++ /var/tmp/diff_new_pack.oYKmv6/_new  2020-06-11 14:47:32.245878109 +0200
@@ -12,7 +12,7 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
 # needssslcertforbuild
 
@@ -165,6 +165,8 @@
 Patch1: 5eb51be6-cpupool-fix-removing-cpu-from-pool.patch
 Patch2: 5eb51caa-sched-vcpu-pause-flags-atomic.patch
 Patch3: 5ec2a760-x86-determine-MXCSR-mask-always.patch
+Patch100:   xsa320-1.patch
+Patch101:   xsa320-2.patch
 # Our platform specific patches
 Patch400:   xen-destdir.patch
 Patch401:   vif-bridge-no-iptables.patch
@@ -299,7 +301,7 @@
 %ifarch x86_64
 %package tools-xendomains-wait-disk
 Summary:Adds a new xendomains-wait-disks.service
-License:GPL-3.0+
+License:GPL-3.0-or-later
 Group:  System/Kernel
 Requires:   %{name}-tools = %{version}-%{release}
 Requires:   coreutils
@@ -393,6 +395,8 @@
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
+%patch100 -p1
+%patch101 -p1
 # Our platform specific patches
 %patch400 -p1
 %patch401 -p1
@@ -794,12 +798,12 @@
 # /usr/bin/qemu-system-i386
 # Using qemu-system-x86_64 will result in an incompatible VM
 %ifarch x86_64
-cat > %{buildroot}/usr/lib/xen/bin/qemu-system-i386 << 'EOF'
+cat > %{buildroot}%{_libexecdir}/xen/bin/qemu-system-i386 << 'EOF'
 #!/bin/sh
 
 exec %{_bindir}/qemu-system-i386 "$@"
 EOF
-chmod 0755 %{buildroot}/usr/lib/xen/bin/qemu-system-i386
+chmod 0755 %{buildroot}%{_libexecdir}/xen/bin/qemu-system-i386
 #
 unit='%{_libexecdir}/%{name}/bin/xendomains-wait-disks'
 mkdir -vp '%{buildroot}%{_libexecdir}/%{name}/bin'
@@ -943,7 +947,7 @@
 # 32 bit hypervisor no longer supported.  Remove dom0 tools.
 rm -rf %{buildroot}/%{_datadir}/doc
 rm -rf %{buildroot}/%{_datadir}/man
-rm -rf %{buildroot}/%{_libdir}/xen
+rm -rf %{buildroot}/%{_libexecdir}/xen
 rm -rf %{buildroot}/%{_libdir}/python*
 rm -rf %{buildroot}/%{_libdir}/ocaml*
 rm -rf %{buildroot}/%{_unitdir}

++ xsa320-1.patch ++
x86/spec-ctrl: CPUID/MSR definitions for Special Register Buffer Data Sampling

This is part of XSA-320 / CVE-2020-0543

Signed-off-by: Andrew Cooper 
Reviewed-by: Jan Beulich 
Acked-by: Wei Liu 

--- a/docs/misc/xen-command-line.pandoc
+++ b/docs/misc/xen-command-line.pandoc
@@ -483,10 +483,10 @@ accounting for hardware capabilities as
 
 Currently accepted:
 
-The Speculation Control hardware features `md-clear`, `ibrsb`, `stibp`, `ibpb`,
-`l1d-flush` and `ssbd` are used by default if available and applicable.  They 
can
-be ignored, e.g. `no-ibrsb`, at which point Xen won't use them itself, and
-won't offer them to guests.
+The Speculation Control hardware features `srbds-ctrl`, `md-clear`, `ibrsb`,
+`stibp`, `ibpb`, `l1d-flush` and `ssbd` are used by default if available and
+applicable.  They can be ignored, e.g. `no-ibrsb`, at which point Xen won't
+use them itself, and won't offer them to guests.
 
 ### cpuid_mask_cpu
 > `= fam_0f_rev_[cdefg] | fam_10_rev_[bc] | fam_11_rev_b`
--- a/tools/libxl/libxl_cpuid.c
+++ b/tools/libxl/libxl_cpuid.c
@@ -213,6 +213,7 @@ int libxl_cpuid_parse_config(libxl_cpuid
 
 {"avx512-4vnniw",0x0007,  0, CPUID_REG_EDX,  2,  1},
 {"avx512-4fmaps",0x0007,  0, CPUID_REG_EDX,  3,  1},
+{"srbds-ctrl",   0x0007,  0, CPUID_REG_EDX,  9,  1},
 {"md-clear", 0x0007,  0, CPUID_REG_EDX, 10,  1},
 {"cet-ibt",  0x0007,  0, CPUID_REG_EDX, 20,  1},
 {"ibrsb",  

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2020-06-04 17:50:22

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.3606 (New)


Package is "xen"

Thu Jun  4 17:50:22 2020 rev:285 rq:808027 version:4.13.1_02

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2020-05-14 23:23:55.080866217 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new.3606/xen.changes2020-06-04 
17:50:50.619962048 +0200
@@ -1,0 +2,52 @@
+Mon May 18 10:55:26 MDT 2020 - carn...@suse.com
+
+- Update to Xen 4.13.1 bug fix release (bsc#1027519)
+  xen-4.13.1-testing-src.tar.bz2
+  5eb51be6-cpupool-fix-removing-cpu-from-pool.patch
+  5eb51caa-sched-vcpu-pause-flags-atomic.patch
+  5ec2a760-x86-determine-MXCSR-mask-always.patch
+- Drop patches contained in new tarball
+  5de65f84-gnttab-map-always-do-IOMMU-part.patch
+  5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch
+  5e15e03d-sched-fix-S3-resume-with-smt=0.patch
+  5e16fb6a-x86-clear-per-cpu-stub-page-info.patch
+  5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch
+  5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch
+  5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch
+  5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch
+  5e318cd4-x86-apic-fix-disabling-LVT0.patch
+  5e344c11-x86-HVM-relinquish-resources-from-domain_destroy.patch
+  5e3bd385-EFI-recheck-variable-name-strings.patch
+  5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch
+  5e3bd3f8-xmalloc-guard-against-overflow.patch
+  5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch
+  5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch
+  5e4d4f5b-sched-fix-get_cpu_idle_time-with-core-sched.patch
+  5e4e614d-x86-spec-ctrl-no-xen-also-disables-branch-hardening.patch
+  5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch
+  5e5e7188-fix-error-path-in-cpupool_unassign_cpu_start.patch
+  5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch
+  5e7a371c-sched-fix-cpu-onlining-with-core-sched.patch
+  5e7c90cf-sched-fix-cpu-offlining-with-core-sched.patch
+  5e7cfb29-x86-ucode-AMD-fix-assert-in-compare_patch.patch
+  5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch
+  5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch
+  5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch
+  5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch
+  5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch
+  5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch
+  5e86f7fd-credit2-fix-credit-too-few-resets.patch
+  5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch
+  5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch
+  5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch
+  5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch
+  5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch
+  5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch
+
+---
+Wed May 13 21:07:29 UTC 2020 - James Fehlig 
+
+- spec: Remove invocation of autogen.sh
+- spec: Recommend qemu-ovmf-x86_64 to provide UEFI firmwares
+
+---

Old:

  5de65f84-gnttab-map-always-do-IOMMU-part.patch
  5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch
  5e15e03d-sched-fix-S3-resume-with-smt=0.patch
  5e16fb6a-x86-clear-per-cpu-stub-page-info.patch
  5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch
  5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch
  5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch
  5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch
  5e318cd4-x86-apic-fix-disabling-LVT0.patch
  5e344c11-x86-HVM-relinquish-resources-from-domain_destroy.patch
  5e3bd385-EFI-recheck-variable-name-strings.patch
  5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch
  5e3bd3f8-xmalloc-guard-against-overflow.patch
  5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch
  5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch
  5e4d4f5b-sched-fix-get_cpu_idle_time-with-core-sched.patch
  5e4e614d-x86-spec-ctrl-no-xen-also-disables-branch-hardening.patch
  5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch
  5e5e7188-fix-error-path-in-cpupool_unassign_cpu_start.patch
  5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch
  5e7a371c-sched-fix-cpu-onlining-with-core-sched.patch
  5e7c90cf-sched-fix-cpu-offlining-with-core-sched.patch
  5e7cfb29-x86-ucode-AMD-fix-assert-in-compare_patch.patch
  5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch
  5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch
  5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch
  

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2020-05-14 23:23:50

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.2738 (New)


Package is "xen"

Thu May 14 23:23:50 2020 rev:284 rq:805360 version:4.13.0_12

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2020-04-18 00:27:37.169703076 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new.2738/xen.changes2020-05-14 
23:23:55.080866217 +0200
@@ -1,0 +2,6 @@
+Wed May 13 09:56:49 MDT 2020 - carn...@suse.com
+
+- bsc#1170968 - GCC 10: xen build fails on i586
+  gcc10-fixes.patch
+
+---



Other differences:
--
++ gcc10-fixes.patch ++
--- /var/tmp/diff_new_pack.ZIEYgB/_old  2020-05-14 23:23:56.752869866 +0200
+++ /var/tmp/diff_new_pack.ZIEYgB/_new  2020-05-14 23:23:56.756869874 +0200
@@ -73,6 +73,15 @@
 specified bound 108 equals destination size [-Werror=stringop-truncation]
 
 
+xenpmd.c: In function 'get_next_battery_file':
+xenpmd.c:92:37: error: '%s' directive output may be truncated writing between 
4 and 2147483645 bytes into a region of size 271 [-Werror=format-truncation=]
+   92 | #define BATTERY_STATE_FILE_PATH "/tmp/battery/%s/state"
+  | ^~~
+xenpmd.c:117:52: note: in expansion of macro 'BATTERY_STATE_FILE_PATH'
+  117 | snprintf(file_name, sizeof(file_name), 
BATTERY_STATE_FILE_PATH,
+  |
^~~
+
+
 Index: xen-4.13.0-testing/tools/libxl/libxlu_pci.c
 ===
 --- xen-4.13.0-testing.orig/tools/libxl/libxlu_pci.c
@@ -107,7 +116,7 @@
 +++ xen-4.13.0-testing/stubdom/polarssl.patch
 @@ -62,3 +62,25 @@ diff -Naur polarssl-1.1.4/library/bignum
   t_udbl r;
-
+ 
   r  = (t_udbl) X.p[i] << biL;
 +--- polarssl-1.1.4/library/ssl_tls.c.orig 2012-05-30 01:39:36.0 
-0600
  polarssl-1.1.4/library/ssl_tls.c  2020-03-10 10:17:26.270755351 -0600
@@ -177,3 +186,17 @@
  int libxl__prepare_sockaddr_un(libxl__gc *gc,
 struct sockaddr_un *un, const char *path,
 const char *what)
+Index: xen-4.13.0-testing/tools/xenpmd/xenpmd.c
+===
+--- xen-4.13.0-testing.orig/tools/xenpmd/xenpmd.c
 xen-4.13.0-testing/tools/xenpmd/xenpmd.c
+@@ -86,6 +86,9 @@ struct battery_status {
+ 
+ static struct xs_handle *xs;
+ 
++#if __GNUC__ >= 10
++#pragma GCC diagnostic ignored "-Wformat-truncation"
++#endif
+ #ifdef RUN_IN_SIMULATE_MODE
+ #define BATTERY_DIR_PATH "/tmp/battery"
+ #define BATTERY_INFO_FILE_PATH "/tmp/battery/%s/info" 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2020-04-18 00:27:30

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.2738 (New)


Package is "xen"

Sat Apr 18 00:27:30 2020 rev:283 rq:794376 version:4.13.0_12

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2020-03-27 21:55:41.818736895 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new.2738/xen.changes2020-04-18 
00:27:37.169703076 +0200
@@ -1,0 +2,44 @@
+Tue Apr 14 11:06:08 MDT 2020 - carn...@suse.com
+
+- bsc#1169392 - VUL-0: CVE-2020-11742: xen: Bad continuation
+  handling in GNTTABOP_copy (XSA-318)
+  5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch
+
+---
+Mon Apr  6 12:01:45 MDT 2020 - carn...@suse.com
+
+- bsc#1168140 - VUL-0: CVE-2020-11740, CVE-2020-11741: xen: XSA-313
+  multiple xenoprof issues
+  5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch
+  5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch
+- bsc#1168142 - VUL-0: CVE-2020-11739: xen: XSA-314 - Missing
+  memory barriers in read-write unlock paths
+  5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch
+- bsc#1168143 - VUL-0: CVE-2020-11743: xen: XSA-316 - Bad error
+  path in GNTTABOP_map_grant
+  5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch
+- bsc#1167152 - L3: Xenstored Crashed during VM install Need Core
+  analyzed
+  5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch
+- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog
+  bug soft lockup CPU #0 stuck under high load / upstream with
+  workaround. See also bsc#1134506
+  5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch
+  5e86f7fd-credit2-fix-credit-too-few-resets.patch
+- Drop for upstream solution (bsc#1165206)
+  01-xen-credit2-avoid-vcpus-to.patch
+  default-to-credit1-scheduler.patch
+- Upstream bug fixes (bsc#1027519)
+  5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch
+  5e5e7188-fix-error-path-in-cpupool_unassign_cpu_start.patch
+  5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch
+  5e7a371c-sched-fix-cpu-onlining-with-core-sched.patch
+  5e7c90cf-sched-fix-cpu-offlining-with-core-sched.patch
+  5e7cfb29-x86-ucode-AMD-fix-assert-in-compare_patch.patch
+  5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch
+  5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch
+  5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch
+  5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch
+  5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch
+
+---

Old:

  01-xen-credit2-avoid-vcpus-to.patch
  default-to-credit1-scheduler.patch

New:

  5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch
  5e5e7188-fix-error-path-in-cpupool_unassign_cpu_start.patch
  5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch
  5e7a371c-sched-fix-cpu-onlining-with-core-sched.patch
  5e7c90cf-sched-fix-cpu-offlining-with-core-sched.patch
  5e7cfb29-x86-ucode-AMD-fix-assert-in-compare_patch.patch
  5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch
  5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch
  5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch
  5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch
  5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch
  5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch
  5e86f7fd-credit2-fix-credit-too-few-resets.patch
  5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch
  5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch
  5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch
  5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch
  5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch
  5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.CM6yhr/_old  2020-04-18 00:27:40.393709753 +0200
+++ /var/tmp/diff_new_pack.CM6yhr/_new  2020-04-18 00:27:40.397709761 +0200
@@ -127,7 +127,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.13.0_11
+Version:4.13.0_12
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0-only
@@ -183,6 +183,25 @@
 Patch15:5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch
 Patch16:5e4d4f5b-sched-fix-get_cpu_idle_time-with-core-sched.patch
 Patch17:
5e4e614d-x86-spec-ctrl-no-xen-also-disables-branch-hardening.patch
+Patch18:

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2020-03-27 21:55:25

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.3160 (New)


Package is "xen"

Fri Mar 27 21:55:25 2020 rev:282 rq:788324 version:4.13.0_11

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2020-03-14 09:53:56.467048508 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new.3160/xen.changes2020-03-27 
21:55:41.818736895 +0100
@@ -1,0 +2,14 @@
+Wed Mar 18 17:00:34 UTC 2020 - oher...@suse.de
+
+- bsc#1161480 - Fix xl shutdown for HVM without PV drivers
+  add libxl.libxl__domain_pvcontrol.patch
+
+---
+Thu Mar 12 07:57:53 MDT 2020 - carn...@suse.com
+
+- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog
+  bug soft lockup CPU #0 stuck under high load / upstream with
+  workaround. See also bsc#1134506
+  01-xen-credit2-avoid-vcpus-to.patch
+
+---

New:

  01-xen-credit2-avoid-vcpus-to.patch
  libxl.libxl__domain_pvcontrol.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.Dy0zfP/_old  2020-03-27 21:55:44.522738468 +0100
+++ /var/tmp/diff_new_pack.Dy0zfP/_new  2020-03-27 21:55:44.534738475 +0100
@@ -127,7 +127,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.13.0_10
+Version:4.13.0_11
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0-only
@@ -200,6 +200,7 @@
 Patch422:   stubdom-have-iovec.patch
 Patch423:   vif-route.patch
 Patch424:   gcc10-fixes.patch
+Patch425:   01-xen-credit2-avoid-vcpus-to.patch
 # Other bug fixes or features
 Patch451:   xenconsole-no-multiple-connections.patch
 Patch452:   hibernate.patch
@@ -216,6 +217,7 @@
 Patch465:   xen.libxl.dmmd.patch
 Patch466:   libxl.set-migration-constraints-from-cmdline.patch
 Patch467:   xenstore-run-in-studomain.patch
+Patch468:   libxl.libxl__domain_pvcontrol.patch
 Patch469:   libxl.helper_done-crash.patch
 Patch470:   libxl.LIBXL_HOTPLUG_TIMEOUT.patch
 # python3 conversion patches
@@ -443,6 +445,7 @@
 %patch422 -p1
 %patch423 -p1
 %patch424 -p1
+%patch425 -p1
 # Other bug fixes or features
 %patch451 -p1
 %patch452 -p1
@@ -459,6 +462,7 @@
 %patch465 -p1
 %patch466 -p1
 %patch467 -p1
+%patch468 -p1
 %patch469 -p1
 %patch470 -p1
 # python3 conversion patches

++ 01-xen-credit2-avoid-vcpus-to.patch ++
commit 149b5880db78648318b23623c93c6e4f91ad1e87
Author: Dario Faggioli 
Date:   Wed Mar 11 19:13:59 2020 +0100

xen: credit2: avoid vCPUs to ever reach lower credits than idle

There have been report of stalls of guest vCPUs, when Credit2 was used.
It seemed like these vCPUs were not getting scheduled for very long
time, even under light load conditions (e.g., during dom0 boot).

Investigations led to the discovery that --although rarely-- it can
happen that a vCPU manages to run for very long timeslices. In Credit2,
this means that, when runtime accounting happens, the vCPU will lose a
large quantity of credits. This in turn may lead to the vCPU having less
credits than the idle vCPUs (-2^30). At this point, the scheduler will
pick the idle vCPU, instead of the ready to run vCPU, for a few
"epochs", which often times is enough for the guest kernel to think the
vCPU is not responding and crashing.

An example of this situation is shown here. In fact, we can see d0v1
sitting in the runqueue while all the CPUs are idle, as it has
-1254238270 credits, which is smaller than -2^30 = −1073741824:

(XEN) Runqueue 0:
(XEN)   ncpus  = 28
(XEN)   cpus   = 0-27
(XEN)   max_weight = 256
(XEN)   pick_bias  = 22
(XEN)   instload   = 1
(XEN)   aveload= 293391 (~111%)
(XEN)   idlers: 00,,,,,,0fff
(XEN)   tickled: 
00,,,,,,
(XEN)   fully idle cores: 
00,,,,,,0fff
[...]
(XEN) Runqueue 0:
(XEN) CPU[00] runq=0, sibling=00,..., core=00,...
(XEN) CPU[01] runq=0, sibling=00,..., core=00,...
[...]
(XEN) CPU[26] runq=0, sibling=00,..., core=00,...
(XEN) CPU[27] runq=0, sibling=00,..., core=00,...
(XEN) RUNQ:
(XEN) 0: [0.1] flags=0 cpu=5 credit=-1254238270 [w=256] load=262144 
(~100%)

We certainly don't want, under 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2020-03-14 09:53:55

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.3160 (New)


Package is "xen"

Sat Mar 14 09:53:55 2020 rev:281 rq:783535 version:4.13.0_10

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2020-02-25 16:03:08.124206851 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new.3160/xen.changes2020-03-14 
09:53:56.467048508 +0100
@@ -1,0 +2,14 @@
+Tue Mar 10 07:41:34 MDT 2020 - carn...@suse.com
+
+- bsc#1158414 - GCC 10: xen build fails
+  gcc10-fixes.patch
+
+---
+Wed Mar  4 13:28:17 MST 2020 - carn...@suse.com
+
+- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog
+  bug soft lockup CPU #0 stuck under high load / upstream with
+  workaround. See also bsc#1134506
+  default-to-credit1-scheduler.patch
+
+---

New:

  default-to-credit1-scheduler.patch
  gcc10-fixes.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.0qadtc/_old  2020-03-14 09:53:58.475049982 +0100
+++ /var/tmp/diff_new_pack.0qadtc/_new  2020-03-14 09:53:58.479049985 +0100
@@ -127,7 +127,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.13.0_08
+Version:4.13.0_10
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0-only
@@ -194,10 +194,12 @@
 Patch407:   replace-obsolete-network-configuration-commands-in-s.patch
 Patch408:   disable-building-pv-shim.patch
 Patch409:   xenstore-launch.patch
+Patch410:   default-to-credit1-scheduler.patch
 # Needs to go upstream
 Patch420:   suspend_evtchn_lock.patch
 Patch422:   stubdom-have-iovec.patch
 Patch423:   vif-route.patch
+Patch424:   gcc10-fixes.patch
 # Other bug fixes or features
 Patch451:   xenconsole-no-multiple-connections.patch
 Patch452:   hibernate.patch
@@ -435,10 +437,12 @@
 %patch407 -p1
 %patch408 -p1
 %patch409 -p1
+%patch410 -p1
 # Needs to go upstream
 %patch420 -p1
 %patch422 -p1
 %patch423 -p1
+%patch424 -p1
 # Other bug fixes or features
 %patch451 -p1
 %patch452 -p1

++ default-to-credit1-scheduler.patch ++
References: bsc#1165206, bsc#1134506

Switch the default scheduler back to the original credit
scheduler. This action reverses the commit referenced below.

From: George Dunlap george.dun...@citrix.com Mon Oct 29 14:51:51 2018 +
Subject: Make credit2 the default scheduler
Date: Mon Oct 29 14:58:34 2018 +:
Git: dafd936dddbd7978d4131275ad1112f64457bf64

--- xen-4.13.0-testing.orig/xen/common/Kconfig
+++ xen-4.13.0-testing/xen/common/Kconfig
@@ -319,7 +319,7 @@ config SCHED_NULL
 
 choice
prompt "Default Scheduler?"
-   default SCHED_CREDIT2_DEFAULT
+   default SCHED_CREDIT_DEFAULT
 
config SCHED_CREDIT_DEFAULT
bool "Credit Scheduler" if SCHED_CREDIT
@@ -340,7 +340,7 @@ config SCHED_DEFAULT
default "rtds" if SCHED_RTDS_DEFAULT
default "arinc653" if SCHED_ARINC653_DEFAULT
default "null" if SCHED_NULL_DEFAULT
-   default "credit2"
+   default "credit"
 
 endmenu
 
++ gcc10-fixes.patch ++
References: bsc#1158414

For libxlu_pci.c
libxlu_pci.c: In function 'xlu_pci_parse_bdf':
libxlu_pci.c:32:18: error: 'func' may be used uninitialized in this function 
[-Werror=maybe-uninitialized]
   32 | pcidev->func = func;
  | ~^~
libxlu_pci.c:51:29: note: 'func' was declared here
   51 | unsigned dom, bus, dev, func, vslot = 0;
  | ^~~~
libxlu_pci.c:31:17: error: 'dev' may be used uninitialized in this function 
[-Werror=maybe-uninitialized]
   31 | pcidev->dev = dev;
  | ^
libxlu_pci.c:51:24: note: 'dev' was declared here
   51 | unsigned dom, bus, dev, func, vslot = 0;
  |^~~
libxlu_pci.c:30:17: error: 'bus' may be used uninitialized in this function 
[-Werror=maybe-uninitialized]
   30 | pcidev->bus = bus;
  | ^
libxlu_pci.c:51:19: note: 'bus' was declared here
   51 | unsigned dom, bus, dev, func, vslot = 0;
  |   ^~~
libxlu_pci.c:29:20: error: 'dom' may be used uninitialized in this function 
[-Werror=maybe-uninitialized]
   29 | pcidev->domain = domain;
  | ~~~^~~~
libxlu_pci.c:51:14: note: 'dom' was declared here
   51 | unsigned dom, bus, dev, func, vslot = 0;
  |  ^~~


For kdd.c
kdd.c: In function 'kdd_tx':
kdd.c:408:30: error: array subscript 65534 is 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2020-02-25 16:01:56

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.26092 (New)


Package is "xen"

Tue Feb 25 16:01:56 2020 rev:280 rq:47 version:4.13.0_08

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2020-02-03 11:11:48.981799384 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new.26092/xen.changes   2020-02-25 
16:03:08.124206851 +0100
@@ -1,0 +2,48 @@
+Thu Feb 20 08:18:37 MST 2020 - carn...@suse.com
+
+- bsc#1160932 - VUL-0: xen: XSA-312 v1: arm: a CPU may speculate
+  past the ERET instruction 
+  5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch
+- bsc#1164425 - x86: "spec-ctrl=no-xen" should also disable branch
+  hardening
+  5e4e614d-x86-spec-ctrl-no-xen-also-disables-branch-hardening.patch
+- Upstream bug fixes (bsc#1027519)
+  5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch
+  5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch
+  5e318cd4-x86-apic-fix-disabling-LVT0.patch
+  5e344c11-x86-HVM-relinquish-resources-from-domain_destroy.patch
+  5e3bd385-EFI-recheck-variable-name-strings.patch
+  5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch
+  5e3bd3f8-xmalloc-guard-against-overflow.patch
+  5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch
+  5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch
+  5e4d4f5b-sched-fix-get_cpu_idle_time-with-core-sched.patch
+
+---
+Tue Feb 18 18:18:18 UTC 2020 - oher...@suse.de
+
+- bsc#1159755 - use fixed qemu-3.1 machine type for HVM
+  This must be done in qemu to preserve PCI layout
+  remove libxl.lock-qemu-machine-for-hvm.patch
+
+---
+Fri Feb  7 12:37:35 UTC 2020 - oher...@suse.de
+
+- jsc#SLE-10183 - script to calculate cpuid= mask
+  add helper script from https://github.com/twizted/xen_maskcalc
+  domUs may be migrated between different cpus from the same vendor
+  if their visible cpuid value has incompatible feature bits masked.
+
+---
+Wed Feb  5 15:16:06 UTC 2020 - oher...@suse.de
+
+- jsc#SLE-10172, bsc#1055731 - handle degraded raid for xendomains
+  add helper script and systemd service from
+  https://github.com/luizluca/xen-tools-xendomains-wait-disk
+  in new sub package xen-tools-xendomains-wait-disk
+  See included README for usage instructions
+  xendomains-wait-disks.LICENSE
+  xendomains-wait-disks.README.md
+  xendomains-wait-disks.sh
+
+---

Old:

  libxl.lock-qemu-machine-for-hvm.patch

New:

  5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch
  5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch
  5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch
  5e318cd4-x86-apic-fix-disabling-LVT0.patch
  5e344c11-x86-HVM-relinquish-resources-from-domain_destroy.patch
  5e3bd385-EFI-recheck-variable-name-strings.patch
  5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch
  5e3bd3f8-xmalloc-guard-against-overflow.patch
  5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch
  5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch
  5e4d4f5b-sched-fix-get_cpu_idle_time-with-core-sched.patch
  5e4e614d-x86-spec-ctrl-no-xen-also-disables-branch-hardening.patch
  xen_maskcalc.py
  xendomains-wait-disks.LICENSE
  xendomains-wait-disks.README.md
  xendomains-wait-disks.sh



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.5nXBtx/_old  2020-02-25 16:03:19.156228943 +0100
+++ /var/tmp/diff_new_pack.5nXBtx/_new  2020-02-25 16:03:19.160228951 +0100
@@ -127,7 +127,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.13.0_06
+Version:4.13.0_08
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0-only
@@ -159,6 +159,10 @@
 Source41:   xencommons.service
 Source42:   xen-dom0-modules.service
 Source57:   xen-utils-0.1.tar.bz2
+Source10172:xendomains-wait-disks.sh
+Source10173:xendomains-wait-disks.LICENSE
+Source10174:xendomains-wait-disks.README.md
+Source10183:xen_maskcalc.py
 # For xen-libs
 Source99:   baselibs.conf
 # Upstream patches
@@ -167,6 +171,18 @@
 Patch3: 5e15e03d-sched-fix-S3-resume-with-smt=0.patch
 Patch4: 5e16fb6a-x86-clear-per-cpu-stub-page-info.patch
 Patch5: 5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch
+Patch6: 5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch
+Patch7: 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2020-02-03 11:11:34

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.26092 (New)


Package is "xen"

Mon Feb  3 11:11:34 2020 rev:279 rq:768357 version:4.13.0_06

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2020-01-11 14:37:37.893127614 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new.26092/xen.changes   2020-02-03 
11:11:48.981799384 +0100
@@ -1,0 +2,19 @@
+Tue Jan 28 14:10:38 UTC 2020 - oher...@suse.de
+
+- bsc#1159755 - use fixed qemu-3.1 machine type for HVM
+  qemu4 introduced incompatible changes in pc-i440fx, which revealed
+  a design bug in 'xenfv'. Live migration from domUs started with
+  qemu versions prior qemu4 can not be received with qemu4+. 
+  libxl.lock-qemu-machine-for-hvm.patch
+
+---
+Tue Jan 14 09:19:31 MST 2020 - carn...@suse.com
+
+- Upstream bug fixes (bsc#1027519)
+  5de65f84-gnttab-map-always-do-IOMMU-part.patch
+  5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch
+  5e15e03d-sched-fix-S3-resume-with-smt=0.patch
+  5e16fb6a-x86-clear-per-cpu-stub-page-info.patch
+  5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch
+
+---

New:

  5de65f84-gnttab-map-always-do-IOMMU-part.patch
  5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch
  5e15e03d-sched-fix-S3-resume-with-smt=0.patch
  5e16fb6a-x86-clear-per-cpu-stub-page-info.patch
  5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch
  libxl.lock-qemu-machine-for-hvm.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.4sL3EX/_old  2020-02-03 11:11:52.393801108 +0100
+++ /var/tmp/diff_new_pack.4sL3EX/_new  2020-02-03 11:11:52.393801108 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package xen
 #
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -12,7 +12,7 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via https://bugs.opensuse.org/
+# Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 # needssslcertforbuild
 
@@ -108,8 +108,8 @@
 BuildRequires:  acpica
 BuildRequires:  openssl-devel
 BuildRequires:  python3-devel
-BuildRequires:  pkgconfig(systemd)
 BuildRequires:  xz-devel
+BuildRequires:  pkgconfig(systemd)
 %ifarch x86_64
 BuildRequires:  gcc-32bit
 BuildRequires:  gcc-c++
@@ -127,7 +127,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.13.0_04
+Version:4.13.0_06
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0-only
@@ -162,6 +162,11 @@
 # For xen-libs
 Source99:   baselibs.conf
 # Upstream patches
+Patch1: 5de65f84-gnttab-map-always-do-IOMMU-part.patch
+Patch2: 5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch
+Patch3: 5e15e03d-sched-fix-S3-resume-with-smt=0.patch
+Patch4: 5e16fb6a-x86-clear-per-cpu-stub-page-info.patch
+Patch5: 5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch
 # Our platform specific patches
 Patch400:   xen-destdir.patch
 Patch401:   vif-bridge-no-iptables.patch
@@ -193,6 +198,7 @@
 Patch465:   xen.libxl.dmmd.patch
 Patch466:   libxl.set-migration-constraints-from-cmdline.patch
 Patch467:   xenstore-run-in-studomain.patch
+Patch468:   libxl.lock-qemu-machine-for-hvm.patch
 Patch469:   libxl.helper_done-crash.patch
 Patch470:   libxl.LIBXL_HOTPLUG_TIMEOUT.patch
 # python3 conversion patches
@@ -356,6 +362,11 @@
 %prep
 %setup -q -n %xen_build_dir -a 1 -a 5 -a 6 -a 57
 # Upstream patches
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
 # Our platform specific patches
 %patch400 -p1
 %patch401 -p1
@@ -387,6 +398,7 @@
 %patch465 -p1
 %patch466 -p1
 %patch467 -p1
+%patch468 -p1
 %patch469 -p1
 %patch470 -p1
 # python3 conversion patches

++ 5de65f84-gnttab-map-always-do-IOMMU-part.patch ++
# Commit 921f1f42260c7967bf18f8a143d39511d163c421
# Date 2019-12-03 14:13:40 +0100
# Author Jan Beulich 
# Committer Jan Beulich 
gnttab: make sure grant map operations don't skip their IOMMU part

Two almost simultaneous mapping requests need to make sure that at the
completion of the earlier one IOMMU mappings (established explicitly
here in the PV case) have been put in place. Forever since the splitting
of the grant table lock a violation of 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2020-01-11 14:37:34

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.6675 (New)


Package is "xen"

Sat Jan 11 14:37:34 2020 rev:278 rq:761890 version:4.13.0_04

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2019-12-23 22:39:04.157862620 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new.6675/xen.changes2020-01-11 
14:37:37.893127614 +0100
@@ -1,0 +2,6 @@
+Wed Jan  8 11:43:04 UTC 2020 - Dominique Leuenberger 
+
+- BuildRequire pkgconfig(libsystemd) instead of systemd-devel:
+  Allow OBS to shortcut through the -mini flavors.
+
+---



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.tdgm1p/_old  2020-01-11 14:37:39.897128407 +0100
+++ /var/tmp/diff_new_pack.tdgm1p/_new  2020-01-11 14:37:39.897128407 +0100
@@ -60,7 +60,7 @@
 %define with_gcc48 0
 %define _fwdefdir /etc/sysconfig/SuSEfirewall2.d/services
 %systemd_requires
-BuildRequires:  systemd-devel
+BuildRequires:  pkgconfig(libsystemd)
 %define with_systemd_modules_load %{_prefix}/lib/modules-load.d
 PreReq: %fillup_prereq
 %ifarch %arm aarch64
@@ -108,7 +108,7 @@
 BuildRequires:  acpica
 BuildRequires:  openssl-devel
 BuildRequires:  python3-devel
-BuildRequires:  systemd
+BuildRequires:  pkgconfig(systemd)
 BuildRequires:  xz-devel
 %ifarch x86_64
 BuildRequires:  gcc-32bit

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2019-12-23 22:36:33

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.6675 (New)


Package is "xen"

Mon Dec 23 22:36:33 2019 rev:277 rq:758031 version:4.13.0_04

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2019-12-02 11:35:37.590436934 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new.6675/xen.changes2019-12-23 
22:39:04.157862620 +0100
@@ -1,0 +2,27 @@
+Wed Dec 18 10:16:52 MST 2019 - carn...@suse.com
+
+- bsc#1159320 - Xen logrotate file needs updated
+  logrotate.conf
+
+---
+Wed Dec 18 08:21:17 MST 2019 - carn...@suse.com
+
+- Update to Xen 4.13.0 FCS release
+  xen-4.13.0-testing-src.tar.bz2
+  * Core Scheduling (contributed by SUSE)
+  * Branch hardening to mitigate against Spectre v1 (contributed by Citrix)
+  * Late uCode loading (contributed by Intel)
+  * Improved live-patching build tools (contributed by AWS)
+  * OP-TEE support (contributed by EPAM)
+  * Renesas R-CAR IPMMU-VMSA driver (contributed by EPAM)
+  * Dom0-less passthrough and ImageBuilder (contributed by XILINX)
+  * Support for new Hardware
+
+---
+Tue Dec  3 08:57:29 MST 2019 - carn...@suse.com
+
+- Update to Xen 4.13.0 RC4 release
+  xen-4.13.0-testing-src.tar.bz2
+- Rebase libxl.pvscsi.patch
+
+---



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.S1ZI7N/_old  2019-12-23 22:39:06.805863769 +0100
+++ /var/tmp/diff_new_pack.S1ZI7N/_new  2019-12-23 22:39:06.809863770 +0100
@@ -12,7 +12,7 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
 # needssslcertforbuild
 
@@ -127,7 +127,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.13.0_03
+Version:4.13.0_04
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0-only

++ build-python3-conversion.patch ++
--- /var/tmp/diff_new_pack.S1ZI7N/_old  2019-12-23 22:39:06.937863826 +0100
+++ /var/tmp/diff_new_pack.S1ZI7N/_new  2019-12-23 22:39:06.941863828 +0100
@@ -19,12 +19,12 @@
  fi;;
  esac
  if test -z "$PYTHON"; then :
--  PYTHON="python"
-+  PYTHON="python3"
- fi
- if echo "$PYTHON" | grep -q "^/"; then :
- 
-@@ -6981,15 +6981,15 @@ if test x"${PYTHONPATH}" = x"no"
+-  for ac_prog in python python3 python2
++  for ac_prog in python3 python python2
+ do
+   # Extract the first word of "$ac_prog", so it can be a program name with 
args.
+ set dummy $ac_prog; ac_word=$2
+@@ -7065,15 +7065,15 @@ if test x"${PYTHONPATH}" = x"no"
  then
  as_fn_error $? "Unable to find $PYTHON, please install $PYTHON" "$LINENO" 
5
  fi
@@ -368,13 +368,14 @@
 ===
 --- xen-4.13.0-testing.orig/tools/configure.ac
 +++ xen-4.13.0-testing/tools/configure.ac
-@@ -337,13 +337,13 @@ case "$host_os" in
+@@ -337,14 +337,14 @@ case "$host_os" in
freebsd*) ;;
*) AX_PATH_PROG_OR_FAIL([BASH], [bash]);;
  esac
--AS_IF([test -z "$PYTHON"], [PYTHON="python"])
-+AS_IF([test -z "$PYTHON"], [PYTHON="python3"])
- AS_IF([echo "$PYTHON" | grep -q "^/"], [], [PYTHON=`type -p "$PYTHON"`])
+-AS_IF([test -z "$PYTHON"], [AC_CHECK_PROGS([PYTHON], [python python3 
python2], err)])
++AS_IF([test -z "$PYTHON"], [AC_CHECK_PROGS([PYTHON], [python3 python 
python2], err)])
+ AS_IF([test "$PYTHON" = "err"], [AC_MSG_ERROR([No python interpreter found])])
+ AS_IF([echo "$PYTHON" | grep -q "^/"], [], [AC_PATH_PROG([PYTHON], 
[$PYTHON])])
  PYTHONPATH=$PYTHON
  PYTHON=`basename $PYTHONPATH`
  
@@ -535,16 +536,6 @@
  
  import re,sys
  
-Index: xen-4.13.0-testing/xen/xsm/flask/gen-policy.py
-===
 xen-4.13.0-testing.orig/xen/xsm/flask/gen-policy.py
-+++ xen-4.13.0-testing/xen/xsm/flask/gen-policy.py
-@@ -1,4 +1,4 @@
--#!/usr/bin/env python
-+#!/usr/bin/python3
- import sys
- 
- policy_size = 0
 Index: xen-4.13.0-testing/xen/tools/fig-to-oct.py
 ===
 --- xen-4.13.0-testing.orig/xen/tools/fig-to-oct.py

++ libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch ++
--- /var/tmp/diff_new_pack.S1ZI7N/_old  2019-12-23 22:39:06.989863849 +0100
+++ /var/tmp/diff_new_pack.S1ZI7N/_new  2019-12-23 22:39:06.989863849 +0100
@@ -48,7 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2019-12-02 11:31:12

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.4691 (New)


Package is "xen"

Mon Dec  2 11:31:12 2019 rev:276 rq:751119 version:4.13.0_03

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2019-11-18 20:02:39.185825992 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new.4691/xen.changes2019-12-02 
11:35:37.590436934 +0100
@@ -1,0 +2,7 @@
+Mon Nov 25 10:49:13 MST 2019 - carn...@suse.com
+
+- Update to Xen 4.13.0 RC3 release
+  xen-4.13.0-testing-src.tar.bz2
+- Drop python38-build.patch
+
+---

Old:

  python38-build.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.nQxnA1/_old  2019-12-02 11:35:40.278435602 +0100
+++ /var/tmp/diff_new_pack.nQxnA1/_new  2019-12-02 11:35:40.278435602 +0100
@@ -24,7 +24,7 @@
 
 Name:   xen
 ExclusiveArch:  %ix86 x86_64 aarch64
-%define changeset 40113
+%define changeset 40162
 %define xen_build_dir xen-4.13.0-testing
 #
 %define with_gdbsx 0
@@ -127,7 +127,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.13.0_02
+Version:4.13.0_03
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0-only
@@ -207,7 +207,6 @@
 Patch623:   ipxe-no-error-logical-not-parentheses.patch
 Patch624:   ipxe-use-rpm-opt-flags.patch
 # Build patches
-Patch5: python38-build.patch
 Patch6: xen.stubdom.newlib.patch
 Patch8: tmp_build.patch
 Patch9: reproducible.patch
@@ -402,7 +401,6 @@
 %patch623 -p1
 %patch624 -p1
 # Build patches
-%patch5 -p1
 %patch6 -p1
 %patch8 -p1
 %patch9 -p1

++ build-python3-conversion.patch ++
--- /var/tmp/diff_new_pack.nQxnA1/_old  2019-12-02 11:35:40.394435545 +0100
+++ /var/tmp/diff_new_pack.nQxnA1/_new  2019-12-02 11:35:40.398435543 +0100
@@ -487,7 +487,7 @@
  state.common_1d = featureset_to_uint32s(common_1d, 1)[0]
  state.special = featureset_to_uint32s(state.raw_special, nr_entries)
  state.pv = featureset_to_uint32s(state.raw_pv, nr_entries)
-@@ -316,11 +316,11 @@ def crunch_numbers(state):
+@@ -317,11 +317,11 @@ def crunch_numbers(state):
  
  state.deep_deps[feat] = seen[1:]
  
@@ -502,7 +502,7 @@
  except AttributeError:
  _tmp = state.deep_deps.items()
  
-@@ -328,10 +328,10 @@ def crunch_numbers(state):
+@@ -329,10 +329,10 @@ def crunch_numbers(state):
  state.deep_deps[k] = featureset_to_uint32s(v, nr_entries)
  
  # Calculate the bitfield name declarations

++ libxl.LIBXL_HOTPLUG_TIMEOUT.patch ++
--- /var/tmp/diff_new_pack.nQxnA1/_old  2019-12-02 11:35:40.446435519 +0100
+++ /var/tmp/diff_new_pack.nQxnA1/_new  2019-12-02 11:35:40.450435517 +0100
@@ -290,7 +290,7 @@
  
  #include 
  #include 
-@@ -1507,6 +1508,7 @@ struct libxl__xswait_state {
+@@ -1593,6 +1594,7 @@ struct libxl__xswait_state {
  const char *what; /* for error msgs: noun phrase, what we're waiting for 
*/
  const char *path;
  int timeout_ms; /* as for poll(2) */
@@ -298,7 +298,7 @@
  libxl__xswait_callback *callback;
  /* remaining fields are private to xswait */
  libxl__ev_time time_ev;
-@@ -2565,6 +2567,7 @@ struct libxl__async_exec_state {
+@@ -2652,6 +2654,7 @@ struct libxl__async_exec_state {
  char **args; /* execution arguments */
  char **env; /* execution environment */
  
@@ -306,7 +306,7 @@
  /* private */
  libxl__ev_time time;
  libxl__ev_child child;
-@@ -4744,6 +4747,9 @@ _hidden int libxl__domain_pvcontrol(libx
+@@ -4783,6 +4786,9 @@ _hidden int libxl__domain_pvcontrol(libx
  
  #endif
  

++ libxl.pvscsi.patch ++
--- /var/tmp/diff_new_pack.nQxnA1/_old  2019-12-02 11:35:40.462435511 +0100
+++ /var/tmp/diff_new_pack.nQxnA1/_new  2019-12-02 11:35:40.462435511 +0100
@@ -226,7 +226,7 @@
 ===
 --- xen-4.13.0-testing.orig/tools/libxl/libxl_internal.h
 +++ xen-4.13.0-testing/tools/libxl/libxl_internal.h
-@@ -3849,6 +3849,7 @@ extern const libxl__device_type libxl__v
+@@ -3936,6 +3936,7 @@ extern const libxl__device_type libxl__v
  extern const libxl__device_type libxl__disk_devtype;
  extern const libxl__device_type libxl__nic_devtype;
  extern const libxl__device_type libxl__vtpm_devtype;

++ libxl.set-migration-constraints-from-cmdline.patch ++
--- /var/tmp/diff_new_pack.nQxnA1/_old  2019-12-02 11:35:40.470435507 +0100
+++ /var/tmp/diff_new_pack.nQxnA1/_new  2019-12-02 11:35:40.474435505 +0100
@@ -395,7 +395,7 @@
 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2019-11-18 20:02:37

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.26869 (New)


Package is "xen"

Mon Nov 18 20:02:37 2019 rev:275 rq:748496 version:4.13.0_02

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2019-11-03 11:18:25.348420050 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new.26869/xen.changes   2019-11-18 
20:02:39.185825992 +0100
@@ -1,0 +2,6 @@
+Tue Nov 12 08:09:27 MST 2019 - carn...@suse.com
+
+- Update to Xen 4.13.0 RC2 release
+  xen-4.13.0-testing-src.tar.bz2
+
+---



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.Nojayp/_old  2019-11-18 20:02:43.329823911 +0100
+++ /var/tmp/diff_new_pack.Nojayp/_new  2019-11-18 20:02:43.337823907 +0100
@@ -12,7 +12,7 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via https://bugs.opensuse.org/
+# Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 # needssslcertforbuild
 
@@ -24,7 +24,7 @@
 
 Name:   xen
 ExclusiveArch:  %ix86 x86_64 aarch64
-%define changeset 40015
+%define changeset 40113
 %define xen_build_dir xen-4.13.0-testing
 #
 %define with_gdbsx 0
@@ -127,7 +127,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.13.0_01
+Version:4.13.0_02
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0-only
@@ -207,8 +207,6 @@
 Patch623:   ipxe-no-error-logical-not-parentheses.patch
 Patch624:   ipxe-use-rpm-opt-flags.patch
 # Build patches
-# PATCH-FIX-UPSTREAM python38-build.patch mc...@suse.com
-# Make package buildable with python3.8
 Patch5: python38-build.patch
 Patch6: xen.stubdom.newlib.patch
 Patch8: tmp_build.patch

++ libxl.LIBXL_HOTPLUG_TIMEOUT.patch ++
--- /var/tmp/diff_new_pack.Nojayp/_old  2019-11-18 20:02:43.573823789 +0100
+++ /var/tmp/diff_new_pack.Nojayp/_new  2019-11-18 20:02:43.573823789 +0100
@@ -89,7 +89,7 @@
 ===
 --- xen-4.13.0-testing.orig/tools/libxl/libxl_create.c
 +++ xen-4.13.0-testing/tools/libxl/libxl_create.c
-@@ -1024,6 +1024,7 @@ static void initiate_domain_create(libxl
+@@ -1116,6 +1116,7 @@ static void initiate_domain_create(libxl
   * build info around just to know if the domain has a device model or not.
   */
  store_libxl_entry(gc, domid, _config->b_info);
@@ -290,7 +290,7 @@
  
  #include 
  #include 
-@@ -1496,6 +1497,7 @@ struct libxl__xswait_state {
+@@ -1507,6 +1508,7 @@ struct libxl__xswait_state {
  const char *what; /* for error msgs: noun phrase, what we're waiting for 
*/
  const char *path;
  int timeout_ms; /* as for poll(2) */
@@ -298,7 +298,7 @@
  libxl__xswait_callback *callback;
  /* remaining fields are private to xswait */
  libxl__ev_time time_ev;
-@@ -2554,6 +2556,7 @@ struct libxl__async_exec_state {
+@@ -2565,6 +2567,7 @@ struct libxl__async_exec_state {
  char **args; /* execution arguments */
  char **env; /* execution environment */
  
@@ -306,7 +306,7 @@
  /* private */
  libxl__ev_time time;
  libxl__ev_child child;
-@@ -4732,6 +4735,9 @@ _hidden int libxl__domain_pvcontrol(libx
+@@ -4744,6 +4747,9 @@ _hidden int libxl__domain_pvcontrol(libx
  
  #endif
  

++ libxl.pvscsi.patch ++
--- /var/tmp/diff_new_pack.Nojayp/_old  2019-11-18 20:02:43.593823779 +0100
+++ /var/tmp/diff_new_pack.Nojayp/_new  2019-11-18 20:02:43.593823779 +0100
@@ -38,7 +38,7 @@
 ===
 --- xen-4.13.0-testing.orig/docs/man/xl.cfg.5.pod.in
 +++ xen-4.13.0-testing/docs/man/xl.cfg.5.pod.in
-@@ -750,6 +750,62 @@ frontend to backend. It can be used as a
+@@ -756,6 +756,62 @@ frontend to backend. It can be used as a
  For more information about the protocol, see
  https://xenbits.xenproject.org/docs/unstable/misc/pvcalls.html.
  
@@ -154,7 +154,7 @@
 ===
 --- xen-4.13.0-testing.orig/tools/libxl/libxl.h
 +++ xen-4.13.0-testing/tools/libxl/libxl.h
-@@ -1124,6 +1124,13 @@ void libxl_mac_copy(libxl_ctx *ctx, libx
+@@ -1125,6 +1125,13 @@ void libxl_mac_copy(libxl_ctx *ctx, libx
  #define LIBXL_HAVE_PCITOPOLOGY 1
  
  /*
@@ -168,7 +168,7 @@
   * LIBXL_HAVE_SOCKET_BITMAP
   *
   * If this is defined, then libxl_socket_bitmap_alloc and
-@@ -2119,6 +2126,41 @@ int libxl_device_channel_getinfo(libxl_c
+@@ -2141,6 +2148,41 @@ int 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2019-11-03 11:18:21

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.2990 (New)


Package is "xen"

Sun Nov  3 11:18:21 2019 rev:274 rq:743878 version:4.13.0_01

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2019-10-22 15:41:54.485474805 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new.2990/xen.changes2019-11-03 
11:18:25.348420050 +0100
@@ -1,0 +2,6 @@
+Tue Oct 29 14:27:13 CET 2019 - Matej Cepl 
+
+- Add python38-build.patch fixing build with Python 3.8 (add
+  --embed to python-config call)
+
+---

New:

  python38-build.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.h5lLDM/_old  2019-11-03 11:18:27.512422814 +0100
+++ /var/tmp/diff_new_pack.h5lLDM/_new  2019-11-03 11:18:27.512422814 +0100
@@ -12,7 +12,7 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
 # needssslcertforbuild
 
@@ -207,6 +207,9 @@
 Patch623:   ipxe-no-error-logical-not-parentheses.patch
 Patch624:   ipxe-use-rpm-opt-flags.patch
 # Build patches
+# PATCH-FIX-UPSTREAM python38-build.patch mc...@suse.com
+# Make package buildable with python3.8
+Patch5: python38-build.patch
 Patch6: xen.stubdom.newlib.patch
 Patch8: tmp_build.patch
 Patch9: reproducible.patch
@@ -401,6 +404,7 @@
 %patch623 -p1
 %patch624 -p1
 # Build patches
+%patch5 -p1
 %patch6 -p1
 %patch8 -p1
 %patch9 -p1

++ python38-build.patch ++
--- a/m4/python_devel.m4
+++ b/m4/python_devel.m4
@@ -24,7 +24,12 @@ AS_IF([test x"$pyconfig" = x"no"], [
 dnl If python-config is found use it
 CPPFLAGS="$CFLAGS `$PYTHON-config --cflags`"
 LDFLAGS="$LDFLAGS `$PYTHON-config --ldflags`"
-LIBS="$LIBS `$PYTHON-config --libs`"
+if $PYTHON-config --libs --embed >/dev/null 2>&1 ; then
+PYLIBS="$($PYTHON-config --libs --embed)"
+else
+PYLIBS="$($PYTHON-config --libs)"
+fi
+LIBS="$LIBS $PYLIBS"
 ])
 
 AC_CHECK_HEADER([Python.h], [],

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2019-10-22 15:40:58

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.2352 (New)


Package is "xen"

Tue Oct 22 15:40:58 2019 rev:273 rq:741160 version:4.13.0_01

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2019-10-14 14:53:06.774197611 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new.2352/xen.changes2019-10-22 
15:41:54.485474805 +0200
@@ -1,0 +2,76 @@
+Mon Oct 14 09:01:47 MDT 2019 - carn...@suse.com
+
+- Update to Xen 4.13.0 RC1 release
+  xen-4.13.0-testing-src.tar.bz2
+- Drop patches contained in new tarball or invalid
+  5ca7660f-x86-entry-drop-unused-includes.patch
+  5cab2a6b-x86-ACPI-also-parse-AMD-tables-early.patch
+  5cab2ab7-x86-IOMMU-introduce-init-ops.patch
+  5cab2ae8-x86-IOMMU-abstract-iommu_supports_eim.patch
+  5cab2b4e-x86-IOMMU-abstract-iommu_enable_x2apic_IR.patch
+  5cab2b95-x86-IOMMU-initialize-iommu_ops-in.patch
+  5cac9a4b-x86-IOMMU-abstract-adjust_vtd_irq_affinities.patch
+  5cdeac7f-AMD-IOMMU-adjust-IOMMU-list-head-init.patch
+  5cf8da09-adjust-sysdom-creation-call-earlier-on-x86.patch
+  5d0cf4e4-AMD-IOMMU-initialize-IRQ-tasklet-once.patch
+  5d149bb0-AMD-IOMMU-dont-add-IOMMUs.patch
+  5d1b3fab-AMD-IOMMU-restrict-feature-logging.patch
+  5d358508-x86-IRQ-desc-affinity-represents-request.patch
+  5d358534-x86-IRQ-consolidate-arch-cpu_mask-use.patch
+  5d358a67-AMD-IOMMU-pass-IOMMU-to-iterate_ivrs_entries-cb.patch
+  5d358a92-AMD-IOMMU-pass-IOMMU-to-amd_iommu_alloc_intremap_table.patch
+  5d39811c-x86-IOMMU-dont-restrict-IRQ-affinities.patch
+  5d417813-AMD-IOMMU-bitfield-extended-features.patch
+  5d417838-AMD-IOMMU-bitfield-control-reg.patch
+  5d41785b-AMD-IOMMU-bitfield-IRTE.patch
+  5d41787e-AMD-IOMMU-pass-IOMMU-to-gfu-intremap-entry.patch
+  5d4178ad-AMD-IOMMU-128bit-non-guest-APIC-IRTE.patch
+  5d4178fc-AMD-IOMMU-split-amd_iommu_init_one.patch
+  5d41793f-AMD-IOMMU-allow-enabling-without-IRQ.patch
+  5d417a16-AMD-IOMMU-adjust-IRQ-setup-for-x2APIC.patch
+  5d417ab6-AMD-IOMMU-enable-x2APIC-mode.patch
+  5d417b38-AMD-IOMMU-correct-IRTE-updating.patch
+  5d417b6a-AMD-IOMMU-dont-needlessly-log-headers.patch
+  5d419d49-x86-spec-ctrl-report-proper-status.patch
+  5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch
+  5d4a9d25-AMD-IOMMU-drop-not-found-message.patch
+  5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch
+  5d4afa7a-credit2-fix-memory-leak.patch
+  5d4d850a-introduce-bss-percpu-page-aligned.patch
+  5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch
+  5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch
+  5d6524ca-x86-mm-correctly-init-M2P-entries.patch
+  5d67ceaf-x86-properly-gate-PKU-clearing.patch
+  5d70bfba-x86-shadow-dont-enable-with-too-small-allocation.patch
+  5d779811-x86-fix-CPUID7-0-eax-levelling-MSR.patch
+  5d77b40f-fix-hvm_all_ioreq_servers_add_vcpu-cleanup.patch
+  5d80e7c0-AMD-IOMMU-free-shared-IRT-once.patch
+  5d80e80d-AMD-IOMMU-valid-flag-for-IVRS-mappings.patch
+  5d80e82e-AMD-IOMMU-alloc_intremap_table-callers-handle-errors.patch
+  5d80e857-x86-PCI-read-MSI-X-table-entry-count-early.patch
+  5d80ea13-vpci-honor-read-only-devices.patch
+  5d89d8d9-libxc-x86-avoid-overflow-in-CPUID-APIC-ID.patch
+  5d8b715f-ACPI-cpuidle-bump-max-num-of-states.patch
+  5d8b72e5-AMD-IOMMU-dont-blindly-alloc-intremap-tables.patch
+  5d8b730e-AMD-IOMMU-phantom-funcs-share-intremap-tables.patch
+  5d8b733b-x86-PCI-read-max-MSI-vector-count-early.patch
+  5d8b736d-AMD-IOMMU-replace-INTREMAP_ENTRIES.patch
+  5d8b7393-AMD-IOMMU-restrict-intremap-table-sizes.patch
+  5d9ee2a8-AMD-IOMMU-alloc-1-devtab-per-PCI-seg.patch
+  5d9ee2f0-AMD-IOMMU-allocate_buffer-avoid-memset.patch
+  5d9ee312-AMD-IOMMU-prefill-all-DTEs.patch
+  CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch
+  blktap2-no-uninit.patch
+  libxl.prepare-environment-for-domcreate_stream_done.patch
+  pygrub-python3-conversion.patch
+  fix-xenpvnetboot.patch
+
+---
+Thu Oct 10 08:39:52 MDT 2019 - carn...@suse.com
+
+- bsc#1135799 - Partner-L3: Xen crashes on AMD ROME based machines
+  5d9ee2a8-AMD-IOMMU-alloc-1-devtab-per-PCI-seg.patch
+  5d9ee2f0-AMD-IOMMU-allocate_buffer-avoid-memset.patch
+  5d9ee312-AMD-IOMMU-prefill-all-DTEs.patch
+
+---
@@ -81,0 +158 @@
+- Drop 5d419d49-x86-spec-ctrl-facilities-report-wrong-status.patch
@@ -145 +222,6 @@
-  xen-tools.etc_pollution.patch
+
+---
+Thu Aug  1 13:10:39 MDT 2019 - carn...@suse.com
+
+- bsc#1143563 - Speculative mitigation facilities report wrong status
+  5d419d49-x86-spec-ctrl-facilities-report-wrong-status.patch
@@ -198 +280,2 @@
-- bsc#1138294 - 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2019-10-14 14:53:06

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.2352 (New)


Package is "xen"

Mon Oct 14 14:53:06 2019 rev:272 rq:737541 version:4.12.1_02

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2019-10-05 16:19:18.641592606 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new.2352/xen.changes2019-10-14 
14:53:06.774197611 +0200
@@ -1,0 +2,7 @@
+Wed Oct  2 08:37:47 UTC 2019 - oher...@suse.de
+
+- bsc#1120095 - add code to change LIBXL_HOTPLUG_TIMEOUT at runtime
+  The included README has details about the impact of this change
+  libxl.LIBXL_HOTPLUG_TIMEOUT.patch
+
+---

New:

  libxl.LIBXL_HOTPLUG_TIMEOUT.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.qHle4R/_old  2019-10-14 14:53:09.898189463 +0200
+++ /var/tmp/diff_new_pack.qHle4R/_new  2019-10-14 14:53:09.902189453 +0200
@@ -249,6 +249,7 @@
 Patch467:   xenstore-run-in-studomain.patch
 Patch468:   libxl.prepare-environment-for-domcreate_stream_done.patch
 Patch469:   libxl.helper_done-crash.patch
+Patch470:   libxl.LIBXL_HOTPLUG_TIMEOUT.patch
 # python3 conversion patches
 Patch500:   build-python3-conversion.patch
 Patch501:   pygrub-python3-conversion.patch
@@ -501,6 +502,7 @@
 %patch467 -p1
 %patch468 -p1
 %patch469 -p1
+%patch470 -p1
 # python3 conversion patches
 %patch500 -p1
 %patch501 -p1

++ README.SUSE ++
--- /var/tmp/diff_new_pack.qHle4R/_old  2019-10-14 14:53:10.102188931 +0200
+++ /var/tmp/diff_new_pack.qHle4R/_new  2019-10-14 14:53:10.102188931 +0200
@@ -527,6 +527,64 @@
 take effect.
 
 
+Adjusting LIBXL_HOTPLUG_TIMEOUT at runtime
+--
+A domU with a large amount of disks may run into the hardcoded
+LIBXL_HOTPLUG_TIMEOUT limit, which is 40 seconds. This happens if the
+preparation for each disk takes an unexpected large amount of time. Then
+the sum of all configured disks and the individual preparation time will
+be larger than 40 seconds. The hotplug script which does the preparation
+takes a lock before doing the actual preparation. Since the hotplug
+scripts for each disk are spawned at nearly the same time, each one has
+to wait for the lock. Due to this contention, the total execution time
+of a script can easily exceed the timeout. In this case libxl will
+terminate the script because it has to assume an error condition.
+
+Example:
+10 configured disks, each one takes 3 seconds within the critital
+section. The total execution time will be 30 seconds, which is still
+within the limit. With 5 additional configured disks, the total
+execution time will be 45 seconds, which would trigger the timeout.
+
+To handle such setup without a recompile of libxl, a special key/value
+has to be created in xenstore prior domain creation. This can be done
+either manually, or at system startup. A dedicated systemd service file
+exists to set the required value. To enable it, run these commands:
+
+/etc/systemd/system # systemctl enable xen-LIBXL_HOTPLUG_TIMEOUT.service
+/etc/systemd/system # systemctl start xen-LIBXL_HOTPLUG_TIMEOUT.service
+
+
+In case the value in this service file needs to be changed, a copy with
+the exact same name must be created in the /etc/systemd/system directory:
+
+/etc/systemd/system # cat xen-LIBXL_HOTPLUG_TIMEOUT.service
+[Unit]
+Description=set global LIBXL_HOTPLUG_TIMEOUT
+ConditionPathExists=/proc/xen/capabilities
+
+Requires=xenstored.service
+After=xenstored.service
+Requires=xen-init-dom0.service
+After=xen-init-dom0.service
+Before=xencommons.service
+
+[Service]
+Type=oneshot
+RemainAfterExit=true
+ExecStartPre=/bin/grep -q control_d /proc/xen/capabilities
+ExecStart=/usr/bin/xenstore-write /libxl/suse/per-device-LIBXL_HOTPLUG_TIMEOUT 
10
+
+[Install]
+WantedBy=multi-user.target
+
+In this example the per-device value will be set to 10 seconds.
+
+The change for libxl which handles this xenstore value will enable
+additional logging if the key is found. That extra logging will show how
+the execution time of each script.
+
+
 Troubleshooting
 ---
 First try to get Linux running on bare metal before trying with Xen.

++ libxl.LIBXL_HOTPLUG_TIMEOUT.patch ++
References: bsc#1120095

A domU with a large amount of disks may run into the hardcoded
LIBXL_HOTPLUG_TIMEOUT limit, which is 40 seconds. This happens if the
preparation for each disk takes an unexpected large amount of time. Then
the sum of all configured disks and the individual preparation time will
be larger than 40 seconds. The hotplug script which does 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2019-09-11 10:22:29

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.7948 (New)


Package is "xen"

Wed Sep 11 10:22:29 2019 rev:270 rq:728544 version:4.12.1_02

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2019-08-19 20:48:45.477080861 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new.7948/xen.changes2019-09-11 
10:22:34.415494531 +0200
@@ -1,0 +2,19 @@
+Wed Aug 28 09:25:30 MDT 2019 - carn...@suse.com
+
+- Upstream bug fixes (bsc#1027519)
+  5d419d49-x86-spec-ctrl-report-proper-status.patch
+  5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch
+  5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch
+  5d4afa7a-credit2-fix-memory-leak.patch
+  5d4d850a-introduce-bss-percpu-page-aligned.patch
+  5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch
+  5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch
+  5d6524ca-x86-mm-correctly-init-M2P-entries.patch
+
+---
+Wed Aug 28 11:25:17 UTC 2019 - oher...@suse.de
+
+- Preserve modified files which used to be marked as %config,
+  rename file.rpmsave to file
+
+---

New:

  5d419d49-x86-spec-ctrl-report-proper-status.patch
  5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch
  5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch
  5d4afa7a-credit2-fix-memory-leak.patch
  5d4d850a-introduce-bss-percpu-page-aligned.patch
  5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch
  5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch
  5d6524ca-x86-mm-correctly-init-M2P-entries.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.HuVxiw/_old  2019-09-11 10:22:37.147494192 +0200
+++ /var/tmp/diff_new_pack.HuVxiw/_new  2019-09-11 10:22:37.151494191 +0200
@@ -159,6 +159,14 @@
 # For xen-libs
 Source99:   baselibs.conf
 # Upstream patches
+Patch1: 5d419d49-x86-spec-ctrl-report-proper-status.patch
+Patch2: 5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch
+Patch3: 5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch
+Patch4: 5d4afa7a-credit2-fix-memory-leak.patch
+Patch5: 5d4d850a-introduce-bss-percpu-page-aligned.patch
+Patch6: 5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch
+Patch7: 5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch
+Patch8: 5d6524ca-x86-mm-correctly-init-M2P-entries.patch
 # Our platform specific patches
 Patch400:   xen-destdir.patch
 Patch401:   vif-bridge-no-iptables.patch
@@ -357,6 +365,14 @@
 %prep
 %setup -q -n %xen_build_dir -a 1 -a 5 -a 6 -a 57
 # Upstream patches
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1
 # Our platform specific patches
 %patch400 -p1
 %patch401 -p1
@@ -1158,6 +1174,17 @@
 fi
 
 %pre tools
+for empty_config_file in \
+   logrotate.d/xen \
+   modprobe.d/xen_loop.conf \
+   pam.d/xen-api \
+   xen/cpupool \
+   xen/xenapiusers \
+   xen/xl.conf
+do
+  test -f /etc/${empty_config_file}.rpmsave && mv -v 
/etc/${empty_config_file}.rpmsave /etc/${empty_config_file}.rpmsave.old ||:
+done
+
 %service_add_pre xencommons.service
 %service_add_pre xendomains.service
 %service_add_pre xen-watchdog.service
@@ -1229,6 +1256,18 @@
 %service_del_postun xen-init-dom0.service
 %service_del_postun xen-qemu-dom0-disk-backend.service
 
+%posttrans tools
+for empty_config_file in \
+   logrotate.d/xen \
+   modprobe.d/xen_loop.conf \
+   pam.d/xen-api \
+   xen/cpupool \
+   xen/xenapiusers \
+   xen/xl.conf
+do
+  test -f /etc/${empty_config_file}.rpmsave && mv -v 
/etc/${empty_config_file}.rpmsave /etc/${empty_config_file}
+done
+
 %endif
 
 %post libs -p /sbin/ldconfig

++ 5d419d49-x86-spec-ctrl-report-proper-status.patch ++
# Commit 2adc580bd59f5c3034fd6ecacd5748678373f17a
# Date 2019-07-31 14:53:13 +0100
# Author Jin Nan Wang 
# Committer Andrew Cooper 
xen/spec-ctrl: Speculative mitigation facilities report wrong status

Booting with spec-ctrl=0 results in Xen printing "None MD_CLEAR".

  (XEN)   Support for HVM VMs: None MD_CLEAR
  (XEN)   Support for PV VMs: None MD_CLEAR

Add a check about X86_FEATURE_MD_CLEAR to avoid to print "None".

Signed-off-by: James Wang 
Reviewed-by: Andrew Cooper 

--- a/xen/arch/x86/spec_ctrl.c
+++ b/xen/arch/x86/spec_ctrl.c
@@ -360,6 +360,7 @@ static void __init print_details(enum in
 printk("  Support for HVM VMs:%s%s%s%s%s\n",
(boot_cpu_has(X86_FEATURE_SC_MSR_HVM) ||
 boot_cpu_has(X86_FEATURE_SC_RSB_HVM) ||
+

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2019-08-19 20:48:41

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.22127 (New)


Package is "xen"

Mon Aug 19 20:48:41 2019 rev:269 rq:724162 version:4.12.1_02

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2019-08-07 13:54:57.680857127 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new.22127/xen.changes   2019-08-19 
20:48:45.477080861 +0200
@@ -1,0 +2,58 @@
+Fri Aug  9 10:29:45 MDT 2019 - carn...@suse.com
+
+- Update to Xen 4.12.1 bug fix release (bsc#1027519)
+  xen-4.12.1-testing-src.tar.bz2
+- Drop patches contained in new tarball
+  5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch
+  5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch
+  5c87b6c8-drop-arch_evtchn_inject.patch
+  5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch
+  5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch
+  5c8f752c-x86-e820-build-with-gcc9.patch
+  5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch
+  5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch
+  5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch
+  5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch
+  5c9e63c5-credit2-SMT-idle-handling.patch
+  5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch
+  5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch
+  5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch
+  5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch
+  5cd921fb-trace-fix-build-with-gcc9.patch
+  5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch
+  5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch
+  5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch
+  5cd926d0-bitmap_fill-zero-sized.patch
+  5cd92724-drivers-video-drop-constraints.patch
+  5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch
+  5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch
+  5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch
+  5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch
+  5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch
+  5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch
+  5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch
+  5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch
+  5cdeb9fd-sched-fix-csched2_deinit_pdata.patch
+  5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch
+  5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch
+  5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch
+  5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch
+  5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch
+  5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch
+  5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch
+  5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch
+  5d03a0c4-6-Arm64-cmpxchg-simplify.patch
+  5d03a0c4-7-Arm32-cmpxchg-simplify.patch
+  5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch
+  5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch
+  5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch
+  5d03a0c4-B-bitops-guest-helpers.patch
+  5d03a0c4-C-cmpxchg-guest-helpers.patch
+  5d03a0c4-D-use-guest-atomics-helpers.patch
+  5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch
+  5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch
+- Refreshed patches
+  libxl.pvscsi.patch
+  xen-tools.etc_pollution.patch
+
+---

Old:

  5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch
  5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch
  5c87b6c8-drop-arch_evtchn_inject.patch
  5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch
  5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch
  5c8f752c-x86-e820-build-with-gcc9.patch
  5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch
  5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch
  5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch
  5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch
  5c9e63c5-credit2-SMT-idle-handling.patch
  5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch
  5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch
  5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch
  5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch
  5cd921fb-trace-fix-build-with-gcc9.patch
  5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch
  5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch
  5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch
  5cd926d0-bitmap_fill-zero-sized.patch
  5cd92724-drivers-video-drop-constraints.patch
  5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch
  5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch
  5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch
  5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch
  5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch
  

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2019-06-22 11:04:29

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.4615 (New)


Package is "xen"

Sat Jun 22 11:04:29 2019 rev:267 rq:710678 version:4.12.0_12

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2019-05-17 23:39:19.322039407 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new.4615/xen.changes2019-06-22 
11:04:36.251856662 +0200
@@ -1,0 +2,13 @@
+Tue Jun 11 20:22:47 UTC 2019 - Jim Fehlig 
+
+- spec: xen-tools: require matching version of xen package
+  bsc#1137471
+
+---
+Fri May 17 08:50:57 UTC 2019 - oher...@suse.de
+
+- Remove two stale patches
+  xen.build-compare.man.patch
+  xenpaging.doc.patch
+
+---
@@ -14 +27,2 @@
-- bsc#331 - VUL-0: CPU issues Q2 2019 aka "Group 4"
+- bsc#331 - VUL-0: CPU issues Q2 2019 aka "Group 4".
+  CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091

Old:

  xen.build-compare.man.patch
  xenpaging.doc.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.cJ5qPJ/_old  2019-06-22 11:04:38.691860740 +0200
+++ /var/tmp/diff_new_pack.cJ5qPJ/_new  2019-06-22 11:04:38.695860748 +0200
@@ -195,7 +195,6 @@
 Patch409:   xenstore-launch.patch
 # Needs to go upstream
 Patch420:   suspend_evtchn_lock.patch
-Patch421:   xenpaging.doc.patch
 Patch422:   stubdom-have-iovec.patch
 Patch423:   vif-route.patch
 Patch424:   gcc9-ignore-warnings.patch
@@ -228,7 +227,6 @@
 Patch601:   x86-ioapic-ack-default.patch
 Patch602:   x86-cpufreq-report.patch
 Patch621:   xen.build-compare.doc_html.patch
-Patch622:   xen.build-compare.man.patch
 Patch623:   ipxe-no-error-logical-not-parentheses.patch
 Patch624:   ipxe-use-rpm-opt-flags.patch
 # Build patches
@@ -285,6 +283,7 @@
 %ifarch %arm aarch64
 Requires:   qemu-arm
 %endif
+Requires:   %{name} = %{version}-%{release}
 Requires:   %{name}-libs = %{version}-%{release}
 Recommends: multipath-tools
 Requires:   python3
@@ -413,7 +412,6 @@
 %patch409 -p1
 # Needs to go upstream
 %patch420 -p1
-%patch421 -p1
 %patch422 -p1
 %patch423 -p1
 %patch424 -p1
@@ -446,7 +444,6 @@
 %patch601 -p1
 %patch602 -p1
 %patch621 -p1
-%patch622 -p1
 %patch623 -p1
 %patch624 -p1
 # Build patches

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2019-05-17 23:39:15

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.5148 (New)


Package is "xen"

Fri May 17 23:39:15 2019 rev:266 rq:702959 version:4.12.0_12

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2019-04-18 13:58:17.887992681 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new.5148/xen.changes2019-05-17 
23:39:19.322039407 +0200
@@ -1,0 +2,25 @@
+Tue May 14 15:35:17 UTC 2019 - Martin Liška 
+
+- Disable LTO (boo#1133296).
+
+---
+Mon May 13 20:20:00 UTC 2019 - oher...@suse.de
+
+- Remove arm32 from ExclusiveArch to fix build
+
+---
+Mon Apr 29 08:54:04 MDT 2019 - carn...@suse.com
+
+- bsc#331 - VUL-0: CPU issues Q2 2019 aka "Group 4"
+  xsa297-0a.patch
+  xsa297-0b.patch
+  xsa297-0c.patch
+  xsa297-0d.patch
+  xsa297-1.patch
+  xsa297-2.patch
+  xsa297-3.patch
+- Update 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch and
+  drop 5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch
+  Refresh 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch
+
+---

Old:

  5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch

New:

  xsa297-0a.patch
  xsa297-0b.patch
  xsa297-0c.patch
  xsa297-0d.patch
  xsa297-1.patch
  xsa297-2.patch
  xsa297-3.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.EPEEdb/_old  2019-05-17 23:39:21.242038352 +0200
+++ /var/tmp/diff_new_pack.EPEEdb/_new  2019-05-17 23:39:21.246038350 +0200
@@ -23,7 +23,7 @@
 %endif
 
 Name:   xen
-ExclusiveArch:  %ix86 x86_64 %arm aarch64
+ExclusiveArch:  %ix86 x86_64 aarch64
 %define changeset 38667
 %define xen_build_dir xen-4.12.0-testing
 #
@@ -127,7 +127,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.12.0_10
+Version:4.12.0_12
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0-only
@@ -174,8 +174,14 @@
 Patch10:5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch
 Patch11:5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch
 Patch12:5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch
-Patch13:5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch
-Patch14:5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch
+Patch13:5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch
+Patch29701: xsa297-0a.patch
+Patch29702: xsa297-0b.patch
+Patch29703: xsa297-0c.patch
+Patch29704: xsa297-0d.patch
+Patch29711: xsa297-1.patch
+Patch29712: xsa297-2.patch
+Patch29713: xsa297-3.patch
 # Our platform specific patches
 Patch400:   xen-destdir.patch
 Patch401:   vif-bridge-no-iptables.patch
@@ -387,7 +393,13 @@
 %patch11 -p1
 %patch12 -p1
 %patch13 -p1
-%patch14 -p1
+%patch29701 -p1
+%patch29702 -p1
+%patch29703 -p1
+%patch29704 -p1
+%patch29711 -p1
+%patch29712 -p1
+%patch29713 -p1
 # Our platform specific patches
 %patch400 -p1
 %patch401 -p1
@@ -443,6 +455,7 @@
 %patch9 -p1
 
 %build
+%define _lto_cflags %{nil}
 # JWF: Anthony's series to load BIOS from toolstack requires autogen.sh.
 # http://lists.xenproject.org/archives/html/xen-devel/2016-03/msg01626.html
 ./autogen.sh
@@ -785,12 +798,6 @@
 make -C xen install DEBUG_DIR=/boot DESTDIR=%{buildroot} CC=$CC %{?_smp_mflags}
 install_xen
 make -C xen clean
-echo > xen.files.txt
-# EFI depends on gcc47 or newer
-if test -d %{buildroot}/%{_datadir}/efi/$arch
-then
-   echo %{_datadir}/efi/$arch >> xen.files.txt
-fi
 %endif
 
 # On x86_64, qemu-xen was installed as /usr/lib/xen/bin/qemu-system-i386
@@ -945,7 +952,7 @@
 
 %if %{?with_dom0_support}0
 
-%files -f xen.files.txt
+%files
 %defattr(-,root,root)
 /boot/*
 %{_libdir}/efi

++ 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch ++
--- /var/tmp/diff_new_pack.EPEEdb/_old  2019-05-17 23:39:21.302038319 +0200
+++ /var/tmp/diff_new_pack.EPEEdb/_new  2019-05-17 23:39:21.306038317 +0200
@@ -1,6 +1,3 @@
-
-WARNING: Breaks Arm build! Fix is being discussed upstream.
-
 # Commit 597fbb8be6021440cd53493c14201c32671bade1
 # Date 2019-04-08 11:16:06 +0100
 # Author Andrew Cooper 
@@ -24,9 +21,54 @@
 Signed-off-by: Andrew Cooper 
 Reviewed-by: Jan Beulich 
 
+# Commit a6448adfd3d537aacbbd784e5bf1777ab3ff5f85
+# Date 2019-04-09 10:12:57 +0100
+# Author Andrew Cooper 
+# Committer Wei Liu 
+xen/cpu: Fix ARM build following c/s 597fbb8
+
+c/s 597fbb8 "xen/timers: Fix memory leak 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2019-04-18 13:57:59

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.5536 (New)


Package is "xen"

Thu Apr 18 13:57:59 2019 rev:265 rq:695298 version:4.12.0_10

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2019-04-04 12:05:40.969434536 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new.5536/xen.changes2019-04-18 
13:58:17.887992681 +0200
@@ -1,0 +2,45 @@
+Wed Apr 17 08:28:50 MDT 2019 - carn...@suse.com
+
+- bsc#1131811 - [XEN] internal error: libxenlight failed to create
+  new domain. This patch is a workaround for a systemd issue. See
+  patch header for additional comments.
+  xenstore-launch.patch
+
+---
+Thu Apr 11 16:29:39 MDT 2019 - carn...@suse.com
+
+- bsc#1125378 - [xen][pygrub] Can not restore sle11sp4 pv guest
+  after upgrading host from sle11sp4 to sle15sp1
+  pygrub-python3-conversion.patch
+- Fix "TypeError: virDomainDefineXML() argument 2 must be str or
+  None, not bytes" when converting VMs from using the xm/xend
+  toolstack to the libxl/libvirt toolstack. (bsc#1123378)
+  xen2libvirt.py
+
+---
+Mon Apr  8 08:13:04 MDT 2019 - carn...@suse.com
+
+- bsc#1124560 - Fully virtualized guests crash on boot
+  5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch
+- bsc#1121391 - GCC 9: xen build fails
+  5c8f752c-x86-e820-build-with-gcc9.patch
+- Upstream bug fixes (bsc#1027519)
+  5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch
+  5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch
+  5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch
+  5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch
+  5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch
+  5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch
+  5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch
+  5c9e63c5-credit2-SMT-idle-handling.patch
+  5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch
+  5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch
+  5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch
+  5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch
+
+---
+Thu Apr  4 08:53:02 UTC 2019 - oher...@suse.de
+
+- Install pkgconfig files into libdir instead of datadir
+
+---

New:

  5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch
  5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch
  5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch
  5c8f752c-x86-e820-build-with-gcc9.patch
  5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch
  5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch
  5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch
  5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch
  5c9e63c5-credit2-SMT-idle-handling.patch
  5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch
  5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch
  5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch
  5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch
  5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch
  xenstore-launch.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.U92DbZ/_old  2019-04-18 13:58:20.875993677 +0200
+++ /var/tmp/diff_new_pack.U92DbZ/_new  2019-04-18 13:58:20.875993677 +0200
@@ -127,7 +127,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.12.0_08
+Version:4.12.0_10
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0-only
@@ -162,6 +162,20 @@
 # For xen-libs
 Source99:   baselibs.conf
 # Upstream patches
+Patch1: 5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch
+Patch2: 5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch
+Patch3: 5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch
+Patch4: 5c8f752c-x86-e820-build-with-gcc9.patch
+Patch5: 5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch
+Patch6: 5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch
+Patch7: 5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch
+Patch8: 5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch
+Patch9: 5c9e63c5-credit2-SMT-idle-handling.patch
+Patch10:5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch
+Patch11:5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch
+Patch12:

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2019-04-04 12:05:32

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.3908 (New)


Package is "xen"

Thu Apr  4 12:05:32 2019 rev:264 rq:690700 version:4.12.0_08

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2019-04-01 12:33:45.293804083 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new.3908/xen.changes2019-04-04 
12:05:40.969434536 +0200
@@ -1,0 +2,27 @@
+Tue Apr  2 08:03:53 MDT 2019 - carn...@suse.com
+
+- Update to Xen 4.12.0 FCS release (fate#325107, fate#323901)
+  xen-4.12.0-testing-src.tar.bz2
+  * HVM/PVH and PV only Hypervisor: The Xen 4.12 release separates
+the HVM/PVH and PV code paths in Xen and provides KCONFIG
+options to build a PV only or HVM/PVH only hypervisor.
+  * QEMU Deprivilege (DM_RESTRICT): In Xen 4.12, this feature has
+been vastly improved.
+  * Argo - Hypervisor-Mediated data eXchange: Argo is a new inter-
+domain communication mechanism.
+  * Improvements to Virtual Machine Introspection: The VMI subsystem
+which allows detection of 0-day vulnerabilities has seen many
+functional and performance improvements.
+  * Credit 2 Scheduler: The Credit2 scheduler is now the Xen Project
+default scheduler.
+  * PVH Support: Grub2 boot support has been added to Xen and Grub2.
+  * PVH Dom0: PVH Dom0 support has now been upgraded from experimental
+to tech preview.
+  * The Xen 4.12 upgrade also includes improved IOMMU mapping code,
+which is designed to significantly improve the startup times of
+AMD EPYC based systems.
+  * The upgrade also features Automatic Dom0 Sizing which allows the
+setting of Dom0 memory size as a percentage of host memory (e.g.
+10%) or with an offset (e.g. 1G+10%).
+
+---



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.HjPiq8/_old  2019-04-04 12:05:45.441435720 +0200
+++ /var/tmp/diff_new_pack.HjPiq8/_new  2019-04-04 12:05:45.445435721 +0200
@@ -127,7 +127,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.12.0_07
+Version:4.12.0_08
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0-only

++ xen-4.12.0-testing-src.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/xen-4.12.0-testing/ChangeLog 
new/xen-4.12.0-testing/ChangeLog
--- old/xen-4.12.0-testing/ChangeLog2019-03-25 15:16:43.0 +0100
+++ new/xen-4.12.0-testing/ChangeLog2019-04-02 15:59:08.0 +0200
@@ -1,30 +1,7 @@
-commit 07c181c83e03a860d806305369cd677c24df9b78
-Author: Andrew Cooper 
-Date:   Thu Mar 21 19:36:48 2019 +
+commit 997d6248a9ae932d0dbaac8d8755c2b15fec25dc
+Author: Ian Jackson 
+Date:   Mon Apr 1 12:03:23 2019 +0100
 
-passthrough/vtd: Drop the "workaround_bios_bug" logic entirely
+README, xen/Makefile: Set version to 4.12.0
 
-It turns out that this code was previously dead.
-
-c/s dcf41790 " x86/mmcfg/drhd: Move acpi_mmcfg_init() call before calling
-acpi_parse_dmar()" resulted in PCI segment 0 now having been initialised
-enough for acpi_parse_one_drhd() to not take the
-
-  /* Skip checking if segment is not accessible yet. */
-
-path unconditionally.  However, some systems have DMAR tables which list
-devices which are disabled by user choice (in particular, Dell PowerEdge 
R740
-with I/O AT DMA disabled), and turning off all IOMMU functionality in this
-case is entirely unhelpful behaviour.
-
-Leave the warning which identifies the problematic devices, but drop the
-remaining logic.  This leaves the system in better overall state, and 
working
-in the same way that it did in previous releases.
-
-Reported-by: Igor Druzhinin 
-Signed-off-by: Andrew Cooper 
-Reviewed-by: Igor Druzhinin 
-Reviewed-by: Roger Pau Monné 
-Acked-by: George Dunlap 
-Release-acked-by: Juergen Gross 
-(cherry picked from commit 74dadb8556c6a0972fa422b5ae346589ace404b6)
+Signed-off-by: Ian Jackson 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/xen-4.12.0-testing/Config.mk 
new/xen-4.12.0-testing/Config.mk
--- old/xen-4.12.0-testing/Config.mk2019-03-25 15:16:43.0 +0100
+++ new/xen-4.12.0-testing/Config.mk2019-04-02 15:59:08.0 +0200
@@ -275,15 +275,15 @@
 MINIOS_UPSTREAM_URL ?= git://xenbits.xen.org/mini-os.git
 endif
 OVMF_UPSTREAM_REVISION ?= ef529e6ab7c31290a33045bb1f1837447cc0eb56
-QEMU_UPSTREAM_REVISION ?= 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2019-04-01 12:33:37

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.25356 (New)


Package is "xen"

Mon Apr  1 12:33:37 2019 rev:263 rq:688873 version:4.12.0_07

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2019-03-13 09:07:25.111435115 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new.25356/xen.changes   2019-04-01 
12:33:45.293804083 +0200
@@ -1,0 +2,54 @@
+Tue Mar 26 10:06:06 MDT 2019 - carn...@suse.com
+
+- bsc#1130485 - Please drop Requires on multipath-tools in
+  xen-tools. Now using Recommends multipath-tools.
+  xen.spec
+
+---
+Mon Mar 25 08:17:31 MDT 2019 - carn...@suse.com
+
+- Update to Xen 4.12.0 RC7 release (fate#325107, fate#323901)
+  xen-4.12.0-testing-src.tar.bz2
+
+---
+Wed Mar 20 09:48:26 MDT 2019 - carn...@suse.com
+
+- Update to Xen 4.12.0 RC6 release (fate#325107, fate#323901)
+  xen-4.12.0-testing-src.tar.bz2
+
+---
+Fri Mar 15 13:09:29 UTC 2019 - oher...@suse.de
+
+- bsc#1026236 - add Xen cmdline option "suse_vtsc_tolerance" to
+  avoid TSC emulation for HVM domUs if their expected frequency
+  does not match exactly the frequency of the receiving host
+  xen.bug1026236.suse_vtsc_tolerance.patch
+
+---
+Mon Mar 11 11:24:42 MDT 2019 - carn...@suse.com
+
+- Update to Xen 4.12.0 RC5 release (fate#325107, fate#323901)
+  xen-4.12.0-testing-src.tar.bz2
+
+---
+Mon Mar 11 05:58:59 MDT 2019 - carn...@suse.com
+
+- jsc#SLE-3059 - Disable Xen auto-ballooning
+- Add CONFIG_DOM0_MEM to the spec file for managing dom0 memory.
+  xen.spec
+- Disable autoballooning in xl.con
+  xl-conf-disable-autoballoon.patch
+
+---
+Thu Mar  7 17:55:20 UTC 2019 - oher...@suse.de
+
+- Update gcc9-ignore-warnings.patch to fix build in SLE12
+
+---
+Thu Mar  7 15:28:02 UTC 2019 - oher...@suse.de
+
+- bsc#1126325 - fix crash in libxl in error path
+  Setup of grant_tables and other variables may fail
+  libxl.prepare-environment-for-domcreate_stream_done.patch
+
+---

New:

  libxl.prepare-environment-for-domcreate_stream_done.patch
  xen.bug1026236.suse_vtsc_tolerance.patch
  xl-conf-disable-autoballoon.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.pd7zGq/_old  2019-04-01 12:33:48.205804830 +0200
+++ /var/tmp/diff_new_pack.pd7zGq/_new  2019-04-01 12:33:48.205804830 +0200
@@ -127,7 +127,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.12.0_04
+Version:4.12.0_07
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0-only
@@ -167,10 +167,11 @@
 Patch401:   vif-bridge-no-iptables.patch
 Patch402:   vif-bridge-tap-fix.patch
 Patch403:   xl-conf-default-bridge.patch
-Patch404:   xen-arch-kconfig-nr_cpus.patch
-Patch405:   suse-xendomains-service.patch
-Patch406:   replace-obsolete-network-configuration-commands-in-s.patch
-Patch407:   disable-building-pv-shim.patch
+Patch404:   xl-conf-disable-autoballoon.patch
+Patch405:   xen-arch-kconfig-nr_cpus.patch
+Patch406:   suse-xendomains-service.patch
+Patch407:   replace-obsolete-network-configuration-commands-in-s.patch
+Patch408:   disable-building-pv-shim.patch
 # Needs to go upstream
 Patch420:   suspend_evtchn_lock.patch
 Patch421:   xenpaging.doc.patch
@@ -195,12 +196,14 @@
 Patch465:   xen.libxl.dmmd.patch
 Patch466:   libxl.set-migration-constraints-from-cmdline.patch
 Patch467:   xenstore-run-in-studomain.patch
+Patch468:   libxl.prepare-environment-for-domcreate_stream_done.patch
 # python3 conversion patches
 Patch500:   build-python3-conversion.patch
 Patch501:   pygrub-python3-conversion.patch
 Patch502:   migration-python3-conversion.patch
 Patch503:   bin-python3-conversion.patch
 # Hypervisor and PV driver Patches
+Patch600:   xen.bug1026236.suse_vtsc_tolerance.patch
 Patch601:   x86-ioapic-ack-default.patch
 Patch602:   x86-cpufreq-report.patch
 Patch621:   xen.build-compare.doc_html.patch
@@ -262,7 +265,7 @@
 Requires:   qemu-arm
 %endif
 Requires:   %{name}-libs = %{version}-%{release}
-Requires:   

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2019-03-13 09:07:16

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.28833 (New)


Package is "xen"

Wed Mar 13 09:07:16 2019 rev:262 rq:682286 version:4.12.0_04

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2019-02-06 15:46:04.299308182 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new.28833/xen.changes   2019-03-13 
09:07:25.111435115 +0100
@@ -1,0 +2,22 @@
+Wed Mar  6 11:12:09 MST 2019 - carn...@suse.com
+
+- bsc#1127620 - Documentation for the xl configuration file allows
+  for firmware=pvgrub64 but we don't ship pvgrub64.
+  Create a link from grub.xen to pvgrub64
+  xen.spec
+
+---
+Mon Mar  4 14:58:18 MST 2019 - carn...@suse.com
+
+- Update to Xen 4.12.0 RC4 release (fate#325107, fate#323901)
+  xen-4.12.0-testing-src.tar.bz2
+- Tarball also contains additional post RC4 security fixes for
+  Xen Security Advisories 287, 288, and 290 through 294.
+
+---
+Tue Feb 19 08:11:38 MST 2019 - carn...@suse.com
+
+- Update to Xen 4.12.0 RC3 release (fate#325107, fate#323901)
+  xen-4.12.0-testing-src.tar.bz2
+
+---



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.vrRKFK/_old  2019-03-13 09:07:29.971434614 +0100
+++ /var/tmp/diff_new_pack.vrRKFK/_new  2019-03-13 09:07:29.975434613 +0100
@@ -127,7 +127,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.12.0_02
+Version:4.12.0_04
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0-only
@@ -940,7 +940,6 @@
 /usr/sbin/xenperf
 /usr/sbin/xenpm
 /usr/sbin/xenpmd
-/usr/sbin/xen-ringwatch
 /usr/sbin/xenstored
 /usr/sbin/xen-tmem-list-parse
 /usr/sbin/xentop
@@ -968,7 +967,6 @@
 %endif
 /usr/sbin/xen-list
 /usr/sbin/xen-destroy
-/usr/sbin/xen-bugtool
 /usr/sbin/xen-livepatch
 /usr/sbin/xen-diag
 %dir %attr(700,root,root) /etc/xen
@@ -1196,6 +1194,9 @@
 echo '# Xen boot parameters for non-recovery Xen boots (in addition to 
GRUB_CMDLINE_XEN)' >> /etc/default/grub
 echo 'GRUB_CMDLINE_XEN_DEFAULT=""' >> /etc/default/grub
 fi
+if [ -f /usr/lib/grub2/x86_64-xen/grub.xen -a ! -f 
/usr/lib/xen/boot/pvgrub64.bin ]; then
+ln -s /usr/lib/grub2/x86_64-xen/grub.xen /usr/lib/xen/boot/pvgrub64.bin
+fi
 
 %preun tools
 %service_del_preun xencommons.service

++ bin-python3-conversion.patch ++
--- /var/tmp/diff_new_pack.vrRKFK/_old  2019-03-13 09:07:30.015434609 +0100
+++ /var/tmp/diff_new_pack.vrRKFK/_new  2019-03-13 09:07:30.019434608 +0100
@@ -1,20 +1,3 @@
-Index: xen-4.10.0-testing/tools/misc/xen-bugtool
-===
 xen-4.10.0-testing.orig/tools/misc/xen-bugtool
-+++ xen-4.10.0-testing/tools/misc/xen-bugtool
-@@ -1,4 +1,4 @@
--#!/usr/bin/env python
-+#!/usr/bin/python3
- 
- #  -*- mode: python; -*-
- 
-@@ -13,5 +13,5 @@ if __name__ == "__main__":
- try:
- sys.exit(bugtool.main())
- except KeyboardInterrupt:
--print "\nInterrupted."
-+print("\nInterrupted.")
- sys.exit(1)
 Index: xen-4.10.0-testing/tools/misc/xencons
 ===
 --- xen-4.10.0-testing.orig/tools/misc/xencons
@@ -241,188 +224,6 @@
  sys.exit(1)
  
  sys.stdout.flush()
-Index: xen-4.10.0-testing/tools/misc/xen-ringwatch
-===
 xen-4.10.0-testing.orig/tools/misc/xen-ringwatch
-+++ xen-4.10.0-testing/tools/misc/xen-ringwatch
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/python3
- #
- # Copyright (C) 2011 Citrix Systems, Inc.
- #
-@@ -75,8 +75,8 @@ class XenBackend(object):
- def from_name(cls, name):
- match = cls._name_pattern.search(name)
- if not match:
--raise Exception, "Malformed %s name: %s" % \
--(type(self).__name__, name)
-+raise Exception("Malformed %s name: %s" % \
-+(type(self).__name__, name))
- 
- rd= match.group(1)
- devid = match.group(2)
-@@ -214,9 +214,9 @@ class RingState(object):
- match   = cls._size_pattern.search(_nr_ents)
- nr_ents = int(match.group(1))
- 
--except Exception, e:
--raise Exception, "Malformed %s input: %s (%s)" % \
--(cls.__name__, repr(s), str(e))
-+except Exception as e:
-+raise Exception("Malformed %s input: %s (%s)" % \
-+

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2019-02-06 15:45:56

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.28833 (New)


Package is "xen"

Wed Feb  6 15:45:56 2019 rev:261 rq:671220 version:4.12.0_02

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2019-01-15 13:16:29.504352260 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new.28833/xen.changes   2019-02-06 
15:46:04.299308182 +0100
@@ -1,0 +2,55 @@
+Mon Feb  4 12:34:57 MST 2019 - carn...@suse.com
+
+- Update to Xen 4.12.0 RC2 release (fate#325107, fate#323901)
+  xen-4.12.0-testing-src.tar.bz2
+
+---
+Fri Jan 25 12:53:37 MST 2019 - carn...@suse.com
+
+- bsc#1121391 - GCC 9: xen build fails
+  gcc9-ignore-warnings.patch
+
+---
+Thu Jan 24 09:39:18 MST 2019 - carn...@suse.com
+
+- bsc#1122563 - Virtualization/xen: Bug no Xen on boot, missing
+  /proc/xen, after 4.11 -> 4.12 upgrade on X86_64/efi.
+  Keep xen.efi in /usr/lib64/efi for booting older distros.
+  xen.spec
+
+---
+Fri Jan 18 10:51:12 MST 2019 - carn...@suse.com
+
+- fate#326960: Package grub2 as noarch.
+  As part of the effort to have a unified bootloader across
+  architectures, modify the xen.spec file to move the Xen efi files
+  to /usr/share/efi/$(uname -m) from /usr/lib64/efi.
+
+---
+Wed Jan 16 11:24:49 MST 2019 - carn...@suse.com
+
+- Update to Xen 4.12.0 RC1 release (fate#325107, fate#323901)
+  xen-4.12.0-testing-src.tar.bz2
+- Drop
+  5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch
+  5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch
+  
5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch
+  5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch
+  5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch
+  5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch
+  5b9784d2-x86-HVM-add-known_gla-helper.patch
+  5b9784f2-x86-HVM-split-page-straddling-accesses.patch
+  5bdc31d5-VMX-fix-vmx_handle_eoi.patch
+  gcc8-fix-array-warning-on-i586.patch
+  gcc8-fix-format-warning-on-i586.patch
+  gcc8-inlining-failed.patch
+  xen.bug1079730.patch
+
+---
+Tue Jan 15 13:38:13 MST 2019 - carn...@suse.com
+
+- bsc#1121960 - xen: sync with Factory
+  xen.spec
+  xen.changes
+
+---
@@ -120,2 +175,3 @@
-- bsc#1115040 - VUL-0: xen: insufficient TLB flushing / improper
-  large page mappings with AMD IOMMUs (XSA-275)
+- bsc#1115040 - VUL-0: CVE-2018-19961 CVE-2018-19962: xen:
+  insufficient TLB flushing / improper large page mappings with AMD
+  IOMMUs (XSA-275)
@@ -124,2 +180,2 @@
-- bsc#1115043 - VUL-0: xen: resource accounting issues in x86 IOREQ
-  server handling (XSA-276)
+- bsc#1115043 - VUL-0: CVE-2018-19963: xen: resource accounting
+  issues in x86 IOREQ server handling (XSA-276)
@@ -128,2 +184,2 @@
-- bsc#1115044 - VUL-0: xen: x86: incorrect error handling for guest
-  p2m page removals (XSA-277)
+- bsc#1115044 - VUL-0: CVE-2018-19964: xen: x86: incorrect error
+  handling for guest p2m page removals (XSA-277)
@@ -134,2 +190,2 @@
-- bsc#1115045 - VUL-0: xen: x86: DoS from attempting to use INVPCID
-  with a non-canonical addresses (XSA-279)
+- bsc#1115045 - VUL-0: xen: CVE-2018-19965: x86: DoS from attempting
+  to use INVPCID with a non-canonical addresses (XSA-279)
@@ -137,2 +193,2 @@
-- bsc#1115047 - VUL-0: xen: Fix for XSA-240 conflicts with shadow
-  paging (XSA-280)
+- bsc#1115047 - VUL-0: CVE-2018-19966: xen: Fix for XSA-240
+  conflicts with shadow paging (XSA-280)
@@ -141,2 +197,2 @@
-- bsc#1114988 - VUL-0: xen: guest use of HLE constructs may lock up
-  host (XSA-282)
+- bsc#1114988 - VUL-0: CVE-2018-19967: xen: guest use of HLE
+  constructs may lock up host (XSA-282)

Old:

  5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch
  5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch
  
5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch
  5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch
  5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch
  5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch
  5b9784d2-x86-HVM-add-known_gla-helper.patch
  5b9784f2-x86-HVM-split-page-straddling-accesses.patch
  5bdc31d5-VMX-fix-vmx_handle_eoi.patch
  gcc8-fix-array-warning-on-i586.patch
  gcc8-fix-format-warning-on-i586.patch
  gcc8-inlining-failed.patch
  xen-4.11.1-testing-src.tar.bz2
 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2019-01-15 13:16:28

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.28833 (New)


Package is "xen"

Tue Jan 15 13:16:28 2019 rev:260 rq:666052 version:4.11.1_02

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2019-01-08 12:18:39.948915069 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new.28833/xen.changes   2019-01-15 
13:16:29.504352260 +0100
@@ -1,0 +2,19 @@
+Sat Jan 12 14:06:02 UTC 2019 - Jan Engelhardt 
+
+- Replace old $RPM_* shell vars.
+- Run fdupes for all architectures, and not crossing
+  subvolume boundaries.
+
+---
+Thu Jan 10 10:57:44 UTC 2019 - Guillaume GARDET 
+
+- Do not run %fdupes on aarch64 to avoid the hardlink-across-partition
+  rpmlint error
+
+---
+Tue Jan  8 13:31:30 UTC 2019 - Guillaume GARDET 
+
+- Require qemu-seabios only on x86* as it is not available on non-x86
+  systems
+
+---



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.N8u43d/_old  2019-01-15 13:16:32.384349991 +0100
+++ /var/tmp/diff_new_pack.N8u43d/_new  2019-01-15 13:16:32.388349989 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package xen
 #
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -12,7 +12,7 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
 # needssslcertforbuild
 
@@ -130,7 +130,7 @@
 Version:4.11.1_02
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
-License:GPL-2.0
+License:GPL-2.0-only
 Group:  System/Kernel
 Source0:xen-4.11.1-testing-src.tar.bz2
 Source1:stubdom.tar.bz2
@@ -277,7 +277,9 @@
 Requires:   multipath-tools
 Requires:   python3
 Requires:   python3-curses
+%ifarch %{ix86} x86_64
 Requires:   qemu-seabios
+%endif
 # subpackage existed in 10.3
 Provides:   xen-tools-ioemu = %{version}
 Obsoletes:  xen-tools-ioemu < %{version}
@@ -461,8 +463,8 @@
 export WGET=$(type -P false)
 export FTP=$(type -P false)
 export GIT=$(type -P false)
-export EXTRA_CFLAGS_XEN_TOOLS="$RPM_OPT_FLAGS"
-export EXTRA_CFLAGS_QEMU_TRADITIONAL="$RPM_OPT_FLAGS"
+export EXTRA_CFLAGS_XEN_TOOLS="%{optflags}"
+export EXTRA_CFLAGS_QEMU_TRADITIONAL="%{optflags}"
 export SMBIOS_REL_DATE="$SMBIOS_REL_DATE"
 export RELDATE="$RELDATE"
 XEN_VERSION=$XEN_VERSION
@@ -534,19 +536,19 @@
 source ./.our_xenversion
 # tools
 make \
-   DESTDIR=$RPM_BUILD_ROOT \
+   DESTDIR=%{buildroot} \
SYSCONFIG_DIR=%{_fillupdir} \
%{?_smp_mflags} \
install
-find $RPM_BUILD_ROOT -ls
-for i in $RPM_BUILD_ROOT%{_fillupdir}/*
+find %{buildroot} -ls
+for i in %{buildroot}/%{_fillupdir}/*
 do
mv -v $i ${i%/*}/sysconfig.${i##*/}
 done
 
 #
-udev_rulesdir=$RPM_BUILD_ROOT%{_udevrulesdir}
-tools_domU_dir=$RPM_BUILD_ROOT%{_libexecdir}/%{name}-tools-domU
+udev_rulesdir=%{buildroot}/%{_udevrulesdir}
+tools_domU_dir=%{buildroot}/%{_libexecdir}/%{name}-tools-domU
 mkdir -p ${udev_rulesdir}
 mkdir -p ${tools_domU_dir}
 #
@@ -555,7 +557,7 @@
 SUBSYSTEM=="pci", 
ATTR{modalias}=="pci:v5853d0001sv5853sd0001bcFFsc80i00", 
TAG+="systemd", ENV{SYSTEMD_WANTS}+="%{name}-vcpu-watch.service"
 _EOR_
 #
-tee $RPM_BUILD_ROOT%{_unitdir}/%{name}-vcpu-watch.service <<'_EOS_'
+tee %{buildroot}/%{_unitdir}/%{name}-vcpu-watch.service <<'_EOS_'
 [Unit]
 Description=Listen to CPU online/offline events from dom0 toolstack
 
@@ -566,7 +568,7 @@
 RestartSec=2
 _EOS_
 #
-tee $RPM_BUILD_ROOT%{_libexecdir}/%{name}-tools-domU/%{name}-vcpu-watch.sh 
<<'_EOS_'
+tee %{buildroot}/%{_libexecdir}/%{name}-tools-domU/%{name}-vcpu-watch.sh 
<<'_EOS_'
 #!/bin/bash
 unset LANG
 unset ${!LC_*}
@@ -613,7 +615,7 @@
 done
 exit 1
 _EOS_
-chmod 755 
$RPM_BUILD_ROOT%{_libexecdir}/%{name}-tools-domU/%{name}-vcpu-watch.sh
+chmod 755 %{buildroot}/%{_libexecdir}/%{name}-tools-domU/%{name}-vcpu-watch.sh
 #
 tee ${udev_rulesdir}/60-persistent-xvd.rules <<'_EOR_'
 ACTION=="remove", GOTO="xvd_aliases_end"
@@ -631,7 +633,7 @@
 SUBSYSTEM=="xen", DEVPATH=="/devices/console-[0-9]", 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2019-01-08 12:18:34

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.28833 (New)


Package is "xen"

Tue Jan  8 12:18:34 2019 rev:259 rq:662517 version:4.11.1_02

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2018-12-10 12:27:04.798602401 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new.28833/xen.changes   2019-01-08 
12:18:39.948915069 +0100
@@ -1,0 +2,6 @@
+Thu Dec 27 18:16:54 UTC 2018 - Bernhard Wiedemann 
+
+- Avoid creating dangling symlinks (bsc#1116524)
+  This reverts the revert of tmp_build.patch
+
+---



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.J1cRQZ/_old  2019-01-08 12:18:41.588913531 +0100
+++ /var/tmp/diff_new_pack.J1cRQZ/_new  2019-01-08 12:18:41.588913531 +0100
@@ -889,8 +889,8 @@
 # "xl devd" has to be called manually in a driver domain
 find $RPM_BUILD_ROOT -name xendriverdomain.service -print -delete
 
-# Create symlinks for keymaps
-%fdupes -s $RPM_BUILD_ROOT
+# Create hardlinks for 3 .txt files and 1 .py
+%fdupes $RPM_BUILD_ROOT
 find $RPM_BUILD_ROOT -size 0 -delete
 
 %else

++ tmp_build.patch ++
--- /var/tmp/diff_new_pack.J1cRQZ/_old  2019-01-08 12:18:41.816913316 +0100
+++ /var/tmp/diff_new_pack.J1cRQZ/_new  2019-01-08 12:18:41.816913316 +0100
@@ -22,7 +22,7 @@
  
  xenstore: xenstore_client.o $(LIBXENSTORE)
$(CC) $< $(LDFLAGS) $(LDLIBS_libxenstore) $(LDLIBS_libxentoolcore) 
$(SOCKET_LIBS) -o $@ $(APPEND_LDFLAGS)
-+  $(CC) $< $(CFLAGS) $(LDFLAGS) -Wl,--build-id=uuid -L. -lxenstore 
$(LDLIBS_libxentoolcore) $(SOCKET_LIBS) -o domu-$@
++  $(CC) $< $(CFLAGS) $(LDFLAGS) -Wl,--build-id=sha1 -L. -lxenstore 
$(LDLIBS_libxentoolcore) $(SOCKET_LIBS) -o domu-$@
  
  xenstore-control: xenstore_control.o $(LIBXENSTORE)
$(CC) $< $(LDFLAGS) $(LDLIBS_libxenstore) $(LDLIBS_libxentoolcore) 
$(SOCKET_LIBS) -o $@ $(APPEND_LDFLAGS)

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2018-12-10 12:27:01

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.19453 (New)


Package is "xen"

Mon Dec 10 12:27:01 2018 rev:258 rq:654117 version:4.11.1_02

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2018-12-03 10:04:29.840033854 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new.19453/xen.changes   2018-12-10 
12:27:04.798602401 +0100
@@ -1,0 +2,82 @@
+Tue Dec  4 13:19:21 MST 2018 - carn...@suse.com
+
+- Update to Xen 4.11.1 bug fix release (bsc#1027519)
+  xen-4.11.1-testing-src.tar.bz2
+- 5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch
+  replaces xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch
+- 5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch
+  replaces xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch
+- Drop the following patches contained in the new tarball
+  5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch
+  5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch
+  5b3cab8e-2-VMX-improve-MSR-load-save-API.patch
+  5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch
+  5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch
+  5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch
+  5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch
+  5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch
+  5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch
+  5b3f8fa5-port-array_index_nospec-from-Linux.patch
+  5b4321f6-x86-correctly-set-nonlazy_xstate_used-when-loading-full-state.patch
+  5b4488e7-x86-spec-ctrl-cmdline-handling.patch
+  5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch
+  5b4c9a60-allow-cpu_down-to-be-called-earlier.patch
+  5b4db308-SVM-fix-cleanup-svm_inject_event.patch
+  5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch
+  5b5040f2-x86-AMD-distinguish-CU-from-HT.patch
+  5b505fe5-VMX-fix-find-msr-build.patch
+  5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch
+  5b508775-2-x86-possibly-bring-up-all-CPUs.patch
+  5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch
+  5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch
+  5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch
+  5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch
+  5b56feb1-hvm-Disallow-unknown-MSR_EFER-bits.patch
+  5b56feb2-spec-ctrl-Fix-the-parsing-of-xpti--on-fixed-Intel-hardware.patch
+  5b62ca93-VMX-avoid-hitting-BUG_ON.patch
+  5b6d84ac-x86-fix-improve-vlapic-read-write.patch
+  5b6d8ce2-x86-XPTI-parsing.patch
+  5b72fbbe-ARM-disable-grant-table-v2.patch
+  5b72fbbe-oxenstored-eval-order.patch
+  5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch
+  5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch
+  
5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch
+  5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch
+  5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch
+  
5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch
+  5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch
+  5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch
+  
5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch
+  5b72fbbf-x86-Make-spec-ctrl-no-a-global-disable-of-all-mitigations.patch
+  5b72fbbf-xl.conf-Add-global-affinity-masks.patch
+  5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch
+  5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch
+  5b75afef-x86-setup-avoid-OoB-E820-lookup.patch
+  5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch
+  5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch
+  5b8d5832-x86-assorted-array_index_nospec-insertions.patch
+  5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch
+  5bacae4b-x86-boot-allocate-extra-module-slot.patch
+  5bae44ce-x86-silence-false-log-messages.patch
+  5bb60c12-x86-split-opt_xpti.patch
+  5bb60c4f-x86-split-opt_pv_l1tf.patch
+  5bb60c74-x86-fix-xpti-and-pv-l1tf.patch
+  5bcf0722-x86-boot-enable-NMIs.patch
+  5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch
+  5bd076e9-x86-boot-init-debug-regs-correctly.patch
+  5bd076e9-x86-init-vcpu-debug-regs-correctly.patch
+  
5bd0e0cf-vvmx-Disallow-the-use-of-VT-x-instructions-when-nested-virt-is-disabled.patch
+  5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch
+  5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch
+  5be2a308-x86-extend-get_platform_badpages.patch
+  5be2a354-x86-work-around-HLE-host-lockup-erratum.patch
+  xsa275-1.patch
+  xsa275-2.patch
+  xsa276-1.patch
+  xsa276-2.patch
+  xsa277.patch
+  xsa279.patch
+  xsa280-1.patch
+  xsa280-2.patch
+

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2018-12-03 10:04:05

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new.19453 (New)


Package is "xen"

Mon Dec  3 10:04:05 2018 rev:257 rq:652068 version:4.11.0_09

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2018-11-13 16:23:56.974832220 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new.19453/xen.changes   2018-12-03 
10:04:29.840033854 +0100
@@ -1,0 +2,58 @@
+Wed Nov 21 15:44:39 MST 2018 - carn...@suse.com
+
+- bsc#1116524 - Package xen-tools-4.11.0_09-2.1.x86_64 broken:
+  Missing /bin/domu-xenstore.  This was broken because "make
+  package build reproducible" change. (boo#1047218, boo#1062303)
+  This fix reverses the change to this patch.
+  tmp_build.patch
+
+---
+Mon Nov 12 09:47:39 MST 2018 - carn...@suse.com
+
+- bsc#1115040 - VUL-0: xen: insufficient TLB flushing / improper
+  large page mappings with AMD IOMMUs (XSA-275)
+  xsa275-1.patch
+  xsa275-2.patch
+- bsc#1115043 - VUL-0: xen: resource accounting issues in x86 IOREQ
+  server handling (XSA-276)
+  xsa276-1.patch
+  xsa276-2.patch
+- bsc#1115044 - VUL-0: xen: x86: incorrect error handling for guest
+  p2m page removals (XSA-277)
+  xsa277.patch
+- bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even
+  when disabled (XSA-278)
+  5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch
+- bsc#1115045 - VUL-0: xen: x86: DoS from attempting to use INVPCID
+  with a non-canonical addresses (XSA-279)
+  xsa279.patch
+- bsc#1115047 - VUL-0: xen: Fix for XSA-240 conflicts with shadow
+  paging (XSA-280)
+  xsa280-1.patch
+  xsa280-2.patch
+- bsc#1114988 - VUL-0: xen: guest use of HLE constructs may lock up
+  host (XSA-282)
+  5be2a308-x86-extend-get_platform_badpages.patch
+  5be2a354-x86-work-around-HLE-host-lockup-erratum.patch
+- bsc#1108940 - L3: XEN SLE12-SP1 domU hang on SLE12-SP3 HV
+  5bdc31d5-VMX-fix-vmx_handle_eoi.patch
+- Upstream bug fixes (bsc#1027519)
+  5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch
+  5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch
+  5bacae4b-x86-boot-allocate-extra-module-slot.patch
+  5bae44ce-x86-silence-false-log-messages.patch
+  5bb60c12-x86-split-opt_xpti.patch
+  5bb60c4f-x86-split-opt_pv_l1tf.patch
+  5bb60c74-x86-fix-xpti-and-pv-l1tf.patch
+  5bcf0722-x86-boot-enable-NMIs.patch
+  5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch
+  5bd076e9-x86-boot-init-debug-regs-correctly.patch
+  5bd076e9-x86-init-vcpu-debug-regs-correctly.patch
+  5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch
+
+---
+Wed Oct 24 20:08:24 UTC 2018 - oher...@suse.de
+
+- Use SMBIOS_REL_DATE instead of SMBIOS_DATE for reproducible binaries
+
+---

New:

  5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch
  5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch
  5bacae4b-x86-boot-allocate-extra-module-slot.patch
  5bae44ce-x86-silence-false-log-messages.patch
  5bb60c12-x86-split-opt_xpti.patch
  5bb60c4f-x86-split-opt_pv_l1tf.patch
  5bb60c74-x86-fix-xpti-and-pv-l1tf.patch
  5bcf0722-x86-boot-enable-NMIs.patch
  5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch
  5bd076e9-x86-boot-init-debug-regs-correctly.patch
  5bd076e9-x86-init-vcpu-debug-regs-correctly.patch
  5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch
  5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch
  5bdc31d5-VMX-fix-vmx_handle_eoi.patch
  5be2a308-x86-extend-get_platform_badpages.patch
  5be2a354-x86-work-around-HLE-host-lockup-erratum.patch
  xsa275-1.patch
  xsa275-2.patch
  xsa276-1.patch
  xsa276-2.patch
  xsa277.patch
  xsa279.patch
  xsa280-1.patch
  xsa280-2.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.1BrBU4/_old  2018-12-03 10:04:31.752032107 +0100
+++ /var/tmp/diff_new_pack.1BrBU4/_new  2018-12-03 10:04:31.760032101 +0100
@@ -205,18 +205,42 @@
 Patch41:
5b72fbbf-x86-Make-spec-ctrl-no-a-global-disable-of-all-mitigations.patch
 Patch42:5b72fbbf-xl.conf-Add-global-affinity-masks.patch
 Patch43:5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch
-Patch44:5b75afef-x86-setup-avoid-OoB-E820-lookup.patch
-Patch45:5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch
-Patch46:5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch
-Patch47:5b8d5832-x86-assorted-array_index_nospec-insertions.patch
-Patch48:
5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2018-11-13 16:23:37

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Tue Nov 13 16:23:37 2018 rev:256 rq:647072 version:4.11.0_09

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2018-10-18 15:28:32.178841944 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2018-11-13 
16:23:56.974832220 +0100
@@ -1,0 +2,8 @@
+Wed Oct 24 08:21:01 UTC 2018 - Bernhard Wiedemann 
+
+- make package build reproducible (boo#1047218, boo#1062303)
+  * Set SMBIOS_REL_DATE
+  * Update tmp_build.patch to use SHA instead of random build-id
+  * Add reproducible.patch to use --no-insert-timestamp
+
+---

New:

  reproducible.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.kdvWrF/_old  2018-11-13 16:23:59.534827759 +0100
+++ /var/tmp/diff_new_pack.kdvWrF/_new  2018-11-13 16:23:59.538827752 +0100
@@ -268,6 +268,7 @@
 # Build patches
 Patch6: xen.stubdom.newlib.patch
 Patch8: tmp_build.patch
+Patch9: reproducible.patch
 Url:http://www.cl.cam.ac.uk/Research/SRG/netos/xen/
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 %define pyver %(python3 -c "import sys; print(sys.version[:3])")
@@ -517,6 +518,7 @@
 # Build patches
 %patch6 -p1
 %patch8 -p1
+%patch9 -p1
 
 %build
 # JWF: Anthony's series to load BIOS from toolstack requires autogen.sh.
@@ -553,7 +555,7 @@
 export GIT=$(type -P false)
 export EXTRA_CFLAGS_XEN_TOOLS="$RPM_OPT_FLAGS"
 export EXTRA_CFLAGS_QEMU_TRADITIONAL="$RPM_OPT_FLAGS"
-export SMBIOS_DATE="$SMBIOS_DATE"
+export SMBIOS_REL_DATE="$SMBIOS_DATE"
 export RELDATE="$RELDATE"
 XEN_VERSION=$XEN_VERSION
 XEN_SUBVERSION=$XEN_SUBVERSION

++ reproducible.patch ++
commit e4c8f21e198e739e279b274c17e9246ea9a6d8e5
Author: Bernhard M. Wiedemann 
Date:   Wed Oct 24 09:50:26 2018 +0200

x86/efi: Do not insert timestamps in efi files

in order to make builds reproducible.
See https://reproducible-builds.org/ for why this is good.

We only add the option, if ld understands it.

Signed-off-by: Bernhard M. Wiedemann 

diff --git a/Config.mk b/Config.mk
index 9b13e75a3e..46b064bcae 100644
--- a/Config.mk
+++ b/Config.mk
@@ -151,6 +151,14 @@ export XEN_HAS_BUILD_ID=y
 build_id_linker := --build-id=sha1
 endif
 
+ld-ver-timestamp = $(shell $(1) -mi386pep --no-insert-timestamp 2>&1 | \
+   grep -q no-insert-timestamp && echo n || echo y)
+ifeq ($(call ld-ver-timestamp,$(LD)),n)
+ld_no_insert_timestamp :=
+else
+ld_no_insert_timestamp := --no-insert-timestamp
+endif
+
 ifndef XEN_HAS_CHECKPOLICY
 CHECKPOLICY ?= checkpolicy
 XEN_HAS_CHECKPOLICY := $(shell $(CHECKPOLICY) -h 2>&1 | grep -q xen && 
echo y || echo n)
diff --git a/xen/arch/x86/Makefile b/xen/arch/x86/Makefile
index 162b0b94c0..866125a8ac 100644
--- a/xen/arch/x86/Makefile
+++ b/xen/arch/x86/Makefile
@@ -158,6 +158,7 @@ note.o: $(TARGET)-syms
 
 EFI_LDFLAGS = $(patsubst -m%,-mi386pep,$(LDFLAGS)) --subsystem=10
 EFI_LDFLAGS += --image-base=$(1) --stack=0,0 --heap=0,0 --strip-debug
+EFI_LDFLAGS += $(ld_no_insert_timestamp)
 EFI_LDFLAGS += --section-alignment=0x20 --file-alignment=0x20
 EFI_LDFLAGS += --major-image-version=$(XEN_VERSION)
 EFI_LDFLAGS += --minor-image-version=$(XEN_SUBVERSION)
++ tmp_build.patch ++
--- /var/tmp/diff_new_pack.kdvWrF/_old  2018-11-13 16:23:59.902827118 +0100
+++ /var/tmp/diff_new_pack.kdvWrF/_new  2018-11-13 16:23:59.902827118 +0100
@@ -22,7 +22,7 @@
  
  xenstore: xenstore_client.o $(LIBXENSTORE)
$(CC) $< $(LDFLAGS) $(LDLIBS_libxenstore) $(LDLIBS_libxentoolcore) 
$(SOCKET_LIBS) -o $@ $(APPEND_LDFLAGS)
-+  $(CC) $< $(CFLAGS) $(LDFLAGS) -Wl,--build-id=uuid -L. -lxenstore 
$(LDLIBS_libxentoolcore) $(SOCKET_LIBS) -o domu-$@
++  $(CC) $< $(CFLAGS) $(LDFLAGS) -Wl,--build-id=sha1 -L. -lxenstore 
$(LDLIBS_libxentoolcore) $(SOCKET_LIBS) -o domu-$@
  
  xenstore-control: xenstore_control.o $(LIBXENSTORE)
$(CC) $< $(LDFLAGS) $(LDLIBS_libxenstore) $(LDLIBS_libxentoolcore) 
$(SOCKET_LIBS) -o $@ $(APPEND_LDFLAGS)

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2018-10-18 15:28:30

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Thu Oct 18 15:28:30 2018 rev:255 rq:642003 version:4.11.0_09

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2018-09-18 11:39:18.528170496 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2018-10-18 
15:28:32.178841944 +0200
@@ -1,0 +2,8 @@
+Mon Oct 15 06:55:47 UTC 2018 - oher...@suse.de
+
+- Building with ncurses 6.1 will fail without
+  xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch
+- Building libxl acpi support on aarch64 with gcc 8.2 will fail without
+  xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch
+
+---

New:

  xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch
  xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.KwDSgJ/_old  2018-10-18 15:28:33.966839830 +0200
+++ /var/tmp/diff_new_pack.KwDSgJ/_new  2018-10-18 15:28:33.970839826 +0200
@@ -127,7 +127,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.11.0_08
+Version:4.11.0_09
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0
@@ -215,6 +215,8 @@
 Patch51:5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch
 Patch52:5b9784d2-x86-HVM-add-known_gla-helper.patch
 Patch53:5b9784f2-x86-HVM-split-page-straddling-accesses.patch
+Patch98:xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch
+Patch99:xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch
 # Our platform specific patches
 Patch400:   xen-destdir.patch
 Patch401:   vif-bridge-no-iptables.patch
@@ -462,6 +464,8 @@
 %patch51 -p1
 %patch52 -p1
 %patch53 -p1
+%patch98 -p1
+%patch99 -p1
 # Our platform specific patches
 %patch400 -p1
 %patch401 -p1

++ xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch ++
From: Christopher Clark 
Date: Wed, 18 Jul 2018 15:22:17 -0700
Subject: 2b50cdbc444c637575580dcfa6c9525a84d5cc62

tools/xentop : replace use of deprecated vwprintw

gcc-8.1 complains:

| xentop.c: In function 'print':
| xentop.c:304:4: error: 'vwprintw' is deprecated 
[-Werror=deprecated-declarations]
| vwprintw(stdscr, (curses_str_t)fmt, args);
| ^~~~

vw_printw (note the underscore) is a non-deprecated alternative.

Signed-off-by: Christopher Clark 
Acked-by: Wei Liu 
---
 tools/xenstat/xentop/xentop.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/tools/xenstat/xentop/xentop.c
+++ b/tools/xenstat/xentop/xentop.c
@@ -301,7 +301,7 @@ static void print(const char *fmt, ...)
if (!batch) {
if((current_row() < lines()-1)) {
va_start(args, fmt);
-   vwprintw(stdscr, (curses_str_t)fmt, args);
+   vw_printw(stdscr, (curses_str_t)fmt, args);
va_end(args);
}
} else {
++ xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch ++
>From b8f33431f3dd23fb43a879f4bdb4283fdc9465ad Mon Sep 17 00:00:00 2001
From: Christopher Clark 
Date: Thu, 16 Aug 2018 13:22:41 -0700
Subject: libxl/arm: Fix build on arm64 + acpi w/ gcc 8.2

Add zero-padding to #defined ACPI table strings that are copied.
Provides sufficient characters to satisfy the length required to
fully populate the destination and prevent array-bounds warnings.
Add BUILD_BUG_ON sizeof checks for compile-time length checking.

Signed-off-by: Christopher Clark 
Reviewed-by: Stefano Stabellini 
Acked-by: Wei Liu 
---
 tools/libxl/libxl_arm_acpi.c | 10 +++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/tools/libxl/libxl_arm_acpi.c b/tools/libxl/libxl_arm_acpi.c
index 636f724039..ba874c3d32 100644
--- a/tools/libxl/libxl_arm_acpi.c
+++ b/tools/libxl/libxl_arm_acpi.c
@@ -48,9 +48,9 @@ extern const unsigned char dsdt_anycpu_arm[];
 _hidden
 extern const int dsdt_anycpu_arm_len;
 
-#define ACPI_OEM_ID "Xen"
-#define ACPI_OEM_TABLE_ID "ARM"
-#define ACPI_ASL_COMPILER_ID "XL"
+#define ACPI_OEM_ID "Xen\0\0"
+#define ACPI_OEM_TABLE_ID "ARM\0\0\0\0"
+#define ACPI_ASL_COMPILER_ID "XL\0"
 
 enum {
 RSDP,

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2018-09-18 11:39:08

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Tue Sep 18 11:39:08 2018 rev:254 rq:635194 version:4.11.0_08

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2018-09-05 13:43:49.845806306 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2018-09-18 
11:39:18.528170496 +0200
@@ -1,0 +2,38 @@
+Tue Sep 11 13:29:58 MDT 2018 - carn...@suse.com
+
+- bsc#1106263 - L3: The affinity reporting via 'xl vcpu-list' is
+  apparently broken
+  
5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch
+  5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch
+  5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch
+
+---
+Tue Sep 11 07:47:57 MDT 2018 - carn...@suse.com
+
+- bsc#1094508 - L3: Kernel oops in fs/dcache.c called by
+  d_materialise_unique()
+  5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch
+  5b9784d2-x86-HVM-add-known_gla-helper.patch
+  5b9784f2-x86-HVM-split-page-straddling-accesses.patch
+- bsc#1103279 - (CVE-2018-15470) VUL-0: CVE-2018-15470: xen:
+  oxenstored does not apply quota-maxentity (XSA-272)
+  5b72fbbe-oxenstored-eval-order.patch
+- bsc#1103275 - (CVE-2018-15469) VUL-0: CVE-2018-15469: xen: Use of
+  v2 grant tables may cause crash on ARM (XSA-268)
+  5b72fbbe-ARM-disable-grant-table-v2.patch
+- Upstream patches from Jan (bsc#1027519)
+  5b6d84ac-x86-fix-improve-vlapic-read-write.patch
+  5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch
+  5b75afef-x86-setup-avoid-OoB-E820-lookup.patch
+  5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch
+  5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch
+  5b8d5832-x86-assorted-array_index_nospec-insertions.patch
+- Drop 5b741962-x86-write-to-correct-variable-in-parse_pv_l1tf.patch
+
+---
+Tue Aug 28 16:07:52 MDT 2018 - carn...@suse.com
+
+- bsc#1078292 - rpmbuild -ba SPECS/xen.spec with xen-4.9.1 failed
+  xen.spec
+
+---
@@ -14,2 +52,2 @@
-- bsc#1103276 - VUL-0: xen: x86: Incorrect MSR_DEBUGCTL handling
-  lets guests enable BTS (XSA-269)
+- bsc#1103276 - VUL-0: CVE-2018-15468: xen: x86: Incorrect
+  MSR_DEBUGCTL handling lets guests enable BTS (XSA-269)

Old:

  5b741962-x86-write-to-correct-variable-in-parse_pv_l1tf.patch

New:

  5b6d84ac-x86-fix-improve-vlapic-read-write.patch
  5b72fbbe-ARM-disable-grant-table-v2.patch
  5b72fbbe-oxenstored-eval-order.patch
  5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch
  5b75afef-x86-setup-avoid-OoB-E820-lookup.patch
  5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch
  5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch
  5b8d5832-x86-assorted-array_index_nospec-insertions.patch
  
5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch
  5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch
  5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch
  5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch
  5b9784d2-x86-HVM-add-known_gla-helper.patch
  5b9784f2-x86-HVM-split-page-straddling-accesses.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.RbomEQ/_old  2018-09-18 11:39:20.212168719 +0200
+++ /var/tmp/diff_new_pack.RbomEQ/_new  2018-09-18 11:39:20.216168715 +0200
@@ -83,6 +83,7 @@
 BuildRequires:  glib2-devel
 BuildRequires:  libaio-devel
 BuildRequires:  libbz2-devel
+BuildRequires:  libnl3-devel
 BuildRequires:  libpixman-1-0-devel
 BuildRequires:  libuuid-devel
 BuildRequires:  libxml2-devel
@@ -126,7 +127,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.11.0_04
+Version:4.11.0_08
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0
@@ -188,19 +189,32 @@
 Patch25:5b56feb1-hvm-Disallow-unknown-MSR_EFER-bits.patch
 Patch26:
5b56feb2-spec-ctrl-Fix-the-parsing-of-xpti--on-fixed-Intel-hardware.patch
 Patch27:5b62ca93-VMX-avoid-hitting-BUG_ON.patch
-Patch28:5b6d8ce2-x86-XPTI-parsing.patch
-Patch29:
5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch
-Patch30:
5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch
-Patch31:
5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch
-Patch32:
5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch
-Patch33: 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2018-07-10 16:13:22

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Tue Jul 10 16:13:22 2018 rev:251 rq:621168 version:4.10.1_08

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2018-07-02 23:30:44.733450521 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2018-07-10 
16:13:26.385722044 +0200
@@ -1,0 +2,8 @@
+Wed Jul  4 15:46:01 UTC 2018 - tr...@suse.de
+
+- Submit upstream patch libacpi: fixes for iasl >= 20180427
+  git commit 858dbaaeda33b05c1ac80aea0ba9a03924e09005
+A xen_fix_build_with_acpica_20180427_and_new_packages.patch
+  This is needed for acpica package to get updated in our build service
+
+---

New:

  xen_fix_build_with_acpica_20180427_and_new_packages.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.QvyWhs/_old  2018-07-10 16:13:28.417718878 +0200
+++ /var/tmp/diff_new_pack.QvyWhs/_new  2018-07-10 16:13:28.417718878 +0200
@@ -195,6 +195,7 @@
 Patch32:5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch
 Patch33:
5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch
 Patch34:5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch
+Patch35:xen_fix_build_with_acpica_20180427_and_new_packages.patch
 # XPTI speedup
 Patch51:5aec7393-1-x86-xpti-avoid-copy.patch
 Patch52:5aec7393-2-x86-xpti-write-cr3.patch
@@ -465,6 +466,7 @@
 %patch32 -p1
 %patch33 -p1
 %patch34 -p1
+%patch35 -p1
 %patch51 -p1
 %patch52 -p1
 %patch53 -p1

++ xen_fix_build_with_acpica_20180427_and_new_packages.patch ++
From: Roger Pau Monné 
Subject: libacpi: fixes for iasl >= 20180427
References: fix builds with latest acpica package
Patch-Mainline: 4.11.0-rc4^0
Git-commit: 858dbaaeda33b05c1ac80aea0ba9a03924e09005
Git-repo: git://xenbits.xen.org/xen.git

New versions of iasl have introduced improved C file generation, as
reported in the changelog:

iASL: Enhanced the -tc option (which creates an AML hex file in C,
suitable for import into a firmware project):
  1) Create a unique name for the table, to simplify use of multiple
SSDTs.
  2) Add a protection #ifdef in the file, similar to a .h header file.

The net effect of that on generated files is:

-unsigned char AmlCode[] =
+#ifndef __SSDT_S4_HEX__
+#define __SSDT_S4_HEX__
+
+unsigned char ssdt_s4_aml_code[] =

The above example is from ssdt_s4.asl.

Fix the build with newer versions of iasl by stripping the '_aml_code'
suffix from the variable name on generated files.

Signed-off-by: Roger Pau Monné 
Reviewed-by: Wei Liu 
Acked-by: Andrew Cooper 
Release-acked-by: Juergen Gross 

Signed-off-by: Thomas Renninger 

diff --git a/tools/libacpi/Makefile b/tools/libacpi/Makefile
index a47a658..c17f392 100644
--- a/tools/libacpi/Makefile
+++ b/tools/libacpi/Makefile
@@ -43,7 +43,7 @@ all: $(C_SRC) $(H_SRC)
 
 $(H_SRC): $(ACPI_BUILD_DIR)/%.h: %.asl iasl
iasl -vs -p $(ACPI_BUILD_DIR)/$*.$(TMP_SUFFIX) -tc $<
-   sed -e 's/AmlCode/$*/g' $(ACPI_BUILD_DIR)/$*.hex >$@
+   sed -e 's/AmlCode/$*/g' -e 's/_aml_code//g' $(ACPI_BUILD_DIR)/$*.hex >$@
rm -f $(addprefix $(ACPI_BUILD_DIR)/, $*.aml $*.hex)
  
 $(MK_DSDT): mk_dsdt.c
@@ -76,7 +76,7 @@ $(ACPI_BUILD_DIR)/dsdt_anycpu_arm.asl: $(MK_DSDT)
 
 $(C_SRC): $(ACPI_BUILD_DIR)/%.c: iasl $(ACPI_BUILD_DIR)/%.asl
iasl -vs -p $(ACPI_BUILD_DIR)/$*.$(TMP_SUFFIX) -tc 
$(ACPI_BUILD_DIR)/$*.asl
-   sed -e 's/AmlCode/$*/g' $(ACPI_BUILD_DIR)/$*.hex > $@.$(TMP_SUFFIX)
+   sed -e 's/AmlCode/$*/g' -e 's/_aml_code//g' $(ACPI_BUILD_DIR)/$*.hex > 
$@.$(TMP_SUFFIX)
echo "int $*_len=sizeof($*);" >> $@.$(TMP_SUFFIX)
mv -f $@.$(TMP_SUFFIX) $@
rm -f $(addprefix $(ACPI_BUILD_DIR)/, $*.aml $*.hex)

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2018-07-02 23:30:29

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Mon Jul  2 23:30:29 2018 rev:250 rq:619824 version:4.10.1_08

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2018-06-08 23:08:45.490595786 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2018-07-02 
23:30:44.733450521 +0200
@@ -1,0 +2,62 @@
+Fri Jun 29 08:35:34 MDT 2018 - carn...@suse.com
+
+- Upstream patches from Jan (bsc#1027519)
+  5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-1.patch)
+  5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch (Replaces 
Spectre-v4-2.patch)
+  5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch (Replaces 
Spectre-v4-3.patch)
+  5b0bc9da-x86-XPTI-fix-S3-resume.patch
+  5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x8008.patch
+  5b0d2d91-x86-suppress-sync-when-XPTI-off.patch
+  5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch
+  5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch
+  5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch
+  5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch (Replaces 
xsa267-1.patch)
+  5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch (Replaces 
xsa267-2.patch)
+  5b238b92-x86-HVM-account-for-fully-eager-FPU.patch
+  5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
+  5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch
+  5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
+  5b34882d-x86-mm-dont-bypass-preemption-checks.patch (Replaces xsa264.patch)
+  5b348874-x86-refine-checks-in-DB-handler.patch (Replaces xsa265.patch)
+  5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch (Replaces 
xsa266-1-<>.patch)
+  5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch (Replaces 
xsa266-2-<>.patch)
+  5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch
+  5b348954-x86-guard-against-NM.patch
+
+---
+Mon Jun 25 09:50:31 UTC 2018 - oher...@suse.de
+
+- Fix more build gcc8 related failures with xen.fuzz-_FORTIFY_SOURCE.patch
+
+---
+Mon Jun 25 09:44:25 UTC 2018 - oher...@suse.de
+
+- bsc#1098403 - fix regression introduced by changes for bsc#1079730
+  a PV domU without qcow2 and/or vfb has no qemu attached.
+  Ignore QMP errors for PV domUs to handle PV domUs with and without
+  an attached qemu-xen.
+  xen.bug1079730.patch
+
+---
+Mon Jun 18 14:57:06 MDT 2018 - carn...@suse.com
+
+- bsc#1097521 - VUL-0: CVE-2018-12891: xen: preemption checks
+  bypassed in x86 PV MM handling (XSA-264)
+  xsa264.patch
+- bsc#1097522 - VUL-0: CVE-2018-12893: xen: x86: #DB exception
+  safety check can be triggered by a guest (XSA-265)
+  xsa265.patch
+- bsc#1097523 - VUL-0: CVE-2018-12892: xen: libxl fails to honour
+  readonly flag on HVM emulated SCSI disks (XSA-266)
+  xsa266-1-libxl-qemu_disk_scsi_drive_string-Break-out-common-p.patch
+  xsa266-2-libxl-restore-passing-readonly-to-qemu-for-SCSI-disk.patch
+
+---
+Wed Jun 13 14:20:14 MDT 2018 - carn...@suse.com
+
+- bsc#1095242 - VUL-0: CVE-2018-3665: xen: Lazy FP Save/Restore
+  (XSA-267)
+  xsa267-1.patch
+  xsa267-2.patch
+
+---
@@ -11 +73 @@
-  Bypass aka "Memory Disambiguation"
+  Bypass aka "Memory Disambiguation" (XSA-263)
@@ -31 +93 @@
-- always call qemus xen-save-devices-state in suspend/resume to
+- Always call qemus xen-save-devices-state in suspend/resume to
@@ -39,0 +102,3 @@
+- bsc#1087289 - L3: Xen BUG at sched_credit.c:1663
+  5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch
+  5aeaeaf0-sched-fix-races-in-vcpu-migration.patch
@@ -48,2 +112,0 @@
-  5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch
-  5aeaeaf0-sched-fix-races-in-vcpu-migration.patch

Old:

  Spectre-v4-1.patch
  Spectre-v4-2.patch
  Spectre-v4-3.patch

New:

  5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch
  5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch
  5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch
  5b0bc9da-x86-XPTI-fix-S3-resume.patch
  5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x8008.patch
  5b0d2d91-x86-suppress-sync-when-XPTI-off.patch
  5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch
  5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch
  5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch
  5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch
  5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch
  

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2018-06-08 23:08:33

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Fri Jun  8 23:08:33 2018 rev:249 rq:613995 version:4.10.1_02

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2018-05-25 21:36:12.634366084 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2018-06-08 
23:08:45.490595786 +0200
@@ -1,0 +2,6 @@
+Fri Jun  1 10:27:44 MDT 2018 - carn...@suse.com
+
+- bsc#1092543 - GCC 8: xen build fails
+  gcc8-fix-warning-on-i586.patch
+
+---

New:

  gcc8-fix-warning-on-i586.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.rjpk1P/_old  2018-06-08 23:08:48.338492972 +0200
+++ /var/tmp/diff_new_pack.rjpk1P/_new  2018-06-08 23:08:48.374491672 +0200
@@ -129,7 +129,7 @@
 Version:4.10.1_02
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
-License:GPL-2.0
+License:GPL-2.0-only
 Group:  System/Kernel
 Source0:xen-4.10.1-testing-src.tar.bz2
 Source1:stubdom.tar.bz2
@@ -231,6 +231,7 @@
 Patch422:   stubdom-have-iovec.patch
 Patch423:   vif-route.patch
 Patch424:   gcc8-inlining-failed.patch
+Patch425:   gcc8-fix-warning-on-i586.patch
 # Other bug fixes or features
 Patch451:   xenconsole-no-multiple-connections.patch
 Patch452:   hibernate.patch
@@ -480,6 +481,7 @@
 %patch422 -p1
 %patch423 -p1
 %patch424 -p1
+%patch425 -p1
 # Other bug fixes or features
 %patch451 -p1
 %patch452 -p1

++ gcc8-fix-warning-on-i586.patch ++
>From bc2c1eab55a34acc054ec6dbeb0184a599323478 Mon Sep 17 00:00:00 2001
From: marxin 
Date: Fri, 1 Jun 2018 13:29:59 +0200
Subject: [PATCH] Fix GCC 8 warning on i586:

xenpmd.c: In function 'write_battery_info_to_xenstore':
xenpmd.c:354:23: error: '%02x' directive output may be truncated writing 
between 2 and 8 bytes into a region of size 3 [-Werror=format-truncation=]
 snprintf(val, 3, "%02x",
   ^~~~
xenpmd.c:354:22: note: directive argument in the range [40, 2147483778]
 snprintf(val, 3, "%02x",
  ^~
In file included from /usr/include/stdio.h:862,
 from xenpmd.c:35:
/usr/include/bits/stdio2.h:64:10: note: '__builtin___snprintf_chk' output 
between 3 and 9 bytes into a destination of size 3
   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
  ^~~~
__bos (__s), __fmt, __va_arg_pack ());
~
---
 tools/xenpmd/xenpmd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/xenpmd/xenpmd.c b/tools/xenpmd/xenpmd.c
index 56412a9a81..e49de1aee6 100644
--- a/tools/xenpmd/xenpmd.c
+++ b/tools/xenpmd/xenpmd.c
@@ -356,7 +356,7 @@ void write_battery_info_to_xenstore(struct battery_info 
*info)
 strlen(info->model_number) +
 strlen(info->serial_number) +
 strlen(info->battery_type) +
-strlen(info->oem_info) + 4));
+strlen(info->oem_info) + 4) & 0xff);
 write_ulong_lsb_first(val+2, info->present);
 write_ulong_lsb_first(val+10, info->design_capacity);
 write_ulong_lsb_first(val+18, info->last_full_capacity);
-- 
2.17.0

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2018-05-13 15:55:00

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Sun May 13 15:55:00 2018 rev:247 rq:605943 version:4.10.0_20

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2018-04-27 16:00:39.633358022 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2018-05-13 
15:55:05.864152498 +0200
@@ -1,0 +2,29 @@
+Wed May  9 08:32:42 MDT 2018 - carn...@suse.com
+
+- bsc#1092543 - GCC 8: xen build fails
+  5ac72a48-gcc8.patch
+  5ac72a5f-gcc8.patch
+  5ac72a64-gcc8.patch
+  5ac72a69-gcc8.patch
+  5ac72a6e-gcc8.patch
+  5ac72a74-gcc8.patch
+  5ac72a7b-gcc8.patch
+  gcc8-inlining-failed.patch
+
+---
+Wed Apr 25 09:45:03 MDT 2018 - carn...@suse.com
+
+- bsc#1090820 - VUL-0: CVE-2018-8897: xen: x86: mishandling of
+  debug exceptions (XSA-260)
+  xsa260-1.patch
+  xsa260-2.patch
+  xsa260-3.patch
+  xsa260-4.patch
+- bsc#1090822 - VUL-0: xen: x86 vHPET interrupt injection errors
+  (XSA-261)
+  xsa261.patch
+- bsc#1090823 - VUL-0: xen: qemu may drive Xen into unbounded loop
+  (XSA-262)
+  xsa262.patch
+
+---
@@ -4,2 +33,2 @@
-- bsc#1089152 - VUL-0: xen: Information leak via crafted
-  user-supplied CDROM (XSA-258)
+- bsc#1089152 - VUL-0: CVE-2018-10472: xen: Information leak via
+  crafted user-supplied CDROM (XSA-258)
@@ -7,2 +36,2 @@
-- bsc#1089635 - VUL-0: xen: x86: PV guest may crash Xen with XPTI
-  (XSA-259)
+- bsc#1089635 - VUL-0: CVE-2018-10471: xen: x86: PV guest may crash
+  Xen with XPTI (XSA-259)

New:

  5ac72a48-gcc8.patch
  5ac72a5f-gcc8.patch
  5ac72a64-gcc8.patch
  5ac72a69-gcc8.patch
  5ac72a6e-gcc8.patch
  5ac72a74-gcc8.patch
  5ac72a7b-gcc8.patch
  gcc8-inlining-failed.patch
  xsa260-1.patch
  xsa260-2.patch
  xsa260-3.patch
  xsa260-4.patch
  xsa261.patch
  xsa262.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.lVeVER/_old  2018-05-13 15:55:08.912041275 +0200
+++ /var/tmp/diff_new_pack.lVeVER/_new  2018-05-13 15:55:08.912041275 +0200
@@ -126,7 +126,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.10.0_18
+Version:4.10.0_20
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0
@@ -224,8 +224,21 @@
 Patch61:5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch
 Patch62:5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch
 Patch63:5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch
+Patch64:5ac72a48-gcc8.patch
+Patch65:5ac72a5f-gcc8.patch
+Patch66:5ac72a64-gcc8.patch
+Patch67:5ac72a69-gcc8.patch
+Patch68:5ac72a6e-gcc8.patch
+Patch69:5ac72a74-gcc8.patch
+Patch70:5ac72a7b-gcc8.patch
 Patch258:   xsa258.patch
 Patch259:   xsa259.patch
+Patch26001: xsa260-1.patch
+Patch26002: xsa260-2.patch
+Patch26003: xsa260-3.patch
+Patch26004: xsa260-4.patch
+Patch261:   xsa261.patch
+Patch262:   xsa262.patch
 # Our platform specific patches
 Patch400:   xen-destdir.patch
 Patch401:   vif-bridge-no-iptables.patch
@@ -239,6 +252,7 @@
 Patch421:   xenpaging.doc.patch
 Patch422:   stubdom-have-iovec.patch
 Patch423:   vif-route.patch
+Patch424:   gcc8-inlining-failed.patch
 # Other bug fixes or features
 Patch451:   xenconsole-no-multiple-connections.patch
 Patch452:   hibernate.patch
@@ -479,8 +493,21 @@
 %patch61 -p1
 %patch62 -p1
 %patch63 -p1
+%patch64 -p1
+%patch65 -p1
+%patch66 -p1
+%patch67 -p1
+%patch68 -p1
+%patch69 -p1
+%patch70 -p1
 %patch258 -p1
 %patch259 -p1
+%patch26001 -p1
+%patch26002 -p1
+%patch26003 -p1
+%patch26004 -p1
+%patch261 -p1
+%patch262 -p1
 # Our platform specific patches
 %patch400 -p1
 %patch401 -p1
@@ -494,6 +521,7 @@
 %patch421 -p1
 %patch422 -p1
 %patch423 -p1
+%patch424 -p1
 # Other bug fixes or features
 %patch451 -p1
 %patch452 -p1

++ 5ac72a48-gcc8.patch ++
Subject: tools/libxc: fix strncpy size
From: Marek Marczykowski-Górecki marma...@invisiblethingslab.com Thu Apr 5 
03:50:49 2018 +0200
Date: Fri Apr 6 09:05:28 2018 +0100:
Git: fa7789ef18bd2e716997937af71b2e4b5b00a159

gcc-8 warns about possible truncation of trailing '\0'.
Final character is overridden by '\0' anyway, so don't bother to copy
it.

This fixes compile failure:

xc_pm.c: In function 'xc_set_cpufreq_gov':
xc_pm.c:308:5: error: 'strncpy' specified bound 16 equals destination size 
[-Werror=stringop-truncation]
 strncpy(scaling_governor, govname, 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2018-04-27 16:00:36

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Fri Apr 27 16:00:36 2018 rev:246 rq:601072 version:4.10.0_18

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2018-03-30 12:00:43.480265750 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2018-04-27 
16:00:39.633358022 +0200
@@ -1,0 +2,16 @@
+Mon Apr 16 14:03:24 MDT 2018 - carn...@suse.com
+
+- bsc#1089152 - VUL-0: xen: Information leak via crafted
+  user-supplied CDROM (XSA-258)
+  xsa258.patch
+- bsc#1089635 - VUL-0: xen: x86: PV guest may crash Xen with XPTI
+  (XSA-259)
+  xsa259.patch
+
+---
+Wed Mar 28 08:28:59 UTC 2018 - oher...@suse.de
+
+- Preserve xen-syms from xen-dbg.gz to allow processing vmcores
+  with crash(1) (bsc#1087251)
+
+---

New:

  xsa258.patch
  xsa259.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.bxKPP6/_old  2018-04-27 16:00:46.281114042 +0200
+++ /var/tmp/diff_new_pack.bxKPP6/_new  2018-04-27 16:00:46.289113748 +0200
@@ -126,7 +126,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.10.0_16
+Version:4.10.0_18
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0
@@ -224,6 +224,8 @@
 Patch61:5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch
 Patch62:5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch
 Patch63:5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch
+Patch258:   xsa258.patch
+Patch259:   xsa259.patch
 # Our platform specific patches
 Patch400:   xen-destdir.patch
 Patch401:   vif-bridge-no-iptables.patch
@@ -477,6 +479,8 @@
 %patch61 -p1
 %patch62 -p1
 %patch63 -p1
+%patch258 -p1
+%patch259 -p1
 # Our platform specific patches
 %patch400 -p1
 %patch401 -p1
@@ -815,6 +819,8 @@
 find $RPM_BUILD_ROOT/boot -ls
 if [ -n "$1" ]; then
 ext="-$1"
+mv $RPM_BUILD_ROOT/boot/xen-syms-${XEN_FULLVERSION} \
+   $RPM_BUILD_ROOT/boot/xen-syms${ext}-${XEN_FULLVERSION}
 mv $RPM_BUILD_ROOT/boot/xen-${XEN_FULLVERSION}%{xen_install_suffix} \

$RPM_BUILD_ROOT/boot/xen${ext}-${XEN_FULLVERSION}%{xen_install_suffix}
 if test -d $RPM_BUILD_ROOT%{_libdir}/efi; then

++ libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch ++
--- /var/tmp/diff_new_pack.bxKPP6/_old  2018-04-27 16:00:47.845056643 +0200
+++ /var/tmp/diff_new_pack.bxKPP6/_new  2018-04-27 16:00:47.849056497 +0200
@@ -87,7 +87,7 @@
 ===
 --- xen-4.10.0-testing.orig/tools/libxl/libxl_dm.c
 +++ xen-4.10.0-testing/tools/libxl/libxl_dm.c
-@@ -805,6 +805,19 @@ enum {
+@@ -792,6 +792,19 @@ enum {
  LIBXL__COLO_SECONDARY,
  };
  
@@ -107,7 +107,7 @@
  static char *qemu_disk_scsi_drive_string(libxl__gc *gc, const char 
*target_path,
   int unit, const char *format,
   const libxl_device_disk *disk,
-@@ -818,8 +831,8 @@ static char *qemu_disk_scsi_drive_string
+@@ -805,8 +818,8 @@ static char *qemu_disk_scsi_drive_string
  switch (colo_mode) {
  case LIBXL__COLO_NONE:
  drive = libxl__sprintf
@@ -118,7 +118,7 @@
  break;
  case LIBXL__COLO_PRIMARY:
  /*
-@@ -832,13 +845,15 @@ static char *qemu_disk_scsi_drive_string
+@@ -819,13 +832,15 @@ static char *qemu_disk_scsi_drive_string
   *  vote-threshold=1
   */
  drive = GCSPRINTF(
@@ -136,7 +136,7 @@
  break;
  case LIBXL__COLO_SECONDARY:
  /*
-@@ -852,7 +867,7 @@ static char *qemu_disk_scsi_drive_string
+@@ -839,7 +854,7 @@ static char *qemu_disk_scsi_drive_string
   *  file.backing.backing=exportname,
   */
  drive = GCSPRINTF(
@@ -145,7 +145,7 @@
  "driver=replication,"
  "mode=secondary,"
  "top-id=top-colo,"
-@@ -861,7 +876,9 @@ static char *qemu_disk_scsi_drive_string
+@@ -848,7 +863,9 @@ static char *qemu_disk_scsi_drive_string
  "file.backing.driver=qcow2,"
  "file.backing.file.filename=%s,"
  "file.backing.backing=%s",
@@ -156,7 +156,7 @@
  break;
  default:
  abort();
-@@ -883,8 +900,8 @@ static char *qemu_disk_ide_drive_string(
+@@ -870,8 +887,8 @@ static char *qemu_disk_ide_drive_string(
  switch (colo_mode) {
  case LIBXL__COLO_NONE:
  drive = 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2018-03-30 12:00:34

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Fri Mar 30 12:00:34 2018 rev:245 rq:591751 version:4.10.0_16

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2018-03-20 21:50:48.542316318 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2018-03-30 
12:00:43.480265750 +0200
@@ -1,0 +2,12 @@
+Mon Mar 26 08:20:45 MDT 2018 - carn...@suse.com
+
+- Upstream patches from Jan (bsc#1027519) and fixes related to
+  Page Table Isolation (XPTI). See also bsc#1074562 XSA-254
+  5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch
+  5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch
+  5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch
+  5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch
+  5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch
+  5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch
+
+---

New:

  5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch
  5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch
  5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch
  5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch
  5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch
  5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.XjVnAv/_old  2018-03-30 12:00:46.148169274 +0200
+++ /var/tmp/diff_new_pack.XjVnAv/_new  2018-03-30 12:00:46.152169129 +0200
@@ -126,7 +126,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.10.0_14
+Version:4.10.0_16
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0
@@ -211,13 +211,19 @@
 Patch48:
5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch
 Patch49:5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch
 Patch50:5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch
-Patch51:5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch
-Patch52:5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch
-Patch53:5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch
-Patch54:5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch
-Patch55:5a955800-gnttab-dont-free-status-pages-on-ver-change.patch
-Patch56:5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch
-Patch57:
5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch
+Patch51:5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch
+Patch52:5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch
+Patch53:5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch
+Patch54:5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch
+Patch55:5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch
+Patch56:5a955800-gnttab-dont-free-status-pages-on-ver-change.patch
+Patch57:5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch
+Patch58:
5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch
+Patch59:5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch
+Patch60:5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch
+Patch61:5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch
+Patch62:5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch
+Patch63:5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch
 # Our platform specific patches
 Patch400:   xen-destdir.patch
 Patch401:   vif-bridge-no-iptables.patch
@@ -465,6 +471,12 @@
 %patch55 -p1
 %patch56 -p1
 %patch57 -p1
+%patch58 -p1
+%patch59 -p1
+%patch60 -p1
+%patch61 -p1
+%patch62 -p1
+%patch63 -p1
 # Our platform specific patches
 %patch400 -p1
 %patch401 -p1

++ 5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch ++
# Commit 422588e88511d17984544c0f017a927de3315290
# Date 2018-02-15 11:08:27 +
# Author Andrew Cooper 
# Committer Andrew Cooper 
x86/xpti: Hide almost all of .text and all .data/.rodata/.bss mappings

The current XPTI implementation isolates the directmap (and therefore a lot of
guest data), but a large quantity of CPU0's state (including its stack)
remains visible.

Furthermore, an attacker able to read .text is in a vastly superior position
to normal when it comes to fingerprinting Xen for known vulnerabilities, or
scanning for ROP/Spectre gadgets.

Collect together the entrypoints in 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2018-03-20 21:50:37

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Tue Mar 20 21:50:37 2018 rev:244 rq:586076 version:4.10.0_14

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2018-03-01 12:02:21.481832679 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2018-03-20 
21:50:48.542316318 +0100
@@ -1,0 +2,24 @@
+Thu Mar  1 09:36:03 MST 2018 - carn...@suse.com
+
+- bsc#1072834 - Xen HVM: unchecked MSR access error: RDMSR from
+  0xc90 at rIP: 0x93061456 (native_read_msr+0x6/0x30)
+  5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch
+- Upstream patches from Jan (bsc#1027519)
+  5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch
+  5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch
+  5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch
+  5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch
+  5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch
+  5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch
+  5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch
+  5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch (Replaces 
xsa252.patch)
+  5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch (Replaces 
xsa255-1.patch)
+  5a955800-gnttab-dont-free-status-pages-on-ver-change.patch (Replaces 
xsa255-2.patch)
+  5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch (Replaces 
xsa256.patch)
+- Drop
+  xsa252.patch
+  xsa255-1.patch
+  xsa255-2.patch
+  xsa256.patch
+
+---
@@ -4,2 +28,2 @@
-- bsc#1080635 - VUL-0: xen: DoS via non-preemptable L3/L4 pagetable
-  freeing (XSA-252)
+- bsc#1080635 - VUL-0: CVE-2018-7540: xen: DoS via non-preemptable
+  L3/L4 pagetable freeing (XSA-252)
@@ -7,2 +31,2 @@
-- bsc#1080662 - VUL-0: xen: grant table v2 -> v1 transition may
-  crash Xen (XSA-255)
+- bsc#1080662 - VUL-0: CVE-2018-7541: xen: grant table v2 -> v1
+  transition may crash Xen (XSA-255)
@@ -11,2 +35,2 @@
-- bsc#1080634 - VUL-0: xen: x86 PVH guest without LAPIC may DoS the
-  host (XSA-256)
+- bsc#1080634 - VUL-0: CVE-2018-7542: xen: x86 PVH guest without
+  LAPIC may DoS the host (XSA-256)
@@ -56,2 +80,3 @@
-- bsc#1074562 - VUL-0: xen: Information leak via side effects of
-  speculative execution (XSA-254). Includes Spectre v2 mitigation.
+- bsc#1074562 - VUL-0: CVE-2017-5753,CVE-2017-5715,CVE-2017-5754
+  xen: Information leak via side effects of speculative execution
+  (XSA-254). Includes Spectre v2 mitigation.

Old:

  xsa252.patch
  xsa255-1.patch
  xsa255-2.patch
  xsa256.patch

New:

  5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch
  5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch
  5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch
  5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch
  5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch
  5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch
  5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch
  5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch
  5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch
  5a955800-gnttab-dont-free-status-pages-on-ver-change.patch
  5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch
  5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.FoVs26/_old  2018-03-20 21:50:50.858232921 +0100
+++ /var/tmp/diff_new_pack.FoVs26/_new  2018-03-20 21:50:50.862232777 +0100
@@ -126,7 +126,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.10.0_13
+Version:4.10.0_14
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0
@@ -206,10 +206,18 @@
 Patch43:5a6b36cd-9-x86-issue-speculation-barrier.patch
 Patch44:5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch
 Patch45:5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch
-Patch252:   xsa252.patch
-Patch25501: xsa255-1.patch
-Patch25502: xsa255-2.patch
-Patch256:   xsa256.patch
+Patch46:5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch
+Patch47:5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch
+Patch48:
5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch
+Patch49:5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch
+Patch50:5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch
+Patch51:

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2018-03-01 12:02:20

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Thu Mar  1 12:02:20 2018 rev:243 rq:580646 version:4.10.0_13

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2018-02-18 11:38:14.490480633 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2018-03-01 
12:02:21.481832679 +0100
@@ -1,0 +2,36 @@
+Mon Feb 12 13:26:38 MST 2018 - carn...@suse.com
+
+- bsc#1080635 - VUL-0: xen: DoS via non-preemptable L3/L4 pagetable
+  freeing (XSA-252)
+  xsa252.patch
+- bsc#1080662 - VUL-0: xen: grant table v2 -> v1 transition may
+  crash Xen (XSA-255)
+  xsa255-1.patch
+  xsa255-2.patch
+- bsc#1080634 - VUL-0: xen: x86 PVH guest without LAPIC may DoS the
+  host (XSA-256)
+  xsa256.patch
+
+---
+Fri Feb  9 12:59:12 UTC 2018 - oher...@suse.de
+
+- Remove stale systemd presets code for 13.2 and older
+
+---
+Fri Feb  9 12:31:33 UTC 2018 - oher...@suse.de
+
+- fate#324965 - add script, udev rule and systemd service to watch
+  for vcpu online/offline events in a HVM domU
+  They are triggered via xl vcpu-set domU N
+
+---
+Fri Feb  9 10:23:15 UTC 2018 - oher...@suse.de
+
+- Replace hardcoded xen with Name tag when refering to subpkgs
+
+---
+Fri Feb  9 10:19:49 UTC 2018 - oher...@suse.de
+
+- Make sure tools and tools-domU require libs from the very same build
+
+---

New:

  xsa252.patch
  xsa255-1.patch
  xsa255-2.patch
  xsa256.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.BKiFK0/_old  2018-03-01 12:02:27.993599148 +0100
+++ /var/tmp/diff_new_pack.BKiFK0/_new  2018-03-01 12:02:27.997599005 +0100
@@ -14,10 +14,9 @@
 
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
-
-
 # needssslcertforbuild
 
+
 #Compat macro for new _fillupdir macro introduced in Nov 2017
 %if ! %{defined _fillupdir}
   %define _fillupdir /var/adm/fillup-templates
@@ -60,10 +59,6 @@
 %define with_gcc47 0
 %define with_gcc48 0
 %define _fwdefdir /etc/sysconfig/SuSEfirewall2.d/services
-%define include_systemd_preset 0
-%if 0%{?suse_version} <= 1320 && 0%{?sle_version} < 120300
-%define include_systemd_preset 1
-%endif
 %systemd_requires
 BuildRequires:  systemd-devel
 %define with_systemd_modules_load %{_prefix}/lib/modules-load.d
@@ -131,7 +126,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.10.0_12
+Version:4.10.0_13
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0
@@ -211,6 +206,10 @@
 Patch43:5a6b36cd-9-x86-issue-speculation-barrier.patch
 Patch44:5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch
 Patch45:5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch
+Patch252:   xsa252.patch
+Patch25501: xsa255-1.patch
+Patch25502: xsa255-2.patch
+Patch256:   xsa256.patch
 # Our platform specific patches
 Patch400:   xen-destdir.patch
 Patch401:   vif-bridge-no-iptables.patch
@@ -308,11 +307,11 @@
 %ifarch %arm aarch64
 Requires:   qemu-arm
 %endif
+Requires:   %{name}-libs = %{version}-%{release}
 Requires:   multipath-tools
 Requires:   python3
 Requires:   python3-curses
 Requires:   qemu-seabios
-Requires:   xen-libs = %{version}
 # subpackage existed in 10.3
 Provides:   xen-tools-ioemu = %{version}
 Obsoletes:  xen-tools-ioemu < %{version}
@@ -340,7 +339,8 @@
 %package tools-domU
 Summary:Xen Virtualization: Control tools for domain U
 Group:  System/Kernel
-Conflicts:  xen-tools
+Conflicts:  %{name}-tools
+Requires:   %{name}-libs = %{version}-%{release}
 
 %description tools-domU
 Xen is a virtual machine monitor for x86 that supports execution of
@@ -359,8 +359,8 @@
 %package devel
 Summary:Xen Virtualization: Headers and libraries for development
 Group:  System/Kernel
+Requires:   %{name}-libs = %{version}
 Requires:   libuuid-devel
-Requires:   xen-libs = %{version}
 
 %description devel
 Xen is a virtual machine monitor for x86 that supports execution of
@@ -445,6 +445,10 @@
 %patch43 -p1
 %patch44 -p1
 %patch45 -p1
+%patch252 -p1
+%patch25501 -p1
+%patch25502 -p1
+%patch256 -p1
 # Our platform specific patches
 %patch400 -p1
 %patch401 -p1
@@ -609,8 +613,77 @@
mv -v $i 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2018-01-28 20:30:02

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Sun Jan 28 20:30:02 2018 rev:241 rq:570273 version:4.10.0_10

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2018-01-16 09:26:32.530130432 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2018-01-28 
20:30:07.204147627 +0100
@@ -1,0 +2,7 @@
+Fri Jan 26 14:40:14 MST 2018 - carn...@suse.com
+
+- Fix python3 deprecated atoi call (bsc#1067224)
+  pygrub-python3-conversion.patch
+- Drop xenmon-python3-conversion.patch
+
+---

Old:

  xenmon-python3-conversion.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.ExAt3J/_old  2018-01-28 20:30:11.231959488 +0100
+++ /var/tmp/diff_new_pack.ExAt3J/_new  2018-01-28 20:30:11.235959301 +0100
@@ -207,9 +207,8 @@
 # python3 conversion patches
 Patch500:   build-python3-conversion.patch
 Patch501:   pygrub-python3-conversion.patch
-Patch502:   xenmon-python3-conversion.patch
-Patch503:   migration-python3-conversion.patch
-Patch504:   bin-python3-conversion.patch
+Patch502:   migration-python3-conversion.patch
+Patch503:   bin-python3-conversion.patch
 # Hypervisor and PV driver Patches
 Patch601:   x86-ioapic-ack-default.patch
 Patch602:   x86-cpufreq-report.patch
@@ -405,7 +404,6 @@
 %patch501 -p1
 %patch502 -p1
 %patch503 -p1
-%patch504 -p1
 # Hypervisor and PV driver Patches
 %patch601 -p1
 %patch602 -p1

++ bin-python3-conversion.patch ++
--- /var/tmp/diff_new_pack.ExAt3J/_old  2018-01-28 20:30:11.375952762 +0100
+++ /var/tmp/diff_new_pack.ExAt3J/_new  2018-01-28 20:30:11.375952762 +0100
@@ -526,6 +526,36 @@
  sys.exit(e.code)
  except KeyboardInterrupt:
  sys.exit(2)
+Index: xen-4.10.0-testing/tools/xenmon/xenmon.py
+===
+--- xen-4.10.0-testing.orig/tools/xenmon/xenmon.py
 xen-4.10.0-testing/tools/xenmon/xenmon.py
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env python
++#!/usr/bin/python3
+ 
+ #
+ # xenmon is a front-end for xenbaked.
+@@ -248,8 +248,8 @@ def display(scr, row, col, str, attr=0):
+ scr.keypad(0)
+ _c.echo()
+ _c.endwin()
+-print "Your terminal screen is not big enough; Please resize it."
+-print "row=%d, col=%d, str='%s'" % (row, col, str)
++print("Your terminal screen is not big enough; Please resize it.")
++print("row=%d, col=%d, str='%s'" % (row, col, str))
+ sys.exit(1)
+ 
+ 
+@@ -704,7 +704,7 @@ def main():
+ try:
+ writelog()
+ except:
+-print 'Quitting.'
++print('Quitting.')
+ stop_xenbaked()
+ 
+ if __name__ == "__main__":
 Index: xen-4.10.0-testing/tools/xentrace/xentrace_format
 ===
 --- xen-4.10.0-testing.orig/tools/xentrace/xentrace_format

++ libxl.pvscsi.patch ++
--- /var/tmp/diff_new_pack.ExAt3J/_old  2018-01-28 20:30:11.543944915 +0100
+++ /var/tmp/diff_new_pack.ExAt3J/_new  2018-01-28 20:30:11.547944728 +0100
@@ -154,7 +154,7 @@
 ===
 --- xen-4.10.0-testing.orig/tools/libxl/libxl.h
 +++ xen-4.10.0-testing/tools/libxl/libxl.h
-@@ -1010,6 +1010,13 @@ void libxl_mac_copy(libxl_ctx *ctx, libx
+@@ -1013,6 +1013,13 @@ void libxl_mac_copy(libxl_ctx *ctx, libx
  #define LIBXL_HAVE_PCITOPOLOGY 1
  
  /*
@@ -168,7 +168,7 @@
   * LIBXL_HAVE_SOCKET_BITMAP
   *
   * If this is defined, then libxl_socket_bitmap_alloc and
-@@ -1917,6 +1924,41 @@ int libxl_device_channel_getinfo(libxl_c
+@@ -1920,6 +1927,41 @@ int libxl_device_channel_getinfo(libxl_c
   libxl_device_channel *channel,
   libxl_channelinfo *channelinfo);
  

++ libxl.set-migration-constraints-from-cmdline.patch ++
--- /var/tmp/diff_new_pack.ExAt3J/_old  2018-01-28 20:30:11.559944167 +0100
+++ /var/tmp/diff_new_pack.ExAt3J/_new  2018-01-28 20:30:11.559944167 +0100
@@ -300,7 +300,7 @@
 ===
 --- xen-4.10.0-testing.orig/tools/libxl/libxl.h
 +++ xen-4.10.0-testing/tools/libxl/libxl.h
-@@ -1467,8 +1467,23 @@ int libxl_domain_suspend(libxl_ctx *ctx,
+@@ -1470,8 +1470,23 @@ int libxl_domain_suspend(libxl_ctx *ctx,
   int flags, /* LIBXL_SUSPEND_* */
   const libxl_asyncop_how *ao_how)
   

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2018-01-16 09:26:26

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Tue Jan 16 09:26:26 2018 rev:240 rq:563452 version:4.10.0_10

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2017-12-21 11:28:13.434825013 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2018-01-16 
09:26:32.530130432 +0100
@@ -1,0 +2,33 @@
+Wed Jan 10 11:12:07 UTC 2018 - oher...@suse.de
+
+- bsc#1067317 - pass cache=writeback|unsafe|directsync to qemu,
+  depending on the libxl disk settings
+  libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch
+
+---
+Mon Jan  8 08:15:11 UTC 2018 - oher...@suse.de
+
+- Remove libxl.LIBXL_DESTROY_TIMEOUT.debug.patch
+
+---
+Fri Jan  5 13:45:40 MST 2018 - carn...@suse.com
+
+- bsc#1067224 - xen-tools have hard dependency on Python 2
+  build-python3-conversion.patch
+  bin-python3-conversion.patch
+
+---
+Wed Dec 20 09:57:09 MST 2017 - carn...@suse.com
+
+- bsc#1070165 - xen crashes after aborted localhost migration
+  5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch
+- bsc#1035442 - L3: libxl: error: libxl.c:1676:devices_destroy_cb:
+  libxl__devices_destroy failed
+  5a33a12f-domctl-improve-locking-during-domain-destruction.patch
+- Upstream patches from Jan (bsc#1027519)
+  5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch
+  5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch
+  5a313972-x86-microcode-add-support-for-AMD-Fam17.patch
+  5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch
+
+---

Old:

  libxl.LIBXL_DESTROY_TIMEOUT.debug.patch

New:

  5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch
  5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch
  5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch
  5a313972-x86-microcode-add-support-for-AMD-Fam17.patch
  5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch
  5a33a12f-domctl-improve-locking-during-domain-destruction.patch
  bin-python3-conversion.patch
  build-python3-conversion.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.pxkMaJ/_old  2018-01-16 09:26:34.998014970 +0100
+++ /var/tmp/diff_new_pack.pxkMaJ/_new  2018-01-16 09:26:35.006014596 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package xen
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -111,7 +111,7 @@
 %endif
 BuildRequires:  acpica
 BuildRequires:  openssl-devel
-BuildRequires:  python-devel
+BuildRequires:  python3-devel
 BuildRequires:  systemd
 BuildRequires:  xz-devel
 %ifarch x86_64
@@ -131,7 +131,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.10.0_08
+Version:4.10.0_10
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0
@@ -166,6 +166,12 @@
 # For xen-libs
 Source99:   baselibs.conf
 # Upstream patches
+Patch1: 5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch
+Patch2: 
5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch
+Patch3: 5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch
+Patch4: 5a313972-x86-microcode-add-support-for-AMD-Fam17.patch
+Patch5: 5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch
+Patch6: 5a33a12f-domctl-improve-locking-during-domain-destruction.patch
 # Our platform specific patches
 Patch400:   xen-destdir.patch
 Patch401:   vif-bridge-no-iptables.patch
@@ -198,11 +204,12 @@
 Patch466:   libxl.set-migration-constraints-from-cmdline.patch
 Patch467:   xenstore-run-in-studomain.patch
 Patch468:   libxl.LIBXL_DESTROY_TIMEOUT.patch
-Patch469:   libxl.LIBXL_DESTROY_TIMEOUT.debug.patch
 # python3 conversion patches
-Patch500:   pygrub-python3-conversion.patch
-Patch501:   xenmon-python3-conversion.patch
-Patch502:   migration-python3-conversion.patch
+Patch500:   build-python3-conversion.patch
+Patch501:   pygrub-python3-conversion.patch
+Patch502:   xenmon-python3-conversion.patch
+Patch503:   migration-python3-conversion.patch
+Patch504:   bin-python3-conversion.patch
 # Hypervisor and PV driver 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2017-12-21 11:28:01

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Thu Dec 21 11:28:01 2017 rev:239 rq:558584 version:4.10.0_08

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2017-12-12 21:17:10.459213262 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2017-12-21 
11:28:13.434825013 +0100
@@ -1,0 +2,17 @@
+Wed Dec 13 08:43:00 MST 2017 - carn...@suse.com
+
+- Update to Xen 4.10.0 FCS (fate#321394, fate#322686)
+  xen-4.10.0-testing-src.tar.bz2
+
+---
+Mon Dec 11 12:07:30 UTC 2017 - oher...@suse.de
+
+- Rebuild initrd if xen-tools-domU is updated
+
+---
+Tue Dec  5 08:38:58 MST 2017 - carn...@suse.com
+
+- Update to Xen 4.10.0-rc8 (fate#321394, fate#322686)
+  xen-4.10.0-testing-src.tar.bz2
+
+---



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.3TcXME/_old  2017-12-21 11:28:14.902753437 +0100
+++ /var/tmp/diff_new_pack.3TcXME/_new  2017-12-21 11:28:14.906753242 +0100
@@ -15,8 +15,8 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
-# needssslcertforbuild
 
+# needssslcertforbuild
 
 #Compat macro for new _fillupdir macro introduced in Nov 2017
 %if ! %{defined _fillupdir}
@@ -131,7 +131,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.10.0_06
+Version:4.10.0_08
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0
@@ -980,6 +980,9 @@
 # with_dom0_support
 %endif
 
+%posttrans -n %{name}-tools-domU
+%{?regenerate_initrd_posttrans}
+
 %files tools-domU
 %defattr(-,root,root)
 %ifarch %ix86 x86_64

++ ipxe.tar.bz2 ++

++ stubdom.tar.bz2 ++
/work/SRC/openSUSE:Factory/xen/stubdom.tar.bz2 
/work/SRC/openSUSE:Factory/.xen.new/stubdom.tar.bz2 differ: char 11, line 1

++ xen-4.10.0-testing-src.tar.bz2 ++
/work/SRC/openSUSE:Factory/xen/xen-4.10.0-testing-src.tar.bz2 
/work/SRC/openSUSE:Factory/.xen.new/xen-4.10.0-testing-src.tar.bz2 differ: char 
11, line 1

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2017-12-12 21:17:02

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Tue Dec 12 21:17:02 2017 rev:238 rq:554618 version:4.10.0_06

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2017-11-30 12:41:33.874266405 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2017-12-12 
21:17:10.459213262 +0100
@@ -1,0 +2,16 @@
+Tue Nov 28 10:14:56 UTC 2017 - oher...@suse.de
+
+- Increase the value of LIBXL_DESTROY_TIMEOUT from 10 to 100 seconds
+  If many domUs shutdown in parallel the backends can not keep up
+  Add some debug output to track how long backend shutdown takes (bsc#1035442)
+  libxl.LIBXL_DESTROY_TIMEOUT.patch
+  libxl.LIBXL_DESTROY_TIMEOUT.debug.patch
+
+---
+Tue Nov 28 10:06:03 UTC 2017 - oher...@suse.de
+
+- Adjust xenstore-run-in-studomain.patch to change the defaults
+  in the code instead of changing the sysconfig template, to also
+  cover the upgrade case
+
+---

New:

  libxl.LIBXL_DESTROY_TIMEOUT.debug.patch
  libxl.LIBXL_DESTROY_TIMEOUT.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.DGCHtT/_old  2017-12-12 21:17:12.255126565 +0100
+++ /var/tmp/diff_new_pack.DGCHtT/_new  2017-12-12 21:17:12.259126372 +0100
@@ -15,9 +15,9 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
-
 # needssslcertforbuild
 
+
 #Compat macro for new _fillupdir macro introduced in Nov 2017
 %if ! %{defined _fillupdir}
   %define _fillupdir /var/adm/fillup-templates
@@ -131,7 +131,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.10.0_03
+Version:4.10.0_06
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0
@@ -197,6 +197,8 @@
 Patch465:   xen.libxl.dmmd.patch
 Patch466:   libxl.set-migration-constraints-from-cmdline.patch
 Patch467:   xenstore-run-in-studomain.patch
+Patch468:   libxl.LIBXL_DESTROY_TIMEOUT.patch
+Patch469:   libxl.LIBXL_DESTROY_TIMEOUT.debug.patch
 # python3 conversion patches
 Patch500:   pygrub-python3-conversion.patch
 Patch501:   xenmon-python3-conversion.patch
@@ -384,6 +386,8 @@
 %patch465 -p1
 %patch466 -p1
 %patch467 -p1
+%patch468 -p1
+%patch469 -p1
 # python3 conversion patches
 %patch500 -p1
 %patch501 -p1
@@ -461,8 +465,8 @@
 %if %{with xen_stubdom}
 configure_flags=--enable-stubdom
 %else
-# pick the default during a fresh install
-sed -i~ '/^XENSTORETYPE=domain/d' 
tools/hotplug/Linux/init.d/sysconfig.xencommons.in
+# change the/our default to daemon due to lack of stubdom
+sed -i~ 's/ XENSTORETYPE=domain$/ XENSTORETYPE=daemon/' 
tools/hotplug/Linux/launch-xenstore.in
 configure_flags=--disable-stubdom
 %endif
 configure_flags="${configure_flags} --disable-qemu-traditional"

++ libxl.LIBXL_DESTROY_TIMEOUT.debug.patch ++
bsc#1035442
the default value of LIBXL_DESTROY_TIMEOUT is too low when many domUs shutdown 
in parallel
track how much time passes between triggering XenbusStateClosing and 
XenbusStateClosed
Index: xen-4.10.0-testing/tools/libxl/libxl_event.c
===
--- xen-4.10.0-testing.orig/tools/libxl/libxl_event.c
+++ xen-4.10.0-testing/tools/libxl/libxl_event.c
@@ -16,6 +16,7 @@
  */
 
 #include 
+#include 
 
 #include "libxl_internal.h"
 
@@ -846,6 +847,22 @@ void libxl__ev_evtchn_cancel(libxl__gc *
 evtchn_check_fd_deregister(gc);
 }
 
+static void diff_timespec(const struct timespec *old, char *b, size_t s)
+{
+struct timespec new, diff;
+
+if (old->tv_sec == 0 || clock_gettime(CLOCK_MONOTONIC, ))
+new = *old;
+if ((new.tv_nsec - old->tv_nsec) < 0) {
+diff.tv_sec = new.tv_sec - old->tv_sec - 1;
+diff.tv_nsec = new.tv_nsec - old->tv_nsec + 10;
+} else {
+diff.tv_sec = new.tv_sec - old->tv_sec;
+diff.tv_nsec = new.tv_nsec - old->tv_nsec;
+}
+snprintf(b, s, "bug#1035442: %ld.%09lds", (long)diff.tv_sec, diff.tv_nsec);
+}
+
 /*
  * waiting for device state
  */
@@ -855,27 +872,29 @@ static void devstate_callback(libxl__egc
 {
 EGC_GC;
 libxl__ev_devstate *ds = CONTAINER_OF(xsw, *ds, w);
+char b[64];
+diff_timespec(>w.start, b, sizeof(b));
 
 if (rc) {
 if (rc == ERROR_TIMEDOUT)
-LOG(DEBUG, "backend %s wanted state %d "" timed out", ds->w.path,
-ds->wanted);
+LOG(DEBUG, "backend %s wanted state %d "" timed out (%s)", 
ds->w.path,
+  

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2017-11-30 12:41:28

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Thu Nov 30 12:41:28 2017 rev:237 rq:545274 version:4.10.0_03

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2017-11-03 16:23:00.656227202 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2017-11-30 
12:41:33.874266405 +0100
@@ -1,0 +2,55 @@
+Fri Nov 24 17:28:59 UTC 2017 - carn...@suse.com
+
+- Update to Xen 4.10.0-rc6 (fate#321394, fate#322686)
+  xen-4.10.0-testing-src.tar.bz2
+
+---
+Fri Nov 24 13:25:07 UTC 2017 - oher...@suse.de
+
+- Since xen switched to Kconfig, building a debug hypervisor
+  was done by default. Adjust make logic to build a non-debug
+  hypervisor by default, and continue to provide one as xen-dbg.gz
+
+---
+Fri Nov 24 11:26:45 UTC 2017 - oher...@suse.de
+
+- fate#316614: set migration constraints from cmdline
+  fix libxl.set-migration-constraints-from-cmdline.patch for xen-4.10
+
+---
+Thu Nov 23 15:06:44 UTC 2017 - oher...@suse.de
+
+- Document the suse-diskcache-disable-flush option in
+  xl-disk-configuration(5) (bsc#879425,bsc#1067317)
+
+---
+Thu Nov 23 13:47:42 UTC 2017 - rbr...@suse.com
+
+- Replace references to /var/adm/fillup-templates with new 
+  %_fillupdir macro (boo#1069468)
+
+---
+Thu Nov 16 08:48:07 MST 2017 - carn...@suse.com
+
+- Update to Xen 4.10.0-rc5 (fate#321394, fate#322686)
+  xen-4.10.0-testing-src.tar.bz2
+- fate#323663 - Run Xenstore in stubdomain
+  xenstore-run-in-studomain.patch
+
+---
+Thu Nov  9 15:11:57 MST 2017 - carn...@suse.com
+
+- bsc#1067224 - xen-tools have hard dependency on Python 2
+  pygrub-python3-conversion.patch
+  xenmon-python3-conversion.patch
+  migration-python3-conversion.patch
+  xnloader.py
+  xen2libvirt.py
+
+---
+Wed Nov  8 10:47:24 UTC 2017 - oher...@suse.de
+
+- Remove xendriverdomain.service (bsc#1065185)
+  Driver domains must be configured manually with custom .service file
+
+---
@@ -24,2 +78,0 @@
-- Drop until further notice
-  libxl.set-migration-constraints-from-cmdline.patch

New:

  libxl.set-migration-constraints-from-cmdline.patch
  migration-python3-conversion.patch
  pygrub-python3-conversion.patch
  xenmon-python3-conversion.patch
  xenstore-run-in-studomain.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.JSV8D9/_old  2017-11-30 12:41:36.366175804 +0100
+++ /var/tmp/diff_new_pack.JSV8D9/_new  2017-11-30 12:41:36.374175513 +0100
@@ -18,6 +18,11 @@
 
 # needssslcertforbuild
 
+#Compat macro for new _fillupdir macro introduced in Nov 2017
+%if ! %{defined _fillupdir}
+  %define _fillupdir /var/adm/fillup-templates
+%endif
+
 Name:   xen
 ExclusiveArch:  %ix86 x86_64 %arm aarch64
 %define changeset 35349
@@ -126,7 +131,7 @@
 BuildRequires:  pesign-obs-integration
 %endif
 
-Version:4.10.0_01
+Version:4.10.0_03
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0
@@ -190,6 +195,12 @@
 Patch463:   libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch
 Patch464:   libxl.pvscsi.patch
 Patch465:   xen.libxl.dmmd.patch
+Patch466:   libxl.set-migration-constraints-from-cmdline.patch
+Patch467:   xenstore-run-in-studomain.patch
+# python3 conversion patches
+Patch500:   pygrub-python3-conversion.patch
+Patch501:   xenmon-python3-conversion.patch
+Patch502:   migration-python3-conversion.patch
 # Hypervisor and PV driver Patches
 Patch601:   x86-ioapic-ack-default.patch
 Patch602:   x86-cpufreq-report.patch
@@ -371,6 +382,12 @@
 %patch463 -p1
 %patch464 -p1
 %patch465 -p1
+%patch466 -p1
+%patch467 -p1
+# python3 conversion patches
+%patch500 -p1
+%patch501 -p1
+%patch502 -p1
 # Hypervisor and PV driver Patches
 %patch601 -p1
 %patch602 -p1
@@ -444,6 +461,8 @@
 %if %{with xen_stubdom}
 configure_flags=--enable-stubdom
 %else
+# pick the default during a fresh install
+sed -i~ '/^XENSTORETYPE=domain/d' 
tools/hotplug/Linux/init.d/sysconfig.xencommons.in
 configure_flags=--disable-stubdom
 %endif
 configure_flags="${configure_flags} 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2017-11-03 16:22:52

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Fri Nov  3 16:22:52 2017 rev:236 rq:538517 version:4.10.0_01

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2017-10-17 01:49:56.645669334 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2017-11-03 
16:23:00.656227202 +0100
@@ -1,0 +2,103 @@
+Thu Nov  2 14:14:02 MDT 2017 - carn...@suse.com
+
+- Update to Xen 4.10.0-rc3 (fate#321394, fate#322686)
+  xen-4.10.0-testing-src.tar.bz2
+- Drop 59f31268-libxc-remove-stale-error-check-for-domain-size.patch
+
+---
+Thu Nov  2 11:36:27 UTC 2017 - oher...@suse.de
+
+- Adjust xen-dom0-modules.service to ignore errors (bsc#1065187)
+
+---
+Fri Oct 27 07:48:55 MDT 2017 - carn...@suse.com
+
+- fate#324052 Support migration of Xen HVM domains larger than 1TB
+  59f31268-libxc-remove-stale-error-check-for-domain-size.patch
+
+---
+Wed Oct 25 16:26:33 MDT 2017 - carn...@suse.com
+
+- Update to Xen 4.10.0-rc2 (fate#321394, fate#322686)
+  xen-4.10.0-testing-src.tar.bz2
+- Drop until further notice
+  libxl.set-migration-constraints-from-cmdline.patch
+
+---
+Mon Oct 16 09:34:23 MDT 2017 - carn...@suse.com
+
+- Update to Xen 4.10.0-rc1 (fate#321394, fate#322686)
+  xen-4.10.0-testing-src.tar.bz2
+- Drop patches included in new tarball
+  592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch
+  596f257e-x86-fix-hvmemul_insn_fetch.patch
+  5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch
+  598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch
+  598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch
+  5992f1e5-x86-grant-disallow-misaligned-PTEs.patch
+  5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch
+  5992f233-gnttab-correct-pin-status-fixup-for-copy.patch
+  59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch
+  59958ebf-gnttab-fix-transitive-grant-handling.patch
+  59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch
+  599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch
+  59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch
+  59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch
+  59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch
+  59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch
+  59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch
+  59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch
+  59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch
+  59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch
+  59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch
+  59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch
+  59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch
+  59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch
+  gcc7-arm.patch
+  gcc7-mini-os.patch
+
+---
+Tue Oct  3 09:03:57 MDT 2017 - carn...@suse.com
+
+- bsc#1061084 - VUL-0: xen: page type reference leak on x86
+  (XSA-242)
+  xsa242.patch
+- bsc#1061086 - VUL-0: xen: x86: Incorrect handling of self-linear
+  shadow mappings with translated guests (XSA-243)
+  xsa243.patch
+- bsc#1061087 - VUL-0: xen: x86: Incorrect handling of IST settings
+  during CPU hotplug (XSA-244)
+  xsa244.patch
+
+---
+Mon Oct  2 13:26:08 MDT 2017 - carn...@suse.com
+
+- bsc#1061077 - VUL-0: xen: DMOP map/unmap missing argument checks
+  (XSA-238)
+  xsa238.patch
+- bsc#1061080 - VUL-0: xen: hypervisor stack leak in x86 I/O
+  intercept code (XSA-239)
+  xsa239.patch
+- bsc#1061081 - VUL-0: xen: Unlimited recursion in linear pagetable
+  de-typing (XSA-240)
+  xsa240-1.patch
+  xsa240-2.patch
+- bsc#1061082 - VUL-0: xen: Stale TLB entry due to page type
+  release race (XSA-241)
+  xsa241.patch
+
+---
+Fri Sep 29 10:57:35 MDT 2017 - carn...@suse.com
+
+- bsc#1061075 - VUL-0: xen: pin count / page reference race in
+  grant table code (XSA-236)
+  xsa236.patch
+- bsc#1061076 - VUL-0: xen: multiple MSI mapping issues on x86
+  (XSA-237)
+  xsa237-1.patch
+  xsa237-2.patch
+  xsa237-3.patch
+  xsa237-4.patch
+  xsa237-5.patch
+
+---

Old:

  592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch
  

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2017-10-17 01:49:50

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Tue Oct 17 01:49:50 2017 rev:235 rq:533118 version:4.9.0_50

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2017-09-22 21:31:58.884976319 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2017-10-17 
01:49:56.645669334 +0200
@@ -1,0 +2,28 @@
+Tue Sep 26 08:44:03 MDT 2017 - carn...@suse.com
+
+- bsc#1056278 - VUL-0: xen: Missing NUMA node parameter
+  verification (XSA-231)
+  59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch
+- bsc#1056280 - VUL-0: xen: Missing check for grant table (XSA-232)
+  59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch
+- bsc#1056281 - VUL-0: xen: cxenstored: Race in domain cleanup
+  (XSA-233)
+  59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch
+- bsc#1056282 - VUL-0: xen: insufficient grant unmapping checks for
+  x86 PV guests (XSA-234)
+  59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch
+- bsc#1055321 - VUL-0: xen: add-to-physmap error paths fail to
+  release lock on ARM (XSA-235)
+  599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch
+- Upstream patches from Jan (bsc#1027519)
+  59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch
+  59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch
+  59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch
+  59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch
+  59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch
+  59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch
+  59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch
+  59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch
+- Dropped gcc7-xen.patch
+
+---

Old:

  gcc7-xen.patch

New:

  599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch
  59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch
  59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch
  59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch
  59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch
  59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch
  59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch
  59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch
  59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch
  59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch
  59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch
  59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch
  59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.G7mzgF/_old  2017-10-17 01:49:59.241547713 +0200
+++ /var/tmp/diff_new_pack.G7mzgF/_new  2017-10-17 01:49:59.245547525 +0200
@@ -172,6 +172,19 @@
 Patch9: 59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch
 Patch10:59958ebf-gnttab-fix-transitive-grant-handling.patch
 Patch11:
59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch
+Patch12:599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch
+Patch13:
59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch
+Patch14:
59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch
+Patch15:59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch
+Patch16:
59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch
+Patch17:59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch
+Patch18:59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch
+Patch19:59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch
+Patch20:59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch
+Patch21:59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch
+Patch22:59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch
+Patch23:59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch
+Patch24:
59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch
 # Our platform specific patches
 Patch400:   xen-destdir.patch
 Patch401:   vif-bridge-no-iptables.patch
@@ -186,8 +199,7 @@
 Patch422:   stubdom-have-iovec.patch
 Patch423:   vif-route.patch
 Patch424:   gcc7-mini-os.patch
-Patch425:   gcc7-xen.patch
-Patch426:   gcc7-arm.patch
+Patch425:   gcc7-arm.patch
 # Other bug fixes or features
 Patch451:   

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2017-09-22 21:31:52

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Fri Sep 22 21:31:52 2017 rev:234 rq:527360 version:4.9.0_50

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2017-08-24 18:21:48.419959788 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2017-09-22 
21:31:58.884976319 +0200
@@ -1,0 +2,56 @@
+Thu Sep  7 04:58:12 MDT 2017 - carn...@suse.com
+
+- bsc#1057358 - Cannot Boot into SLES12.3 with Xen hypervisor when
+  Secure Boot is Enabled
+  xen.spec
+
+---
+Tue Sep  5 12:00:59 UTC 2017 - oher...@suse.de
+
+- bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored
+  update from v6 to v9 to cover more cases for ballooned domUs
+  libxc.sr.superpage.patch
+
+---
+Mon Aug 28 14:51:54 UTC 2017 - oher...@suse.de
+
+- bsc#1026236 - remove suse_vtsc_tolerance= cmdline option for Xen
+  drop the patch because it is not upstream acceptable
+  remove xen.suse_vtsc_tolerance.patch
+
+---
+Sat Aug 26 10:52:46 UTC 2017 - oher...@suse.de
+
+- bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored
+  after the save using xl stack
+  libxc.sr.superpage.patch
+
+---
+Tue Aug 22 13:25:33 UTC 2017 - oher...@suse.de
+
+- Unignore gcc-PIE
+  the toolstack disables PIE for firmware builds as needed
+
+---
+Mon Aug 21 10:42:46 MDT 2017 - carn...@suse.com
+
+- Upstream patches from Jan (bsc#1027519)
+  592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch
+  596f257e-x86-fix-hvmemul_insn_fetch.patch
+  5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch
+  598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch
+  598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch
+  5992f1e5-x86-grant-disallow-misaligned-PTEs.patch (Replaces xsa227.patch)
+  5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch (Replaces 
xsa228.patch)
+  5992f233-gnttab-correct-pin-status-fixup-for-copy.patch (Replaces 
xsa230.patch)
+  59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch (Replaces 
xsa226-1.patch)
+  59958ebf-gnttab-fix-transitive-grant-handling.patch (Replaces xsa226-2.patch)
+  59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch
+
+---
+Wed Aug 16 15:03:46 MDT 2017 - carn...@suse.com
+
+- bsc#1044974 - xen-tools require python-pam
+  xen.spec
+
+---
@@ -27,0 +84,7 @@
+Tue Aug  8 08:20:41 MDT 2017 - carn...@suse.com
+
+- bsc#1052686 - VUL-0: xen: grant_table: possibly premature
+  clearing of GTF_writing / GTF_reading (XSA-230)
+  xsa230.patch
+
+---
@@ -32,0 +96,14 @@
+
+---
+Thu Aug  3 11:51:11 MDT 2017 - carn...@suse.com
+
+- bsc#1051787 - VUL-0: CVE-2017-12135: xen: possibly unbounded
+  recursion in grant table code (XSA-226)
+  xsa226-1.patch
+  xsa226-2.patch
+- bsc#1051788 - VUL-0: CVE-2017-12137: xen: x86: PV privilege
+  escalation via map_grant_ref (XSA-227)
+  xsa227.patch
+- bsc#1051789 - VUL-0: CVE-2017-12136: xen: grant_table: Race
+  conditions with maptrack free list handling (XSA-228)
+  xsa228.patch

Old:

  xen.suse_vtsc_tolerance.patch

New:

  592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch
  596f257e-x86-fix-hvmemul_insn_fetch.patch
  5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch
  598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch
  598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch
  5992f1e5-x86-grant-disallow-misaligned-PTEs.patch
  5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch
  5992f233-gnttab-correct-pin-status-fixup-for-copy.patch
  59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch
  59958ebf-gnttab-fix-transitive-grant-handling.patch
  59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.QNfxlD/_old  2017-09-22 21:32:00.788708337 +0200
+++ /var/tmp/diff_new_pack.QNfxlD/_new  2017-09-22 21:32:00.792707775 +0200
@@ -16,6 +16,8 @@
 #
 
 
+# needssslcertforbuild
+
 Name:   xen
 ExclusiveArch:  %ix86 x86_64 %arm aarch64
 %define changeset 35349
@@ -68,14 +70,15 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2017-08-24 18:21:39

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Thu Aug 24 18:21:39 2017 rev:233 rq:516579 version:4.9.0_50

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2017-07-07 10:15:34.926339844 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2017-08-24 
18:21:48.419959788 +0200
@@ -1,0 +2,143 @@
+Fri Aug 11 16:37:44 MDT 2017 - carn...@suse.com
+
+- Clean up spec file errors and a few warnings. (bsc#1027519)
+- Removed conditional 'with_systemd' and some old deprecated
+  'sles_version' checks.
+  xen.spec
+
+---
+Thu Aug 10 19:45:31 UTC 2017 - jfeh...@suse.com
+
+- Remove use of brctl utiltiy from supportconfig plugin
+  FATE#323639
+
+---
+Thu Aug 10 07:50:47 UTC 2017 - oher...@suse.de
+
+- Use upstream variant of mini-os __udivmoddi4 change
+  gcc7-mini-os.patch
+
+---
+Wed Aug  9 13:14:56 MDT 2017 - carn...@suse.com
+
+- fate#323639 Move bridge-utils to legacy
+  replace-obsolete-network-configuration-commands-in-s.patch
+
+---
+Mon Aug  7 12:53:44 UTC 2017 - oher...@suse.de
+
+- bsc#1035231 - migration of HVM domU does not use superpages
+  on destination dom0
+  libxc.sr.superpage.patch
+
+---
+Tue Aug  1 20:02:58 UTC 2017 - jfeh...@suse.com
+
+- Add a supportconfig plugin
+  xen-supportconfig
+  FATE#323661
+
+---
+Tue Jul 25 14:48:02 UTC 2017 - oher...@suse.de
+
+- bsc#1026236 - add suse_vtsc_tolerance= cmdline option for Xen
+  To avoid emulation of TSC access from a domU after live migration
+  add a global tolerance for the measured host kHz
+  xen.suse_vtsc_tolerance.patch
+
+---
+Thu Jul 20 10:46:43 MDT 2017 - carn...@suse.com
+
+- fate#323662 Drop qemu-dm from xen-tools package
+  The following tarball and patches have been removed
+  qemu-xen-traditional-dir-remote.tar.bz2
+  VNC-Support-for-ExtendedKeyEvent-client-message.patch
+  0001-net-move-the-tap-buffer-into-TAPState.patch
+  0002-net-increase-tap-buffer-size.patch
+  0003-e1000-fix-access-4-bytes-beyond-buffer-end.patch
+  0004-e1000-secrc-support.patch
+  0005-e1000-multi-buffer-packet-support.patch
+  0006-e1000-clear-EOP-for-multi-buffer-descriptors.patch
+  0007-e1000-verify-we-have-buffers-upfront.patch
+  0008-e1000-check-buffer-availability.patch
+  CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch
+  CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch
+  CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch
+  CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch
+  CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch
+  CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch
+  CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch
+  CVE-2015-4037-qemut-smb-config-dir-name.patch
+  CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch
+  CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch
+  CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch
+  CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
+  CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch
+  CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch
+  CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch
+  
CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
+  CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch
+  CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch
+  
CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch
+  
CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch
+  
CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch
+  CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch
+  
CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch
+  CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch
+  CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch
+  CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch
+  
CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch
+  

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2017-07-07 10:15:25

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Fri Jul  7 10:15:25 2017 rev:232 rq:508267 version:4.9.0_08

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2017-06-23 09:15:00.454897458 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2017-07-07 
10:15:34.926339844 +0200
@@ -1,0 +2,6 @@
+Wed Jun 28 01:40:43 MDT 2017 - carn...@suse.com
+
+- Update to Xen 4.9.0 FCS (fate#321394, fate#323108)
+  xen-4.9.0-testing-src.tar.bz2
+
+---



Other differences:
--
++ ipxe.tar.bz2 ++

++ qemu-xen-traditional-dir-remote.tar.bz2 ++

++ stubdom.tar.bz2 ++
/work/SRC/openSUSE:Factory/xen/stubdom.tar.bz2 
/work/SRC/openSUSE:Factory/.xen.new/stubdom.tar.bz2 differ: char 11, line 1

++ xen-4.9.0-testing-src.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/xen-4.9.0-testing/ChangeLog 
new/xen-4.9.0-testing/ChangeLog
--- old/xen-4.9.0-testing/ChangeLog 2017-06-21 22:20:18.0 +0200
+++ new/xen-4.9.0-testing/ChangeLog 2017-06-28 09:31:20.0 +0200
@@ -1,46 +1,7 @@
-commit b38b1479a532f08fedd7f3b761673bc78b66739d
+commit c30bf55594a53fae8aae08aabf16fc192faad7da
 Author: Ian Jackson 
-Date:   Mon Jun 19 15:04:08 2017 +0100
+Date:   Tue Jun 27 19:13:19 2017 +0100
 
-xen/test/Makefile: Fix clean target, broken by pattern rule
+Xen 4.9.0 release: Adjust README and xen/Makefile
 
-In "xen/test/livepatch: Regularise Makefiles" we reworked
-xen/test/Makefile to use a pattern rule.  However, there are two
-problems with this.  Both are related to the way that xen/Rules.mk is
-implicitly part of this Makefile because of the way that Makefiles
-under xen/ are invoked by their parent directory Makefiles.
-
-Firstly, the Rules.mk `clean' target overrides the pattern rule in
-xen/test/Makefile.  The result is that `make -C xen clean' does not
-actually run the livepatch clean target.
-
-The Rules.mk clean target does have provision for recursing into
-subdirectories, but that feature is tangled up with complex object
-file iteration machinery which is not desirable here.  However, we can
-extend the Rules.mk clean target since it is a double-colon rule.
-
-Sadly this involves duplicating the SUBDIR iteration boilerplate.  (A
-make function could be used but the cure would be worse than the
-disease.)
-
-Secondly, Rules.mk has a number of -include directives.  make likes to
-try to (re)build files mentioned in includes.  With the % pattern
-rule, this applies to those files too.
-
-As a result, make -C xen clean would try to build `.*.d' (for example)
-in xen/test.  This would fail with an error message.  The error would
-be ignored because of the `-', but it's annoying and ugly.
-
-Solve this by limiting the % pattern rule to the targets we expect it
-to handle.  These are those listed in the top-level Makefile help
-message, apart from: those which are subdir- or component-qualified;
-clean targets (which are handled specially, even distclean); and dist,
-src-tarball-*, etc. (which are converted to install by an earlier
-Makefile).
-
-Reported-by: Andrew Cooper 
 Signed-off-by: Ian Jackson 
-Tested-by: Konrad Rzeszutek Wilk 
-Acked-by: Konrad Rzeszutek Wilk 
-Release-acked-by: Julien Grall 
-(cherry picked from commit 592e834522086009975bd48d59386094771bd06b)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/xen-4.9.0-testing/Config.mk 
new/xen-4.9.0-testing/Config.mk
--- old/xen-4.9.0-testing/Config.mk 2017-06-21 22:20:18.0 +0200
+++ new/xen-4.9.0-testing/Config.mk 2017-06-28 09:31:20.0 +0200
@@ -268,10 +268,10 @@
 MINIOS_UPSTREAM_URL ?= git://xenbits.xen.org/mini-os.git
 endif
 OVMF_UPSTREAM_REVISION ?= 5920a9d16b1ab887c2858224316a98e961d71b05
-QEMU_UPSTREAM_REVISION ?= qemu-xen-4.9.0-rc1
-MINIOS_UPSTREAM_REVISION ?= xen-4.9.0-rc1.2
-# Tue Dec 13 15:02:02 2016 +
-# build: prepend OBJ_DIR to linker script
+QEMU_UPSTREAM_REVISION ?= qemu-xen-4.9.0
+MINIOS_UPSTREAM_REVISION ?= xen-RELEASE-4.9.0
+# Wed Feb 22 11:03:37 2017 +
+# Include libxendevicemodel with libxc
 
 SEABIOS_UPSTREAM_REVISION ?= rel-1.10.0
 # Wed Jun 22 14:53:24 2016 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2017-06-23 09:14:58

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Fri Jun 23 09:14:58 2017 rev:231 rq:505582 version:4.9.0_08

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2017-06-17 10:18:09.900583236 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2017-06-23 
09:15:00.454897458 +0200
@@ -1,0 +2,14 @@
+Wed Jun 21 14:03:40 MDT 2017 - carn...@suse.com
+
+- Update block-dmmd script (bsc#1002573)
+  block-dmmd
+
+---
+Tue Jun 20 15:18:25 MDT 2017 - carn...@suse.com
+
+- Update to Xen 4.9.0-rc8+ (fate#321394, fate#323108)
+  xen-4.9.0-testing-src.tar.bz2
+  gcc7-arm.patch
+- Drop gcc7-error-xenpmd.patch
+
+---

Old:

  gcc7-error-xenpmd.patch

New:

  gcc7-arm.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.qXUB07/_old  2017-06-23 09:15:05.126237418 +0200
+++ /var/tmp/diff_new_pack.qXUB07/_new  2017-06-23 09:15:05.126237418 +0200
@@ -278,9 +278,9 @@
 Patch421:   xenpaging.doc.patch
 Patch422:   stubdom-have-iovec.patch
 Patch423:   vif-route.patch
-Patch424:   gcc7-error-xenpmd.patch
-Patch425:   gcc7-mini-os.patch
-Patch426:   gcc7-xen.patch
+Patch424:   gcc7-mini-os.patch
+Patch425:   gcc7-xen.patch
+Patch426:   gcc7-arm.patch
 # Other bug fixes or features
 Patch451:   xenconsole-no-multiple-connections.patch
 Patch452:   hibernate.patch

++ block-dmmd ++
--- /var/tmp/diff_new_pack.qXUB07/_old  2017-06-23 09:15:05.334208033 +0200
+++ /var/tmp/diff_new_pack.qXUB07/_new  2017-06-23 09:15:05.334208033 +0200
@@ -2,20 +2,32 @@
 
 # Usage: block-dmmd [add args | remove args]
 # 
-#  the dmmd device syntax (in xm/xl commands/configs) is something like:
-#   dmmd:md;/dev/md0;md;/dev/md1;lvm;/dev/vg1/lv1
+#  the dmmd device syntax (in xl commands/configs) is something like:
+#   script=block-dmmd,md;/dev/md0;md;/dev/md1;lvm;/dev/vg1/lv1
 #  or
-#   dmmd:lvm;/dev/vg1/lv1;lvm;/dev/vg1/lv2;md;/dev/md0
+#   script=block-dmmd,lvm;/dev/vg1/lv1;lvm;/dev/vg1/lv2;md;/dev/md0
 #  device pairs (type;dev) are processed in order, with the last device
 #  assigned to the VM
 #
+#  Note - When using the libxl stack, the "script=block-dmmd" option
+#  is required. See man xl-disk-configuration(5) for more information.
+#
 #  md devices can optionally:
 #   specify a config file through:
 #  md;/dev/md100(/var/xen/config/mdadm.conf)
 #   use an array name (mdadm -N option):
-#  dmmd:md;My-MD-name;lvm;/dev/vg1/lv1
+#  md;My-MD-name;lvm;/dev/vg1/lv1
+#
+#  Completely expressive syntax should be similar to:
+#   "format=raw, vdev=xvdb, access=rw, script=block-dmmd, \
+#target=md;/dev/md0(/etc/mdadm.conf);lvm;/dev/vg1/lv1"
 #
+##
 # History:
+#  2017-06-12, mlati...@suse.com:
+#Merge LVM improvements by loic.devul...@mpsa.com
+#Document libxl "script=block-dmmd" syntax in examples
+#Remove xm/xend references (e.g. parsed_timeout from xend-config.sxp)
 #  2016-05-27, mlati...@suse.com:
 #Merge improvements by loic.devul...@mpsa.com. Highlights include:
 #- Re-write and simplification to speed up the script!
@@ -51,6 +63,7 @@
 typeset -rx PVSCAN_BIN=/sbin/pvscan
 typeset -rx VGSCAN_BIN=/sbin/vgscan
 typeset -rx VGCHANGE_BIN=/sbin/vgchange
+typeset -rx CLVMD_BIN=/usr/sbin/clvmd
 typeset -rx DATE_LOG="date +%F_%T.%N"
 typeset -rx DATE_SEC="date +%s"
 
@@ -61,6 +74,21 @@
 # We check for errors ourselves
 set +e
 
+function reload_clvm()
+{
+# If we are in cluster mode
+if ps -e | grep -q [c]lvmd 2>/dev/null; then
+# Logging message
+log err "Synchronizing cLVM..."
+
+# Synchronize cLVM
+${CLVMD_BIN} -R > /dev/null 2>&1 \
+  || return 1
+fi
+
+return 0
+}
+
 function run_mdadm()
 {
 local mdadm_cmd=$1
@@ -118,21 +146,22 @@
 
 # Is MD device already active?
 # We need to use full path name, aliase is not possible...
-if [ -e $dev_path/${dev##*/} ]; then
-${MDADM_BIN} -Q -D $dev_path/${dev##*/} 2>/dev/null \
+if [ -e ${dev_path}/${dev##*/} ]; then
+${MDADM_BIN} -Q -D ${dev_path}/${dev##*/} 2>/dev/null \
   | grep -iq state.*\:.*inactive || return 0
 fi
 
 # Activate MD device
 run_mdadm "-A ${mdadm_opts} ${dev} ${cfg}"
 rc=$?
+
 # A return code of 2 can indicate the array configuration was incorrect
 if [[ ${rc} == 2 ]]; then
 # Logging message
 echo "[$(${DATE_LOG})] verifying MD device 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2017-06-17 10:18:08

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Sat Jun 17 10:18:08 2017 rev:230 rq:503267 version:4.9.0_08

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2017-06-04 01:50:28.259526615 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2017-06-17 
10:18:09.900583236 +0200
@@ -1,0 +2,6 @@
+Mon Jun  5 10:49:34 MDT 2017 - carn...@suse.com
+
+- Update to Xen 4.9.0-rc8 (fate#321394, fate#323108)
+  xen-4.9.0-testing-src.tar.bz2
+
+---



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.I4MSy8/_old  2017-06-17 10:18:12.296245300 +0200
+++ /var/tmp/diff_new_pack.I4MSy8/_new  2017-06-17 10:18:12.296245300 +0200
@@ -159,7 +159,7 @@
 %endif
 %endif
 
-Version:4.9.0_07
+Version:4.9.0_08
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0

++ libxl.pvscsi.patch ++
--- /var/tmp/diff_new_pack.I4MSy8/_old  2017-06-17 10:18:12.728184370 +0200
+++ /var/tmp/diff_new_pack.I4MSy8/_new  2017-06-17 10:18:12.732183806 +0200
@@ -105,7 +105,7 @@
 ===
 --- xen-4.9.0-testing.orig/docs/man/xl.pod.1.in
 +++ xen-4.9.0-testing/docs/man/xl.pod.1.in
-@@ -1451,6 +1451,24 @@ List virtual trusted platform modules fo
+@@ -1429,6 +1429,24 @@ List virtual Trusted Platform Modules fo
  
  =back
  

++ libxl.set-migration-constraints-from-cmdline.patch ++
--- /var/tmp/diff_new_pack.I4MSy8/_old  2017-06-17 10:18:12.744182114 +0200
+++ /var/tmp/diff_new_pack.I4MSy8/_new  2017-06-17 10:18:12.744182114 +0200
@@ -93,7 +93,7 @@
 ===
 --- xen-4.9.0-testing.orig/docs/man/xl.pod.1.in
 +++ xen-4.9.0-testing/docs/man/xl.pod.1.in
-@@ -457,6 +457,26 @@ Print huge (!) amount of debug during th
+@@ -459,6 +459,26 @@ Display huge (!) amount of debug informa
  
  Leave the domain on the receive side paused after migration.
  

++ xen-4.9.0-testing-src.tar.bz2 ++
 1650 lines of diff (skipped)

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2017-06-04 01:49:50

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Sun Jun  4 01:49:50 2017 rev:229 rq:500486 version:4.9.0_07

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2017-05-27 13:09:39.973294867 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2017-06-04 
01:50:28.259526615 +0200
@@ -1,0 +2,26 @@
+Thu Jun  1 13:24:26 MDT 2017 - carn...@suse.com
+
+- bsc#1042160 - VUL-1: CVE-2017-9330: xen: usb: ohci: infinite loop
+  due to incorrect return value
+  
CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch
+
+---
+Tue May 30 11:24:41 MDT 2017 - carn...@suse.com
+
+- bsc#1037243 - VUL-1: CVE-2017-8309: xen: audio: host memory
+  leakage via capture buffer
+  CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch
+
+---
+Fri May 26 12:58:06 MDT 2017 - carn...@suse.com
+
+- Update to Xen 4.9.0-rc7 (fate#321394, fate#323108)
+  xen-4.9.0-testing-src.tar.bz2
+
+---
+Mon May 22 14:43:01 MDT 2017 - carn...@suse.com
+
+- Update to Xen 4.9.0-rc6 (fate#321394, fate#323108)
+  xen-4.9.0-testing-src.tar.bz2
+
+---

New:

  CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch
  CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.uB4tUt/_old  2017-06-04 01:50:31.191112417 +0200
+++ /var/tmp/diff_new_pack.uB4tUt/_new  2017-06-04 01:50:31.195111852 +0200
@@ -159,7 +159,7 @@
 %endif
 %endif
 
-Version:4.9.0_04
+Version:4.9.0_07
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0
@@ -237,6 +237,8 @@
 Patch286:   
CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch
 Patch287:   
CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch
 Patch288:   
CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch
+Patch289:   
CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch
+Patch290:   
CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch
 # qemu-traditional patches that are not upstream
 Patch350:   blktap.patch
 Patch351:   cdrom-removable.patch
@@ -557,6 +559,8 @@
 %patch286 -p1
 %patch287 -p1
 %patch288 -p1
+%patch289 -p1
+%patch290 -p1
 # Qemu traditional
 %patch350 -p1
 %patch351 -p1

++ CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch 
++
References: bsc#1037243 CVE-2017-8309

Subject: audio: release capture buffers
From: Gerd Hoffmann kra...@redhat.com Fri Apr 28 09:56:12 2017 +0200
Date: Thu May 4 08:31:48 2017 +0200:
Git: 3268a845f41253fb55852a8429c32b50f36f349a

AUD_add_capture() allocates two buffers which are never released.
Add the missing calls to AUD_del_capture().

Impact: Allows vnc clients to exhaust host memory by repeatedly
starting and stopping audio capture.

Fixes: CVE-2017-8309
Cc: P J P 
Cc: Huawei PSIRT 
Reported-by: "Jiangxin (hunter, SCC)" 
Signed-off-by: Gerd Hoffmann 
Reviewed-by: Prasad J Pandit 
Message-id: 20170428075612.9997-1-kra...@redhat.com

Index: xen-4.9.0-testing/tools/qemu-xen-traditional-dir-remote/audio/audio.c
===
--- xen-4.9.0-testing.orig/tools/qemu-xen-traditional-dir-remote/audio/audio.c
+++ xen-4.9.0-testing/tools/qemu-xen-traditional-dir-remote/audio/audio.c
@@ -1937,6 +1937,8 @@ void AUD_del_capture (CaptureVoiceOut *c
 sw = sw1;
 }
 LIST_REMOVE (cap, entries);
+qemu_free (cap->hw.mix_buf);
+qemu_free (cap->buf);
 qemu_free (cap);
 }
 return;
++ 
CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch 
++
References: bsc#1042160 CVE-2017-9330

Index: xen-4.9.0-testing/tools/qemu-xen-traditional-dir-remote/hw/usb-ohci.c
===
--- xen-4.9.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/usb-ohci.c
+++ xen-4.9.0-testing/tools/qemu-xen-traditional-dir-remote/hw/usb-ohci.c
@@ -583,7 +583,7 @@ 

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2017-05-27 13:09:02

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Sat May 27 13:09:02 2017 rev:228 rq:496467 version:4.9.0_04

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2017-04-11 12:39:50.315734414 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2017-05-27 
13:09:39.973294867 +0200
@@ -1,0 +2,133 @@
+Thu May 18 16:22:53 MDT 2017 - carn...@suse.com
+
+- bsc#1031343 - xen fails to build with GCC 7
+  gcc7-mini-os.patch
+  gcc7-xen.patch
+
+---
+Wed May 17 08:28:37 MDT 2017 - carn...@suse.com
+
+- bsc#1031343 - xen fails to build with GCC 7
+  gcc7-error-xenpmd.patch
+
+---
+Tue May 16 09:04:19 MDT 2017 - carn...@suse.com
+
+- Update to Xen 4.9.0-rc5 (fate#321394, fate#323108)
+  xen-4.9.0-testing-src.tar.bz2
+- Drop xen-tools-pkgconfig-xenlight.patch
+
+---
+Wed May 10 15:26:38 MDT 2017 - carn...@suse.com
+
+- bsc#1037779 - xen breaks kexec-tools build
+  xen-tools-pkgconfig-xenlight.patch
+
+---
+Tue May  9 08:40:58 MDT 2017 - carn...@suse.com
+
+- Update to Xen 4.9.0-rc4 (fate#321394, fate#323108)
+  xen-4.9.0-testing-src.tar.bz2
+
+---
+Tue May  2 09:18:24 MDT 2017 - carn...@suse.com
+
+- bsc#1036146 - sles12sp2 xen VM dumps core to wrong path
+  xen.spec
+
+---
+Fri Apr 28 09:03:56 MDT 2017 - carn...@suse.com
+
+- Update to Xen 4.9.0-rc3 (fate#321394, fate#323108)
+  xen-4.9.0-testing-src.tar.bz2
+  aarch64-maybe-uninitialized.patch
+
+---
+Fri Apr 21 16:26:31 MDT 2017 - carn...@suse.com
+
+- Update to Xen 4.9.0-rc2 (fate#321394, fate#323108)
+  xen-4.9.0-testing-src.tar.bz2
+
+---
+Wed Apr 19 07:54:58 MDT 2017 - carn...@suse.com
+
+- Update to Xen 4.9.0-rc1 (fate#321394, fate#323108)
+  xen-4.9.0-testing-src.tar.bz2
+  ioemu-devicemodel-include.patch
+- Dropped patches contained in new tarball
+  xen-4.8.0-testing-src.tar.bz2
+  0001-xenstore-let-write_node-and-some-callers-return-errn.patch
+  0002-xenstore-undo-function-rename.patch
+  0003-xenstore-rework-of-transaction-handling.patch
+  584806ce-x86emul-correct-PUSHF-POPF.patch
+  584fc649-fix-determining-when-domain-creation-is-complete.patch
+  58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch
+  58510cac-x86emul-MOVNTI-no-REP-prefixes.patch
+  58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch
+  5853ed37-VT-d-correct-dma_msi_set_affinity.patch
+  5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch
+  58580060-x86-emul-correct-SYSCALL-eflags-handling.patch
+  585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch
+  585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch
+  585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch
+  586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch
+  587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch
+  587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch
+  5882129d-x86emul-LOCK-check-adjustments.patch
+  58821300-x86-segment-attribute-handling.patch
+  58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch
+  58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch
+  5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch
+  5887888f-credit2-never-consider-CPUs-outside-of-pool.patch
+  5887888f-credit2-use-the-correct-scratch-cpumask.patch
+  5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch
+  5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch
+  
589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch
+  58a44771-IOMMU-always-call-teardown-callback.patch
+  58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch
+  58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch
+  58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch
+  58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch
+  58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch
+  58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch
+  58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch
+  58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch
+  58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch
+  58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch
+  58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch
+  

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2017-03-09 01:35:29

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Thu Mar  9 01:35:29 2017 rev:226 rq:461996 version:4.8.0_04

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2017-02-03 20:05:39.761672482 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2017-03-09 
01:35:31.444041826 +0100
@@ -1,0 +2,48 @@
+Thu Mar  2 15:21:25 MST 2017 - carn...@suse.com
+
+- bsc#1027654 - XEN fails to build against glibc 2.25
+  glibc-2.25-compatibility-fix.patch
+  libxl.pvscsi.patch
+
+---
+Thu Feb 16 11:42:23 UTC 2017 - oher...@suse.de
+
+- fate#316613: Refresh and enable libxl.pvscsi.patch
+
+---
+Fri Feb 10 11:22:01 MST 2017 - carn...@suse.com
+
+- bsc#1024834 - VUL-0: CVE-2017-2620: xen: cirrus_bitblt_cputovideo
+  does not check if memory region is safe (XSA-209)
+  
CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch
+
+---
+Wed Feb  8 10:19:24 MST 2017 - carn...@suse.com
+
+- bsc#1023948 - [pvusb][sles12sp3][openqa] Segmentation fault
+  happened when adding usbctrl devices via xl
+  
589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch
+
+---
+Thu Feb  2 09:57:01 MST 2017 - carn...@suse.com
+
+- Upstream patches from Jan (bsc#1027519)
+  587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch
+  587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch
+  5882129d-x86emul-LOCK-check-adjustments.patch
+  58821300-x86-segment-attribute-handling.patch
+  58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch
+  58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch
+  5887888f-credit2-use-the-correct-scratch-cpumask.patch
+  5887888f-credit2-never-consider-CPUs-outside-of-pool.patch
+  5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch
+  5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch
+
+---
+Wed Feb  1 09:36:25 MST 2017 - carn...@suse.com
+
+- bsc#1023004 - VUL-0: CVE-2017-2615: qemu: display: cirrus: oob
+  access while doing bitblt copy backward mode
+  
CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch
+
+---
@@ -4,4 +52,3 @@
-- Xen 4.8 requires the acpica package (iasl) to build.
-  fate#322313 and fate#322150 require the acpica package to be
-  ported to aarch64 which is now down. Enable aarch64 in the spec
-  for building Xen on aarch64.
+- fate#322313 and fate#322150 require the acpica package ported to
+  aarch64 which Xen 4.8 needs to build. Temporarily disable aarch64
+  until these fates are complete.
@@ -45,0 +93,7 @@
+Wed Jan  4 14:59:04 MST 2017 - carn...@suse.com
+
+- bsc#1015169 - VUL-0: CVE-2016-9921, CVE-2016-9922: xen: qemu:
+  display: cirrus_vga: a divide by zero in cirrus_do_copy
+  CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch
+
+---
@@ -62,2 +116,2 @@
-- bsc#1014298 - VUL-0: xen: x86 PV guests may be able to mask
-  interrupts (XSA-202)
+- bsc#1014298 - VUL-0: CVE-2016-10024: xen: x86 PV guests may be
+  able to mask interrupts (XSA-202)
@@ -65,2 +119,2 @@
-- bsc#1014300 - VUL-0: xen: x86: missing NULL pointer check in
-  VMFUNC emulation (XSA-203)
+- bsc#1014300 - VUL-0: CVE-2016-10025: xen: x86: missing NULL
+  pointer check in VMFUNC emulation (XSA-203)

New:

  587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch
  587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch
  5882129d-x86emul-LOCK-check-adjustments.patch
  58821300-x86-segment-attribute-handling.patch
  58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch
  58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch
  5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch
  5887888f-credit2-never-consider-CPUs-outside-of-pool.patch
  5887888f-credit2-use-the-correct-scratch-cpumask.patch
  5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch
  
589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch
  CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch
  
CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch
  
CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch
  glibc-2.25-compatibility-fix.patch

commit xen for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2017-01-31 12:27:17

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2016-09-17 14:34:17.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2017-02-03 
20:05:39.761672482 +0100
@@ -1,0 +2,274 @@
+Thu Jan 26 10:30:19 MST 2017 - carn...@suse.com
+
+- Xen 4.8 requires the acpica package (iasl) to build.
+  fate#322313 and fate#322150 require the acpica package to be
+  ported to aarch64 which is now down. Enable aarch64 in the spec
+  for building Xen on aarch64.
+  xen.spec
+
+---
+Wed Jan 25 15:39:26 MST 2017 - carn...@suse.com
+
+- bsc#1021952 - Virutalization/xen: Bug xen-tools missing
+  /usr/bin/domu-xenstore; guests fail to launch
+  tmp_build.patch
+  xen.spec
+
+---
+Wed Jan 18 10:50:52 UTC 2017 - oher...@suse.de
+
+- No systemd presets for 42.3+ and SLE12SP3+ (bsc#1012842)
+
+---
+Thu Jan 12 11:34:06 MST 2017 - carn...@suse.com
+
+- bsc#1007224 - broken symlinks in /usr/share/doc/packages/xen/misc/
+  xen.spec
+
+---
+Mon Jan  9 10:54:19 MST 2017 - carn...@suse.com
+
+- 585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch
+  Replaces xsa202.patch (bsc#1014298)
+- 585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch
+  Replaces xsa203.patch (bsc#1014300)
+- 58580060-x86-emul-correct-SYSCALL-eflags-handling.patch
+  Replaces xsa204.patch (bsc#1016340)
+- Upstream patches from Jan
+  58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch
+  5853ed37-VT-d-correct-dma_msi_set_affinity.patch
+  5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch
+  585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch
+  586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch
+
+---
+Mon Dec 19 10:32:51 MST 2016 - carn...@suse.com
+
+- bsc#1016340 - VUL-0: CVE-2016-10013: xen: x86: Mishandling of
+  SYSCALL singlestep during emulation (XSA-204)
+  xsa204.patch
+
+---
+Thu Dec 15 09:08:18 MST 2016 - carn...@suse.com
+
+- bsc#1012651 - VUL-0: CVE-2016-9932: xen: x86 CMPXCHG8B emulation
+  fails to ignore operand size override (XSA-200)
+  58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch
+
+---
+Wed Dec 14 08:24:41 MST 2016 - carn...@suse.com
+
+- bsc#1014298 - VUL-0: xen: x86 PV guests may be able to mask
+  interrupts (XSA-202)
+  xsa202.patch
+- bsc#1014300 - VUL-0: xen: x86: missing NULL pointer check in
+  VMFUNC emulation (XSA-203)
+  xsa203.patch
+- Upstream patches from Jan
+  584806ce-x86emul-correct-PUSHF-POPF.patch
+  584fc649-fix-determining-when-domain-creation-is-complete.patch
+  58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch
+  58510cac-x86emul-MOVNTI-no-REP-prefixes.patch
+
+---
+Mon Dec  5 15:32:00 MST 2016 - carn...@suse.com
+
+- Update to Xen 4.8 FCS
+  xen-4.8.0-testing-src.tar.bz2
+- Dropped
+  xen-4.7.1-testing-src.tar.bz2
+  0001-libxc-Rework-extra-module-initialisation.patch
+  0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch
+  0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch
+  0004-firmware-makefile-install-BIOS-blob.patch
+  0005-libxl-Load-guest-BIOS-from-file.patch
+  0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch
+  0007-hvmloader-Grab-the-hvm_start_info-pointer.patch
+  0008-hvmloader-Locate-the-BIOS-blob.patch
+  0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch
+  0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch
+  0011-hvmloader-Load-OVMF-from-modules.patch
+  0012-hvmloader-Specific-bios_load-function-required.patch
+  0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch
+  0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch
+  57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch
+  576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch
+  5769106e-x86-generate-assembler-equates-for-synthesized.patch
+  57a1e603-x86-time-adjust-local-system-time-initialization.patch
+  57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch
+  57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch
+  57a30261-x86-support-newer-Intel-CPU-models.patch
+  5810a9cc-x86-emul-Correct-decoding-of-SReg3-operands.patch
+  

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2016-09-17 14:34:14

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2016-08-26 23:14:41.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2016-09-17 
14:34:17.0 +0200
@@ -1,0 +2,45 @@
+Mon Sep 12 08:44:11 MDT 2016 - carn...@suse.com
+
+- bsc#995785 - VUL-0: CVE-2016-7092: xen: x86: Disallow L3
+  recursive pagetable for 32-bit PV guests (XSA-185)
+  57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch
+- bsc#995789 - VUL-0: CVE-2016-7093: xen: x86: Mishandling of
+  instruction pointer truncation during emulation (XSA-186)
+  57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch
+  57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch
+- bsc#995792 - VUL-0: CVE-2016-7094: xen: x86 HVM: Overflow of
+  sh_ctxt->seg_reg[] (XSA-187)
+  57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch
+  57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch
+- bsc#991934 - xen hypervisor crash in csched_acct
+  57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch
+- Upstream patches from Jan
+  57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch
+  57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch
+  57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch
+  57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch
+  57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch
+  57c82be2-x86-32on64-adjust-call-gate-emulation.patch
+  57c96e2c-x86-correct-PT_NOTE-file-position.patch
+  57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch
+
+---
+Mon Sep 12 13:10:21 UTC 2016 - oher...@suse.de
+
+- bsc#979002 - add 60-persistent-xvd.rules and helper script
+  also to initrd, add the relevant dracut helper
+
+---
+Mon Sep  5 11:39:21 UTC 2016 - oher...@suse.de
+
+- bnc#953518 - unplug also SCSI disks in qemu-xen-traditional for
+  upstream unplug protocol
+
+---
+Fri Sep  2 08:32:44 MDT 2016 - carn...@suse.com
+
+- bsc#989679 - [pvusb feature] USB device not found when
+  'virsh detach-device guest usb.xml'
+  57c93e52-fix-error-in-libxl_device_usbdev_list.patch
+
+---

New:

  57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch
  57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch
  57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch
  57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch
  57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch
  57c82be2-x86-32on64-adjust-call-gate-emulation.patch
  57c93e52-fix-error-in-libxl_device_usbdev_list.patch
  57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch
  57c96e2c-x86-correct-PT_NOTE-file-position.patch
  57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch
  57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch
  57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch
  57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch
  57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch
  57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.3aw7sj/_old  2016-09-17 14:34:20.0 +0200
+++ /var/tmp/diff_new_pack.3aw7sj/_new  2016-09-17 14:34:20.0 +0200
@@ -165,7 +165,7 @@
 %endif
 %endif
 
-Version:4.7.0_10
+Version:4.7.0_12
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0
@@ -219,6 +219,21 @@
 Patch14:57ac6316-don-t-restrict-DMA-heap-to-node-0.patch
 Patch15:
57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch
 Patch16:
57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch
+Patch17:57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch
+Patch18:
57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch
+Patch19:
57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch
+Patch20:57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch
+Patch21:
57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch
+Patch22:

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2016-08-26 23:14:40

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2016-08-10 19:54:54.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2016-08-26 
23:14:41.0 +0200
@@ -1,0 +2,19 @@
+Tue Aug 23 08:07:46 MDT 2016 - carn...@suse.com
+
+- bsc#992224 - [HPS Bug] During boot of Xen Hypervisor, Failed to
+  get contiguous memory for DMA from Xen
+  57ac6316-don-t-restrict-DMA-heap-to-node-0.patch
+- bsc#978755 - xen uefi systems fail to boot
+- bsc#983697 - SLES12 SP2 Xen UEFI mode cannot boot
+  57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch
+- Upstream patch from Jan
+  57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch
+
+---
+Mon Aug  8 18:27:23 UTC 2016 - jfeh...@suse.com
+
+- spec: to stay compatible with the in-tree qemu-xen binary, use
+  /usr/bin/qemu-system-i386 instead of /usr/bin/qemu-system-x86_64
+  bsc#986164
+
+---

New:

  57ac6316-don-t-restrict-DMA-heap-to-node-0.patch
  57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch
  57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.aceELi/_old  2016-08-26 23:14:44.0 +0200
+++ /var/tmp/diff_new_pack.aceELi/_new  2016-08-26 23:14:44.0 +0200
@@ -216,6 +216,9 @@
 Patch11:57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch
 Patch12:57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch
 Patch13:57a30261-x86-support-newer-Intel-CPU-models.patch
+Patch14:57ac6316-don-t-restrict-DMA-heap-to-node-0.patch
+Patch15:
57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch
+Patch16:
57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch
 # Upstream qemu-traditional patches
 Patch250:   VNC-Support-for-ExtendedKeyEvent-client-message.patch
 Patch251:   0001-net-move-the-tap-buffer-into-TAPState.patch
@@ -550,6 +553,9 @@
 %patch11 -p1
 %patch12 -p1
 %patch13 -p1
+%patch14 -p1
+%patch15 -p1
+%patch16 -p1
 # Upstream qemu patches
 %patch250 -p1
 %patch251 -p1
@@ -762,7 +768,7 @@
 %endif
--with-system-ovmf=%{_datadir}/qemu/ovmf-x86_64-ms.bin \
--with-system-seabios=%{_datadir}/qemu/bios-256k.bin \
-   --with-system-qemu=%{_bindir}/qemu-system-%{_arch} \
+   --with-system-qemu=%{_bindir}/qemu-system-i386 \
 ${configure_flags}
 make -C tools/include/xen-foreign %{?_smp_mflags}
 make %{?_smp_mflags}
@@ -909,12 +915,13 @@
 # and advertised as the  in libvirt capabilities. Tool such as
 # virt-install include  in domXML they produce, so we need to
 # preserve the path. For x86_64, create a simple wrapper that invokes
-# /usr/bin/qemu-system-x86_64
+# /usr/bin/qemu-system-i386
+# Using qemu-system-x86_64 will result in an incompatible VM
 %ifarch x86_64
 cat > $RPM_BUILD_ROOT/usr/lib/xen/bin/qemu-system-i386 << 'EOF'
 #!/bin/sh
 
-exec %{_bindir}/qemu-system-x86_64 "$@"
+exec %{_bindir}/qemu-system-i386 "$@"
 EOF
 chmod 0755 $RPM_BUILD_ROOT/usr/lib/xen/bin/qemu-system-i386
 %endif

++ 57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch ++
--- /var/tmp/diff_new_pack.aceELi/_old  2016-08-26 23:14:44.0 +0200
+++ /var/tmp/diff_new_pack.aceELi/_new  2016-08-26 23:14:44.0 +0200
@@ -17,6 +17,18 @@
 Reviewed-by: Andrew Cooper 
 Tested-by: Joao Martins 
 
+# Commit 7fb0a87d97201f9c3639f85615eacd93110dc1c5
+# Date 2016-08-05 18:00:45 +0200
+# Author Jan Beulich 
+# Committer Jan Beulich 
+x86/time: also use rdtsc_ordered() in check_tsc_warp()
+
+This really was meant to be added in a v2 of what became commit
+fa74e70500 ("x86/time: introduce and use rdtsc_ordered()").
+
+Signed-off-by: Jan Beulich 
+Reviewed-by: Andrew Cooper 
+
 --- a/xen/arch/x86/apic.c
 +++ b/xen/arch/x86/apic.c
 @@ -1137,7 +1137,7 @@ static int __init calibrate_APIC_clock(v
@@ -108,7 +120,36 @@
  t->local_tsc_stamp = curr_tsc;
  set_time_scale(>tsc_scale, freq);
  local_irq_enable();
-@@ -1248,7 +1248,7 @@ static void time_calibration_tsc_rendezv
+@@ -1124,16 +1124,13 @@ static void local_time_calibration(void)
+  */
+ static void check_tsc_warp(unsigned long tsc_khz, unsigned long *max_warp)
+ {
+-#define rdtsc_barrier() mb()
+ static 

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2016-08-10 19:54:53

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2016-07-01 09:55:47.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2016-08-10 
19:54:54.0 +0200
@@ -1,0 +2,42 @@
+Thu Aug  4 09:12:34 MDT 2016 - carn...@suse.com
+
+- bsc#970135 - new virtualization project clock test randomly fails
+  on Xen
+  576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch
+  5769106e-x86-generate-assembler-equates-for-synthesized.patch
+  57a1e603-x86-time-adjust-local-system-time-initialization.patch
+  57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch
+  57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch
+- bsc#991934 - xen hypervisor crash in csched_acct
+  57973099-have-schedulers-revise-initial-placement.patch
+  579730e6-remove-buggy-initial-placement-algorithm.patch
+- bsc#988675 - VUL-0: CVE-2016-6258: xen: x86: Privilege escalation
+  in PV guests (XSA-182)
+  57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch
+- bsc#988676 - VUL-0: CVE-2016-6259: xen: x86: Missing SMAP
+  whitelisting in 32-bit exception / event delivery (XSA-183)
+  57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch
+- Upstream patches from Jan
+  57a30261-x86-support-newer-Intel-CPU-models.patch
+
+---
+Mon Aug  1 11:46:22 MDT 2016 - carn...@suse.com
+
+- bsc#985503 - vif-route broken
+  vif-route.patch
+
+---
+Thu Jul 28 05:23:12 MDT 2016 - carn...@suse.com
+
+- bsc#978413 - PV guest upgrade from sles11sp4 to sles12sp2 alpha3
+  failed on sles11sp4 xen host.
+  pygrub-handle-one-line-menu-entries.patch
+
+---
+Wed Jul 27 14:09:06 MDT 2016 - carn...@suse.com
+
+- bsc#990843 - VUL-1: CVE-2016-6351: xen: qemu: scsi: esp: OOB
+  write access in esp_do_dma
+  
CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch
+
+---

New:

  576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch
  5769106e-x86-generate-assembler-equates-for-synthesized.patch
  57973099-have-schedulers-revise-initial-placement.patch
  579730e6-remove-buggy-initial-placement-algorithm.patch
  57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch
  57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch
  57a1e603-x86-time-adjust-local-system-time-initialization.patch
  57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch
  57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch
  57a30261-x86-support-newer-Intel-CPU-models.patch
  CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch
  pygrub-handle-one-line-menu-entries.patch
  vif-route.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.04sqRm/_old  2016-08-10 19:54:56.0 +0200
+++ /var/tmp/diff_new_pack.04sqRm/_new  2016-08-10 19:54:56.0 +0200
@@ -165,7 +165,7 @@
 %endif
 %endif
 
-Version:4.7.0_08
+Version:4.7.0_10
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0
@@ -205,7 +205,17 @@
 # Upstream patches
 Patch1: 57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch
 Patch2: 
575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch
-Patch3: 
57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch
+Patch3: 
576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch
+Patch4: 
57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch
+Patch5: 5769106e-x86-generate-assembler-equates-for-synthesized.patch
+Patch6: 57973099-have-schedulers-revise-initial-placement.patch
+Patch7: 579730e6-remove-buggy-initial-placement-algorithm.patch
+Patch8: 
57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch
+Patch9: 
57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch
+Patch10:57a1e603-x86-time-adjust-local-system-time-initialization.patch
+Patch11:57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch
+Patch12:57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch
+Patch13:57a30261-x86-support-newer-Intel-CPU-models.patch
 # Upstream qemu-traditional patches
 Patch250:   

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2016-07-01 09:55:45

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2016-06-14 23:05:52.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2016-07-01 
09:55:47.0 +0200
@@ -1,0 +2,43 @@
+Thu Jun 23 09:45:38 MDT 2016 - carn...@suse.com
+
+- bsc#900418 - Dump cannot be performed on SLES12 XEN
+  57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch
+- Upstream patches from Jan
+  575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch
+  57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch
+
+---
+Tue Jun 21 08:26:51 MDT 2016 - carn...@suse.com
+
+- fate#319989 - Update to Xen 4.7 FCS
+  xen-4.7.0-testing-src.tar.bz2
+- Drop CVE-2014-3672-qemut-xsa180.patch
+
+---
+Thu Jun 16 16:27:25 MDT 2016 - carn...@suse.com
+
+- bsc#954872 - script block-dmmd not working as expected - libxl:
+  error: libxl_dm.c (Additional fixes)
+  block-dmmd
+
+---
+Fri Jun 10 14:23:51 UTC 2016 - oher...@suse.de
+
+- Convert with_stubdom into build_conditional to allow adjusting
+  via prjconf
+- Convert with_debug into build_conditional to allow adjusting
+  via prjconf
+
+---
+Fri Jun 10 13:36:32 UTC 2016 - oher...@suse.de
+
+- bsc#979002 - add 60-persistent-xvd.rules and helper script to
+  xen-tools-domU to simplify transition to pvops based kernels
+  
+---
+Fri Jun 10 13:18:13 UTC 2016 - oher...@suse.de
+
+- Convert with_oxenstored into build_conditional to allow
+  adjusting via prjconf (fate#320836)
+
+---
@@ -112 +155 @@
-- Update to the latest Xen 4.7 pre-release c2994f86 (fate#319989)
+- Update to the latest Xen 4.7 pre-release c2994f86

Old:

  CVE-2014-3672-qemut-xsa180.patch

New:

  57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch
  575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch
  57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.l6yEkQ/_old  2016-07-01 09:55:50.0 +0200
+++ /var/tmp/diff_new_pack.l6yEkQ/_new  2016-07-01 09:55:50.0 +0200
@@ -24,17 +24,20 @@
 %define xen_build_dir xen-4.7.0-testing
 #
 %define with_kmp 0
-%define with_debug 0
-%define with_stubdom 0
 %define with_gdbsx 0
 %define with_dom0_support 0
 %define with_qemu_traditional 0
-%define with_oxenstored 0
+%bcond_withxen_oxenstored
+%ifarch x86_64
+%bcond_without xen_debug
+%bcond_without xen_stubdom
+%else
+%bcond_withxen_debug
+%bcond_withxen_stubdom
+%endif
 #
 %ifarch x86_64
 %define with_kmp 0
-%define with_debug 1
-%define with_stubdom 1
 %define with_gdbsx 1
 %define with_dom0_support 1
 %define with_qemu_traditional 1
@@ -108,7 +111,7 @@
 BuildRequires:  SDL-devel
 BuildRequires:  pciutils-devel
 %endif
-%if %{?with_stubdom}0
+%if %{with xen_stubdom}
 %if 0%{?suse_version} < 1230
 BuildRequires:  texinfo
 %else
@@ -116,13 +119,15 @@
 %endif
 %endif
 BuildRequires:  ncurses-devel
-%if %{?with_oxenstored}0
+%if %{?with_dom0_support}0
+%if %{with xen_oxenstored}
 BuildRequires:  ocaml
 BuildRequires:  ocaml-compiler-libs
 BuildRequires:  ocaml-findlib
 BuildRequires:  ocaml-ocamldoc
 BuildRequires:  ocaml-runtime
 %endif
+%endif
 BuildRequires:  openssl-devel
 BuildRequires:  python-devel
 %if %{?with_systemd}0
@@ -160,7 +165,7 @@
 %endif
 %endif
 
-Version:4.7.0_06
+Version:4.7.0_08
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0
@@ -198,6 +203,9 @@
 # For xen-libs
 Source99:   baselibs.conf
 # Upstream patches
+Patch1: 57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch
+Patch2: 
575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch
+Patch3: 
57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch
 # Upstream qemu-traditional patches
 Patch250:   VNC-Support-for-ExtendedKeyEvent-client-message.patch
 Patch251:   0001-net-move-the-tap-buffer-into-TAPState.patch
@@ -228,9 +236,8 @@
 Patch276:   
CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch
 Patch277:   

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2016-03-07 13:22:56

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2016-03-02 14:21:07.0 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2016-03-07 
13:22:58.0 +0100
@@ -1,0 +2,54 @@
+Fri Mar  4 16:11:02 MST 2016 - carn...@suse.com
+
+- bsc#969377 - xen does not build with GCC 6
+  ipxe-use-rpm-opt-flags.patch
+  gcc6-warnings-as-errors.patch
+
+---
+Thu Mar  3 10:27:55 MST 2016 - carn...@suse.com
+
+- bsc#969351 - VUL-0: CVE-2016-2841: xen: net: ne2000: infinite
+  loop in ne2000_receive
+  CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch
+- Drop xsa154-fix.patch
+
+---
+Wed Mar  2 16:53:51 UTC 2016 - jfeh...@suse.com
+
+- Use system qemu instead of building/installing yet another qemu
+  FATE#320638
+- Dropped files
+  qemu-xen-dir-remote.tar.bz2
+  CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch
+  CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch
+  CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch
+  CVE-2015-4037-qemuu-smb-config-dir-name.patch
+  CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
+  CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch
+  CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
+  CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch
+  
CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch
+  CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch
+  CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch
+  CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch
+  
CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch
+  CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch
+  CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch
+  CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch
+  CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch
+  
CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
+  
CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch
+  CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch
+  qemu-xen-enable-spice-support.patch
+  qemu-xen-upstream-qdisk-cache-unsafe.patch
+  tigervnc-long-press.patch
+  xsa162-qemuu.patch
+
+---
+Mon Feb 29 09:40:43 MST 2016 - carn...@suse.com
+
+- bsc#962321 - VUL-0: CVE-2016-1922: xen: i386: null pointer
+  dereference in vapic_write()
+  CVE-2016-1922-qemuu-i386-null-pointer-dereference-in-vapic_write.patch
+
+---
@@ -22,0 +77 @@
+  CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch
@@ -70 +124,0 @@
-  xsa154-fix.patch
@@ -86,0 +141,3 @@
+- bsc#965112 - VUL-0: CVE-2014-3640: xen: slirp: NULL pointer deref
+  in sosendto()
+  CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch
@@ -115,0 +173,3 @@
+- bsc#964452 - VUL-0: CVE-2013-4534: xen: openpic: buffer overrun
+  on incoming migration
+  CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch
@@ -453 +512,0 @@
-  CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch
@@ -456 +514,0 @@
-  CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch

Old:

  CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch
  CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch
  CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch
  CVE-2015-4037-qemuu-smb-config-dir-name.patch
  CVE-2015-6855-qemuu-ide-divide-by-zero-issue.patch
  CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
  CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch
  CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
  CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch
  
CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch
  CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch
  CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch
  CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch
  CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch
  
CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch
  

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2016-03-02 14:20:57

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2016-02-25 22:02:13.0 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2016-03-02 
14:21:07.0 +0100
@@ -1,0 +2,26 @@
+Wed Feb 24 08:05:02 MST 2016 - carn...@suse.com
+
+- bsc#968004 - VUL-0: CVE-2016-2538: xen: usb: integer overflow in
+  remote NDIS control message handling
+  
CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch
+
+---
+Thu Feb 18 10:39:00 MST 2016 - carn...@suse.com
+
+- bsc#954872 - L3: script block-dmmd not working as expected -
+  libxl: error: libxl_dm.c
+  block-dmmd
+- Update libxl to recognize dmmd and npiv prefix in disk spec
+  xen.libxl.dmmd.patch
+
+---
+Wed Feb 17 08:30:35 MST 2016 - carn...@suse.com
+
+- bsc#967101 - VUL-0: CVE-2016-2391: xen: usb: multiple eof_timers
+  in ohci module leads to null pointer dereference
+  CVE-2016-2391-qemuu-usb-null-pointer-dereference-in-ohci-module.patch
+- bsc#967090 - VUL-0: CVE-2016-2392: xen: usb: null pointer
+  dereference in remote NDIS control message handling
+  
CVE-2016-2392-qemuu-usb-null-pointer-dereference-in-NDIS-message-handling.patch
+
+---
@@ -36,0 +63,11 @@
+
+---
+Fri Feb  5 13:07:53 MST 2016 - carn...@suse.com
+
+- bsc#965315 - VUL-0: CVE-2016-2270: xen: x86: inconsistent
+  cachability flags on guest mappings (XSA-154)
+  xsa154.patch
+  xsa154-fix.patch
+- bsc#965317 - VUL-0: CVE-2016-2271: xen: VMX: guest user mode may
+  crash guest with non-canonical RIP (XSA-170)
+  xsa170.patch

New:

  CVE-2016-2391-qemuu-usb-null-pointer-dereference-in-ohci-module.patch
  
CVE-2016-2392-qemuu-usb-null-pointer-dereference-in-NDIS-message-handling.patch
  CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch
  xen.libxl.dmmd.patch
  xsa154-fix.patch
  xsa154.patch
  xsa170.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.DdfhB8/_old  2016-03-02 14:21:10.0 +0100
+++ /var/tmp/diff_new_pack.DdfhB8/_new  2016-03-02 14:21:10.0 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package xen
 #
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -15,7 +15,6 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
-
 # needssslcertforbuild
 
 Name:   xen
@@ -207,11 +206,14 @@
 Patch2: 5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch
 Patch3: 5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch
 Patch4: 
5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch
+Patch15401: xsa154.patch
+Patch15402: xsa154-fix.patch
 Patch15501: xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch
 Patch15502: xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch
 Patch15503: xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch
 Patch162:   xsa162-qemuu.patch
 Patch164:   xsa164.patch
+Patch170:   xsa170.patch
 # Upstream qemu
 Patch250:   VNC-Support-for-ExtendedKeyEvent-client-message.patch
 Patch251:   0001-net-move-the-tap-buffer-into-TAPState.patch
@@ -254,6 +256,9 @@
 Patch289:   
CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch
 Patch290:   CVE-2015-6855-qemuu-ide-divide-by-zero-issue.patch
 Patch291:   
CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch
+Patch292:   
CVE-2016-2392-qemuu-usb-null-pointer-dereference-in-NDIS-message-handling.patch
+Patch293:   
CVE-2016-2391-qemuu-usb-null-pointer-dereference-in-ohci-module.patch
+Patch294:   
CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch
 # Our platform specific patches
 Patch321:   xen-destdir.patch
 Patch322:   vif-bridge-no-iptables.patch
@@ -309,6 +314,7 @@
 Patch472:   tigervnc-long-press.patch
 Patch473:   xendomains-libvirtd-conflict.patch
 Patch474:   CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch
+Patch475:   xen.libxl.dmmd.patch
 # Hypervisor and PV driver Patches
 Patch501:   x86-ioapic-ack-default.patch
 Patch502:   

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2016-02-25 21:55:47

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2016-02-07 09:22:41.0 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2016-02-25 
22:02:13.0 +0100
@@ -1,0 +2,79 @@
+Thu Feb 11 09:29:01 MST 2016 - carn...@suse.com
+
+- Update to Xen Version 4.6.1
+  xen-4.6.1-testing-src.tar.bz2
+- Dropped patches now contained in tarball or unnecessary
+  xen-4.6.0-testing-src.tar.bz2
+  5604f239-x86-PV-properly-populate-descriptor-tables.patch
+  561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-it-is-zero.patch
+  561d2046-VT-d-use-proper-error-codes-in-iommu_enable_x2apic_IR.patch
+  561d20a0-x86-hide-MWAITX-from-PV-domains.patch
+  
561e3283-x86-NUMA-fix-SRAT-table-processor-entry-parsing-and-consumption.patch
+  5632118e-arm-Support-hypercall_create_continuation-for-multicall.patch
+  56321222-arm-rate-limit-logging-from-unimplemented-PHYSDEVOP-and-HVMOP.patch
+  
56321249-arm-handle-races-between-relinquish_memory-and-free_domheap_pages.patch
+  5632127b-x86-guard-against-undue-super-page-PTE-creation.patch
+  5632129c-free-domain-s-vcpu-array.patch
+  563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
+  563212e4-xenoprof-free-domain-s-vcpu-array.patch
+  563212ff-x86-rate-limit-logging-in-do_xen-oprof-pmu-_op.patch
+  56323737-libxl-adjust-PoD-target-by-memory-fudge-too.patch
+  56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch
+  5641ceec-x86-HVM-always-intercept-AC-and-DB.patch
+  56549f24-x86-vPMU-document-as-unsupported.patch
+  5677f350-x86-make-debug-output-consistent-in-hvm_set_callback_via.patch
+  xsa155-qemut-qdisk-double-access.patch
+  xsa155-qemut-xenfb.patch
+  xsa155-qemuu-qdisk-double-access.patch
+  xsa155-qemuu-xenfb.patch
+  xsa159.patch
+  xsa160.patch
+  xsa162-qemut.patch
+  xsa165.patch
+  xsa166.patch
+  xsa167.patch
+  xsa168.patch
+
+---
+Fri Feb  5 08:51:16 MST 2016 - carn...@suse.com
+
+- bsc#965269 - VUL-1: CVE-2015-8619: xen: stack based OOB write in
+  hmp_sendkey routine
+  CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch
+
+---
+Thu Feb  4 09:26:34 MST 2016 - carn...@suse.com
+
+- bsc#965156 - VUL-0: CVE-2015-6855: xen: ide: divide by zero issue
+  CVE-2015-6855-qemuu-ide-divide-by-zero-issue.patch
+
+---
+Wed Feb  3 10:47:41 MST 2016 - carn...@suse.com
+
+- bsc#964947 - VUL-0: CVE-2015-5278: xen: Infinite loop in
+  ne2000_receive() function
+  CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch
+- bsc#956832 - VUL-0: CVE-2015-8345: xen: qemu: net: eepro100:
+  infinite loop in processing command block list
+  CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
+  CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch
+
+---
+Tue Feb  2 08:45:07 MST 2016 - carn...@suse.com
+
+- bsc#964644 - VUL-0: CVE-2013-4533: xen pxa2xx: buffer overrun on
+  incoming migration
+  CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch
+- bsc#964925 - VUL-0: CVE-2014-0222: xen: qcow1: validate L2 table
+  size to avoid integer overflows
+  CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch
+- Dropped CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch
+
+---
+Mon Feb  1 13:29:55 MST 2016 - carn...@suse.com
+
+- bsc#964415 - VUL-1: CVE-2016-2198: xen: usb: ehci null pointer
+  dereference in ehci_caps_write
+  
CVE-2016-2198-qemuu-usb-ehci-null-pointer-dereference-in-ehci_caps_write.patch
+
+---

Old:

  5604f239-x86-PV-properly-populate-descriptor-tables.patch
  561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-it-is-zero.patch
  561d2046-VT-d-use-proper-error-codes-in-iommu_enable_x2apic_IR.patch
  561d20a0-x86-hide-MWAITX-from-PV-domains.patch
  561e3283-x86-NUMA-fix-SRAT-table-processor-entry-parsing-and-consumption.patch
  5632118e-arm-Support-hypercall_create_continuation-for-multicall.patch
  56321222-arm-rate-limit-logging-from-unimplemented-PHYSDEVOP-and-HVMOP.patch
  
56321249-arm-handle-races-between-relinquish_memory-and-free_domheap_pages.patch
  5632127b-x86-guard-against-undue-super-page-PTE-creation.patch
  5632129c-free-domain-s-vcpu-array.patch
  563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
  563212e4-xenoprof-free-domain-s-vcpu-array.patch
  

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2016-02-07 09:22:39

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2016-01-08 15:21:58.0 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2016-02-07 
09:22:41.0 +0100
@@ -1,0 +2,87 @@
+Wed Jan 27 08:23:26 MST 2016 - carn...@suse.com
+
+- bsc#963783 - VUL-1: CVE-2016-1981: xen: net: e1000 infinite loop
+  in start_xmit and e1000_receive_iov routines
+  
CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
+  
CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
+
+---
+Wed Jan 20 08:21:42 MST 2016 - carn...@suse.com
+
+- bsc#962758 - VUL-0: CVE-2013-4539: xen: tsc210x: buffer overrun
+  on invalid state load
+  CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch
+
+---
+Tue Jan 19 09:23:56 MST 2016 - carn...@suse.com
+
+- bsc#962632 - VUL-0: CVE-2015-1779: xen: vnc: insufficient
+  resource limiting in VNC websockets decoder
+  CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch
+  CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch
+- bsc#962642 - VUL-0: CVE-2013-4537: xen: ssi-sd: buffer overrun on
+  invalid state load
+  CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch
+- bsc#962627 - VUL-0: CVE-2014-7815: xen: vnc: insufficient
+  bits_per_pixel from the client sanitization
+  CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch
+
+---
+Mon Jan 18 09:04:10 MST 2016 - carn...@suse.com
+
+- bsc#962335 - VUL-0: CVE-2013-4538: xen: ssd0323: fix buffer
+  overun on invalid state
+  CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch
+- bsc#962360 - VUL-0: CVE-2015-7512: xen: net: pcnet: buffer
+  overflow in non-loopback mode
+  CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
+  CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
+
+---
+Wed Jan 13 09:56:52 MST 2016 - carn...@suse.com
+
+- bsc#961692 - VUL-0: CVE-2016-1714: xen: nvram: OOB r/w access in
+  processing firmware configurations
+  CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch
+  CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch
+
+---
+Mon Jan 11 11:51:45 MST 2016 - carn...@suse.com
+
+- bsc#961358 - VUL-0: CVE-2015-8613: xen: qemu: scsi: stack based
+  buffer overflow in megasas_ctrl_get_info
+  CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch
+- bsc#961332 - VUL-0: CVE-2016-1568: xen: Qemu: ide: ahci
+  use-after-free vulnerability in aio port commands
+  CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch
+
+---
+Thu Jan  7 10:38:20 MST 2016 - carn...@suse.com
+
+- bsc#959695 - missing docs for xen
+  xen.spec
+
+---
+Wed Jan  6 10:38:36 MST 2016 - carn...@suse.com
+
+- bsc#960862 - VUL-0: CVE-2016-1571: xen: VMX: intercept issue with
+  INVLPG on non-canonical address (XSA-168)
+  xsa168.patch
+- bsc#960861 - VUL-0: CVE-2016-1570: xen: PV superpage
+  functionality missing sanity checks (XSA-167)
+  xsa167.patch
+- bsc#960836 - VUL-0: CVE-2015-8744: xen: net: vmxnet3: incorrect
+  l2 header validation leads to a crash via assert(2) call
+  
CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch
+
+---
+Tue Jan  5 13:56:08 MST 2016 - carn...@suse.com
+
+- bsc#960707 - VUL-0: CVE-2015-8745: xen: reading IMR registers
+  leads to a crash via assert(2) call
+  CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch
+- bsc#960726 - VUL-0: CVE-2015-8743: xen: ne2000: OOB memory access
+  in ioport r/w functions
+  CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch
+
+---

New:

  CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch
  CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch
  CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch
  CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch
  

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2016-01-08 15:21:56

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2016-01-01 19:47:04.0 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2016-01-08 
15:21:58.0 +0100
@@ -1,0 +2,7 @@
+Mon Jan  4 11:32:10 MST 2016 - carn...@suse.com
+
+- bsc#960093 - VUL-0: CVE-2015-8615: xen: x86: unintentional
+  logging upon guest changing callback method (XSA-169)
+  5677f350-x86-make-debug-output-consistent-in-hvm_set_callback_via.patch
+
+---
@@ -6,0 +14,73 @@
+
+---
+Wed Dec 16 12:16:21 MST 2015 - carn...@suse.com
+
+- bsc#959387 - VUL-0: CVE-2015-8568 CVE-2015-8567: xen: qemu: net:
+  vmxnet3: host memory leakage
+  CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch
+
+---
+Mon Dec 14 10:12:05 MST 2015 - carn...@suse.com
+
+- bsc#957988 - VUL-0: CVE-2015-8550: xen: paravirtualized drivers
+  incautious about shared memory contents (XSA-155)
+  xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch
+  xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch
+  xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch
+  xsa155-qemuu-qdisk-double-access.patch
+  xsa155-qemut-qdisk-double-access.patch
+  xsa155-qemuu-xenfb.patch
+  xsa155-qemut-xenfb.patch
+- bsc#959006 - VUL-0: CVE-2015-8558: xen: qemu: usb: infinite loop
+  in ehci_advance_state results in DoS
+  
CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch
+- bsc#958918 - VUL-0: CVE-2015-7549: xen: qemu pci: null pointer
+  dereference issue
+  CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch
+- bsc#958493 - VUL-0: CVE-2015-8504: xen: qemu: ui: vnc: avoid
+  floating point exception
+  CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch
+  CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch
+- bsc#958007 - VUL-0: CVE-2015-8554: xen: qemu-dm buffer overrun in
+  MSI-X handling (XSA-164)
+  xsa164.patch
+- bsc#958009 - VUL-0: CVE-2015-8555: xen: information leak in
+  legacy x86 FPU/XMM initialization (XSA-165)
+  xsa165.patch
+- bsc#958523 - VUL-0: xen: ioreq handling possibly susceptible to
+  multiple read issue (XSA-166)
+  xsa166.patch
+
+---
+Fri Nov 27 10:39:38 MST 2015 - carn...@suse.com
+
+- bsc#956832 - VUL-0: CVE-2015-8345: xen: qemu: net: eepro100:
+  infinite loop in processing command block list
+  CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
+  CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch
+- Upstream patches from Jan
+  56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch
+  5641ceec-x86-HVM-always-intercept-AC-and-DB.patch (Replaces 
CVE-2015-5307-xsa156.patch)
+  5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch
+  56544a57-VMX-fix-adjust-trap-injection.patch
+  56546ab2-sched-fix-insert_vcpu-locking.patch
+
+---
+Wed Nov 25 10:06:30 MST 2015 - carn...@suse.com
+
+- bsc#956592 - VUL-0: xen: virtual PMU is unsupported (XSA-163)
+  56549f24-x86-vPMU-document-as-unsupported.patch
+- bsc#956408 - VUL-0: CVE-2015-8339, CVE-2015-8340: xen:
+  XENMEM_exchange error handling issues (XSA-159)
+  xsa159.patch
+- bsc#956409 - VUL-0: CVE-2015-8341: xen: libxl leak of pv kernel
+  and initrd on error (XSA-160)
+  xsa160.patch
+- bsc#956411 - VUL-0: CVE-2015-7504: xen: heap buffer overflow
+  vulnerability in pcnet emulator (XSA-162)
+  xsa162-qemuu.patch
+  xsa162-qemut.patch
+- bsc#947165 - VUL-0: CVE-2015-7311: xen: libxl fails to honour
+  readonly flag on disks with qemu-xen (xsa-142)
+  5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch
+  5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch

New:

  5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch
  5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch
  56549f24-x86-vPMU-document-as-unsupported.patch
  5677f350-x86-make-debug-output-consistent-in-hvm_set_callback_via.patch
  CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch
  CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch
  CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
  CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch
  CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch
  
CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch
  CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch
  

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2016-01-01 19:46:52

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2015-12-18 21:53:28.0 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2016-01-01 
19:47:04.0 +0100
@@ -1,0 +2,7 @@
+Mon Dec 21 09:09:55 UTC 2015 - oher...@suse.de
+
+- Adjust xen-dom0-modules.service to run Before xenstored.service
+  instead of proc-xen.mount to workaround a bug in systemd "design"
+  (bnc#959845)
+
+---



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.cDQ6JD/_old  2016-01-01 19:47:07.0 +0100
+++ /var/tmp/diff_new_pack.cDQ6JD/_new  2016-01-01 19:47:07.0 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package xen
 #
-# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -15,6 +15,7 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
+
 # needssslcertforbuild
 
 Name:   xen

++ xen-dom0-modules.service ++
--- /var/tmp/diff_new_pack.cDQ6JD/_old  2016-01-01 19:47:08.0 +0100
+++ /var/tmp/diff_new_pack.cDQ6JD/_new  2016-01-01 19:47:08.0 +0100
@@ -1,7 +1,7 @@
 [Unit]
 Description=Load dom0 backend drivers
 ConditionPathExists=/proc/xen
-Before=proc-xen.mount
+Before=xenstored.service xen-watchdog.service
 
 [Install]
 WantedBy=multi-user.target

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2015-12-18 21:53:23

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2015-11-02 12:54:43.0 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2015-12-18 
21:53:28.0 +0100
@@ -1,0 +2,176 @@
+Tue Nov 24 08:44:57 MST 2015 - carn...@suse.com
+
+- fate#315712: XEN: Use the PVOPS kernel
+  Turn off building the KMPs now that we are using the pvops kernel
+  xen.spec
+
+---
+Thu Nov 19 11:18:03 MST 2015 - carn...@suse.com
+
+- Upstream patches from Jan
+  561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-it-is-zero.patch
+  561d20a0-x86-hide-MWAITX-from-PV-domains.patch
+  
561e3283-x86-NUMA-fix-SRAT-table-processor-entry-parsing-and-consumption.patch
+  5632118e-arm-Support-hypercall_create_continuation-for-multicall.patch
+  56321222-arm-rate-limit-logging-from-unimplemented-PHYSDEVOP-and-HVMOP.patch
+  
56321249-arm-handle-races-between-relinquish_memory-and-free_domheap_pages.patch
+  5632127b-x86-guard-against-undue-super-page-PTE-creation.patch
+  5632129c-free-domain-s-vcpu-array.patch (Replaces CVE-2015-7969-xsa149.patch)
+  563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
+  563212e4-xenoprof-free-domain-s-vcpu-array.patch
+  563212ff-x86-rate-limit-logging-in-do_xen-oprof-pmu-_op.patch
+  56323737-libxl-adjust-PoD-target-by-memory-fudge-too.patch
+  56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch
+  5641ceec-x86-HVM-always-intercept-AC-and-DB.patch (Replaces 
CVE-2015-5307-xsa156.patch)
+  5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch 
+- Dropped 55b0a2db-x86-MSI-track-guest-masking.patch
+
+---
+Thu Nov 19 07:47:47 UTC 2015 - oher...@suse.de
+
+- Use upstream variants of block-iscsi and block-nbd
+
+---
+Thu Nov 19 07:38:06 UTC 2015 - oher...@suse.de
+
+- Remove xenalyze.hg, its part of xen-4.6
+
+---
+Wed Nov 10 16:16:24 MDT 2015 - carn...@suse.com
+
+- Update to Xen Version 4.6.0
+  xen-4.6.0-testing-src.tar.bz2
+  mini-os.tar.bz2
+  blktap2-no-uninit.patch
+  stubdom-have-iovec.patch
+- Renamed
+  xsa149.patch to CVE-2015-7969-xsa149.patch
+- Dropped patches now contained in tarball or unnecessary
+  xen-4.5.2-testing-src.tar.bz2
+  54c2553c-grant-table-use-uint16_t-consistently-for-offset-and-length.patch
+  54ca33bc-grant-table-refactor-grant-copy-to-reduce-duplicate-code.patch
+  54ca340e-grant-table-defer-releasing-pages-acquired-in-a-grant-copy.patch
+  54f4985f-libxl-fix-libvirtd-double-free.patch
+  55103616-vm-assist-prepare-for-discontiguous-used-bit-numbers.patch
+  551ac326-xentop-add-support-for-qdisk.patch
+  552d0fd2-x86-hvm-don-t-include-asm-spinlock-h.patch
+  552d0fe8-x86-mtrr-include-asm-atomic.h.patch
+  552d293b-x86-vMSI-X-honor-all-mask-requests.patch
+  552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch
+  5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch
+  5548e903-domctl-don-t-truncate-XEN_DOMCTL_max_mem-requests.patch
+  5548e95d-x86-allow-to-suppress-M2P-user-mode-exposure.patch
+  554c7aee-x86-provide-arch_fetch_and_add.patch
+  554c7b00-arm-provide-arch_fetch_and_add.patch
+  554cc211-libxl-add-qxl.patch 55534b0a-x86-provide-add_sized.patch
+  55534b25-arm-provide-add_sized.patch
+  a4f8-use-ticket-locks-for-spin-locks.patch
+  a5b9-x86-arm-remove-asm-spinlock-h.patch
+  a8ec-introduce-non-contiguous-allocation.patch
+  556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch
+  5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch
+  55795a52-x86-vMSI-X-support-qword-MMIO-access.patch
+  557eb55f-gnttab-per-active-entry-locking.patch
+  557eb5b6-gnttab-introduce-maptrack-lock.patch
+  557eb620-gnttab-make-the-grant-table-lock-a-read-write-lock.patch
+  557ffab8-evtchn-factor-out-freeing-an-event-channel.patch
+  5582bf43-evtchn-simplify-port_is_valid.patch
+  5582bf81-evtchn-remove-the-locking-when-unmasking-an-event-channel.patch
+  5583d9c5-x86-MSI-X-cleanup.patch
+  5583da09-x86-MSI-track-host-and-guest-masking-separately.patch
+  5583da64-gnttab-use-per-VCPU-maptrack-free-lists.patch
+  5583da8c-gnttab-steal-maptrack-entries-from-other-VCPUs.patch
+  5587d711-evtchn-clear-xen_consumer-when-clearing-state.patch
+  
5587d779-evtchn-defer-freeing-struct-evtchn-s-until-evtchn_destroy_final.patch
+  5587d7b7-evtchn-use-a-per-event-channel-lock-for-sending-events.patch
+  5587d7e2-evtchn-pad-struct-evtchn-to-64-bytes.patch
+  

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2015-11-02 12:54:41

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2015-10-14 16:43:21.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2015-11-02 
12:54:43.0 +0100
@@ -1,0 +2,52 @@
+Wed Oct 28 09:47:38 MDT 2015 - carn...@suse.com
+
+- Upstream patches from Jan
+  5604f239-x86-PV-properly-populate-descriptor-tables.patch
+  561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-0.patch
+  561d2046-VT-d-use-proper-error-codes-in-iommu_enable_x2apic_IR.patch
+  561d20a0-x86-hide-MWAITX-from-PV-domains.patch
+  561e3283-x86-NUMA-fix-SRAT-table-processor-entry-handling.patch
+
+---
+Fri Oct 23 13:35:59 MDT 2015 - carn...@suse.com
+
+- bsc#951845 - VUL-0: CVE-2015-7972: xen: x86: populate-on-demand
+  balloon size inaccuracy can crash guests (XSA-153)
+  xsa153-libxl.patch
+
+---
+Fri Oct 16 08:40:31 MDT 2015 - carn...@suse.com
+
+- bsc#950703 - VUL-1: CVE-2015-7969: xen: leak of main per-domain
+  vcpu pointer array (DoS) (XSA-149)
+  xsa149.patch
+- bsc#950705 - VUL-1: CVE-2015-7969: xen: x86: leak of per-domain
+  profiling-related vcpu pointer array (DoS) (XSA-151)
+  xsa151.patch
+- bsc#950706 - VUL-0: CVE-2015-7971: xen: x86: some pmu and
+  profiling hypercalls log without rate limiting (XSA-152)
+  xsa152.patch
+- Dropped
+  55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch
+  5604f239-x86-PV-properly-populate-descriptor-tables.patch
+
+---
+Thu Oct 15 11:43:23 MDT 2015 - carn...@suse.com
+
+- bsc#932267 - VUL-1: CVE-2015-4037: qemu,kvm,xen: insecure
+  temporary file use in /net/slirp.c
+  CVE-2015-4037-qemuu-smb-config-dir-name.patch
+  CVE-2015-4037-qemut-smb-config-dir-name.patch
+- bsc#877642 - VUL-0: CVE-2014-0222: qemu: qcow1: validate L2 table
+  size to avoid integer overflows
+  CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch
+  CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch
+
+---
+Wed Oct 14 10:24:15 MDT 2015 - carn...@suse.com
+
+- bsc#950367 - VUL-0: CVE-2015-7835: xen: x86: Uncontrolled
+  creation of large page mappings by PV guests (XSA-148)
+  CVE-2015-7835-xsa148.patch
+
+---

Old:

  55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch

New:

  561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-0.patch
  561d2046-VT-d-use-proper-error-codes-in-iommu_enable_x2apic_IR.patch
  561d20a0-x86-hide-MWAITX-from-PV-domains.patch
  561e3283-x86-NUMA-fix-SRAT-table-processor-entry-handling.patch
  CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch
  CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch
  CVE-2015-4037-qemut-smb-config-dir-name.patch
  CVE-2015-4037-qemuu-smb-config-dir-name.patch
  CVE-2015-7835-xsa148.patch
  xsa149.patch
  xsa151.patch
  xsa152.patch
  xsa153-libxl.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.Do0HSP/_old  2015-11-02 12:54:48.0 +0100
+++ /var/tmp/diff_new_pack.Do0HSP/_new  2015-11-02 12:54:48.0 +0100
@@ -158,7 +158,7 @@
 %endif
 %endif
 
-Version:4.5.1_10
+Version:4.5.1_13
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0
@@ -205,41 +205,55 @@
 Patch2: 
55103616-vm-assist-prepare-for-discontiguous-used-bit-numbers.patch
 Patch3: 551ac326-xentop-add-support-for-qdisk.patch
 Patch4: 
552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch
-Patch5: 5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch
-Patch6: 
5548e903-domctl-don-t-truncate-XEN_DOMCTL_max_mem-requests.patch
-Patch7: 5548e95d-x86-allow-to-suppress-M2P-user-mode-exposure.patch
-Patch8: 554cc211-libxl-add-qxl.patch
-Patch9: 
556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch
-Patch10:5576f178-kexec-add-more-pages-to-v1-environment.patch
-Patch11:
55780be1-x86-EFI-adjust-EFI_MEMORY_WP-handling-for-spec-version-2.5.patch
-Patch12:558bfaa0-x86-traps-avoid-using-current-too-early.patch
-Patch13:5592a116-nested-EPT-fix-the-handling-of-nested-EPT.patch
-Patch14:559b9dd6-x86-p2m-ept-don-t-unmap-in-use-EPT-pagetable.patch
-Patch15:

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2015-10-14 16:43:18

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2015-09-24 07:16:59.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2015-10-14 
16:43:21.0 +0200
@@ -1,0 +2,45 @@
+Tue Oct  6 14:52:30 MDT 2015 - jfeh...@suse.com
+
+- bsc#949138 - Setting vcpu affinity under Xen causes libvirtd
+  abort 
+  54f4985f-libxl-fix-libvirtd-double-free.patch
+
+---
+Tue Oct  6 09:04:17 MDT 2015 - carn...@suse.com
+
+- bsc#949046 - Increase %suse_version in SP1 to 1316
+  xen.spec
+- Update README.SUSE detailing dom0 ballooning recommendations
+
+---
+Mon Oct  5 09:12:45 MDT 2015 - carn...@suse.com
+
+- bsc#945167 - Running command ’ xl pci-assignable-add 03:10.1’
+  secondly show errors
+  55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch
+- Upstream patches from Jan
+  55f2e438-x86-hvm-fix-saved-pmtimer-and-hpet-values.patch
+  55f9345b-x86-MSI-fail-if-no-hardware-support.patch
+  5604f239-x86-PV-properly-populate-descriptor-tables.patch
+  5604f2e6-vt-d-fix-IM-bit-mask-and-unmask-of-FECTL_REG.patch
+  560a4af9-x86-EPT-tighten-conditions-of-IOMMU-mapping-updates.patch
+  560a7c36-x86-p2m-pt-delay-freeing-of-intermediate-page-tables.patch
+  560a7c53-x86-p2m-pt-ignore-pt-share-flag-for-shadow-mode-guests.patch
+  560bd926-credit1-fix-tickling-when-it-happens-from-a-remote-pCPU.patch
+  560e6d34-x86-p2m-pt-tighten-conditions-of-IOMMU-mapping-updates.patch
+
+---
+Fri Oct  2 11:31:34 MDT 2015 - mlati...@suse.com
+
+- bsc#941074 - VmError: Device 51728 (vbd) could not be connected.
+  Hotplug scripts not working.
+  hotplug-Linux-block-performance-fix.patch
+
+---
+Wed Sep 23 14:56:47 MDT 2015 - carn...@suse.com
+
+- bsc#947165 - VUL-0: CVE-2015-7311: xen: libxl fails to honour
+  readonly flag on disks with qemu-xen (xsa-142)
+  CVE-2015-7311-xsa142.patch
+
+---

New:

  54f4985f-libxl-fix-libvirtd-double-free.patch
  55f2e438-x86-hvm-fix-saved-pmtimer-and-hpet-values.patch
  55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch
  55f9345b-x86-MSI-fail-if-no-hardware-support.patch
  5604f239-x86-PV-properly-populate-descriptor-tables.patch
  5604f2e6-vt-d-fix-IM-bit-mask-and-unmask-of-FECTL_REG.patch
  560a4af9-x86-EPT-tighten-conditions-of-IOMMU-mapping-updates.patch
  560a7c36-x86-p2m-pt-delay-freeing-of-intermediate-page-tables.patch
  560a7c53-x86-p2m-pt-ignore-pt-share-flag-for-shadow-mode-guests.patch
  560bd926-credit1-fix-tickling-when-it-happens-from-a-remote-pCPU.patch
  560e6d34-x86-p2m-pt-tighten-conditions-of-IOMMU-mapping-updates.patch
  CVE-2015-7311-xsa142.patch
  hotplug-Linux-block-performance-fix.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.6TTrYH/_old  2015-10-14 16:43:25.0 +0200
+++ /var/tmp/diff_new_pack.6TTrYH/_new  2015-10-14 16:43:25.0 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package xen
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -15,7 +15,6 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
-
 # needssslcertforbuild
 
 Name:   xen
@@ -46,7 +45,7 @@
 #
 %define max_cpus 4
 %ifarch x86_64
-%if %suse_version == 1315
+%if %suse_version >= 1315
 %define max_cpus 1024
 %else
 %define max_cpus 512
@@ -159,7 +158,7 @@
 %endif
 %endif
 
-Version:4.5.1_08
+Version:4.5.1_10
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0
@@ -202,34 +201,45 @@
 # http://xenbits.xensource.com/ext/xenalyze
 Source2:xenalyze.hg.tar.bz2
 # Upstream patches
-Patch1: 
55103616-vm-assist-prepare-for-discontiguous-used-bit-numbers.patch
-Patch2: 551ac326-xentop-add-support-for-qdisk.patch
-Patch3: 
552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch
-Patch4: 
5548e903-domctl-don-t-truncate-XEN_DOMCTL_max_mem-requests.patch
-Patch5: 5548e95d-x86-allow-to-suppress-M2P-user-mode-exposure.patch

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2015-09-24 07:16:58

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2015-08-31 22:57:44.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2015-09-24 
07:16:59.0 +0200
@@ -1,0 +2,38 @@
+Mon Sep 16 07:17:00 UTC 2015 - cy...@suse.com
+
+- bsc#945165 - Xl pci-attach show error with kernel of SLES 12 sp1
+  pci-attach-fix.patch
+
+---
+Tue Sep 15 14:48:27 MDT 2015 - jfeh...@suse.com
+
+- bsc#945164 - Xl destroy show error with kernel of SLES 12 sp1
+  5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch
+
+---
+Wed Sep  9 08:55:29 MDT 2015 - carn...@suse.com
+
+- Upstream patches from Jan
+  55dc78e9-x86-amd_ucode-skip-updates-for-final-levels.patch
+  55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch
+  55df2f76-IOMMU-skip-domains-without-page-tables-when-dumping.patch
+  55e43fd8-x86-NUMA-fix-setup_node.patch
+  55e43ff8-x86-NUMA-don-t-account-hotplug-regions.patch
+  55e593f1-x86-NUMA-make-init_node_heap-respect-Xen-heap-limit.patch
+  54c2553c-grant-table-use-uint16_t-consistently-for-offset-and-length.patch
+  54ca33bc-grant-table-refactor-grant-copy-to-reduce-duplicate-code.patch
+  54ca340e-grant-table-defer-releasing-pages-acquired-in-a-grant-copy.patch
+
+---
+Tue Sep  8 11:26:45 MDT 2015 - carn...@suse.com
+
+- bsc#944463 - VUL-0: CVE-2015-5239: qemu-kvm: Integer overflow in
+  vnc_client_read() and protocol_client_msg()
+  CVE-2015-5239-qemuu-limit-client_cut_text-msg-payload-size.patch
+  CVE-2015-5239-qemut-limit-client_cut_text-msg-payload-size.patch
+- bsc#944697 - VUL-1: CVE-2015-6815: qemu: net: e1000: infinite
+  loop issue
+  CVE-2015-6815-qemuu-e1000-fix-infinite-loop.patch
+  CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch
+
+---

New:

  54c2553c-grant-table-use-uint16_t-consistently-for-offset-and-length.patch
  54ca33bc-grant-table-refactor-grant-copy-to-reduce-duplicate-code.patch
  54ca340e-grant-table-defer-releasing-pages-acquired-in-a-grant-copy.patch
  5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch
  55dc78e9-x86-amd_ucode-skip-updates-for-final-levels.patch
  55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch
  55df2f76-IOMMU-skip-domains-without-page-tables-when-dumping.patch
  55e43fd8-x86-NUMA-fix-setup_node.patch
  55e43ff8-x86-NUMA-don-t-account-hotplug-regions.patch
  55e593f1-x86-NUMA-make-init_node_heap-respect-Xen-heap-limit.patch
  CVE-2015-5239-qemut-limit-client_cut_text-msg-payload-size.patch
  CVE-2015-5239-qemuu-limit-client_cut_text-msg-payload-size.patch
  CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch
  CVE-2015-6815-qemuu-e1000-fix-infinite-loop.patch
  pci-attach-fix.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.mHwCXF/_old  2015-09-24 07:17:03.0 +0200
+++ /var/tmp/diff_new_pack.mHwCXF/_new  2015-09-24 07:17:03.0 +0200
@@ -159,7 +159,7 @@
 %endif
 %endif
 
-Version:4.5.1_07
+Version:4.5.1_08
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0
@@ -223,6 +223,13 @@
 Patch19:55a77e4f-dmar-device-scope-mem-leak-fix.patch
 Patch20:55c1d83d-x86-gdt-Drop-write-only-xalloc-d-array.patch
 Patch21:55c3232b-x86-mm-Make-hap-shadow-teardown-preemptible.patch
+Patch22:55dc78e9-x86-amd_ucode-skip-updates-for-final-levels.patch
+Patch23:
55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch
+Patch24:
55df2f76-IOMMU-skip-domains-without-page-tables-when-dumping.patch
+Patch25:55e43fd8-x86-NUMA-fix-setup_node.patch
+Patch26:55e43ff8-x86-NUMA-don-t-account-hotplug-regions.patch
+Patch27:
55e593f1-x86-NUMA-make-init_node_heap-respect-Xen-heap-limit.patch
+Patch28:5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch
 Patch131:   CVE-2015-4106-xsa131-9.patch
 Patch137:   CVE-2015-3259-xsa137.patch
 Patch139:   xsa139-qemuu.patch
@@ -256,6 +263,10 @@
 Patch262:   
CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch
 Patch263:   
CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch
 Patch264:   
CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch
+Patch265:   

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2015-08-31 22:57:42

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is "xen"

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2015-08-21 08:24:25.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2015-08-31 
22:57:44.0 +0200
@@ -1,0 +2,47 @@
+Wed Aug 26 16:18:58 MDT 2015 - carn...@suse.com
+
+- bnc#935634 - VUL-0: CVE-2015-3259: xen: XSA-137: xl command line
+  config handling stack overflow
+  55a62eb0-xl-correct-handling-of-extra_config-in-main_cpupoolcreate.patch
+
+---
+Tue Aug 18 10:18:20 MDT 2015 - carn...@suse.com
+
+- bsc#907514 - Bus fatal error & sles12 sudden reboot has been
+  observed
+- bsc#910258 - SLES12 Xen host crashes with FATAL NMI after
+  shutdown of guest with VT-d NIC
+- bsc#918984 - Bus fatal error & sles11-SP4 sudden reboot has been
+  observed
+- bsc#923967 - Partner-L3: Bus fatal error & sles11-SP3 sudden
+  reboot has been observed
+  552d293b-x86-vMSI-X-honor-all-mask-requests.patch
+  552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch
+  5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch
+  55795a52-x86-vMSI-X-support-qword-MMIO-access.patch
+  5583d9c5-x86-MSI-X-cleanup.patch
+  5583da09-x86-MSI-track-host-and-guest-masking-separately.patch
+  55b0a218-x86-PCI-CFG-write-intercept.patch
+  55b0a255-x86-MSI-X-maskall.patch
+  55b0a283-x86-MSI-X-teardown.patch
+  55b0a2ab-x86-MSI-X-enable.patch
+  55b0a2db-x86-MSI-track-guest-masking.patch
+- Upstream patches from Jan 
+  552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch
+  559bc633-x86-cpupool-clear-proper-cpu_valid-bit-on-CPU-teardown.patch
+  559bc64e-credit1-properly-deal-with-CPUs-not-in-any-pool.patch
+  559bc87f-x86-hvmloader-avoid-data-corruption-with-xenstore-rw.patch
+  55a66a1e-make-rangeset_report_ranges-report-all-ranges.patch
+  55a77e4f-dmar-device-scope-mem-leak-fix.patch
+  55c1d83d-x86-gdt-Drop-write-only-xalloc-d-array.patch
+  55c3232b-x86-mm-Make-hap-shadow-teardown-preemptible.patch
+- Dropped for upstream version
+  x86-MSI-mask.patch
+  x86-MSI-pv-unmask.patch
+  x86-MSI-X-enable.patch
+  x86-MSI-X-maskall.patch
+  x86-MSI-X-teardown.patch
+  x86-pci_cfg_okay.patch
+  x86-PCI-CFG-write-intercept.patch
+
+---
@@ -94,4 +140,0 @@
-- Dropped
-  qemu-MSI-X-enable-maskall.patch
-  qemu-MSI-X-latch-writes.patch
-  x86-MSI-X-guest-mask.patch
@@ -130,0 +174,3 @@
+  qemu-MSI-X-enable-maskall.patch
+  qemu-MSI-X-latch-writes.patch
+  x86-MSI-X-guest-mask.patch

Old:

  x86-MSI-X-enable.patch
  x86-MSI-X-maskall.patch
  x86-MSI-X-teardown.patch
  x86-MSI-mask.patch
  x86-MSI-pv-unmask.patch
  x86-PCI-CFG-write-intercept.patch
  x86-pci_cfg_okay.patch

New:

  552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch
  5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch
  559bc633-x86-cpupool-clear-proper-cpu_valid-bit-on-CPU-teardown.patch
  559bc64e-credit1-properly-deal-with-CPUs-not-in-any-pool.patch
  559bc87f-x86-hvmloader-avoid-data-corruption-with-xenstore-rw.patch
  55a62eb0-xl-correct-handling-of-extra_config-in-main_cpupoolcreate.patch
  55a66a1e-make-rangeset_report_ranges-report-all-ranges.patch
  55a77e4f-dmar-device-scope-mem-leak-fix.patch
  55b0a218-x86-PCI-CFG-write-intercept.patch
  55b0a255-x86-MSI-X-maskall.patch
  55b0a283-x86-MSI-X-teardown.patch
  55b0a2ab-x86-MSI-X-enable.patch
  55b0a2db-x86-MSI-track-guest-masking.patch
  55c1d83d-x86-gdt-Drop-write-only-xalloc-d-array.patch
  55c3232b-x86-mm-Make-hap-shadow-teardown-preemptible.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.wPkcl5/_old  2015-08-31 22:57:48.0 +0200
+++ /var/tmp/diff_new_pack.wPkcl5/_new  2015-08-31 22:57:48.0 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package xen
 #
-# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -15,6 +15,7 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
+
 # needssslcertforbuild
 
 Name:   xen
@@ -158,7 +159,7 @@
 %endif
 %endif
 
-Version:4.5.1_02
+Version:4.5.1_07
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0
@@ -203,16 +204,25 @@
 # Upstream patches
 Patch1: 

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2015-08-21 08:24:24

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2015-07-16 17:15:55.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2015-08-21 
08:24:25.0 +0200
@@ -1,0 +2,48 @@
+Tue Jul 28 09:04:13 MDT 2015 - carn...@suse.com
+
+- bsc#939712 - VUL-0: XSA-140: QEMU leak of uninitialized heap
+  memory in rtl8139 device model
+  xsa140-qemuu-1.patch
+  xsa140-qemuu-2.patch
+  xsa140-qemuu-3.patch
+  xsa140-qemuu-4.patch
+  xsa140-qemuu-5.patch
+  xsa140-qemuu-6.patch
+  xsa140-qemuu-7.patch
+  xsa140-qemut-1.patch
+  xsa140-qemut-2.patch
+  xsa140-qemut-3.patch
+  xsa140-qemut-4.patch
+  xsa140-qemut-5.patch
+  xsa140-qemut-6.patch
+  xsa140-qemut-7.patch
+- bsc#939709 - VUL-0: XSA-139: xen: Use after free in QEMU/Xen
+  block unplug protocol
+  xsa139-qemuu.patch
+
+---
+Tue Jul 21 10:03:24 UTC 2015 - oher...@suse.de
+
+- bsc#937371 - xen vm's running after reboot
+  xendomains-libvirtd-conflict.patch
+
+---
+Thu Jul 16 10:14:12 MDT 2015 - carn...@suse.com
+
+- bsc#938344 - VUL-0: CVE-2015-5154: qemu,kvm,xen: host code
+  execution via IDE subsystem CD-ROM  
+  CVE-2015-5154-qemuu-check-array-bounds-before-writing-to-io_buffer.patch
+  CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch
+  CVE-2015-5154-qemuu-fix-START-STOP-UNIT-command-completion.patch
+  CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch
+  CVE-2015-5154-qemuu-clear-DRQ-after-handling-all-expected-accesses.patch
+  CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch
+
+---
+Wed Jul 15 08:28:23 UTC 2015 - oher...@suse.de
+
+- Remove xendomains.service from systemd preset file because it
+  conflicts with libvirt-guests.service (bnc#937371)
+  Its up to the admin to run systemctl enable xendomains.service
+
+---
@@ -49,0 +98,5 @@
+
+---
+Tue Jul  7 13:35:34 UTC 2015 - oher...@suse.de
+
+- Adjust more places to use br0 instead of xenbr0

New:

  CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch
  CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch
  CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch
  CVE-2015-5154-qemuu-check-array-bounds-before-writing-to-io_buffer.patch
  CVE-2015-5154-qemuu-clear-DRQ-after-handling-all-expected-accesses.patch
  CVE-2015-5154-qemuu-fix-START-STOP-UNIT-command-completion.patch
  xendomains-libvirtd-conflict.patch
  xsa139-qemuu.patch
  xsa140-qemut-1.patch
  xsa140-qemut-2.patch
  xsa140-qemut-3.patch
  xsa140-qemut-4.patch
  xsa140-qemut-5.patch
  xsa140-qemut-6.patch
  xsa140-qemut-7.patch
  xsa140-qemuu-1.patch
  xsa140-qemuu-2.patch
  xsa140-qemuu-3.patch
  xsa140-qemuu-4.patch
  xsa140-qemuu-5.patch
  xsa140-qemuu-6.patch
  xsa140-qemuu-7.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.qbU3ym/_old  2015-08-21 08:24:28.0 +0200
+++ /var/tmp/diff_new_pack.qbU3ym/_new  2015-08-21 08:24:28.0 +0200
@@ -15,7 +15,6 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
-
 # needssslcertforbuild
 
 Name:   xen
@@ -216,6 +215,21 @@
 Patch12:559bdde5-pull-in-latest-linux-earlycpio.patch
 Patch131:   CVE-2015-4106-xsa131-9.patch
 Patch137:   CVE-2015-3259-xsa137.patch
+Patch139:   xsa139-qemuu.patch
+Patch14001: xsa140-qemuu-1.patch
+Patch14002: xsa140-qemuu-2.patch
+Patch14003: xsa140-qemuu-3.patch
+Patch14004: xsa140-qemuu-4.patch
+Patch14005: xsa140-qemuu-5.patch
+Patch14006: xsa140-qemuu-6.patch
+Patch14007: xsa140-qemuu-7.patch
+Patch14011: xsa140-qemut-1.patch
+Patch14012: xsa140-qemut-2.patch
+Patch14013: xsa140-qemut-3.patch
+Patch14014: xsa140-qemut-4.patch
+Patch14015: xsa140-qemut-5.patch
+Patch14016: xsa140-qemut-6.patch
+Patch14017: xsa140-qemut-7.patch
 # Upstream qemu
 Patch250:   VNC-Support-for-ExtendedKeyEvent-client-message.patch
 Patch251:   0001-net-move-the-tap-buffer-into-TAPState.patch
@@ -226,6 +240,12 @@
 Patch256:   0006-e1000-clear-EOP-for-multi-buffer-descriptors.patch
 Patch257:   0007-e1000-verify-we-have-buffers-upfront.patch
 Patch258:   0008-e1000-check-buffer-availability.patch

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2015-05-16 07:12:45

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2015-05-06 11:17:22.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2015-05-16 
07:12:47.0 +0200
@@ -1,0 +2,15 @@
+Mon May 11 15:07:30 MDT 2015 - carn...@suse.com
+
+- bsc#927967 - VUL-0: CVE-2015-3340: xen: Information leak through
+  XEN_DOMCTL_gettscinfo (XSA-132) 
+  5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch
+
+---
+Thu May  7 06:53:15 MDT 2015 - carn...@suse.com
+
+- bnc#929339 - VUL-0: CVE-2015-3456: qemu kvm xen: VENOM qemu
+  floppy driver host code execution
+  CVE-2015-3456-xsa133-qemuu.patch
+  CVE-2015-3456-xsa133-qemut.patch
+
+---

New:

  5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch
  CVE-2015-3456-xsa133-qemut.patch
  CVE-2015-3456-xsa133-qemuu.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.MqyynZ/_old  2015-05-16 07:12:50.0 +0200
+++ /var/tmp/diff_new_pack.MqyynZ/_new  2015-05-16 07:12:50.0 +0200
@@ -15,6 +15,7 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
+
 # needssslcertforbuild
 
 Name:   xen
@@ -157,7 +158,7 @@
 %endif
 %endif
 
-Version:4.5.0_03
+Version:4.5.0_04
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0
@@ -204,6 +205,7 @@
 Patch2: 551ac326-xentop-add-support-for-qdisk.patch
 Patch3: 5513b458-allow-reboot-overrides-when-running-under-EFI.patch
 Patch4: 5513b4d1-dont-apply-reboot-quirks-if-reboot-set-by-user.patch
+Patch5: 5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch
 # Upstream qemu
 Patch250:   VNC-Support-for-ExtendedKeyEvent-client-message.patch
 Patch251:   0001-net-move-the-tap-buffer-into-TAPState.patch
@@ -214,6 +216,8 @@
 Patch256:   0006-e1000-clear-EOP-for-multi-buffer-descriptors.patch
 Patch257:   0007-e1000-verify-we-have-buffers-upfront.patch
 Patch258:   0008-e1000-check-buffer-availability.patch
+Patch260:   CVE-2015-3456-xsa133-qemuu.patch
+Patch261:   CVE-2015-3456-xsa133-qemut.patch
 # Our platform specific patches
 Patch301:   xen-destdir.patch
 Patch302:   vif-bridge-no-iptables.patch
@@ -507,6 +511,7 @@
 %patch2 -p1
 %patch3 -p1
 %patch4 -p1
+%patch5 -p1
 # Upstream qemu patches
 %patch250 -p1
 %patch251 -p1
@@ -517,6 +522,8 @@
 %patch256 -p1
 %patch257 -p1
 %patch258 -p1
+%patch260 -p1
+%patch261 -p1
 # Our platform specific patches
 %patch301 -p1
 %patch302 -p1

++ 5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch ++
Subject: domctl/sysctl: don't leak hypervisor stack to toolstacks
From: Andrew Cooper andrew.coop...@citrix.com Tue Apr 21 09:03:15 2015 +0200
Date: Tue Apr 21 09:03:15 2015 +0200:
Git: 4ff3449f0e9d175ceb9551d3f2aecb59273f639d

This is CVE-2015-3340 / XSA-132.

Signed-off-by: Andrew Cooper andrew.coop...@citrix.com
Reviewed-by: Jan Beulich jbeul...@suse.com
Acked-by: Ian Campbell ian.campb...@citrix.com

Index: xen-4.5.0-testing/xen/arch/x86/domctl.c
===
--- xen-4.5.0-testing.orig/xen/arch/x86/domctl.c
+++ xen-4.5.0-testing/xen/arch/x86/domctl.c
@@ -886,7 +886,7 @@ long arch_do_domctl(
 
 case XEN_DOMCTL_gettscinfo:
 {
-xen_guest_tsc_info_t info;
+xen_guest_tsc_info_t info = { 0 };
 
 domain_pause(d);
 tsc_get_info(d, info.tsc_mode,
Index: xen-4.5.0-testing/xen/common/sysctl.c
===
--- xen-4.5.0-testing.orig/xen/common/sysctl.c
+++ xen-4.5.0-testing/xen/common/sysctl.c
@@ -76,7 +76,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe
 case XEN_SYSCTL_getdomaininfolist:
 { 
 struct domain *d;
-struct xen_domctl_getdomaininfo info;
+struct xen_domctl_getdomaininfo info = { 0 };
 u32 num_domains = 0;
 
 rcu_read_lock(domlist_read_lock);
++ CVE-2015-3456-xsa133-qemut.patch ++
From ac7ddbe342d7aa2303c39ca731cc6229dbbd739b Mon Sep 17 00:00:00 2001
From: Petr Matousek pmato...@redhat.com
Date: Wed, 6 May 2015 09:48:59 +0200
Subject: [PATCH] fdc: force the fifo access to be in bounds of the allocated 
buffer

During processing of certain commands such as FD_CMD_READ_ID and
FD_CMD_DRIVE_SPECIFICATION_COMMAND the fifo memory access could
get out of bounds leading 

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2015-05-06 11:17:21

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2015-04-12 00:08:42.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2015-05-06 
11:17:22.0 +0200
@@ -1,0 +2,13 @@
+Mon Apr 27 09:55:01 MDT 2015 - carn...@suse.com
+
+- bsc#928783 - Reboot failure; Request backport of upstream Xen
+  patch to 4.5.0, or update pkgs to 4.5.1
+  5513b458-allow-reboot-overrides-when-running-under-EFI.patch
+  5513b4d1-dont-apply-reboot-quirks-if-reboot-set-by-user.patch
+
+---
+Tue Apr 21 12:21:05 UTC 2015 - oher...@suse.de
+
+- bnc#927750 - Avoid errors reported by system-modules-load.service
+
+---

New:

  5513b458-allow-reboot-overrides-when-running-under-EFI.patch
  5513b4d1-dont-apply-reboot-quirks-if-reboot-set-by-user.patch
  xen-dom0-modules.service



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.wUw97J/_old  2015-05-06 11:17:26.0 +0200
+++ /var/tmp/diff_new_pack.wUw97J/_new  2015-05-06 11:17:26.0 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package xen
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -15,7 +15,6 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
-
 # needssslcertforbuild
 
 Name:   xen
@@ -194,6 +193,7 @@
 Source37:   xen2libvirt.py
 # Systemd service files
 Source41:   xencommons.service
+Source42:   xen-dom0-modules.service
 Source57:   xen-utils-0.1.tar.bz2
 # For xen-libs
 Source99:   baselibs.conf
@@ -202,6 +202,8 @@
 # Upstream patches
 Patch1: 5124efbe-add-qxl-support.patch
 Patch2: 551ac326-xentop-add-support-for-qdisk.patch
+Patch3: 5513b458-allow-reboot-overrides-when-running-under-EFI.patch
+Patch4: 5513b4d1-dont-apply-reboot-quirks-if-reboot-set-by-user.patch
 # Upstream qemu
 Patch250:   VNC-Support-for-ExtendedKeyEvent-client-message.patch
 Patch251:   0001-net-move-the-tap-buffer-into-TAPState.patch
@@ -503,6 +505,8 @@
 # Upstream patches
 %patch1 -p1
 %patch2 -p1
+%patch3 -p1
+%patch4 -p1
 # Upstream qemu patches
 %patch250 -p1
 %patch251 -p1
@@ -868,6 +872,19 @@
 EOF
 %endif
 cp -bavL %{S:41} $RPM_BUILD_ROOT%{_unitdir}
+bn=`basename %{S:42}`
+cp -bavL %{S:42} $RPM_BUILD_ROOT%{_unitdir}/${bn}
+mods=`
+for conf in $(ls $RPM_BUILD_ROOT%{with_systemd_modules_load}/*.conf)
+do
+   grep -v ^# $conf
+   echo -n  $conf
+done
+`
+for mod in $mods
+do
+   echo ExecStart=-/usr/bin/env modprobe $mod  
$RPM_BUILD_ROOT%{_unitdir}/${bn}
+done
 rm -rfv $RPM_BUILD_ROOT%{_initddir}
 %else
 # Init scripts

++ 5513b458-allow-reboot-overrides-when-running-under-EFI.patch ++
Subject: x86/EFI: allow reboot= overrides when running under EFI
From: Konrad Rzeszutek Wilk konrad.w...@oracle.com Thu Mar 26 08:25:12 2015 
+0100
Date: Thu Mar 26 08:25:12 2015 +0100:
Git: 89bdb85c5cf5d71683a4eddd6143ee15cc298655

By default we will always use EFI reboot mechanism when
running under EFI platforms. However some EFI platforms
are buggy and need to use the ACPI mechanism to
reboot (such as Lenovo ThinkCentre M57). As such
respect the 'reboot=' override and DMI overrides
for EFI platforms.

Signed-off-by: Konrad Rzeszutek Wilk konrad.w...@oracle.com

- BOOT_INVALID is just zero
- also consider acpi_disabled in BOOT_INVALID resolution
- duplicate BOOT_INVALID resolution in machine_restart()
- don't fall back from BOOT_ACPI to BOOT_EFI (if it was overridden, it
  surely was for a reason)
- adjust doc change formatting

Signed-off-by: Jan Beulich jbeul...@suse.com
Reviewed-by: Konrad Rzeszutek Wilk konrad.w...@oracle.com
Reviewed-by: Andrew Cooper andrew.coop...@citrix.com

x86/EFI: fix reboot after c643fb110a

acpi_disabled needs to be moved out of .init.data.

Reported-by: Ross Lagerwall ross.lagerw...@citrix.com
From: Konrad Rzeszutek Wilk konrad.w...@oracle.com
Signed-off-by: Jan Beulich jbeul...@suse.com
Tested-by: Ross Lagerwall ross.lagerw...@citrix.com

master commit: c643fb110a51693e82a36ca9178d54f0b9744024
master date: 2015-03-13 11:25:52 +0100
master commit: 8ff330ec11e471919621bce97c069b83b0319d15
master date: 2015-03-23 18:01:51 +0100

diff --git a/docs/misc/xen-command-line.markdown 

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2015-04-12 00:08:41

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2015-03-30 19:31:26.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2015-04-12 
00:08:42.0 +0200
@@ -1,0 +2,22 @@
+Wed Apr  8 10:17:41 UTC 2015 - rguent...@suse.com
+
+- Add xen-no-array-bounds.patch and blktap-no-uninit.patch to selectively
+  turn errors back to warnings to fix build with GCC 5.
+- Amend xen.stubdom.newlib.patch to pull in declaration of strcmp to
+  avoid implicit-fortify-decl rpmlint error.
+- Fix quoting of __SMBIOS_DATE__ in xen.build-compare.smbiosdate.patch.
+
+---
+Fri Apr  3 10:54:05 MDT 2015 - carn...@suse.com
+
+- xentop: Fix memory leak on read failure
+  551ac326-xentop-add-support-for-qdisk.patch
+
+---
+Tue Mar 31 16:03:54 MDT 2015 - carn...@suse.com
+
+- Dropped xentop-add-support-for-qdisk.patch in favor of upstream
+  version
+  551ac326-xentop-add-support-for-qdisk.patch
+
+---
@@ -6,0 +29,10 @@
+
+---
+Thu Mar 12 12:33:45 UTC 2015 - rguent...@suse.com
+
+- Add xen-c99-fix.patch to remove pointless inline specifier on
+  function declarations which break build with a C99 compiler which
+  GCC 5 is by default. (bsc#921994)
+- Add ipxe-no-error-logical-not-parentheses.patch to supply
+  -Wno-logical-not-parentheses to the ipxe build to fix
+  breakage with GCC 5. (bsc#921994)

Old:

  xentop-add-support-for-qdisk.patch

New:

  551ac326-xentop-add-support-for-qdisk.patch
  blktap-no-uninit.patch
  ipxe-no-error-logical-not-parentheses.patch
  xen-c99-fix.patch
  xen-no-array-bounds.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.uiz1Sj/_old  2015-04-12 00:08:45.0 +0200
+++ /var/tmp/diff_new_pack.uiz1Sj/_new  2015-04-12 00:08:45.0 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package xen
 #
-# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -201,6 +201,7 @@
 Source2:xenalyze.hg.tar.bz2
 # Upstream patches
 Patch1: 5124efbe-add-qxl-support.patch
+Patch2: 551ac326-xentop-add-support-for-qdisk.patch
 # Upstream qemu
 Patch250:   VNC-Support-for-ExtendedKeyEvent-client-message.patch
 Patch251:   0001-net-move-the-tap-buffer-into-TAPState.patch
@@ -222,7 +223,7 @@
 Patch330:   suspend_evtchn_lock.patch
 Patch331:   xenpaging.doc.patch
 Patch332:   local_attach_support_for_phy.patch
-Patch333:   xentop-add-support-for-qdisk.patch
+Patch333:   xen-c99-fix.patch
 # Qemu traditional
 Patch350:   blktap.patch
 Patch351:   cdrom-removable.patch
@@ -261,6 +262,7 @@
 Patch387:   libxl.set-migration-constraints-from-cmdline.patch
 Patch389:   qemu-xen-upstream-megasas-buildtime.patch
 Patch390:   libxl.pvscsi.patch
+Patch391:   blktap-no-uninit.patch
 # Other bug fixes or features
 Patch451:   xenconsole-no-multiple-connections.patch
 Patch452:   hibernate.patch
@@ -291,9 +293,11 @@
 Patch605:   xen.build-compare.vgabios.patch
 Patch606:   xen.build-compare.seabios.patch
 Patch607:   xen.build-compare.man.patch
+Patch608:   ipxe-no-error-logical-not-parentheses.patch
 # Build patches
 Patch6: xen.stubdom.newlib.patch
 Patch8: tmp_build.patch
+Patch9: xen-no-array-bounds.patch
 Url:http://www.cl.cam.ac.uk/Research/SRG/netos/xen/
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 %define pyver %(python -c import sys; print sys.version[:3])
@@ -498,6 +502,7 @@
 %setup -q -n %xen_build_dir -a 1 -a 2 -a 3 -a 4 -a 5 -a 57 -a 2
 # Upstream patches
 %patch1 -p1
+%patch2 -p1
 # Upstream qemu patches
 %patch250 -p1
 %patch251 -p1
@@ -557,6 +562,7 @@
 %patch387 -p1
 %patch389 -p1
 %patch390 -p1
+%patch391 -p1
 # Other bug fixes or features
 %patch451 -p1
 %patch452 -p1
@@ -587,9 +593,11 @@
 %patch605 -p1
 %patch606 -p1
 %patch607 -p1
+%patch608 -p1
 # Build patches
 %patch6 -p1
 %patch8 -p1
+%patch9 -p1
 
 %build
 # we control the version info of this package

++ 551ac326-xentop-add-support-for-qdisk.patch ++
 609 lines (skipped)

++ 

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2015-03-30 19:31:25

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2015-03-09 10:00:12.0 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2015-03-30 
19:31:26.0 +0200
@@ -1,0 +2,14 @@
+Mon Mar 16 10:14:15 MDT 2015 - carn...@suse.com
+
+- Enable spice support in qemu for x86_64
+  5124efbe-add-qxl-support.patch
+  qemu-xen-enable-spice-support.patch
+
+---
+Wed Mar 11 13:15:07 MDT 2015 - carn...@suse.com
+
+- bnc#921842 - Xentop doesn't display disk statistics for VMs using
+  qdisks
+  xentop-add-support-for-qdisk.patch
+
+---

New:

  5124efbe-add-qxl-support.patch
  qemu-xen-enable-spice-support.patch
  xentop-add-support-for-qdisk.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.PCEqP5/_old  2015-03-30 19:31:29.0 +0200
+++ /var/tmp/diff_new_pack.PCEqP5/_new  2015-03-30 19:31:29.0 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package xen
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -98,6 +98,13 @@
 BuildRequires:  libuuid-devel
 BuildRequires:  libxml2-devel
 BuildRequires:  libyajl-devel
+%ifarch x86_64
+%if 0%{?suse_version}  1230
+BuildRequires:  libspice-server-devel
+BuildRequires:  spice-protocol-devel
+BuildRequires:  usbredir-devel
+%endif
+%endif
 %if %{?with_qemu_traditional}0
 BuildRequires:  SDL-devel
 BuildRequires:  pciutils-devel
@@ -193,6 +200,7 @@
 # http://xenbits.xensource.com/ext/xenalyze
 Source2:xenalyze.hg.tar.bz2
 # Upstream patches
+Patch1: 5124efbe-add-qxl-support.patch
 # Upstream qemu
 Patch250:   VNC-Support-for-ExtendedKeyEvent-client-message.patch
 Patch251:   0001-net-move-the-tap-buffer-into-TAPState.patch
@@ -214,6 +222,7 @@
 Patch330:   suspend_evtchn_lock.patch
 Patch331:   xenpaging.doc.patch
 Patch332:   local_attach_support_for_phy.patch
+Patch333:   xentop-add-support-for-qdisk.patch
 # Qemu traditional
 Patch350:   blktap.patch
 Patch351:   cdrom-removable.patch
@@ -267,6 +276,7 @@
 Patch466:   aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch
 Patch467:   libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch
 Patch470:   qemu-xen-upstream-qdisk-cache-unsafe.patch
+Patch471:   qemu-xen-enable-spice-support.patch
 Patch472:   tigervnc-long-press.patch
 # Hypervisor and PV driver Patches
 Patch501:   x86-ioapic-ack-default.patch
@@ -487,6 +497,7 @@
 %prep
 %setup -q -n %xen_build_dir -a 1 -a 2 -a 3 -a 4 -a 5 -a 57 -a 2
 # Upstream patches
+%patch1 -p1
 # Upstream qemu patches
 %patch250 -p1
 %patch251 -p1
@@ -507,6 +518,7 @@
 %patch330 -p1
 %patch331 -p1
 %patch332 -p1
+%patch333 -p1
 # Qemu traditional
 %patch350 -p1
 %patch351 -p1
@@ -560,6 +572,7 @@
 %patch466 -p1
 %patch467 -p1
 %patch470 -p1
+%patch471 -p1
 %patch472 -p1
 # Hypervisor and PV driver Patches
 %patch501 -p1
@@ -636,6 +649,11 @@
 then
: no changes?
 fi
+%ifarch x86_64
+%if 0%{?suse_version}  1230
+export QEMU_XEN_ENABLE_SPICE=--enable-spice --enable-usb-redir
+%endif
+%endif
 configure_flags=
 %if %{?with_stubdom}0
 configure_flags=--enable-stubdom

++ 5124efbe-add-qxl-support.patch ++
Usage:
  vga=qxl

Qxl vga support many resolutions that not supported by stdvga,
mainly the 16:9 ones and other high up to 2560x1600.
With QXL you can get improved performance and smooth video also
with high resolutions and high quality.
Require their drivers installed in the domU and spice used
otherwise act as a simple stdvga.

Signed-off-by: Fabio Fantoni fabio.fantoni@xxx
Signed-off-by: Zhou Peng zpengxen@x
Acked-by: Stefano Stabellini stefano.stabellini@x
Acked-by: Ian Jackson ian.jackson@x
Acked-by: George Dunlap george.dunlap@x

---

Changes in v16:
- refresh
- improved commit description

Changes in v15:
- refresh
- small code improvements in libxl_dm.c

Changes in v14:
- refresh
- update qemu parameters (from -vga to -device)

NOTES:
Works correctly with windows domUs, tested on windows 7 64 bit
with qxl driver from spice guest tools 0.74.
I tested some resolution not supported by stdvga (1366x768, 1600x900
and 1920x1080) with 32 bit color and all works 

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2015-03-09 10:00:11

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2015-02-18 20:36:20.0 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2015-03-09 
10:00:12.0 +0100
@@ -1,0 +2,7 @@
+Tue Feb 24 16:22:45 UTC 2015 - meiss...@suse.com
+
+- Disable the PIE enablement done for Factory, as the XEN code
+  is not buildable with PIE and it does not make much sense
+  to build the hypervisor code with it.
+
+---



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.jmiiRC/_old  2015-03-09 10:00:15.0 +0100
+++ /var/tmp/diff_new_pack.jmiiRC/_new  2015-03-09 10:00:15.0 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package xen
 #
-# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -15,6 +15,7 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
+
 # needssslcertforbuild
 
 Name:   xen
@@ -86,6 +87,7 @@
 %ifarch %ix86 x86_64
 BuildRequires:  dev86
 %endif
+#!BuildIgnore:  gcc-PIE
 BuildRequires:  bison
 BuildRequires:  fdupes
 BuildRequires:  flex


-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2015-02-18 20:36:09

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2015-02-16 17:49:50.0 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2015-02-18 
20:36:20.0 +0100
@@ -1,0 +2,11 @@
+Tue Feb 17 10:48:56 MST 2015 - carn...@suse.com
+
+- bnc#918169 - XEN fixes required to work with Kernel 3.19.0
+  xen.spec 
+
+---
+Tue Feb 10 16:06:40 UTC 2015 - oher...@suse.de
+
+- Package xen.changes because its referenced in xen.spec
+
+---



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.WqeSFa/_old  2015-02-18 20:36:23.0 +0100
+++ /var/tmp/diff_new_pack.WqeSFa/_new  2015-02-18 20:36:24.0 +0100
@@ -149,7 +149,7 @@
 %endif
 %endif
 
-Version:4.5.0_02
+Version:4.5.0_03
 Release:0
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
 License:GPL-2.0
@@ -160,6 +160,7 @@
 Source3:qemu-xen-dir-remote.tar.bz2
 Source4:seabios-dir-remote.tar.bz2
 Source5:ipxe.tar.bz2
+Source9:xen.changes
 Source10:   README.SUSE
 Source11:   boot.xen
 Source12:   boot.local.xenU
@@ -285,7 +286,7 @@
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 %define pyver %(python -c import sys; print sys.version[:3])
 %if %{?with_kmp}0
-%suse_kernel_module_package -n xen um xen -f kmp_filelist
+%suse_kernel_module_package -n xen um pv xen -f kmp_filelist
 %endif
 
 %description
@@ -594,13 +595,13 @@
 SMBIOS_DATE=`date -u -d '1970-01-01' +%%m/%%d/%%Y`
 RELDATE=`date -u -d '1970-01-01' '+%%d %%b %%Y'`
 SEABIOS_DATE=`date -u -d '1970-01-01' '+?-%%Y%%m%%d_%%H%%M%%S-buildhost'`
-if test -r $RPM_SOURCE_DIR/xen.changes
+if test -r %{S:9}
 then
-   XEN_BUILD_DATE=` date -u -d \$(sed -n '/@/{s/ - .*$//p;q}' 
$RPM_SOURCE_DIR/xen.changes)\ `
-   XEN_BUILD_TIME=` date -u -d \$(sed -n '/@/{s/ - .*$//p;q}' 
$RPM_SOURCE_DIR/xen.changes)\ +%%T`
-   SMBIOS_DATE=` date -u -d \$(sed -n '/@/{s/ - .*$//p;q}' 
$RPM_SOURCE_DIR/xen.changes)\ +%%m/%%d/%%Y`
-   RELDATE=` date -u -d \$(sed -n '/@/{s/ - .*$//p;q}' 
$RPM_SOURCE_DIR/xen.changes)\ '+%%d %%b %%Y'`
-   SEABIOS_DATE=` date -u -d \$(sed -n '/@/{s/ - .*$//p;q}' 
$RPM_SOURCE_DIR/xen.changes)\ '+?-%%Y%%m%%d_%%H%%M%%S-buildhost'`
+   XEN_BUILD_DATE=` date -u -d \$(sed -n '/@/{s/ - .*$//p;q}' %{S:9})\ 
`
+   XEN_BUILD_TIME=` date -u -d \$(sed -n '/@/{s/ - .*$//p;q}' %{S:9})\ 
+%%T`
+   SMBIOS_DATE=` date -u -d \$(sed -n '/@/{s/ - .*$//p;q}' %{S:9})\ 
+%%m/%%d/%%Y`
+   RELDATE=` date -u -d \$(sed -n '/@/{s/ - .*$//p;q}' %{S:9})\ '+%%d 
%%b %%Y'`
+   SEABIOS_DATE=` date -u -d \$(sed -n '/@/{s/ - .*$//p;q}' %{S:9})\ 
'+?-%%Y%%m%%d_%%H%%M%%S-buildhost'`
 fi
 cat  .our_xenversion _EOV_
 export WGET=$(type -P false)


-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2015-02-16 15:25:00

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2015-02-04 09:31:32.0 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2015-02-16 
17:49:50.0 +0100
@@ -1,0 +2,6 @@
+Wed Jan 28 08:44:32 MST 2015 - carn...@suse.com
+
+- Update seabios to rel-1.7.5 which is the correct version for
+  Xen 4.5
+
+---



Other differences:
--
++ ioemu-blktap-fv-init.patch ++
--- /var/tmp/diff_new_pack.v3DgFd/_old  2015-02-16 17:49:53.0 +0100
+++ /var/tmp/diff_new_pack.v3DgFd/_new  2015-02-16 17:49:53.0 +0100
@@ -1,7 +1,5 @@
-Index: 
xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_machine_fv.c
-===
 
xen-4.2.0-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/xen_machine_fv.c
-+++ xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/hw/xen_machine_fv.c
+--- a/tools/qemu-xen-traditional-dir-remote/hw/xen_machine_fv.c
 b/tools/qemu-xen-traditional-dir-remote/hw/xen_machine_fv.c
 @@ -270,6 +270,7 @@ void qemu_invalidate_entry(uint8_t *buff
  
  #endif /* defined(MAPCACHE) */
@@ -14,7 +12,7 @@
  }
  #endif
  
-+#ifndef CONFIG_STUBDOM
++#if defined(CONFIG_BLKTAP1)  !defined(CONFIG_STUBDOM)  
!defined(__NetBSD__)
 +/* Initialize tapdisk client */
 +init_blktap();
 +#endif

++ seabios-dir-remote.tar.bz2 ++
 113301 lines of diff (skipped)

++ xen.build-compare.seabios.patch ++
--- /var/tmp/diff_new_pack.v3DgFd/_old  2015-02-16 17:49:54.0 +0100
+++ /var/tmp/diff_new_pack.v3DgFd/_new  2015-02-16 17:49:54.0 +0100
@@ -3,10 +3,10 @@
  tools/firmware/seabios-dir-remote/tools/buildversion.sh |5 +
  1 file changed, 5 insertions(+)
 
-Index: 
xen-4.5.0-testing/tools/firmware/seabios-dir-remote/tools/buildversion.sh
+Index: 
xen-4.5.0-testing/tools/firmware/seabios-dir-remote/scripts/buildversion.sh
 ===
 
xen-4.5.0-testing.orig/tools/firmware/seabios-dir-remote/tools/buildversion.sh
-+++ xen-4.5.0-testing/tools/firmware/seabios-dir-remote/tools/buildversion.sh
+--- 
xen-4.5.0-testing.orig/tools/firmware/seabios-dir-remote/scripts/buildversion.sh
 xen-4.5.0-testing/tools/firmware/seabios-dir-remote/scripts/buildversion.sh
 @@ -11,7 +11,12 @@ elif [ -f .version ]; then
  else
  VERSION=?


-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2015-02-04 09:31:06

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2014-10-14 13:24:38.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2015-02-04 
09:31:32.0 +0100
@@ -1,0 +2,197 @@
+Wed Jan 14 10:47:43 MST 2015 - carn...@suse.com
+
+- Update to Xen 4.5.0 FCS 
+
+---
+Wed Jan 14 16:54:24 UTC 2015 - oher...@suse.de
+
+- Include systemd presets in 13.2 and older
+
+---
+Mon Jan 12 14:49:23 UTC 2015 - oher...@suse.de
+
+- bnc#897352 - Enable xencommons/xendomains only during fresh install 
+- disable restart on upgrade because the toolstack is not restartable
+
+---
+Tue Dec 16 11:42:30 UTC 2014 - oher...@suse.de
+
+- adjust seabios, vgabios, stubdom and hvmloader build to reduce
+  build-compare noise
+  xen.build-compare.mini-os.patch
+  xen.build-compare.smbiosdate.patch
+  xen.build-compare.ipxe.patch
+  xen.build-compare.vgabios.patch
+  xen.build-compare.seabios.patch
+  xen.build-compare.man.patch
+
+---
+Mon Dec 15 11:36:42 MST 2014 - carn...@suse.com
+
+- Update to Xen 4.5.0 RC4
+
+---
+Wed Dec 10 08:54:22 UTC 2014 - oher...@suse.de
+
+- Remove xend specific if-up scripts
+  Recording bridge slaves is a generic task which should be handled
+  by generic network code
+
+---
+Tue Dec  9 18:33:51 UTC 2014 - oher...@suse.de
+
+- Use systemd features from upstream
+  requires updated systemd-presets-branding package
+
+---
+Thu Dec  4 11:59:29 MST 2014 - carn...@suse.com
+
+- Update to Xen 4.5.0 RC3
+
+---
+Thu Dec  4 11:44:24 UTC 2014 - oher...@suse.de
+
+- Set GIT, WGET and FTP to /bin/false
+
+---
+Wed Dec  3 12:14:27 UTC 2014 - oher...@suse.de
+
+- Use new configure features instead of make variables
+  xen.stubdom.newlib.patch
+
+---
+Wed Nov 19 17:10:51 UTC 2014 - oher...@suse.de
+
+- adjust docs and xen build to reduce build-compare noise
+  xen.build-compare.doc_html.patch
+  xen.build-compare.xen_compile_h.patch
+
+---
+Mon Nov 17 16:28:13 UTC 2014 - oher...@suse.de
+
+- Drop trailing B_CNT from XEN_EXTRAVERSION to reduce build-compare noise
+
+---
+Tue Nov 11 11:15:30 MST 2014 - carn...@suse.com
+
+- Update to Xen 4.5.0 RC2
+
+---
+Thu Oct 23 18:34:55 MDT 2014 - carn...@suse.com
+
+- Update to Xen 4.5.0 RC1
+  xen-4.5.0-testing-src.tar.bz2
+- Remove all patches now contained in the new tarball
+  xen-4.4.1-testing-src.tar.bz2
+  5315a3bb-x86-don-t-propagate-acpi_skip_timer_override-do-Dom0.patch
+  5315a43a-x86-ACPI-also-print-address-space-for-PM1x-fields.patch
+  53299d8f-xenconsole-reset-tty-on-failure.patch
+  53299d8f-xenconsole-tolerate-tty-errors.patch
+  5346a7a0-x86-AMD-support-further-feature-masking-MSRs.patch
+  53563ea4-x86-MSI-drop-workaround-for-insecure-Dom0-kernels.patch
+  537c9c77-libxc-check-return-values-on-mmap-and-madvise.patch
+  
537cd0b0-hvmloader-also-cover-PCI-MMIO-ranges-above-4G-with-UC-MTRR-ranges.patch
+  537cd0cc-hvmloader-PA-range-0xfc00-0x-should-be-UC.patch
+  539ebe62-x86-EFI-improve-boot-time-diagnostics.patch
+  
53aac342-x86-HVM-consolidate-and-sanitize-CR4-guest-reserved-bit-determination.patch
+  53c9151b-Fix-xl-vncviewer-accesses-port-0-by-any-invalid-domid.patch
+  53d124e7-fix-list_domain_details-check-config-data-length-0.patch
+  53dba447-x86-ACPI-allow-CMOS-RTC-use-even-when-ACPI-says-there-is-none.patch
+  53df727b-x86-HVM-extend-LAPIC-shortcuts-around-P2M-lookups.patch
+  53e8be5f-x86-vHPET-use-rwlock-instead-of-simple-one.patch
+  53f737b1-VMX-fix-DebugCtl-MSR-clearing.patch
+  53f7386d-x86-irq-process-softirqs-in-irq-keyhandlers.patch
+  53fcebab-xen-pass-kernel-initrd-to-qemu.patch
+  53ff3659-x86-consolidate-boolean-inputs-in-hvm-and-p2m.patch
+  53ff36ae-x86-hvm-treat-non-insn-fetch-NPF-also-as-read-violations.patch
+  53ff36d5-x86-mem_event-deliver-gla-fault-EPT-violation-information.patch
+  

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2014-10-14 13:24:34

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2014-10-05 20:30:37.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2014-10-14 
13:24:38.0 +0200
@@ -1,0 +2,5 @@
+Sat Oct 11 08:38:36 UTC 2014 - dmuel...@suse.com
+
+- restrict requires on grub2-x86_64-xen to x86_64 hosts
+
+---



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.zNPmxy/_old  2014-10-14 13:24:41.0 +0200
+++ /var/tmp/diff_new_pack.zNPmxy/_new  2014-10-14 13:24:41.0 +0200
@@ -466,8 +466,10 @@
 Group:  System/Kernel
 Requires:   bridge-utils
 %if %suse_version = 1315
+%ifarch x86_64
 Requires:   grub2-x86_64-xen
 %endif
+%endif
 Requires:   multipath-tools
 Requires:   python
 Requires:   python-curses


-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2014-10-05 20:30:33

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2014-09-25 09:33:43.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2014-10-05 
20:30:37.0 +0200
@@ -1,0 +2,7 @@
+Tue Sep 30 09:01:16 MDT 2014 - carn...@suse.com
+
+- bnc#897657 - VUL-0: CVE-2014-7188: xen: XSA-108 Improper MSR
+  range used for x2APIC emulation
+  xsa108.patch
+
+---
@@ -27,2 +34,2 @@
-- bnc#895802 - VUL-0: xen: XSA-106: Missing privilege level checks
-  in x86 emulation of software interrupts
+- bnc#895802 - VUL-0: CVE-2014-7156: xen: XSA-106: Missing
+  privilege level checks in x86 emulation of software interrupts
@@ -30,2 +37,2 @@
-- bnc#895799 - VUL-0: xen: XSA-105: Missing privilege level checks
-  in x86 HLT, LGDT, LIDT, and LMSW emulation
+- bnc#895799 - VUL-0: CVE-2014-7155: xen: XSA-105: Missing
+  privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation
@@ -33,2 +40,2 @@
-- bnc#895798 - VUL-0: xen: XSA-104: Race condition in
-  HVMOP_track_dirty_vram
+- bnc#895798 - VUL-0: CVE-2014-7154: xen: XSA-104: Race condition
+  in HVMOP_track_dirty_vram

New:

  xsa108.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.rBfrIa/_old  2014-10-05 20:30:41.0 +0200
+++ /var/tmp/diff_new_pack.rBfrIa/_new  2014-10-05 20:30:41.0 +0200
@@ -15,6 +15,7 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
+
 # needssslcertforbuild
 
 Name:   xen
@@ -240,6 +241,7 @@
 Patch105:   xsa105.patch
 Patch106:   xsa106.patch
 Patch107:   xsa107.patch
+Patch108:   xsa108.patch
 # Upstream qemu
 Patch250:   VNC-Support-for-ExtendedKeyEvent-client-message.patch
 Patch251:   0001-net-move-the-tap-buffer-into-TAPState.patch
@@ -636,6 +638,7 @@
 %patch105 -p1
 %patch106 -p1
 %patch107 -p1
+%patch108 -p1
 # Upstream qemu patches
 %patch250 -p1
 %patch251 -p1


++ xsa108.patch ++
x86/HVM: properly bound x2APIC MSR range

While the write path change appears to be purely cosmetic (but still
gets done here for consistency), the read side mistake permitted
accesses beyond the virtual APIC page.

This is XSA-108.

Signed-off-by: Jan Beulich jbeul...@suse.com

--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -3101,7 +3101,7 @@ int hvm_msr_read_intercept(unsigned int 
 *msr_content = vcpu_vlapic(v)-hw.apic_base_msr;
 break;
 
-case MSR_IA32_APICBASE_MSR ... MSR_IA32_APICBASE_MSR + 0x3ff:
+case MSR_IA32_APICBASE_MSR ... MSR_IA32_APICBASE_MSR + 0xff:
 if ( hvm_x2apic_msr_read(v, msr, msr_content) )
 goto gp_fault;
 break;
@@ -3227,7 +3227,7 @@ int hvm_msr_write_intercept(unsigned int
 vlapic_tdt_msr_set(vcpu_vlapic(v), msr_content);
 break;
 
-case MSR_IA32_APICBASE_MSR ... MSR_IA32_APICBASE_MSR + 0x3ff:
+case MSR_IA32_APICBASE_MSR ... MSR_IA32_APICBASE_MSR + 0xff:
 if ( hvm_x2apic_msr_write(v, msr, msr_content) )
 goto gp_fault;
 break;
-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2014-09-25 09:33:42

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2014-09-06 12:17:50.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2014-09-25 
09:33:43.0 +0200
@@ -1,0 +2,36 @@
+Mon Sep 22 09:55:35 MDT 2014 - carn...@suse.com
+
+- bnc#897614 - Virtualization/xen: Bug `xen-tools` uninstallable;
+  grub2-x86_64-xen dependency not available
+  xen.spec
+
+---
+Wed Sep 17 16:21:22 MDT 2014 - jfeh...@suse.com
+
+- More cleanup of README.SUSE
+
+---
+Fri Sep 15 09:37:10 CST 2014 - cy...@suse.com
+
+- Update xen patch with upstream patch so that latest libvirt
+  patch can work. (bnc#896044)
+  + 53fcebab-xen-pass-kernel-initrd-to-qemu.patch
+  - xen-pass-kernel-initrd-to-qemu.patch
+
+---
+Wed Sep 10 09:15:39 MDT 2014 - carn...@suse.com
+
+- bnc#895804 - VUL-0: CVE-2014-6268: xen: XSA-107: Mishandling of
+  uninitialised FIFO-based event channel control blocks
+  xsa107.patch
+- bnc#895802 - VUL-0: xen: XSA-106: Missing privilege level checks
+  in x86 emulation of software interrupts
+  xsa106.patch
+- bnc#895799 - VUL-0: xen: XSA-105: Missing privilege level checks
+  in x86 HLT, LGDT, LIDT, and LMSW emulation
+  xsa105.patch
+- bnc#895798 - VUL-0: xen: XSA-104: Race condition in
+  HVMOP_track_dirty_vram
+  xsa104.patch
+
+---

Old:

  xen-pass-kernel-initrd-to-qemu.patch

New:

  53fcebab-xen-pass-kernel-initrd-to-qemu.patch
  xsa104.patch
  xsa105.patch
  xsa106.patch
  xsa107.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.M0pMmJ/_old  2014-09-25 09:33:47.0 +0200
+++ /var/tmp/diff_new_pack.M0pMmJ/_new  2014-09-25 09:33:47.0 +0200
@@ -153,7 +153,7 @@
 %endif
 %endif
 
-Version:4.4.1_04
+Version:4.4.1_06
 Release:0
 PreReq: %insserv_prereq %fillup_prereq
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
@@ -229,12 +229,17 @@
 Patch15:53e8be5f-x86-vHPET-use-rwlock-instead-of-simple-one.patch
 Patch16:53f737b1-VMX-fix-DebugCtl-MSR-clearing.patch
 Patch17:53f7386d-x86-irq-process-softirqs-in-irq-keyhandlers.patch
-Patch18:53ff3659-x86-consolidate-boolean-inputs-in-hvm-and-p2m.patch
-Patch19:
53ff36ae-x86-hvm-treat-non-insn-fetch-NPF-also-as-read-violations.patch
-Patch20:
53ff36d5-x86-mem_event-deliver-gla-fault-EPT-violation-information.patch
-Patch21:
53ff3716-x86-ats-Disable-Address-Translation-Services-by-default.patch
-Patch22:
53ff3899-x86-NMI-allow-processing-unknown-NMIs-with-watchdog.patch
-Patch23:
54005472-EPT-utilize-GLA-GPA-translation-known-for-certain-faults.patch
+Patch18:53fcebab-xen-pass-kernel-initrd-to-qemu.patch
+Patch19:53ff3659-x86-consolidate-boolean-inputs-in-hvm-and-p2m.patch
+Patch20:
53ff36ae-x86-hvm-treat-non-insn-fetch-NPF-also-as-read-violations.patch
+Patch21:
53ff36d5-x86-mem_event-deliver-gla-fault-EPT-violation-information.patch
+Patch22:
53ff3716-x86-ats-Disable-Address-Translation-Services-by-default.patch
+Patch23:
53ff3899-x86-NMI-allow-processing-unknown-NMIs-with-watchdog.patch
+Patch24:
54005472-EPT-utilize-GLA-GPA-translation-known-for-certain-faults.patch
+Patch104:   xsa104.patch
+Patch105:   xsa105.patch
+Patch106:   xsa106.patch
+Patch107:   xsa107.patch
 # Upstream qemu
 Patch250:   VNC-Support-for-ExtendedKeyEvent-client-message.patch
 Patch251:   0001-net-move-the-tap-buffer-into-TAPState.patch
@@ -362,9 +367,8 @@
 Patch468:   
libxl.introduce-an-option-to-disable-the-non-O_DIRECT-workaround.patch
 Patch469:   libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch
 Patch470:   qemu-xen-upstream-qdisk-cache-unsafe.patch
-Patch471:   xen-pass-kernel-initrd-to-qemu.patch
-Patch472:   qemu-support-xen-hvm-direct-kernel-boot.patch
-Patch473:   tigervnc-long-press.patch
+Patch471:   qemu-support-xen-hvm-direct-kernel-boot.patch
+Patch472:   tigervnc-long-press.patch
 # Hypervisor and PV driver Patches
 Patch501:   x86-ioapic-ack-default.patch
 Patch502:   x86-cpufreq-report.patch
@@ -459,7 +463,9 @@
 Summary:Xen Virtualization: Control tools for domain 0
 Group:  System/Kernel
 Requires:   

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2014-09-06 12:17:45

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2014-08-20 17:53:00.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2014-09-06 
12:17:50.0 +0200
@@ -1,0 +2,41 @@
+Thu Sep  4 17:01:24 CST 2014 - cy...@suse.com
+
+- bnc#882405 - Only one key-press event was generated while holding
+  a key before key-release in pv guests through xl vncviewer 
+  tigervnc-long-press.patch
+
+---
+Tue Sep  2 09:01:24 MDT 2014 - carn...@suse.com
+
+- Update to Xen Version 4.4.1 FCS
+  xen-4.4.1-testing-src.tar.bz2
+- Dropped patches now contained in tarball
+  53d7b781-x86-cpu-undo-BIOS-CPUID-max_leaf-limit-earlier.patch
+  53df71c7-lz4-check-for-underruns.patch
+  53e47d6b-x86_emulate-properly-do-IP-updates-and-other-side-effects.patch
+
+---
+Mon Sep  1 15:20:20 MDT 2014 - carn...@suse.com
+
+- bnc#882089 - Windows 2012 R2 fails to boot up with greater than
+  60 vcpus 
+  53df727b-x86-HVM-extend-LAPIC-shortcuts-around-P2M-lookups.patch
+  53e8be5f-x86-vHPET-use-rwlock-instead-of-simple-one.patch
+  53ff3659-x86-consolidate-boolean-inputs-in-hvm-and-p2m.patch
+  53ff36ae-x86-hvm-treat-non-insn-fetch-NPF-also-as-read-violations.patch
+  53ff36d5-x86-mem_event-deliver-gla-fault-EPT-violation-information.patch
+  54005472-EPT-utilize-GLA-GPA-translation-known-for-certain-faults.patch
+- Upstream patches from Jan
+  53f737b1-VMX-fix-DebugCtl-MSR-clearing.patch
+  53f7386d-x86-irq-process-softirqs-in-irq-keyhandlers.patch
+  53ff3716-x86-ats-Disable-Address-Translation-Services-by-default.patch
+  53ff3899-x86-NMI-allow-processing-unknown-NMIs-with-watchdog.patch
+
+---
+Fri Aug 29 09:25:47 MDT 2014 - carn...@suse.com
+
+- bnc#864801 - VUL-0: CVE-2013-4540: qemu: zaurus: buffer overrun
+  on invalid state load
+  CVE-2013-4540-qemu.patch
+
+---

Old:

  53d7b781-x86-cpu-undo-BIOS-CPUID-max_leaf-limit-earlier.patch
  53df71c7-lz4-check-for-underruns.patch
  53e47d6b-x86_emulate-properly-do-IP-updates-and-other-side-effects.patch

New:

  53e8be5f-x86-vHPET-use-rwlock-instead-of-simple-one.patch
  53f737b1-VMX-fix-DebugCtl-MSR-clearing.patch
  53f7386d-x86-irq-process-softirqs-in-irq-keyhandlers.patch
  53ff3659-x86-consolidate-boolean-inputs-in-hvm-and-p2m.patch
  53ff36ae-x86-hvm-treat-non-insn-fetch-NPF-also-as-read-violations.patch
  53ff36d5-x86-mem_event-deliver-gla-fault-EPT-violation-information.patch
  53ff3716-x86-ats-Disable-Address-Translation-Services-by-default.patch
  53ff3899-x86-NMI-allow-processing-unknown-NMIs-with-watchdog.patch
  54005472-EPT-utilize-GLA-GPA-translation-known-for-certain-faults.patch
  CVE-2013-4540-qemu.patch
  tigervnc-long-press.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.SmKn8C/_old  2014-09-06 12:17:53.0 +0200
+++ /var/tmp/diff_new_pack.SmKn8C/_new  2014-09-06 12:17:53.0 +0200
@@ -21,7 +21,7 @@
 ExclusiveArch:  %ix86 x86_64 %arm aarch64
 %define xvers 4.4
 %define xvermaj 4
-%define changeset 28531
+%define changeset 28541
 %define xen_build_dir xen-4.4.1-testing
 #
 %define with_kmp 0
@@ -153,7 +153,7 @@
 %endif
 %endif
 
-Version:4.4.1_02
+Version:4.4.1_04
 Release:0
 PreReq: %insserv_prereq %fillup_prereq
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
@@ -224,11 +224,17 @@
 Patch10:
53aac342-x86-HVM-consolidate-and-sanitize-CR4-guest-reserved-bit-determination.patch
 Patch11:
53c9151b-Fix-xl-vncviewer-accesses-port-0-by-any-invalid-domid.patch
 Patch12:
53d124e7-fix-list_domain_details-check-config-data-length-0.patch
-Patch13:53d7b781-x86-cpu-undo-BIOS-CPUID-max_leaf-limit-earlier.patch
-Patch14:
53dba447-x86-ACPI-allow-CMOS-RTC-use-even-when-ACPI-says-there-is-none.patch
-Patch15:53df71c7-lz4-check-for-underruns.patch
-Patch16:
53df727b-x86-HVM-extend-LAPIC-shortcuts-around-P2M-lookups.patch
-Patch17:
53e47d6b-x86_emulate-properly-do-IP-updates-and-other-side-effects.patch
+Patch13:
53dba447-x86-ACPI-allow-CMOS-RTC-use-even-when-ACPI-says-there-is-none.patch
+Patch14:
53df727b-x86-HVM-extend-LAPIC-shortcuts-around-P2M-lookups.patch
+Patch15:53e8be5f-x86-vHPET-use-rwlock-instead-of-simple-one.patch
+Patch16:

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2014-08-20 17:52:54

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2014-07-26 11:27:56.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2014-08-20 
17:53:00.0 +0200
@@ -1,0 +2,106 @@
+Fri Aug 15 15:09:27 MDT 2014 - carn...@suse.com
+
+- Update README.SUSE with additional debug help
+
+---
+Fri Aug  8 07:34:38 MDT 2014 - carn...@suse.com
+
+- bnc#883112 - Xen Panic during boot System without CMOS RTC must
+  be booted from EFI
+  53dba447-x86-ACPI-allow-CMOS-RTC-use-even-when-ACPI-says-there-is-none.patch
+- Upstream patches from Jan
+  53d7b781-x86-cpu-undo-BIOS-CPUID-max_leaf-limit-earlier.patch
+  53df71c7-lz4-check-for-underruns.patch
+  53df727b-x86-HVM-extend-LAPIC-shortcuts-around-P2M-lookups.patch
+  53e47d6b-x86_emulate-properly-do-IP-updates-and-other-side-effects.patch
+
+---
+Thu Aug  7 11:26:15 UTC 2014 - carn...@suse.com
+
+- Update to Xen Version 4.4.1-rc2
+  xen-4.4.1-testing-src.tar.bz2
+- Dropped the following upstream patches and xen-4.4.0-testing-src.tar.bz2
+  537b5ede-move-domain-to-cpupool0-before-destroying-it.patch
+  5327190a-x86-Intel-work-around-Xeon-7400-series-erratum-AAI65.patch
+  
534bdf47-x86-HAP-also-flush-TLB-when-altering-a-present-1G-or-intermediate-entry.patch
+  535a354b-passthrough-allow-to-suppress-SERR-and-PERR-signaling.patch
+  53636ebf-x86-fix-guest-CPUID-handling.patch
+  5347b524-evtchn-eliminate-64k-ports-limitation.patch
+  53a040c6-page-alloc-scrub-pages-used-by-hypervisor-upon-freeing.patch
+  53a1990a-IOMMU-prevent-VT-d-device-IOTLB-operations-on-wrong-IOMMU.patch
+  53732f4f-x86-MCE-bypass-uninitialized-vcpu-in-vMCE-injection.patch
+  531dc0e2-xmalloc-handle-correctly-page-allocation-when-align-size.patch
+  
5331917d-x86-enforce-preemption-in-HVM_set_mem_access-p2m_set_mem_access.patch
+  531d8e09-x86-HVM-fix-memory-type-merging-in-epte_get_entry_emt.patch
+  
538ee637-ACPI-Prevent-acpi_table_entries-from-falling-into-a-infinite-loop.patch
+  535a34eb-VT-d-suppress-UR-signaling-for-server-chipsets.patch
+  535e31bc-x86-HVM-correct-the-SMEP-logic-for-HVM_CR0_GUEST_RESERVED_BITS.patch
+  53859956-timers-set-the-deadline-more-accurately.patch
+  53636978-hvm_set_ioreq_page-releases-wrong-page-in-error-path.patch
+  535a3516-VT-d-suppress-UR-signaling-for-desktop-chipsets.patch
+  53cfdcc7-avoid-crash-when-doing-shutdown-with-active-cpupools.patch
+  
5383175e-VT-d-fix-mask-applied-to-DMIBAR-in-desktop-chipset-XSA-59-workaround.patch
+  531d8e34-x86-HVM-consolidate-passthrough-handling-in-epte_get_entry_emt.patch
+  
532fff53-x86-fix-determination-of-bit-count-for-struct-domain-allocations.patch
+  5357baff-x86-add-missing-break-in-dom0_pit_access.patch
+  530c54c3-x86-mce-Reduce-boot-time-logspam.patch
+  5383167d-ACPI-ERST-fix-table-mapping.patch
+  5390927f-x86-fix-reboot-shutdown-with-running-HVM-guests.patch
+  530b27fd-x86-MCE-Fix-race-condition-in-mctelem_reserve.patch
+  53709b77-Nested-VMX-load-current_vmcs-only-when-it-exists.patch
+  5396d818-avoid-crash-on-HVM-domain-destroy-with-PCI-passthrough.patch
+  531d8fd0-kexec-identify-which-cpu-the-kexec-image-is-being-executed-on.patch
+  5385956b-x86-don-t-use-VA-for-cache-flush-when-also-flushing-TLB.patch
+  539ec004-x86-mce-don-t-spam-the-console-with-CPUx-Temperature-z.patch
+  
53909259-x86-domctl-two-functional-fixes-to-XEN_DOMCTL_-gs-etvcpuextstate.patch
+  53859549-AMD-IOMMU-don-t-free-page-table-prematurely.patch
+  533d413b-x86-mm-fix-checks-against-max_mapped_pfn.patch
+  535fa503-x86-HVM-restrict-HVMOP_set_mem_type.patch
+  53271880-VT-d-fix-RMRR-handling.patch
+  5390917a-VT-d-honor-APEI-firmware-first-mode-in-XSA-59-workaround-code.patch
+  538dcada-x86-HVM-eliminate-vulnerabilities-from-hvm_inject_msi.patch
+  53455585-x86-AMD-feature-masking-is-unavailable-on-Fam11.patch
+  
537b5e50-VT-d-apply-quirks-at-device-setup-time-rather-than-only-at-boot.patch
+  53a199d7-x86-EFI-allow-FPU-XMM-use-in-runtime-service-functions.patch
+  
53cfddaf-x86-mem_event-validate-the-response-vcpu_id-before-acting-on-it.patch
+  53b16cd4-VT-d-ATS-correct-and-clean-up-dev_invalidate_iotlb.patch
+  53cfdde4-x86-mem_event-prevent-underflow-of-vcpu-pause-counts.patch
+  53356c1e-x86-HVM-correct-CPUID-leaf-8008-handling.patch
+  534bbd90-x86-nested-HAP-don-t-BUG-on-legitimate-error.patch
+  530b28c5-x86-MSI-don-t-risk-division-by-zero.patch
+  5396e805-x86-HVM-refine-SMEP-test-in-HVM_CR4_GUEST_RESERVED_BITS.patch
+  

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2014-07-26 11:27:52

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2014-07-08 16:59:04.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2014-07-26 
11:27:56.0 +0200
@@ -1,0 +2,55 @@
+Thu Jul 24 07:54:34 MDT 2014 - carn...@suse.com
+
+- Upstream patches from Jan
+  5347b524-evtchn-eliminate-64k-ports-limitation.patch
+  
53aac342-x86-HVM-consolidate-and-sanitize-CR4-guest-reserved-bit-determination.patch
+  53b16cd4-VT-d-ATS-correct-and-clean-up-dev_invalidate_iotlb.patch
+  53b56de1-properly-reference-count-DOMCTL_-un-pausedomain-hypercalls.patch
+  53cfdcc7-avoid-crash-when-doing-shutdown-with-active-cpupools.patch
+  
53cfddaf-x86-mem_event-validate-the-response-vcpu_id-before-acting-on-it.patch
+  53cfdde4-x86-mem_event-prevent-underflow-of-vcpu-pause-counts.patch
+
+---
+Mon Jul 21 03:05:48 UTC 2014 - cy...@suse.com
+
+- bnc#886801 - xl vncviewer: The first domu can be accessed by any id
+  53c9151b-Fix-xl-vncviewer-accesses-port-0-by-any-invalid-domid.patch
+
+---
+Mon Jul 14 11:14:38 MDT 2014 - carn...@suse.com
+
+- Upstream pygrub bug fix
+  5370e03b-pygrub-fix-error-handling-if-no-valid-partitions-are-found.patch
+
+---
+Wed Jul  9 16:45:58 MDT 2014 - carn...@suse.com
+
+- Fix pygrub to handle old 32 bit VMs
+  pygrub-boot-legacy-sles.patch (Mike Latimer)
+
+---
+Mon Jul  7 17:54:58 MDT 2014 - jfeh...@suse.com
+
+- Remove xen-vmresync utility.  It is an old Platespin Orchestrate
+  utility that should have never been included in the Xen package.
+  Updated xen.spec
+
+---
+Mon Jul  7 17:01:59 MDT 2014 - jfeh...@suse.com
+
+- Rework xen-destroy utility included in xen-utils
+  bnc#885292 and bnc#886063
+  Updated xen-utils-0.1.tar.bz2
+
+---
+Mon Jul 07 11:40:32 MDT 2014 - carn...@suse.com
+
+- bnc#886063 - Xen monitor fails (xl list --long output different
+  from xm list --long output)
+- bnc#885292 - VirtualDomain: pid_status does not know how to check
+  status on SLE12
+  Re-enable building xen-utils for sle12 and include xen-list and
+  xen-destroy in the xen-tools package for HA.
+  xen.spec
+
+---

New:

  5347b524-evtchn-eliminate-64k-ports-limitation.patch
  5370e03b-pygrub-fix-error-handling-if-no-valid-partitions-are-found.patch
  
53aac342-x86-HVM-consolidate-and-sanitize-CR4-guest-reserved-bit-determination.patch
  53b16cd4-VT-d-ATS-correct-and-clean-up-dev_invalidate_iotlb.patch
  53b56de1-properly-reference-count-DOMCTL_-un-pausedomain-hypercalls.patch
  53c9151b-Fix-xl-vncviewer-accesses-port-0-by-any-invalid-domid.patch
  53cfdcc7-avoid-crash-when-doing-shutdown-with-active-cpupools.patch
  53cfddaf-x86-mem_event-validate-the-response-vcpu_id-before-acting-on-it.patch
  53cfdde4-x86-mem_event-prevent-underflow-of-vcpu-pause-counts.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.rZuEbq/_old  2014-07-26 11:27:59.0 +0200
+++ /var/tmp/diff_new_pack.rZuEbq/_new  2014-07-26 11:27:59.0 +0200
@@ -15,7 +15,6 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
-
 # needssslcertforbuild
 
 Name:   xen
@@ -154,7 +153,7 @@
 %endif
 %endif
 
-Version:4.4.0_24
+Version:4.4.0_26
 Release:0
 PreReq: %insserv_prereq %fillup_prereq
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
@@ -239,42 +238,51 @@
 Patch24:533d413b-x86-mm-fix-checks-against-max_mapped_pfn.patch
 Patch25:53455585-x86-AMD-feature-masking-is-unavailable-on-Fam11.patch
 Patch26:5346a7a0-x86-AMD-support-further-feature-masking-MSRs.patch
-Patch27:534bbd90-x86-nested-HAP-don-t-BUG-on-legitimate-error.patch
-Patch28:
534bdf47-x86-HAP-also-flush-TLB-when-altering-a-present-1G-or-intermediate-entry.patch
-Patch29:
53563ea4-x86-MSI-drop-workaround-for-insecure-Dom0-kernels.patch
-Patch30:5357baff-x86-add-missing-break-in-dom0_pit_access.patch
-Patch31:535a34eb-VT-d-suppress-UR-signaling-for-server-chipsets.patch
-Patch32:535a3516-VT-d-suppress-UR-signaling-for-desktop-chipsets.patch
-Patch33:  

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2014-06-19 13:19:47

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2014-06-01 18:58:38.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2014-06-19 
13:19:50.0 +0200
@@ -1,0 +2,21 @@
+Thu Jun  6 15:50:19 MDT 2014 - carn...@suse.com
+
+- Modify how we check for libvirt managed domains
+  xl-check-for-libvirt-managed-domain.patch
+
+---
+Thu Jun  5 08:56:13 MDT 2014 - carn...@suse.com
+
+- bnc#878841 - VUL-0: XSA-96: Xen: Vulnerabilities in HVM MSI
+  injection
+  538dcada-x86-HVM-eliminate-vulnerabilities-from-hvm_inject_msi.patch
+- Upstream patches from Jan
+  
537cd0b0-hvmloader-also-cover-PCI-MMIO-ranges-above-4G-with-UC-MTRR-ranges.patch
+  537cd0cc-hvmloader-PA-range-0xfc00-0x-should-be-UC.patch
+  5383167d-ACPI-ERST-fix-table-mapping.patch
+  
5383175e-VT-d-fix-mask-applied-to-DMIBAR-in-desktop-chipset-XSA-59-workaround.patch
+  53859549-AMD-IOMMU-don-t-free-page-table-prematurely.patch
+  5385956b-x86-don-t-use-VA-for-cache-flush-when-also-flushing-TLB.patch
+  53859956-timers-set-the-deadline-more-accurately.patch
+
+---

New:

  
537cd0b0-hvmloader-also-cover-PCI-MMIO-ranges-above-4G-with-UC-MTRR-ranges.patch
  537cd0cc-hvmloader-PA-range-0xfc00-0x-should-be-UC.patch
  5383167d-ACPI-ERST-fix-table-mapping.patch
  
5383175e-VT-d-fix-mask-applied-to-DMIBAR-in-desktop-chipset-XSA-59-workaround.patch
  53859549-AMD-IOMMU-don-t-free-page-table-prematurely.patch
  5385956b-x86-don-t-use-VA-for-cache-flush-when-also-flushing-TLB.patch
  53859956-timers-set-the-deadline-more-accurately.patch
  538dcada-x86-HVM-eliminate-vulnerabilities-from-hvm_inject_msi.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.cfX6MD/_old  2014-06-19 13:19:53.0 +0200
+++ /var/tmp/diff_new_pack.cfX6MD/_new  2014-06-19 13:19:53.0 +0200
@@ -154,7 +154,7 @@
 %endif
 %endif
 
-Version:4.4.0_20
+Version:4.4.0_22
 Release:0
 PreReq: %insserv_prereq %fillup_prereq
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
@@ -255,6 +255,14 @@
 Patch40:
537b5e50-VT-d-apply-quirks-at-device-setup-time-rather-than-only-at-boot.patch
 Patch41:
537b5e79-VT-d-extend-error-report-masking-workaround-to-newer-chipsets.patch
 Patch42:537b5ede-move-domain-to-cpupool0-before-destroying-it.patch
+Patch43:
537cd0b0-hvmloader-also-cover-PCI-MMIO-ranges-above-4G-with-UC-MTRR-ranges.patch
+Patch44:
537cd0cc-hvmloader-PA-range-0xfc00-0x-should-be-UC.patch
+Patch45:5383167d-ACPI-ERST-fix-table-mapping.patch
+Patch46:
5383175e-VT-d-fix-mask-applied-to-DMIBAR-in-desktop-chipset-XSA-59-workaround.patch
+Patch47:53859549-AMD-IOMMU-don-t-free-page-table-prematurely.patch
+Patch48:
5385956b-x86-don-t-use-VA-for-cache-flush-when-also-flushing-TLB.patch
+Patch49:53859956-timers-set-the-deadline-more-accurately.patch
+Patch50:
538dcada-x86-HVM-eliminate-vulnerabilities-from-hvm_inject_msi.patch
 # Upstream qemu
 Patch250:   VNC-Support-for-ExtendedKeyEvent-client-message.patch
 Patch251:   0001-net-move-the-tap-buffer-into-TAPState.patch
@@ -660,6 +668,14 @@
 %patch40 -p1
 %patch41 -p1
 %patch42 -p1
+%patch43 -p1
+%patch44 -p1
+%patch45 -p1
+%patch46 -p1
+%patch47 -p1
+%patch48 -p1
+%patch49 -p1
+%patch50 -p1
 # Upstream qemu patches
 %patch250 -p1
 %patch251 -p1

++ 
537cd0b0-hvmloader-also-cover-PCI-MMIO-ranges-above-4G-with-UC-MTRR-ranges.patch
 ++
# Commit d06886694328a31369addc1f614cf326728d65a6
# Date 2014-05-21 18:13:36 +0200
# Author Jan Beulich jbeul...@suse.com
# Committer Jan Beulich jbeul...@suse.com
hvmloader: also cover PCI MMIO ranges above 4G with UC MTRR ranges

When adding support for BAR assignments to addresses above 4G, the MTRR
side of things was left out.

Additionally the MMIO ranges in the DSDT's \_SB.PCI0._CRS were having
memory types not matching the ones put into MTRRs: The legacy VGA range
is supposed to be WC, and the other ones should be UC.

Signed-off-by: Jan Beulich jbeul...@suse.com
Acked-by: Ian Campbell ian.campb...@citrix.com

# Commit 119d8a42d3bfe6ebc1785720e1a7260e5c698632
# Date 2014-05-22 14:20:19 +0200
# Author Jan Beulich jbeul...@suse.com
# Committer Jan Beulich jbeul...@suse.com
hvmloader: fix build with certain iasl versions

While most of them support what we have 

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2014-06-01 18:58:23

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2014-05-15 21:31:30.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2014-06-01 
18:58:38.0 +0200
@@ -1,0 +2,44 @@
+Tue May 27 16:54:13 CEST 2014 - oher...@suse.de
+
+- bnc#879425: handle cache=unsafe from libvirt to disable flush in qdisk
+  libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch
+  qemu-xen-upstream-qdisk-cache-unsafe.patch
+
+---
+Tue May 27 16:50:22 CEST 2014 - oher...@suse.de
+
+- libxl: introduce an option for disabling the non-O_DIRECT workaround
+  recognize direct-io-safe in domU.cfg diskspec
+  libxl.introduce-an-option-to-disable-the-non-O_DIRECT-workaround.patch
+  
+---
+Tue May 27 16:44:06 CEST 2014 - oher...@suse.de
+
+- fate#316071: add discard support for file backed storage (qdisk)
+  update patch to allow more values in overloaded -readwrite member
+
+---
+Tue May 27 08:03:51 MDT 2014 - carn...@suse.com
+
+- bnc#826717 - VUL-0: CVE-2013-3495: XSA-59: xen: Intel VT-d
+  Interrupt Remapping engines can be evaded by native NMI interrupts 
+  
537b5e50-VT-d-apply-quirks-at-device-setup-time-rather-than-only-at-boot.patch
+  537b5e79-VT-d-extend-error-report-masking-workaround-to-newer-chipsets.patch
+- Upstream patches from Jan
+  53709b77-Nested-VMX-load-current_vmcs-only-when-it-exists.patch
+  53732f4f-x86-MCE-bypass-uninitialized-vcpu-in-vMCE-injection.patch
+  537b5ede-move-domain-to-cpupool0-before-destroying-it.patch
+
+---
+Tue May 20 16:34:37 MDT 2014 - carn...@suse.com
+
+- Update README.SuSE with information on the toolstack change
+
+---
+Fri May 16 10:27:04 CEST 2014 - oher...@suse.de
+
+- fate#316071: add discard support for file backed storage (qdisk)
+  update to recognize option discard/no-discard instead of discard=0,1
+  to match upstream change
+
+---

New:

  53709b77-Nested-VMX-load-current_vmcs-only-when-it-exists.patch
  53732f4f-x86-MCE-bypass-uninitialized-vcpu-in-vMCE-injection.patch
  537b5e50-VT-d-apply-quirks-at-device-setup-time-rather-than-only-at-boot.patch
  537b5e79-VT-d-extend-error-report-masking-workaround-to-newer-chipsets.patch
  537b5ede-move-domain-to-cpupool0-before-destroying-it.patch
  libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch
  libxl.introduce-an-option-to-disable-the-non-O_DIRECT-workaround.patch
  qemu-xen-upstream-qdisk-cache-unsafe.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.JjJzfv/_old  2014-06-01 18:58:40.0 +0200
+++ /var/tmp/diff_new_pack.JjJzfv/_new  2014-06-01 18:58:40.0 +0200
@@ -15,6 +15,7 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
+
 # needssslcertforbuild
 
 Name:   xen
@@ -153,7 +154,7 @@
 %endif
 %endif
 
-Version:4.4.0_18
+Version:4.4.0_20
 Release:0
 PreReq: %insserv_prereq %fillup_prereq
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
@@ -249,6 +250,11 @@
 Patch35:535fa503-x86-HVM-restrict-HVMOP_set_mem_type.patch
 Patch36:
53636978-hvm_set_ioreq_page-releases-wrong-page-in-error-path.patch
 Patch37:53636ebf-x86-fix-guest-CPUID-handling.patch
+Patch38:53709b77-Nested-VMX-load-current_vmcs-only-when-it-exists.patch
+Patch39:
53732f4f-x86-MCE-bypass-uninitialized-vcpu-in-vMCE-injection.patch
+Patch40:
537b5e50-VT-d-apply-quirks-at-device-setup-time-rather-than-only-at-boot.patch
+Patch41:
537b5e79-VT-d-extend-error-report-masking-workaround-to-newer-chipsets.patch
+Patch42:537b5ede-move-domain-to-cpupool0-before-destroying-it.patch
 # Upstream qemu
 Patch250:   VNC-Support-for-ExtendedKeyEvent-client-message.patch
 Patch251:   0001-net-move-the-tap-buffer-into-TAPState.patch
@@ -372,6 +378,9 @@
 Patch465:   libxl.add-option-for-discard-support-to-xl-disk-conf.patch
 Patch466:   aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch
 Patch467:   xl-check-for-libvirt-managed-domain.patch
+Patch468:   
libxl.introduce-an-option-to-disable-the-non-O_DIRECT-workaround.patch
+Patch469:   

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2014-05-15 21:31:28

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2014-05-02 19:21:29.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2014-05-15 
21:31:30.0 +0200
@@ -1,0 +2,29 @@
+Mon May 12 18:00:14 CEST 2014 - oher...@suse.de
+
+- fate#316613: Implement pvscsi in xl/libxl
+  libxl.pvscsi.patch
+
+---
+Fri May  9 08:07:34 MDT 2014 - carn...@suse.com
+
+- bnc#875668 - VUL-0: CVE-2014-3124: xen: XSA-92:
+  HVMOP_set_mem_type allows invalid P2M entries to be created
+  535fa503-x86-HVM-restrict-HVMOP_set_mem_type.patch (replaces xsa92.patch)
+- bnc#826717 - VUL-0: CVE-2013-3495: XSA-59: xen: Intel VT-d
+  Interrupt Remapping engines can be evaded by native NMI interrupts
+  535a34eb-VT-d-suppress-UR-signaling-for-server-chipsets.patch
+  535a3516-VT-d-suppress-UR-signaling-for-desktop-chipsets.patch
+- Upstream patches from Jan
+  535a354b-passthrough-allow-to-suppress-SERR-and-PERR-signaling.patch
+  535e31bc-x86-HVM-correct-the-SMEP-logic-for-HVM_CR0_GUEST_RESERVED_BITS.patch
+  53636978-hvm_set_ioreq_page-releases-wrong-page-in-error-path.patch
+  53636ebf-x86-fix-guest-CPUID-handling.patch
+
+---
+Tue May  6 13:24:14 MDT 2014 - carn...@suse.com
+
+- Fix pygrub to handle VM with no grub/menu.lst file.
+- Don't use /var/run/xend/boot for temporary boot directory
+  pygrub-boot-legacy-sles.patch
+
+---

Old:

  xsa92.patch

New:

  535a34eb-VT-d-suppress-UR-signaling-for-server-chipsets.patch
  535a3516-VT-d-suppress-UR-signaling-for-desktop-chipsets.patch
  535a354b-passthrough-allow-to-suppress-SERR-and-PERR-signaling.patch
  535e31bc-x86-HVM-correct-the-SMEP-logic-for-HVM_CR0_GUEST_RESERVED_BITS.patch
  535fa503-x86-HVM-restrict-HVMOP_set_mem_type.patch
  53636978-hvm_set_ioreq_page-releases-wrong-page-in-error-path.patch
  53636ebf-x86-fix-guest-CPUID-handling.patch
  libxl.pvscsi.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.Vl5xWb/_old  2014-05-15 21:31:34.0 +0200
+++ /var/tmp/diff_new_pack.Vl5xWb/_new  2014-05-15 21:31:34.0 +0200
@@ -15,7 +15,6 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
-
 # needssslcertforbuild
 
 Name:   xen
@@ -154,7 +153,7 @@
 %endif
 %endif
 
-Version:4.4.0_16
+Version:4.4.0_18
 Release:0
 PreReq: %insserv_prereq %fillup_prereq
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
@@ -243,7 +242,13 @@
 Patch28:
534bdf47-x86-HAP-also-flush-TLB-when-altering-a-present-1G-or-intermediate-entry.patch
 Patch29:
53563ea4-x86-MSI-drop-workaround-for-insecure-Dom0-kernels.patch
 Patch30:5357baff-x86-add-missing-break-in-dom0_pit_access.patch
-Patch92:xsa92.patch
+Patch31:535a34eb-VT-d-suppress-UR-signaling-for-server-chipsets.patch
+Patch32:535a3516-VT-d-suppress-UR-signaling-for-desktop-chipsets.patch
+Patch33:
535a354b-passthrough-allow-to-suppress-SERR-and-PERR-signaling.patch
+Patch34:
535e31bc-x86-HVM-correct-the-SMEP-logic-for-HVM_CR0_GUEST_RESERVED_BITS.patch
+Patch35:535fa503-x86-HVM-restrict-HVMOP_set_mem_type.patch
+Patch36:
53636978-hvm_set_ioreq_page-releases-wrong-page-in-error-path.patch
+Patch37:53636ebf-x86-fix-guest-CPUID-handling.patch
 # Upstream qemu
 Patch250:   VNC-Support-for-ExtendedKeyEvent-client-message.patch
 Patch251:   0001-net-move-the-tap-buffer-into-TAPState.patch
@@ -311,6 +316,7 @@
 Patch387:   libxl.set-migration-constraints-from-cmdline.patch
 Patch388:   libxl.honor-more-top-level-vfb-options.patch
 Patch389:   qemu-xen-upstream-megasas-buildtime.patch
+Patch390:   libxl.pvscsi.patch
 # Xend
 Patch400:   xend-set-migration-constraints-from-cmdline.patch
 Patch402:   xen.migrate.tools-xend_move_assert_to_exception_block.patch
@@ -633,7 +639,13 @@
 %patch28 -p1
 %patch29 -p1
 %patch30 -p1
-%patch92 -p1
+%patch31 -p1
+%patch32 -p1
+%patch33 -p1
+%patch34 -p1
+%patch35 -p1
+%patch36 -p1
+%patch37 -p1
 # Upstream qemu patches
 %patch250 -p1
 %patch251 -p1
@@ -700,6 +712,7 @@
 %patch387 -p1
 %patch388 -p1
 %patch389 -p1
+%patch390 -p1
 # Xend
 %patch400 -p1
 %patch402 -p1

++ 535a34eb-VT-d-suppress-UR-signaling-for-server-chipsets.patch ++
References: bnc#826717 CVE-2013-3495 XSA-59

# Commit 

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2014-05-02 19:21:27

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2014-04-16 07:44:25.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2014-05-02 
19:21:29.0 +0200
@@ -1,0 +2,26 @@
+Sat Apr 26 09:56:36 MDT 2014 - carn...@suse.com
+
+- When the xl command is used, check to see if the domain being
+  modified is managed by libvirt and print warning if it is.
+  xl-check-for-libvirt-managed-domain.patch
+
+---
+Thu Apr 24 08:17:36 MDT 2014 - carn...@suse.com
+
+- Upstream patches from Jan
+  53455585-x86-AMD-feature-masking-is-unavailable-on-Fam11.patch
+  5346a7a0-x86-AMD-support-further-feature-masking-MSRs.patch
+  534bbd90-x86-nested-HAP-don-t-BUG-on-legitimate-error.patch
+  
534bdf47-x86-HAP-also-flush-TLB-when-altering-a-present-1G-or-intermediate-entry.patch
+  53563ea4-x86-MSI-drop-workaround-for-insecure-Dom0-kernels.patch
+  5357baff-x86-add-missing-break-in-dom0_pit_access.patch
+- XSA-92
+  xsa92.patch 
+
+---
+Sat Apr 12 20:48:21 UTC 2014 - mma...@suse.cz
+
+- Add # needssslcertforbuild to use the project's certificate when
+  building in a home project. (bnc#872354)
+
+---

New:

  53455585-x86-AMD-feature-masking-is-unavailable-on-Fam11.patch
  5346a7a0-x86-AMD-support-further-feature-masking-MSRs.patch
  534bbd90-x86-nested-HAP-don-t-BUG-on-legitimate-error.patch
  
534bdf47-x86-HAP-also-flush-TLB-when-altering-a-present-1G-or-intermediate-entry.patch
  53563ea4-x86-MSI-drop-workaround-for-insecure-Dom0-kernels.patch
  5357baff-x86-add-missing-break-in-dom0_pit_access.patch
  xl-check-for-libvirt-managed-domain.patch
  xsa92.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.FnTEMX/_old  2014-05-02 19:21:32.0 +0200
+++ /var/tmp/diff_new_pack.FnTEMX/_new  2014-05-02 19:21:32.0 +0200
@@ -16,6 +16,8 @@
 #
 
 
+# needssslcertforbuild
+
 Name:   xen
 ExclusiveArch:  %ix86 x86_64 %arm aarch64
 %define xvers 4.4
@@ -152,7 +154,7 @@
 %endif
 %endif
 
-Version:4.4.0_14
+Version:4.4.0_16
 Release:0
 PreReq: %insserv_prereq %fillup_prereq
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
@@ -235,6 +237,13 @@
 Patch22:53356c1e-x86-HVM-correct-CPUID-leaf-8008-handling.patch
 Patch23:533ad1ee-VMX-fix-PAT-value-seen-by-guest.patch
 Patch24:533d413b-x86-mm-fix-checks-against-max_mapped_pfn.patch
+Patch25:53455585-x86-AMD-feature-masking-is-unavailable-on-Fam11.patch
+Patch26:5346a7a0-x86-AMD-support-further-feature-masking-MSRs.patch
+Patch27:534bbd90-x86-nested-HAP-don-t-BUG-on-legitimate-error.patch
+Patch28:
534bdf47-x86-HAP-also-flush-TLB-when-altering-a-present-1G-or-intermediate-entry.patch
+Patch29:
53563ea4-x86-MSI-drop-workaround-for-insecure-Dom0-kernels.patch
+Patch30:5357baff-x86-add-missing-break-in-dom0_pit_access.patch
+Patch92:xsa92.patch
 # Upstream qemu
 Patch250:   VNC-Support-for-ExtendedKeyEvent-client-message.patch
 Patch251:   0001-net-move-the-tap-buffer-into-TAPState.patch
@@ -356,6 +365,7 @@
 Patch464:   set-mtu-from-bridge-for-tap-interface.patch
 Patch465:   libxl.add-option-for-discard-support-to-xl-disk-conf.patch
 Patch466:   aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch
+Patch467:   xl-check-for-libvirt-managed-domain.patch
 # Hypervisor and PV driver Patches
 Patch501:   x86-ioapic-ack-default.patch
 Patch502:   x86-cpufreq-report.patch
@@ -617,6 +627,13 @@
 %patch22 -p1
 %patch23 -p1
 %patch24 -p1
+%patch25 -p1
+%patch26 -p1
+%patch27 -p1
+%patch28 -p1
+%patch29 -p1
+%patch30 -p1
+%patch92 -p1
 # Upstream qemu patches
 %patch250 -p1
 %patch251 -p1
@@ -737,6 +754,7 @@
 %patch464 -p1
 %patch465 -p1
 %patch466 -p1
+%patch467 -p1
 # Hypervisor and PV driver Patches
 %patch501 -p1
 %patch502 -p1

++ 53455585-x86-AMD-feature-masking-is-unavailable-on-Fam11.patch ++
# Commit 70e79fad6dc6f533ff83ee23b8d13de5a696d896
# Date 2014-04-09 16:13:25 +0200
# Author Jan Beulich jbeul...@suse.com
# Committer Jan Beulich jbeul...@suse.com
x86/AMD: feature masking is unavailable on Fam11

Reported-by: Aravind Gopalakrishnanaravind.gopalakrish...@amd.com
Signed-off-by: Jan Beulich jbeul...@suse.com
Reviewed-by: Andrew Cooper andrew.coop...@citrix.com

--- 

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2014-02-02 18:46:59

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2014-01-07 17:25:20.0 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2014-02-02 
18:47:01.0 +0100
@@ -1,0 +2,42 @@
+Thu Jan 23 16:11:39 MST 2014 - carn...@suse.com
+
+- Dropped xen-changeset.patch.  It is no longer needed.
+
+---
+Sun Jan 19 00:13:06 CET 2014 - oher...@suse.de
+
+- BuildRequire libfdt1-devel on ARM
+
+---
+Sat Jan 18 00:35:46 CET 2014 - oher...@suse.de
+
+- fate#311487: remove modprobe.conf files for autoloading of
+  pv-on-hvm files.
+  Rely on core kernel to skip initialization of emulated hardware
+  Handle xen_emul_unplug= from xenlinux based core kernel-default
+
+---
+Wed Jan 16 13:11:32 MST 2014 - carn...@suse.com
+
+- Fix the spec file to build for old distros
+  The xm/xend toolstack will continue to be contained in xen-tools
+  for older openSUSE and sles distros but it will be contained in
+  xend-tools for os13.x
+
+---
+Wed Jan 15 19:55:32 CET 2014 - oher...@suse.de
+
+- fate#316071: add discard support for file backed storage (qdisk)
+  to qemu-upstream, enabled unconditionally
+
+---
+Tue Jan 14 12:13:45 MST 2014 - carn...@suse.com
+
+- Update to Xen 4.4.0 RC2 c/s 28287
+
+---
+Tue Jan  9 11:44:11 MST 2014 - carn...@suse.com
+
+- Restore 32bit ix86 support in spec file for kmps and domU tools
+
+---

Old:

  xen-changeset.patch
  xen_pvdrivers.conf

New:

  qemu-xen-upstream-blkif-discard.patch
  xen_pvonhvm.xen_emul_unplug.patch
  xend-config-enable-dump-comment.patch
  xend-tools-watchdog-support.patch
  xend-vif-route-ifup.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.lfjQxN/_old  2014-02-02 18:47:03.0 +0100
+++ /var/tmp/diff_new_pack.lfjQxN/_new  2014-02-02 18:47:03.0 +0100
@@ -15,24 +15,36 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
-
 Name:   xen
-ExclusiveArch:  x86_64 %arm aarch64
+ExclusiveArch:  %ix86 x86_64 %arm aarch64
 %define xvers 4.4
 %define xvermaj 4
-%define changeset 28233
+%define changeset 28287
 %define xen_build_dir xen-4.4.0-testing
 %ifarch %arm aarch64
 %define with_kmp 0
+%define with_xend 0
 %define with_debug 0
 %define with_stubdom 0
-%define with_xend 0
+%define with_dom0_support 1
 %else
+%ifarch x86_64
 %define with_kmp 1
 %define with_debug 1
 %define with_stubdom 1
+%define with_dom0_support 1
 %define with_qemu_traditional 1
+%if %suse_version  1230
+%define with_xend 1
+%else
+%define with_xend 1
+%endif
+%else
 %define with_xend 0
+%define with_stubdom 0
+%define with_dom0_support 0
+%define with_qemu_traditional 0
+%endif
 %endif
 # EFI requires gcc46 or newer
 # its available in 12.1 or = sles11sp2
@@ -47,34 +59,45 @@
 %else
 %define with_systemd 0
 %endif
-%ifnarch %arm aarch64
+%ifarch %arm aarch64
+BuildRequires:  libfdt1-devel
+%endif
+%ifarch %ix86 x86_64
 BuildRequires:  dev86
 %endif
 BuildRequires:  fdupes
 BuildRequires:  glib2-devel
 BuildRequires:  libaio-devel
 BuildRequires:  libbz2-devel
-BuildRequires:  libpixman-1-0-devel
 BuildRequires:  libuuid-devel
 BuildRequires:  libxml2-devel
 BuildRequires:  libyajl-devel
+BuildRequires:  libpixman-1-0-devel
 BuildRequires:  ncurses-devel
 BuildRequires:  openssl-devel
 BuildRequires:  python-devel
+BuildRequires:  transfig
+%if %suse_version = 1030
 BuildRequires:  texinfo
 BuildRequires:  texlive
+%if %suse_version  1220
+BuildRequires:  texlive-latex
 BuildRequires:  texlive-courier
 BuildRequires:  texlive-dvips
 BuildRequires:  texlive-helvetic
-BuildRequires:  texlive-latex
 BuildRequires:  texlive-psnfss
 BuildRequires:  texlive-times
-BuildRequires:  transfig
 BuildRequires:  tex(a4.sty)
 BuildRequires:  tex(a4wide.sty)
 BuildRequires:  tex(fancyhdr.sty)
 BuildRequires:  tex(parskip.sty)
 BuildRequires:  tex(setspace.sty)
+%endif
+%else
+BuildRequires:  te_ams
+BuildRequires:  te_latex
+BuildRequires:  tetex
+%endif
 %if %suse_version = 1230
 BuildRequires:  systemd
 %endif
@@ -84,7 +107,7 @@
 %if %suse_version = 1110
 BuildRequires:  pmtools
 %else
-%ifnarch %arm aarch64

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2013-08-01 16:10:17

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2013-07-04 09:14:04.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2013-08-01 
16:10:24.0 +0200
@@ -1,0 +2,45 @@
+Wed Jul 31 11:34:14 MDT 2013 - carn...@suse.com
+
+- Spec file cleanups
+  xen.spec 
+- Renamed xend-sysconfig.patch to xencommons-sysconfig.patch
+
+---
+Mon Jul 29 16:46:33 MDT 2013 - carn...@suse.com
+
+- Added support for systemd with the following service files
+  xenstored.service
+  blktapctrl.service
+  xend.service
+  xenconsoled.service
+  xen-watchdog.service
+  xendomains.service
+  xencommons.service
+
+---
+Fri Jul 12 11:05:11 MDT 2013 - carn...@suse.com
+
+- Upstream patches from Jan
+  51d277a3-x86-don-t-pass-negative-time-to-gtime_to_gtsc-try-2.patch
+  51d27807-iommu-amd-Fix-logic-for-clearing-the-IOMMU-interrupt-bits.patch
+  51d27841-iommu-amd-Workaround-for-erratum-787.patch
+  51daa074-Revert-hvmloader-always-include-HPET-table.patch 
+
+---
+Fri Jul 12 09:31:01 MDT 2013 - carn...@suse.com
+
+- Dropped deprecated or unnecessary patches
+  pvdrv-import-shared-info.patch 
+  minios-fixups.patch
+
+---
+Tue Jul  9 13:06:27 MDT 2013 - carn...@suse.com
+
+- Update to Xen 4.3.0 FCS 
+
+---
+Fri Jul  5 14:31:51 UTC 2013 - ag...@suse.com
+
+- Enable ARM targets for Xen
+
+---

Old:

  minios-fixups.patch
  pvdrv-import-shared-info.patch
  xend-sysconfig.patch

New:

  51d277a3-x86-don-t-pass-negative-time-to-gtime_to_gtsc-try-2.patch
  51d27807-iommu-amd-Fix-logic-for-clearing-the-IOMMU-interrupt-bits.patch
  51d27841-iommu-amd-Workaround-for-erratum-787.patch
  51daa074-Revert-hvmloader-always-include-HPET-table.patch
  blktapctrl.service
  xen-watchdog.service
  xencommons-sysconfig.patch
  xencommons.service
  xenconsoled.service
  xend.service
  xendomains.service
  xenstored.service



Other differences:
--
++ xen.spec ++
 940 lines (skipped)
 between /work/SRC/openSUSE:Factory/xen/xen.spec
 and /work/SRC/openSUSE:Factory/.xen.new/xen.spec

++ 51d277a3-x86-don-t-pass-negative-time-to-gtime_to_gtsc-try-2.patch ++
# Commit 5ad914bc867c5a6a4957869c89918f4e1f9dd9c4
# Date 2013-07-02 08:48:03 +0200
# Author Jan Beulich jbeul...@suse.com
# Committer Jan Beulich jbeul...@suse.com
x86: don't pass negative time to gtime_to_gtsc() (try 2)

This mostly reverts commit eb60be3d (x86: don't pass negative time to
gtime_to_gtsc()) and instead corrects __update_vcpu_system_time()'s
handling of this_cpu(cpu_time).stime_local_stamp dating back before the
start of a HVM guest (which would otherwise lead to a negative value
getting passed to gtime_to_gtsc(), causing scale_delta() to produce
meaningless output).

Flushing the value to zero was wrong, and printing a message for
something that can validly happen wasn't very useful either.

Signed-off-by: Jan Beulich jbeul...@suse.com
Acked-by: Keir Fraser k...@xen.org

--- a/xen/arch/x86/time.c
+++ b/xen/arch/x86/time.c
@@ -823,16 +823,13 @@ static void __update_vcpu_system_time(st
 struct pl_time *pl = v-domain-arch.hvm_domain.pl_time;
 
 stime += pl-stime_offset + v-arch.hvm_vcpu.stime_offset;
-if ( (s64)stime  0 )
-{
-printk(XENLOG_G_WARNING d%dv%d: bogus time % PRId64
-(offsets % PRId64 /% PRId64 )\n,
-   d-domain_id, v-vcpu_id, stime,
-  pl-stime_offset, v-arch.hvm_vcpu.stime_offset);
-stime = 0;
-}
+if ( stime = 0 )
+tsc_stamp = gtime_to_gtsc(d, stime);
+else
+tsc_stamp = -gtime_to_gtsc(d, -stime);
 }
-tsc_stamp = gtime_to_gtsc(d, stime);
+else
+tsc_stamp = gtime_to_gtsc(d, stime);
 }
 else
 {
++ 51d27807-iommu-amd-Fix-logic-for-clearing-the-IOMMU-interrupt-bits.patch 
++
# Commit 2823a0c7dfc979db316787e1dd42a8845e5825c0
# Date 2013-07-02 08:49:43 +0200
# Author Suravee Suthikulpanit suravee.suthikulpa...@amd.com
# Committer Jan Beulich jbeul...@suse.com
iommu/amd: Fix logic for clearing the IOMMU interrupt 

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2013-07-04 09:14:03

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2013-06-20 17:06:25.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2013-07-04 
09:14:04.0 +0200
@@ -1,0 +2,15 @@
+Thu Jun 27 16:57:08 MDT 2013 - carn...@suse.com
+
+- Update to Xen 4.3.0-rc6 
+
+---
+Wed Jun 19 14:34:20 MDT 2013 - carn...@suse.com
+
+- Update to Xen 4.3.0-rc5 
+
+---
+Wed Jun 14 11:06:23 MDT 2013 - carn...@suse.com
+
+- Update to Xen 4.3.0-rc4
+
+---



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.Z362Hq/_old  2013-07-04 09:14:07.0 +0200
+++ /var/tmp/diff_new_pack.Z362Hq/_new  2013-07-04 09:14:07.0 +0200
@@ -20,7 +20,7 @@
 ExclusiveArch:  %ix86 x86_64
 %define xvers 4.3
 %define xvermaj 4
-%define changeset 27093
+%define changeset 27190
 %define xen_build_dir xen-4.3.0-testing
 %define with_kmp 1
 %define with_stubdom 1
@@ -120,7 +120,7 @@
 BuildRequires:  lndir
 %endif
 %endif
-Version:4.3.0_03
+Version:4.3.0_06
 Release:0
 PreReq: %insserv_prereq %fillup_prereq
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
@@ -887,6 +887,7 @@
 rm -rf $RPM_BUILD_ROOT/%{_libdir}/xen
 rm -rf $RPM_BUILD_ROOT/%{_libdir}/python*
 rm -rf $RPM_BUILD_ROOT/usr/sbin
+rm -f  $RPM_BUILD_ROOT/usr/bin/xencov_split
 rm -rf $RPM_BUILD_ROOT/etc/bash_completion.d
 rm -rf $RPM_BUILD_ROOT/etc/init.d
 rm -rf $RPM_BUILD_ROOT/etc/logrotate.d
@@ -945,6 +946,7 @@
 /usr/bin/pygrub
 /usr/bin/tapdisk-ioemu
 /usr/bin/remus
+/usr/bin/xencov_split
 /usr/sbin/blktapctrl
 /usr/sbin/flask-*
 /usr/sbin/tap*

++ blktap-pv-cdrom.patch ++
--- /var/tmp/diff_new_pack.Z362Hq/_old  2013-07-04 09:14:07.0 +0200
+++ /var/tmp/diff_new_pack.Z362Hq/_new  2013-07-04 09:14:07.0 +0200
@@ -696,7 +696,7 @@
 ===
 --- xen-4.3.0-testing.orig/xen/include/public/io/blkif.h
 +++ xen-4.3.0-testing/xen/include/public/io/blkif.h
-@@ -439,7 +439,7 @@
+@@ -444,7 +444,7 @@
   * Used in SLES sources for device specific command packet
   * contained within the request. Reserved for that purpose.
   */

++ disable-wget-check.patch ++
--- /var/tmp/diff_new_pack.Z362Hq/_old  2013-07-04 09:14:07.0 +0200
+++ /var/tmp/diff_new_pack.Z362Hq/_new  2013-07-04 09:14:07.0 +0200
@@ -219,32 +219,17 @@
 ===
 --- xen-4.3.0-testing.orig/stubdom/configure
 +++ xen-4.3.0-testing/stubdom/configure
-@@ -593,7 +593,6 @@ CPPFLAGS
- LDFLAGS
+@@ -594,8 +594,6 @@ LDFLAGS
  CFLAGS
  CC
+ FETCHER
+-FTP
 -WGET
  CMAKE
  extfiles
  debug
-@@ -657,7 +656,6 @@ enable_extfiles
- host_alias
- target_alias
- CMAKE
--WGET
- CC
- CFLAGS
- LDFLAGS
-@@ -1299,7 +1297,6 @@ Optional Features:
+@@ -2165,104 +2163,104 @@ extfiles=$ax_cv_extfiles
  
- Some influential environment variables:
-   CMAKE   Path to the cmake program
--  WGETPath to wget program
-   CC  C compiler command
-   CFLAGS  C compiler flags
-   LDFLAGS linker flags, e.g. -Llib dir if you have libraries in a
-@@ -3079,50 +3076,50 @@ test -z $INSTALL_SCRIPT  INSTALL_SCR
- test -z $INSTALL_DATA  INSTALL_DATA='${INSTALL} -m 644'
  
  # Extract the first word of wget, so it can be a program name with args.
 -set dummy wget; ac_word=$2
@@ -287,9 +272,63 @@
 -fi
 -
 -
--if test x${WGET} = xno
--then
--as_fn_error $? Unable to find wget, please install wget $LINENO 5
+-if test x$WGET != xno; then :
+-
+-FETCHER=$WGET -c -O
+-
+-else
+-
+-# Extract the first word of ftp, so it can be a program name with args.
+-set dummy ftp; ac_word=$2
+-{ $as_echo $as_me:${as_lineno-$LINENO}: checking for $ac_word 5
+-$as_echo_n checking for $ac_word...  6; }
+-if test ${ac_cv_path_FTP+set} = set; then :
+-  $as_echo_n (cached)  6
+-else
+-  case $FTP in
+-  [\\/]* | ?:[\\/]*)
+-  ac_cv_path_FTP=$FTP # Let the user override the test with a path.
+-  ;;
+-  *)
+-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+-for as_dir in $PATH
+-do
+-  IFS=$as_save_IFS
+-  test -z $as_dir  as_dir=.
+-for ac_exec_ext in '' $ac_executable_extensions; do
+-  if { test -f $as_dir/$ac_word$ac_exec_ext  $as_test_x 
$as_dir/$ac_word$ac_exec_ext; }; then
+-ac_cv_path_FTP=$as_dir/$ac_word$ac_exec_ext
+-$as_echo 

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2013-06-20 15:01:13

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2013-06-11 09:38:35.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2013-06-20 
17:06:25.0 +0200
@@ -1,0 +2,6 @@
+Mon Jun 10 18:36:38 MDT 2013 - carn...@suse.com
+
+- Fix xen-utils compiler time warnings 
+  xen-utils-0.1.tar.bz2
+
+---



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.2FRRVk/_old  2013-06-20 17:06:27.0 +0200
+++ /var/tmp/diff_new_pack.2FRRVk/_new  2013-06-20 17:06:27.0 +0200
@@ -15,6 +15,7 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
+
 Name:   xen
 ExclusiveArch:  %ix86 x86_64
 %define xvers 4.3
@@ -153,8 +154,8 @@
 Source27:   xen_pvdrivers.conf
 Source28:   kmp_filelist
 %endif
-# Xen API remote authentication sources
 Source29:   block-dmmd
+# Xen API remote authentication sources
 Source30:   etc_pam.d_xen-api
 Source31:   xenapiusers
 # sysconfig hook script for Xen
@@ -576,8 +577,7 @@
 %endif
 
 %prep
-%setup -q -n %xen_build_dir -a 1 -a 2 -a 3 -a 4 -a 5 -a 2
-tar xfj %{SOURCE6} -C $RPM_BUILD_DIR/%{xen_build_dir}/tools
+%setup -q -n %xen_build_dir -a 1 -a 2 -a 3 -a 4 -a 5 -a 6 -a 2
 # Upstream patches
 # Qemu
 # Our patches
@@ -762,8 +762,6 @@
 export EXTRA_CFLAGS_QEMU_TRADITIONAL=$RPM_OPT_FLAGS
 export EXTRA_CFLAGS_QEMU_XEN=$RPM_OPT_FLAGS
 %endif
-# Qemu
-#make -C tools/qemu-xen-dir-remote install
 # Docs
 make -C docs install \
 DESTDIR=$RPM_BUILD_ROOT MANDIR=%{_mandir} \
@@ -838,7 +836,8 @@
 rm -f  $RPM_BUILD_ROOT/%{_datadir}/doc/qemu/qemu-*
 rm -f  $RPM_BUILD_ROOT/%{_datadir}/doc/packages/xen/html/hypercall/.deps
 rm -rf $RPM_BUILD_ROOT/%{_defaultdocdir}/xen/ps
-rm -rf $RPM_BUILD_ROOT/usr/share/xen/man/man1/qemu/qemu*
+rm -rf $RPM_BUILD_ROOT/usr/share/xen/man/man1/qemu*
+rm -rf $RPM_BUILD_ROOT/usr/share/xen/man/man8/qemu*
 rm -f  $RPM_BUILD_ROOT/usr/share/xen/qemu/openbios-ppc
 rm -f  $RPM_BUILD_ROOT/usr/share/qemu-xen/openbios-ppc
 rm -f  $RPM_BUILD_ROOT/usr/share/qemu-xen/qemu/openbios-ppc
@@ -947,37 +946,67 @@
 /usr/bin/tapdisk-ioemu
 /usr/bin/remus
 /usr/sbin/blktapctrl
-/usr/sbin/flask-loadpolicy
-/usr/sbin/flask-getenforce
-/usr/sbin/flask-setenforce
-/usr/sbin/flask-get-bool
-/usr/sbin/flask-label-pci
-/usr/sbin/flask-set-bool
+/usr/sbin/flask-*
+/usr/sbin/tap*
 /usr/sbin/rcpciback
-/usr/sbin/tapdisk
-/usr/sbin/xen*
+/usr/sbin/xenbaked
+/usr/sbin/xenconsoled
+/usr/sbin/xencov
+/usr/sbin/xen-destroy
+/usr/sbin/xen-hptool
+/usr/sbin/xen-hvmcrash
+/usr/sbin/xen-hvmctx
+/usr/sbin/xen-list
+/usr/sbin/xenlockprof
+/usr/sbin/xen-lowmemd
+/usr/sbin/xenmon.py
+/usr/sbin/xenperf
+/usr/sbin/xenpm
+/usr/sbin/xenpmd
+/usr/sbin/xen-ringwatch
+/usr/sbin/xenstored
+/usr/sbin/xen-tmem-list-parse
+/usr/sbin/xentop
+/usr/sbin/xentrace_setmask
+/usr/sbin/xen-vmresync
+/usr/sbin/xenwatchdogd
 /usr/sbin/xsview
 /usr/sbin/gtracestat
 /usr/sbin/gtraceview
 /usr/sbin/lock-util
-/usr/sbin/tapdisk-client
-/usr/sbin/tapdisk-diff
-/usr/sbin/tapdisk-stream
-/usr/sbin/tapdisk2
 /usr/sbin/td-util
 /usr/sbin/vhd-update
 /usr/sbin/vhd-util
 /usr/sbin/gdbsx
 /usr/sbin/xl
 /usr/sbin/kdd
-/usr/sbin/tap-ctl
+%dir %attr(700,root,root) /etc/xen
+%dir /etc/xen/scripts
+/etc/xen/scripts/blktap
+/etc/xen/scripts/block*
+/etc/xen/scripts/domain-lock*
+/etc/xen/scripts/external-device-migrate
+/etc/xen/scripts/hotplugpath.sh
+/etc/xen/scripts/locking.sh
+/etc/xen/scripts/logging.sh
+/etc/xen/scripts/network-*
+/etc/xen/scripts/qemu-ifup
+/etc/xen/scripts/set-lock
+/etc/xen/scripts/vif2
+/etc/xen/scripts/vif-*
+/etc/xen/scripts/vm-monitor
+/etc/xen/scripts/vscsi
+/etc/xen/scripts/xen-hotplug-*
+/etc/xen/scripts/xen-network-common.sh
+/etc/xen/scripts/xen-script-common.sh
+/etc/xen/scripts/xmclone.sh
 %{_libdir}/xen
 %ifarch x86_64
 /usr/lib/xen
 %endif
-%{_mandir}/man1/*.1.gz
-%{_mandir}/man8/*.8.gz
-/var/adm/fillup-templates/*
+%dir /var/adm/fillup-templates
+/var/adm/fillup-templates/sysconfig.pciback
+/var/adm/fillup-templates/sysconfig.xencommons
 %dir /var/lib/xen
 %dir %attr(700,root,root) /var/lib/xen/images
 %dir %attr(700,root,root) /var/lib/xen/save
@@ -986,13 +1015,10 @@
 %dir /var/lib/xenstored
 %dir /var/log/xen
 %dir /var/log/xen/console
-%config /etc/init.d/*
 %config /etc/logrotate.d/xen
-%dir %attr(700,root,root) /etc/xen
 /etc/xen/auto
 %config /etc/xen/examples
 /etc/xen/images
-/etc/xen/scripts
 %config /etc/xen/cpupool
 /etc/xen/README*
 %config /etc/xen/vm
@@ 

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2013-06-11 06:40:23

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2013-06-07 10:19:59.0 
+0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2013-06-11 
09:38:35.0 +0200
@@ -1,0 +2,6 @@
+Fri Jun  7 08:45:56 MDT 2013 - carn...@suse.com
+
+- Enable building the KMPs 
+  xen.spec
+
+---



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.yV6Ni5/_old  2013-06-11 09:38:37.0 +0200
+++ /var/tmp/diff_new_pack.yV6Ni5/_new  2013-06-11 09:38:37.0 +0200
@@ -21,7 +21,7 @@
 %define xvermaj 4
 %define changeset 27093
 %define xen_build_dir xen-4.3.0-testing
-%define with_kmp 0
+%define with_kmp 1
 %define with_stubdom 1
 # EFI requires gcc46 or newer
 # its available in 12.1 or = sles11sp2


-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit xen for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package xen for openSUSE:Factory checked in 
at 2013-02-05 11:22:17

Comparing /work/SRC/openSUSE:Factory/xen (Old)
 and  /work/SRC/openSUSE:Factory/.xen.new (New)


Package is xen, Maintainer is carn...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/xen/xen.changes  2013-01-24 10:42:19.0 
+0100
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2013-02-05 
11:22:19.0 +0100
@@ -1,0 +2,15 @@
+Fri Jan 25 14:57:30 MST 2013 - jfeh...@suse.com
+
+- bnc#798188 - Add $network to xend initscript dependencies
+
+---
+Thu Jan 24 15:57:12 MST 2013 - jfeh...@suse.com
+
+- Add upstream patches to fix libxl bugs.  These patches have
+  already been posted for inclusion in xen-4.2-testing.
+  25912-partial-libxl.patch
+  26372-tools-paths.patch
+  26468-libxl-race.patch
+  26469-libxl-race.patch
+
+---
@@ -21 +36 @@
-Wed Jan 16 11:26:29 MST 2013
+Wed Jan 16 11:26:29 MST 2013 - carn...@novell.com

New:

  25912-partial-libxl.patch
  26372-tools-paths.patch
  26468-libxl-race.patch
  26469-libxl-race.patch



Other differences:
--
++ xen.spec ++
--- /var/tmp/diff_new_pack.MxlOd7/_old  2013-02-05 11:22:24.0 +0100
+++ /var/tmp/diff_new_pack.MxlOd7/_new  2013-02-05 11:22:24.0 +0100
@@ -15,7 +15,6 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
-
 Name:   xen
 ExclusiveArch:  %ix86 x86_64
 %define xvers 4.2
@@ -115,7 +114,7 @@
 BuildRequires:  module-init-tools
 BuildRequires:  xorg-x11
 %endif
-Version:4.2.1_03
+Version:4.2.1_04
 Release:0
 PreReq: %insserv_prereq %fillup_prereq
 Summary:Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
@@ -173,6 +172,7 @@
 Patch25867: 25867-sercon-ns16550-parse.patch
 Patch25874: 25874-x86-EFI-chain-cfg.patch
 Patch25909: 25909-xenpm-consistent.patch
+Patch25912: 25912-partial-libxl.patch
 Patch25920: 25920-x86-APICV-enable.patch
 Patch25921: 25921-x86-APICV-delivery.patch
 Patch25922: 25922-x86-APICV-x2APIC.patch
@@ -222,6 +222,9 @@
 Patch26342: 26342-hvm-firmware-passthrough.patch
 Patch26343: 26343-hvm-firmware-passthrough.patch
 Patch26344: 26344-hvm-firmware-passthrough.patch
+Patch26372: 26372-tools-paths.patch
+Patch26468: 26468-libxl-race.patch
+Patch26469: 26469-libxl-race.patch
 Patch33:CVE-2012-5634-xsa33.patch
 Patch34:CVE-2013-0151-xsa34.patch
 Patch35:CVE-2013-0152-xsa35.patch
@@ -689,6 +692,7 @@
 %patch25867 -p1
 %patch25874 -p1
 %patch25909 -p1
+%patch25912 -p1
 %patch25920 -p1
 %patch25921 -p1
 %patch25922 -p1
@@ -738,6 +742,9 @@
 %patch26342 -p1
 %patch26343 -p1
 %patch26344 -p1
+%patch26372 -p1
+%patch26468 -p1
+%patch26469 -p1
 %patch33 -p1
 %patch34 -p1
 %patch35 -p1

++ 25912-partial-libxl.patch ++
No functional change.

The purpose is to make it easier to backport patches from Xen 4.3's
libxl, as Xen 4.3's libxl has had this done:

libxl: Enable -Wshadow.

It was convenient to invent $(CFLAGS_LIBXL) to do this.

Various renamings to avoid shadowing standard functions:
  - index(3)
  - listen(2)
  - link(2)
  - abort(3)
  - abs(3)

Signed-off-by: Ian Campbell ian.campb...@citrix.com

In this patch we do not change the others, and we do not enable
-Wshadow.  We're just trying to bring 4.2's libxl textually closer to
4.3's.

Signed-off-by: Ian Jackson ian.jack...@eu.citrix.com
---
 tools/libxl/libxl_event.c |   34 +-
 1 files changed, 17 insertions(+), 17 deletions(-)

Index: xen-4.2.1-testing/tools/libxl/libxl_event.c
===
--- xen-4.2.1-testing.orig/tools/libxl/libxl_event.c
+++ xen-4.2.1-testing/tools/libxl/libxl_event.c
@@ -167,15 +167,15 @@ static void time_insert_finite(libxl__gc
 }
 
 static int time_register_finite(libxl__gc *gc, libxl__ev_time *ev,
-struct timeval abs)
+struct timeval absolute)
 {
 int rc;
 
-rc = OSEVENT_HOOK(timeout_register, ev-for_app_reg, abs, ev);
+rc = OSEVENT_HOOK(timeout_register, ev-for_app_reg, absolute, ev);
 if (rc) return rc;
 
 ev-infinite = 0;
-ev-abs = abs;
+ev-abs = absolute;
 time_insert_finite(gc, ev);
 
 return 0;
@@ -202,16 +202,16 @@ static void time_done_debug(libxl__gc *g
 
 int libxl__ev_time_register_abs(libxl__gc *gc, libxl__ev_time *ev,
 libxl__ev_time_callback *func,
-struct timeval abs)
+