svn commit: r401564 - in head: emulators/xen emulators/xen-kernel emulators/xen-kernel/files sysutils/xen-tools sysutils/xen-tools/files
Roger Pau Monné
royger at FreeBSD.org
Sat Nov 14 09:27:33 UTC 2015
Author: royger (src committer)
Date: Sat Nov 14 09:27:31 2015
New Revision: 401564
URL: https://svnweb.freebsd.org/changeset/ports/401564
Log:
xen: update to 4.5.2
...and add XSA-156.
Sponsored by: Citrix Systems R&D
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D4150
Added:
head/emulators/xen-kernel/files/xsa156-4.5.patch (contents, props changed)
Deleted:
head/emulators/xen-kernel/files/0008-xen-arm-mm-Do-not-dump-the-p2m-when-mapping-a-foreig.patch
head/emulators/xen-kernel/files/xsa148-4.5.patch
head/emulators/xen-kernel/files/xsa149.patch
head/emulators/xen-kernel/files/xsa150.patch
head/emulators/xen-kernel/files/xsa151.patch
head/emulators/xen-kernel/files/xsa152-4.5.patch
head/sysutils/xen-tools/files/xsa137.patch
head/sysutils/xen-tools/files/xsa138-qemuu-1.patch
head/sysutils/xen-tools/files/xsa138-qemuu-2.patch
head/sysutils/xen-tools/files/xsa138-qemuu-3.patch
head/sysutils/xen-tools/files/xsa139-qemuu-4.5.patch
head/sysutils/xen-tools/files/xsa140-qemuu-unstable-1.patch
head/sysutils/xen-tools/files/xsa140-qemuu-unstable-2.patch
head/sysutils/xen-tools/files/xsa140-qemuu-unstable-3.patch
head/sysutils/xen-tools/files/xsa140-qemuu-unstable-4.patch
head/sysutils/xen-tools/files/xsa140-qemuu-unstable-5.patch
head/sysutils/xen-tools/files/xsa140-qemuu-unstable-6.patch
head/sysutils/xen-tools/files/xsa140-qemuu-unstable-7.patch
head/sysutils/xen-tools/files/xsa142-4.5.patch
head/sysutils/xen-tools/files/xsa153-libxl.patch
Modified:
head/emulators/xen-kernel/Makefile
head/emulators/xen-kernel/distinfo
head/emulators/xen/Makefile
head/sysutils/xen-tools/Makefile
head/sysutils/xen-tools/distinfo
Modified: head/emulators/xen-kernel/Makefile
==============================================================================
--- head/emulators/xen-kernel/Makefile Sat Nov 14 03:56:01 2015 (r401563)
+++ head/emulators/xen-kernel/Makefile Sat Nov 14 09:27:31 2015 (r401564)
@@ -2,12 +2,11 @@
PORTNAME= xen
PKGNAMESUFFIX= -kernel
-PORTVERSION= 4.5.1
-PORTREVISION= 1
+PORTVERSION= 4.5.2
CATEGORIES= emulators
MASTER_SITES= http://bits.xensource.com/oss-xen/release/${PORTVERSION}/
-MAINTAINER= ports at FreeBSD.org
+MAINTAINER= royger at FreeBSD.org
COMMENT= Hypervisor using a microkernel design
LICENSE= GPLv2
@@ -31,12 +30,7 @@ EXTRA_PATCHES= ${FILESDIR}/0001-introduc
${FILESDIR}/0005-x86-rework-paging_log_dirty_op-to-work-with-hvm-gues.patch:-p2 \
${FILESDIR}/0006-xen-pvh-enable-mmu_update-hypercall.patch:-p2 \
${FILESDIR}/0007-iommu-fix-usage-of-shared-EPT-IOMMU-page-tables-on-P.patch:-p2 \
- ${FILESDIR}/0008-xen-arm-mm-Do-not-dump-the-p2m-when-mapping-a-foreig.patch:-p2 \
- ${FILESDIR}/xsa148-4.5.patch:-p2 \
- ${FILESDIR}/xsa149.patch:-p2 \
- ${FILESDIR}/xsa150.patch:-p2 \
- ${FILESDIR}/xsa151.patch:-p2 \
- ${FILESDIR}/xsa152-4.5.patch:-p2
+ ${FILESDIR}/xsa156-4.5.patch:-p2
.include <bsd.port.options.mk>
Modified: head/emulators/xen-kernel/distinfo
==============================================================================
--- head/emulators/xen-kernel/distinfo Sat Nov 14 03:56:01 2015 (r401563)
+++ head/emulators/xen-kernel/distinfo Sat Nov 14 09:27:31 2015 (r401564)
@@ -1,2 +1,2 @@
-SHA256 (xen-4.5.1.tar.gz) = 668c11d4fca67ac44329e369f810356eacd37b28d28fb96e66aac77f3c5e1371
-SIZE (xen-4.5.1.tar.gz) = 18410400
+SHA256 (xen-4.5.2.tar.gz) = 4c9e5dac4eea484974e9f76da2756c8e0973b4e884d28d37e955df9ebf00e7e8
+SIZE (xen-4.5.2.tar.gz) = 18416220
Added: head/emulators/xen-kernel/files/xsa156-4.5.patch
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/emulators/xen-kernel/files/xsa156-4.5.patch Sat Nov 14 09:27:31 2015 (r401564)
@@ -0,0 +1,127 @@
+x86/HVM: always intercept #AC and #DB
+
+Both being benign exceptions, and both being possible to get triggered
+by exception delivery, this is required to prevent a guest from locking
+up a CPU (resulting from no other VM exits occurring once getting into
+such a loop).
+
+The specific scenarios:
+
+1) #AC may be raised during exception delivery if the handler is set to
+be a ring-3 one by a 32-bit guest, and the stack is misaligned.
+
+2) #DB may be raised during exception delivery when a breakpoint got
+placed on a data structure involved in delivering the exception. This
+can result in an endless loop when a 64-bit guest uses a non-zero IST
+for the vector 1 IDT entry, but even without use of IST the time it
+takes until a contributory fault would get raised (results depending
+on the handler) may be quite long.
+
+This is XSA-156.
+
+Reported-by: Benjamin Serebrin <serebrin at google.com>
+Signed-off-by: Jan Beulich <jbeulich at suse.com>
+Reviewed-by: Andrew Cooper <andrew.cooper3 at citrix.com>
+Tested-by: Andrew Cooper <andrew.cooper3 at citrix.com>
+
+--- a/xen/arch/x86/hvm/svm/svm.c
++++ b/xen/arch/x86/hvm/svm/svm.c
+@@ -1045,10 +1045,11 @@ static void noreturn svm_do_resume(struc
+ unlikely(v->arch.hvm_vcpu.debug_state_latch != debug_state) )
+ {
+ uint32_t intercepts = vmcb_get_exception_intercepts(vmcb);
+- uint32_t mask = (1U << TRAP_debug) | (1U << TRAP_int3);
++
+ v->arch.hvm_vcpu.debug_state_latch = debug_state;
+ vmcb_set_exception_intercepts(
+- vmcb, debug_state ? (intercepts | mask) : (intercepts & ~mask));
++ vmcb, debug_state ? (intercepts | (1U << TRAP_int3))
++ : (intercepts & ~(1U << TRAP_int3)));
+ }
+
+ if ( v->arch.hvm_svm.launch_core != smp_processor_id() )
+@@ -2435,8 +2436,9 @@ void svm_vmexit_handler(struct cpu_user_
+
+ case VMEXIT_EXCEPTION_DB:
+ if ( !v->domain->debugger_attached )
+- goto unexpected_exit_type;
+- domain_pause_for_debugger();
++ hvm_inject_hw_exception(TRAP_debug, HVM_DELIVER_NO_ERROR_CODE);
++ else
++ domain_pause_for_debugger();
+ break;
+
+ case VMEXIT_EXCEPTION_BP:
+@@ -2484,6 +2486,11 @@ void svm_vmexit_handler(struct cpu_user_
+ break;
+ }
+
++ case VMEXIT_EXCEPTION_AC:
++ HVMTRACE_1D(TRAP, TRAP_alignment_check);
++ hvm_inject_hw_exception(TRAP_alignment_check, vmcb->exitinfo1);
++ break;
++
+ case VMEXIT_EXCEPTION_UD:
+ svm_vmexit_ud_intercept(regs);
+ break;
+--- a/xen/arch/x86/hvm/vmx/vmx.c
++++ b/xen/arch/x86/hvm/vmx/vmx.c
+@@ -1186,16 +1186,10 @@ static void vmx_update_host_cr3(struct v
+
+ void vmx_update_debug_state(struct vcpu *v)
+ {
+- unsigned long mask;
+-
+- mask = 1u << TRAP_int3;
+- if ( !cpu_has_monitor_trap_flag )
+- mask |= 1u << TRAP_debug;
+-
+ if ( v->arch.hvm_vcpu.debug_state_latch )
+- v->arch.hvm_vmx.exception_bitmap |= mask;
++ v->arch.hvm_vmx.exception_bitmap |= 1U << TRAP_int3;
+ else
+- v->arch.hvm_vmx.exception_bitmap &= ~mask;
++ v->arch.hvm_vmx.exception_bitmap &= ~(1U << TRAP_int3);
+
+ vmx_vmcs_enter(v);
+ vmx_update_exception_bitmap(v);
+@@ -2801,9 +2795,10 @@ void vmx_vmexit_handler(struct cpu_user_
+ __vmread(EXIT_QUALIFICATION, &exit_qualification);
+ HVMTRACE_1D(TRAP_DEBUG, exit_qualification);
+ write_debugreg(6, exit_qualification | 0xffff0ff0);
+- if ( !v->domain->debugger_attached || cpu_has_monitor_trap_flag )
+- goto exit_and_crash;
+- domain_pause_for_debugger();
++ if ( !v->domain->debugger_attached )
++ hvm_inject_hw_exception(vector, HVM_DELIVER_NO_ERROR_CODE);
++ else
++ domain_pause_for_debugger();
+ break;
+ case TRAP_int3:
+ {
+@@ -2868,6 +2863,11 @@ void vmx_vmexit_handler(struct cpu_user_
+
+ hvm_inject_page_fault(regs->error_code, exit_qualification);
+ break;
++ case TRAP_alignment_check:
++ HVMTRACE_1D(TRAP, vector);
++ __vmread(VM_EXIT_INTR_ERROR_CODE, &ecode);
++ hvm_inject_hw_exception(vector, ecode);
++ break;
+ case TRAP_nmi:
+ if ( (intr_info & INTR_INFO_INTR_TYPE_MASK) !=
+ (X86_EVENTTYPE_NMI << 8) )
+--- a/xen/include/asm-x86/hvm/hvm.h
++++ b/xen/include/asm-x86/hvm/hvm.h
+@@ -378,7 +378,10 @@ static inline int hvm_event_pending(stru
+ (X86_CR4_VMXE | X86_CR4_PAE | X86_CR4_MCE))
+
+ /* These exceptions must always be intercepted. */
+-#define HVM_TRAP_MASK ((1U << TRAP_machine_check) | (1U << TRAP_invalid_op))
++#define HVM_TRAP_MASK ((1U << TRAP_debug) | \
++ (1U << TRAP_invalid_op) | \
++ (1U << TRAP_alignment_check) | \
++ (1U << TRAP_machine_check))
+
+ /*
+ * x86 event types. This enumeration is valid for:
Modified: head/emulators/xen/Makefile
==============================================================================
--- head/emulators/xen/Makefile Sat Nov 14 03:56:01 2015 (r401563)
+++ head/emulators/xen/Makefile Sat Nov 14 09:27:31 2015 (r401564)
@@ -1,11 +1,10 @@
# $FreeBSD$
PORTNAME= xen
-PORTVERSION= 4.5.1
-PORTREVISION= 1
+PORTVERSION= 4.5.2
CATEGORIES= emulators
-MAINTAINER= ports at FreeBSD.org
+MAINTAINER= royger at FreeBSD.org
COMMENT= Xen Hyvervisor meta port
LICENSE= GPLv2
Modified: head/sysutils/xen-tools/Makefile
==============================================================================
--- head/sysutils/xen-tools/Makefile Sat Nov 14 03:56:01 2015 (r401563)
+++ head/sysutils/xen-tools/Makefile Sat Nov 14 09:27:31 2015 (r401564)
@@ -1,14 +1,13 @@
# $FreeBSD$
PORTNAME= xen
-PORTVERSION= 4.5.1
-PORTREVISION= 2
+PORTVERSION= 4.5.2
CATEGORIES= sysutils emulators
MASTER_SITES= http://bits.xensource.com/oss-xen/release/${PORTVERSION}/ \
http://code.coreboot.org/p/seabios/downloads/get/:seabios
PKGNAMESUFFIX= -tools
-MAINTAINER= ports at FreeBSD.org
+MAINTAINER= royger at FreeBSD.org
COMMENT= Xen management tool, based on LibXenlight
LICENSE= GPLv2 LGPL3
@@ -48,10 +47,7 @@ QEMU_ARGS= --disable-gtk \
--disable-curl \
--cxx=c++
-EXTRA_PATCHES= ${FILESDIR}/xsa137.patch:-p1 \
- ${FILESDIR}/xsa142-4.5.patch:-p1 \
- ${FILESDIR}/xsa153-libxl.patch:-p1 \
- ${FILESDIR}/0002-libxc-fix-xc_dom_load_elf_symtab.patch:-p1
+EXTRA_PATCHES= ${FILESDIR}/0002-libxc-fix-xc_dom_load_elf_symtab.patch:-p1
CONFIGURE_ARGS+= --with-extra-qemuu-configure-args="${QEMU_ARGS}"
SHEBANG_FILES= tools/misc/xencov_split \
@@ -78,10 +74,6 @@ post-patch:
${WRKSRC}/tools/libxl/libxl_dm.c \
${WRKSRC}/tools/qemu-xen-traditional/i386-dm/helper2.c \
${WRKSRC}/docs/man/*
- @for p in ${FILESDIR}/*qemuu*.patch; do \
- ${ECHO_CMD} "====> Applying $${p##*/}" ; \
- ${PATCH} -s -p1 -i $${p} -d ${WRKSRC}/tools/qemu-xen ; \
- done
post-install:
${MKDIR} ${STAGEDIR}/var/run/xen
Modified: head/sysutils/xen-tools/distinfo
==============================================================================
--- head/sysutils/xen-tools/distinfo Sat Nov 14 03:56:01 2015 (r401563)
+++ head/sysutils/xen-tools/distinfo Sat Nov 14 09:27:31 2015 (r401564)
@@ -1,4 +1,4 @@
-SHA256 (xen-4.5.1.tar.gz) = 668c11d4fca67ac44329e369f810356eacd37b28d28fb96e66aac77f3c5e1371
-SIZE (xen-4.5.1.tar.gz) = 18410400
+SHA256 (xen-4.5.2.tar.gz) = 4c9e5dac4eea484974e9f76da2756c8e0973b4e884d28d37e955df9ebf00e7e8
+SIZE (xen-4.5.2.tar.gz) = 18416220
SHA256 (seabios-1.8.1.tar.gz) = 283bd848f5ce9d4bc52add973a856347e02c9ce89a9e6bc92c99359b87c9871d
SIZE (seabios-1.8.1.tar.gz) = 537712
More information about the svn-ports-all
mailing list