* [PATCH v2 0/9] Xen: upgrade to 4.11.0
@ 2018-07-31 19:35 christopher.w.clark
2018-07-31 19:35 ` [PATCH v2 1/9] xen: upgrade to 4.10.1, and apply patches for gcc 8.1 compatibility christopher.w.clark
` (9 more replies)
0 siblings, 10 replies; 13+ messages in thread
From: christopher.w.clark @ 2018-07-31 19:35 UTC (permalink / raw)
To: meta-virtualization; +Cc: cardoe
From: Christopher Clark <christopher.w.clark@gmail.com>
This patch series:
* Fixes Xen recipe compatibility with gcc 8.1
* Adds the Xen recipe for Xen's current version: 4.11.0
* Upgrades the existing Xen recipe from 4.10.0 to 4.10.1
- provided to ease backport to older branches (eg. sumo)
* Adds packaging for the Xen shim component and depriv-fd-checker
* Removes the 4.10.1 and 4.9.1 recipes
- superceded by version 4.11.0
* Upgrades the vtpm stubdomains to Xen version 4.11.0
* Applies a bug fix patch to the tpm emulator
* Fixes whitespace patch fuzz on a vtpm patch
* Updates the Xen git recipe to build upstream staging
* Applies a workaround for an upstream parallel build bug
Changes since version 1:
* Use simpler workaround for the upstream parallel build bug
(just build the hypervisor before the tools)
* Add packaging for the new depriv-fd-checker tool
Christopher Clark (9):
xen: upgrade to 4.10.1, and apply patches for gcc 8.1 compatibility
xen: add recipe for 4.11.0
tpm-emulator: apply patch to fix memcmp defect found by gcc
xen-vtpm,mini-os : upgrade to Xen 4.11.0
xen-vtpm : fix patch fuzz, whitespace-only change
xen: remove 4.9.1 recipe and patches no longer required
xen: remove 4.10.1 recipe and patches no longer required
xen: package depriv-fd-checker
xen: Update git recipe to build latest upstream staging branch
...check-to-see-if-removing-a-p2m-entry-actu.patch | 176 ---------------------
...eturn-value-of-p2m_set_entry-when-decreas.patch | 109 -------------
.../xen/files/mini-os_udivmoddi4-gcc7.patch | 43 -----
.../xen/files/tools-xentop-vwprintw.patch | 25 +++
.../xen/files/vtpm-deepquote-anyloc.patch | 8 +-
.../xen/files/vtpm_TPM_ChangeAuthAsymFinish.patch | 28 ++++
recipes-extended/xen/files/xsa246-4.9.patch | 74 ---------
recipes-extended/xen/files/xsa248.patch | 164 -------------------
recipes-extended/xen/files/xsa249.patch | 42 -----
recipes-extended/xen/files/xsa250.patch | 67 --------
recipes-extended/xen/files/xsa251.patch | 21 ---
recipes-extended/xen/files/xsa253.patch | 26 ---
recipes-extended/xen/mini-os_4.11.0.bb | 17 ++
recipes-extended/xen/mini-os_4.9.0.bb | 18 ---
recipes-extended/xen/tpm-emulator_0.7.4.bb | 1 +
recipes-extended/xen/xen-vtpm_4.11.0.bb | 21 +++
recipes-extended/xen/xen-vtpm_4.9.0.bb | 21 ---
recipes-extended/xen/xen.inc | 15 ++
recipes-extended/xen/xen_4.10.0.bb | 12 --
recipes-extended/xen/xen_4.11.0.bb | 12 ++
recipes-extended/xen/xen_4.9.1.bb | 18 ---
recipes-extended/xen/xen_git.bb | 7 +-
22 files changed, 127 insertions(+), 798 deletions(-)
delete mode 100644 recipes-extended/xen/files/0001-p2m-Always-check-to-see-if-removing-a-p2m-entry-actu.patch
delete mode 100644 recipes-extended/xen/files/0002-p2m-Check-return-value-of-p2m_set_entry-when-decreas.patch
delete mode 100644 recipes-extended/xen/files/mini-os_udivmoddi4-gcc7.patch
create mode 100644 recipes-extended/xen/files/tools-xentop-vwprintw.patch
create mode 100644 recipes-extended/xen/files/vtpm_TPM_ChangeAuthAsymFinish.patch
delete mode 100644 recipes-extended/xen/files/xsa246-4.9.patch
delete mode 100644 recipes-extended/xen/files/xsa248.patch
delete mode 100644 recipes-extended/xen/files/xsa249.patch
delete mode 100644 recipes-extended/xen/files/xsa250.patch
delete mode 100644 recipes-extended/xen/files/xsa251.patch
delete mode 100644 recipes-extended/xen/files/xsa253.patch
create mode 100644 recipes-extended/xen/mini-os_4.11.0.bb
delete mode 100644 recipes-extended/xen/mini-os_4.9.0.bb
create mode 100644 recipes-extended/xen/xen-vtpm_4.11.0.bb
delete mode 100644 recipes-extended/xen/xen-vtpm_4.9.0.bb
delete mode 100644 recipes-extended/xen/xen_4.10.0.bb
create mode 100644 recipes-extended/xen/xen_4.11.0.bb
delete mode 100644 recipes-extended/xen/xen_4.9.1.bb
--
2.7.4
^ permalink raw reply [flat|nested] 13+ messages in thread
* [PATCH v2 1/9] xen: upgrade to 4.10.1, and apply patches for gcc 8.1 compatibility
2018-07-31 19:35 [PATCH v2 0/9] Xen: upgrade to 4.11.0 christopher.w.clark
@ 2018-07-31 19:35 ` christopher.w.clark
2018-07-31 19:35 ` [PATCH v2 2/9] xen: add recipe for 4.11.0 christopher.w.clark
` (8 subsequent siblings)
9 siblings, 0 replies; 13+ messages in thread
From: christopher.w.clark @ 2018-07-31 19:35 UTC (permalink / raw)
To: meta-virtualization; +Cc: cardoe
From: Christopher Clark <christopher.w.clark@gmail.com>
Adds packaging for new binary: xen-shim.
Builds the hypervisor before building the tools to workaround an upstream
parallel build bug that causes the shim to be rebuilt during install.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
---
.../shim-don-t-let-build-modify-shim.config.patch | 47 ++++++++++++++
...ls-gdbsx-fix-Wstringop-truncation-warning.patch | 41 ++++++++++++
...tools-kdd-mute-spurious-gcc-warning-part1.patch | 47 ++++++++++++++
...tools-kdd-mute-spurious-gcc-warning-part2.patch | 52 +++++++++++++++
.../xen/files/tools-libxc-fix-strncpy-size.patch | 44 +++++++++++++
...ols-misc-fix-hypothetical-buffer-overflow.patch | 46 ++++++++++++++
.../tools-xenpmd-fix-possible-0-truncation.patch | 74 ++++++++++++++++++++++
.../xen/files/tools-xentop-vwprintw.patch | 25 ++++++++
recipes-extended/xen/files/xsa253.patch | 26 --------
recipes-extended/xen/xen.inc | 14 ++++
recipes-extended/xen/xen_4.10.0.bb | 12 ----
recipes-extended/xen/xen_4.10.1.bb | 19 ++++++
12 files changed, 409 insertions(+), 38 deletions(-)
create mode 100644 recipes-extended/xen/files/shim-don-t-let-build-modify-shim.config.patch
create mode 100644 recipes-extended/xen/files/tools-gdbsx-fix-Wstringop-truncation-warning.patch
create mode 100644 recipes-extended/xen/files/tools-kdd-mute-spurious-gcc-warning-part1.patch
create mode 100644 recipes-extended/xen/files/tools-kdd-mute-spurious-gcc-warning-part2.patch
create mode 100644 recipes-extended/xen/files/tools-libxc-fix-strncpy-size.patch
create mode 100644 recipes-extended/xen/files/tools-misc-fix-hypothetical-buffer-overflow.patch
create mode 100644 recipes-extended/xen/files/tools-xenpmd-fix-possible-0-truncation.patch
create mode 100644 recipes-extended/xen/files/tools-xentop-vwprintw.patch
delete mode 100644 recipes-extended/xen/files/xsa253.patch
delete mode 100644 recipes-extended/xen/xen_4.10.0.bb
create mode 100644 recipes-extended/xen/xen_4.10.1.bb
diff --git a/recipes-extended/xen/files/shim-don-t-let-build-modify-shim.config.patch b/recipes-extended/xen/files/shim-don-t-let-build-modify-shim.config.patch
new file mode 100644
index 0000000..7403528
--- /dev/null
+++ b/recipes-extended/xen/files/shim-don-t-let-build-modify-shim.config.patch
@@ -0,0 +1,47 @@
+From 8717e7417cebeae162fd61ea4cbdcdd422748f08 Mon Sep 17 00:00:00 2001
+From: Juergen Gross <jgross@suse.com>
+Date: Fri, 20 Apr 2018 17:47:55 +0200
+Subject: [PATCH] shim: don't let build modify shim.config
+
+Currently building the shim will modify shim.config in case some config
+option was added or modified in the hypervisor.
+
+Avoid that by copying shim.config to an intermediate file instead.
+
+Signed-off-by: Juergen Gross <jgross@suse.com>
+Reviewed-by: Jan Beulich <jbeulich@suse.com>
+Acked-by: Wei Liu <wei.liu2@citrix.com>
+---
+ tools/firmware/xen-dir/Makefile | 16 ++++++----------
+ 1 file changed, 6 insertions(+), 10 deletions(-)
+
+diff --git a/tools/firmware/xen-dir/Makefile b/tools/firmware/xen-dir/Makefile
+index a7e69ae..84648c3 100644
+--- a/tools/firmware/xen-dir/Makefile
++++ b/tools/firmware/xen-dir/Makefile
+@@ -41,16 +41,12 @@ linkfarm.stamp: $(DEP_DIRS) $(DEP_FILES) FORCE
+ $(D): linkfarm.stamp
+ $(MAKE) -C $(D)/xen distclean
+
+-.PHONY: shim-%config
+-shim-%config: $(D) FORCE
+- $(MAKE) -C $(D)/xen $*config \
+- XEN_CONFIG_EXPERT=y \
+- KCONFIG_CONFIG=$(CURDIR)/shim.config
+-
+-xen-shim: $(D) shim-olddefconfig
+- $(MAKE) -C $(D)/xen build \
+- XEN_CONFIG_EXPERT=y \
+- KCONFIG_CONFIG=$(CURDIR)/shim.config
++$(D)/xen/.config: shim.config $(D)
++ cp $< $@
++ $(MAKE) -C $(@D) olddefconfig XEN_CONFIG_EXPERT=y
++
++xen-shim: $(D)/xen/.config
++ $(MAKE) -C $(<D) build XEN_CONFIG_EXPERT=y
+ ln -sf $(D)/xen/xen $@
+ ln -sf $(D)/xen/xen-syms $@-syms
+
+--
+2.7.4
+
diff --git a/recipes-extended/xen/files/tools-gdbsx-fix-Wstringop-truncation-warning.patch b/recipes-extended/xen/files/tools-gdbsx-fix-Wstringop-truncation-warning.patch
new file mode 100644
index 0000000..2896d9f
--- /dev/null
+++ b/recipes-extended/xen/files/tools-gdbsx-fix-Wstringop-truncation-warning.patch
@@ -0,0 +1,41 @@
+From 7f601f7c341c80d554615556d60e3b8ed1e5ad4f Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
+ <marmarek@invisiblethingslab.com>
+Date: Thu, 5 Apr 2018 03:50:54 +0200
+Subject: [PATCH] tools/gdbsx: fix -Wstringop-truncation warning
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+gcc-8 complains:
+
+ gx_main.c: In function 'prepare_stop_reply':
+ gx_main.c:385:9: error: 'strncpy' output truncated before terminating nul copying 6 bytes from a string of the same length [-Werror=stringop-truncation]
+ strncpy(buf, "watch:", 6);
+ ^~~~~~~~~~~~~~~~~~~~~~~~~
+
+Since terminating '\0' isn't needed here at all, switch to memcpy.
+
+Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
+Acked-by: Wei Liu <wei.liu2@citrix.com>
+Release-Acked-by: Juergen Gross <jgross@suse.com>
+---
+ tools/debugger/gdbsx/gx/gx_main.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/tools/debugger/gdbsx/gx/gx_main.c b/tools/debugger/gdbsx/gx/gx_main.c
+index a908c45..6dfa501 100644
+--- a/tools/debugger/gdbsx/gx/gx_main.c
++++ b/tools/debugger/gdbsx/gx/gx_main.c
+@@ -382,7 +382,7 @@ prepare_stop_reply(enum target_signal sig, char *buf, vcpuid_t vcpu)
+
+ /* TBD: check if we stopped because of watchpoint */
+ if (watchpoint_stop()) {
+- strncpy(buf, "watch:", 6);
++ memcpy(buf, "watch:", 6);
+ buf += 6;
+ /* TBD: **/
+ }
+--
+2.7.4
+
diff --git a/recipes-extended/xen/files/tools-kdd-mute-spurious-gcc-warning-part1.patch b/recipes-extended/xen/files/tools-kdd-mute-spurious-gcc-warning-part1.patch
new file mode 100644
index 0000000..f94d22c
--- /dev/null
+++ b/recipes-extended/xen/files/tools-kdd-mute-spurious-gcc-warning-part1.patch
@@ -0,0 +1,47 @@
+From 437e00fea04becc91c1b6bc1c0baa636b067a5cc Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
+ <marmarek@invisiblethingslab.com>
+Date: Thu, 5 Apr 2018 03:50:55 +0200
+Subject: [PATCH] tools/kdd: mute spurious gcc warning
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+gcc-8 complains:
+
+ kdd.c:698:13: error: 'memcpy' offset [-204, -717] is out of the bounds [0, 216] of object 'ctrl' with type 'kdd_ctrl' {aka 'union <anonymous>'} [-Werror=array-bounds]
+ memcpy(buf, ((uint8_t *)&ctrl.c32) + offset, len);
+ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ kdd.c: In function 'kdd_select_callback':
+ kdd.c:642:14: note: 'ctrl' declared here
+ kdd_ctrl ctrl;
+ ^~~~
+
+But this is impossible - 'offset' is unsigned and correctly validated
+few lines before.
+
+Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
+Acked-by: Wei Liu <wei.liu2@citrix.com>
+Release-Acked-by: Juergen Gross <jgross@suse.com>
+---
+ tools/debugger/kdd/kdd.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/tools/debugger/kdd/kdd.c b/tools/debugger/kdd/kdd.c
+index 1bd5dd5..61d769e 100644
+--- a/tools/debugger/kdd/kdd.c
++++ b/tools/debugger/kdd/kdd.c
+@@ -695,7 +695,10 @@ static void kdd_handle_read_ctrl(kdd_state *s)
+ KDD_LOG(s, "Request outside of known control space\n");
+ len = 0;
+ } else {
++#pragma GCC diagnostic push
++#pragma GCC diagnostic ignored "-Warray-bounds"
+ memcpy(buf, ((uint8_t *)&ctrl.c32) + offset, len);
++#pragma GCC diagnostic pop
+ }
+ }
+
+--
+2.7.4
+
diff --git a/recipes-extended/xen/files/tools-kdd-mute-spurious-gcc-warning-part2.patch b/recipes-extended/xen/files/tools-kdd-mute-spurious-gcc-warning-part2.patch
new file mode 100644
index 0000000..afd1423
--- /dev/null
+++ b/recipes-extended/xen/files/tools-kdd-mute-spurious-gcc-warning-part2.patch
@@ -0,0 +1,52 @@
+From 2de2b10b2252761baa5dd0077df384dbfcca8212 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
+ <marmarek@invisiblethingslab.com>
+Date: Tue, 22 May 2018 21:47:45 +0200
+Subject: [PATCH] tools/kdd: alternative way of muting spurious gcc warning
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Older gcc does not support #pragma GCC diagnostics, so use alternative
+approach - change variable type to uint32_t (this code handle 32-bit
+requests only anyway), which apparently also avoid gcc complaining about
+this (otherwise correct) code.
+
+Fixes 437e00fea04becc91c1b6bc1c0baa636b067a5cc "tools/kdd: mute spurious
+gcc warning"
+
+Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
+Acked-by: Wei Liu <wei.liu2@citrix.com>
+Release-acked-by: Juergen Gross <jgross@suse.com>
+Acked-by: Tim Deegan <tim@xen.org>
+---
+ tools/debugger/kdd/kdd.c | 5 +----
+ 1 file changed, 1 insertion(+), 4 deletions(-)
+
+diff --git a/tools/debugger/kdd/kdd.c b/tools/debugger/kdd/kdd.c
+index 61d769e..5a019a0 100644
+--- a/tools/debugger/kdd/kdd.c
++++ b/tools/debugger/kdd/kdd.c
+@@ -687,7 +687,7 @@ static void kdd_handle_read_ctrl(kdd_state *s)
+ }
+ } else {
+ /* 32-bit control-register space starts at 0x[2]cc, for 84 bytes */
+- uint64_t offset = addr;
++ uint32_t offset = addr;
+ if (offset > 0x200)
+ offset -= 0x200;
+ offset -= 0xcc;
+@@ -695,10 +695,7 @@ static void kdd_handle_read_ctrl(kdd_state *s)
+ KDD_LOG(s, "Request outside of known control space\n");
+ len = 0;
+ } else {
+-#pragma GCC diagnostic push
+-#pragma GCC diagnostic ignored "-Warray-bounds"
+ memcpy(buf, ((uint8_t *)&ctrl.c32) + offset, len);
+-#pragma GCC diagnostic pop
+ }
+ }
+
+--
+2.7.4
+
diff --git a/recipes-extended/xen/files/tools-libxc-fix-strncpy-size.patch b/recipes-extended/xen/files/tools-libxc-fix-strncpy-size.patch
new file mode 100644
index 0000000..2d606cd
--- /dev/null
+++ b/recipes-extended/xen/files/tools-libxc-fix-strncpy-size.patch
@@ -0,0 +1,44 @@
+From fa7789ef18bd2e716997937af71b2e4b5b00a159 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
+ <marmarek@invisiblethingslab.com>
+Date: Thu, 5 Apr 2018 03:50:49 +0200
+Subject: [PATCH] tools/libxc: fix strncpy size
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+gcc-8 warns about possible truncation of trailing '\0'.
+Final character is overridden by '\0' anyway, so don't bother to copy
+it.
+
+This fixes compile failure:
+
+ xc_pm.c: In function 'xc_set_cpufreq_gov':
+ xc_pm.c:308:5: error: 'strncpy' specified bound 16 equals destination size [-Werror=stringop-truncation]
+ strncpy(scaling_governor, govname, CPUFREQ_NAME_LEN);
+ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ cc1: all warnings being treated as errors
+
+Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
+Acked-by: Wei Liu <wei.liu2@citrix.com>
+Release-Acked-by: Juergen Gross <jgross@suse.com>
+---
+ tools/libxc/xc_pm.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/tools/libxc/xc_pm.c b/tools/libxc/xc_pm.c
+index 67e2418..6f8d548 100644
+--- a/tools/libxc/xc_pm.c
++++ b/tools/libxc/xc_pm.c
+@@ -305,7 +305,7 @@ int xc_set_cpufreq_gov(xc_interface *xch, int cpuid, char *govname)
+ sysctl.cmd = XEN_SYSCTL_pm_op;
+ sysctl.u.pm_op.cmd = SET_CPUFREQ_GOV;
+ sysctl.u.pm_op.cpuid = cpuid;
+- strncpy(scaling_governor, govname, CPUFREQ_NAME_LEN);
++ strncpy(scaling_governor, govname, CPUFREQ_NAME_LEN - 1);
+ scaling_governor[CPUFREQ_NAME_LEN - 1] = '\0';
+
+ return xc_sysctl(xch, &sysctl);
+--
+2.7.4
+
diff --git a/recipes-extended/xen/files/tools-misc-fix-hypothetical-buffer-overflow.patch b/recipes-extended/xen/files/tools-misc-fix-hypothetical-buffer-overflow.patch
new file mode 100644
index 0000000..a499861
--- /dev/null
+++ b/recipes-extended/xen/files/tools-misc-fix-hypothetical-buffer-overflow.patch
@@ -0,0 +1,46 @@
+From 27751d89248c8c5eef6d8b56eb8f7d2084145080 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
+ <marmarek@invisiblethingslab.com>
+Date: Thu, 5 Apr 2018 03:50:50 +0200
+Subject: [PATCH] tools/misc: fix hypothetical buffer overflow in xen-lowmemd
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+gcc-8 complains:
+
+ xen-lowmemd.c: In function 'handle_low_mem':
+ xen-lowmemd.c:80:55: error: '%s' directive output may be truncated writing up to 511 bytes into a region of size 489 [-Werror=format-truncation=]
+ snprintf(error, BUFSZ,"Failed to write target %s to xenstore", data);
+ ^~ ~~~~
+ xen-lowmemd.c:80:9: note: 'snprintf' output between 36 and 547 bytes into a destination of size 512
+ snprintf(error, BUFSZ,"Failed to write target %s to xenstore", data);
+ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+In practice it wouldn't happen, because 'data' contains string
+representation of 64-bit unsigned number (20 characters at most).
+But place a limit to mute gcc warning.
+
+Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
+Acked-by: Wei Liu <wei.liu2@citrix.com>
+Release-Acked-by: Juergen Gross <jgross@suse.com>
+---
+ tools/misc/xen-lowmemd.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/tools/misc/xen-lowmemd.c b/tools/misc/xen-lowmemd.c
+index 865a54c..79ad34c 100644
+--- a/tools/misc/xen-lowmemd.c
++++ b/tools/misc/xen-lowmemd.c
+@@ -77,7 +77,7 @@ void handle_low_mem(void)
+ if (!xs_write(xs_handle, XBT_NULL,
+ "/local/domain/0/memory/target", data, strlen(data)))
+ {
+- snprintf(error, BUFSZ,"Failed to write target %s to xenstore", data);
++ snprintf(error, BUFSZ,"Failed to write target %.24s to xenstore", data);
+ perror(error);
+ }
+ }
+--
+2.7.4
+
diff --git a/recipes-extended/xen/files/tools-xenpmd-fix-possible-0-truncation.patch b/recipes-extended/xen/files/tools-xenpmd-fix-possible-0-truncation.patch
new file mode 100644
index 0000000..86a8e35
--- /dev/null
+++ b/recipes-extended/xen/files/tools-xenpmd-fix-possible-0-truncation.patch
@@ -0,0 +1,74 @@
+From 938c8f53b1f80175c6f7a1399efdb984abb0cb8b Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
+ <marmarek@invisiblethingslab.com>
+Date: Thu, 5 Apr 2018 03:50:53 +0200
+Subject: [PATCH] tools/xenpmd: fix possible '\0' truncation
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+gcc-8 complains:
+ xenpmd.c:207:9: error: 'strncpy' specified bound 32 equals destination size [-Werror=stringop-truncation]
+ strncpy(info->oem_info, attrib_value, 32);
+ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ xenpmd.c:201:9: error: 'strncpy' specified bound 32 equals destination size [-Werror=stringop-truncation]
+ strncpy(info->battery_type, attrib_value, 32);
+ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ xenpmd.c:195:9: error: 'strncpy' specified bound 32 equals destination size [-Werror=stringop-truncation]
+ strncpy(info->serial_number, attrib_value, 32);
+ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ xenpmd.c:189:9: error: 'strncpy' specified bound 32 equals destination size [-Werror=stringop-truncation]
+ strncpy(info->model_number, attrib_value, 32);
+ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Copy 31 chars, then make sure terminating '\0' is present. Those fields
+are passed to strlen and as '%s' for snprintf later.
+
+Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
+Acked-by: Wei Liu <wei.liu2@citrix.com>
+Release-Acked-by: Juergen Gross <jgross@suse.com>
+---
+ tools/xenpmd/xenpmd.c | 12 ++++++++----
+ 1 file changed, 8 insertions(+), 4 deletions(-)
+
+diff --git a/tools/xenpmd/xenpmd.c b/tools/xenpmd/xenpmd.c
+index 689c8fd..56412a9 100644
+--- a/tools/xenpmd/xenpmd.c
++++ b/tools/xenpmd/xenpmd.c
+@@ -186,25 +186,29 @@ void set_attribute_battery_info(char *attrib_name,
+
+ if ( strstr(attrib_name, "model number") )
+ {
+- strncpy(info->model_number, attrib_value, 32);
++ strncpy(info->model_number, attrib_value, 31);
++ info->model_number[31] = '\0';
+ return;
+ }
+
+ if ( strstr(attrib_name, "serial number") )
+ {
+- strncpy(info->serial_number, attrib_value, 32);
++ strncpy(info->serial_number, attrib_value, 31);
++ info->serial_number[31] = '\0';
+ return;
+ }
+
+ if ( strstr(attrib_name, "battery type") )
+ {
+- strncpy(info->battery_type, attrib_value, 32);
++ strncpy(info->battery_type, attrib_value, 31);
++ info->battery_type[31] = '\0';
+ return;
+ }
+
+ if ( strstr(attrib_name, "OEM info") )
+ {
+- strncpy(info->oem_info, attrib_value, 32);
++ strncpy(info->oem_info, attrib_value, 31);
++ info->oem_info[31] = '\0';
+ return;
+ }
+
+--
+2.7.4
+
diff --git a/recipes-extended/xen/files/tools-xentop-vwprintw.patch b/recipes-extended/xen/files/tools-xentop-vwprintw.patch
new file mode 100644
index 0000000..5d5d011
--- /dev/null
+++ b/recipes-extended/xen/files/tools-xentop-vwprintw.patch
@@ -0,0 +1,25 @@
+tools/xentop : fix vwprintw -Werror=deprecated-declarations warning
+
+gcc-8.1 complains:
+
+| xentop.c: In function 'print':
+| xentop.c:304:4: error: 'vwprintw' is deprecated [-Werror=deprecated-declarations]
+| vwprintw(stdscr, (curses_str_t)fmt, args);
+| ^~~~~~~~
+
+vw_printw is the non-deprecated alternative.
+
+Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
+diff --git a/tools/xenstat/xentop/xentop.c b/tools/xenstat/xentop/xentop.c
+index 2fd2b67..c465810 100644
+--- a/tools/xenstat/xentop/xentop.c
++++ b/tools/xenstat/xentop/xentop.c
+@@ -301,7 +301,7 @@ static void print(const char *fmt, ...)
+ if (!batch) {
+ if((current_row() < lines()-1)) {
+ va_start(args, fmt);
+- vwprintw(stdscr, (curses_str_t)fmt, args);
++ vw_printw(stdscr, (curses_str_t)fmt, args);
+ va_end(args);
+ }
+ } else {
diff --git a/recipes-extended/xen/files/xsa253.patch b/recipes-extended/xen/files/xsa253.patch
deleted file mode 100644
index 19e4269..0000000
--- a/recipes-extended/xen/files/xsa253.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From: Andrew Cooper <andrew.cooper3@citrix.com>
-Subject: x86/msr: Free msr_vcpu_policy during vcpu destruction
-
-c/s 4187f79dc7 "x86/msr: introduce struct msr_vcpu_policy" introduced a
-per-vcpu memory allocation, but failed to free it in the clean vcpu
-destruction case.
-
-This is XSA-253
-
-Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
-Reviewed-by: Jan Beulich <jbeulich@suse.com>
-
-diff --git a/xen/arch/x86/domain.c b/xen/arch/x86/domain.c
-index b17468c..0ae715d 100644
---- a/xen/arch/x86/domain.c
-+++ b/xen/arch/x86/domain.c
-@@ -382,6 +382,9 @@ void vcpu_destroy(struct vcpu *v)
-
- vcpu_destroy_fpu(v);
-
-+ xfree(v->arch.msr);
-+ v->arch.msr = NULL;
-+
- if ( !is_idle_domain(v->domain) )
- vpmu_destroy(v);
-
diff --git a/recipes-extended/xen/xen.inc b/recipes-extended/xen/xen.inc
index cadbd78..42c93b4 100644
--- a/recipes-extended/xen/xen.inc
+++ b/recipes-extended/xen/xen.inc
@@ -91,6 +91,7 @@ RRECOMMENDS_${PN}-base = " \
${PN}-libvhd \
${PN}-flask \
${PN}-hvmloader \
+ ${PN}-shim \
${PN}-xenpaging \
"
@@ -213,6 +214,7 @@ PACKAGES = "\
${PN}-scripts-block \
${PN}-scripts-common \
${PN}-scripts-network \
+ ${PN}-shim \
${PN}-staticdev \
${PN}-volatiles \
${PN}-xcutils \
@@ -638,6 +640,11 @@ FILES_${PN}-scripts-common = " \
${sysconfdir}/xen/scripts/xen-script-common.sh \
"
+INSANE_SKIP_${PN}-shim = "arch"
+FILES_${PN}-shim = " \
+ ${libdir}/xen/boot/xen-shim \
+ "
+
FILES_${PN}-volatiles = "\
${sysconfdir}/default/volatiles/99_xen \
${sysconfdir}/tmpfiles.d/xen.conf \
@@ -930,10 +937,17 @@ do_compile() {
# workaround for build bug when CFLAGS is exported
# https://www.mail-archive.com/xen-devel@lists.xen.org/msg67822.html
unset CFLAGS
+
+ # Workaround for parallel build bug: build xen first.
+ # https://lists.xenproject.org/archives/html/xen-devel/2018-07/msg02551.html
+ oe_runmake xen
oe_runmake
}
do_install() {
+ # CFLAGS is used to set PY_CFLAGS which affects the pygrub install
+ # so also need to unset CFLAGS here:
+ unset CFLAGS
oe_runmake DESTDIR="${D}" install
# remove installed volatiles
diff --git a/recipes-extended/xen/xen_4.10.0.bb b/recipes-extended/xen/xen_4.10.0.bb
deleted file mode 100644
index d314b9b..0000000
--- a/recipes-extended/xen/xen_4.10.0.bb
+++ /dev/null
@@ -1,12 +0,0 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
-require xen.inc
-
-SRC_URI = " \
- https://downloads.xenproject.org/release/xen/${PV}/xen-${PV}.tar.gz \
- file://xsa253.patch \
- "
-
-SRC_URI[md5sum] = "ab9d320d02cb40f6b40506aed1a38d58"
-SRC_URI[sha256sum] = "0262a7023f8b12bcacfb0b25e69b2a63291f944f7683d54d8f33d4b2ca556844"
-
-S = "${WORKDIR}/xen-${PV}"
diff --git a/recipes-extended/xen/xen_4.10.1.bb b/recipes-extended/xen/xen_4.10.1.bb
new file mode 100644
index 0000000..01c0788
--- /dev/null
+++ b/recipes-extended/xen/xen_4.10.1.bb
@@ -0,0 +1,19 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
+require xen.inc
+
+SRC_URI = " \
+ https://downloads.xenproject.org/release/xen/${PV}/xen-${PV}.tar.gz \
+ file://tools-libxc-fix-strncpy-size.patch \
+ file://tools-misc-fix-hypothetical-buffer-overflow.patch \
+ file://tools-xentop-vwprintw.patch \
+ file://tools-xenpmd-fix-possible-0-truncation.patch \
+ file://tools-gdbsx-fix-Wstringop-truncation-warning.patch \
+ file://tools-kdd-mute-spurious-gcc-warning-part1.patch \
+ file://tools-kdd-mute-spurious-gcc-warning-part2.patch \
+ file://shim-don-t-let-build-modify-shim.config.patch \
+ "
+
+SRC_URI[md5sum] = "d1b1d14ce76622062c9977d9c8ba772e"
+SRC_URI[sha256sum] = "570d654f357d4085accdf752989c1cbc33e2075feac8fcc505d68bdb81b1a0cf"
+
+S = "${WORKDIR}/xen-${PV}"
--
2.7.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH v2 2/9] xen: add recipe for 4.11.0
2018-07-31 19:35 [PATCH v2 0/9] Xen: upgrade to 4.11.0 christopher.w.clark
2018-07-31 19:35 ` [PATCH v2 1/9] xen: upgrade to 4.10.1, and apply patches for gcc 8.1 compatibility christopher.w.clark
@ 2018-07-31 19:35 ` christopher.w.clark
2018-07-31 19:35 ` [PATCH v2 3/9] tpm-emulator: apply patch to fix memcmp defect found by gcc christopher.w.clark
` (7 subsequent siblings)
9 siblings, 0 replies; 13+ messages in thread
From: christopher.w.clark @ 2018-07-31 19:35 UTC (permalink / raw)
To: meta-virtualization; +Cc: cardoe
From: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
---
recipes-extended/xen/xen_4.11.0.bb | 12 ++++++++++++
1 file changed, 12 insertions(+)
create mode 100644 recipes-extended/xen/xen_4.11.0.bb
diff --git a/recipes-extended/xen/xen_4.11.0.bb b/recipes-extended/xen/xen_4.11.0.bb
new file mode 100644
index 0000000..7884194
--- /dev/null
+++ b/recipes-extended/xen/xen_4.11.0.bb
@@ -0,0 +1,12 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
+require xen.inc
+
+SRC_URI = " \
+ https://downloads.xenproject.org/release/xen/${PV}/xen-${PV}.tar.gz \
+ file://tools-xentop-vwprintw.patch \
+ "
+
+SRC_URI[md5sum] = "cbec0600284921744bc14119f4ed3fff"
+SRC_URI[sha256sum] = "826e3a9f6d0eac94a825d272cc2c1294e22640ae75af906eb13920f9ad667643"
+
+S = "${WORKDIR}/xen-${PV}"
--
2.7.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH v2 3/9] tpm-emulator: apply patch to fix memcmp defect found by gcc
2018-07-31 19:35 [PATCH v2 0/9] Xen: upgrade to 4.11.0 christopher.w.clark
2018-07-31 19:35 ` [PATCH v2 1/9] xen: upgrade to 4.10.1, and apply patches for gcc 8.1 compatibility christopher.w.clark
2018-07-31 19:35 ` [PATCH v2 2/9] xen: add recipe for 4.11.0 christopher.w.clark
@ 2018-07-31 19:35 ` christopher.w.clark
2018-07-31 19:35 ` [PATCH v2 4/9] xen-vtpm, mini-os : upgrade to Xen 4.11.0 christopher.w.clark
` (6 subsequent siblings)
9 siblings, 0 replies; 13+ messages in thread
From: christopher.w.clark @ 2018-07-31 19:35 UTC (permalink / raw)
To: meta-virtualization; +Cc: cardoe
From: Christopher Clark <christopher.w.clark@gmail.com>
| tpm_emulator-0.7.4/tpm/tpm_deprecated.c:437:7:
| error: 'memcmp' reading 20 bytes from a region of size 8
| [-Werror=stringop-overflow=]
| if (memcmp(&b1, &newAuthLink, sizeof(TPM_HMAC))) {
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Apply patch from Xen: vtpm_TPM_ChangeAuthAsymFinish.patch
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
---
.../xen/files/vtpm_TPM_ChangeAuthAsymFinish.patch | 28 ++++++++++++++++++++++
recipes-extended/xen/tpm-emulator_0.7.4.bb | 1 +
2 files changed, 29 insertions(+)
create mode 100644 recipes-extended/xen/files/vtpm_TPM_ChangeAuthAsymFinish.patch
diff --git a/recipes-extended/xen/files/vtpm_TPM_ChangeAuthAsymFinish.patch b/recipes-extended/xen/files/vtpm_TPM_ChangeAuthAsymFinish.patch
new file mode 100644
index 0000000..aefca28
--- /dev/null
+++ b/recipes-extended/xen/files/vtpm_TPM_ChangeAuthAsymFinish.patch
@@ -0,0 +1,28 @@
+Patch derived from below Xen changeset.
+Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
+
+commit 22bf5be3237cb482a2ffd772ffd20ce37285eebf
+Author: Olaf Hering <olaf@aepfle.de>
+Date: Mon Jun 18 14:55:36 2018 +0200
+
+stubdom/vtpm: fix memcmp in TPM_ChangeAuthAsymFinish
+
+gcc8 spotted this error:
+error: 'memcmp' reading 20 bytes from a region of size 8 [-Werror=stringop-overflow=]
+
+Signed-off-by: Olaf Hering <olaf@aepfle.de>
+Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
+
+diff --git a/tpm/tpm_deprecated.c b/tpm/tpm_deprecated.c
+index c362b56..4c49f54 100644
+--- a/tpm/tpm_deprecated.c
++++ b/tpm/tpm_deprecated.c
+@@ -434,7 +434,7 @@ TPM_RESULT TPM_ChangeAuthAsymFinish(TPM_KEY_HANDLE parentHandle,
+ tpm_hmac_final(&hmac_ctx, b1.digest);
+ /* 6. The TPM SHALL compare b1 with newAuthLink. The TPM SHALL
+ indicate a failure if the values do not match. */
+- if (memcmp(&b1, &newAuthLink, sizeof(TPM_HMAC))) {
++ if (memcmp(&b1, newAuthLink, sizeof(TPM_HMAC))) {
+ debug("TPM_ChangeAuthAsymFinish(): newAuthLink value does not match.");
+ return TPM_FAIL;
+ }
diff --git a/recipes-extended/xen/tpm-emulator_0.7.4.bb b/recipes-extended/xen/tpm-emulator_0.7.4.bb
index f626929..96a4090 100644
--- a/recipes-extended/xen/tpm-emulator_0.7.4.bb
+++ b/recipes-extended/xen/tpm-emulator_0.7.4.bb
@@ -16,6 +16,7 @@ SRC_URI = "\
file://vtpm-deepquote-anyloc.patch \
file://vtpm-cmake-Wextra.patch \
file://vtpm-implicit-fallthrough.patch \
+ file://vtpm_TPM_ChangeAuthAsymFinish.patch \
"
SRC_URI[tpm-emulator.md5sum] = "e26becb8a6a2b6695f6b3e8097593db8"
SRC_URI[tpm-emulator.sha256sum] = "4e48ea0d83dd9441cc1af04ab18cd6c961b9fa54d5cbf2c2feee038988dea459"
--
2.7.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH v2 4/9] xen-vtpm, mini-os : upgrade to Xen 4.11.0
2018-07-31 19:35 [PATCH v2 0/9] Xen: upgrade to 4.11.0 christopher.w.clark
` (2 preceding siblings ...)
2018-07-31 19:35 ` [PATCH v2 3/9] tpm-emulator: apply patch to fix memcmp defect found by gcc christopher.w.clark
@ 2018-07-31 19:35 ` christopher.w.clark
2018-07-31 19:35 ` [PATCH v2 5/9] xen-vtpm : fix patch fuzz, whitespace-only change christopher.w.clark
` (5 subsequent siblings)
9 siblings, 0 replies; 13+ messages in thread
From: christopher.w.clark @ 2018-07-31 19:35 UTC (permalink / raw)
To: meta-virtualization; +Cc: cardoe
From: Christopher Clark <christopher.w.clark@gmail.com>
drops the gcc7 compatibility patch -- no longer required as
it is present in the upstream version.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
---
.../xen/files/mini-os_udivmoddi4-gcc7.patch | 43 ----------------------
recipes-extended/xen/mini-os_4.11.0.bb | 17 +++++++++
recipes-extended/xen/mini-os_4.9.0.bb | 18 ---------
recipes-extended/xen/xen-vtpm_4.11.0.bb | 21 +++++++++++
recipes-extended/xen/xen-vtpm_4.9.0.bb | 21 -----------
5 files changed, 38 insertions(+), 82 deletions(-)
delete mode 100644 recipes-extended/xen/files/mini-os_udivmoddi4-gcc7.patch
create mode 100644 recipes-extended/xen/mini-os_4.11.0.bb
delete mode 100644 recipes-extended/xen/mini-os_4.9.0.bb
create mode 100644 recipes-extended/xen/xen-vtpm_4.11.0.bb
delete mode 100644 recipes-extended/xen/xen-vtpm_4.9.0.bb
diff --git a/recipes-extended/xen/files/mini-os_udivmoddi4-gcc7.patch b/recipes-extended/xen/files/mini-os_udivmoddi4-gcc7.patch
deleted file mode 100644
index a3745bd..0000000
--- a/recipes-extended/xen/files/mini-os_udivmoddi4-gcc7.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From d991bdbc062248221511ecb795617c36b37e1d2e Mon Sep 17 00:00:00 2001
-From: Wei Liu <wei.liu2@citrix.com>
-Date: Wed, 9 Aug 2017 13:15:48 +0100
-Subject: [PATCH] lib/math.c: implement __udivmoddi4
-
-Some code compiled by gcc 7 requires this.
-
-Signed-off-by: Wei Liu <wei.liu2@citrix.com>
-Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
----
- lib/math.c | 10 ++++++++++
- 1 file changed, 10 insertions(+)
-
-diff --git a/lib/math.c b/lib/math.c
-index 561393e..b98cc1d 100644
---- a/lib/math.c
-+++ b/lib/math.c
-@@ -6,6 +6,7 @@
- * File: math.c
- * Author: Rolf Neugebauer (neugebar@dcs.gla.ac.uk)
- * Changes:
-+ * Implement __udivmoddi4 (Wei Liu <wei.liu2@citrix.com>)
- *
- * Date: Aug 2003
- *
-@@ -397,6 +398,15 @@ __umoddi3(u_quad_t a, u_quad_t b)
- }
-
- /*
-+ * Returns the quotient and places remainder in r
-+ */
-+u_quad_t
-+__udivmoddi4(u_quad_t a, u_quad_t b, u_quad_t *r)
-+{
-+ return __qdivrem(a, b, r);
-+}
-+
-+/*
- * From
- * moddi3.c
- */
---
-2.11.0
diff --git a/recipes-extended/xen/mini-os_4.11.0.bb b/recipes-extended/xen/mini-os_4.11.0.bb
new file mode 100644
index 0000000..85a06a7
--- /dev/null
+++ b/recipes-extended/xen/mini-os_4.11.0.bb
@@ -0,0 +1,17 @@
+# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com>
+# Released under the MIT license (see COPYING.MIT for the terms)
+
+DESCRIPTION = "Mini-OS is a tiny OS kernel distributed with the Xen Project"
+HOMEPAGE = "https://wiki.xenproject.org/wiki/Mini-OS"
+LICENSE = "GPLv2"
+LIC_FILES_CHKSUM = "file://COPYING;md5=8a437231894440a8f7629caa372243d0"
+
+# git commit hash for: xen-RELEASE-4.11.0
+SRCREV_minios = "0b4b7897e08b967a09bed2028a79fabff82342dd"
+SRC_URI = "\
+ git://xenbits.xen.org/mini-os.git;protocol=git;nobranch=1;destsuffix=mini-os;name=minios \
+"
+S="${WORKDIR}/mini-os"
+B="${S}"
+
+require mini-os.inc
diff --git a/recipes-extended/xen/mini-os_4.9.0.bb b/recipes-extended/xen/mini-os_4.9.0.bb
deleted file mode 100644
index 298bc8d..0000000
--- a/recipes-extended/xen/mini-os_4.9.0.bb
+++ /dev/null
@@ -1,18 +0,0 @@
-# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com>
-# Released under the MIT license (see COPYING.MIT for the terms)
-
-DESCRIPTION = "Mini-OS is a tiny OS kernel distributed with the Xen Project"
-HOMEPAGE = "https://wiki.xenproject.org/wiki/Mini-OS"
-LICENSE = "GPLv2"
-LIC_FILES_CHKSUM = "file://COPYING;md5=8a437231894440a8f7629caa372243d0"
-
-# git commit hash for tags: xen-RELEASE-4.9.0, xen-RELEASE-4.9.1, xen-RELEASE-4.9.2
-SRCREV_minios = "ca013fa9baf92f47469ba1f2e1aaa31c41d8a0bb"
-SRC_URI = "\
- git://xenbits.xen.org/mini-os.git;protocol=git;nobranch=1;destsuffix=mini-os;name=minios \
- file://mini-os_udivmoddi4-gcc7.patch \
-"
-S="${WORKDIR}/mini-os"
-B="${S}"
-
-require mini-os.inc
diff --git a/recipes-extended/xen/xen-vtpm_4.11.0.bb b/recipes-extended/xen/xen-vtpm_4.11.0.bb
new file mode 100644
index 0000000..088e985
--- /dev/null
+++ b/recipes-extended/xen/xen-vtpm_4.11.0.bb
@@ -0,0 +1,21 @@
+# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com>
+# Released under the MIT license (see COPYING.MIT for the terms)
+
+DESCRIPTION = "MiniOS-based vTPMs for Xen"
+HOMEPAGE = "https://www.xenproject.org"
+LICENSE = "GPLv2 & BSD-3-Clause"
+LIC_FILES_CHKSUM = "file://COPYING;md5=b1ceb1b03a49b202ee6f41ffd1ed0155 \
+ file://vtpm/COPYING;md5=75a98062ab0322ded060d9026a1bda61 \
+"
+
+# git commit hash for Xen's RELEASE-4.11.0 tag
+SRCREV_xen = "1eb6544a567e3e5133fafe0c4ef3545c5138d0e4"
+SRC_URI = "\
+ git://xenbits.xen.org/xen.git;protocol=git;nobranch=1;name=xen;subpath=stubdom \
+ git://xenbits.xen.org/xen.git;protocol=git;nobranch=1;name=xen;destsuffix=stubdom/include;subpath=tools/xenstore/include \
+"
+
+S="${WORKDIR}/stubdom"
+B="${S}"
+
+require xen-vtpm.inc
diff --git a/recipes-extended/xen/xen-vtpm_4.9.0.bb b/recipes-extended/xen/xen-vtpm_4.9.0.bb
deleted file mode 100644
index c58a02d..0000000
--- a/recipes-extended/xen/xen-vtpm_4.9.0.bb
+++ /dev/null
@@ -1,21 +0,0 @@
-# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com>
-# Released under the MIT license (see COPYING.MIT for the terms)
-
-DESCRIPTION = "MiniOS-based vTPMs for Xen"
-HOMEPAGE = "https://www.xenproject.org"
-LICENSE = "GPLv2 & BSD-3-Clause"
-LIC_FILES_CHKSUM = "file://COPYING;md5=b1ceb1b03a49b202ee6f41ffd1ed0155 \
- file://vtpm/COPYING;md5=75a98062ab0322ded060d9026a1bda61 \
-"
-
-# git commit hash for Xen's RELEASE-4.9.0 tag
-SRCREV_xen = "c30bf55594a53fae8aae08aabf16fc192faad7da"
-SRC_URI = "\
- git://xenbits.xen.org/xen.git;protocol=git;nobranch=1;name=xen;subpath=stubdom \
- git://xenbits.xen.org/xen.git;protocol=git;nobranch=1;name=xen;destsuffix=stubdom/include;subpath=tools/xenstore/include \
-"
-
-S="${WORKDIR}/stubdom"
-B="${S}"
-
-require xen-vtpm.inc
--
2.7.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH v2 5/9] xen-vtpm : fix patch fuzz, whitespace-only change
2018-07-31 19:35 [PATCH v2 0/9] Xen: upgrade to 4.11.0 christopher.w.clark
` (3 preceding siblings ...)
2018-07-31 19:35 ` [PATCH v2 4/9] xen-vtpm, mini-os : upgrade to Xen 4.11.0 christopher.w.clark
@ 2018-07-31 19:35 ` christopher.w.clark
2018-07-31 19:35 ` [PATCH v2 6/9] xen: remove 4.9.1 recipe and patches no longer required christopher.w.clark
` (4 subsequent siblings)
9 siblings, 0 replies; 13+ messages in thread
From: christopher.w.clark @ 2018-07-31 19:35 UTC (permalink / raw)
To: meta-virtualization; +Cc: cardoe
From: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
---
recipes-extended/xen/files/vtpm-deepquote-anyloc.patch | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/recipes-extended/xen/files/vtpm-deepquote-anyloc.patch b/recipes-extended/xen/files/vtpm-deepquote-anyloc.patch
index 7b37d51..b1cbf66 100644
--- a/recipes-extended/xen/files/vtpm-deepquote-anyloc.patch
+++ b/recipes-extended/xen/files/vtpm-deepquote-anyloc.patch
@@ -101,16 +101,16 @@ index c0d62e7..6586c22 100644
- UINT32 *sigSize, BYTE **sig)
+ UINT32 extraInfoFlags, UINT32 *quote_blob_size, BYTE **quote_blob)
{
- TPM_RESULT res;
- TPM_DIGEST hres;
+ TPM_RESULT res;
+ TPM_DIGEST hres;
@@ -253,7 +254,7 @@ TPM_RESULT TPM_DeepQuote(TPM_NONCE *externalData, TPM_PCR_SELECTION *myPCR,
- tpm_free(buf);
+ tpm_free(buf);
- res = VTPM_GetParentQuote(&hres, ptPCR, sigSize, sig);
+ res = VTPM_GetParentQuote((TPM_NONCE*)&hres, ptPCR, extraInfoFlags, quote_blob_size, quote_blob);
- return res;
+ return res;
}
diff --git a/tpm/tpm_marshalling.h b/tpm/tpm_marshalling.h
index d510ebe..2e0c008 100644
--
2.7.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH v2 6/9] xen: remove 4.9.1 recipe and patches no longer required
2018-07-31 19:35 [PATCH v2 0/9] Xen: upgrade to 4.11.0 christopher.w.clark
` (4 preceding siblings ...)
2018-07-31 19:35 ` [PATCH v2 5/9] xen-vtpm : fix patch fuzz, whitespace-only change christopher.w.clark
@ 2018-07-31 19:35 ` christopher.w.clark
2018-07-31 19:35 ` [PATCH v2 7/9] xen: remove 4.10.1 " christopher.w.clark
` (3 subsequent siblings)
9 siblings, 0 replies; 13+ messages in thread
From: christopher.w.clark @ 2018-07-31 19:35 UTC (permalink / raw)
To: meta-virtualization; +Cc: cardoe
From: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
---
...check-to-see-if-removing-a-p2m-entry-actu.patch | 176 ---------------------
...eturn-value-of-p2m_set_entry-when-decreas.patch | 109 -------------
recipes-extended/xen/files/xsa246-4.9.patch | 74 ---------
recipes-extended/xen/files/xsa248.patch | 164 -------------------
recipes-extended/xen/files/xsa249.patch | 42 -----
recipes-extended/xen/files/xsa250.patch | 67 --------
recipes-extended/xen/files/xsa251.patch | 21 ---
recipes-extended/xen/xen_4.9.1.bb | 18 ---
8 files changed, 671 deletions(-)
delete mode 100644 recipes-extended/xen/files/0001-p2m-Always-check-to-see-if-removing-a-p2m-entry-actu.patch
delete mode 100644 recipes-extended/xen/files/0002-p2m-Check-return-value-of-p2m_set_entry-when-decreas.patch
delete mode 100644 recipes-extended/xen/files/xsa246-4.9.patch
delete mode 100644 recipes-extended/xen/files/xsa248.patch
delete mode 100644 recipes-extended/xen/files/xsa249.patch
delete mode 100644 recipes-extended/xen/files/xsa250.patch
delete mode 100644 recipes-extended/xen/files/xsa251.patch
delete mode 100644 recipes-extended/xen/xen_4.9.1.bb
diff --git a/recipes-extended/xen/files/0001-p2m-Always-check-to-see-if-removing-a-p2m-entry-actu.patch b/recipes-extended/xen/files/0001-p2m-Always-check-to-see-if-removing-a-p2m-entry-actu.patch
deleted file mode 100644
index ad9524a..0000000
--- a/recipes-extended/xen/files/0001-p2m-Always-check-to-see-if-removing-a-p2m-entry-actu.patch
+++ /dev/null
@@ -1,176 +0,0 @@
-From ad208b8b7e45fb2b7c572b86c61c26412609e82d Mon Sep 17 00:00:00 2001
-From: George Dunlap <george.dunlap@citrix.com>
-Date: Fri, 10 Nov 2017 16:53:54 +0000
-Subject: [PATCH 1/2] p2m: Always check to see if removing a p2m entry actually
- worked
-
-The PoD zero-check functions speculatively remove memory from the p2m,
-then check to see if it's completely zeroed, before putting it in the
-cache.
-
-Unfortunately, the p2m_set_entry() calls may fail if the underlying
-pagetable structure needs to change and the domain has exhausted its
-p2m memory pool: for instance, if we're removing a 2MiB region out of
-a 1GiB entry (in the p2m_pod_zero_check_superpage() case), or a 4k
-region out of a 2MiB or larger entry (in the p2m_pod_zero_check()
-case); and the return value is not checked.
-
-The underlying mfn will then be added into the PoD cache, and at some
-point mapped into another location in the p2m. If the guest
-afterwards ballons out this memory, it will be freed to the hypervisor
-and potentially reused by another domain, in spite of the fact that
-the original domain still has writable mappings to it.
-
-There are several places where p2m_set_entry() shouldn't be able to
-fail, as it is guaranteed to write an entry of the same order that
-succeeded before. Add a backstop of crashing the domain just in case,
-and an ASSERT_UNREACHABLE() to flag up the broken assumption on debug
-builds.
-
-While we're here, use PAGE_ORDER_2M rather than a magic constant.
-
-This is part of XSA-247.
-
-Reported-by: George Dunlap <george.dunlap.com>
-Signed-off-by: George Dunlap <george.dunlap@citrix.com>
-Reviewed-by: Jan Beulich <jbeulich@suse.com>
----
-v4:
-- Removed some training whitespace
-v3:
-- Reformat reset clause to be more compact
-- Make sure to set map[i] = NULL when unmapping in case we need to bail
-v2:
-- Crash a domain if a p2m_set_entry we think cannot fail fails anyway.
----
- xen/arch/x86/mm/p2m-pod.c | 77 +++++++++++++++++++++++++++++++++++++----------
- 1 file changed, 61 insertions(+), 16 deletions(-)
-
-diff --git a/xen/arch/x86/mm/p2m-pod.c b/xen/arch/x86/mm/p2m-pod.c
-index 730a48f928..f2ed751892 100644
---- a/xen/arch/x86/mm/p2m-pod.c
-+++ b/xen/arch/x86/mm/p2m-pod.c
-@@ -752,8 +752,10 @@ p2m_pod_zero_check_superpage(struct p2m_domain *p2m, unsigned long gfn)
- }
-
- /* Try to remove the page, restoring old mapping if it fails. */
-- p2m_set_entry(p2m, gfn, INVALID_MFN, PAGE_ORDER_2M,
-- p2m_populate_on_demand, p2m->default_access);
-+ if ( p2m_set_entry(p2m, gfn, INVALID_MFN, PAGE_ORDER_2M,
-+ p2m_populate_on_demand, p2m->default_access) )
-+ goto out;
-+
- p2m_tlb_flush_sync(p2m);
-
- /* Make none of the MFNs are used elsewhere... for example, mapped
-@@ -810,9 +812,18 @@ p2m_pod_zero_check_superpage(struct p2m_domain *p2m, unsigned long gfn)
- ret = SUPERPAGE_PAGES;
-
- out_reset:
-- if ( reset )
-- p2m_set_entry(p2m, gfn, mfn0, 9, type0, p2m->default_access);
--
-+ /*
-+ * This p2m_set_entry() call shouldn't be able to fail, since the same order
-+ * on the same gfn succeeded above. If that turns out to be false, crashing
-+ * the domain should be the safest way of making sure we don't leak memory.
-+ */
-+ if ( reset && p2m_set_entry(p2m, gfn, mfn0, PAGE_ORDER_2M,
-+ type0, p2m->default_access) )
-+ {
-+ ASSERT_UNREACHABLE();
-+ domain_crash(d);
-+ }
-+
- out:
- gfn_unlock(p2m, gfn, SUPERPAGE_ORDER);
- return ret;
-@@ -869,19 +880,30 @@ p2m_pod_zero_check(struct p2m_domain *p2m, unsigned long *gfns, int count)
- }
-
- /* Try to remove the page, restoring old mapping if it fails. */
-- p2m_set_entry(p2m, gfns[i], INVALID_MFN, PAGE_ORDER_4K,
-- p2m_populate_on_demand, p2m->default_access);
-+ if ( p2m_set_entry(p2m, gfns[i], INVALID_MFN, PAGE_ORDER_4K,
-+ p2m_populate_on_demand, p2m->default_access) )
-+ goto skip;
-
- /* See if the page was successfully unmapped. (Allow one refcount
- * for being allocated to a domain.) */
- if ( (mfn_to_page(mfns[i])->count_info & PGC_count_mask) > 1 )
- {
-+ /*
-+ * If the previous p2m_set_entry call succeeded, this one shouldn't
-+ * be able to fail. If it does, crashing the domain should be safe.
-+ */
-+ if ( p2m_set_entry(p2m, gfns[i], mfns[i], PAGE_ORDER_4K,
-+ types[i], p2m->default_access) )
-+ {
-+ ASSERT_UNREACHABLE();
-+ domain_crash(d);
-+ goto out_unmap;
-+ }
-+
-+ skip:
- unmap_domain_page(map[i]);
- map[i] = NULL;
-
-- p2m_set_entry(p2m, gfns[i], mfns[i], PAGE_ORDER_4K,
-- types[i], p2m->default_access);
--
- continue;
- }
- }
-@@ -900,12 +922,25 @@ p2m_pod_zero_check(struct p2m_domain *p2m, unsigned long *gfns, int count)
-
- unmap_domain_page(map[i]);
-
-- /* See comment in p2m_pod_zero_check_superpage() re gnttab
-- * check timing. */
-- if ( j < PAGE_SIZE/sizeof(*map[i]) )
-+ map[i] = NULL;
-+
-+ /*
-+ * See comment in p2m_pod_zero_check_superpage() re gnttab
-+ * check timing.
-+ */
-+ if ( j < (PAGE_SIZE / sizeof(*map[i])) )
- {
-- p2m_set_entry(p2m, gfns[i], mfns[i], PAGE_ORDER_4K,
-- types[i], p2m->default_access);
-+ /*
-+ * If the previous p2m_set_entry call succeeded, this one shouldn't
-+ * be able to fail. If it does, crashing the domain should be safe.
-+ */
-+ if ( p2m_set_entry(p2m, gfns[i], mfns[i], PAGE_ORDER_4K,
-+ types[i], p2m->default_access) )
-+ {
-+ ASSERT_UNREACHABLE();
-+ domain_crash(d);
-+ goto out_unmap;
-+ }
- }
- else
- {
-@@ -929,7 +964,17 @@ p2m_pod_zero_check(struct p2m_domain *p2m, unsigned long *gfns, int count)
- p2m->pod.entry_count++;
- }
- }
--
-+
-+ return;
-+
-+out_unmap:
-+ /*
-+ * Something went wrong, probably crashing the domain. Unmap
-+ * everything and return.
-+ */
-+ for ( i = 0; i < count; i++ )
-+ if ( map[i] )
-+ unmap_domain_page(map[i]);
- }
-
- #define POD_SWEEP_LIMIT 1024
---
-2.15.0
-
diff --git a/recipes-extended/xen/files/0002-p2m-Check-return-value-of-p2m_set_entry-when-decreas.patch b/recipes-extended/xen/files/0002-p2m-Check-return-value-of-p2m_set_entry-when-decreas.patch
deleted file mode 100644
index 8c850bd..0000000
--- a/recipes-extended/xen/files/0002-p2m-Check-return-value-of-p2m_set_entry-when-decreas.patch
+++ /dev/null
@@ -1,109 +0,0 @@
-From d4bc7833707351a5341a6bdf04c752a028d9560d Mon Sep 17 00:00:00 2001
-From: George Dunlap <george.dunlap@citrix.com>
-Date: Fri, 10 Nov 2017 16:53:55 +0000
-Subject: [PATCH 2/2] p2m: Check return value of p2m_set_entry() when
- decreasing reservation
-
-If the entire range specified to p2m_pod_decrease_reservation() is marked
-populate-on-demand, then it will make a single p2m_set_entry() call,
-reducing its PoD entry count.
-
-Unfortunately, in the right circumstances, this p2m_set_entry() call
-may fail. It that case, repeated calls to decrease_reservation() may
-cause p2m->pod.entry_count to fall below zero, potentially tripping
-over BUG_ON()s to the contrary.
-
-Instead, check to see if the entry succeeded, and return false if not.
-The caller will then call guest_remove_page() on the gfns, which will
-return -EINVAL upon finding no valid memory there to return.
-
-Unfortunately if the order > 0, the entry may have partially changed.
-A domain_crash() is probably the safest thing in that case.
-
-Other p2m_set_entry() calls in the same function should be fine,
-because they are writing the entry at its current order. Nonetheless,
-check the return value and crash if our assumption turns otu to be
-wrong.
-
-This is part of XSA-247.
-
-Reported-by: George Dunlap <george.dunlap.com>
-Signed-off-by: George Dunlap <george.dunlap@citrix.com>
-Reviewed-by: Jan Beulich <jbeulich@suse.com>
----
-v2: Crash the domain if we're not sure it's safe (or if we think it
-can't happen)
----
- xen/arch/x86/mm/p2m-pod.c | 42 +++++++++++++++++++++++++++++++++---------
- 1 file changed, 33 insertions(+), 9 deletions(-)
-
-diff --git a/xen/arch/x86/mm/p2m-pod.c b/xen/arch/x86/mm/p2m-pod.c
-index f2ed751892..473d6a6dbf 100644
---- a/xen/arch/x86/mm/p2m-pod.c
-+++ b/xen/arch/x86/mm/p2m-pod.c
-@@ -555,11 +555,23 @@ p2m_pod_decrease_reservation(struct domain *d,
-
- if ( !nonpod )
- {
-- /* All PoD: Mark the whole region invalid and tell caller
-- * we're done. */
-- p2m_set_entry(p2m, gpfn, INVALID_MFN, order, p2m_invalid,
-- p2m->default_access);
-- p2m->pod.entry_count-=(1<<order);
-+ /*
-+ * All PoD: Mark the whole region invalid and tell caller
-+ * we're done.
-+ */
-+ if ( p2m_set_entry(p2m, gpfn, INVALID_MFN, order, p2m_invalid,
-+ p2m->default_access) )
-+ {
-+ /*
-+ * If this fails, we can't tell how much of the range was changed.
-+ * Best to crash the domain unless we're sure a partial change is
-+ * impossible.
-+ */
-+ if ( order != 0 )
-+ domain_crash(d);
-+ goto out_unlock;
-+ }
-+ p2m->pod.entry_count -= 1UL << order;
- BUG_ON(p2m->pod.entry_count < 0);
- ret = 1;
- goto out_entry_check;
-@@ -600,8 +612,14 @@ p2m_pod_decrease_reservation(struct domain *d,
- n = 1UL << cur_order;
- if ( t == p2m_populate_on_demand )
- {
-- p2m_set_entry(p2m, gpfn + i, INVALID_MFN, cur_order,
-- p2m_invalid, p2m->default_access);
-+ /* This shouldn't be able to fail */
-+ if ( p2m_set_entry(p2m, gpfn + i, INVALID_MFN, cur_order,
-+ p2m_invalid, p2m->default_access) )
-+ {
-+ ASSERT_UNREACHABLE();
-+ domain_crash(d);
-+ goto out_unlock;
-+ }
- p2m->pod.entry_count -= n;
- BUG_ON(p2m->pod.entry_count < 0);
- pod -= n;
-@@ -622,8 +640,14 @@ p2m_pod_decrease_reservation(struct domain *d,
-
- page = mfn_to_page(mfn);
-
-- p2m_set_entry(p2m, gpfn + i, INVALID_MFN, cur_order,
-- p2m_invalid, p2m->default_access);
-+ /* This shouldn't be able to fail */
-+ if ( p2m_set_entry(p2m, gpfn + i, INVALID_MFN, cur_order,
-+ p2m_invalid, p2m->default_access) )
-+ {
-+ ASSERT_UNREACHABLE();
-+ domain_crash(d);
-+ goto out_unlock;
-+ }
- p2m_tlb_flush_sync(p2m);
- for ( j = 0; j < n; ++j )
- set_gpfn_from_mfn(mfn_x(mfn), INVALID_M2P_ENTRY);
---
-2.15.0
-
diff --git a/recipes-extended/xen/files/xsa246-4.9.patch b/recipes-extended/xen/files/xsa246-4.9.patch
deleted file mode 100644
index 6370a10..0000000
--- a/recipes-extended/xen/files/xsa246-4.9.patch
+++ /dev/null
@@ -1,74 +0,0 @@
-From: Julien Grall <julien.grall@linaro.org>
-Subject: x86/pod: prevent infinite loop when shattering large pages
-
-When populating pages, the PoD may need to split large ones using
-p2m_set_entry and request the caller to retry (see ept_get_entry for
-instance).
-
-p2m_set_entry may fail to shatter if it is not possible to allocate
-memory for the new page table. However, the error is not propagated
-resulting to the callers to retry infinitely the PoD.
-
-Prevent the infinite loop by return false when it is not possible to
-shatter the large mapping.
-
-This is XSA-246.
-
-Signed-off-by: Julien Grall <julien.grall@linaro.org>
-Signed-off-by: Jan Beulich <jbeulich@suse.com>
-Reviewed-by: George Dunlap <george.dunlap@citrix.com>
-
---- a/xen/arch/x86/mm/p2m-pod.c
-+++ b/xen/arch/x86/mm/p2m-pod.c
-@@ -1071,9 +1071,8 @@ p2m_pod_demand_populate(struct p2m_domai
- * NOTE: In a fine-grained p2m locking scenario this operation
- * may need to promote its locking from gfn->1g superpage
- */
-- p2m_set_entry(p2m, gfn_aligned, INVALID_MFN, PAGE_ORDER_2M,
-- p2m_populate_on_demand, p2m->default_access);
-- return 0;
-+ return p2m_set_entry(p2m, gfn_aligned, INVALID_MFN, PAGE_ORDER_2M,
-+ p2m_populate_on_demand, p2m->default_access);
- }
-
- /* Only reclaim if we're in actual need of more cache. */
-@@ -1104,8 +1103,12 @@ p2m_pod_demand_populate(struct p2m_domai
-
- gfn_aligned = (gfn >> order) << order;
-
-- p2m_set_entry(p2m, gfn_aligned, mfn, order, p2m_ram_rw,
-- p2m->default_access);
-+ if ( p2m_set_entry(p2m, gfn_aligned, mfn, order, p2m_ram_rw,
-+ p2m->default_access) )
-+ {
-+ p2m_pod_cache_add(p2m, p, order);
-+ goto out_fail;
-+ }
-
- for( i = 0; i < (1UL << order); i++ )
- {
-@@ -1150,13 +1153,18 @@ remap_and_retry:
- BUG_ON(order != PAGE_ORDER_2M);
- pod_unlock(p2m);
-
-- /* Remap this 2-meg region in singleton chunks */
-- /* NOTE: In a p2m fine-grained lock scenario this might
-- * need promoting the gfn lock from gfn->2M superpage */
-+ /*
-+ * Remap this 2-meg region in singleton chunks. See the comment on the
-+ * 1G page splitting path above for why a single call suffices.
-+ *
-+ * NOTE: In a p2m fine-grained lock scenario this might
-+ * need promoting the gfn lock from gfn->2M superpage.
-+ */
- gfn_aligned = (gfn>>order)<<order;
-- for(i=0; i<(1<<order); i++)
-- p2m_set_entry(p2m, gfn_aligned + i, INVALID_MFN, PAGE_ORDER_4K,
-- p2m_populate_on_demand, p2m->default_access);
-+ if ( p2m_set_entry(p2m, gfn_aligned, INVALID_MFN, PAGE_ORDER_4K,
-+ p2m_populate_on_demand, p2m->default_access) )
-+ return -1;
-+
- if ( tb_init_done )
- {
- struct {
diff --git a/recipes-extended/xen/files/xsa248.patch b/recipes-extended/xen/files/xsa248.patch
deleted file mode 100644
index 966c16e..0000000
--- a/recipes-extended/xen/files/xsa248.patch
+++ /dev/null
@@ -1,164 +0,0 @@
-From: Jan Beulich <jbeulich@suse.com>
-Subject: x86/mm: don't wrongly set page ownership
-
-PV domains can obtain mappings of any pages owned by the correct domain,
-including ones that aren't actually assigned as "normal" RAM, but used
-by Xen internally. At the moment such "internal" pages marked as owned
-by a guest include pages used to track logdirty bits, as well as p2m
-pages and the "unpaged pagetable" for HVM guests. Since the PV memory
-management and shadow code conflict in their use of struct page_info
-fields, and since shadow code is being used for log-dirty handling for
-PV domains, pages coming from the shadow pool must, for PV domains, not
-have the domain set as their owner.
-
-While the change could be done conditionally for just the PV case in
-shadow code, do it unconditionally (and for consistency also for HAP),
-just to be on the safe side.
-
-There's one special case though for shadow code: The page table used for
-running a HVM guest in unpaged mode is subject to get_page() (in
-set_shadow_status()) and hence must have its owner set.
-
-This is XSA-248.
-
-Signed-off-by: Jan Beulich <jbeulich@suse.com>
-Reviewed-by: Tim Deegan <tim@xen.org>
-Reviewed-by: George Dunlap <george.dunlap@citrix.com>
----
-v2: Drop PGC_page_table related pieces.
-
---- a/xen/arch/x86/mm/hap/hap.c
-+++ b/xen/arch/x86/mm/hap/hap.c
-@@ -286,8 +286,7 @@ static struct page_info *hap_alloc_p2m_p
- {
- d->arch.paging.hap.total_pages--;
- d->arch.paging.hap.p2m_pages++;
-- page_set_owner(pg, d);
-- pg->count_info |= 1;
-+ ASSERT(!page_get_owner(pg) && !(pg->count_info & PGC_count_mask));
- }
- else if ( !d->arch.paging.p2m_alloc_failed )
- {
-@@ -302,21 +301,23 @@ static struct page_info *hap_alloc_p2m_p
-
- static void hap_free_p2m_page(struct domain *d, struct page_info *pg)
- {
-+ struct domain *owner = page_get_owner(pg);
-+
- /* This is called both from the p2m code (which never holds the
- * paging lock) and the log-dirty code (which always does). */
- paging_lock_recursive(d);
-
-- ASSERT(page_get_owner(pg) == d);
-- /* Should have just the one ref we gave it in alloc_p2m_page() */
-- if ( (pg->count_info & PGC_count_mask) != 1 ) {
-- HAP_ERROR("Odd p2m page %p count c=%#lx t=%"PRtype_info"\n",
-- pg, pg->count_info, pg->u.inuse.type_info);
-+ /* Should still have no owner and count zero. */
-+ if ( owner || (pg->count_info & PGC_count_mask) )
-+ {
-+ HAP_ERROR("d%d: Odd p2m page %"PRI_mfn" d=%d c=%lx t=%"PRtype_info"\n",
-+ d->domain_id, mfn_x(page_to_mfn(pg)),
-+ owner ? owner->domain_id : DOMID_INVALID,
-+ pg->count_info, pg->u.inuse.type_info);
- WARN();
-+ pg->count_info &= ~PGC_count_mask;
-+ page_set_owner(pg, NULL);
- }
-- pg->count_info &= ~PGC_count_mask;
-- /* Free should not decrement domain's total allocation, since
-- * these pages were allocated without an owner. */
-- page_set_owner(pg, NULL);
- d->arch.paging.hap.p2m_pages--;
- d->arch.paging.hap.total_pages++;
- hap_free(d, page_to_mfn(pg));
---- a/xen/arch/x86/mm/shadow/common.c
-+++ b/xen/arch/x86/mm/shadow/common.c
-@@ -1503,32 +1503,29 @@ shadow_alloc_p2m_page(struct domain *d)
- pg = mfn_to_page(shadow_alloc(d, SH_type_p2m_table, 0));
- d->arch.paging.shadow.p2m_pages++;
- d->arch.paging.shadow.total_pages--;
-+ ASSERT(!page_get_owner(pg) && !(pg->count_info & PGC_count_mask));
-
- paging_unlock(d);
-
-- /* Unlike shadow pages, mark p2m pages as owned by the domain.
-- * Marking the domain as the owner would normally allow the guest to
-- * create mappings of these pages, but these p2m pages will never be
-- * in the domain's guest-physical address space, and so that is not
-- * believed to be a concern. */
-- page_set_owner(pg, d);
-- pg->count_info |= 1;
- return pg;
- }
-
- static void
- shadow_free_p2m_page(struct domain *d, struct page_info *pg)
- {
-- ASSERT(page_get_owner(pg) == d);
-- /* Should have just the one ref we gave it in alloc_p2m_page() */
-- if ( (pg->count_info & PGC_count_mask) != 1 )
-+ struct domain *owner = page_get_owner(pg);
-+
-+ /* Should still have no owner and count zero. */
-+ if ( owner || (pg->count_info & PGC_count_mask) )
- {
-- SHADOW_ERROR("Odd p2m page count c=%#lx t=%"PRtype_info"\n",
-+ SHADOW_ERROR("d%d: Odd p2m page %"PRI_mfn" d=%d c=%lx t=%"PRtype_info"\n",
-+ d->domain_id, mfn_x(page_to_mfn(pg)),
-+ owner ? owner->domain_id : DOMID_INVALID,
- pg->count_info, pg->u.inuse.type_info);
-+ pg->count_info &= ~PGC_count_mask;
-+ page_set_owner(pg, NULL);
- }
-- pg->count_info &= ~PGC_count_mask;
- pg->u.sh.type = SH_type_p2m_table; /* p2m code reuses type-info */
-- page_set_owner(pg, NULL);
-
- /* This is called both from the p2m code (which never holds the
- * paging lock) and the log-dirty code (which always does). */
-@@ -3132,7 +3129,9 @@ int shadow_enable(struct domain *d, u32
- e = __map_domain_page(pg);
- write_32bit_pse_identmap(e);
- unmap_domain_page(e);
-+ pg->count_info = 1;
- pg->u.inuse.type_info = PGT_l2_page_table | 1 | PGT_validated;
-+ page_set_owner(pg, d);
- }
-
- paging_lock(d);
-@@ -3170,7 +3169,11 @@ int shadow_enable(struct domain *d, u32
- if ( rv != 0 && !pagetable_is_null(p2m_get_pagetable(p2m)) )
- p2m_teardown(p2m);
- if ( rv != 0 && pg != NULL )
-+ {
-+ pg->count_info &= ~PGC_count_mask;
-+ page_set_owner(pg, NULL);
- shadow_free_p2m_page(d, pg);
-+ }
- domain_unpause(d);
- return rv;
- }
-@@ -3279,7 +3282,22 @@ out:
-
- /* Must be called outside the lock */
- if ( unpaged_pagetable )
-+ {
-+ if ( page_get_owner(unpaged_pagetable) == d &&
-+ (unpaged_pagetable->count_info & PGC_count_mask) == 1 )
-+ {
-+ unpaged_pagetable->count_info &= ~PGC_count_mask;
-+ page_set_owner(unpaged_pagetable, NULL);
-+ }
-+ /* Complain here in cases where shadow_free_p2m_page() won't. */
-+ else if ( !page_get_owner(unpaged_pagetable) &&
-+ !(unpaged_pagetable->count_info & PGC_count_mask) )
-+ SHADOW_ERROR("d%d: Odd unpaged pt %"PRI_mfn" c=%lx t=%"PRtype_info"\n",
-+ d->domain_id, mfn_x(page_to_mfn(unpaged_pagetable)),
-+ unpaged_pagetable->count_info,
-+ unpaged_pagetable->u.inuse.type_info);
- shadow_free_p2m_page(d, unpaged_pagetable);
-+ }
- }
-
- void shadow_final_teardown(struct domain *d)
diff --git a/recipes-extended/xen/files/xsa249.patch b/recipes-extended/xen/files/xsa249.patch
deleted file mode 100644
index ecfa430..0000000
--- a/recipes-extended/xen/files/xsa249.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-From: Jan Beulich <jbeulich@suse.com>
-Subject: x86/shadow: fix refcount overflow check
-
-Commit c385d27079 ("x86 shadow: for multi-page shadows, explicitly track
-the first page") reduced the refcount width to 25, without adjusting the
-overflow check. Eliminate the disconnect by using a manifest constant.
-
-Interestingly, up to commit 047782fa01 ("Out-of-sync L1 shadows: OOS
-snapshot") the refcount was 27 bits wide, yet the check was already
-using 26.
-
-This is XSA-249.
-
-Signed-off-by: Jan Beulich <jbeulich@suse.com>
-Reviewed-by: George Dunlap <george.dunlap@citrix.com>
-Reviewed-by: Tim Deegan <tim@xen.org>
----
-v2: Simplify expression back to the style it was.
-
---- a/xen/arch/x86/mm/shadow/private.h
-+++ b/xen/arch/x86/mm/shadow/private.h
-@@ -529,7 +529,7 @@ static inline int sh_get_ref(struct doma
- x = sp->u.sh.count;
- nx = x + 1;
-
-- if ( unlikely(nx >= 1U<<26) )
-+ if ( unlikely(nx >= (1U << PAGE_SH_REFCOUNT_WIDTH)) )
- {
- SHADOW_PRINTK("shadow ref overflow, gmfn=%lx smfn=%lx\n",
- __backpointer(sp), mfn_x(smfn));
---- a/xen/include/asm-x86/mm.h
-+++ b/xen/include/asm-x86/mm.h
-@@ -82,7 +82,8 @@ struct page_info
- unsigned long type:5; /* What kind of shadow is this? */
- unsigned long pinned:1; /* Is the shadow pinned? */
- unsigned long head:1; /* Is this the first page of the shadow? */
-- unsigned long count:25; /* Reference count */
-+#define PAGE_SH_REFCOUNT_WIDTH 25
-+ unsigned long count:PAGE_SH_REFCOUNT_WIDTH; /* Reference count */
- } sh;
-
- /* Page is on a free list: ((count_info & PGC_count_mask) == 0). */
diff --git a/recipes-extended/xen/files/xsa250.patch b/recipes-extended/xen/files/xsa250.patch
deleted file mode 100644
index 26aeb33..0000000
--- a/recipes-extended/xen/files/xsa250.patch
+++ /dev/null
@@ -1,67 +0,0 @@
-From: Jan Beulich <jbeulich@suse.com>
-Subject: x86/shadow: fix ref-counting error handling
-
-The old-Linux handling in shadow_set_l4e() mistakenly ORed together the
-results of sh_get_ref() and sh_pin(). As the latter failing is not a
-correctness problem, simply ignore its return value.
-
-In sh_set_toplevel_shadow() a failing sh_get_ref() must not be
-accompanied by installing the entry, despite the domain being crashed.
-
-This is XSA-250.
-
-Signed-off-by: Jan Beulich <jbeulich@suse.com>
-Reviewed-by: Tim Deegan <tim@xen.org>
-
---- a/xen/arch/x86/mm/shadow/multi.c
-+++ b/xen/arch/x86/mm/shadow/multi.c
-@@ -923,7 +923,7 @@ static int shadow_set_l4e(struct domain
- shadow_l4e_t new_sl4e,
- mfn_t sl4mfn)
- {
-- int flags = 0, ok;
-+ int flags = 0;
- shadow_l4e_t old_sl4e;
- paddr_t paddr;
- ASSERT(sl4e != NULL);
-@@ -938,15 +938,16 @@ static int shadow_set_l4e(struct domain
- {
- /* About to install a new reference */
- mfn_t sl3mfn = shadow_l4e_get_mfn(new_sl4e);
-- ok = sh_get_ref(d, sl3mfn, paddr);
-- /* Are we pinning l3 shadows to handle wierd linux behaviour? */
-- if ( sh_type_is_pinnable(d, SH_type_l3_64_shadow) )
-- ok |= sh_pin(d, sl3mfn);
-- if ( !ok )
-+
-+ if ( !sh_get_ref(d, sl3mfn, paddr) )
- {
- domain_crash(d);
- return SHADOW_SET_ERROR;
- }
-+
-+ /* Are we pinning l3 shadows to handle weird Linux behaviour? */
-+ if ( sh_type_is_pinnable(d, SH_type_l3_64_shadow) )
-+ sh_pin(d, sl3mfn);
- }
-
- /* Write the new entry */
-@@ -3965,14 +3966,15 @@ sh_set_toplevel_shadow(struct vcpu *v,
-
- /* Take a ref to this page: it will be released in sh_detach_old_tables()
- * or the next call to set_toplevel_shadow() */
-- if ( !sh_get_ref(d, smfn, 0) )
-+ if ( sh_get_ref(d, smfn, 0) )
-+ new_entry = pagetable_from_mfn(smfn);
-+ else
- {
- SHADOW_ERROR("can't install %#lx as toplevel shadow\n", mfn_x(smfn));
- domain_crash(d);
-+ new_entry = pagetable_null();
- }
-
-- new_entry = pagetable_from_mfn(smfn);
--
- install_new_entry:
- /* Done. Install it */
- SHADOW_PRINTK("%u/%u [%u] gmfn %#"PRI_mfn" smfn %#"PRI_mfn"\n",
diff --git a/recipes-extended/xen/files/xsa251.patch b/recipes-extended/xen/files/xsa251.patch
deleted file mode 100644
index 582ef62..0000000
--- a/recipes-extended/xen/files/xsa251.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-From: Jan Beulich <jbeulich@suse.com>
-Subject: x86/paging: don't unconditionally BUG() on finding SHARED_M2P_ENTRY
-
-PV guests can fully control the values written into the P2M.
-
-This is XSA-251.
-
-Signed-off-by: Jan Beulich <jbeulich@suse.com>
-Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
-
---- a/xen/arch/x86/mm/paging.c
-+++ b/xen/arch/x86/mm/paging.c
-@@ -274,7 +274,7 @@ void paging_mark_pfn_dirty(struct domain
- return;
-
- /* Shared MFNs should NEVER be marked dirty */
-- BUG_ON(SHARED_M2P(pfn_x(pfn)));
-+ BUG_ON(paging_mode_translate(d) && SHARED_M2P(pfn_x(pfn)));
-
- /*
- * Values with the MSB set denote MFNs that aren't really part of the
diff --git a/recipes-extended/xen/xen_4.9.1.bb b/recipes-extended/xen/xen_4.9.1.bb
deleted file mode 100644
index 5c18bb0..0000000
--- a/recipes-extended/xen/xen_4.9.1.bb
+++ /dev/null
@@ -1,18 +0,0 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
-require xen.inc
-
-SRC_URI = " \
- https://downloads.xenproject.org/release/xen/${PV}/xen-${PV}.tar.gz \
- file://xsa246-4.9.patch \
- file://0001-p2m-Always-check-to-see-if-removing-a-p2m-entry-actu.patch \
- file://0002-p2m-Check-return-value-of-p2m_set_entry-when-decreas.patch \
- file://xsa248.patch \
- file://xsa249.patch \
- file://xsa250.patch \
- file://xsa251.patch \
- "
-
-SRC_URI[md5sum] = "8b9d6104694b164d54334194135f7217"
-SRC_URI[sha256sum] = "ecf88b01f44cd8f4ef208af3f999dceb69bdd2a316d88dd9a9535ea7b49ed356"
-
-S = "${WORKDIR}/xen-${PV}"
--
2.7.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH v2 7/9] xen: remove 4.10.1 recipe and patches no longer required
2018-07-31 19:35 [PATCH v2 0/9] Xen: upgrade to 4.11.0 christopher.w.clark
` (5 preceding siblings ...)
2018-07-31 19:35 ` [PATCH v2 6/9] xen: remove 4.9.1 recipe and patches no longer required christopher.w.clark
@ 2018-07-31 19:35 ` christopher.w.clark
2018-07-31 19:35 ` [PATCH v2 8/9] xen: package depriv-fd-checker christopher.w.clark
` (2 subsequent siblings)
9 siblings, 0 replies; 13+ messages in thread
From: christopher.w.clark @ 2018-07-31 19:35 UTC (permalink / raw)
To: meta-virtualization; +Cc: cardoe
From: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Christopher Clark <christopher.clark6@baesystem.com>
---
.../shim-don-t-let-build-modify-shim.config.patch | 47 --------------
...ls-gdbsx-fix-Wstringop-truncation-warning.patch | 41 ------------
...tools-kdd-mute-spurious-gcc-warning-part1.patch | 47 --------------
...tools-kdd-mute-spurious-gcc-warning-part2.patch | 52 ---------------
.../xen/files/tools-libxc-fix-strncpy-size.patch | 44 -------------
...ols-misc-fix-hypothetical-buffer-overflow.patch | 46 --------------
.../tools-xenpmd-fix-possible-0-truncation.patch | 74 ----------------------
recipes-extended/xen/xen_4.10.1.bb | 19 ------
8 files changed, 370 deletions(-)
delete mode 100644 recipes-extended/xen/files/shim-don-t-let-build-modify-shim.config.patch
delete mode 100644 recipes-extended/xen/files/tools-gdbsx-fix-Wstringop-truncation-warning.patch
delete mode 100644 recipes-extended/xen/files/tools-kdd-mute-spurious-gcc-warning-part1.patch
delete mode 100644 recipes-extended/xen/files/tools-kdd-mute-spurious-gcc-warning-part2.patch
delete mode 100644 recipes-extended/xen/files/tools-libxc-fix-strncpy-size.patch
delete mode 100644 recipes-extended/xen/files/tools-misc-fix-hypothetical-buffer-overflow.patch
delete mode 100644 recipes-extended/xen/files/tools-xenpmd-fix-possible-0-truncation.patch
delete mode 100644 recipes-extended/xen/xen_4.10.1.bb
diff --git a/recipes-extended/xen/files/shim-don-t-let-build-modify-shim.config.patch b/recipes-extended/xen/files/shim-don-t-let-build-modify-shim.config.patch
deleted file mode 100644
index 7403528..0000000
--- a/recipes-extended/xen/files/shim-don-t-let-build-modify-shim.config.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From 8717e7417cebeae162fd61ea4cbdcdd422748f08 Mon Sep 17 00:00:00 2001
-From: Juergen Gross <jgross@suse.com>
-Date: Fri, 20 Apr 2018 17:47:55 +0200
-Subject: [PATCH] shim: don't let build modify shim.config
-
-Currently building the shim will modify shim.config in case some config
-option was added or modified in the hypervisor.
-
-Avoid that by copying shim.config to an intermediate file instead.
-
-Signed-off-by: Juergen Gross <jgross@suse.com>
-Reviewed-by: Jan Beulich <jbeulich@suse.com>
-Acked-by: Wei Liu <wei.liu2@citrix.com>
----
- tools/firmware/xen-dir/Makefile | 16 ++++++----------
- 1 file changed, 6 insertions(+), 10 deletions(-)
-
-diff --git a/tools/firmware/xen-dir/Makefile b/tools/firmware/xen-dir/Makefile
-index a7e69ae..84648c3 100644
---- a/tools/firmware/xen-dir/Makefile
-+++ b/tools/firmware/xen-dir/Makefile
-@@ -41,16 +41,12 @@ linkfarm.stamp: $(DEP_DIRS) $(DEP_FILES) FORCE
- $(D): linkfarm.stamp
- $(MAKE) -C $(D)/xen distclean
-
--.PHONY: shim-%config
--shim-%config: $(D) FORCE
-- $(MAKE) -C $(D)/xen $*config \
-- XEN_CONFIG_EXPERT=y \
-- KCONFIG_CONFIG=$(CURDIR)/shim.config
--
--xen-shim: $(D) shim-olddefconfig
-- $(MAKE) -C $(D)/xen build \
-- XEN_CONFIG_EXPERT=y \
-- KCONFIG_CONFIG=$(CURDIR)/shim.config
-+$(D)/xen/.config: shim.config $(D)
-+ cp $< $@
-+ $(MAKE) -C $(@D) olddefconfig XEN_CONFIG_EXPERT=y
-+
-+xen-shim: $(D)/xen/.config
-+ $(MAKE) -C $(<D) build XEN_CONFIG_EXPERT=y
- ln -sf $(D)/xen/xen $@
- ln -sf $(D)/xen/xen-syms $@-syms
-
---
-2.7.4
-
diff --git a/recipes-extended/xen/files/tools-gdbsx-fix-Wstringop-truncation-warning.patch b/recipes-extended/xen/files/tools-gdbsx-fix-Wstringop-truncation-warning.patch
deleted file mode 100644
index 2896d9f..0000000
--- a/recipes-extended/xen/files/tools-gdbsx-fix-Wstringop-truncation-warning.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-From 7f601f7c341c80d554615556d60e3b8ed1e5ad4f Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
- <marmarek@invisiblethingslab.com>
-Date: Thu, 5 Apr 2018 03:50:54 +0200
-Subject: [PATCH] tools/gdbsx: fix -Wstringop-truncation warning
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-gcc-8 complains:
-
- gx_main.c: In function 'prepare_stop_reply':
- gx_main.c:385:9: error: 'strncpy' output truncated before terminating nul copying 6 bytes from a string of the same length [-Werror=stringop-truncation]
- strncpy(buf, "watch:", 6);
- ^~~~~~~~~~~~~~~~~~~~~~~~~
-
-Since terminating '\0' isn't needed here at all, switch to memcpy.
-
-Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
-Acked-by: Wei Liu <wei.liu2@citrix.com>
-Release-Acked-by: Juergen Gross <jgross@suse.com>
----
- tools/debugger/gdbsx/gx/gx_main.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/tools/debugger/gdbsx/gx/gx_main.c b/tools/debugger/gdbsx/gx/gx_main.c
-index a908c45..6dfa501 100644
---- a/tools/debugger/gdbsx/gx/gx_main.c
-+++ b/tools/debugger/gdbsx/gx/gx_main.c
-@@ -382,7 +382,7 @@ prepare_stop_reply(enum target_signal sig, char *buf, vcpuid_t vcpu)
-
- /* TBD: check if we stopped because of watchpoint */
- if (watchpoint_stop()) {
-- strncpy(buf, "watch:", 6);
-+ memcpy(buf, "watch:", 6);
- buf += 6;
- /* TBD: **/
- }
---
-2.7.4
-
diff --git a/recipes-extended/xen/files/tools-kdd-mute-spurious-gcc-warning-part1.patch b/recipes-extended/xen/files/tools-kdd-mute-spurious-gcc-warning-part1.patch
deleted file mode 100644
index f94d22c..0000000
--- a/recipes-extended/xen/files/tools-kdd-mute-spurious-gcc-warning-part1.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From 437e00fea04becc91c1b6bc1c0baa636b067a5cc Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
- <marmarek@invisiblethingslab.com>
-Date: Thu, 5 Apr 2018 03:50:55 +0200
-Subject: [PATCH] tools/kdd: mute spurious gcc warning
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-gcc-8 complains:
-
- kdd.c:698:13: error: 'memcpy' offset [-204, -717] is out of the bounds [0, 216] of object 'ctrl' with type 'kdd_ctrl' {aka 'union <anonymous>'} [-Werror=array-bounds]
- memcpy(buf, ((uint8_t *)&ctrl.c32) + offset, len);
- ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- kdd.c: In function 'kdd_select_callback':
- kdd.c:642:14: note: 'ctrl' declared here
- kdd_ctrl ctrl;
- ^~~~
-
-But this is impossible - 'offset' is unsigned and correctly validated
-few lines before.
-
-Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
-Acked-by: Wei Liu <wei.liu2@citrix.com>
-Release-Acked-by: Juergen Gross <jgross@suse.com>
----
- tools/debugger/kdd/kdd.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/tools/debugger/kdd/kdd.c b/tools/debugger/kdd/kdd.c
-index 1bd5dd5..61d769e 100644
---- a/tools/debugger/kdd/kdd.c
-+++ b/tools/debugger/kdd/kdd.c
-@@ -695,7 +695,10 @@ static void kdd_handle_read_ctrl(kdd_state *s)
- KDD_LOG(s, "Request outside of known control space\n");
- len = 0;
- } else {
-+#pragma GCC diagnostic push
-+#pragma GCC diagnostic ignored "-Warray-bounds"
- memcpy(buf, ((uint8_t *)&ctrl.c32) + offset, len);
-+#pragma GCC diagnostic pop
- }
- }
-
---
-2.7.4
-
diff --git a/recipes-extended/xen/files/tools-kdd-mute-spurious-gcc-warning-part2.patch b/recipes-extended/xen/files/tools-kdd-mute-spurious-gcc-warning-part2.patch
deleted file mode 100644
index afd1423..0000000
--- a/recipes-extended/xen/files/tools-kdd-mute-spurious-gcc-warning-part2.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-From 2de2b10b2252761baa5dd0077df384dbfcca8212 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
- <marmarek@invisiblethingslab.com>
-Date: Tue, 22 May 2018 21:47:45 +0200
-Subject: [PATCH] tools/kdd: alternative way of muting spurious gcc warning
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Older gcc does not support #pragma GCC diagnostics, so use alternative
-approach - change variable type to uint32_t (this code handle 32-bit
-requests only anyway), which apparently also avoid gcc complaining about
-this (otherwise correct) code.
-
-Fixes 437e00fea04becc91c1b6bc1c0baa636b067a5cc "tools/kdd: mute spurious
-gcc warning"
-
-Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
-Acked-by: Wei Liu <wei.liu2@citrix.com>
-Release-acked-by: Juergen Gross <jgross@suse.com>
-Acked-by: Tim Deegan <tim@xen.org>
----
- tools/debugger/kdd/kdd.c | 5 +----
- 1 file changed, 1 insertion(+), 4 deletions(-)
-
-diff --git a/tools/debugger/kdd/kdd.c b/tools/debugger/kdd/kdd.c
-index 61d769e..5a019a0 100644
---- a/tools/debugger/kdd/kdd.c
-+++ b/tools/debugger/kdd/kdd.c
-@@ -687,7 +687,7 @@ static void kdd_handle_read_ctrl(kdd_state *s)
- }
- } else {
- /* 32-bit control-register space starts at 0x[2]cc, for 84 bytes */
-- uint64_t offset = addr;
-+ uint32_t offset = addr;
- if (offset > 0x200)
- offset -= 0x200;
- offset -= 0xcc;
-@@ -695,10 +695,7 @@ static void kdd_handle_read_ctrl(kdd_state *s)
- KDD_LOG(s, "Request outside of known control space\n");
- len = 0;
- } else {
--#pragma GCC diagnostic push
--#pragma GCC diagnostic ignored "-Warray-bounds"
- memcpy(buf, ((uint8_t *)&ctrl.c32) + offset, len);
--#pragma GCC diagnostic pop
- }
- }
-
---
-2.7.4
-
diff --git a/recipes-extended/xen/files/tools-libxc-fix-strncpy-size.patch b/recipes-extended/xen/files/tools-libxc-fix-strncpy-size.patch
deleted file mode 100644
index 2d606cd..0000000
--- a/recipes-extended/xen/files/tools-libxc-fix-strncpy-size.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-From fa7789ef18bd2e716997937af71b2e4b5b00a159 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
- <marmarek@invisiblethingslab.com>
-Date: Thu, 5 Apr 2018 03:50:49 +0200
-Subject: [PATCH] tools/libxc: fix strncpy size
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-gcc-8 warns about possible truncation of trailing '\0'.
-Final character is overridden by '\0' anyway, so don't bother to copy
-it.
-
-This fixes compile failure:
-
- xc_pm.c: In function 'xc_set_cpufreq_gov':
- xc_pm.c:308:5: error: 'strncpy' specified bound 16 equals destination size [-Werror=stringop-truncation]
- strncpy(scaling_governor, govname, CPUFREQ_NAME_LEN);
- ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- cc1: all warnings being treated as errors
-
-Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
-Acked-by: Wei Liu <wei.liu2@citrix.com>
-Release-Acked-by: Juergen Gross <jgross@suse.com>
----
- tools/libxc/xc_pm.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/tools/libxc/xc_pm.c b/tools/libxc/xc_pm.c
-index 67e2418..6f8d548 100644
---- a/tools/libxc/xc_pm.c
-+++ b/tools/libxc/xc_pm.c
-@@ -305,7 +305,7 @@ int xc_set_cpufreq_gov(xc_interface *xch, int cpuid, char *govname)
- sysctl.cmd = XEN_SYSCTL_pm_op;
- sysctl.u.pm_op.cmd = SET_CPUFREQ_GOV;
- sysctl.u.pm_op.cpuid = cpuid;
-- strncpy(scaling_governor, govname, CPUFREQ_NAME_LEN);
-+ strncpy(scaling_governor, govname, CPUFREQ_NAME_LEN - 1);
- scaling_governor[CPUFREQ_NAME_LEN - 1] = '\0';
-
- return xc_sysctl(xch, &sysctl);
---
-2.7.4
-
diff --git a/recipes-extended/xen/files/tools-misc-fix-hypothetical-buffer-overflow.patch b/recipes-extended/xen/files/tools-misc-fix-hypothetical-buffer-overflow.patch
deleted file mode 100644
index a499861..0000000
--- a/recipes-extended/xen/files/tools-misc-fix-hypothetical-buffer-overflow.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From 27751d89248c8c5eef6d8b56eb8f7d2084145080 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
- <marmarek@invisiblethingslab.com>
-Date: Thu, 5 Apr 2018 03:50:50 +0200
-Subject: [PATCH] tools/misc: fix hypothetical buffer overflow in xen-lowmemd
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-gcc-8 complains:
-
- xen-lowmemd.c: In function 'handle_low_mem':
- xen-lowmemd.c:80:55: error: '%s' directive output may be truncated writing up to 511 bytes into a region of size 489 [-Werror=format-truncation=]
- snprintf(error, BUFSZ,"Failed to write target %s to xenstore", data);
- ^~ ~~~~
- xen-lowmemd.c:80:9: note: 'snprintf' output between 36 and 547 bytes into a destination of size 512
- snprintf(error, BUFSZ,"Failed to write target %s to xenstore", data);
- ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-In practice it wouldn't happen, because 'data' contains string
-representation of 64-bit unsigned number (20 characters at most).
-But place a limit to mute gcc warning.
-
-Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
-Acked-by: Wei Liu <wei.liu2@citrix.com>
-Release-Acked-by: Juergen Gross <jgross@suse.com>
----
- tools/misc/xen-lowmemd.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/tools/misc/xen-lowmemd.c b/tools/misc/xen-lowmemd.c
-index 865a54c..79ad34c 100644
---- a/tools/misc/xen-lowmemd.c
-+++ b/tools/misc/xen-lowmemd.c
-@@ -77,7 +77,7 @@ void handle_low_mem(void)
- if (!xs_write(xs_handle, XBT_NULL,
- "/local/domain/0/memory/target", data, strlen(data)))
- {
-- snprintf(error, BUFSZ,"Failed to write target %s to xenstore", data);
-+ snprintf(error, BUFSZ,"Failed to write target %.24s to xenstore", data);
- perror(error);
- }
- }
---
-2.7.4
-
diff --git a/recipes-extended/xen/files/tools-xenpmd-fix-possible-0-truncation.patch b/recipes-extended/xen/files/tools-xenpmd-fix-possible-0-truncation.patch
deleted file mode 100644
index 86a8e35..0000000
--- a/recipes-extended/xen/files/tools-xenpmd-fix-possible-0-truncation.patch
+++ /dev/null
@@ -1,74 +0,0 @@
-From 938c8f53b1f80175c6f7a1399efdb984abb0cb8b Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
- <marmarek@invisiblethingslab.com>
-Date: Thu, 5 Apr 2018 03:50:53 +0200
-Subject: [PATCH] tools/xenpmd: fix possible '\0' truncation
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-gcc-8 complains:
- xenpmd.c:207:9: error: 'strncpy' specified bound 32 equals destination size [-Werror=stringop-truncation]
- strncpy(info->oem_info, attrib_value, 32);
- ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- xenpmd.c:201:9: error: 'strncpy' specified bound 32 equals destination size [-Werror=stringop-truncation]
- strncpy(info->battery_type, attrib_value, 32);
- ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- xenpmd.c:195:9: error: 'strncpy' specified bound 32 equals destination size [-Werror=stringop-truncation]
- strncpy(info->serial_number, attrib_value, 32);
- ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- xenpmd.c:189:9: error: 'strncpy' specified bound 32 equals destination size [-Werror=stringop-truncation]
- strncpy(info->model_number, attrib_value, 32);
- ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-Copy 31 chars, then make sure terminating '\0' is present. Those fields
-are passed to strlen and as '%s' for snprintf later.
-
-Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
-Acked-by: Wei Liu <wei.liu2@citrix.com>
-Release-Acked-by: Juergen Gross <jgross@suse.com>
----
- tools/xenpmd/xenpmd.c | 12 ++++++++----
- 1 file changed, 8 insertions(+), 4 deletions(-)
-
-diff --git a/tools/xenpmd/xenpmd.c b/tools/xenpmd/xenpmd.c
-index 689c8fd..56412a9 100644
---- a/tools/xenpmd/xenpmd.c
-+++ b/tools/xenpmd/xenpmd.c
-@@ -186,25 +186,29 @@ void set_attribute_battery_info(char *attrib_name,
-
- if ( strstr(attrib_name, "model number") )
- {
-- strncpy(info->model_number, attrib_value, 32);
-+ strncpy(info->model_number, attrib_value, 31);
-+ info->model_number[31] = '\0';
- return;
- }
-
- if ( strstr(attrib_name, "serial number") )
- {
-- strncpy(info->serial_number, attrib_value, 32);
-+ strncpy(info->serial_number, attrib_value, 31);
-+ info->serial_number[31] = '\0';
- return;
- }
-
- if ( strstr(attrib_name, "battery type") )
- {
-- strncpy(info->battery_type, attrib_value, 32);
-+ strncpy(info->battery_type, attrib_value, 31);
-+ info->battery_type[31] = '\0';
- return;
- }
-
- if ( strstr(attrib_name, "OEM info") )
- {
-- strncpy(info->oem_info, attrib_value, 32);
-+ strncpy(info->oem_info, attrib_value, 31);
-+ info->oem_info[31] = '\0';
- return;
- }
-
---
-2.7.4
-
diff --git a/recipes-extended/xen/xen_4.10.1.bb b/recipes-extended/xen/xen_4.10.1.bb
deleted file mode 100644
index 01c0788..0000000
--- a/recipes-extended/xen/xen_4.10.1.bb
+++ /dev/null
@@ -1,19 +0,0 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
-require xen.inc
-
-SRC_URI = " \
- https://downloads.xenproject.org/release/xen/${PV}/xen-${PV}.tar.gz \
- file://tools-libxc-fix-strncpy-size.patch \
- file://tools-misc-fix-hypothetical-buffer-overflow.patch \
- file://tools-xentop-vwprintw.patch \
- file://tools-xenpmd-fix-possible-0-truncation.patch \
- file://tools-gdbsx-fix-Wstringop-truncation-warning.patch \
- file://tools-kdd-mute-spurious-gcc-warning-part1.patch \
- file://tools-kdd-mute-spurious-gcc-warning-part2.patch \
- file://shim-don-t-let-build-modify-shim.config.patch \
- "
-
-SRC_URI[md5sum] = "d1b1d14ce76622062c9977d9c8ba772e"
-SRC_URI[sha256sum] = "570d654f357d4085accdf752989c1cbc33e2075feac8fcc505d68bdb81b1a0cf"
-
-S = "${WORKDIR}/xen-${PV}"
--
2.7.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH v2 8/9] xen: package depriv-fd-checker
2018-07-31 19:35 [PATCH v2 0/9] Xen: upgrade to 4.11.0 christopher.w.clark
` (6 preceding siblings ...)
2018-07-31 19:35 ` [PATCH v2 7/9] xen: remove 4.10.1 " christopher.w.clark
@ 2018-07-31 19:35 ` christopher.w.clark
2018-07-31 19:35 ` [PATCH v2 9/9] xen: Update git recipe to build latest upstream staging branch christopher.w.clark
2018-08-03 2:59 ` [PATCH v2 0/9] Xen: upgrade to 4.11.0 Bruce Ashfield
9 siblings, 0 replies; 13+ messages in thread
From: christopher.w.clark @ 2018-07-31 19:35 UTC (permalink / raw)
To: meta-virtualization; +Cc: cardoe
From: Christopher Clark <christopher.w.clark@gmail.com>
A new tool introduced in the Xen 4.12 dev cycle.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
---
recipes-extended/xen/xen.inc | 1 +
1 file changed, 1 insertion(+)
diff --git a/recipes-extended/xen/xen.inc b/recipes-extended/xen/xen.inc
index 42c93b4..4894c77 100644
--- a/recipes-extended/xen/xen.inc
+++ b/recipes-extended/xen/xen.inc
@@ -478,6 +478,7 @@ FILES_${PN}-misc = "\
${bindir}/xencov_split \
${bindir}/xen-detect \
${libdir}/xen/bin/xenpvnetboot \
+ ${libdir}/xen/bin/depriv-fd-checker \
${sbindir}/gtracestat \
${sbindir}/gtraceview \
${sbindir}/xen-bugtool \
--
2.7.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH v2 9/9] xen: Update git recipe to build latest upstream staging branch
2018-07-31 19:35 [PATCH v2 0/9] Xen: upgrade to 4.11.0 christopher.w.clark
` (7 preceding siblings ...)
2018-07-31 19:35 ` [PATCH v2 8/9] xen: package depriv-fd-checker christopher.w.clark
@ 2018-07-31 19:35 ` christopher.w.clark
2018-08-03 2:59 ` [PATCH v2 0/9] Xen: upgrade to 4.11.0 Bruce Ashfield
9 siblings, 0 replies; 13+ messages in thread
From: christopher.w.clark @ 2018-07-31 19:35 UTC (permalink / raw)
To: meta-virtualization; +Cc: cardoe
From: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
---
recipes-extended/xen/xen_git.bb | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/recipes-extended/xen/xen_git.bb b/recipes-extended/xen/xen_git.bb
index e10d669..da1eea6 100644
--- a/recipes-extended/xen/xen_git.bb
+++ b/recipes-extended/xen/xen_git.bb
@@ -1,9 +1,10 @@
require xen.inc
-SRCREV ?= "9a6cc4f5c14b3d7542b7523f88a1b65464733d3a"
+SRCREV ?= "2b50cdbc444c637575580dcfa6c9525a84d5cc62"
-XEN_REL ?= "4.7"
-XEN_BRANCH ?= "staging-${XEN_REL}"
+XEN_REL = "4.12"
+XEN_BRANCH = "staging"
+FLASK_POLICY_FILE = "xenpolicy-${XEN_REL}-unstable"
PV = "${XEN_REL}+git${SRCPV}"
--
2.7.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [PATCH v2 0/9] Xen: upgrade to 4.11.0
2018-07-31 19:35 [PATCH v2 0/9] Xen: upgrade to 4.11.0 christopher.w.clark
` (8 preceding siblings ...)
2018-07-31 19:35 ` [PATCH v2 9/9] xen: Update git recipe to build latest upstream staging branch christopher.w.clark
@ 2018-08-03 2:59 ` Bruce Ashfield
2018-08-14 4:25 ` Christopher Clark
9 siblings, 1 reply; 13+ messages in thread
From: Bruce Ashfield @ 2018-08-03 2:59 UTC (permalink / raw)
To: Christopher Clark; +Cc: meta-virtualization, Doug Goldstein
On Tue, Jul 31, 2018 at 4:35 PM, <christopher.w.clark@gmail.com> wrote:
> From: Christopher Clark <christopher.w.clark@gmail.com>
>
> This patch series:
> * Fixes Xen recipe compatibility with gcc 8.1
> * Adds the Xen recipe for Xen's current version: 4.11.0
> * Upgrades the existing Xen recipe from 4.10.0 to 4.10.1
> - provided to ease backport to older branches (eg. sumo)
This looks sane to me, and the series is now merged to master.
If it is indeed needed on other branches, or specific patches should
be backported, let me know.
Cheers,
Bruce
> * Adds packaging for the Xen shim component and depriv-fd-checker
> * Removes the 4.10.1 and 4.9.1 recipes
> - superceded by version 4.11.0
> * Upgrades the vtpm stubdomains to Xen version 4.11.0
> * Applies a bug fix patch to the tpm emulator
> * Fixes whitespace patch fuzz on a vtpm patch
> * Updates the Xen git recipe to build upstream staging
> * Applies a workaround for an upstream parallel build bug
>
> Changes since version 1:
> * Use simpler workaround for the upstream parallel build bug
> (just build the hypervisor before the tools)
> * Add packaging for the new depriv-fd-checker tool
>
> Christopher Clark (9):
> xen: upgrade to 4.10.1, and apply patches for gcc 8.1 compatibility
> xen: add recipe for 4.11.0
> tpm-emulator: apply patch to fix memcmp defect found by gcc
> xen-vtpm,mini-os : upgrade to Xen 4.11.0
> xen-vtpm : fix patch fuzz, whitespace-only change
> xen: remove 4.9.1 recipe and patches no longer required
> xen: remove 4.10.1 recipe and patches no longer required
> xen: package depriv-fd-checker
> xen: Update git recipe to build latest upstream staging branch
>
> ...check-to-see-if-removing-a-p2m-entry-actu.patch | 176 ---------------------
> ...eturn-value-of-p2m_set_entry-when-decreas.patch | 109 -------------
> .../xen/files/mini-os_udivmoddi4-gcc7.patch | 43 -----
> .../xen/files/tools-xentop-vwprintw.patch | 25 +++
> .../xen/files/vtpm-deepquote-anyloc.patch | 8 +-
> .../xen/files/vtpm_TPM_ChangeAuthAsymFinish.patch | 28 ++++
> recipes-extended/xen/files/xsa246-4.9.patch | 74 ---------
> recipes-extended/xen/files/xsa248.patch | 164 -------------------
> recipes-extended/xen/files/xsa249.patch | 42 -----
> recipes-extended/xen/files/xsa250.patch | 67 --------
> recipes-extended/xen/files/xsa251.patch | 21 ---
> recipes-extended/xen/files/xsa253.patch | 26 ---
> recipes-extended/xen/mini-os_4.11.0.bb | 17 ++
> recipes-extended/xen/mini-os_4.9.0.bb | 18 ---
> recipes-extended/xen/tpm-emulator_0.7.4.bb | 1 +
> recipes-extended/xen/xen-vtpm_4.11.0.bb | 21 +++
> recipes-extended/xen/xen-vtpm_4.9.0.bb | 21 ---
> recipes-extended/xen/xen.inc | 15 ++
> recipes-extended/xen/xen_4.10.0.bb | 12 --
> recipes-extended/xen/xen_4.11.0.bb | 12 ++
> recipes-extended/xen/xen_4.9.1.bb | 18 ---
> recipes-extended/xen/xen_git.bb | 7 +-
> 22 files changed, 127 insertions(+), 798 deletions(-)
> delete mode 100644 recipes-extended/xen/files/0001-p2m-Always-check-to-see-if-removing-a-p2m-entry-actu.patch
> delete mode 100644 recipes-extended/xen/files/0002-p2m-Check-return-value-of-p2m_set_entry-when-decreas.patch
> delete mode 100644 recipes-extended/xen/files/mini-os_udivmoddi4-gcc7.patch
> create mode 100644 recipes-extended/xen/files/tools-xentop-vwprintw.patch
> create mode 100644 recipes-extended/xen/files/vtpm_TPM_ChangeAuthAsymFinish.patch
> delete mode 100644 recipes-extended/xen/files/xsa246-4.9.patch
> delete mode 100644 recipes-extended/xen/files/xsa248.patch
> delete mode 100644 recipes-extended/xen/files/xsa249.patch
> delete mode 100644 recipes-extended/xen/files/xsa250.patch
> delete mode 100644 recipes-extended/xen/files/xsa251.patch
> delete mode 100644 recipes-extended/xen/files/xsa253.patch
> create mode 100644 recipes-extended/xen/mini-os_4.11.0.bb
> delete mode 100644 recipes-extended/xen/mini-os_4.9.0.bb
> create mode 100644 recipes-extended/xen/xen-vtpm_4.11.0.bb
> delete mode 100644 recipes-extended/xen/xen-vtpm_4.9.0.bb
> delete mode 100644 recipes-extended/xen/xen_4.10.0.bb
> create mode 100644 recipes-extended/xen/xen_4.11.0.bb
> delete mode 100644 recipes-extended/xen/xen_4.9.1.bb
>
> --
> 2.7.4
>
--
"Thou shalt not follow the NULL pointer, for chaos and madness await
thee at its end"
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH v2 0/9] Xen: upgrade to 4.11.0
2018-08-03 2:59 ` [PATCH v2 0/9] Xen: upgrade to 4.11.0 Bruce Ashfield
@ 2018-08-14 4:25 ` Christopher Clark
2018-08-14 17:02 ` Bruce Ashfield
0 siblings, 1 reply; 13+ messages in thread
From: Christopher Clark @ 2018-08-14 4:25 UTC (permalink / raw)
To: Bruce Ashfield; +Cc: meta-virtualization, Doug Goldstein
[-- Attachment #1: Type: text/plain, Size: 1079 bytes --]
On Thu, Aug 2, 2018 at 7:59 PM, Bruce Ashfield <bruce.ashfield@gmail.com>
wrote:
> On Tue, Jul 31, 2018 at 4:35 PM, <christopher.w.clark@gmail.com> wrote:
> > From: Christopher Clark <christopher.w.clark@gmail.com>
> >
> > This patch series:
> > * Fixes Xen recipe compatibility with gcc 8.1
> > * Adds the Xen recipe for Xen's current version: 4.11.0
> > * Upgrades the existing Xen recipe from 4.10.0 to 4.10.1
> > - provided to ease backport to older branches (eg. sumo)
>
> This looks sane to me, and the series is now merged to master.
>
> If it is indeed needed on other branches, or specific patches should
> be backported, let me know.
>
For sumo: these three should go in:
commit 6160783cc05769784781ecac7e04dbd4a15ad8f0
xen-vtpm : fix patch fuzz, whitespace-only change
commit f9650d8997505796883d0ef61bd8ad2a87c2b36e
tpm-emulator: apply patch to fix memcmp defect found by gcc
commit 9955e81b23eb6bb264b32c5bb02b326097a4ec02
xen: upgrade to 4.10.1, and apply patches for gcc 8.1 compatibility
thanks
Christopher
[-- Attachment #2: Type: text/html, Size: 1802 bytes --]
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH v2 0/9] Xen: upgrade to 4.11.0
2018-08-14 4:25 ` Christopher Clark
@ 2018-08-14 17:02 ` Bruce Ashfield
0 siblings, 0 replies; 13+ messages in thread
From: Bruce Ashfield @ 2018-08-14 17:02 UTC (permalink / raw)
To: Christopher Clark; +Cc: meta-virtualization, Doug Goldstein
On Tue, Aug 14, 2018 at 12:25 AM, Christopher Clark
<christopher.w.clark@gmail.com> wrote:
>
>
> On Thu, Aug 2, 2018 at 7:59 PM, Bruce Ashfield <bruce.ashfield@gmail.com>
> wrote:
>>
>> On Tue, Jul 31, 2018 at 4:35 PM, <christopher.w.clark@gmail.com> wrote:
>> > From: Christopher Clark <christopher.w.clark@gmail.com>
>> >
>> > This patch series:
>> > * Fixes Xen recipe compatibility with gcc 8.1
>> > * Adds the Xen recipe for Xen's current version: 4.11.0
>> > * Upgrades the existing Xen recipe from 4.10.0 to 4.10.1
>> > - provided to ease backport to older branches (eg. sumo)
>>
>> This looks sane to me, and the series is now merged to master.
>>
>> If it is indeed needed on other branches, or specific patches should
>> be backported, let me know.
>
>
> For sumo: these three should go in:
>
> commit 6160783cc05769784781ecac7e04dbd4a15ad8f0
> xen-vtpm : fix patch fuzz, whitespace-only change
>
> commit f9650d8997505796883d0ef61bd8ad2a87c2b36e
> tpm-emulator: apply patch to fix memcmp defect found by gcc
>
> commit 9955e81b23eb6bb264b32c5bb02b326097a4ec02
> xen: upgrade to 4.10.1, and apply patches for gcc 8.1 compatibility
These have been cherry picked and pushed.
Bruce
>
> thanks
>
> Christopher
>
--
"Thou shalt not follow the NULL pointer, for chaos and madness await
thee at its end"
^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2018-08-14 17:03 UTC | newest]
Thread overview: 13+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-07-31 19:35 [PATCH v2 0/9] Xen: upgrade to 4.11.0 christopher.w.clark
2018-07-31 19:35 ` [PATCH v2 1/9] xen: upgrade to 4.10.1, and apply patches for gcc 8.1 compatibility christopher.w.clark
2018-07-31 19:35 ` [PATCH v2 2/9] xen: add recipe for 4.11.0 christopher.w.clark
2018-07-31 19:35 ` [PATCH v2 3/9] tpm-emulator: apply patch to fix memcmp defect found by gcc christopher.w.clark
2018-07-31 19:35 ` [PATCH v2 4/9] xen-vtpm, mini-os : upgrade to Xen 4.11.0 christopher.w.clark
2018-07-31 19:35 ` [PATCH v2 5/9] xen-vtpm : fix patch fuzz, whitespace-only change christopher.w.clark
2018-07-31 19:35 ` [PATCH v2 6/9] xen: remove 4.9.1 recipe and patches no longer required christopher.w.clark
2018-07-31 19:35 ` [PATCH v2 7/9] xen: remove 4.10.1 " christopher.w.clark
2018-07-31 19:35 ` [PATCH v2 8/9] xen: package depriv-fd-checker christopher.w.clark
2018-07-31 19:35 ` [PATCH v2 9/9] xen: Update git recipe to build latest upstream staging branch christopher.w.clark
2018-08-03 2:59 ` [PATCH v2 0/9] Xen: upgrade to 4.11.0 Bruce Ashfield
2018-08-14 4:25 ` Christopher Clark
2018-08-14 17:02 ` Bruce Ashfield
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.