diff --git a/.gitignore b/.gitignore index 94d3719..6649de9 100644 --- a/.gitignore +++ b/.gitignore @@ -6,4 +6,4 @@ lwip-1.3.0.tar.gz pciutils-2.2.9.tar.bz2 zlib-1.2.3.tar.gz polarssl-1.1.4-gpl.tgz -/xen-4.6.3.tar.gz +/xen-4.7.0.tar.gz diff --git a/init.xenconsoled b/init.xenconsoled deleted file mode 100755 index fe0defd..0000000 --- a/init.xenconsoled +++ /dev/null @@ -1,121 +0,0 @@ -#!/bin/bash -# -# xenconsoled Script to start and stop the Xen xenconsoled daemon -# -# Author: Daniel P. Berrange -# -# chkconfig: 2345 97 01 -# description: Starts and stops the Xen control daemon. -### BEGIN INIT INFO -# Provides: xenconsoled -# Required-Start: $syslog $remote_fs -# Should-Start: -# Required-Stop: $syslog $remote_fs xenstored -# Should-Stop: -# Default-Start: 3 4 5 -# Default-Stop: 0 1 2 6 -# Default-Enabled: yes -# Short-Description: Start/stop xenconsoled -# Description: Starts and stops the Xen xenconsoled daemon. -### END INIT INFO - -# Source function library. -. /etc/rc.d/init.d/functions - -if [ ! -d /proc/xen ]; then - exit 0 -fi -if ! grep -q "control_d" /proc/xen/capabilities ; then - exit 0 -fi - -# Default config params -XENCONSOLED_LOG_HYPERVISOR=no -XENCONSOLED_LOG_GUESTS=no -XENCONSOLED_LOG_DIR=/var/log/xen/console -XENCONSOLED_ARGS= - -# User customized params -test -f /etc/sysconfig/xenconsoled && . /etc/sysconfig/xenconsoled - -XENCONSOLED_LOG=none -if [ "$XENCONSOLED_LOG_HYPERVISOR" = "yes" ] -then - if [ "$XENCONSOLED_LOG_GUESTS" = "yes" ] - then - XENCONSOLED_LOG=all - else - XENCONSOLED_LOG=hv - fi -else - if [ "$XENCONSOLED_LOG_GUESTS" = "yes" ] - then - XENCONSOLED_LOG=guest - fi -fi - -start() { - echo -n $"Starting xenconsoled daemon: " - /usr/sbin/xenconsoled --log=$XENCONSOLED_LOG --log-dir=$XENCONSOLED_LOG_DIR $XENCONSOLED_ARGS - RETVAL=$? - test $RETVAL = 0 && echo_success || echo_failure - echo - [ $RETVAL -eq 0 ] && touch /var/lock/subsys/xenconsoled -} - -stop() { - echo -n $"Stopping xenconsoled daemon: " - killproc xenconsoled > /dev/null - RETVAL=$? - test $RETVAL = 0 && echo_success || echo_failure - echo - [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/xenconsoled -} - -rcstatus() { - status xenconsoled - RETVAL=$? - test $RETVAL = 0 && echo_success || echo_failure - echo -} - -reload() { - echo -n $"Reloading xenconsoled daemon: " - killproc xenconsoled -HUP > /dev/null - RETVAL=$? - test $RETVAL = 0 && echo_success || echo_failure - echo -} - -RETVAL=0 -case "$1" in - start) - start - ;; - stop) - stop - ;; - status) - rcstatus - ;; - reload) - reload - ;; - restart|force-reload) - stop - start - ;; - condrestart) - if [ -f /var/lock/subsys/xenconsoled ] - then - stop - start - fi - ;; - *) - echo $"Usage: $0 {start|stop|status|restart|condrestart|reload|force-reload}" - exit 1 -esac - -exit $RETVAL - diff --git a/init.xenstored b/init.xenstored deleted file mode 100755 index 328870d..0000000 --- a/init.xenstored +++ /dev/null @@ -1,95 +0,0 @@ -#!/bin/bash -# -# xenstored Script to start and stop the Xen control daemon. -# -# Author: Daniel Berrange /dev/null - RETVAL=$? - else - RETVAL=1 - fi - test $RETVAL = 0 && echo_success || echo_failure - echo - [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/xenstored -} - -rcstatus() { - status xenstored - RETVAL=$? - test $RETVAL = 0 && echo_success || echo_failure - echo -} - -RETVAL=0 -case "$1" in - start) - start - ;; - stop) - stop - ;; - status) - rcstatus - ;; - *) - echo $"Usage: $0 {start|stop|status}" - exit 1 -esac - -exit $RETVAL - diff --git a/qemu.CVE-2015-8817+8.patch b/qemu.CVE-2015-8817+8.patch deleted file mode 100644 index 10051a9..0000000 --- a/qemu.CVE-2015-8817+8.patch +++ /dev/null @@ -1,224 +0,0 @@ -From 965eb2fcdfe919ecced6c34803535ad32dc1249c Mon Sep 17 00:00:00 2001 -From: Paolo Bonzini -Date: Wed, 17 Jun 2015 10:40:27 +0200 -Subject: [PATCH] exec: do not clamp accesses to MMIO regions -MIME-Version: 1.0 -Content-Type: text/plain; charset=utf8 -Content-Transfer-Encoding: 8bit - -It is common for MMIO registers to overlap, for example a 4 byte register -at 0xcf8 (totally random choice... :)) and a 1 byte register at 0xcf9. -If these registers are implemented via separate MemoryRegions, it is -wrong to clamp the accesses as the value written would be truncated. - -Hence for these regions the effects of commit 23820db (exec: Respect -as_translate_internal length clamp, 2015-03-16, previously applied as -commit c3c1bb99) must be skipped. - -Tested-by: Hervé Poussineau -Tested-by: Mark Cave-Ayland -Signed-off-by: Paolo Bonzini ---- - exec.c | 8 ++++++-- - 1 files changed, 6 insertions(+), 2 deletions(-) - -diff --git a/exec.c b/exec.c -index 76bfc4a..d00e017 100644 ---- a/tools/qemu-xen/exec.c -+++ b/tools/qemu-xen/exec.c -@@ -341,6 +341,7 @@ address_space_translate_internal(AddressSpaceDispatch *d, hwaddr addr, hwaddr *x - hwaddr *plen, bool resolve_subpage) - { - MemoryRegionSection *section; -+ MemoryRegion *mr; - Int128 diff; - - section = address_space_lookup_region(d, addr, resolve_subpage); -@@ -350,8 +351,11 @@ address_space_translate_internal(AddressSpaceDispatch *d, hwaddr addr, hwaddr *x - /* Compute offset within MemoryRegion */ - *xlat = addr + section->offset_within_region; - -- diff = int128_sub(section->mr->size, int128_make64(addr)); -- *plen = int128_get64(int128_min(diff, int128_make64(*plen))); -+ mr = section->mr; -+ if (memory_region_is_ram(mr)) { -+ diff = int128_sub(mr->size, int128_make64(addr)); -+ *plen = int128_get64(int128_min(diff, int128_make64(*plen))); -+ } - return section; - } - --- -1.7.0.4 - -From e4a511f8cc6f4a46d409fb5c9f72c38ba45f8d83 Mon Sep 17 00:00:00 2001 -From: Paolo Bonzini -Date: Wed, 17 Jun 2015 10:36:54 +0200 -Subject: [PATCH] exec: clamp accesses against the MemoryRegionSection -MIME-Version: 1.0 -Content-Type: text/plain; charset=utf8 -Content-Transfer-Encoding: 8bit - -Because the clamping was done against the MemoryRegion, -address_space_rw was effectively broken if a write spanned -multiple sections that are not linear in underlying memory -(with the memory not being under an IOMMU). - -This is visible with the MIPS rc4030 IOMMU, which is implemented -as a series of alias memory regions that point to the actual RAM. - -Tested-by: Hervé Poussineau -Tested-by: Mark Cave-Ayland -Signed-off-by: Paolo Bonzini ---- - exec.c | 2 +- - 1 files changed, 1 insertions(+), 1 deletions(-) - -diff --git a/exec.c b/exec.c -index d00e017..f7883d2 100644 ---- a/tools/qemu-xen/exec.c -+++ b/tools/qemu-xen/exec.c -@@ -353,7 +353,7 @@ address_space_translate_internal(AddressSpaceDispatch *d, hwaddr addr, hwaddr *x - - mr = section->mr; - if (memory_region_is_ram(mr)) { -- diff = int128_sub(mr->size, int128_make64(addr)); -+ diff = int128_sub(section->size, int128_make64(addr)); - *plen = int128_get64(int128_min(diff, int128_make64(*plen))); - } - return section; --- -1.7.0.4 - -From b242e0e0e2969c044a318e56f7988bbd84de1f63 Mon Sep 17 00:00:00 2001 -From: Paolo Bonzini -Date: Sat, 4 Jul 2015 00:24:51 +0200 -Subject: [PATCH] exec: skip MMIO regions correctly in cpu_physical_memory_write_rom_internal - -Loading the BIOS in the mac99 machine is interesting, because there is a -PROM in the middle of the BIOS region (from 16K to 32K). Before memory -region accesses were clamped, when QEMU was asked to load a BIOS from -0xfff00000 to 0xffffffff it would put even those 16K from the BIOS file -into the region. This is weird because those 16K were not actually -visible between 0xfff04000 and 0xfff07fff. However, it worked. - -After clamping was added, this also worked. In this case, the -cpu_physical_memory_write_rom_internal function split the write in -three parts: the first 16K were copied, the PROM area (second 16K) were -ignored, then the rest was copied. - -Problems then started with commit 965eb2f (exec: do not clamp accesses -to MMIO regions, 2015-06-17). Clamping accesses is not done for MMIO -regions because they can overlap wildly, and MMIO registers can be -expected to perform full-width accesses based only on their address -(with no respect for adjacent registers that could decode to completely -different MemoryRegions). However, this lack of clamping also applied -to the PROM area! cpu_physical_memory_write_rom_internal thus failed -to copy the third range above, i.e. only copied the first 16K of the BIOS. - -In effect, address_space_translate is expecting _something else_ to do -the clamping for MMIO regions if the incoming length is large. This -"something else" is memory_access_size in the case of address_space_rw, -so use the same logic in cpu_physical_memory_write_rom_internal. - -Reported-by: Alexander Graf -Reviewed-by: Laurent Vivier -Tested-by: Laurent Vivier -Fixes: 965eb2f -Signed-off-by: Paolo Bonzini ---- - exec.c | 14 +++++++++++++- - 1 files changed, 13 insertions(+), 1 deletions(-) - -diff --git a/exec.c b/exec.c -index 3457f7e..251dc79 100644 ---- a/tools/qemu-xen/exec.c -+++ b/tools/qemu-xen/exec.c -@@ -353,6 +353,18 @@ address_space_translate_internal(AddressSpaceDispatch *d, hwaddr addr, hwaddr *x - *xlat = addr + section->offset_within_region; - - mr = section->mr; -+ -+ /* MMIO registers can be expected to perform full-width accesses based only -+ * on their address, without considering adjacent registers that could -+ * decode to completely different MemoryRegions. When such registers -+ * exist (e.g. I/O ports 0xcf8 and 0xcf9 on most PC chipsets), MMIO -+ * regions overlap wildly. For this reason we cannot clamp the accesses -+ * here. -+ * -+ * If the length is small (as is the case for address_space_ldl/stl), -+ * everything works fine. If the incoming length is large, however, -+ * the caller really has to do the clamping through memory_access_size. -+ */ - if (memory_region_is_ram(mr)) { - diff = int128_sub(section->size, int128_make64(addr)); - *plen = int128_get64(int128_min(diff, int128_make64(*plen))); -@@ -2491,7 +2503,7 @@ static inline void cpu_physical_memory_write_rom_internal(AddressSpace *as, - - if (!(memory_region_is_ram(mr) || - memory_region_is_romd(mr))) { -- /* do nothing */ -+ l = memory_access_size(mr, l, addr1); - } else { - addr1 += memory_region_get_ram_addr(mr); - /* ROM/RAM case */ --- -1.7.0.4 - -From c3c1bb99d1c11978d9ce94d1bdcf0705378c1459 Mon Sep 17 00:00:00 2001 -From: Peter Crosthwaite -Date: Mon, 16 Mar 2015 22:35:54 -0700 -Subject: [PATCH] exec: Respect as_tranlsate_internal length clamp - -address_space_translate_internal will clamp the *plen length argument -based on the size of the memory region being queried. The iommu walker -logic in addresss_space_translate was ignoring this by discarding the -post fn call value of *plen. Fix by just always using *plen as the -length argument throughout the fn, removing the len local variable. - -This fixes a bootloader bug when a single elf section spans multiple -QEMU memory regions. - -Signed-off-by: Peter Crosthwaite -Message-Id: <1426570554-15940-1-git-send-email-peter.crosthwaite@xilinx.com> -Signed-off-by: Paolo Bonzini ---- - exec.c | 6 ++---- - 1 files changed, 2 insertions(+), 4 deletions(-) - -diff --git a/exec.c b/exec.c -index e97071a..8b922db 100644 ---- a/tools/qemu-xen/exec.c -+++ b/tools/qemu-xen/exec.c -@@ -380,7 +380,6 @@ MemoryRegion *address_space_translate(AddressSpace *as, hwaddr addr, - IOMMUTLBEntry iotlb; - MemoryRegionSection *section; - MemoryRegion *mr; -- hwaddr len = *plen; - - for (;;) { - section = address_space_translate_internal(as->dispatch, addr, &addr, plen, true); -@@ -395,7 +394,7 @@ MemoryRegion *address_space_translate(AddressSpace *as, hwaddr addr, - iotlb = mr->iommu_ops->translate(mr, addr, is_write); - addr = ((iotlb.translated_addr & ~iotlb.addr_mask) - | (addr & iotlb.addr_mask)); -- len = MIN(len, (addr | iotlb.addr_mask) - addr + 1); -+ *plen = MIN(*plen, (addr | iotlb.addr_mask) - addr + 1); - if (!(iotlb.perm & (1 << is_write))) { - mr = &io_mem_unassigned; - break; -@@ -406,10 +405,9 @@ MemoryRegion *address_space_translate(AddressSpace *as, hwaddr addr, - - if (xen_enabled() && memory_access_is_direct(mr, is_write)) { - hwaddr page = ((addr & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE) - addr; -- len = MIN(page, len); -+ *plen = MIN(page, *plen); - } - -- *plen = len; - *xlat = addr; - return mr; - } --- -1.7.0.4 - diff --git a/qemu.CVE-2016-2391.patch b/qemu.CVE-2016-2391.patch index 2106eab..9ec9ab9 100644 --- a/qemu.CVE-2016-2391.patch +++ b/qemu.CVE-2016-2391.patch @@ -43,15 +43,15 @@ index bed55dd..3d1270d 100644 /* Sets a flag in a port status register but only set it if the port is @@ -1907,6 +1893,9 @@ static void usb_ohci_init(OHCIState *ohci, DeviceState *dev, + usb_packet_init(&ohci->usb_packet); + ohci->async_td = 0; - qemu_register_reset(ohci_reset, ohci); - ++ + ohci->eof_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, + ohci_frame_boundary, ohci); -+ - return 0; } + #define TYPE_PCI_OHCI "pci-ohci" @@ -2041,23 +2030,13 @@ static bool ohci_eof_timer_needed(void *opaque) { OHCIState *ohci = opaque; @@ -74,9 +74,9 @@ index bed55dd..3d1270d 100644 .version_id = 1, .minimum_version_id = 1, - .pre_load = ohci_eof_timer_pre_load, + .needed = ohci_eof_timer_needed, .fields = (VMStateField[]) { - VMSTATE_TIMER(eof_timer, OHCIState), - VMSTATE_END_OF_LIST() + VMSTATE_TIMER_PTR(eof_timer, OHCIState), -- 1.8.3.1 diff --git a/qemu.CVE-2016-4002.patch b/qemu.CVE-2016-4002.patch index 617f1d6..129bae9 100644 --- a/qemu.CVE-2016-4002.patch +++ b/qemu.CVE-2016-4002.patch @@ -18,10 +18,10 @@ index f261011..e134b31 100644 +++ b/tools/qemu-xen/hw/net/mipsnet.c @@ -82,6 +82,9 @@ static ssize_t mipsnet_receive(NetClientState *nc, const uint8_t *buf, size_t si if (!mipsnet_can_receive(nc)) - return -1; + return 0; + if (size >= sizeof(s->rx_buffer)) { -+ return -1; ++ return 0; + } s->busy = 1; diff --git a/qemu.bug1330513.patch b/qemu.bug1330513.patch index 2b6020d..8155720 100644 --- a/qemu.bug1330513.patch +++ b/qemu.bug1330513.patch @@ -31,7 +31,7 @@ index 9f68394..1a66291 100644 + } depth = s->get_bpp(s); - if (s->line_offset != s->last_line_offset || + -- 2.5.5 diff --git a/qemu.git-0cf33fb6b49a19de32859e2cdc6021334f448fb3.patch b/qemu.git-0cf33fb6b49a19de32859e2cdc6021334f448fb3.patch deleted file mode 100644 index da9c851..0000000 --- a/qemu.git-0cf33fb6b49a19de32859e2cdc6021334f448fb3.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 0cf33fb6b49a19de32859e2cdc6021334f448fb3 Mon Sep 17 00:00:00 2001 -From: Jason Wang -Date: Fri, 25 Sep 2015 13:21:30 +0800 -Subject: [PATCH] virtio-net: correctly drop truncated packets - -When packet is truncated during receiving, we drop the packets but -neither discard the descriptor nor add and signal used -descriptor. This will lead several issues: - -- sg mappings are leaked -- rx will be stalled if a lots of packets were truncated - -In order to be consistent with vhost, fix by discarding the descriptor -in this case. - -Cc: Michael S. Tsirkin -Signed-off-by: Jason Wang -Reviewed-by: Michael S. Tsirkin -Signed-off-by: Michael S. Tsirkin ---- - hw/net/virtio-net.c | 8 +------- - 1 files changed, 1 insertions(+), 7 deletions(-) - -diff --git a/tools/qemu-xen/hw/net/virtio-net.c b/tools/qemu-xen/hw/net/virtio-net.c -index d388c55..a877614 100644 ---- a/tools/qemu-xen/hw/net/virtio-net.c -+++ b/tools/qemu-xen/hw/net/virtio-net.c -@@ -1094,13 +1094,7 @@ static ssize_t virtio_net_receive(NetClientState *nc, const uint8_t *buf, size_t - * must have consumed the complete packet. - * Otherwise, drop it. */ - if (!n->mergeable_rx_bufs && offset < size) { --#if 0 -- error_report("virtio-net truncated non-mergeable packet: " -- "i %zd mergeable %d offset %zd, size %zd, " -- "guest hdr len %zd, host hdr len %zd", -- i, n->mergeable_rx_bufs, -- offset, size, n->guest_hdr_len, n->host_hdr_len); --#endif -+ virtqueue_discard(q->rx_vq, &elem, total); - return size; - } - --- -1.7.0.4 - diff --git a/qemu.git-29b9f5efd78ae0f9cc02dd169b6e80d2c404bade.patch b/qemu.git-29b9f5efd78ae0f9cc02dd169b6e80d2c404bade.patch deleted file mode 100644 index c1ba8dd..0000000 --- a/qemu.git-29b9f5efd78ae0f9cc02dd169b6e80d2c404bade.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 29b9f5efd78ae0f9cc02dd169b6e80d2c404bade Mon Sep 17 00:00:00 2001 -From: Jason Wang -Date: Fri, 25 Sep 2015 13:21:29 +0800 -Subject: [PATCH] virtio: introduce virtqueue_discard() - -This patch introduces virtqueue_discard() to discard a descriptor and -unmap the sgs. This will be used by the patch that will discard -descriptor when packet is truncated. - -Cc: Michael S. Tsirkin -Signed-off-by: Jason Wang -Reviewed-by: Michael S. Tsirkin -Signed-off-by: Michael S. Tsirkin ---- - hw/virtio/virtio.c | 7 +++++++ - include/hw/gvirtio/virtio.h | 2 ++ - 2 files changed, 9 insertions(+), 0 deletions(-) - -diff --git a/tools/qemu-xen/hw/virtio/virtio.c b/tools/qemu-xen/hw/virtio/virtio.c -index 6f2b96c..d0bc72e 100644 ---- a/tools/qemu-xen/hw/virtio/virtio.c -+++ b/tools/qemu-xen/hw/virtio/virtio.c -@@ -267,6 +267,13 @@ static void virtqueue_unmap_sg(VirtQueue *vq, const VirtQueueElement *elem, - 0, elem->out_sg[i].iov_len); - } - -+void virtqueue_discard(VirtQueue *vq, const VirtQueueElement *elem, -+ unsigned int len) -+{ -+ vq->last_avail_idx--; -+ virtqueue_unmap_sg(vq, elem, len); -+} -+ - void virtqueue_fill(VirtQueue *vq, const VirtQueueElement *elem, - unsigned int len, unsigned int idx) - { -diff --git a/tools/qemu-xen/include/hw/virtio/virtio.h b/tools/qemu-xen/include/hw/virtio/virtio.h -index 6201ee8..9d09115 100644 ---- a/tools/qemu-xen/include/hw/virtio/virtio.h -+++ b/tools/qemu-xen/include/hw/virtio/virtio.h -@@ -146,6 +146,8 @@ void virtio_del_queue(VirtIODevice *vdev, int n); - void virtqueue_push(VirtQueue *vq, const VirtQueueElement *elem, - unsigned int len); - void virtqueue_flush(VirtQueue *vq, unsigned int count); -+void virtqueue_discard(VirtQueue *vq, const VirtQueueElement *elem, -+ unsigned int len); - void virtqueue_fill(VirtQueue *vq, const VirtQueueElement *elem, - unsigned int len, unsigned int idx); - --- -1.7.0.4 - diff --git a/qemu.git-7882080388be5088e72c425b02223c02e6cb4295.patch b/qemu.git-7882080388be5088e72c425b02223c02e6cb4295.patch deleted file mode 100644 index 193c40a..0000000 --- a/qemu.git-7882080388be5088e72c425b02223c02e6cb4295.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 7882080388be5088e72c425b02223c02e6cb4295 Mon Sep 17 00:00:00 2001 -From: Michael S. Tsirkin -Date: Thu, 23 Jul 2015 17:52:02 +0300 -Subject: [PATCH] virtio-serial: fix ANY_LAYOUT - -Don't assume a specific layout for control messages. -Required by virtio 1. - -Signed-off-by: Michael S. Tsirkin -Reviewed-by: Amit Shah -Reviewed-by: Jason Wang ---- - hw/char/virtio-serial-bus.c | 3 ++- - 1 files changed, 2 insertions(+), 1 deletions(-) - -diff --git a/tools/qemu-xen/hw/char/virtio-serial-bus.c b/tools/qemu-xen/hw/char/virtio-serial-bus.c -index 78c73e5..929e49c 100644 ---- a/tools/qemu-xen/hw/char/virtio-serial-bus.c -+++ b/tools/qemu-xen/hw/char/virtio-serial-bus.c -@@ -195,7 +195,8 @@ static size_t send_control_msg(VirtIOSerial *vser, void *buf, size_t len) - return 0; - } - -- memcpy(elem.in_sg[0].iov_base, buf, len); -+ /* TODO: detect a buffer that's too short, set NEEDS_RESET */ -+ iov_from_buf(elem.in_sg, elem.in_num, 0, buf, len); - - virtqueue_push(vq, &elem, len); - virtio_notify(VIRTIO_DEVICE(vser), vq); --- -1.7.0.4 - diff --git a/qemu.git-ce317461573bac12b10d67699b4ddf1f97cf066c.patch b/qemu.git-ce317461573bac12b10d67699b4ddf1f97cf066c.patch deleted file mode 100644 index fe9f142..0000000 --- a/qemu.git-ce317461573bac12b10d67699b4ddf1f97cf066c.patch +++ /dev/null @@ -1,56 +0,0 @@ -From ce317461573bac12b10d67699b4ddf1f97cf066c Mon Sep 17 00:00:00 2001 -From: Jason Wang -Date: Fri, 25 Sep 2015 13:21:28 +0800 -Subject: [PATCH] virtio: introduce virtqueue_unmap_sg() - -Factor out sg unmapping logic. This will be reused by the patch that -can discard descriptor. - -Cc: Michael S. Tsirkin -Cc: Andrew James -Signed-off-by: Jason Wang -Reviewed-by: Michael S. Tsirkin -Signed-off-by: Michael S. Tsirkin ---- - hw/virtio/virtio.c | 14 ++++++++++---- - 1 files changed, 10 insertions(+), 4 deletions(-) - -diff --git a/tools/qemu-xen/hw/virtio/virtio.c b/hw/virtio/virtio.c -index 7504f8b..6f2b96c 100644 ---- a/tools/qemu-xen/hw/virtio/virtio.c -+++ b/tools/qemu-xen/hw/virtio/virtio.c -@@ -244,14 +244,12 @@ int virtio_queue_empty(VirtQueue *vq) - return vring_avail_idx(vq) == vq->last_avail_idx; - } - --void virtqueue_fill(VirtQueue *vq, const VirtQueueElement *elem, -- unsigned int len, unsigned int idx) -+static void virtqueue_unmap_sg(VirtQueue *vq, const VirtQueueElement *elem, -+ unsigned int len) - { - unsigned int offset; - int i; - -- trace_virtqueue_fill(vq, elem, len, idx); -- - offset = 0; - for (i = 0; i < elem->in_num; i++) { - size_t size = MIN(len - offset, elem->in_sg[i].iov_len); -@@ -267,6 +265,14 @@ void virtqueue_fill(VirtQueue *vq, const VirtQueueElement *elem, - cpu_physical_memory_unmap(elem->out_sg[i].iov_base, - elem->out_sg[i].iov_len, - 0, elem->out_sg[i].iov_len); -+} -+ -+void virtqueue_fill(VirtQueue *vq, const VirtQueueElement *elem, -+ unsigned int len, unsigned int idx) -+{ -+ trace_virtqueue_fill(vq, elem, len, idx); -+ -+ virtqueue_unmap_sg(vq, elem, len); - - idx = (idx + vring_used_idx(vq)) % vq->vring.num; - --- -1.7.0.4 - diff --git a/qemu.git-d9033e1d3aa666c5071580617a57bd853c5d794a.patch b/qemu.git-d9033e1d3aa666c5071580617a57bd853c5d794a.patch deleted file mode 100644 index 29a428c..0000000 --- a/qemu.git-d9033e1d3aa666c5071580617a57bd853c5d794a.patch +++ /dev/null @@ -1,144 +0,0 @@ -From d9033e1d3aa666c5071580617a57bd853c5d794a Mon Sep 17 00:00:00 2001 -From: John Snow -Date: Thu, 17 Sep 2015 14:17:05 -0400 -Subject: [PATCH] ide: fix ATAPI command permissions - -We're a little too lenient with what we'll let an ATAPI drive handle. -Clamp down on the IDE command execution table to remove CD_OK permissions -from commands that are not and have never been ATAPI commands. - -For ATAPI command validity, please see: -- ATA4 Section 6.5 ("PACKET Command feature set") -- ATA8/ACS Section 4.3 ("The PACKET feature set") -- ACS3 Section 4.3 ("The PACKET feature set") - -ACS3 has a historical command validity table in Table B.4 -("Historical Command Assignments") that can be referenced to find when -a command was introduced, deprecated, obsoleted, etc. - -The only reference for ATAPI command validity is by checking that -version's PACKET feature set section. - -ATAPI was introduced by T13 into ATA4, all commands retired prior to ATA4 -therefore are assumed to have never been ATAPI commands. - -Mandatory commands, as listed in ATA8-ACS3, are: - -- DEVICE RESET -- EXECUTE DEVICE DIAGNOSTIC -- IDENTIFY DEVICE -- IDENTIFY PACKET DEVICE -- NOP -- PACKET -- READ SECTOR(S) -- SET FEATURES - -Optional commands as listed in ATA8-ACS3, are: - -- FLUSH CACHE -- READ LOG DMA EXT -- READ LOG EXT -- WRITE LOG DMA EXT -- WRITE LOG EXT - -All other commands are illegal to send to an ATAPI device and should -be rejected by the device. - -CD_OK removal justifications: - -0x06 WIN_DSM Defined in ACS2. Not valid for ATAPI. -0x21 WIN_READ_ONCE Retired in ATA5. Not ATAPI in ATA4. -0x94 WIN_STANDBYNOW2 Retired in ATA4. Did not coexist with ATAPI. -0x95 WIN_IDLEIMMEDIATE2 Retired in ATA4. Did not coexist with ATAPI. -0x96 WIN_STANDBY2 Retired in ATA4. Did not coexist with ATAPI. -0x97 WIN_SETIDLE2 Retired in ATA4. Did not coexist with ATAPI. -0x98 WIN_CHECKPOWERMODE2 Retired in ATA4. Did not coexist with ATAPI. -0x99 WIN_SLEEPNOW2 Retired in ATA4. Did not coexist with ATAPI. -0xE0 WIN_STANDBYNOW1 Not part of ATAPI in ATA4, ACS or ACS3. -0xE1 WIN_IDLEIMMDIATE Not part of ATAPI in ATA4, ACS or ACS3. -0xE2 WIN_STANDBY Not part of ATAPI in ATA4, ACS or ACS3. -0xE3 WIN_SETIDLE1 Not part of ATAPI in ATA4, ACS or ACS3. -0xE4 WIN_CHECKPOWERMODE1 Not part of ATAPI in ATA4, ACS or ACS3. -0xE5 WIN_SLEEPNOW1 Not part of ATAPI in ATA4, ACS or ACS3. -0xF8 WIN_READ_NATIVE_MAX Obsoleted in ACS3. Not ATAPI in ATA4 or ACS. - -This patch fixes a divide by zero fault that can be caused by sending -the WIN_READ_NATIVE_MAX command to an ATAPI drive, which causes it to -attempt to use zeroed CHS values to perform sector arithmetic. - -Reported-by: Qinghao Tang -Signed-off-by: John Snow -Reviewed-by: Markus Armbruster -Message-id: 1441816082-21031-1-git-send-email-jsnow@redhat.com -CC: qemu-stable@nongnu.org ---- - hw/ide/core.c | 30 +++++++++++++++--------------- - 1 files changed, 15 insertions(+), 15 deletions(-) - -diff --git a/tools/qemu-xen/hw/ide/core.c b/tools/qemu-xen/hw/ide/core.c -index 8ba04df..1cc6945 100644 ---- a/tools/qemu-xen/hw/ide/core.c -+++ b/tools/qemu-xen/hw/ide/core.c -@@ -1746,11 +1746,11 @@ static const struct { - } ide_cmd_table[0x100] = { - /* NOP not implemented, mandatory for CD */ - [CFA_REQ_EXT_ERROR_CODE] = { cmd_cfa_req_ext_error_code, CFA_OK }, -- [WIN_DSM] = { cmd_data_set_management, ALL_OK }, -+ [WIN_DSM] = { cmd_data_set_management, HD_CFA_OK }, - [WIN_DEVICE_RESET] = { cmd_device_reset, CD_OK }, - [WIN_RECAL] = { cmd_nop, HD_CFA_OK | SET_DSC}, - [WIN_READ] = { cmd_read_pio, ALL_OK }, -- [WIN_READ_ONCE] = { cmd_read_pio, ALL_OK }, -+ [WIN_READ_ONCE] = { cmd_read_pio, HD_CFA_OK }, - [WIN_READ_EXT] = { cmd_read_pio, HD_CFA_OK }, - [WIN_READDMA_EXT] = { cmd_read_dma, HD_CFA_OK }, - [WIN_READ_NATIVE_MAX_EXT] = { cmd_read_native_max, HD_CFA_OK | SET_DSC }, -@@ -1769,12 +1769,12 @@ static const struct { - [CFA_TRANSLATE_SECTOR] = { cmd_cfa_translate_sector, CFA_OK }, - [WIN_DIAGNOSE] = { cmd_exec_dev_diagnostic, ALL_OK }, - [WIN_SPECIFY] = { cmd_nop, HD_CFA_OK | SET_DSC }, -- [WIN_STANDBYNOW2] = { cmd_nop, ALL_OK }, -- [WIN_IDLEIMMEDIATE2] = { cmd_nop, ALL_OK }, -- [WIN_STANDBY2] = { cmd_nop, ALL_OK }, -- [WIN_SETIDLE2] = { cmd_nop, ALL_OK }, -- [WIN_CHECKPOWERMODE2] = { cmd_check_power_mode, ALL_OK | SET_DSC }, -- [WIN_SLEEPNOW2] = { cmd_nop, ALL_OK }, -+ [WIN_STANDBYNOW2] = { cmd_nop, HD_CFA_OK }, -+ [WIN_IDLEIMMEDIATE2] = { cmd_nop, HD_CFA_OK }, -+ [WIN_STANDBY2] = { cmd_nop, HD_CFA_OK }, -+ [WIN_SETIDLE2] = { cmd_nop, HD_CFA_OK }, -+ [WIN_CHECKPOWERMODE2] = { cmd_check_power_mode, HD_CFA_OK | SET_DSC }, -+ [WIN_SLEEPNOW2] = { cmd_nop, HD_CFA_OK }, - [WIN_PACKETCMD] = { cmd_packet, CD_OK }, - [WIN_PIDENTIFY] = { cmd_identify_packet, CD_OK }, - [WIN_SMART] = { cmd_smart, HD_CFA_OK | SET_DSC }, -@@ -1788,19 +1788,19 @@ static const struct { - [WIN_WRITEDMA] = { cmd_write_dma, HD_CFA_OK }, - [WIN_WRITEDMA_ONCE] = { cmd_write_dma, HD_CFA_OK }, - [CFA_WRITE_MULTI_WO_ERASE] = { cmd_write_multiple, CFA_OK }, -- [WIN_STANDBYNOW1] = { cmd_nop, ALL_OK }, -- [WIN_IDLEIMMEDIATE] = { cmd_nop, ALL_OK }, -- [WIN_STANDBY] = { cmd_nop, ALL_OK }, -- [WIN_SETIDLE1] = { cmd_nop, ALL_OK }, -- [WIN_CHECKPOWERMODE1] = { cmd_check_power_mode, ALL_OK | SET_DSC }, -- [WIN_SLEEPNOW1] = { cmd_nop, ALL_OK }, -+ [WIN_STANDBYNOW1] = { cmd_nop, HD_CFA_OK }, -+ [WIN_IDLEIMMEDIATE] = { cmd_nop, HD_CFA_OK }, -+ [WIN_STANDBY] = { cmd_nop, HD_CFA_OK }, -+ [WIN_SETIDLE1] = { cmd_nop, HD_CFA_OK }, -+ [WIN_CHECKPOWERMODE1] = { cmd_check_power_mode, HD_CFA_OK | SET_DSC }, -+ [WIN_SLEEPNOW1] = { cmd_nop, HD_CFA_OK }, - [WIN_FLUSH_CACHE] = { cmd_flush_cache, ALL_OK }, - [WIN_FLUSH_CACHE_EXT] = { cmd_flush_cache, HD_CFA_OK }, - [WIN_IDENTIFY] = { cmd_identify, ALL_OK }, - [WIN_SETFEATURES] = { cmd_set_features, ALL_OK | SET_DSC }, - [IBM_SENSE_CONDITION] = { cmd_ibm_sense_condition, CFA_OK | SET_DSC }, - [CFA_WEAR_LEVEL] = { cmd_cfa_erase_sectors, HD_CFA_OK | SET_DSC }, -- [WIN_READ_NATIVE_MAX] = { cmd_read_native_max, ALL_OK | SET_DSC }, -+ [WIN_READ_NATIVE_MAX] = { cmd_read_native_max, HD_CFA_OK | SET_DSC }, - }; - - static bool ide_cmd_permitted(IDEState *s, uint32_t cmd) --- -1.7.0.4 - diff --git a/sources b/sources index 121b9f3..6a4dd4c 100644 --- a/sources +++ b/sources @@ -4,4 +4,4 @@ bf8f1f9e3ca83d732c00a79a6ef29bc4 newlib-1.16.0.tar.gz cec05e7785497c5e19da2f114b934ffd pciutils-2.2.9.tar.bz2 debc62758716a169df9f62e6ab2bc634 zlib-1.2.3.tar.gz 7b72caf22b01464ee7d6165f2fd85f44 polarssl-1.1.4-gpl.tgz -26419d8477082dbdb32ec75b00f00643 xen-4.6.3.tar.gz +3aa4e01bf37a3a5bc8572907cb88e649 xen-4.7.0.tar.gz diff --git a/sysconfig.xenconsoled b/sysconfig.xenconsoled deleted file mode 100755 index 4a00056..0000000 --- a/sysconfig.xenconsoled +++ /dev/null @@ -1,22 +0,0 @@ -# init.d only settings -# Log all hypervisor messages (cf xm dmesg) -#XENCONSOLED_LOG_HYPERVISOR=no -# Log all guest console output (cf xm console) -#XENCONSOLED_LOG_GUESTS=no - -# systemd only settings -# No logging (default) -#XENCONSOLED_LOG=none -# Log guest console output only -#XENCONSOLED_LOG=guest -# Log hypervisor messages only -#XENCONSOLED_LOG=hv -# Log both guest console output and hypervisor messages -#XENCONSOLED_LOG=all - -# setting for both init.d and systemd -# Location to store guest & hypervisor logs -#XENCONSOLED_LOG_DIR=/var/log/xen/console - -#XENCONSOLED_ARGS= - diff --git a/sysconfig.xenstored b/sysconfig.xenstored deleted file mode 100755 index 0583132..0000000 --- a/sysconfig.xenstored +++ /dev/null @@ -1,4 +0,0 @@ - -#XENSTORED_PID="/var/run/xenstored.pid" -#XENSTORED_ARGS= - diff --git a/xen.64.bit.hyp.on.ix86.patch b/xen.64.bit.hyp.on.ix86.patch deleted file mode 100644 index 2035384..0000000 --- a/xen.64.bit.hyp.on.ix86.patch +++ /dev/null @@ -1,36 +0,0 @@ ---- xen-4.3.0/xen/Makefile.orig 2013-07-19 21:34:24.226148328 +0100 -+++ xen-4.3.0/xen/Makefile 2013-07-19 21:46:54.603767317 +0100 -@@ -15,6 +15,9 @@ - EFI_MOUNTPOINT ?= $(BOOT_DIR)/efi - EFI_VENDOR=fedora - LD_EFI ?= $(LD) -+ifeq ($(XEN_TARGET_ARCH),x86_32) -+CFLAGS := $(shell echo $(CFLAGS) | sed -e 's/-m[a-z0-9=]* //g' -e 's/ -fstack-protector-strong//g') -+endif - - .PHONY: default - default: build -@@ -25,9 +28,9 @@ - .PHONY: build install uninstall clean distclean cscope TAGS tags MAP gtags - build install uninstall debug clean distclean cscope TAGS tags MAP gtags:: - ifneq ($(XEN_TARGET_ARCH),x86_32) -- $(MAKE) -f Rules.mk _$@ -+ $(MAKE) CCX=$(CC) -f Rules.mk _$@ - else -- echo "*** Xen x86/32 target no longer supported!" -+ $(MAKE) CCX=/usr/bin/x86_64-linux-gnu-gcc XEN_TARGET_ARCH=x86_64 -f Rules.mk _$@ - endif - - .PHONY: _build -@@ -99,9 +102,9 @@ - do ln -nsf ../../../common/efi/$$f arch/$(TARGET_ARCH)/efi/; done;\ - true - $(MAKE) -f $(BASEDIR)/Rules.mk -C include -- $(MAKE) -f $(BASEDIR)/Rules.mk -C arch/$(TARGET_ARCH) asm-offsets.s -+ $(MAKE) CC=$(CCX) -f $(BASEDIR)/Rules.mk -C arch/$(TARGET_ARCH) asm-offsets.s - $(MAKE) -f $(BASEDIR)/Rules.mk include/asm-$(TARGET_ARCH)/asm-offsets.h -- $(MAKE) -f $(BASEDIR)/Rules.mk -C arch/$(TARGET_ARCH) $(TARGET) -+ $(MAKE) CC=$(CCX) -f $(BASEDIR)/Rules.mk -C arch/$(TARGET_ARCH) $(TARGET) - - # drivers/char/console.o contains static banner/compile info. Blow it away. - # Don't refresh these files during e.g., 'sudo make install' diff --git a/xen.fedora.efi.build.patch b/xen.fedora.efi.build.patch index 7ca5caf..7326f15 100644 --- a/xen.fedora.efi.build.patch +++ b/xen.fedora.efi.build.patch @@ -1,46 +1,48 @@ ---- xen-4.2.0/xen/arch/x86/Makefile.orig 2012-05-12 16:40:48.000000000 +0100 -+++ xen-4.2.0/xen/arch/x86/Makefile 2012-08-02 21:47:39.849910608 +0100 -@@ -126,18 +126,18 @@ - $(TARGET).efi: guard = $(if $(shell echo efi/dis* | grep disabled),:) +--- xen-4.7.0/xen/arch/x86/Makefile.orig 2015-11-17 11:58:03.000000000 +0000 ++++ xen-4.7.0/xen/arch/x86/Makefile 2015-12-02 20:37:06.659988893 +0000 +@@ -132,20 +132,20 @@ + $(TARGET).efi: prelink-efi.o efi.lds efi/relocs-dummy.o $(BASEDIR)/common/symbols-dummy.o efi/mkreloc $(foreach base, $(VIRT_BASE) $(ALT_BASE), \ - $(guard) $(LD) $(call EFI_LDFLAGS,$(base)) -T efi.lds -N $< efi/relocs-dummy.o \ + $(guard) $(LD_EFI) $(call EFI_LDFLAGS,$(base)) -T efi.lds -N $< efi/relocs-dummy.o \ $(BASEDIR)/common/symbols-dummy.o -o $(@D)/.$(@F).$(base).0 &&) : $(guard) efi/mkreloc $(foreach base,$(VIRT_BASE) $(ALT_BASE),$(@D)/.$(@F).$(base).0) >$(@D)/.$(@F).0r.S - $(guard) $(NM) -n $(@D)/.$(@F).$(VIRT_BASE).0 | $(guard) $(BASEDIR)/tools/symbols >$(@D)/.$(@F).0s.S + $(guard) $(NM) -pa --format=sysv $(@D)/.$(@F).$(VIRT_BASE).0 \ + | $(guard) $(BASEDIR)/tools/symbols $(all_symbols) --sysv --sort >$(@D)/.$(@F).0s.S $(guard) $(MAKE) -f $(BASEDIR)/Rules.mk $(@D)/.$(@F).0r.o $(@D)/.$(@F).0s.o $(foreach base, $(VIRT_BASE) $(ALT_BASE), \ - $(guard) $(LD) $(call EFI_LDFLAGS,$(base)) -T efi.lds -N $< \ + $(guard) $(LD_EFI) $(call EFI_LDFLAGS,$(base)) -T efi.lds -N $< \ $(@D)/.$(@F).0r.o $(@D)/.$(@F).0s.o -o $(@D)/.$(@F).$(base).1 &&) : $(guard) efi/mkreloc $(foreach base,$(VIRT_BASE) $(ALT_BASE),$(@D)/.$(@F).$(base).1) >$(@D)/.$(@F).1r.S - $(guard) $(NM) -n $(@D)/.$(@F).$(VIRT_BASE).1 | $(guard) $(BASEDIR)/tools/symbols >$(@D)/.$(@F).1s.S + $(guard) $(NM) -pa --format=sysv $(@D)/.$(@F).$(VIRT_BASE).1 \ + | $(guard) $(BASEDIR)/tools/symbols $(all_symbols) --sysv --sort >$(@D)/.$(@F).1s.S $(guard) $(MAKE) -f $(BASEDIR)/Rules.mk $(@D)/.$(@F).1r.o $(@D)/.$(@F).1s.o - $(guard) $(LD) $(call EFI_LDFLAGS,$(VIRT_BASE)) -T efi.lds -N $< \ + $(guard) $(LD_EFI) $(call EFI_LDFLAGS,$(VIRT_BASE)) -T efi.lds -N $< \ - $(@D)/.$(@F).1r.o $(@D)/.$(@F).1s.o -o $@ + $(@D)/.$(@F).1r.o $(@D)/.$(@F).1s.o $(note_file) -o $@ if $(guard) false; then rm -f $@; echo 'EFI support disabled'; fi rm -f $(@D)/.$(@F).[0-9]* ---- xen-4.2.0/xen/arch/x86/efi/Makefile.orig 2012-05-12 16:40:48.000000000 +0100 -+++ xen-4.2.0/xen/arch/x86/efi/Makefile 2012-08-02 22:01:43.956357825 +0100 +--- xen-4.7.0/xen/arch/x86/efi/Makefile.orig 2016-01-17 15:19:00.906417625 +0000 ++++ xen-4.7.0/xen/arch/x86/efi/Makefile 2016-01-17 15:21:21.135489438 +0000 @@ -6,7 +6,7 @@ - efi := $(filter y,$(x86_64)$(shell rm -f disabled)) + efi := y$(shell rm -f disabled) efi := $(if $(efi),$(shell $(CC) $(filter-out $(CFLAGS-y) .%.d,$(CFLAGS)) -c check.c 2>disabled && echo y)) -efi := $(if $(efi),$(shell $(LD) -mi386pep --subsystem=10 -o check.efi check.o 2>disabled && echo y)) +efi := $(if $(efi),$(shell $(LD_EFI) -mi386pep --subsystem=10 -o check.efi check.o 2>disabled && echo y)) efi := $(if $(efi),$(shell rm disabled)y,$(shell $(call create,boot.init.o); $(call create,runtime.o))) extra-$(efi) += boot.init.o relocs-dummy.o runtime.o compat.o ---- xen-4.2.0/xen/Makefile.orig 2012-07-30 19:21:20.000000000 +0100 -+++ xen-4.2.0/xen/Makefile 2012-08-02 22:07:22.801121685 +0100 -@@ -13,6 +13,8 @@ - export XEN_ROOT := $(BASEDIR)/.. +--- xen-4.7.0/xen/Makefile.orig 2016-01-17 15:19:00.907417661 +0000 ++++ xen-4.7.0/xen/Makefile 2016-01-17 15:25:22.916243997 +0000 +@@ -19,6 +19,8 @@ + MAKEFLAGS += -rR EFI_MOUNTPOINT ?= $(BOOT_DIR)/efi +EFI_VENDOR=fedora +LD_EFI ?= $(LD) - .PHONY: default - default: build + ARCH=$(XEN_TARGET_ARCH) + SRCARCH=$(shell echo $(ARCH) | sed -e 's/x86.*/x86/' -e s'/arm\(32\|64\)/arm/g') diff --git a/xen.gcc5.fix.patch b/xen.gcc5.fix.patch deleted file mode 100644 index 19c9e19..0000000 --- a/xen.gcc5.fix.patch +++ /dev/null @@ -1,31 +0,0 @@ -gcc5 gives array-bounds warning on xen/common/symbols.c - also maybe-uninitialized warning on xen/xsm/flask/ss/policydb.c - ---- xen-4.5.0/xen/common/Makefile.orig 2015-01-12 16:53:24.000000000 +0000 -+++ xen-4.5.0/xen/common/Makefile 2015-02-14 15:40:29.722759007 +0000 -@@ -72,3 +72,5 @@ - - subdir-y += libelf - subdir-$(HAS_DEVICE_TREE) += libfdt -+ -+CFLAGS += -Wno-error=array-bounds ---- xen-4.5.0/xen/xsm/flask/Makefile.orig 2015-01-12 16:53:24.000000000 +0000 -+++ xen-4.5.0/xen/xsm/flask/Makefile 2015-02-14 16:49:54.376183206 +0000 -@@ -5,6 +5,7 @@ - subdir-y += ss - - CFLAGS += -I./include -+CFLAGS += -Wno-error=maybe-uninitialized - - AWK = awk - ---- xen-4.6.0/tools/blktap2/drivers/Makefile.orig 2015-08-08 19:56:57.000000000 +0100 -+++ xen-4.6.0/tools/blktap2/drivers/Makefile 2015-08-08 20:59:41.112636845 +0100 -@@ -18,6 +18,7 @@ - CFLAGS += -DUSE_NFS_LOCKS - # drivers/block-log.c incorrectly uses libxc internals - CFLAGS += -I$(XEN_ROOT)/tools/libxc -+CFLAGS += -Wno-error=array-bounds - - ifeq ($(CONFIG_X86_64),y) - CFLAGS += -fPIC diff --git a/xen.gcc6.fix.patch b/xen.gcc6.fix.patch deleted file mode 100644 index 37ef517..0000000 --- a/xen.gcc6.fix.patch +++ /dev/null @@ -1,129 +0,0 @@ ---- xen-4.6.0/tools/xentrace/xenalyze.c.orig 2015-10-05 15:33:39.000000000 +0100 -+++ xen-4.6.0/tools/xentrace/xenalyze.c 2016-02-07 16:20:14.107618700 +0000 -@@ -2132,10 +2132,12 @@ - } while (I <= J); /* Keep going until our pointers meet or pass */ - - /* Re-adjust L and R, based on which element we're looking for */ -- if(J_weightdata[0] & 1) { - if (len != 4) -- /* TODO: Signal an error? */; -+ /* TODO: Signal an error? */ - return; - - return l2cap_sframe_in(ch, le16_to_cpup((void *) hdr->data)); ---- xen-4.6.0/tools/qemu-xen-traditional/hw/bt-sdp.c.orig 2015-09-08 15:42:31.000000000 +0100 -+++ xen-4.6.0/tools/qemu-xen-traditional/hw/bt-sdp.c 2016-02-07 12:53:39.576577307 +0000 -@@ -172,7 +172,7 @@ - } else - start = 0; - -- if (len > 1); -+ if (len > 1) - return -SDP_INVALID_SYNTAX; - - /* Output the results */ ---- xen-4.6.0/stubdom/newlib.gcc6.patch.orig 2016-02-07 22:51:53.809083403 +0000 -+++ xen-4.6.0/stubdom/newlib.gcc6.patch 2016-02-07 22:51:27.006105528 +0000 -@@ -0,0 +1,24 @@ -+--- newlib-1.16.0/newlib/libm/math/k_rem_pio2.c.orig 2000-02-17 19:39:51.000000000 +0000 -++++ newlib-1.16.0/newlib/libm/math/k_rem_pio2.c 2016-02-07 13:00:30.069397106 +0000 -+@@ -187,7 +187,8 @@ -+ -+ /* compute q[0],q[1],...q[jk] */ -+ for (i=0;i<=jk;i++) { -+- for(j=0,fw=0.0;j<=jx;j++) fw += x[j]*f[jx+i-j]; q[i] = fw; -++ for(j=0,fw=0.0;j<=jx;j++) fw += x[j]*f[jx+i-j]; -++ q[i] = fw; -+ } -+ -+ jz = jk; -+--- newlib-1.16.0/newlib/libm/math/kf_rem_pio2.c.orig 2016-02-07 16:47:05.925457144 +0000 -++++ newlib-1.16.0/newlib/libm/math/kf_rem_pio2.c 2016-02-07 22:48:25.921499258 +0000 -+@@ -77,7 +77,8 @@ -+ -+ /* compute q[0],q[1],...q[jk] */ -+ for (i=0;i<=jk;i++) { -+- for(j=0,fw=0.0;j<=jx;j++) fw += x[j]*f[jx+i-j]; q[i] = fw; -++ for(j=0,fw=0.0;j<=jx;j++) fw += x[j]*f[jx+i-j]; -++ q[i] = fw; -+ } -+ -+ jz = jk; ---- xen-4.6.0/stubdom/Makefile.orig 2015-10-05 15:33:39.000000000 +0100 -+++ xen-4.6.0/stubdom/Makefile 2016-02-07 13:10:02.036072565 +0000 -@@ -80,6 +80,7 @@ - patch -d $@ -p0 < newlib.patch - patch -d $@ -p0 < newlib-chk.patch - patch -d $@ -p1 < newlib-stdint-size_max-fix-from-1.17.0.patch -+ patch -d $@ -p1 < newlib.gcc6.patch - find $@ -type f | xargs perl -i.bak \ - -pe 's/\b_(tzname|daylight|timezone)\b/$$1/g' - touch $@ ---- xen-4.6.0/tools/qemu-xen-traditional/block-qcow2.c.orig 2015-09-08 15:42:31.000000000 +0100 -+++ xen-4.6.0/tools/qemu-xen-traditional/block-qcow2.c 2016-02-07 13:16:47.112164538 +0000 -@@ -617,7 +617,7 @@ - if (offset + i * cluster_size != (be64_to_cpu(l2_table[i]) & ~mask)) - break; - -- return (i - start); -+ return (i - start); - } - - static int count_contiguous_free_clusters(uint64_t nb_clusters, uint64_t *l2_table) ---- xen-4.6.0/tools/qemu-xen-traditional/xenstore.c.orig 2015-09-08 15:42:31.000000000 +0100 -+++ xen-4.6.0/tools/qemu-xen-traditional/xenstore.c 2016-02-07 22:58:50.267277387 +0000 -@@ -621,7 +621,7 @@ - params = xs_read(xsh, XBT_NULL, buf, &len); - if (params == NULL) - continue; -- pstrcpy(bs->filename, sizeof(bs->filename), params); -+ pstrcpy(bs->filename, sizeof(bs->filename), params); - } - #else - if (params[0]) { diff --git a/xen.glibc.fix.patch b/xen.glibc.fix.patch deleted file mode 100644 index 23690c4..0000000 --- a/xen.glibc.fix.patch +++ /dev/null @@ -1,57 +0,0 @@ ---- xen-4.6.1/tools/libfsimage/common/fsimage_plugin.c.orig 2016-02-09 14:44:19.000000000 +0000 -+++ xen-4.6.1/tools/libfsimage/common/fsimage_plugin.c 2016-03-28 20:22:39.943920923 +0100 -@@ -122,7 +122,6 @@ - static int load_plugins(void) - { - const char *fsdir = getenv("FSIMAGE_FSDIR"); -- struct dirent *dp = NULL; - struct dirent *dpp; - DIR *dir = NULL; - char *tmp = NULL; -@@ -139,15 +138,10 @@ - if ((tmp = malloc(name_max + 1)) == NULL) - goto fail; - -- if ((dp = malloc(sizeof (struct dirent) + name_max + 1)) == NULL) -- goto fail; -- - if ((dir = opendir(fsdir)) == NULL) - goto fail; - -- bzero(dp, sizeof (struct dirent) + name_max + 1); -- -- while (readdir_r(dir, dp, &dpp) == 0 && dpp != NULL) { -+ while ((dpp = readdir(dir)) != NULL) { - if (strcmp(dpp->d_name, ".") == 0) - continue; - if (strcmp(dpp->d_name, "..") == 0) -@@ -167,7 +161,6 @@ - if (dir != NULL) - (void) closedir(dir); - free(tmp); -- free(dp); - errno = err; - return (ret); - } ---- xen-4.6.1/tools/libxl/libxl_utils.c.orig 2016-02-09 14:44:19.000000000 +0000 -+++ xen-4.6.1/tools/libxl/libxl_utils.c 2016-03-28 20:42:48.893044921 +0100 -@@ -471,18 +471,10 @@ - goto out; - } - -- size_t need = offsetof(struct dirent, d_name) + -- pathconf(dirpath, _PC_NAME_MAX) + 1; -- struct dirent *de_buf = libxl__zalloc(gc, need); - struct dirent *de; - - for (;;) { -- int r = readdir_r(d, de_buf, &de); -- if (r) { -- LOGE(ERROR, "failed to readdir %s for removal", dirpath); -- rc = ERROR_FAIL; -- break; -- } -+ de = readdir(d); - if (!de) - break; - diff --git a/xen.modules b/xen.modules deleted file mode 100644 index 1758380..0000000 --- a/xen.modules +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/sh - -test -d /proc/xen || exit 0 -test -f /proc/xen/capabilities || mount -t xenfs xen /proc/xen -test -f /proc/xen/capabilities || exit 0 -grep -q "control_d" /proc/xen/capabilities || exit 0 - -for module in xen-evtchn evtchn xen-gntdev gntdev xen-blkback xen-netback blkbk netbk blktap xen-acpi-processor; do - modprobe ${module} >/dev/null 2>&1 -done diff --git a/xen.spec b/xen.spec index c2232a5..d8ad475 100644 --- a/xen.spec +++ b/xen.spec @@ -29,16 +29,6 @@ %ifnarch x86_64 %define build_efi 0 %endif -%if "%dist" >= ".fc17" -%define with_sysv 0 -%else -%define with_sysv 1 -%endif -%if "%dist" >= ".fc15" -%define with_systemd 1 -%else -%define with_systemd 0 -%endif %if "%dist" >= ".fc20" %define with_systemd_presets 1 %else @@ -46,17 +36,16 @@ %endif # Hypervisor ABI -%define hv_abi 4.6 +%define hv_abi 4.7 Summary: Xen is a virtual machine monitor Name: xen -Version: 4.6.3 -Release: 3%{?dist} +Version: 4.7.0 +Release: 1%{?dist} Group: Development/Libraries License: GPLv2+ and LGPLv2+ and BSD URL: http://xen.org/ Source0: http://bits.xensource.com/oss-xen/release/%{version}/xen-%{version}.tar.gz -Source1: %{name}.modules Source2: %{name}.logrotate # used by stubdoms Source10: lwip-1.3.0.tar.gz @@ -65,83 +54,64 @@ Source12: zlib-1.2.3.tar.gz Source13: pciutils-2.2.9.tar.bz2 Source14: grub-0.97.tar.gz Source15: polarssl-1.1.4-gpl.tgz -# init.d bits -Source20: init.xenstored -Source21: init.xenconsoled -# sysconfig bits -Source30: sysconfig.xenstored -Source31: sysconfig.xenconsoled - -Patch5: xen-net-disable-iptables-on-bridge.patch - -Patch11: xen.use.fedora.ipxe.patch -Patch12: xen.fedora.efi.build.patch -Patch13: xen.xsm.enable.patch -Patch14: xen.64.bit.hyp.on.ix86.patch -Patch15: CVE-2014-0150.patch -Patch16: xen.fedora.systemd.patch -Patch17: xen.ocaml.selinux.fix.patch -Patch18: xen.gcc5.fix.patch -Patch20: xen.fedora.crypt.patch -Patch21: qemu.trad.CVE-2015-6815.patch -Patch22: qemu.trad.CVE-2015-5279.patch -Patch23: qemu.trad.CVE-2015-5278.patch -Patch24: qemu.git-7882080388be5088e72c425b02223c02e6cb4295.patch -Patch25: qemu.git-d9033e1d3aa666c5071580617a57bd853c5d794a.patch -Patch26: qemu.git-ce317461573bac12b10d67699b4ddf1f97cf066c.patch -Patch27: qemu.git-29b9f5efd78ae0f9cc02dd169b6e80d2c404bade.patch -Patch28: qemu.git-0cf33fb6b49a19de32859e2cdc6021334f448fb3.patch -Patch29: qemu.trad.CVE-2015-7295.patch -Patch46: qemu.git-00837731d254908a841d69298a4f9f077babaf24.patch -Patch49: qemu.trad.CVE-2015-8345.patch -Patch50: qemu.trad.CVE-2015-7512.patch -Patch51: qemu.trad.CVE-2015-8504.patch -Patch66: qemu.git-43b11a91dd861a946b231b89b754285.patch -Patch68: qemu.git-d9a3b33d2c9f996537b7f1d0246dee2d0120cefb.patch -Patch69: qemu.git-a7278b36fcab9af469563bd7b.patch -Patch70: qemu.git-c6048f849c7e3f009786df76206e895.patch -Patch73: xen.gcc6.fix.patch -Patch76: qemu.trad.CVE-2016-1714.patch -Patch77: qemu.CVE-2016-1922.patch -Patch80: qemu.trad.CVE-2016-1981.patch -Patch82: qemu.CVE-2016-2198.patch -Patch83: qemu.CVE-2016-2841.patch -Patch84: qemu.trad.CVE-2016-2841.patch -Patch85: qemu.CVE-2016-2538.patch -Patch86: qemu.trad.CVE-2016-2538.patch -Patch87: qemu.CVE-2016-2392.patch -Patch88: qemu.CVE-2016-2391.patch -Patch89: qemu.CVE-2016-2857.patch -Patch90: qemu.trad.CVE-2016-2857.patch -Patch91: qemu.CVE-2015-8817+8.patch -Patch93: xen.glibc.fix.patch -Patch96: qemu.git-3a15cc0e1ee7168db0782133d2607a6bfa422d66.patch -Patch97: qemu.trad.CVE-2016-4001.patch -Patch98: qemu.CVE-2016-4002.patch -Patch99: qemu.trad.CVE-2016-4002.patch -Patch100: qemu.CVE-2016-4037.patch -Patch101: qemu.bug1330513.patch -Patch116: qemu.CVE-2016-4439.patch -Patch117: qemu.trad.CVE-2016-4439.patch -Patch118: qemu.CVE-2016-4441.patch -Patch119: qemu.trad.CVE-2016-4441.patch -Patch120: qemu.CVE-2016-5106.patch -Patch121: qemu.CVE-2016-5105.patch -Patch122: qemu.git-3c52ddcdc548e7fbe65112d8a7bdc9cd105b4750.patch -Patch123: qemu.git-74074e8a7c60592cf1cc6469dbc2550d24aeded3.patch -Patch124: qemu.git-9f14b0add1dcdbfa2ee61051d068211fb0a1fcc9.patch -Patch125: qemu.git-60253ed1e6ec6d8e5ef2efe7bf755f475dce9956.patch -Patch156: qemu.CVE-2016-4454.1.patch -Patch157: qemu.CVE-2016-4454.2.patch -Patch158: qemu.CVE-2016-4454.3.patch -Patch159: qemu.CVE-2016-4453.patch -Patch160: qemu.CVE-2016-5238.patch -Patch161: qemu.trad.CVE-2016-5238.patch -Patch162: xen.systemd.configure.patch -Patch163: qemu.CVE-2016-5338.patch -Patch164: qemu.trad.CVE-2016-5338.patch -Patch165: qemu.CVE-2016-5337.patch -Patch166: xen.xs_watch.stacksize.patch + +Patch1: xen-net-disable-iptables-on-bridge.patch +Patch2: xen.use.fedora.ipxe.patch +Patch3: xen.fedora.efi.build.patch +Patch4: CVE-2014-0150.patch +Patch5: xen.fedora.systemd.patch +Patch6: xen.ocaml.selinux.fix.patch +Patch7: xen.fedora.crypt.patch +Patch8: qemu.trad.CVE-2015-6815.patch +Patch9: qemu.trad.CVE-2015-5279.patch +Patch10: qemu.trad.CVE-2015-5278.patch +Patch11: qemu.trad.CVE-2015-7295.patch +Patch12: qemu.git-00837731d254908a841d69298a4f9f077babaf24.patch +Patch13: qemu.trad.CVE-2015-8345.patch +Patch14: qemu.trad.CVE-2015-7512.patch +Patch15: qemu.trad.CVE-2015-8504.patch +Patch16: qemu.git-43b11a91dd861a946b231b89b754285.patch +Patch17: qemu.git-d9a3b33d2c9f996537b7f1d0246dee2d0120cefb.patch +Patch18: qemu.git-a7278b36fcab9af469563bd7b.patch +Patch19: qemu.git-c6048f849c7e3f009786df76206e895.patch +Patch20: qemu.trad.CVE-2016-1714.patch +Patch21: qemu.CVE-2016-1922.patch +Patch22: qemu.trad.CVE-2016-1981.patch +Patch23: qemu.CVE-2016-2198.patch +Patch24: qemu.CVE-2016-2841.patch +Patch25: qemu.trad.CVE-2016-2841.patch +Patch26: qemu.CVE-2016-2538.patch +Patch27: qemu.trad.CVE-2016-2538.patch +Patch28: qemu.CVE-2016-2392.patch +Patch29: qemu.CVE-2016-2391.patch +Patch30: qemu.CVE-2016-2857.patch +Patch31: qemu.trad.CVE-2016-2857.patch +Patch32: qemu.git-3a15cc0e1ee7168db0782133d2607a6bfa422d66.patch +Patch33: qemu.trad.CVE-2016-4001.patch +Patch34: qemu.CVE-2016-4002.patch +Patch35: qemu.trad.CVE-2016-4002.patch +Patch36: qemu.CVE-2016-4037.patch +Patch37: qemu.bug1330513.patch +Patch38: qemu.CVE-2016-4439.patch +Patch39: qemu.trad.CVE-2016-4439.patch +Patch40: qemu.CVE-2016-4441.patch +Patch41: qemu.trad.CVE-2016-4441.patch +Patch42: qemu.CVE-2016-5106.patch +Patch43: qemu.CVE-2016-5105.patch +Patch44: qemu.git-3c52ddcdc548e7fbe65112d8a7bdc9cd105b4750.patch +Patch45: qemu.git-74074e8a7c60592cf1cc6469dbc2550d24aeded3.patch +Patch46: qemu.git-9f14b0add1dcdbfa2ee61051d068211fb0a1fcc9.patch +Patch47: qemu.git-60253ed1e6ec6d8e5ef2efe7bf755f475dce9956.patch +Patch48: qemu.CVE-2016-4454.1.patch +Patch49: qemu.CVE-2016-4454.2.patch +Patch50: qemu.CVE-2016-4454.3.patch +Patch51: qemu.CVE-2016-4453.patch +Patch52: qemu.CVE-2016-5238.patch +Patch53: qemu.trad.CVE-2016-5238.patch +Patch54: qemu.CVE-2016-5338.patch +Patch55: qemu.trad.CVE-2016-5338.patch +Patch56: qemu.CVE-2016-5337.patch +Patch57: xen.xs_watch.stacksize.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root @@ -211,9 +181,7 @@ Requires(preun): systemd Requires(postun): systemd BuildRequires: systemd %endif -%if %with_systemd BuildRequires: systemd-devel -%endif %description This package contains the XenD daemon and xm command line @@ -311,20 +279,25 @@ manage Xen virtual machines. %prep %setup -q +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 %patch5 -p1 - +%patch6 -p1 +%patch7 -p1 +%patch8 -p1 +%patch9 -p1 +%patch10 -p1 %patch11 -p1 %patch12 -p1 -%if %build_xsm %patch13 -p1 -%endif -%if %build_crosshyp %patch14 -p1 -%endif %patch15 -p1 %patch16 -p1 %patch17 -p1 %patch18 -p1 +%patch19 -p1 %patch20 -p1 %patch21 -p1 %patch22 -p1 @@ -335,56 +308,34 @@ manage Xen virtual machines. %patch27 -p1 %patch28 -p1 %patch29 -p1 +%patch30 -p1 +%patch31 -p1 +%patch32 -p1 +%patch33 -p1 +%patch34 -p1 +%patch35 -p1 +%patch36 -p1 +%patch37 -p1 +%patch38 -p1 +%patch39 -p1 +%patch40 -p1 +%patch41 -p1 +%patch42 -p1 +%patch43 -p1 +%patch44 -p1 +%patch45 -p1 %patch46 -p1 +%patch47 -p1 +%patch48 -p1 %patch49 -p1 %patch50 -p1 %patch51 -p1 -%patch66 -p1 -%patch68 -p1 -%patch69 -p1 -%patch70 -p1 -%patch73 -p1 -%patch76 -p1 -%patch77 -p1 -%patch80 -p1 -%patch82 -p1 -%patch83 -p1 -%patch84 -p1 -%patch85 -p1 -%patch86 -p1 -%patch87 -p1 -%patch88 -p1 -%patch89 -p1 -%patch90 -p1 -%patch91 -p1 -%patch93 -p1 -%patch96 -p1 -%patch97 -p1 -%patch98 -p1 -%patch99 -p1 -%patch100 -p1 -%patch101 -p1 -%patch116 -p1 -%patch117 -p1 -%patch118 -p1 -%patch119 -p1 -%patch120 -p1 -%patch121 -p1 -%patch122 -p1 -%patch123 -p1 -%patch124 -p1 -%patch125 -p1 -%patch156 -p1 -%patch157 -p1 -%patch158 -p1 -%patch159 -p1 -%patch160 -p1 -%patch161 -p1 -%patch162 -p1 -%patch163 -p1 -%patch164 -p1 -%patch165 -p1 -%patch166 -p1 +%patch52 -p1 +%patch53 -p1 +%patch54 -p1 +%patch55 -p1 +%patch56 -p1 +%patch57 -p1 # stubdom sources cp -v %{SOURCE10} %{SOURCE11} %{SOURCE12} %{SOURCE13} %{SOURCE14} %{SOURCE15} stubdom @@ -404,13 +355,27 @@ mkdir -p dist/install/boot/efi/efi/fedora %define seabiosloc /usr/share/seabios/bios.bin %endif export XEN_VENDORVERSION="-%{release}" -export CFLAGS="$RPM_OPT_FLAGS" -make %{?_smp_mflags} %{?efi_flags} prefix=/usr dist-xen +export EXTRA_CFLAGS_XEN_TOOLS="$RPM_OPT_FLAGS" +export EXTRA_CFLAGS_QEMU_TRADITIONAL="$RPM_OPT_FLAGS" +export EXTRA_CFLAGS_QEMU_XEN="$RPM_OPT_FLAGS" +%if %build_crosshyp +XEN_TARGET_ARCH=x86_64 make %{?_smp_mflags} %{?efi_flags} prefix=/usr xen CC="/usr/bin/x86_64-linux-gnu-gcc `echo $RPM_OPT_FLAGS | sed -e 's/-m32//g' -e 's/-march=i686//g' -e 's/-mtune=atom//g'`" +%else +make %{?_smp_mflags} %{?efi_flags} prefix=/usr xen CC="gcc $RPM_OPT_FLAGS" +%endif ./configure --prefix=%{_prefix} --libdir=%{_libdir} --with-system-seabios=%{seabiosloc} --with-system-qemu=/usr/bin/qemu-system-i386 --with-linux-backend-modules="xen-evtchn xen-gntdev xen-gntalloc xen-blkback xen-netback xen-pciback xen-scsiback xen-acpi-processor" -make %{?_smp_mflags} %{?ocaml_flags} prefix=/usr dist-tools -make prefix=/usr dist-docs -unset CFLAGS -make %{?ocaml_flags} dist-stubdom +make %{?_smp_mflags} %{?ocaml_flags} prefix=/usr tools +make prefix=/usr docs +export RPM_OPT_FLAGS_RED=`echo $RPM_OPT_FLAGS | sed -e 's/-m64//g' -e 's/--param=ssp-buffer-size=4//g' -e's/-fstack-protector-strong//'` +%ifarch %{ix86} +export EXTRA_CFLAGS_XEN_TOOLS="$RPM_OPT_FLAGS_RED" +%endif +make mini-os-dir +make -C stubdom build +%ifarch x86_64 +export EXTRA_CFLAGS_XEN_TOOLS="$RPM_OPT_FLAGS_RED" +XEN_TARGET_ARCH=x86_32 make -C stubdom pv-grub +%endif %install @@ -421,7 +386,11 @@ mkdir -p %{buildroot}%{_libdir}/ocaml/stublibs %if %build_efi mkdir -p %{buildroot}/boot/efi/efi/fedora %endif +%if %build_crosshyp +XEN_TARGET_ARCH=x86_64 make DESTDIR=%{buildroot} %{?efi_flags} prefix=/usr install-xen CC="/usr/bin/x86_64-linux-gnu-gcc" +%else make DESTDIR=%{buildroot} %{?efi_flags} prefix=/usr install-xen +%endif make DESTDIR=%{buildroot} %{?ocaml_flags} prefix=/usr install-tools make DESTDIR=%{buildroot} prefix=/usr install-docs make DESTDIR=%{buildroot} %{?ocaml_flags} prefix=/usr install-stubdom @@ -487,39 +456,14 @@ rm -rf %{buildroot}/%{_libdir}/efi ############ fixup files in /etc ############ -# udev -#rm -rf %{buildroot}/etc/udev/rules.d/xen*.rules -#mv %{buildroot}/etc/udev/xen*.rules %{buildroot}/etc/udev/rules.d - -# modules -%if %with_sysv -mkdir -p %{buildroot}%{_sysconfdir}/sysconfig/modules -install -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/sysconfig/modules/%{name}.modules -%endif - # logrotate mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d/ install -m 644 %{SOURCE2} %{buildroot}%{_sysconfdir}/logrotate.d/%{name} # init scripts -#mkdir -p %{buildroot}%{_sysconfdir}/rc.d/init.d -#mv %{buildroot}%{_sysconfdir}/init.d/* %{buildroot}%{_sysconfdir}/rc.d/init.d -#rmdir %{buildroot}%{_sysconfdir}/init.d -%if %with_sysv -install -m 755 %{SOURCE20} %{buildroot}%{_sysconfdir}/rc.d/init.d/xenstored -install -m 755 %{SOURCE21} %{buildroot}%{_sysconfdir}/rc.d/init.d/xenconsoled -%else rm %{buildroot}%{_sysconfdir}/rc.d/init.d/xen-watchdog rm %{buildroot}%{_sysconfdir}/rc.d/init.d/xencommons rm %{buildroot}%{_sysconfdir}/rc.d/init.d/xendomains -%endif - -# sysconfig -%if %with_sysv -mkdir -p %{buildroot}%{_sysconfdir}/sysconfig -install -m 644 %{SOURCE30} %{buildroot}%{_sysconfdir}/sysconfig/xenstored -install -m 644 %{SOURCE31} %{buildroot}%{_sysconfdir}/sysconfig/xenconsoled -%endif ############ create dirs in /var ############ @@ -554,10 +498,6 @@ done ############ all done now ############ %post -%if %with_sysv -/sbin/chkconfig --add xendomains -%endif -%if %with_systemd %if %with_systemd_presets %systemd_post xendomains.service %else @@ -565,19 +505,13 @@ if [ $1 == 1 ]; then /bin/systemctl enable xendomains.service fi %endif -%endif %preun %if %with_systemd_presets %systemd_preun xendomains.service %else if [ $1 == 0 ]; then -%if %with_sysv - /sbin/chkconfig --del xendomains -%endif -%if %with_systemd /bin/systemctl disable xendomains.service -%endif fi %endif @@ -587,11 +521,6 @@ fi %endif %post runtime -%if %with_sysv -/sbin/chkconfig --add xenconsoled -/sbin/chkconfig --add xenstored -%endif -%if %with_systemd %if %with_systemd_presets %systemd_post xenstored.service xenconsoled.service %else @@ -600,27 +529,14 @@ if [ $1 == 1 ]; then /bin/systemctl enable xenconsoled.service fi %endif -%endif - -%if %with_sysv -if [ $1 != 0 ]; then - service xenconsoled condrestart -fi -%endif %preun runtime %if %with_systemd_presets %systemd_preun xenstored.service xenconsoled.service %else if [ $1 == 0 ]; then -%if %with_sysv - /sbin/chkconfig --del xenconsoled - /sbin/chkconfig --del xenstored -%endif -%if %with_systemd /bin/systemctl disable xenstored.service /bin/systemctl disable xenconsoled.service -%endif fi %endif @@ -656,7 +572,6 @@ fi %if %build_ocaml %post ocaml -%if %with_systemd %if %with_systemd_presets %systemd_post oxenstored.service %else @@ -664,10 +579,8 @@ if [ $1 == 1 ]; then /bin/systemctl enable oxenstored.service fi %endif -%endif %preun ocaml -%if %with_systemd %if %with_systemd_presets %systemd_preun oxenstored.service %else @@ -675,7 +588,6 @@ if [ $1 == 0 ]; then /bin/systemctl disable oxenstored.service fi %endif -%endif %if %with_systemd_presets %postun ocaml @@ -695,18 +607,12 @@ rm -rf %{buildroot} %{python_sitearch}/%{name} %{python_sitearch}/xen-*.egg-info -# Startup script -%if %with_sysv -%{_sysconfdir}/rc.d/init.d/xendomains -%endif # Guest autostart links %dir %attr(0700,root,root) %{_sysconfdir}/%{name}/auto # Autostart of guests %config(noreplace) %{_sysconfdir}/sysconfig/xendomains -%if %with_systemd %{_unitdir}/xendomains.service -%endif %files libs %defattr(-,root,root) @@ -722,16 +628,9 @@ rm -rf %{buildroot} %dir %attr(0700,root,root) %{_sysconfdir}/%{name}/scripts/ %config %attr(0700,root,root) %{_sysconfdir}/%{name}/scripts/* -%if %with_sysv -%{_sysconfdir}/rc.d/init.d/xenstored -%{_sysconfdir}/rc.d/init.d/xenconsoled -%{_sysconfdir}/rc.d/init.d/xen-watchdog -%{_sysconfdir}/rc.d/init.d/xencommons -%endif %{_sysconfdir}/bash_completion.d/xl.sh %{_sysconfdir}/rc.d/init.d/xendriverdomain -%if %with_systemd %{_unitdir}/proc-xen.mount %{_unitdir}/var-lib-xenstored.mount %{_unitdir}/xenstored.service @@ -741,22 +640,12 @@ rm -rf %{buildroot} %{_unitdir}/xenstored.socket %{_unitdir}/xenstored_ro.socket /usr/lib/modules-load.d/xen.conf -%endif -%if %with_sysv -%config(noreplace) %{_sysconfdir}/sysconfig/xenstored -%config(noreplace) %{_sysconfdir}/sysconfig/xenconsoled -%endif %config(noreplace) %{_sysconfdir}/sysconfig/xencommons %config(noreplace) %{_sysconfdir}/xen/xl.conf %config(noreplace) %{_sysconfdir}/xen/cpupool %config(noreplace) %{_sysconfdir}/xen/xlexample* -# Auto-load xen backend drivers -%if %with_sysv -%attr(0755,root,root) %{_sysconfdir}/sysconfig/modules/%{name}.modules -%endif - # Rotate console log files %config(noreplace) %{_sysconfdir}/logrotate.d/xen @@ -855,6 +744,8 @@ rm -rf %{buildroot} %{_bindir}/xenalyze %{_sbindir}/xentrace %{_sbindir}/xentrace_setsize +%{_bindir}/xen-cpuid +%{_sbindir}/xen-livepatch # Xen logfiles %dir %attr(0700,root,root) %{_localstatedir}/log/xen @@ -866,6 +757,7 @@ rm -rf %{buildroot} %defattr(-,root,root) /boot/xen-*.gz /boot/xen.gz +/boot/xen*.config %if %build_xsm %dir %attr(0755,root,root) /boot/flask /boot/flask/xenpolicy* @@ -914,6 +806,22 @@ rm -rf %{buildroot} %endif %changelog +* Fri Jul 22 2016 Michael Young - 4.7.0-1 +- update to xen-4.7.0 + adjust xen.use.fedora.ipxe.patch, xen.fedora.efi.build.patch, + qemu.CVE-2016-2391.patch, qemu.CVE-2016-4002.patch + and qemu.bug1330513.patch + package extra files + /usr/bin/xen-cpuid + /usr/sbin/xen-livepatch + /boot/xen*.config + remove upstream patches +- set RPM_OPT_FLAGS options in command line rather than patches, similarly + remove xen.64.bit.hyp.on.ix86.patch, also xen.gcc5.fix.patch and + xen.gcc6.fix.patch are no longer needed +- drop optional sysv support, make systemd unconditional +- renumber patches + * Tue Jul 19 2016 Fedora Release Engineering - 4.6.3-3 - https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages diff --git a/xen.systemd.configure.patch b/xen.systemd.configure.patch deleted file mode 100644 index 28706d9..0000000 --- a/xen.systemd.configure.patch +++ /dev/null @@ -1,338 +0,0 @@ ---- xen-4.6.1/tools/configure 2016-06-05 12:40:25.888486615 +0100 -+++ xen-4.7.0-rc4/tools/configure 2016-06-05 12:42:09.191274446 +0100 -@@ -9175,6 +9196,66 @@ - # Put the nasty error message in config.log where it belongs - echo "$SYSTEMD_PKG_ERRORS" >&5 - -+ -+ -+pkg_failed=no -+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for SYSTEMD" >&5 -+$as_echo_n "checking for SYSTEMD... " >&6; } -+ -+if test -n "$SYSTEMD_CFLAGS"; then -+ pkg_cv_SYSTEMD_CFLAGS="$SYSTEMD_CFLAGS" -+ elif test -n "$PKG_CONFIG"; then -+ if test -n "$PKG_CONFIG" && \ -+ { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libsystemd >= 209\""; } >&5 -+ ($PKG_CONFIG --exists --print-errors "libsystemd >= 209") 2>&5 -+ ac_status=$? -+ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 -+ test $ac_status = 0; }; then -+ pkg_cv_SYSTEMD_CFLAGS=`$PKG_CONFIG --cflags "libsystemd >= 209" 2>/dev/null` -+ test "x$?" != "x0" && pkg_failed=yes -+else -+ pkg_failed=yes -+fi -+ else -+ pkg_failed=untried -+fi -+if test -n "$SYSTEMD_LIBS"; then -+ pkg_cv_SYSTEMD_LIBS="$SYSTEMD_LIBS" -+ elif test -n "$PKG_CONFIG"; then -+ if test -n "$PKG_CONFIG" && \ -+ { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libsystemd >= 209\""; } >&5 -+ ($PKG_CONFIG --exists --print-errors "libsystemd >= 209") 2>&5 -+ ac_status=$? -+ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 -+ test $ac_status = 0; }; then -+ pkg_cv_SYSTEMD_LIBS=`$PKG_CONFIG --libs "libsystemd >= 209" 2>/dev/null` -+ test "x$?" != "x0" && pkg_failed=yes -+else -+ pkg_failed=yes -+fi -+ else -+ pkg_failed=untried -+fi -+ -+ -+ -+if test $pkg_failed = yes; then -+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -+$as_echo "no" >&6; } -+ -+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then -+ _pkg_short_errors_supported=yes -+else -+ _pkg_short_errors_supported=no -+fi -+ if test $_pkg_short_errors_supported = yes; then -+ SYSTEMD_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "libsystemd >= 209" 2>&1` -+ else -+ SYSTEMD_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "libsystemd >= 209" 2>&1` -+ fi -+ # Put the nasty error message in config.log where it belongs -+ echo "$SYSTEMD_PKG_ERRORS" >&5 -+ - systemd="n" - elif test $pkg_failed = untried; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -@@ -9188,6 +9269,90 @@ - systemd="y" - fi - -+elif test $pkg_failed = untried; then -+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -+$as_echo "no" >&6; } -+ -+ -+pkg_failed=no -+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for SYSTEMD" >&5 -+$as_echo_n "checking for SYSTEMD... " >&6; } -+ -+if test -n "$SYSTEMD_CFLAGS"; then -+ pkg_cv_SYSTEMD_CFLAGS="$SYSTEMD_CFLAGS" -+ elif test -n "$PKG_CONFIG"; then -+ if test -n "$PKG_CONFIG" && \ -+ { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libsystemd >= 209\""; } >&5 -+ ($PKG_CONFIG --exists --print-errors "libsystemd >= 209") 2>&5 -+ ac_status=$? -+ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 -+ test $ac_status = 0; }; then -+ pkg_cv_SYSTEMD_CFLAGS=`$PKG_CONFIG --cflags "libsystemd >= 209" 2>/dev/null` -+ test "x$?" != "x0" && pkg_failed=yes -+else -+ pkg_failed=yes -+fi -+ else -+ pkg_failed=untried -+fi -+if test -n "$SYSTEMD_LIBS"; then -+ pkg_cv_SYSTEMD_LIBS="$SYSTEMD_LIBS" -+ elif test -n "$PKG_CONFIG"; then -+ if test -n "$PKG_CONFIG" && \ -+ { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libsystemd >= 209\""; } >&5 -+ ($PKG_CONFIG --exists --print-errors "libsystemd >= 209") 2>&5 -+ ac_status=$? -+ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 -+ test $ac_status = 0; }; then -+ pkg_cv_SYSTEMD_LIBS=`$PKG_CONFIG --libs "libsystemd >= 209" 2>/dev/null` -+ test "x$?" != "x0" && pkg_failed=yes -+else -+ pkg_failed=yes -+fi -+ else -+ pkg_failed=untried -+fi -+ -+ -+ -+if test $pkg_failed = yes; then -+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -+$as_echo "no" >&6; } -+ -+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then -+ _pkg_short_errors_supported=yes -+else -+ _pkg_short_errors_supported=no -+fi -+ if test $_pkg_short_errors_supported = yes; then -+ SYSTEMD_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "libsystemd >= 209" 2>&1` -+ else -+ SYSTEMD_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "libsystemd >= 209" 2>&1` -+ fi -+ # Put the nasty error message in config.log where it belongs -+ echo "$SYSTEMD_PKG_ERRORS" >&5 -+ -+ systemd="n" -+elif test $pkg_failed = untried; then -+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -+$as_echo "no" >&6; } -+ systemd="n" -+else -+ SYSTEMD_CFLAGS=$pkg_cv_SYSTEMD_CFLAGS -+ SYSTEMD_LIBS=$pkg_cv_SYSTEMD_LIBS -+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -+$as_echo "yes" >&6; } -+ systemd="y" -+fi -+ -+else -+ SYSTEMD_CFLAGS=$pkg_cv_SYSTEMD_CFLAGS -+ SYSTEMD_LIBS=$pkg_cv_SYSTEMD_LIBS -+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -+$as_echo "yes" >&6; } -+ systemd="y" -+fi -+ - - if test "x$enable_systemd" != "xno"; then : - -@@ -9257,7 +9422,66 @@ - # Put the nasty error message in config.log where it belongs - echo "$SYSTEMD_PKG_ERRORS" >&5 - -- as_fn_error $? "Package requirements (libsystemd-daemon) were not met: -+ -+pkg_failed=no -+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for SYSTEMD" >&5 -+$as_echo_n "checking for SYSTEMD... " >&6; } -+ -+if test -n "$SYSTEMD_CFLAGS"; then -+ pkg_cv_SYSTEMD_CFLAGS="$SYSTEMD_CFLAGS" -+ elif test -n "$PKG_CONFIG"; then -+ if test -n "$PKG_CONFIG" && \ -+ { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libsystemd >= 209\""; } >&5 -+ ($PKG_CONFIG --exists --print-errors "libsystemd >= 209") 2>&5 -+ ac_status=$? -+ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 -+ test $ac_status = 0; }; then -+ pkg_cv_SYSTEMD_CFLAGS=`$PKG_CONFIG --cflags "libsystemd >= 209" 2>/dev/null` -+ test "x$?" != "x0" && pkg_failed=yes -+else -+ pkg_failed=yes -+fi -+ else -+ pkg_failed=untried -+fi -+if test -n "$SYSTEMD_LIBS"; then -+ pkg_cv_SYSTEMD_LIBS="$SYSTEMD_LIBS" -+ elif test -n "$PKG_CONFIG"; then -+ if test -n "$PKG_CONFIG" && \ -+ { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libsystemd >= 209\""; } >&5 -+ ($PKG_CONFIG --exists --print-errors "libsystemd >= 209") 2>&5 -+ ac_status=$? -+ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 -+ test $ac_status = 0; }; then -+ pkg_cv_SYSTEMD_LIBS=`$PKG_CONFIG --libs "libsystemd >= 209" 2>/dev/null` -+ test "x$?" != "x0" && pkg_failed=yes -+else -+ pkg_failed=yes -+fi -+ else -+ pkg_failed=untried -+fi -+ -+ -+ -+if test $pkg_failed = yes; then -+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -+$as_echo "no" >&6; } -+ -+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then -+ _pkg_short_errors_supported=yes -+else -+ _pkg_short_errors_supported=no -+fi -+ if test $_pkg_short_errors_supported = yes; then -+ SYSTEMD_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "libsystemd >= 209" 2>&1` -+ else -+ SYSTEMD_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "libsystemd >= 209" 2>&1` -+ fi -+ # Put the nasty error message in config.log where it belongs -+ echo "$SYSTEMD_PKG_ERRORS" >&5 -+ -+ as_fn_error $? "Package requirements (libsystemd >= 209) were not met: - - $SYSTEMD_PKG_ERRORS - -@@ -9290,6 +9514,109 @@ - - fi - -+elif test $pkg_failed = untried; then -+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -+$as_echo "no" >&6; } -+ -+pkg_failed=no -+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for SYSTEMD" >&5 -+$as_echo_n "checking for SYSTEMD... " >&6; } -+ -+if test -n "$SYSTEMD_CFLAGS"; then -+ pkg_cv_SYSTEMD_CFLAGS="$SYSTEMD_CFLAGS" -+ elif test -n "$PKG_CONFIG"; then -+ if test -n "$PKG_CONFIG" && \ -+ { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libsystemd >= 209\""; } >&5 -+ ($PKG_CONFIG --exists --print-errors "libsystemd >= 209") 2>&5 -+ ac_status=$? -+ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 -+ test $ac_status = 0; }; then -+ pkg_cv_SYSTEMD_CFLAGS=`$PKG_CONFIG --cflags "libsystemd >= 209" 2>/dev/null` -+ test "x$?" != "x0" && pkg_failed=yes -+else -+ pkg_failed=yes -+fi -+ else -+ pkg_failed=untried -+fi -+if test -n "$SYSTEMD_LIBS"; then -+ pkg_cv_SYSTEMD_LIBS="$SYSTEMD_LIBS" -+ elif test -n "$PKG_CONFIG"; then -+ if test -n "$PKG_CONFIG" && \ -+ { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libsystemd >= 209\""; } >&5 -+ ($PKG_CONFIG --exists --print-errors "libsystemd >= 209") 2>&5 -+ ac_status=$? -+ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 -+ test $ac_status = 0; }; then -+ pkg_cv_SYSTEMD_LIBS=`$PKG_CONFIG --libs "libsystemd >= 209" 2>/dev/null` -+ test "x$?" != "x0" && pkg_failed=yes -+else -+ pkg_failed=yes -+fi -+ else -+ pkg_failed=untried -+fi -+ -+ -+ -+if test $pkg_failed = yes; then -+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -+$as_echo "no" >&6; } -+ -+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then -+ _pkg_short_errors_supported=yes -+else -+ _pkg_short_errors_supported=no -+fi -+ if test $_pkg_short_errors_supported = yes; then -+ SYSTEMD_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "libsystemd >= 209" 2>&1` -+ else -+ SYSTEMD_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "libsystemd >= 209" 2>&1` -+ fi -+ # Put the nasty error message in config.log where it belongs -+ echo "$SYSTEMD_PKG_ERRORS" >&5 -+ -+ as_fn_error $? "Package requirements (libsystemd >= 209) were not met: -+ -+$SYSTEMD_PKG_ERRORS -+ -+Consider adjusting the PKG_CONFIG_PATH environment variable if you -+installed software in a non-standard prefix. -+ -+Alternatively, you may set the environment variables SYSTEMD_CFLAGS -+and SYSTEMD_LIBS to avoid the need to call pkg-config. -+See the pkg-config man page for more details." "$LINENO" 5 -+elif test $pkg_failed = untried; then -+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -+$as_echo "no" >&6; } -+ { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -+as_fn_error $? "The pkg-config script could not be found or is too old. Make sure it -+is in your PATH or set the PKG_CONFIG environment variable to the full -+path to pkg-config. -+ -+Alternatively, you may set the environment variables SYSTEMD_CFLAGS -+and SYSTEMD_LIBS to avoid the need to call pkg-config. -+See the pkg-config man page for more details. -+ -+To get pkg-config, see . -+See \`config.log' for more details" "$LINENO" 5; } -+else -+ SYSTEMD_CFLAGS=$pkg_cv_SYSTEMD_CFLAGS -+ SYSTEMD_LIBS=$pkg_cv_SYSTEMD_LIBS -+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -+$as_echo "yes" >&6; } -+ -+fi -+ -+else -+ SYSTEMD_CFLAGS=$pkg_cv_SYSTEMD_CFLAGS -+ SYSTEMD_LIBS=$pkg_cv_SYSTEMD_LIBS -+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -+$as_echo "yes" >&6; } -+ -+fi -+ - - - if test "x$SYSTEMD_DIR" = x; then : diff --git a/xen.use.fedora.ipxe.patch b/xen.use.fedora.ipxe.patch index 16dd504..82c5e10 100644 --- a/xen.use.fedora.ipxe.patch +++ b/xen.use.fedora.ipxe.patch @@ -12,14 +12,14 @@ --- xen-4.2.0/Config.mk.orig 2012-05-27 21:57:04.479812884 +0100 +++ xen-4.2.0/Config.mk 2012-06-02 18:55:14.087169469 +0100 @@ -206,7 +206,7 @@ - # Tue Mar 17 10:52:16 2015 -0400 - # vgabios: On bda_save_restore() the saved vbe_mode also has flags in it + # Tue, 1 Mar 2016 15:06:45 +0100 (16:06 +0200) + # fw/pci: add Q35 S3 support -ETHERBOOT_NICS ?= rtl8139 8086100e +ETHERBOOT_NICS ?= 10ec8139 8086100e - QEMU_TRADITIONAL_REVISION ?= xen-4.6.3 + QEMU_TRADITIONAL_REVISION ?= xen-4.7.0 --- xen-4.2.0/tools/firmware/Makefile.orig 2012-05-27 21:57:04.480812871 +0100 +++ xen-4.2.0/tools/firmware/Makefile 2012-06-02 19:03:52.254691484 +0100 @@ -10,7 +10,7 @@ diff --git a/xen.xsm.enable.patch b/xen.xsm.enable.patch deleted file mode 100644 index ade8c3f..0000000 --- a/xen.xsm.enable.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- xen-4.3.0-rc5/Config.mk.orig 2013-06-22 16:36:48.531767690 +0100 -+++ xen-4.3.0-rc5/Config.mk 2013-06-22 17:31:21.021855934 +0100 -@@ -188,7 +188,7 @@ - EMBEDDED_EXTRA_CFLAGS += -fno-exceptions - - # Enable XSM security module (by default, Flask). --XSM_ENABLE ?= n -+XSM_ENABLE ?= y - FLASK_ENABLE ?= $(XSM_ENABLE) - - XEN_EXTFILES_URL ?= http://xenbits.xen.org/xen-extfiles