Date: Sat, 14 Nov 2015 09:27:32 +0000 (UTC) From: =?UTF-8?Q?Roger_Pau_Monn=c3=a9?= <royger@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r401564 - in head: emulators/xen emulators/xen-kernel emulators/xen-kernel/files sysutils/xen-tools sysutils/xen-tools/files Message-ID: <201511140927.tAE9RWn8047088@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: royger (src committer) Date: Sat Nov 14 09:27:31 2015 New Revision: 401564 URL: https://svnweb.freebsd.org/changeset/ports/401564 Log: xen: update to 4.5.2 ...and add XSA-156. Sponsored by: Citrix Systems R&D Reviewed by: bapt Differential Revision: https://reviews.freebsd.org/D4150 Added: head/emulators/xen-kernel/files/xsa156-4.5.patch (contents, props changed) Deleted: head/emulators/xen-kernel/files/0008-xen-arm-mm-Do-not-dump-the-p2m-when-mapping-a-foreig.patch head/emulators/xen-kernel/files/xsa148-4.5.patch head/emulators/xen-kernel/files/xsa149.patch head/emulators/xen-kernel/files/xsa150.patch head/emulators/xen-kernel/files/xsa151.patch head/emulators/xen-kernel/files/xsa152-4.5.patch head/sysutils/xen-tools/files/xsa137.patch head/sysutils/xen-tools/files/xsa138-qemuu-1.patch head/sysutils/xen-tools/files/xsa138-qemuu-2.patch head/sysutils/xen-tools/files/xsa138-qemuu-3.patch head/sysutils/xen-tools/files/xsa139-qemuu-4.5.patch head/sysutils/xen-tools/files/xsa140-qemuu-unstable-1.patch head/sysutils/xen-tools/files/xsa140-qemuu-unstable-2.patch head/sysutils/xen-tools/files/xsa140-qemuu-unstable-3.patch head/sysutils/xen-tools/files/xsa140-qemuu-unstable-4.patch head/sysutils/xen-tools/files/xsa140-qemuu-unstable-5.patch head/sysutils/xen-tools/files/xsa140-qemuu-unstable-6.patch head/sysutils/xen-tools/files/xsa140-qemuu-unstable-7.patch head/sysutils/xen-tools/files/xsa142-4.5.patch head/sysutils/xen-tools/files/xsa153-libxl.patch Modified: head/emulators/xen-kernel/Makefile head/emulators/xen-kernel/distinfo head/emulators/xen/Makefile head/sysutils/xen-tools/Makefile head/sysutils/xen-tools/distinfo Modified: head/emulators/xen-kernel/Makefile ============================================================================== --- head/emulators/xen-kernel/Makefile Sat Nov 14 03:56:01 2015 (r401563) +++ head/emulators/xen-kernel/Makefile Sat Nov 14 09:27:31 2015 (r401564) @@ -2,12 +2,11 @@ PORTNAME= xen PKGNAMESUFFIX= -kernel -PORTVERSION= 4.5.1 -PORTREVISION= 1 +PORTVERSION= 4.5.2 CATEGORIES= emulators MASTER_SITES= http://bits.xensource.com/oss-xen/release/${PORTVERSION}/ -MAINTAINER= ports@FreeBSD.org +MAINTAINER= royger@FreeBSD.org COMMENT= Hypervisor using a microkernel design LICENSE= GPLv2 @@ -31,12 +30,7 @@ EXTRA_PATCHES= ${FILESDIR}/0001-introduc ${FILESDIR}/0005-x86-rework-paging_log_dirty_op-to-work-with-hvm-gues.patch:-p2 \ ${FILESDIR}/0006-xen-pvh-enable-mmu_update-hypercall.patch:-p2 \ ${FILESDIR}/0007-iommu-fix-usage-of-shared-EPT-IOMMU-page-tables-on-P.patch:-p2 \ - ${FILESDIR}/0008-xen-arm-mm-Do-not-dump-the-p2m-when-mapping-a-foreig.patch:-p2 \ - ${FILESDIR}/xsa148-4.5.patch:-p2 \ - ${FILESDIR}/xsa149.patch:-p2 \ - ${FILESDIR}/xsa150.patch:-p2 \ - ${FILESDIR}/xsa151.patch:-p2 \ - ${FILESDIR}/xsa152-4.5.patch:-p2 + ${FILESDIR}/xsa156-4.5.patch:-p2 .include <bsd.port.options.mk> Modified: head/emulators/xen-kernel/distinfo ============================================================================== --- head/emulators/xen-kernel/distinfo Sat Nov 14 03:56:01 2015 (r401563) +++ head/emulators/xen-kernel/distinfo Sat Nov 14 09:27:31 2015 (r401564) @@ -1,2 +1,2 @@ -SHA256 (xen-4.5.1.tar.gz) = 668c11d4fca67ac44329e369f810356eacd37b28d28fb96e66aac77f3c5e1371 -SIZE (xen-4.5.1.tar.gz) = 18410400 +SHA256 (xen-4.5.2.tar.gz) = 4c9e5dac4eea484974e9f76da2756c8e0973b4e884d28d37e955df9ebf00e7e8 +SIZE (xen-4.5.2.tar.gz) = 18416220 Added: head/emulators/xen-kernel/files/xsa156-4.5.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/emulators/xen-kernel/files/xsa156-4.5.patch Sat Nov 14 09:27:31 2015 (r401564) @@ -0,0 +1,127 @@ +x86/HVM: always intercept #AC and #DB + +Both being benign exceptions, and both being possible to get triggered +by exception delivery, this is required to prevent a guest from locking +up a CPU (resulting from no other VM exits occurring once getting into +such a loop). + +The specific scenarios: + +1) #AC may be raised during exception delivery if the handler is set to +be a ring-3 one by a 32-bit guest, and the stack is misaligned. + +2) #DB may be raised during exception delivery when a breakpoint got +placed on a data structure involved in delivering the exception. This +can result in an endless loop when a 64-bit guest uses a non-zero IST +for the vector 1 IDT entry, but even without use of IST the time it +takes until a contributory fault would get raised (results depending +on the handler) may be quite long. + +This is XSA-156. + +Reported-by: Benjamin Serebrin <serebrin@google.com> +Signed-off-by: Jan Beulich <jbeulich@suse.com> +Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> +Tested-by: Andrew Cooper <andrew.cooper3@citrix.com> + +--- a/xen/arch/x86/hvm/svm/svm.c ++++ b/xen/arch/x86/hvm/svm/svm.c +@@ -1045,10 +1045,11 @@ static void noreturn svm_do_resume(struc + unlikely(v->arch.hvm_vcpu.debug_state_latch != debug_state) ) + { + uint32_t intercepts = vmcb_get_exception_intercepts(vmcb); +- uint32_t mask = (1U << TRAP_debug) | (1U << TRAP_int3); ++ + v->arch.hvm_vcpu.debug_state_latch = debug_state; + vmcb_set_exception_intercepts( +- vmcb, debug_state ? (intercepts | mask) : (intercepts & ~mask)); ++ vmcb, debug_state ? (intercepts | (1U << TRAP_int3)) ++ : (intercepts & ~(1U << TRAP_int3))); + } + + if ( v->arch.hvm_svm.launch_core != smp_processor_id() ) +@@ -2435,8 +2436,9 @@ void svm_vmexit_handler(struct cpu_user_ + + case VMEXIT_EXCEPTION_DB: + if ( !v->domain->debugger_attached ) +- goto unexpected_exit_type; +- domain_pause_for_debugger(); ++ hvm_inject_hw_exception(TRAP_debug, HVM_DELIVER_NO_ERROR_CODE); ++ else ++ domain_pause_for_debugger(); + break; + + case VMEXIT_EXCEPTION_BP: +@@ -2484,6 +2486,11 @@ void svm_vmexit_handler(struct cpu_user_ + break; + } + ++ case VMEXIT_EXCEPTION_AC: ++ HVMTRACE_1D(TRAP, TRAP_alignment_check); ++ hvm_inject_hw_exception(TRAP_alignment_check, vmcb->exitinfo1); ++ break; ++ + case VMEXIT_EXCEPTION_UD: + svm_vmexit_ud_intercept(regs); + break; +--- a/xen/arch/x86/hvm/vmx/vmx.c ++++ b/xen/arch/x86/hvm/vmx/vmx.c +@@ -1186,16 +1186,10 @@ static void vmx_update_host_cr3(struct v + + void vmx_update_debug_state(struct vcpu *v) + { +- unsigned long mask; +- +- mask = 1u << TRAP_int3; +- if ( !cpu_has_monitor_trap_flag ) +- mask |= 1u << TRAP_debug; +- + if ( v->arch.hvm_vcpu.debug_state_latch ) +- v->arch.hvm_vmx.exception_bitmap |= mask; ++ v->arch.hvm_vmx.exception_bitmap |= 1U << TRAP_int3; + else +- v->arch.hvm_vmx.exception_bitmap &= ~mask; ++ v->arch.hvm_vmx.exception_bitmap &= ~(1U << TRAP_int3); + + vmx_vmcs_enter(v); + vmx_update_exception_bitmap(v); +@@ -2801,9 +2795,10 @@ void vmx_vmexit_handler(struct cpu_user_ + __vmread(EXIT_QUALIFICATION, &exit_qualification); + HVMTRACE_1D(TRAP_DEBUG, exit_qualification); + write_debugreg(6, exit_qualification | 0xffff0ff0); +- if ( !v->domain->debugger_attached || cpu_has_monitor_trap_flag ) +- goto exit_and_crash; +- domain_pause_for_debugger(); ++ if ( !v->domain->debugger_attached ) ++ hvm_inject_hw_exception(vector, HVM_DELIVER_NO_ERROR_CODE); ++ else ++ domain_pause_for_debugger(); + break; + case TRAP_int3: + { +@@ -2868,6 +2863,11 @@ void vmx_vmexit_handler(struct cpu_user_ + + hvm_inject_page_fault(regs->error_code, exit_qualification); + break; ++ case TRAP_alignment_check: ++ HVMTRACE_1D(TRAP, vector); ++ __vmread(VM_EXIT_INTR_ERROR_CODE, &ecode); ++ hvm_inject_hw_exception(vector, ecode); ++ break; + case TRAP_nmi: + if ( (intr_info & INTR_INFO_INTR_TYPE_MASK) != + (X86_EVENTTYPE_NMI << 8) ) +--- a/xen/include/asm-x86/hvm/hvm.h ++++ b/xen/include/asm-x86/hvm/hvm.h +@@ -378,7 +378,10 @@ static inline int hvm_event_pending(stru + (X86_CR4_VMXE | X86_CR4_PAE | X86_CR4_MCE)) + + /* These exceptions must always be intercepted. */ +-#define HVM_TRAP_MASK ((1U << TRAP_machine_check) | (1U << TRAP_invalid_op)) ++#define HVM_TRAP_MASK ((1U << TRAP_debug) | \ ++ (1U << TRAP_invalid_op) | \ ++ (1U << TRAP_alignment_check) | \ ++ (1U << TRAP_machine_check)) + + /* + * x86 event types. This enumeration is valid for: Modified: head/emulators/xen/Makefile ============================================================================== --- head/emulators/xen/Makefile Sat Nov 14 03:56:01 2015 (r401563) +++ head/emulators/xen/Makefile Sat Nov 14 09:27:31 2015 (r401564) @@ -1,11 +1,10 @@ # $FreeBSD$ PORTNAME= xen -PORTVERSION= 4.5.1 -PORTREVISION= 1 +PORTVERSION= 4.5.2 CATEGORIES= emulators -MAINTAINER= ports@FreeBSD.org +MAINTAINER= royger@FreeBSD.org COMMENT= Xen Hyvervisor meta port LICENSE= GPLv2 Modified: head/sysutils/xen-tools/Makefile ============================================================================== --- head/sysutils/xen-tools/Makefile Sat Nov 14 03:56:01 2015 (r401563) +++ head/sysutils/xen-tools/Makefile Sat Nov 14 09:27:31 2015 (r401564) @@ -1,14 +1,13 @@ # $FreeBSD$ PORTNAME= xen -PORTVERSION= 4.5.1 -PORTREVISION= 2 +PORTVERSION= 4.5.2 CATEGORIES= sysutils emulators MASTER_SITES= http://bits.xensource.com/oss-xen/release/${PORTVERSION}/ \ http://code.coreboot.org/p/seabios/downloads/get/:seabios PKGNAMESUFFIX= -tools -MAINTAINER= ports@FreeBSD.org +MAINTAINER= royger@FreeBSD.org COMMENT= Xen management tool, based on LibXenlight LICENSE= GPLv2 LGPL3 @@ -48,10 +47,7 @@ QEMU_ARGS= --disable-gtk \ --disable-curl \ --cxx=c++ -EXTRA_PATCHES= ${FILESDIR}/xsa137.patch:-p1 \ - ${FILESDIR}/xsa142-4.5.patch:-p1 \ - ${FILESDIR}/xsa153-libxl.patch:-p1 \ - ${FILESDIR}/0002-libxc-fix-xc_dom_load_elf_symtab.patch:-p1 +EXTRA_PATCHES= ${FILESDIR}/0002-libxc-fix-xc_dom_load_elf_symtab.patch:-p1 CONFIGURE_ARGS+= --with-extra-qemuu-configure-args="${QEMU_ARGS}" SHEBANG_FILES= tools/misc/xencov_split \ @@ -78,10 +74,6 @@ post-patch: ${WRKSRC}/tools/libxl/libxl_dm.c \ ${WRKSRC}/tools/qemu-xen-traditional/i386-dm/helper2.c \ ${WRKSRC}/docs/man/* - @for p in ${FILESDIR}/*qemuu*.patch; do \ - ${ECHO_CMD} "====> Applying $${p##*/}" ; \ - ${PATCH} -s -p1 -i $${p} -d ${WRKSRC}/tools/qemu-xen ; \ - done post-install: ${MKDIR} ${STAGEDIR}/var/run/xen Modified: head/sysutils/xen-tools/distinfo ============================================================================== --- head/sysutils/xen-tools/distinfo Sat Nov 14 03:56:01 2015 (r401563) +++ head/sysutils/xen-tools/distinfo Sat Nov 14 09:27:31 2015 (r401564) @@ -1,4 +1,4 @@ -SHA256 (xen-4.5.1.tar.gz) = 668c11d4fca67ac44329e369f810356eacd37b28d28fb96e66aac77f3c5e1371 -SIZE (xen-4.5.1.tar.gz) = 18410400 +SHA256 (xen-4.5.2.tar.gz) = 4c9e5dac4eea484974e9f76da2756c8e0973b4e884d28d37e955df9ebf00e7e8 +SIZE (xen-4.5.2.tar.gz) = 18416220 SHA256 (seabios-1.8.1.tar.gz) = 283bd848f5ce9d4bc52add973a856347e02c9ce89a9e6bc92c99359b87c9871d SIZE (seabios-1.8.1.tar.gz) = 537712
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201511140927.tAE9RWn8047088>