Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:charlesa:Factory
xen
project.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File project.diff of Package xen
--- logrotate.conf.orig +++ logrotate.conf @@ -1,21 +1,19 @@ -compress -missingok - -/var/log/xen/xend*.log { - rotate 5 - size 1M +/var/log/xen/xen-hotplug.log { + compress + missingok notifempty - copytruncate -} - -/var/log/xen/domain-builder-ng.log /var/log/xen/xen-hotplug.log { rotate 2 size 100k - notifempty copytruncate } -/var/log/xen/qemu-dm.*.log { - rotate 0 - monthly +/var/log/xen/xl-*.log /var/log/xen/qemu-dm-*.log /var/log/xen/console/*.log { + compress + missingok + notifempty + rotate 4 + dateext + dateformat -%Y%m%d-%H%M + size 2M + copytruncate } --- xen.changes.orig +++ xen.changes @@ -1,4 +1,3438 @@ ------------------------------------------------------------------- +Tue May 10 16:08:02 UTC 2022 - Dirk Müller <dmueller@suse.com> + +- fix python3 >= 3.10 version detection + +------------------------------------------------------------------- +Wed Apr 13 08:54:02 MDT 2022 - carnold@suse.com + +- Update to Xen 4.16.1 bug fix release (bsc#1027519) + xen-4.16.1-testing-src.tar.bz2 +- Drop patches contained in new tarball + 61b31d5c-x86-restrict-all-but-self-IPI.patch + 61b88e78-x86-CPUID-TSXLDTRK-definition.patch + 61bc429f-revert-hvmloader-PA-range-should-be-UC.patch + 61d5687a-x86-spec-ctrl-opt_srb_lock-default.patch + 61d6ea2d-VT-d-split-domid-map-cleanup-check-into-a-function.patch + 61d6ea7b-VT-d-dont-leak-domid-mapping-on-error-path.patch + 61e0296a-x86-time-calibration-relative-counts.patch + 61e029c8-x86-time-TSC-freq-calibration-accuracy.patch + 61e02a1c-libxl-PCI-PV-hotplug-stubdom-coldplug.patch + 61e98e88-x86-introduce-get-set-reg-infra.patch + 61e98e89-x86-MSR-split-SPEC_CTRL-handling.patch + 61e98e8a-x86-spec-ctrl-drop-ENTRY-EXIT-HVM.patch + 61e98e8b-VT-x-SPEC_CTRL-NMI-race-condition.patch + 61eaaa23-x86-get-set-reg-infra-build.patch + 61efec1d-Arm-P2M-always-clear-entry-on-mapping-removal.patch + 61efec4d-gnttab-only-decrement-refcounter-on-final-unmap.patch + 61efec96-IOMMU-x86-stop-pirq-iteration-immediately-on-error.patch + 61f2d886-x86-CPUID-disentangle-new-leaves-logic.patch + 61f2d887-x86-CPUID-leaf-7-1-EBX-infra.patch + 61f2dd76-x86-SPEC_CTRL-migration-compatibility.patch + 61f7b2af-libxl-dont-touch-nr_vcpus_out-if-listing.patch + 61f933a4-x86-cpuid-advertise-SSB_NO.patch + 61f933a5-x86-drop-use_spec_ctrl-boolean.patch + 61f933a6-x86-new-has_spec_ctrl-boolean.patch + 61f933a7-x86-dont-use-spec_ctrl-enter-exit-for-S3.patch + 61f933a8-x86-SPEC_CTRL-record-last-write.patch + 61f933a9-x86-SPEC_CTRL-use-common-logic-for-AMD.patch + 61f933aa-SVM-SPEC_CTRL-entry-exit-logic.patch + 61f933ab-x86-AMD-SPEC_CTRL-infra.patch + 61f933ac-SVM-enable-MSR_SPEC_CTRL-for-guests.patch + 61f946a2-VMX-drop-SPEC_CTRL-load-on-VMEntry.patch + 6202afa3-x86-clean-up-MSR_MCU_OPT_CTRL-handling.patch + 6202afa4-x86-TSX-move-has_rtm_always_abort.patch + 6202afa5-x86-TSX-cope-with-deprecation-on-WHL-R-CFL-R.patch + 6202afa7-x86-CPUID-leaf-7-2-EDX-infra.patch + 6202afa8-x86-Intel-PSFD-for-guests.patch + 62278667-Arm-introduce-new-processors.patch + 62278668-Arm-move-errata-CSV2-check-earlier.patch + 62278669-Arm-add-ECBHB-and-CLEARBHB-ID-fields.patch + 6227866a-Arm-Spectre-BHB-handling.patch + 6227866b-Arm-allow-SMCCC_ARCH_WORKAROUND_3-use.patch + 6227866c-x86-AMD-cease-using-thunk-lfence.patch + 6229ba46-VT-d-drop-undue-address-of-from-check_cleanup_domid_map.patch + 624ebcef-VT-d-dont-needlessly-look-up-DID.patch + 624ebd3b-VT-d-avoid-NULL-deref-on-dcmo-error-paths.patch + 624ebd74-VT-d-avoid-infinite-recursion-on-dcmo-error-path.patch + xsa397.patch + xsa399.patch + xsa400-01.patch + xsa400-02.patch + xsa400-03.patch + xsa400-04.patch + xsa400-05.patch + xsa400-06.patch + xsa400-07.patch + xsa400-08.patch + xsa400-09.patch + xsa400-10.patch + xsa400-11.patch + xsa400-12.patch + +------------------------------------------------------------------- +Fri Apr 8 12:00:00 CEST 2022 - jbeulich@suse.com + +- bsc#1197426 - VUL-0: CVE-2022-26358,CVE-2022-26359, + CVE-2022-26360,CVE-2022-26361: xen: IOMMU: RMRR (VT-d) and unity + map (AMD-Vi) handling issues (XSA-400) + 624ebcef-VT-d-dont-needlessly-look-up-DID.patch + 624ebd3b-VT-d-avoid-NULL-deref-on-dcmo-error-paths.patch + 624ebd74-VT-d-avoid-infinite-recursion-on-dcmo-error-path.patch + +------------------------------------------------------------------- +Mon Apr 4 09:58:24 MDT 2022 - carnold@suse.com + +- bsc#1197423 - VUL-0: CVE-2022-26356: xen: Racy interactions + between dirty vram tracking and paging log dirty hypercalls + (XSA-397) + xsa397.patch +- bsc#1197425 - VUL-0: CVE-2022-26357: xen: race in VT-d domain ID + cleanup (XSA-399) + xsa399.patch +- bsc#1197426 - VUL-0: CVE-2022-26358,CVE-2022-26359, + CVE-2022-26360,CVE-2022-26361: xen: IOMMU: RMRR (VT-d) and unity + map (AMD-Vi) handling issues (XSA-400) + xsa400-01.patch + xsa400-02.patch + xsa400-03.patch + xsa400-04.patch + xsa400-05.patch + xsa400-06.patch + xsa400-07.patch + xsa400-08.patch + xsa400-09.patch + xsa400-10.patch + xsa400-11.patch + xsa400-12.patch +- Additional upstream bug fixes for XSA-400 (bsc#1027519) + 61d6ea2d-VT-d-split-domid-map-cleanup-check-into-a-function.patch + 61d6ea7b-VT-d-dont-leak-domid-mapping-on-error-path.patch + 6229ba46-VT-d-drop-undue-address-of-from-check_cleanup_domid_map.patch + +------------------------------------------------------------------- +Mon Mar 14 10:14:00 CET 2022 - jbeulich@suse.com + +- bsc#1196915 - VUL-0: CVE-2022-0001, CVE-2022-0002,CVE-2021-26401: + xen: BHB speculation issues (XSA-398) + 62278667-Arm-introduce-new-processors.patch + 62278668-Arm-move-errata-CSV2-check-earlier.patch + 62278669-Arm-add-ECBHB-and-CLEARBHB-ID-fields.patch + 6227866a-Arm-Spectre-BHB-handling.patch + 6227866b-Arm-allow-SMCCC_ARCH_WORKAROUND_3-use.patch + 6227866c-x86-AMD-cease-using-thunk-lfence.patch + +------------------------------------------------------------------- +Thu Mar 3 14:42:07 MST 2022 - carnold@suse.com + +- bsc#1196545 - GCC 12: xen package fails + gcc12-fixes.patch + +------------------------------------------------------------------- +Mon Feb 14 11:40:00 CET 2022 - jbeulich@suse.com + +- Upstream bug fixes (bsc#1027519) + 61e0296a-x86-time-calibration-relative-counts.patch + 61e029c8-x86-time-TSC-freq-calibration-accuracy.patch + 61e02a1c-libxl-PCI-PV-hotplug-stubdom-coldplug.patch + 61e98e88-x86-introduce-get-set-reg-infra.patch + 61e98e89-x86-MSR-split-SPEC_CTRL-handling.patch + 61e98e8a-x86-spec-ctrl-drop-ENTRY-EXIT-HVM.patch + 61e98e8b-VT-x-SPEC_CTRL-NMI-race-condition.patch + 61eaaa23-x86-get-set-reg-infra-build.patch + 61efec1d-Arm-P2M-always-clear-entry-on-mapping-removal.patch + 61efec4d-gnttab-only-decrement-refcounter-on-final-unmap.patch + 61efec96-IOMMU-x86-stop-pirq-iteration-immediately-on-error.patch + 61f2d886-x86-CPUID-disentangle-new-leaves-logic.patch + 61f2d887-x86-CPUID-leaf-7-1-EBX-infra.patch + 61f2dd76-x86-SPEC_CTRL-migration-compatibility.patch + 61f7b2af-libxl-dont-touch-nr_vcpus_out-if-listing.patch + 61f933a4-x86-cpuid-advertise-SSB_NO.patch + 61f933a5-x86-drop-use_spec_ctrl-boolean.patch + 61f933a6-x86-new-has_spec_ctrl-boolean.patch + 61f933a7-x86-dont-use-spec_ctrl-enter-exit-for-S3.patch + 61f933a8-x86-SPEC_CTRL-record-last-write.patch + 61f933a9-x86-SPEC_CTRL-use-common-logic-for-AMD.patch + 61f933aa-SVM-SPEC_CTRL-entry-exit-logic.patch + 61f933ab-x86-AMD-SPEC_CTRL-infra.patch + 61f933ac-SVM-enable-MSR_SPEC_CTRL-for-guests.patch + 61f946a2-VMX-drop-SPEC_CTRL-load-on-VMEntry.patch + 6202afa3-x86-clean-up-MSR_MCU_OPT_CTRL-handling.patch + 6202afa4-x86-TSX-move-has_rtm_always_abort.patch + 6202afa5-x86-TSX-cope-with-deprecation-on-WHL-R-CFL-R.patch + 6202afa7-x86-CPUID-leaf-7-2-EDX-infra.patch + 6202afa8-x86-Intel-PSFD-for-guests.patch +- Drop patches replaced by the above: + xsa393.patch + xsa394.patch + xsa395.patch + libxl-Fix-PV-hotplug-and-stubdom-coldplug.patch + libxl-dont-try-to-free-a-NULL-list-of-vcpus.patch + libxl-dont-touch-nr_vcpus_out-if-listing-vcpus-and-returning-NULL.patch + +------------------------------------------------------------------- +Thu Jan 13 10:55:58 MST 2022 - carnold@suse.com + +- bsc#1194576 - VUL-0: CVE-2022-23033: xen: arm: + guest_physmap_remove_page not removing the p2m mappings (XSA-393) + xsa393.patch +- bsc#1194581 - VUL-0: CVE-2022-23034: xen: a PV guest could DoS + Xen while unmapping a grant (XSA-394) + xsa394.patch +- bsc#1194588 - VUL-0: CVE-2022-23035: xen: insufficient cleanup of + passed-through device IRQs (XSA-395) + xsa395.patch + +------------------------------------------------------------------- +Wed Jan 12 14:16:53 MST 2022 - carnold@suse.com + +- bsc#1191668 - L3: issue around xl and virsh operation - virsh + list not giving any output (see also bsc#1194267) + libxl-dont-try-to-free-a-NULL-list-of-vcpus.patch + libxl-dont-touch-nr_vcpus_out-if-listing-vcpus-and-returning-NULL.patch + +------------------------------------------------------------------- +Tue Jan 11 10:47:10 MST 2022 - carnold@suse.com + +- bsc#1193307 - pci backend does not exist when attach a vf to a pv + guest + libxl-Fix-PV-hotplug-and-stubdom-coldplug.patch + Drop libxl-PCI-defer-backend-wait.patch + +------------------------------------------------------------------- +Thu Jan 6 16:05:00 CET 2022 - jbeulich@suse.com + +- bsc#1193447 - Slow execution of hvmloader+ovmf when VM contains + an sriov device + 61bc429f-revert-hvmloader-PA-range-should-be-UC.patch +- Upstream bug fixes (bsc#1027519) + 61b31d5c-x86-restrict-all-but-self-IPI.patch + 61b88e78-x86-CPUID-TSXLDTRK-definition.patch + 61d5687a-x86-spec-ctrl-opt_srb_lock-default.patch + +------------------------------------------------------------------- +Tue Jan 4 15:51:15 UTC 2022 - James Fehlig <jfehlig@suse.com> + +- Collect active VM config files in the supportconfig plugin + xen-supportconfig + +------------------------------------------------------------------- +Thu Dec 9 09:36:20 MST 2021 - carnold@suse.com + +- bsc#1193307 - pci backend does not exist when attach a vf to a pv + guest + libxl-PCI-defer-backend-wait.patch + +------------------------------------------------------------------- +Wed Dec 1 09:45:10 MST 2021 - carnold@suse.com + +- Update to Xen 4.16.0 FCS release + xen-4.16.0-testing-src.tar.bz2 + * Miscellaneous fixes to the TPM manager software in preparation + for TPM 2.0 support. + * Increased reliance on the PV shim as 32-bit PV guests will only + be supported in shim mode going forward. This change reduces + the attack surface in the hypervisor. + * Increased hardware support by allowing Xen to boot on Intel + devices that lack a Programmable Interval Timer. + * Cleanup of legacy components by no longer building QEMU + Traditional or PV-Grub by default. Note both projects have + upstream Xen support merged now, so it is no longer recommended + to use the Xen specific forks. + * Initial support for guest virtualized Performance Monitor + Counters on Arm. + * Improved support for dom0less mode by allowing the usage on + Arm 64bit hardware with EFI firmware. + * Improved support for Arm 64-bit heterogeneous systems by + leveling the CPU features across all to improve big.LITTLE + support. + +------------------------------------------------------------------- +Wed Nov 17 07:25:37 MST 2021 - carnold@suse.com + +- Update to Xen 4.16.0 RC3 release + xen-4.16.0-testing-src.tar.bz2 +- Drop iPXE sources and patches. iPXE is only used by QEMU + traditional which has never shipped with SLE15. + ipxe.tar.bz2 + ipxe-enable-nics.patch + ipxe-no-error-logical-not-parentheses.patch + ipxe-use-rpm-opt-flags.patch +- Drop building ocaml xenstored in the spec file. There are no + plans or need to support this version. + +------------------------------------------------------------------- +Mon Nov 8 09:09:58 MST 2021 - carnold@suse.com + +- Update to Xen 4.16.0 RC2 release + xen-4.16.0-testing-src.tar.bz2 +- Modified files + ipxe-use-rpm-opt-flags.patch + ipxe.tar.bz2 (new version) + +------------------------------------------------------------------- +Mon Nov 1 11:15:13 MDT 2021 - carnold@suse.com + +- Update to Xen 4.16.0 RC1 release + xen-4.16.0-testing-src.tar.bz2 +- Drop patches contained in new tarball or invalid + 615c9fd0-VT-d-fix-deassign-of-device-with-RMRR.patch + libxc-sr-383b41974d5543b62f3181d216070fe3691fb130.patch + libxc-sr-5588ebcfca774477cf823949e5703b0ac48818cc.patch + libxc-sr-9e59d9f8ee3808acde9833192211da25f66d8cc2.patch + libxc-sr-f17a73b3c0264c62dd6b5dae01ed621c051c3038.patch + xenstore-launch.patch + +------------------------------------------------------------------- +Wed Oct 6 08:19:42 MDT 2021 - carnold@suse.com + +- bsc#1191363 - VUL-0: CVE-2021-28702: xen: PCI devices with RMRRs + not deassigned correctly (XSA-386) + 615c9fd0-VT-d-fix-deassign-of-device-with-RMRR.patch + +------------------------------------------------------------------- +Mon Sep 13 11:50:00 CEST 2021 - jbeulich@suse.com + +- Revert "Simplify %autosetup". + +------------------------------------------------------------------- +Fri Sep 10 13:07:31 MDT 2021 - carnold@suse.com + +- Update to Xen 4.15.1 bug fix release + xen-4.15.1-testing-src.tar.bz2 +- Drop patches contained in new tarball + 60631c38-VT-d-QI-restore-flush-hooks.patch + 60700077-x86-vpt-avoid-pt_migrate-rwlock.patch + 60787714-revert-x86-HPET-avoid-legacy-replacement-mode.patch + 60787714-x86-HPET-avoid-legacy-replacement-mode.patch + 60787714-x86-HPET-factor-legacy-replacement-mode-enabling.patch + 608676f2-VT-d-register-based-invalidation-optional.patch + 60a27288-x86emul-gas-2-36-test-harness-build.patch + 60af933d-x86-gcc11-hypervisor-build.patch + 60afe616-x86-CPUID-rework-HLE-and-RTM-handling.patch + 60afe617-x86-TSX-minor-cleanup-and-improvements.patch + 60afe618-x86-TSX-deprecate-vpmu=rtm-abort.patch + 60be0e24-credit2-pick-runnable-unit.patch + 60be0e42-credit2-per-entity-load-tracking-when-continuing.patch + 60be3097-x86-CPUID-fix-HLE-and-RTM-handling-again.patch + 60bf9e19-Arm-create-dom0less-domUs-earlier.patch + 60bf9e1a-Arm-boot-modules-scrubbing.patch + 60bf9e1b-VT-d-size-qinval-queue-dynamically.patch + 60bf9e1c-AMD-IOMMU-size-command-buffer-dynamically.patch + 60bf9e1d-VT-d-eliminate-flush-related-timeouts.patch + 60bf9e1e-x86-spec-ctrl-protect-against-SCSB.patch + 60bf9e1f-x86-spec-ctrl-mitigate-TAA-after-S3.patch + 60bfa904-AMD-IOMMU-wait-for-command-slot.patch + 60bfa906-AMD-IOMMU-drop-command-completion-timeout.patch + 60c0bf86-x86-TSX-cope-with-deprecation.patch + 60c8a7ac-x86-vpt-fully-init-timers-before-enlisting.patch + 60c8de6e-osdep_xenforeignmemory_map-prototype.patch + 60d49689-VT-d-undo-device-mappings-upon-error.patch + 60d496b9-VT-d-adjust-domid-map-updating-on-unmap.patch + 60d496d6-VT-d-clear_fault_bits-should-clear-all.patch + 60d496ee-VT-d-dont-lose-errors-on-multi-IOMMU-flush.patch + 60d5c6df-IOMMU-PCI-dont-let-domain-cleanup-continue.patch + libxl-d5f54009dba11d04bfe2a28eee47b994de66b84a.patch + libxl-f3f778c81769075ac0eb93b98d4b2803e7936453.patch + libxl-4e217db45e83fc3173382306c8b03da86099a25d.patch + libxl-85760c03d664400368a3f76ae0225307c25049a7.patch + libxl-0ff26a3225d69ffec76fe5aca8296852fa951204.patch + libxl-7c313e8365eb663311a0cf39f77b4f5880244765.patch + libxl-0c0b3a7e4a2d65fd252b89b46bdcdb048bb24b6c.patch + libxl-fe6630ddc4e8a8fbf8dd28a1bc58e3881393f9c1.patch + libxl-qemu6-vnc-password.patch + libxl-qemu6-scsi.patch + +------------------------------------------------------------------- +Mon Aug 30 15:15:15 UTC 2021 - ohering@suse.de + +- bsc#1189882 - refresh libxc-sr-restore-hvm-legacy-superpage.patch + prevent superpage allocation in the LAPIC and ACPI_INFO range + +------------------------------------------------------------------- +Wed Aug 4 05:55:41 MDT 2021 - carnold@suse.com + +- Drop aarch64-maybe-uninitialized.patch as the fix is in tarball. + +------------------------------------------------------------------- +Mon Jul 26 10:10:10 UTC 2021 - ohering@suse.de + +- Simplify %autosetup + +------------------------------------------------------------------- +Fri Jul 23 11:11:11 UTC 2021 - ohering@suse.de + +- refresh the migration patches to state v20210713 + removed libxc-sr-add-xc_is_known_page_type.patch + removed libxc-sr-arrays.patch + removed libxc-sr-batch_pfns.patch + removed libxc-sr-page_type_has_stream_data.patch + removed libxc-sr-use-xc_is_known_page_type.patch + removed libxc.migrate_tracking.patch + removed libxc.sr.superpage.patch + removed libxl.set-migration-constraints-from-cmdline.patch + added libxc-sr-383b41974d5543b62f3181d216070fe3691fb130.patch + added libxc-sr-5588ebcfca774477cf823949e5703b0ac48818cc.patch + added libxc-sr-9e59d9f8ee3808acde9833192211da25f66d8cc2.patch + added libxc-sr-LIBXL_HAVE_DOMAIN_SUSPEND_PROPS.patch + added libxc-sr-abort_if_busy.patch + added libxc-sr-f17a73b3c0264c62dd6b5dae01ed621c051c3038.patch + added libxc-sr-max_iters.patch + added libxc-sr-min_remaining.patch + added libxc-sr-number-of-iterations.patch + added libxc-sr-precopy_policy.patch + added libxc-sr-restore-hvm-legacy-superpage.patch + added libxc-sr-track-migration-time.patch + added libxc-sr-xg_sr_bitmap-populated_pfns.patch + added libxc-sr-xg_sr_bitmap.patch + added libxc-sr-xl-migration-debug.patch + +------------------------------------------------------------------- +Thu Jul 22 22:33:51 UTC 2021 - James Fehlig <jfehlig@suse.com> + +- spec: Change the '--with-system-ovmf' configure option to use + the new Xen-specific ovmf firmware. The traditional, unified + firmwares will no longer support multi-VMM. For more information + + https://bugzilla.tianocore.org/show_bug.cgi?id=1689 + https://bugzilla.tianocore.org/show_bug.cgi?id=2122 + +------------------------------------------------------------------- +Wed Jul 21 08:08:08 UTC 2021 - ohering@suse.de + +- bsc#1176189 - xl monitoring process exits during xl save -p|-c + keep the monitoring process running to cleanup the domU during shutdown + xl-save-pc.patch + +------------------------------------------------------------------- +Tue Jul 13 12:30:00 CEST 2021 - jbeulich@suse.com + +- bsc#1179246 - Dom0 hangs when pinning CPUs for dom0 with HVM guest + 60be0e24-credit2-pick-runnable-unit.patch + 60be0e42-credit2-per-entity-load-tracking-when-continuing.patch +- Upstream bug fixes (bsc#1027519) + 60be3097-x86-CPUID-fix-HLE-and-RTM-handling-again.patch + 60bf9e19-Arm-create-dom0less-domUs-earlier.patch (Replaces xsa372-1.patch) + 60bf9e1a-Arm-boot-modules-scrubbing.patch (Replaces xsa372-2.patch) + 60bf9e1b-VT-d-size-qinval-queue-dynamically.patch (Replaces xsa373-1.patch) + 60bf9e1c-AMD-IOMMU-size-command-buffer-dynamically.patch (Replaces xsa373-2.patch) + 60bf9e1d-VT-d-eliminate-flush-related-timeouts.patch (Replaces xsa373-2.patch) + 60bf9e1e-x86-spec-ctrl-protect-against-SCSB.patch (Replaces xsa375.patch) + 60bf9e1f-x86-spec-ctrl-mitigate-TAA-after-S3.patch (Replaces xsa377.patch) + 60bfa904-AMD-IOMMU-wait-for-command-slot.patch (Replaces xsa373-4.patch) + 60bfa906-AMD-IOMMU-drop-command-completion-timeout.patch (Replaces xsa373-5.patch) + 60c8a7ac-x86-vpt-fully-init-timers-before-enlisting.patch + 60c8de6e-osdep_xenforeignmemory_map-prototype.patch + 60d49689-VT-d-undo-device-mappings-upon-error.patch + 60d496b9-VT-d-adjust-domid-map-updating-on-unmap.patch + 60d496d6-VT-d-clear_fault_bits-should-clear-all.patch + 60d496ee-VT-d-dont-lose-errors-on-multi-IOMMU-flush.patch + 60d5c6df-IOMMU-PCI-dont-let-domain-cleanup-continue.patch +- Dropped gcc11-fixes.patch + +------------------------------------------------------------------- +Tue Jun 29 10:10:10 UTC 2021 - ohering@suse.de + +- bsc#1180350 - some long deprecated commands were finally removed + in qemu6. Adjust libxl to use supported commands. + libxl-d5f54009dba11d04bfe2a28eee47b994de66b84a.patch + libxl-f3f778c81769075ac0eb93b98d4b2803e7936453.patch + libxl-4e217db45e83fc3173382306c8b03da86099a25d.patch + libxl-85760c03d664400368a3f76ae0225307c25049a7.patch + libxl-0ff26a3225d69ffec76fe5aca8296852fa951204.patch + libxl-7c313e8365eb663311a0cf39f77b4f5880244765.patch + libxl-0c0b3a7e4a2d65fd252b89b46bdcdb048bb24b6c.patch + libxl-fe6630ddc4e8a8fbf8dd28a1bc58e3881393f9c1.patch + libxl-qemu6-vnc-password.patch + libxl-qemu6-scsi.patch + +------------------------------------------------------------------- +Tue Jun 22 09:09:09 UTC 2021 - ohering@suse.de + +- Update logrotate.conf, move global options into per-file sections + to prevent globbering of global state (bsc#1187406) + +------------------------------------------------------------------- +Mon Jun 7 15:15:15 UTC 2021 - ohering@suse.de + +- Fix shell macro expansion in xen.spec, so that ExecStart= + in xendomains-wait-disks.service is created correctly (bsc#1183877) + +------------------------------------------------------------------- +Mon May 31 12:30:00 CEST 2021 - jbeulich@suse.com + +- Upstream bug fixes (bsc#1027519) + 60631c38-VT-d-QI-restore-flush-hooks.patch + 60700077-x86-vpt-avoid-pt_migrate-rwlock.patch + 60787714-revert-x86-HPET-avoid-legacy-replacement-mode.patch + 60787714-x86-HPET-avoid-legacy-replacement-mode.patch + 60787714-x86-HPET-factor-legacy-replacement-mode-enabling.patch + 608676f2-VT-d-register-based-invalidation-optional.patch + 60a27288-x86emul-gas-2-36-test-harness-build.patch + 60af933d-x86-gcc11-hypervisor-build.patch + 60afe616-x86-CPUID-rework-HLE-and-RTM-handling.patch + 60afe617-x86-TSX-minor-cleanup-and-improvements.patch + 60afe618-x86-TSX-deprecate-vpmu=rtm-abort.patch +- Embargoed security fixes + xsa372-1.patch + xsa372-2.patch + xsa373-1.patch + xsa373-2.patch + xsa373-3.patch + xsa373-4.patch + xsa373-5.patch + xsa375.patch + xsa377.patch +- Embargoed non-security fix + x86-TSX-cope-with-deprecation.patch + +------------------------------------------------------------------- +Mon May 31 12:20:00 CEST 2021 - jbeulich@suse.com + +- x86-cpufreq-report.patch: Drop. We haven't had a kernel understanding + this custom extension for quite some time. + +------------------------------------------------------------------- +Tue May 4 14:14:14 UTC 2021 - ohering@suse.de + +- Add xen.sysconfig-fillup.patch to make sure xencommons is in a + format as expected by fillup. (bsc#1185682) + Each comment needs to be followed by an enabled key. Otherwise + fillup will remove manually enabled key=value pairs, along with + everything that looks like a stale comment, during next pkg update + +------------------------------------------------------------------- +Tue May 4 09:09:09 UTC 2021 - ohering@suse.de + +- Remove init.xen_loop and /etc/modprobe.d/xen_loop.conf + The number of loop devices is unlimited since a while + +------------------------------------------------------------------- +Tue Apr 27 12:50:50 UTC 2021 - ohering@suse.de + +- Refresh xenstore-launch.patch to cover also daemon case + +------------------------------------------------------------------- +Wed Apr 21 16:11:28 MDT 2021 - carnold@suse.com + +- Now that SOURCE_DATE_EPOCH is defined and Xen Makefile uses it, + drop reproducible.patch + +------------------------------------------------------------------- +Tue Apr 20 13:01:41 MDT 2021 - carnold@suse.com + +- Update to Xen 4.15.0 FCS release + xen-4.15.0-testing-src.tar.bz2 + * Xen can now export Intel Processor Trace (IPT) data from guests to tools in dom0. + * Xen now supports Viridian enlightenments for guests with more than 64 vcpus. + * Xenstored and oxenstored both now support LiveUpdate (tech preview). + * Unified boot images + * Switched x86 MSR accesses to deny by default policy. + * Named PCI devices for xl/libxl and improved documentation for xl PCI configuration format. + * Support for zstd-compressed dom0 (x86) and domU kernels. + * Reduce ACPI verbosity by default. + * Add ucode=allow-same option to test late microcode loading path. + * Library improvements from NetBSD ports upstreamed. + * x86: Allow domains to use AVX-VNNI instructions. + * Added XEN_SCRIPT_DIR configuration option to specify location for Xen scripts. + * xennet: Documented a way for the backend (or toolstack) to specify MTU to the frontend. + * On detecting a host crash, some debug key handlers can automatically triggered to aid in debugging. + * Increase the maximum number of guests which can share a single IRQ from 7 to 16, and make this configurable with irq-max-guests. +- Dropped patches contained in new tarball + 5fca3b32-tools-libs-ctrl-fix-dumping-of-ballooned-guest.patch + 5fedf9f4-x86-hpet_setup-fix-retval.patch + 5ff458f2-x86-vPCI-tolerate-disabled-MSI-X-entry.patch + 5ff71655-x86-dpci-EOI-regardless-of-masking.patch + 5ffc58c4-ACPI-reduce-verbosity-by-default.patch + 5ffc58e8-x86-ACPI-dont-overwrite-FADT.patch + 600999ad-x86-dpci-do-not-remove-pirqs-from.patch + 600ab341-x86-vioapic-EOI-check-IRR-before-inject.patch + 6011bbc7-x86-timer-fix-boot-without-PIT.patch + 6013e4bd-memory-bail-from-page-scrub-when-CPU-offline.patch + 6013e546-x86-HVM-reorder-domain-init-error-path.patch + 601d4396-x86-EFI-suppress-ld-2-36-debug-info.patch + 602bd768-page_alloc-only-flush-after-scrubbing.patch + 602cfe3d-IOMMU-check-if-initialized-before-teardown.patch + 602e5a8c-gnttab-never-permit-mapping-transitive-grants.patch + 602e5abb-gnttab-bypass-IOMMU-when-mapping-own-grant.patch + 602ffae9-tools-libs-light-fix-xl-save--c-handling.patch + 6037b02e-x86-EFI-suppress-ld-2-36-base-relocs.patch + 60787714-x86-HPET-avoid-legacy-replacement-mode.patch + 60787714-x86-HPET-factor-legacy-replacement-mode-enabling.patch + 60410127-gcc11-adjust-rijndaelEncrypt.patch + 60422428-x86-shadow-avoid-fast-fault-path.patch + 604b9070-VT-d-disable-QI-IR-before-init.patch + 60535c11-libxl-domain-soft-reset.patch (Replaces xsa368.patch) + 60700077-x86-vpt-avoid-pt_migrate-rwlock.patch + libxc-bitmap-50a5215f30e964a6f16165ab57925ca39f31a849.patch + libxc-bitmap-longs.patch + libxc-sr-3cccdae45242dab27198b8e150be0c85acd5d3c9.patch + libxl.fix-libacpi-dependency.patch + stubdom-have-iovec.patch + xenwatchdogd-options.patch + +------------------------------------------------------------------- +Mon Apr 19 12:03:30 MDT 2021 - carnold@suse.com + +- bsc#1180491 - "Panic on CPU 0: IO-APIC + timer doesn't work!" + 60787714-x86-HPET-avoid-legacy-replacement-mode.patch + 60787714-x86-HPET-factor-legacy-replacement-mode-enabling.patch +- Upstream bug fixes (bsc#1027519) + 60410127-gcc11-adjust-rijndaelEncrypt.patch + 60422428-x86-shadow-avoid-fast-fault-path.patch + 604b9070-VT-d-disable-QI-IR-before-init.patch + 60535c11-libxl-domain-soft-reset.patch (Replaces xsa368.patch) + 60700077-x86-vpt-avoid-pt_migrate-rwlock.patch + +------------------------------------------------------------------- +Thu Mar 25 10:10:10 UTC 2021 - ohering@suse.de + +- bsc#1137251 - Restore changes for xen-dom0-modules.service which + were silently removed on 2019-10-17 + +------------------------------------------------------------------- +Fri Mar 12 19:19:19 UTC 2021 - ohering@suse.de + +- bsc#1177112 - Fix libxc.sr.superpage.patch + The receiving side did detect holes in a to-be-allocated superpage, + but allocated a superpage anyway. This resulted to over-allocation. + +------------------------------------------------------------------- +Mon Mar 8 16:16:16 UTC 2021 - ohering@suse.de + +- bsc#1167608 - adjust limit for max_event_channels + A previous change allowed an unbound number of event channels + to make sure even large domUs can start of of the box. + This may have a bad side effect in the light of XSA-344. + Adjust the built-in limit based on the number of vcpus. + In case this is not enough, max_event_channels=/maxEventChannels= + has to be used to set the limit as needed for large domUs + adjust libxl.max_event_channels.patch + +------------------------------------------------------------------- +Fri Mar 5 08:49:56 MST 2021 - carnold@suse.com + +- bsc#1183072 - VUL-0: CVE-2021-28687: xen: HVM soft-reset crashes + toolstack (XSA-368). Also resolves, + bsc#1179148 - kdump of HVM fails, soft-reset not handled by libxl + bsc#1181989 - openQA job causes libvirtd to dump core when + running kdump inside domain + xsa368.patch + +------------------------------------------------------------------- +Tue Feb 26 14:00:00 CET 2021 - jbeulich@suse.com + +- bsc#1177204 - L3-Question: conring size for XEN HV's with huge + memory to small. Inital Xen logs cut + 5ffc58c4-ACPI-reduce-verbosity-by-default.patch +- Upstream bug fixes (bsc#1027519) + 601d4396-x86-EFI-suppress-ld-2-36-debug-info.patch + 602bd768-page_alloc-only-flush-after-scrubbing.patch + 602cfe3d-IOMMU-check-if-initialized-before-teardown.patch + 602e5a8c-gnttab-never-permit-mapping-transitive-grants.patch + 602e5abb-gnttab-bypass-IOMMU-when-mapping-own-grant.patch + 6037b02e-x86-EFI-suppress-ld-2-36-base-relocs.patch +- bsc#1181921 - GCC 11: xen package fails + gcc11-fixes.patch + +------------------------------------------------------------------- +Tue Feb 23 10:00:26 MST 2021 - carnold@suse.com + +- bsc#1182576 - L3: XEN domU crashed on resume when using the xl + unpause command + 602ffae9-tools-libs-light-fix-xl-save--c-handling.patch + +------------------------------------------------------------------- +Thu Feb 18 11:42:54 MST 2021 - carnold@suse.com + +- Start using the %autosetup macro to simplify patch management + xen.spec + +------------------------------------------------------------------- +Wed Feb 10 12:52:00 MST 2021 - carnold@suse.com + +- bsc#1181921 - GCC 11: xen package fails + gcc11-fixes.patch +- Drop gcc10-fixes.patch + +------------------------------------------------------------------- +Tue Feb 2 05:37:27 MST 2021 - carnold@suse.com + +- Upstream bug fixes (bsc#1027519) + 5fedf9f4-x86-hpet_setup-fix-retval.patch + 5ff458f2-x86-vPCI-tolerate-disabled-MSI-X-entry.patch + 5ff71655-x86-dpci-EOI-regardless-of-masking.patch + 5ffc58e8-x86-ACPI-dont-overwrite-FADT.patch + 600999ad-x86-dpci-do-not-remove-pirqs-from.patch (Replaces xsa360.patch) + 600ab341-x86-vioapic-EOI-check-IRR-before-inject.patch + 6013e4bd-memory-bail-from-page-scrub-when-CPU-offline.patch + 6013e546-x86-HVM-reorder-domain-init-error-path.patch +- bsc#1180491 - "Panic on CPU 0: IO-APIC + timer doesn't work!" + 6011bbc7-x86-timer-fix-boot-without-PIT.patch + +------------------------------------------------------------------- +Thu Jan 21 08:46:20 MST 2021 - carnold@suse.com + +- bsc#1181254 - VUL-0: xen: IRQ vector leak on x86 (XSA-360) + xsa360.patch + +------------------------------------------------------------------- +Wed Jan 13 14:27:51 MST 2021 - carnold@suse.com + +- bsc#1180794 - bogus qemu binary path used when creating fv guest + under xen + xen.spec + +------------------------------------------------------------------- +Wed Jan 13 10:36:49 MST 2021 - carnold@suse.com + +- bsc#1180690 - L3-Question: xen: no needsreboot flag set + Add Provides: installhint(reboot-needed) in xen.spec for libzypp + +------------------------------------------------------------------- +Mon Jan 4 19:19:19 UTC 2021 - ohering@suse.de + +- Update libxl.set-migration-constraints-from-cmdline.patch + Remove code which handled --max_factor. The total amount of + transferred data is no indicator to trigger the final stop+copy. + This should have been removed during upgrade to Xen 4.7. + Fix off-by-one in --max_iters, it caused one additional copy cycle. + Reduce default value of --max_iters from 5 to 2. + The workload within domU will continue to produce dirty pages. + It is unreasonable to expect any slowdown during migration. + Now there is one initial copy of all memory, one instead of four + iteration for dirty memory, and a final copy iteration prior move. + +------------------------------------------------------------------- +Thu Dec 17 10:15:31 MST 2020 - carnold@suse.com + +- Update to Xen 4.14.1 bug fix release (bsc#1027519) + xen-4.14.1-testing-src.tar.bz2 + Contains the following recent security fixes + bsc#1179516 XSA-359 - CVE-2020-29571 + bsc#1179514 XSA-358 - CVE-2020-29570 + bsc#1179513 XSA-356 - CVE-2020-29567 + bsc#1178963 XSA-355 - CVE-2020-29040 + bsc#1178591 XSA-351 - CVE-2020-28368 + bsc#1179506 XSA-348 - CVE-2020-29566 + bsc#1179502 XSA-325 - CVE-2020-29483 + bsc#1179501 XSA-324 - CVE-2020-29484 + bsc#1179498 XSA-322 - CVE-2020-29481 + bsc#1179496 XSA-115 - CVE-2020-29480 +- Dropped patches contained in new tarball + 5f1a9916-x86-S3-put-data-sregs-into-known-state.patch + 5f21b9fd-x86-cpuid-APIC-bit-clearing.patch + 5f479d9e-x86-begin-to-support-MSR_ARCH_CAPS.patch + 5f4cf06e-x86-Dom0-expose-MSR_ARCH_CAPS.patch + 5f4cf96a-x86-PV-fix-SEGBASE_GS_USER_SEL.patch + 5f560c42-x86-PV-64bit-segbase-consistency.patch + 5f560c42-x86-PV-rewrite-segment-ctxt-switch.patch + 5f5b6b7a-hypfs-fix-custom-param-writes.patch + 5f607915-x86-HVM-more-consistent-IO-completion.patch + 5f6a002d-x86-PV-handle-MSR_MISC_ENABLE-correctly.patch + 5f6a0049-memory-dont-skip-RCU-unlock-in-acquire_resource.patch + 5f6a0067-x86-vPT-fix-race-when-migrating-timers.patch + 5f6a008e-x86-MSI-drop-read_msi_msg.patch + 5f6a00aa-x86-MSI-X-restrict-reading-of-PBA-bases.patch + 5f6a00c4-evtchn-relax-port_is_valid.patch + 5f6a00df-x86-PV-avoid-double-exception-injection.patch + 5f6a00f4-evtchn-add-missing-barriers.patch + 5f6a0111-evtchn-x86-enforce-correct-upper-limit.patch + 5f6a013f-evtchn_reset-shouldnt-succeed-with.patch + 5f6a0160-evtchn-IRQ-safe-per-channel-lock.patch + 5f6a0178-evtchn-address-races-with-evtchn_reset.patch + 5f6a01a4-evtchn-preempt-in-evtchn_destroy.patch + 5f6a01c6-evtchn-preempt-in-evtchn_reset.patch + 5f6cfb5b-x86-PV-dont-GP-for-SYSENTER-with-NT-set.patch + 5f6cfb5b-x86-PV-dont-clobber-NT-on-return-to-guest.patch + 5f71a21e-x86-S3-fix-shadow-stack-resume.patch + 5f76ca65-evtchn-Flask-prealloc-for-send.patch + 5f76caaf-evtchn-FIFO-use-stable-fields.patch + 5f897c25-x86-traps-fix-read_registers-for-DF.patch + 5f897c7b-x86-smpboot-restrict-memguard_guard_stack.patch + 5f8ed5d3-x86-mm-map_pages_to_xen-single-exit-path.patch + 5f8ed5eb-x86-mm-modify_xen_mappings-one-exit-path.patch + 5f8ed603-x86-mm-prevent-races-in-mapping-updates.patch + 5f8ed635-IOMMU-suppress-iommu_dont_flush_iotlb-when.patch + 5f8ed64c-IOMMU-hold-page-ref-until-TLB-flush.patch + 5f8ed682-AMD-IOMMU-convert-amd_iommu_pte.patch + 5f8ed69c-AMD-IOMMU-update-live-PTEs-atomically.patch + 5f8ed6b0-AMD-IOMMU-suitably-order-DTE-mods.patch + xsa286-1.patch + xsa286-2.patch + xsa286-3.patch + xsa286-4.patch + xsa286-5.patch + xsa286-6.patch + xsa351-1.patch + xsa351-2.patch + xsa351-3.patch + xsa355.patch + +------------------------------------------------------------------- +Wed Dec 16 16:16:16 UTC 2020 - ohering@suse.de + +- Pass --with-rundir to configure to get rid of /var/run + +------------------------------------------------------------------- +Tue Dec 15 15:15:15 UTC 2020 - ohering@suse.de + +- bsc#1178736 - allow restart of xenwatchdogd, enable tuning of + keep-alive interval and timeout options via XENWATCHDOGD_ARGS= + add xenwatchdogd-options.patch + add xenwatchdogd-restart.patch + +------------------------------------------------------------------- +Tue Dec 15 10:10:10 UTC 2020 - ohering@suse.de + +- bsc#1177112 - Fix libxc.sr.superpage.patch + The receiving side may punch holes incorrectly into optimistically + allocated superpages. Also reduce overhead in bitmap handling. + add libxc-bitmap-50a5215f30e964a6f16165ab57925ca39f31a849.patch + add libxc-bitmap-long.patch + add libxc-bitmap-longs.patch + +------------------------------------------------------------------- +Mon Dec 14 14:22:08 MST 2020 - carnold@suse.com + +- boo#1029961 - Move files in xen-tools-domU to /usr/bin from /bin + xen-destdir.patch + Drop tmp_build.patch + +------------------------------------------------------------------- +Fri Dec 4 06:54:08 MST 2020 - carnold@suse.com + +- bsc#1176782 - L3: xl dump-core shows missing nr_pages during + core. If maxmem and current are the same the issue doesn't happen + 5fca3b32-tools-libs-ctrl-fix-dumping-of-ballooned-guest.patch + +------------------------------------------------------------------- +Fri Nov 20 15:09:49 MST 2020 - carnold@suse.com + +- bsc#1178963 - VUL-0: xen: stack corruption from XSA-346 change + (XSA-355) + xsa355.patch + +------------------------------------------------------------------- +Fri Nov 20 20:20:20 UTC 2020 - ohering@suse.de + +- Fix build error with libxl.fix-libacpi-dependency.patch + +------------------------------------------------------------------- +Fri Nov 20 19:19:19 UTC 2020 - ohering@suse.de + +- Enhance libxc.migrate_tracking.patch + Hide SUSEINFO messages from pause/unpause/resume from xl command. + They are intended for libvirt logging, but lacked info about + execution context. + Remove extra logging about dirty pages in each iteration, the + number of transferred pages + protocol overhead is already + reported elsewhere. + +------------------------------------------------------------------- +Fri Nov 20 18:18:18 UTC 2020 - ohering@suse.de + +- Remove libxl.libxl__domain_pvcontrol.patch + It is already part of 4.14.0-rc1 + +------------------------------------------------------------------- +Tue Nov 10 09:38:03 MST 2020 - carnold@suse.com + +- bsc#1178591 - VUL-0: CVE-2020-28368: xen: Intel RAPL sidechannel + attack aka PLATYPUS attack aka XSA-351 + xsa351-1.patch + xsa351-2.patch + xsa351-3.patch + +------------------------------------------------------------------- +Mon Nov 2 11:11:11 UTC 2020 - ohering@suse.de + +- bsc#1177950 - adjust help for --max_iters, default is 5 + libxl.set-migration-constraints-from-cmdline.patch + +------------------------------------------------------------------- +Fri Oct 30 11:11:11 UTC 2020 - ohering@suse.de + +- jsc#SLE-16899 - improve performance of live migration + remove allocations and memcpy from hotpaths on sending and + receiving side to get more throughput on 10Gbs+ connections + libxc-sr-3cccdae45242dab27198b8e150be0c85acd5d3c9.patch + libxc-sr-add-xc_is_known_page_type.patch + libxc-sr-arrays.patch + libxc-sr-batch_pfns.patch + libxc-sr-page_type_has_stream_data.patch + libxc-sr-readv_exact.patch + libxc-sr-restore-handle_buffered_page_data.patch + libxc-sr-restore-handle_incoming_page_data.patch + libxc-sr-restore-map_errs.patch + libxc-sr-restore-mfns.patch + libxc-sr-restore-pfns.patch + libxc-sr-restore-populate_pfns-mfns.patch + libxc-sr-restore-populate_pfns-pfns.patch + libxc-sr-restore-read_record.patch + libxc-sr-restore-types.patch + libxc-sr-save-errors.patch + libxc-sr-save-guest_data.patch + libxc-sr-save-iov.patch + libxc-sr-save-local_pages.patch + libxc-sr-save-mfns.patch + libxc-sr-save-rec_pfns.patch + libxc-sr-save-show_transfer_rate.patch + libxc-sr-save-types.patch + libxc-sr-use-xc_is_known_page_type.patch + adjust libxc.sr.superpage.patch + adjust libxc.migrate_tracking.patch + +------------------------------------------------------------------- +Wed Oct 21 09:34:32 MDT 2020 - carnold@suse.com + +- Upstream bug fixes (bsc#1027519) + 5f479d9e-x86-begin-to-support-MSR_ARCH_CAPS.patch + 5f4cf06e-x86-Dom0-expose-MSR_ARCH_CAPS.patch + 5f4cf96a-x86-PV-fix-SEGBASE_GS_USER_SEL.patch + 5f560c42-x86-PV-rewrite-segment-ctxt-switch.patch + 5f5b6b7a-hypfs-fix-custom-param-writes.patch + 5f607915-x86-HVM-more-consistent-IO-completion.patch + 5f6cfb5b-x86-PV-dont-GP-for-SYSENTER-with-NT-set.patch + 5f6cfb5b-x86-PV-dont-clobber-NT-on-return-to-guest.patch + 5f71a21e-x86-S3-fix-shadow-stack-resume.patch + 5f76ca65-evtchn-Flask-prealloc-for-send.patch + 5f76caaf-evtchn-FIFO-use-stable-fields.patch + 5f897c25-x86-traps-fix-read_registers-for-DF.patch + 5f897c7b-x86-smpboot-restrict-memguard_guard_stack.patch +- Renamed patches + 5f560c42-x86-PV-64bit-segbase-consistency.patch + Replaces 5f5b6951-x86-PV-64bit-segbase-consistency.patch + 5f6a002d-x86-PV-handle-MSR_MISC_ENABLE-correctly.patch + Replaces 5f6a05a0-pv-Handle-the-Intel-specific-MSR_MISC_ENABLE-correctly.patch + 5f6a0049-memory-dont-skip-RCU-unlock-in-acquire_resource.patch + Replaces 5f6a05b7-xen-memory-Dont-skip-the-RCU-unlock-path-in-acquire_resource.patch + 5f6a0067-x86-vPT-fix-race-when-migrating-timers.patch + Replaces 5f6a05dd-vpt-fix-race-when-migrating-timers-between-vCPUs.patch + 5f6a008e-x86-MSI-drop-read_msi_msg.patch + Replaces 5f6a05fa-msi-get-rid-of-read_msi_msg.patch + 5f6a00aa-x86-MSI-X-restrict-reading-of-PBA-bases.patch + Replaces 5f6a061a-MSI-X-restrict-reading-of-table-PBA-bases-from-BARs.patch + 5f6a00c4-evtchn-relax-port_is_valid.patch + Replaces 5f6a062c-evtchn-relax-port_is_valid.patch + 5f6a00df-x86-PV-avoid-double-exception-injection.patch + Replaces 5f6a065c-pv-Avoid-double-exception-injection.patch + 5f6a00f4-evtchn-add-missing-barriers.patch + Replaces 5f6a0674-xen-evtchn-Add-missing-barriers-when-accessing-allocating-an-event-channel.patch + 5f6a0111-evtchn-x86-enforce-correct-upper-limit.patch + Replaces 5f6a068e-evtchn-x86-enforce-correct-upper-limit-for-32-bit-guests.patch + 5f6a013f-evtchn_reset-shouldnt-succeed-with.patch + Replaces 5f6a06be-evtchn-evtchn_reset-shouldnt-succeed-with-still-open-ports.patch + 5f6a0160-evtchn-IRQ-safe-per-channel-lock.patch + Replaces 5f6a06e0-evtchn-convert-per-channel-lock-to-be-IRQ-safe.patch + 5f6a0178-evtchn-address-races-with-evtchn_reset.patch + Replaces 5f6a06f2-evtchn-address-races-with-evtchn_reset.patch + 5f6a01a4-evtchn-preempt-in-evtchn_destroy.patch + Replaces 5f6a071f-evtchn-arrange-for-preemption-in-evtchn_destroy.patch + 5f6a01c6-evtchn-preempt-in-evtchn_reset.patch + Replaces 5f6a0754-evtchn-arrange-for-preemption-in-evtchn_reset.patch + +------------------------------------------------------------------- +Tue Oct 13 10:48:04 MDT 2020 - carnold@suse.com + +- bsc#1177409 - VUL-0: CVE-2020-27674: xen: x86 PV guest + INVLPG-like flushes may leave stale TLB entries (XSA-286) + xsa286-1.patch + xsa286-2.patch + xsa286-3.patch + xsa286-4.patch + xsa286-5.patch + xsa286-6.patch +- bsc#1177412 - VUL-0: CVE-2020-27672: xen: Race condition in Xen + mapping code (XSA-345) + 5f8ed5d3-x86-mm-map_pages_to_xen-single-exit-path.patch + 5f8ed5eb-x86-mm-modify_xen_mappings-one-exit-path.patch + 5f8ed603-x86-mm-prevent-races-in-mapping-updates.patch +- bsc#1177413 - VUL-0: CVE-2020-27671: xen: undue deferral of IOMMU + TLB flushes (XSA-346) + 5f8ed635-IOMMU-suppress-iommu_dont_flush_iotlb-when.patch + 5f8ed64c-IOMMU-hold-page-ref-until-TLB-flush.patch +- bsc#1177414 - VUL-0: CVE-2020-27670: xen: unsafe AMD IOMMU page + table updates (XSA-347) + 5f8ed682-AMD-IOMMU-convert-amd_iommu_pte.patch + 5f8ed69c-AMD-IOMMU-update-live-PTEs-atomically.patch + 5f8ed6b0-AMD-IOMMU-suitably-order-DTE-mods.patch + +------------------------------------------------------------------- +Mon Oct 12 10:10:10 UTC 2020 - ohering@suse.de + +- Update libxc.sr.superpage.patch + set errno in x86_hvm_alloc_4k (bsc#1177112) + +------------------------------------------------------------------- +Tue Sep 22 10:54:28 MDT 2020 - carnold@suse.com + +- bsc#1176339 - VUL-0: CVE-2020-25602: xen: x86 pv: Crash when + handling guest access to MSR_MISC_ENABLE (XSA-333) + 5f6a05a0-pv-Handle-the-Intel-specific-MSR_MISC_ENABLE-correctly.patch +- bsc#1176341 - VUL-0: CVE-2020-25598: xen: Missing unlock in + XENMEM_acquire_resource error path (XSA-334) + 5f6a05b7-xen-memory-Dont-skip-the-RCU-unlock-path-in-acquire_resource.patch +- bsc#1176343 - VUL-0: CVE-2020-25604: xen: race when migrating + timers between x86 HVM vCPU-s (XSA-336) + 5f6a05dd-vpt-fix-race-when-migrating-timers-between-vCPUs.patch +- bsc#1176344 - VUL-0: CVE-2020-25595: xen: PCI passthrough code + reading back hardware registers (XSA-337) + 5f6a05fa-msi-get-rid-of-read_msi_msg.patch + 5f6a061a-MSI-X-restrict-reading-of-table-PBA-bases-from-BARs.patch +- bsc#1176346 - VUL-0: CVE-2020-25597: xen: once valid event + channels may not turn invalid (XSA-338) + 5f6a062c-evtchn-relax-port_is_valid.patch +- bsc#1176345 - VUL-0: CVE-2020-25596: xen: x86 pv guest kernel + DoS via SYSENTER (XSA-339) + 5f6a065c-pv-Avoid-double-exception-injection.patch +- bsc#1176347 - VUL-0: CVE-2020-25603: xen: Missing barrier + barriers when accessing/allocating an event channel (XSA-340) + 5f6a0674-xen-evtchn-Add-missing-barriers-when-accessing-allocating-an-event-channel.patch +- bsc#1176348 - VUL-0: CVE-2020-25600: xen: out of bounds event + channels available to 32-bit x86 domains (XSA-342) + 5f6a068e-evtchn-x86-enforce-correct-upper-limit-for-32-bit-guests.patch +- bsc#1176349 - VUL-0: CVE-2020-25599: xen: races with + evtchn_reset() (XSA-343) + 5f6a06be-evtchn-evtchn_reset-shouldnt-succeed-with-still-open-ports.patch + 5f6a06e0-evtchn-convert-per-channel-lock-to-be-IRQ-safe.patch + 5f6a06f2-evtchn-address-races-with-evtchn_reset.patch +- bsc#1176350 - VUL-0: CVE-2020-25601: xen: lack of preemption in + evtchn_reset() / evtchn_destroy() (XSA-344) + 5f6a071f-evtchn-arrange-for-preemption-in-evtchn_destroy.patch + 5f6a0754-evtchn-arrange-for-preemption-in-evtchn_reset.patch +- Upstream bug fix (bsc#1027519) + 5f5b6951-x86-PV-64bit-segbase-consistency.patch + +------------------------------------------------------------------- +Mon Sep 21 14:03:02 MDT 2020 - carnold@suse.com + +- Fix problems in xen.spec with building on aarch64 + +------------------------------------------------------------------- +Fri Sep 18 15:20:31 MDT 2020 - carnold@suse.com + +- Make use of %service_del_postun_without_restart while preserving + the old behavior for older distros. +- In %post tools, remove unnecessary qemu symlinks. + +------------------------------------------------------------------- +Thu Sep 17 11:11:11 UTC 2020 - ohering@suse.de + +- Fix error in xen-tools %post when linking pvgrub64.bin +- Make paths below libexec more explicit +- Create symlink also for pvgrub32.bin + +------------------------------------------------------------------- +Fri Sep 11 11:11:11 UTC 2020 - ohering@suse.de + +- Revert previous libexec change for qemu compat wrapper + The path is used in existing domU.xml files in the emulator field +- Escape some % chars in xen.spec, they have to appear verbatim + +------------------------------------------------------------------- +Wed Sep 9 10:11:12 UTC 2020 - ohering@suse.de + +- Enhance libxc.migrate_tracking.patch + Print number of allocated pages on sending side, this is more + accurate than p2m_size. + +------------------------------------------------------------------- +Wed Sep 2 12:53:47 MDT 2020 - carnold@suse.com + +- jsc#SLE-15926 - Dev: XEN: drop netware support + Dropped the following patches + pygrub-netware-xnloader.patch + xnloader.py + Refreshed pygrub-boot-legacy-sles.patch + +------------------------------------------------------------------- +Tue Sep 1 12:28:43 UTC 2020 - Guillaume GARDET <guillaume.gardet@opensuse.org> + +- Fix build on aarch64 with gcc10 +- Package xenhypfs for aarch64 + +------------------------------------------------------------------- +Wed Aug 5 19:30:23 UTC 2020 - Callum Farmer <callumjfarmer13@gmail.com> + +- Correct license name + * GPL-3.0+ is now GPL-3.0-or-later + +------------------------------------------------------------------- +Mon Aug 3 06:26:08 MDT 2020 - carnold@suse.com + +- Upstream bug fixes (bsc#1027519) + 5f1a9916-x86-S3-put-data-sregs-into-known-state.patch + 5f21b9fd-x86-cpuid-APIC-bit-clearing.patch + +------------------------------------------------------------------- +Fri Jul 24 16:27:29 MDT 2020 - carnold@suse.com + +- Update to Xen 4.14.0 FCS release + xen-4.14.0-testing-src.tar.bz2 + * Linux stubdomains (contributed by QUBES OS) + * Control-flow Enforcement Technology (CET) Shadow Stack support (contributed by Citrix) + * Lightweight VM fork for fuzzing / introspection. (contributed by Intel) + * Livepatch: buildid and hotpatch stack requirements + * CONFIG_PV32 + * Hypervisor FS support + * Running Xen as a Hyper-V Guest + * Domain ID randomization, persistence across save / restore + * Golang binding autogeneration + * KDD support for Windows 7, 8.x and 10 +- Dropped patches contained in new tarball + 5eb51be6-cpupool-fix-removing-cpu-from-pool.patch + 5eb51caa-sched-vcpu-pause-flags-atomic.patch + 5ec2a760-x86-determine-MXCSR-mask-always.patch + 5ec50b05-x86-idle-rework-C6-EOI-workaround.patch + 5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch + 5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch + 5ec82237-x86-extend-ISR-C6-workaround-to-Haswell.patch + 5ece1b91-x86-clear-RDRAND-CPUID-bit-on-AMD-fam-15-16.patch + 5ece8ac4-x86-load_system_tables-NMI-MC-safe.patch + 5ed69804-x86-ucode-fix-start-end-update.patch + 5eda60cb-SVM-split-recalc-NPT-fault-handling.patch + 5edf6ad8-ioreq-pending-emulation-server-destruction-race.patch + 5edfbbea-x86-spec-ctrl-CPUID-MSR-defs-for-SRBDS.patch + 5edfbbea-x86-spec-ctrl-mitigate-SRBDS.patch + 5ee24d0e-x86-spec-ctrl-document-SRBDS-workaround.patch + xsa317.patch + xsa319.patch + xsa321-1.patch + xsa321-2.patch + xsa321-3.patch + xsa321-4.patch + xsa321-5.patch + xsa321-6.patch + xsa321-7.patch + xsa328-1.patch + xsa328-2.patch + +------------------------------------------------------------------- +Thu Jul 23 11:12:58 MDT 2020 - carnold@suse.com + +- bsc#1172356 - Not able to hot-plug NIC via virt-manager, asks to + attach on next reboot while it should be live attached + ignore-ip-command-script-errors.patch + +------------------------------------------------------------------- +Fri Jul 17 14:14:14 UTC 2020 - ohering@suse.de + +- Enhance libxc.migrate_tracking.patch + After transfer of domU memory, the target host has to assemble + the backend devices. Track the time prior xc_domain_unpause. + +------------------------------------------------------------------- +Tue Jun 30 18:03:40 UTC 2020 - ohering@suse.de + +- Add libxc.migrate_tracking.patch to track live migrations + unconditionally in logfiles, especially in libvirt. + This will track how long a domU was suspended during transit. + +------------------------------------------------------------------- +Mon Jun 29 11:28:27 MDT 2020 - carnold@suse.com + +- bsc#1173376 - VUL-0: CVE-2020-15566: xen: XSA-317 - Incorrect + error handling in event channel port allocation + xsa317.patch +- bsc#1173377 - VUL-0: CVE-2020-15563: xen: XSA-319 - inverted code + paths in x86 dirty VRAM tracking + xsa319.patch +- bsc#1173378 - VUL-0: CVE-2020-15565: xen: XSA-321 - insufficient + cache write- back under VT-d + xsa321-1.patch + xsa321-2.patch + xsa321-3.patch + xsa321-4.patch + xsa321-5.patch + xsa321-6.patch + xsa321-7.patch +- bsc#1173380 - VUL-0: CVE-2020-15567: xen: XSA-328 - non-atomic + modification of live EPT PTE + xsa328-1.patch + xsa328-2.patch + +------------------------------------------------------------------- +Mon Jun 22 11:24:48 MDT 2020 - carnold@suse.com + +- bsc#1172205 - VUL-0: CVE-2020-0543: xen: Special Register Buffer + Data Sampling (SRBDS) aka "CrossTalk" (XSA-320) + 5ee24d0e-x86-spec-ctrl-document-SRBDS-workaround.patch + 5edfbbea-x86-spec-ctrl-CPUID-MSR-defs-for-SRBDS.patch (Replaces xsa320-1.patch) + 5edfbbea-x86-spec-ctrl-mitigate-SRBDS.patch (Replaces xsa320-2.patch) +- Upstream bug fixes (bsc#1027519) + 5ec50b05-x86-idle-rework-C6-EOI-workaround.patch + 5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch + 5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch + 5ec82237-x86-extend-ISR-C6-workaround-to-Haswell.patch + 5ece1b91-x86-clear-RDRAND-CPUID-bit-on-AMD-fam-15-16.patch + 5ece8ac4-x86-load_system_tables-NMI-MC-safe.patch + 5ed69804-x86-ucode-fix-start-end-update.patch + 5eda60cb-SVM-split-recalc-NPT-fault-handling.patch + 5edf6ad8-ioreq-pending-emulation-server-destruction-race.patch + +------------------------------------------------------------------- +Fri Jun 5 16:42:16 UTC 2020 - Callum Farmer <callumjfarmer13@gmail.com> + +- Fixes for %_libexecdir changing to /usr/libexec + +------------------------------------------------------------------- +Thu May 28 08:35:20 MDT 2020 - carnold@suse.com + +- bsc#1172205 - VUL-0: CVE-2020-0543: xen: Special Register Buffer + Data Sampling (SRBDS) aka "CrossTalk" (XSA-320) + xsa320-1.patch + xsa320-2.patch + +------------------------------------------------------------------- +Mon May 18 10:55:26 MDT 2020 - carnold@suse.com + +- Update to Xen 4.13.1 bug fix release (bsc#1027519) + xen-4.13.1-testing-src.tar.bz2 + 5eb51be6-cpupool-fix-removing-cpu-from-pool.patch + 5eb51caa-sched-vcpu-pause-flags-atomic.patch + 5ec2a760-x86-determine-MXCSR-mask-always.patch +- Drop patches contained in new tarball + 5de65f84-gnttab-map-always-do-IOMMU-part.patch + 5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch + 5e15e03d-sched-fix-S3-resume-with-smt=0.patch + 5e16fb6a-x86-clear-per-cpu-stub-page-info.patch + 5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch + 5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch + 5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch + 5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch + 5e318cd4-x86-apic-fix-disabling-LVT0.patch + 5e344c11-x86-HVM-relinquish-resources-from-domain_destroy.patch + 5e3bd385-EFI-recheck-variable-name-strings.patch + 5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch + 5e3bd3f8-xmalloc-guard-against-overflow.patch + 5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch + 5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch + 5e4d4f5b-sched-fix-get_cpu_idle_time-with-core-sched.patch + 5e4e614d-x86-spec-ctrl-no-xen-also-disables-branch-hardening.patch + 5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch + 5e5e7188-fix-error-path-in-cpupool_unassign_cpu_start.patch + 5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch + 5e7a371c-sched-fix-cpu-onlining-with-core-sched.patch + 5e7c90cf-sched-fix-cpu-offlining-with-core-sched.patch + 5e7cfb29-x86-ucode-AMD-fix-assert-in-compare_patch.patch + 5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch + 5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch + 5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch + 5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch + 5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch + 5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch + 5e86f7fd-credit2-fix-credit-too-few-resets.patch + 5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch + 5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch + 5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch + 5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch + 5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch + 5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch + +------------------------------------------------------------------- +Wed May 13 21:07:29 UTC 2020 - James Fehlig <jfehlig@suse.com> + +- spec: Remove invocation of autogen.sh +- spec: Recommend qemu-ovmf-x86_64 to provide UEFI firmwares + +------------------------------------------------------------------- +Wed May 13 09:56:49 MDT 2020 - carnold@suse.com + +- bsc#1170968 - GCC 10: xen build fails on i586 + gcc10-fixes.patch + +------------------------------------------------------------------- +Tue Apr 14 11:06:08 MDT 2020 - carnold@suse.com + +- bsc#1169392 - VUL-0: CVE-2020-11742: xen: Bad continuation + handling in GNTTABOP_copy (XSA-318) + 5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch + +------------------------------------------------------------------- +Mon Apr 6 12:01:45 MDT 2020 - carnold@suse.com + +- bsc#1168140 - VUL-0: CVE-2020-11740, CVE-2020-11741: xen: XSA-313 + multiple xenoprof issues + 5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch + 5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch +- bsc#1168142 - VUL-0: CVE-2020-11739: xen: XSA-314 - Missing + memory barriers in read-write unlock paths + 5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch +- bsc#1168143 - VUL-0: CVE-2020-11743: xen: XSA-316 - Bad error + path in GNTTABOP_map_grant + 5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch +- bsc#1167152 - L3: Xenstored Crashed during VM install Need Core + analyzed + 5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch +- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog + bug soft lockup CPU #0 stuck under high load / upstream with + workaround. See also bsc#1134506 + 5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch + 5e86f7fd-credit2-fix-credit-too-few-resets.patch +- Drop for upstream solution (bsc#1165206) + 01-xen-credit2-avoid-vcpus-to.patch + default-to-credit1-scheduler.patch +- Upstream bug fixes (bsc#1027519) + 5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch + 5e5e7188-fix-error-path-in-cpupool_unassign_cpu_start.patch + 5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch + 5e7a371c-sched-fix-cpu-onlining-with-core-sched.patch + 5e7c90cf-sched-fix-cpu-offlining-with-core-sched.patch + 5e7cfb29-x86-ucode-AMD-fix-assert-in-compare_patch.patch + 5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch + 5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch + 5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch + 5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch + 5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch + +------------------------------------------------------------------- +Wed Mar 25 18:18:18 UTC 2020 - ohering@suse.de + +- bsc#1167608 - unbound limit for max_event_channels + domUs with many vcpus and/or resources fail to start + libxl.max_event_channels.patch + +------------------------------------------------------------------- +Wed Mar 18 17:00:34 UTC 2020 - ohering@suse.de + +- bsc#1161480 - Fix xl shutdown for HVM without PV drivers + add libxl.libxl__domain_pvcontrol.patch + +------------------------------------------------------------------- +Thu Mar 12 07:57:53 MDT 2020 - carnold@suse.com + +- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog + bug soft lockup CPU #0 stuck under high load / upstream with + workaround. See also bsc#1134506 + 01-xen-credit2-avoid-vcpus-to.patch + +------------------------------------------------------------------- +Tue Mar 10 07:41:34 MDT 2020 - carnold@suse.com + +- bsc#1158414 - GCC 10: xen build fails + gcc10-fixes.patch + +------------------------------------------------------------------- +Wed Mar 4 13:28:17 MST 2020 - carnold@suse.com + +- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog + bug soft lockup CPU #0 stuck under high load / upstream with + workaround. See also bsc#1134506 + default-to-credit1-scheduler.patch + +------------------------------------------------------------------- +Thu Feb 20 08:18:37 MST 2020 - carnold@suse.com + +- bsc#1160932 - VUL-0: xen: XSA-312 v1: arm: a CPU may speculate + past the ERET instruction + 5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch +- bsc#1164425 - x86: "spec-ctrl=no-xen" should also disable branch + hardening + 5e4e614d-x86-spec-ctrl-no-xen-also-disables-branch-hardening.patch +- Upstream bug fixes (bsc#1027519) + 5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch + 5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch + 5e318cd4-x86-apic-fix-disabling-LVT0.patch + 5e344c11-x86-HVM-relinquish-resources-from-domain_destroy.patch + 5e3bd385-EFI-recheck-variable-name-strings.patch + 5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch + 5e3bd3f8-xmalloc-guard-against-overflow.patch + 5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch + 5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch + 5e4d4f5b-sched-fix-get_cpu_idle_time-with-core-sched.patch + +------------------------------------------------------------------- +Tue Feb 18 18:18:18 UTC 2020 - ohering@suse.de + +- bsc#1159755 - use fixed qemu-3.1 machine type for HVM + This must be done in qemu to preserve PCI layout + remove libxl.lock-qemu-machine-for-hvm.patch + +------------------------------------------------------------------- +Fri Feb 7 12:37:35 UTC 2020 - ohering@suse.de + +- jsc#SLE-10183 - script to calculate cpuid= mask + add helper script from https://github.com/twizted/xen_maskcalc + domUs may be migrated between different cpus from the same vendor + if their visible cpuid value has incompatible feature bits masked. + +------------------------------------------------------------------- +Wed Feb 5 15:16:06 UTC 2020 - ohering@suse.de + +- jsc#SLE-10172, bsc#1055731 - handle degraded raid for xendomains + add helper script and systemd service from + https://github.com/luizluca/xen-tools-xendomains-wait-disk + in new sub package xen-tools-xendomains-wait-disk + See included README for usage instructions + xendomains-wait-disks.LICENSE + xendomains-wait-disks.README.md + xendomains-wait-disks.sh + +------------------------------------------------------------------- +Tue Jan 28 14:10:38 UTC 2020 - ohering@suse.de + +- bsc#1159755 - use fixed qemu-3.1 machine type for HVM + qemu4 introduced incompatible changes in pc-i440fx, which revealed + a design bug in 'xenfv'. Live migration from domUs started with + qemu versions prior qemu4 can not be received with qemu4+. + libxl.lock-qemu-machine-for-hvm.patch + +------------------------------------------------------------------- +Tue Jan 14 09:19:31 MST 2020 - carnold@suse.com + +- Upstream bug fixes (bsc#1027519) + 5de65f84-gnttab-map-always-do-IOMMU-part.patch + 5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch + 5e15e03d-sched-fix-S3-resume-with-smt=0.patch + 5e16fb6a-x86-clear-per-cpu-stub-page-info.patch + 5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch + +------------------------------------------------------------------- +Wed Jan 8 11:43:04 UTC 2020 - Dominique Leuenberger <dimstar@opensuse.org> + +- BuildRequire pkgconfig(libsystemd) instead of systemd-devel: + Allow OBS to shortcut through the -mini flavors. + +------------------------------------------------------------------- +Wed Dec 18 10:16:52 MST 2019 - carnold@suse.com + +- bsc#1159320 - Xen logrotate file needs updated + logrotate.conf + +------------------------------------------------------------------- +Wed Dec 18 08:21:17 MST 2019 - carnold@suse.com + +- Update to Xen 4.13.0 FCS release + xen-4.13.0-testing-src.tar.bz2 + * Core Scheduling (contributed by SUSE) + * Branch hardening to mitigate against Spectre v1 (contributed by Citrix) + * Late uCode loading (contributed by Intel) + * Improved live-patching build tools (contributed by AWS) + * OP-TEE support (contributed by EPAM) + * Renesas R-CAR IPMMU-VMSA driver (contributed by EPAM) + * Dom0-less passthrough and ImageBuilder (contributed by XILINX) + * Support for new Hardware + +------------------------------------------------------------------- +Tue Dec 3 08:57:29 MST 2019 - carnold@suse.com + +- Update to Xen 4.13.0 RC4 release + xen-4.13.0-testing-src.tar.bz2 +- Rebase libxl.pvscsi.patch + +------------------------------------------------------------------- +Mon Nov 25 10:49:13 MST 2019 - carnold@suse.com + +- Update to Xen 4.13.0 RC3 release + xen-4.13.0-testing-src.tar.bz2 +- Drop python38-build.patch + +------------------------------------------------------------------- +Tue Nov 12 08:09:27 MST 2019 - carnold@suse.com + +- Update to Xen 4.13.0 RC2 release + xen-4.13.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Tue Oct 29 14:27:13 CET 2019 - Matej Cepl <mcepl@suse.com> + +- Add python38-build.patch fixing build with Python 3.8 (add + --embed to python-config call) + +------------------------------------------------------------------- +Mon Oct 14 09:01:47 MDT 2019 - carnold@suse.com + +- Update to Xen 4.13.0 RC1 release + xen-4.13.0-testing-src.tar.bz2 +- Drop patches contained in new tarball or invalid + 5ca7660f-x86-entry-drop-unused-includes.patch + 5cab2a6b-x86-ACPI-also-parse-AMD-tables-early.patch + 5cab2ab7-x86-IOMMU-introduce-init-ops.patch + 5cab2ae8-x86-IOMMU-abstract-iommu_supports_eim.patch + 5cab2b4e-x86-IOMMU-abstract-iommu_enable_x2apic_IR.patch + 5cab2b95-x86-IOMMU-initialize-iommu_ops-in.patch + 5cac9a4b-x86-IOMMU-abstract-adjust_vtd_irq_affinities.patch + 5cdeac7f-AMD-IOMMU-adjust-IOMMU-list-head-init.patch + 5cf8da09-adjust-sysdom-creation-call-earlier-on-x86.patch + 5d0cf4e4-AMD-IOMMU-initialize-IRQ-tasklet-once.patch + 5d149bb0-AMD-IOMMU-dont-add-IOMMUs.patch + 5d1b3fab-AMD-IOMMU-restrict-feature-logging.patch + 5d358508-x86-IRQ-desc-affinity-represents-request.patch + 5d358534-x86-IRQ-consolidate-arch-cpu_mask-use.patch + 5d358a67-AMD-IOMMU-pass-IOMMU-to-iterate_ivrs_entries-cb.patch + 5d358a92-AMD-IOMMU-pass-IOMMU-to-amd_iommu_alloc_intremap_table.patch + 5d39811c-x86-IOMMU-dont-restrict-IRQ-affinities.patch + 5d417813-AMD-IOMMU-bitfield-extended-features.patch + 5d417838-AMD-IOMMU-bitfield-control-reg.patch + 5d41785b-AMD-IOMMU-bitfield-IRTE.patch + 5d41787e-AMD-IOMMU-pass-IOMMU-to-gfu-intremap-entry.patch + 5d4178ad-AMD-IOMMU-128bit-non-guest-APIC-IRTE.patch + 5d4178fc-AMD-IOMMU-split-amd_iommu_init_one.patch + 5d41793f-AMD-IOMMU-allow-enabling-without-IRQ.patch + 5d417a16-AMD-IOMMU-adjust-IRQ-setup-for-x2APIC.patch + 5d417ab6-AMD-IOMMU-enable-x2APIC-mode.patch + 5d417b38-AMD-IOMMU-correct-IRTE-updating.patch + 5d417b6a-AMD-IOMMU-dont-needlessly-log-headers.patch + 5d419d49-x86-spec-ctrl-report-proper-status.patch + 5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch + 5d4a9d25-AMD-IOMMU-drop-not-found-message.patch + 5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch + 5d4afa7a-credit2-fix-memory-leak.patch + 5d4d850a-introduce-bss-percpu-page-aligned.patch + 5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch + 5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch + 5d6524ca-x86-mm-correctly-init-M2P-entries.patch + 5d67ceaf-x86-properly-gate-PKU-clearing.patch + 5d70bfba-x86-shadow-dont-enable-with-too-small-allocation.patch + 5d779811-x86-fix-CPUID7-0-eax-levelling-MSR.patch + 5d77b40f-fix-hvm_all_ioreq_servers_add_vcpu-cleanup.patch + 5d80e7c0-AMD-IOMMU-free-shared-IRT-once.patch + 5d80e80d-AMD-IOMMU-valid-flag-for-IVRS-mappings.patch + 5d80e82e-AMD-IOMMU-alloc_intremap_table-callers-handle-errors.patch + 5d80e857-x86-PCI-read-MSI-X-table-entry-count-early.patch + 5d80ea13-vpci-honor-read-only-devices.patch + 5d89d8d9-libxc-x86-avoid-overflow-in-CPUID-APIC-ID.patch + 5d8b715f-ACPI-cpuidle-bump-max-num-of-states.patch + 5d8b72e5-AMD-IOMMU-dont-blindly-alloc-intremap-tables.patch + 5d8b730e-AMD-IOMMU-phantom-funcs-share-intremap-tables.patch + 5d8b733b-x86-PCI-read-max-MSI-vector-count-early.patch + 5d8b736d-AMD-IOMMU-replace-INTREMAP_ENTRIES.patch + 5d8b7393-AMD-IOMMU-restrict-intremap-table-sizes.patch + 5d9ee2a8-AMD-IOMMU-alloc-1-devtab-per-PCI-seg.patch + 5d9ee2f0-AMD-IOMMU-allocate_buffer-avoid-memset.patch + 5d9ee312-AMD-IOMMU-prefill-all-DTEs.patch + CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch + blktap2-no-uninit.patch + libxl.prepare-environment-for-domcreate_stream_done.patch + pygrub-python3-conversion.patch + fix-xenpvnetboot.patch + +------------------------------------------------------------------- +Thu Oct 10 08:39:52 MDT 2019 - carnold@suse.com + +- bsc#1135799 - Partner-L3: Xen crashes on AMD ROME based machines + 5d9ee2a8-AMD-IOMMU-alloc-1-devtab-per-PCI-seg.patch + 5d9ee2f0-AMD-IOMMU-allocate_buffer-avoid-memset.patch + 5d9ee312-AMD-IOMMU-prefill-all-DTEs.patch + +------------------------------------------------------------------- +Wed Oct 2 08:37:47 UTC 2019 - ohering@suse.de + +- bsc#1120095 - add code to change LIBXL_HOTPLUG_TIMEOUT at runtime + The included README has details about the impact of this change + libxl.LIBXL_HOTPLUG_TIMEOUT.patch + +------------------------------------------------------------------- +Mon Sep 30 10:43:43 MDT 2019 - carnold@suse.com + +- bsc#1135799 - Partner-L3: Xen crashes on AMD ROME based machines + 5ca7660f-x86-entry-drop-unused-includes.patch + 5cf8da09-adjust-sysdom-creation-call-earlier-on-x86.patch + 5cab2a6b-x86-ACPI-also-parse-AMD-tables-early.patch + 5cab2ab7-x86-IOMMU-introduce-init-ops.patch + 5cab2ae8-x86-IOMMU-abstract-iommu_supports_eim.patch + 5cab2b4e-x86-IOMMU-abstract-iommu_enable_x2apic_IR.patch + 5cab2b95-x86-IOMMU-initialize-iommu_ops-in.patch + 5cac9a4b-x86-IOMMU-abstract-adjust_vtd_irq_affinities.patch + 5cdeac7f-AMD-IOMMU-adjust-IOMMU-list-head-init.patch + 5d0cf4e4-AMD-IOMMU-initialize-IRQ-tasklet-once.patch + 5d149bb0-AMD-IOMMU-dont-add-IOMMUs.patch + 5d1b3fab-AMD-IOMMU-restrict-feature-logging.patch + 5d358508-x86-IRQ-desc-affinity-represents-request.patch + 5d358534-x86-IRQ-consolidate-arch-cpu_mask-use.patch + 5d358a67-AMD-IOMMU-pass-IOMMU-to-iterate_ivrs_entries-cb.patch + 5d358a92-AMD-IOMMU-pass-IOMMU-to-amd_iommu_alloc_intremap_table.patch + 5d39811c-x86-IOMMU-dont-restrict-IRQ-affinities.patch + 5d417813-AMD-IOMMU-bitfield-extended-features.patch + 5d417838-AMD-IOMMU-bitfield-control-reg.patch + 5d41785b-AMD-IOMMU-bitfield-IRTE.patch + 5d41787e-AMD-IOMMU-pass-IOMMU-to-gfu-intremap-entry.patch + 5d4178ad-AMD-IOMMU-128bit-non-guest-APIC-IRTE.patch + 5d4178fc-AMD-IOMMU-split-amd_iommu_init_one.patch + 5d41793f-AMD-IOMMU-allow-enabling-without-IRQ.patch + 5d417a16-AMD-IOMMU-adjust-IRQ-setup-for-x2APIC.patch + 5d417ab6-AMD-IOMMU-enable-x2APIC-mode.patch + 5d417b38-AMD-IOMMU-correct-IRTE-updating.patch + 5d417b6a-AMD-IOMMU-dont-needlessly-log-headers.patch + 5d4a9d25-AMD-IOMMU-drop-not-found-message.patch + 5d80e7c0-AMD-IOMMU-free-shared-IRT-once.patch + 5d80e80d-AMD-IOMMU-valid-flag-for-IVRS-mappings.patch + 5d80e82e-AMD-IOMMU-alloc_intremap_table-callers-handle-errors.patch + 5d80e857-x86-PCI-read-MSI-X-table-entry-count-early.patch + 5d8b72e5-AMD-IOMMU-dont-blindly-alloc-intremap-tables.patch + 5d8b730e-AMD-IOMMU-phantom-funcs-share-intremap-tables.patch + 5d8b733b-x86-PCI-read-max-MSI-vector-count-early.patch + 5d8b736d-AMD-IOMMU-replace-INTREMAP_ENTRIES.patch + 5d8b7393-AMD-IOMMU-restrict-intremap-table-sizes.patch +- bsc#1145240 - [Migration]Can't pre-allocate 1 shadow pages + 5d70bfba-x86-shadow-dont-enable-with-too-small-allocation.patch +- bsc#1137717 - [HPS Bug] Unable to install Windows Server 2016 + with 2 CPUs setting (or above) under SLES12 SP4 Xen Server on AMD + ROME platform + 5d89d8d9-libxc-x86-avoid-overflow-in-CPUID-APIC-ID.patch +- Upstream bug fixes (bsc#1027519) + 5d67ceaf-x86-properly-gate-PKU-clearing.patch + 5d779811-x86-fix-CPUID7-0-eax-levelling-MSR.patch + 5d77b40f-fix-hvm_all_ioreq_servers_add_vcpu-cleanup.patch + 5d80ea13-vpci-honor-read-only-devices.patch + 5d8b715f-ACPI-cpuidle-bump-max-num-of-states.patch + +------------------------------------------------------------------- +Fri Sep 27 16:25:38 UTC 2019 - ohering@suse.de + +- bsc#1145774 - Libivrtd segfaults when trying to live migrate a VM + Fix crash in an error path of libxl_domain_suspend with + libxl.helper_done-crash.patch + +------------------------------------------------------------------- +Wed Aug 28 09:25:30 MDT 2019 - carnold@suse.com + +- Upstream bug fixes (bsc#1027519) + 5d419d49-x86-spec-ctrl-report-proper-status.patch + 5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch + 5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch + 5d4afa7a-credit2-fix-memory-leak.patch + 5d4d850a-introduce-bss-percpu-page-aligned.patch + 5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch + 5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch + 5d6524ca-x86-mm-correctly-init-M2P-entries.patch +- Drop 5d419d49-x86-spec-ctrl-facilities-report-wrong-status.patch + +------------------------------------------------------------------- +Wed Aug 28 11:25:17 UTC 2019 - ohering@suse.de + +- Preserve modified files which used to be marked as %config, + rename file.rpmsave to file + +------------------------------------------------------------------- +Fri Aug 9 10:29:45 MDT 2019 - carnold@suse.com + +- Update to Xen 4.12.1 bug fix release (bsc#1027519) + xen-4.12.1-testing-src.tar.bz2 +- Drop patches contained in new tarball + 5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch + 5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch + 5c87b6c8-drop-arch_evtchn_inject.patch + 5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch + 5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch + 5c8f752c-x86-e820-build-with-gcc9.patch + 5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch + 5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch + 5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch + 5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch + 5c9e63c5-credit2-SMT-idle-handling.patch + 5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch + 5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch + 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch + 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch + 5cd921fb-trace-fix-build-with-gcc9.patch + 5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch + 5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch + 5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch + 5cd926d0-bitmap_fill-zero-sized.patch + 5cd92724-drivers-video-drop-constraints.patch + 5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch + 5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch + 5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch + 5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch + 5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch + 5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch + 5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch + 5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch + 5cdeb9fd-sched-fix-csched2_deinit_pdata.patch + 5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch + 5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch + 5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch + 5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch + 5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch + 5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch + 5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch + 5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch + 5d03a0c4-6-Arm64-cmpxchg-simplify.patch + 5d03a0c4-7-Arm32-cmpxchg-simplify.patch + 5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch + 5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch + 5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch + 5d03a0c4-B-bitops-guest-helpers.patch + 5d03a0c4-C-cmpxchg-guest-helpers.patch + 5d03a0c4-D-use-guest-atomics-helpers.patch + 5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch + 5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch +- Refreshed patches + libxl.pvscsi.patch + +------------------------------------------------------------------- +Thu Aug 1 13:10:39 MDT 2019 - carnold@suse.com + +- bsc#1143563 - Speculative mitigation facilities report wrong status + 5d419d49-x86-spec-ctrl-facilities-report-wrong-status.patch + +------------------------------------------------------------------- +Wed Jul 17 13:56:46 UTC 2019 - ohering@suse.de + +- Update xen-dom0-modules.service (bsc#1137251) + Map backend module names from pvops and xenlinux kernels to a + module alias. This avoids errors from modprobe about unknown + modules. Ignore a few xenlinux modules that lack aliases. + +------------------------------------------------------------------- +Mon Jul 15 07:56:56 MDT 2019 - carnold@suse.com + +- Gcc9 warnings seem to be cleared up with upstream fixes. + Drop gcc9-ignore-warnings.patch + +------------------------------------------------------------------- +Tue Jun 25 09:29:05 MDT 2019 - carnold@suse.com + +- bsc#1138563 - L3: xenpvnetboot improperly ported to Python 3 + fix-xenpvnetboot.patch + +------------------------------------------------------------------- +Mon Jun 24 08:02:57 UTC 2019 - ohering@suse.de + +- Move /etc/modprobe.d/xen_loop.conf to /lib/modprobe.d/xen_loop.conf + +------------------------------------------------------------------- +Mon Jun 24 08:00:10 UTC 2019 - ohering@suse.de + +- Remove /etc/xen/xenapiusers and /etc/pam.d/xen-api + +------------------------------------------------------------------- +Fri Jun 21 12:25:55 UTC 2019 - ohering@suse.de + +- Remove all upstream provided files in /etc/xen + They are not required at runtime. The host admin is now + responsible if he really needs anything in this subdirectory. + +------------------------------------------------------------------- +Fri Jun 21 12:07:45 UTC 2019 - ohering@suse.de + +- In our effort to make /etc fully admin controlled, move /etc/xen/scripts + to libexec/xen/scripts with xen-tools.etc_pollution.patch + +------------------------------------------------------------------- +Wed Jun 19 13:20:39 UTC 2019 - ohering@suse.de + +- Move /etc/bash_completion.d/xl.sh to %{_datadir}/bash-completion/completions + +------------------------------------------------------------------- +Mon Jun 17 09:08:33 MDT 2019 - carnold@suse.com + +- bsc#1138294 - VUL-0: CVE-2019-17349: XSA-295: Unlimited Arm + Atomics Operations + 5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch + 5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch + 5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch + 5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch + 5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch + 5d03a0c4-6-Arm64-cmpxchg-simplify.patch + 5d03a0c4-7-Arm32-cmpxchg-simplify.patch + 5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch + 5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch + 5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch + 5d03a0c4-B-bitops-guest-helpers.patch + 5d03a0c4-C-cmpxchg-guest-helpers.patch + 5d03a0c4-D-use-guest-atomics-helpers.patch + 5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch + 5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch +- Upstream bug fixes (bsc#1027519) + 5c87b6c8-drop-arch_evtchn_inject.patch + 5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch + 5cd921fb-trace-fix-build-with-gcc9.patch + 5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch + 5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch + 5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch + 5cd926d0-bitmap_fill-zero-sized.patch + 5cd92724-drivers-video-drop-constraints.patch + 5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch (Replaces xsa297-0a.patch) + 5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch (Replaces xsa297-0b.patch) + 5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch (Replaces xsa297-0c.patch) + 5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch (Replaces xsa297-0d.patch) + 5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch (Replaces xsa297-1.patch) + 5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch (Replaces xsa297-2.patch) + 5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch (Replaces xsa297-3.patch) + 5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch + 5cdeb9fd-sched-fix-csched2_deinit_pdata.patch + 5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch + 5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch + 5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch + +------------------------------------------------------------------- +Fri Jun 14 15:35:28 MDT 2019 - carnold@suse.com + +- Fix some outdated information in the readme + README.SUSE + +------------------------------------------------------------------- +Tue Jun 11 20:22:47 UTC 2019 - Jim Fehlig <jfehlig@suse.com> + +- spec: xen-tools: require matching version of xen package + bsc#1137471 + +------------------------------------------------------------------- +Fri May 17 08:50:57 UTC 2019 - ohering@suse.de + +- Remove two stale patches + xen.build-compare.man.patch + xenpaging.doc.patch + +------------------------------------------------------------------- +Tue May 14 15:35:17 UTC 2019 - Martin Liška <mliska@suse.cz> + +- Disable LTO (boo#1133296). + +------------------------------------------------------------------- +Mon May 13 20:20:00 UTC 2019 - ohering@suse.de + +- Remove arm32 from ExclusiveArch to fix build + +------------------------------------------------------------------- +Mon Apr 29 08:54:04 MDT 2019 - carnold@suse.com + +- bsc#1111331 - VUL-0: CPU issues Q2 2019 aka "Group 4". + CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 + xsa297-0a.patch + xsa297-0b.patch + xsa297-0c.patch + xsa297-0d.patch + xsa297-1.patch + xsa297-2.patch + xsa297-3.patch +- Update 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch and + drop 5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch + Refresh 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch + +------------------------------------------------------------------- +Wed Apr 17 08:28:50 MDT 2019 - carnold@suse.com + +- bsc#1131811 - [XEN] internal error: libxenlight failed to create + new domain. This patch is a workaround for a systemd issue. See + patch header for additional comments. + xenstore-launch.patch + +------------------------------------------------------------------- +Thu Apr 11 16:29:39 MDT 2019 - carnold@suse.com + +- bsc#1125378 - [xen][pygrub] Can not restore sle11sp4 pv guest + after upgrading host from sle11sp4 to sle15sp1 + pygrub-python3-conversion.patch +- Fix "TypeError: virDomainDefineXML() argument 2 must be str or + None, not bytes" when converting VMs from using the xm/xend + toolstack to the libxl/libvirt toolstack. (bsc#1123378) + xen2libvirt.py + +------------------------------------------------------------------- +Mon Apr 8 08:13:04 MDT 2019 - carnold@suse.com + +- bsc#1124560 - Fully virtualized guests crash on boot + 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch +- bsc#1121391 - GCC 9: xen build fails + 5c8f752c-x86-e820-build-with-gcc9.patch +- Upstream bug fixes (bsc#1027519) + 5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch + 5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch + 5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch + 5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch + 5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch + 5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch + 5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch + 5c9e63c5-credit2-SMT-idle-handling.patch + 5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch + 5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch + 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch + 5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch + +------------------------------------------------------------------- +Thu Apr 4 08:53:02 UTC 2019 - ohering@suse.de + +- Install pkgconfig files into libdir instead of datadir + +------------------------------------------------------------------- +Tue Apr 2 08:03:53 MDT 2019 - carnold@suse.com + +- Update to Xen 4.12.0 FCS release (fate#325107, fate#323901) + xen-4.12.0-testing-src.tar.bz2 + * HVM/PVH and PV only Hypervisor: The Xen 4.12 release separates + the HVM/PVH and PV code paths in Xen and provides KCONFIG + options to build a PV only or HVM/PVH only hypervisor. + * QEMU Deprivilege (DM_RESTRICT): In Xen 4.12, this feature has + been vastly improved. + * Argo - Hypervisor-Mediated data eXchange: Argo is a new inter- + domain communication mechanism. + * Improvements to Virtual Machine Introspection: The VMI subsystem + which allows detection of 0-day vulnerabilities has seen many + functional and performance improvements. + * Credit 2 Scheduler: The Credit2 scheduler is now the Xen Project + default scheduler. + * PVH Support: Grub2 boot support has been added to Xen and Grub2. + * PVH Dom0: PVH Dom0 support has now been upgraded from experimental + to tech preview. + * The Xen 4.12 upgrade also includes improved IOMMU mapping code, + which is designed to significantly improve the startup times of + AMD EPYC based systems. + * The upgrade also features Automatic Dom0 Sizing which allows the + setting of Dom0 memory size as a percentage of host memory (e.g. + 10%) or with an offset (e.g. 1G+10%). + +------------------------------------------------------------------- +Tue Mar 26 10:06:06 MDT 2019 - carnold@suse.com + +- bsc#1130485 - Please drop Requires on multipath-tools in + xen-tools. Now using Recommends multipath-tools. + xen.spec + +------------------------------------------------------------------- +Mon Mar 25 08:17:31 MDT 2019 - carnold@suse.com + +- Update to Xen 4.12.0 RC7 release (fate#325107, fate#323901) + xen-4.12.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Wed Mar 20 09:48:26 MDT 2019 - carnold@suse.com + +- Update to Xen 4.12.0 RC6 release (fate#325107, fate#323901) + xen-4.12.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Fri Mar 15 13:09:29 UTC 2019 - ohering@suse.de + +- bsc#1026236 - add Xen cmdline option "suse_vtsc_tolerance" to + avoid TSC emulation for HVM domUs if their expected frequency + does not match exactly the frequency of the receiving host + xen.bug1026236.suse_vtsc_tolerance.patch + +------------------------------------------------------------------- +Mon Mar 11 11:24:42 MDT 2019 - carnold@suse.com + +- Update to Xen 4.12.0 RC5 release (fate#325107, fate#323901) + xen-4.12.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Mon Mar 11 05:58:59 MDT 2019 - carnold@suse.com + +- jsc#SLE-3059 - Disable Xen auto-ballooning +- Add CONFIG_DOM0_MEM to the spec file for managing dom0 memory. + xen.spec +- Disable autoballooning in xl.con + xl-conf-disable-autoballoon.patch + +------------------------------------------------------------------- +Thu Mar 7 17:55:20 UTC 2019 - ohering@suse.de + +- Update gcc9-ignore-warnings.patch to fix build in SLE12 + +------------------------------------------------------------------- +Thu Mar 7 15:28:02 UTC 2019 - ohering@suse.de + +- bsc#1126325 - fix crash in libxl in error path + Setup of grant_tables and other variables may fail + libxl.prepare-environment-for-domcreate_stream_done.patch + +------------------------------------------------------------------- +Wed Mar 6 11:12:09 MST 2019 - carnold@suse.com + +- bsc#1127620 - Documentation for the xl configuration file allows + for firmware=pvgrub64 but we don't ship pvgrub64. + Create a link from grub.xen to pvgrub64 + xen.spec + +------------------------------------------------------------------- +Mon Mar 4 14:58:18 MST 2019 - carnold@suse.com + +- Update to Xen 4.12.0 RC4 release (fate#325107, fate#323901) + xen-4.12.0-testing-src.tar.bz2 +- Tarball also contains additional post RC4 security fixes for + Xen Security Advisories 287, 288, and 290 through 294. + +------------------------------------------------------------------- +Tue Feb 19 08:11:38 MST 2019 - carnold@suse.com + +- Update to Xen 4.12.0 RC3 release (fate#325107, fate#323901) + xen-4.12.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Mon Feb 4 12:34:57 MST 2019 - carnold@suse.com + +- Update to Xen 4.12.0 RC2 release (fate#325107, fate#323901) + xen-4.12.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Fri Jan 25 12:53:37 MST 2019 - carnold@suse.com + +- bsc#1121391 - GCC 9: xen build fails + gcc9-ignore-warnings.patch + +------------------------------------------------------------------- +Thu Jan 24 09:39:18 MST 2019 - carnold@suse.com + +- bsc#1122563 - Virtualization/xen: Bug no Xen on boot, missing + /proc/xen, after 4.11 -> 4.12 upgrade on X86_64/efi. + Keep xen.efi in /usr/lib64/efi for booting older distros. + xen.spec + +------------------------------------------------------------------- +Fri Jan 18 10:51:12 MST 2019 - carnold@suse.com + +- fate#326960: Package grub2 as noarch. + As part of the effort to have a unified bootloader across + architectures, modify the xen.spec file to move the Xen efi files + to /usr/share/efi/$(uname -m) from /usr/lib64/efi. + +------------------------------------------------------------------- +Wed Jan 16 11:24:49 MST 2019 - carnold@suse.com + +- Update to Xen 4.12.0 RC1 release (fate#325107, fate#323901) + xen-4.12.0-testing-src.tar.bz2 +- Drop + 5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch + 5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch + 5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch + 5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch + 5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch + 5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch + 5b9784d2-x86-HVM-add-known_gla-helper.patch + 5b9784f2-x86-HVM-split-page-straddling-accesses.patch + 5bdc31d5-VMX-fix-vmx_handle_eoi.patch + gcc8-fix-array-warning-on-i586.patch + gcc8-fix-format-warning-on-i586.patch + gcc8-inlining-failed.patch + xen.bug1079730.patch + +------------------------------------------------------------------- +Tue Jan 15 13:38:13 MST 2019 - carnold@suse.com + +- bsc#1121960 - xen: sync with Factory + xen.spec + xen.changes + +------------------------------------------------------------------- +Sat Jan 12 14:06:02 UTC 2019 - Jan Engelhardt <jengelh@inai.de> + +- Replace old $RPM_* shell vars. +- Run fdupes for all architectures, and not crossing + subvolume boundaries. + +------------------------------------------------------------------- +Thu Jan 10 10:57:44 UTC 2019 - Guillaume GARDET <guillaume.gardet@opensuse.org> + +- Do not run %fdupes on aarch64 to avoid the hardlink-across-partition + rpmlint error + +------------------------------------------------------------------- +Tue Jan 8 13:31:30 UTC 2019 - Guillaume GARDET <guillaume.gardet@opensuse.org> + +- Require qemu-seabios only on x86* as it is not available on non-x86 + systems + +------------------------------------------------------------------- +Thu Dec 27 18:16:54 UTC 2018 - Bernhard Wiedemann <bwiedemann@suse.com> + +- Avoid creating dangling symlinks (bsc#1116524) + This reverts the revert of tmp_build.patch + +------------------------------------------------------------------- +Tue Dec 4 13:19:21 MST 2018 - carnold@suse.com + +- Update to Xen 4.11.1 bug fix release (bsc#1027519) + xen-4.11.1-testing-src.tar.bz2 +- 5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch + replaces xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch +- 5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch + replaces xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch +- Drop the following patches contained in the new tarball + 5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch + 5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch + 5b3cab8e-2-VMX-improve-MSR-load-save-API.patch + 5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch + 5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch + 5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch + 5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch + 5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch + 5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch + 5b3f8fa5-port-array_index_nospec-from-Linux.patch + 5b4321f6-x86-correctly-set-nonlazy_xstate_used-when-loading-full-state.patch + 5b4488e7-x86-spec-ctrl-cmdline-handling.patch + 5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch + 5b4c9a60-allow-cpu_down-to-be-called-earlier.patch + 5b4db308-SVM-fix-cleanup-svm_inject_event.patch + 5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch + 5b5040f2-x86-AMD-distinguish-CU-from-HT.patch + 5b505fe5-VMX-fix-find-msr-build.patch + 5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch + 5b508775-2-x86-possibly-bring-up-all-CPUs.patch + 5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch + 5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch + 5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch + 5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch + 5b56feb1-hvm-Disallow-unknown-MSR_EFER-bits.patch + 5b56feb2-spec-ctrl-Fix-the-parsing-of-xpti--on-fixed-Intel-hardware.patch + 5b62ca93-VMX-avoid-hitting-BUG_ON.patch + 5b6d84ac-x86-fix-improve-vlapic-read-write.patch + 5b6d8ce2-x86-XPTI-parsing.patch + 5b72fbbe-ARM-disable-grant-table-v2.patch + 5b72fbbe-oxenstored-eval-order.patch + 5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch + 5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch + 5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch + 5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch + 5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch + 5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch + 5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch + 5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch + 5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch + 5b72fbbf-x86-Make-spec-ctrl-no-a-global-disable-of-all-mitigations.patch + 5b72fbbf-xl.conf-Add-global-affinity-masks.patch + 5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch + 5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch + 5b75afef-x86-setup-avoid-OoB-E820-lookup.patch + 5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch + 5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch + 5b8d5832-x86-assorted-array_index_nospec-insertions.patch + 5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch + 5bacae4b-x86-boot-allocate-extra-module-slot.patch + 5bae44ce-x86-silence-false-log-messages.patch + 5bb60c12-x86-split-opt_xpti.patch + 5bb60c4f-x86-split-opt_pv_l1tf.patch + 5bb60c74-x86-fix-xpti-and-pv-l1tf.patch + 5bcf0722-x86-boot-enable-NMIs.patch + 5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch + 5bd076e9-x86-boot-init-debug-regs-correctly.patch + 5bd076e9-x86-init-vcpu-debug-regs-correctly.patch + 5bd0e0cf-vvmx-Disallow-the-use-of-VT-x-instructions-when-nested-virt-is-disabled.patch + 5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch + 5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch + 5be2a308-x86-extend-get_platform_badpages.patch + 5be2a354-x86-work-around-HLE-host-lockup-erratum.patch + xsa275-1.patch + xsa275-2.patch + xsa276-1.patch + xsa276-2.patch + xsa277.patch + xsa279.patch + xsa280-1.patch + xsa280-2.patch + +------------------------------------------------------------------- +Wed Nov 21 15:44:39 MST 2018 - carnold@suse.com + +- bsc#1116524 - Package xen-tools-4.11.0_09-2.1.x86_64 broken: + Missing /bin/domu-xenstore. This was broken because "make + package build reproducible" change. (boo#1047218, boo#1062303) + This fix reverses the change to this patch. + tmp_build.patch + +------------------------------------------------------------------- +Mon Nov 12 09:47:39 MST 2018 - carnold@suse.com + +- bsc#1115040 - VUL-0: CVE-2018-19961 CVE-2018-19962: xen: + insufficient TLB flushing / improper large page mappings with AMD + IOMMUs (XSA-275) + xsa275-1.patch + xsa275-2.patch +- bsc#1115043 - VUL-0: CVE-2018-19963: xen: resource accounting + issues in x86 IOREQ server handling (XSA-276) + xsa276-1.patch + xsa276-2.patch +- bsc#1115044 - VUL-0: CVE-2018-19964: xen: x86: incorrect error + handling for guest p2m page removals (XSA-277) + xsa277.patch +- bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even + when disabled (XSA-278) + 5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch +- bsc#1115045 - VUL-0: xen: CVE-2018-19965: x86: DoS from attempting + to use INVPCID with a non-canonical addresses (XSA-279) + xsa279.patch +- bsc#1115047 - VUL-0: CVE-2018-19966: xen: Fix for XSA-240 + conflicts with shadow paging (XSA-280) + xsa280-1.patch + xsa280-2.patch +- bsc#1114988 - VUL-0: CVE-2018-19967: xen: guest use of HLE + constructs may lock up host (XSA-282) + 5be2a308-x86-extend-get_platform_badpages.patch + 5be2a354-x86-work-around-HLE-host-lockup-erratum.patch +- bsc#1108940 - L3: XEN SLE12-SP1 domU hang on SLE12-SP3 HV + 5bdc31d5-VMX-fix-vmx_handle_eoi.patch +- Upstream bug fixes (bsc#1027519) + 5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch + 5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch + 5bacae4b-x86-boot-allocate-extra-module-slot.patch + 5bae44ce-x86-silence-false-log-messages.patch + 5bb60c12-x86-split-opt_xpti.patch + 5bb60c4f-x86-split-opt_pv_l1tf.patch + 5bb60c74-x86-fix-xpti-and-pv-l1tf.patch + 5bcf0722-x86-boot-enable-NMIs.patch + 5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch + 5bd076e9-x86-boot-init-debug-regs-correctly.patch + 5bd076e9-x86-init-vcpu-debug-regs-correctly.patch + 5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch + +------------------------------------------------------------------- +Tue Nov 6 08:33:59 MST 2018 - carnold@suse.com + +- bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even + when disabled (XSA-278) + 5bd0e0cf-vvmx-Disallow-the-use-of-VT-x-instructions-when-nested-virt-is-disabled.patch + +------------------------------------------------------------------- +Wed Oct 24 20:08:24 UTC 2018 - ohering@suse.de + +- Use SMBIOS_REL_DATE instead of SMBIOS_DATE for reproducible binaries + +------------------------------------------------------------------- +Wed Oct 24 08:21:01 UTC 2018 - Bernhard Wiedemann <bwiedemann@suse.com> + +- make package build reproducible (boo#1047218, boo#1062303) + * Set SMBIOS_REL_DATE + * Update tmp_build.patch to use SHA instead of random build-id + * Add reproducible.patch to use --no-insert-timestamp + +------------------------------------------------------------------- +Mon Oct 15 06:55:47 UTC 2018 - ohering@suse.de + +- Building with ncurses 6.1 will fail without + xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch +- Building libxl acpi support on aarch64 with gcc 8.2 will fail without + xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch + +------------------------------------------------------------------- +Tue Sep 11 13:29:58 MDT 2018 - carnold@suse.com + +- bsc#1106263 - L3: The affinity reporting via 'xl vcpu-list' is + apparently broken + 5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch + 5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch + 5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch + +------------------------------------------------------------------- +Tue Sep 11 07:47:57 MDT 2018 - carnold@suse.com + +- bsc#1094508 - L3: Kernel oops in fs/dcache.c called by + d_materialise_unique() + 5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch + 5b9784d2-x86-HVM-add-known_gla-helper.patch + 5b9784f2-x86-HVM-split-page-straddling-accesses.patch +- bsc#1103279 - (CVE-2018-15470) VUL-0: CVE-2018-15470: xen: + oxenstored does not apply quota-maxentity (XSA-272) + 5b72fbbe-oxenstored-eval-order.patch +- bsc#1103275 - (CVE-2018-15469) VUL-0: CVE-2018-15469: xen: Use of + v2 grant tables may cause crash on ARM (XSA-268) + 5b72fbbe-ARM-disable-grant-table-v2.patch +- Upstream patches from Jan (bsc#1027519) + 5b6d84ac-x86-fix-improve-vlapic-read-write.patch + 5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch + 5b75afef-x86-setup-avoid-OoB-E820-lookup.patch + 5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch + 5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch + 5b8d5832-x86-assorted-array_index_nospec-insertions.patch +- Drop 5b741962-x86-write-to-correct-variable-in-parse_pv_l1tf.patch + +------------------------------------------------------------------- +Tue Aug 28 16:07:52 MDT 2018 - carnold@suse.com + +- bsc#1078292 - rpmbuild -ba SPECS/xen.spec with xen-4.9.1 failed + xen.spec + +------------------------------------------------------------------- +Fri Aug 17 13:01:36 MDT 2018 - carnold@suse.com + +- bsc#1091107 - VUL-0: CVE-2018-3646: xen: L1 Terminal Fault -VMM + (XSA-273) + 5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch + 5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch + 5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch + 5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch + 5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch + 5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch + 5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch + 5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch +- bsc#1103276 - VUL-0: CVE-2018-15468: xen: x86: Incorrect + MSR_DEBUGCTL handling lets guests enable BTS (XSA-269) + 5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch +- Upstream prereq patches for XSA-273 and other upstream fixes + (bsc#1027519) + 5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch + 5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch + 5b3cab8e-2-VMX-improve-MSR-load-save-API.patch + 5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch + 5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch + 5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch + 5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch + 5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch + 5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch + 5b4321f6-x86-correctly-set-nonlazy_xstate_used-when-loading-full-state.patch + 5b505fe5-VMX-fix-find-msr-build.patch + 5b56feb1-hvm-Disallow-unknown-MSR_EFER-bits.patch + 5b56feb2-spec-ctrl-Fix-the-parsing-of-xpti--on-fixed-Intel-hardware.patch + 5b62ca93-VMX-avoid-hitting-BUG_ON.patch + 5b6d8ce2-x86-XPTI-parsing.patch + 5b72fbbf-x86-Make-spec-ctrl-no-a-global-disable-of-all-mitigations.patch + 5b72fbbf-xl.conf-Add-global-affinity-masks.patch + 5b741962-x86-write-to-correct-variable-in-parse_pv_l1tf.patch + +------------------------------------------------------------------- +Tue Jul 24 09:17:09 MDT 2018 - carnold@suse.com + +- Upstream patches from Jan (bsc#1027519) + 5b3f8fa5-port-array_index_nospec-from-Linux.patch + 5b4488e7-x86-spec-ctrl-cmdline-handling.patch + 5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch + 5b4c9a60-allow-cpu_down-to-be-called-earlier.patch + 5b4db308-SVM-fix-cleanup-svm_inject_event.patch + 5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch + 5b5040f2-x86-AMD-distinguish-CU-from-HT.patch + 5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch + 5b508775-2-x86-possibly-bring-up-all-CPUs.patch + 5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch + 5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch + 5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch + 5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch + gcc8-fix-format-warning-on-i586.patch + gcc8-fix-array-warning-on-i586.patch +- Drop xen.fuzz-_FORTIFY_SOURCE.patch + gcc8-fix-warning-on-i586.patch + +------------------------------------------------------------------- +Mon Jul 9 10:53:15 MDT 2018 - carnold@suse.com + +- Update to Xen 4.11.0 FCS (fate#325202, fate#325123) + xen-4.11.0-testing-src.tar.bz2 + disable-building-pv-shim.patch +- Dropped patches + 5a33a12f-domctl-improve-locking-during-domain-destruction.patch + 5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch + 5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch + 5a9985bd-x86-invpcid-support.patch + 5ac72a48-gcc8.patch + 5ac72a5f-gcc8.patch + 5ac72a64-gcc8.patch + 5ac72a69-gcc8.patch + 5ac72a6e-gcc8.patch + 5ac72a74-gcc8.patch + 5ac72a7b-gcc8.patch + 5ad4923e-x86-correct-S3-resume-ordering.patch + 5ad49293-x86-suppress-BTI-mitigations-around-S3.patch + 5ad600d4-x86-pv-introduce-x86emul_read_dr.patch + 5ad600d4-x86-pv-introduce-x86emul_write_dr.patch + 5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch + 5adda097-x86-HPET-fix-race-triggering-ASSERT.patch + 5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch + 5adde9ed-xpti-fix-double-fault-handling.patch + 5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch + 5ae31917-x86-cpuidle-init-stats-lock-once.patch + 5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch + 5aeaeaf0-sched-fix-races-in-vcpu-migration.patch + 5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch + 5aec7393-1-x86-xpti-avoid-copy.patch + 5aec7393-2-x86-xpti-write-cr3.patch + 5aec744a-3-x86-xpti-per-domain-flag.patch + 5aec744a-4-x86-xpti-use-invpcid.patch + 5aec744a-5-x86-xpti-no-global-pages.patch + 5aec744a-6-x86-xpti-cr3-valid-flag.patch + 5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch + 5aec744b-8-x86-xpti-cr3-helpers.patch + 5aec74a8-9-x86-xpti-use-pcid.patch + 5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch + 5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch + 5af1daa9-3-x86-traps-use-IST-for-DB.patch + 5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch + 5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch + 5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch + 5af97999-viridian-cpuid-leaf-40000003.patch + 5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch + 5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch + 5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch + 5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch + 5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch + 5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch + 5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch + 5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch + 5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch + 5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch + 5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch + 5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch + 5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch + 5b0bc9da-x86-XPTI-fix-S3-resume.patch + 5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x80000008.patch + 5b0d2d91-x86-suppress-sync-when-XPTI-off.patch + 5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch + 5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch + 5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch + 5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch + 5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch + 5b238b92-x86-HVM-account-for-fully-eager-FPU.patch + 5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch + 5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch + 5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch + 5b34882d-x86-mm-dont-bypass-preemption-checks.patch + 5b348874-x86-refine-checks-in-DB-handler.patch + 5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch + 5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch + 5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch + 5b348954-x86-guard-against-NM.patch + libxl.Add-a-version-check-of-QEMU-for-QMP-commands.patch + libxl.LIBXL_DESTROY_TIMEOUT.patch + libxl.qmp-Tell-QEMU-about-live-migration-or-snapshot.patch + xen_fix_build_with_acpica_20180427_and_new_packages.patch + +------------------------------------------------------------------- +Wed Jul 4 15:46:01 UTC 2018 - trenn@suse.de + +- Submit upstream patch libacpi: fixes for iasl >= 20180427 + git commit 858dbaaeda33b05c1ac80aea0ba9a03924e09005 + xen_fix_build_with_acpica_20180427_and_new_packages.patch + This is needed for acpica package to get updated in our build service + +------------------------------------------------------------------- +Fri Jun 29 08:35:34 MDT 2018 - carnold@suse.com + +- Upstream patches from Jan (bsc#1027519) + 5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-1.patch) + 5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-2.patch) + 5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch (Replaces Spectre-v4-3.patch) + 5b0bc9da-x86-XPTI-fix-S3-resume.patch + 5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x80000008.patch + 5b0d2d91-x86-suppress-sync-when-XPTI-off.patch + 5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch + 5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch + 5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch + 5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch (Replaces xsa267-1.patch) + 5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch (Replaces xsa267-2.patch) + 5b238b92-x86-HVM-account-for-fully-eager-FPU.patch + 5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch + 5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch + 5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch + 5b34882d-x86-mm-dont-bypass-preemption-checks.patch (Replaces xsa264.patch) + 5b348874-x86-refine-checks-in-DB-handler.patch (Replaces xsa265.patch) + 5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch (Replaces xsa266-1-<>.patch) + 5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch (Replaces xsa266-2-<>.patch) + 5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch + 5b348954-x86-guard-against-NM.patch + +------------------------------------------------------------------- +Mon Jun 25 09:50:31 UTC 2018 - ohering@suse.de + +- Fix more build gcc8 related failures with xen.fuzz-_FORTIFY_SOURCE.patch + +------------------------------------------------------------------- +Mon Jun 25 09:44:25 UTC 2018 - ohering@suse.de + +- bsc#1098403 - fix regression introduced by changes for bsc#1079730 + a PV domU without qcow2 and/or vfb has no qemu attached. + Ignore QMP errors for PV domUs to handle PV domUs with and without + an attached qemu-xen. + xen.bug1079730.patch + +------------------------------------------------------------------- +Mon Jun 18 14:57:06 MDT 2018 - carnold@suse.com + +- bsc#1097521 - VUL-0: CVE-2018-12891: xen: preemption checks + bypassed in x86 PV MM handling (XSA-264) + xsa264.patch +- bsc#1097522 - VUL-0: CVE-2018-12893: xen: x86: #DB exception + safety check can be triggered by a guest (XSA-265) + xsa265.patch +- bsc#1097523 - VUL-0: CVE-2018-12892: xen: libxl fails to honour + readonly flag on HVM emulated SCSI disks (XSA-266) + xsa266-1-libxl-qemu_disk_scsi_drive_string-Break-out-common-p.patch + xsa266-2-libxl-restore-passing-readonly-to-qemu-for-SCSI-disk.patch + +------------------------------------------------------------------- +Wed Jun 13 14:20:14 MDT 2018 - carnold@suse.com + +- bsc#1095242 - VUL-0: CVE-2018-3665: xen: Lazy FP Save/Restore + (XSA-267) + xsa267-1.patch + xsa267-2.patch + +------------------------------------------------------------------- +Fri Jun 1 10:27:44 MDT 2018 - carnold@suse.com + +- bsc#1092543 - GCC 8: xen build fails + gcc8-fix-warning-on-i586.patch + +------------------------------------------------------------------- +Fri May 18 08:03:46 MDT 2018 - carnold@suse.com + +- bsc#1092631 - VUL-0: CVE-2018-3639: xen: V4 – Speculative Store + Bypass aka "Memory Disambiguation" (XSA-263) + 5ad4923e-x86-correct-S3-resume-ordering.patch + 5ad49293-x86-suppress-BTI-mitigations-around-S3.patch + 5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch + 5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch + 5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch + 5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch + 5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch + 5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch + 5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch + 5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch + 5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch + 5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch + Spectre-v4-1.patch + Spectre-v4-2.patch + Spectre-v4-3.patch + +------------------------------------------------------------------- +Thu May 17 20:29:37 UTC 2018 - ohering@suse.de + +- Always call qemus xen-save-devices-state in suspend/resume to + fix migration with qcow2 images (bsc#1079730) + libxl.Add-a-version-check-of-QEMU-for-QMP-commands.patch + libxl.qmp-Tell-QEMU-about-live-migration-or-snapshot.patch + xen.bug1079730.patch + +------------------------------------------------------------------- +Wed May 16 08:45:24 MDT 2018 - carnold@suse.com + +- bsc#1087289 - L3: Xen BUG at sched_credit.c:1663 + 5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch + 5aeaeaf0-sched-fix-races-in-vcpu-migration.patch +- Upstream patches from Jan (bsc#1027519) + 5ad600d4-x86-pv-introduce-x86emul_read_dr.patch + 5ad600d4-x86-pv-introduce-x86emul_write_dr.patch + 5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch + 5adda097-x86-HPET-fix-race-triggering-ASSERT.patch + 5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch + 5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch + 5ae31917-x86-cpuidle-init-stats-lock-once.patch + 5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch + 5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch (Replaces xsa260-1.patch) + 5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch (Replaces xsa260-2.patch) + 5af1daa9-3-x86-traps-use-IST-for-DB.patch (Replaces xsa260-3.patch) + 5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch (Replaces xsa260-4.patch) + 5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch (Replaces xsa262.patch) + 5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch (Replaces xsa261.patch) + 5af97999-viridian-cpuid-leaf-40000003.patch + +------------------------------------------------------------------- +Fri May 11 08:36:45 MDT 2018 - carnold@suse.com + +- Fixes related to Page Table Isolation (XPTI). bsc#1074562 XSA-254 + 5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch + 5a9985bd-x86-invpcid-support.patch + 5adde9ed-xpti-fix-double-fault-handling.patch + 5aec7393-1-x86-xpti-avoid-copy.patch + 5aec7393-2-x86-xpti-write-cr3.patch + 5aec744a-3-x86-xpti-per-domain-flag.patch + 5aec744a-4-x86-xpti-use-invpcid.patch + 5aec744a-5-x86-xpti-no-global-pages.patch + 5aec744a-6-x86-xpti-cr3-valid-flag.patch + 5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch + 5aec744b-8-x86-xpti-cr3-helpers.patch + 5aec74a8-9-x86-xpti-use-pcid.patch + +------------------------------------------------------------------- +Wed May 9 08:32:42 MDT 2018 - carnold@suse.com + +- bsc#1092543 - GCC 8: xen build fails + 5ac72a48-gcc8.patch + 5ac72a5f-gcc8.patch + 5ac72a64-gcc8.patch + 5ac72a69-gcc8.patch + 5ac72a6e-gcc8.patch + 5ac72a74-gcc8.patch + 5ac72a7b-gcc8.patch + gcc8-inlining-failed.patch + +------------------------------------------------------------------- +Tue May 8 12:51:26 MDT 2018 - carnold@suse.com + +- Update to Xen 4.10.1 bug fix release (bsc#1027519) + xen-4.10.1-testing-src.tar.bz2 + disable-building-pv-shim.patch +- Drop the following patches contained in the new tarball + 5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch + 5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch + 5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch + 5a313972-x86-microcode-add-support-for-AMD-Fam17.patch + 5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch + 5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch + 5a4caa8c-x86-E820-don-t-overrun-array.patch + 5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch + 5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch + 5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch + 5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch + 5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch + 5a4fd893-4-x86-introduce-cpuid_policy_updated.patch + 5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch + 5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch + 5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch + 5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch + 5a4fd894-4-clarifications-to-wait-infrastructure.patch + 5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch + 5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch + 5a5e2cff-x86-Meltdown-band-aid.patch + 5a5e2d73-x86-Meltdown-band-aid-conditional.patch + 5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch + 5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch + 5a5e3a4e-3-x86-report-speculative-mitigation-details.patch + 5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch + 5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch + 5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch + 5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch + 5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch + 5a5e459c-2-x86-report-domain-id-on-CPUID.patch + 5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch + 5a69c0b9-x86-fix-GET_STACK_END.patch + 5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch + 5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch + 5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch + 5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch + 5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch + 5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch + 5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch + 5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch + 5a6b36cd-9-x86-issue-speculation-barrier.patch + 5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch + 5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch + 5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch + 5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch + 5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch + 5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch + 5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch + 5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch + 5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch + 5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch + 5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch + 5a955800-gnttab-dont-free-status-pages-on-ver-change.patch + 5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch + 5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch + 5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch + 5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch + 5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch + 5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch + 5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch + xsa258.patch + xsa259.patch + +------------------------------------------------------------------- +Wed Apr 25 09:45:03 MDT 2018 - carnold@suse.com + +- bsc#1090820 - VUL-0: CVE-2018-8897: xen: x86: mishandling of + debug exceptions (XSA-260) + xsa260-1.patch + xsa260-2.patch + xsa260-3.patch + xsa260-4.patch +- bsc#1090822 - VUL-0: CVE-2018-10982: xen: x86 vHPET interrupt + injection errors (XSA-261) + xsa261.patch +- bsc#1090823 - VUL-0: CVE-2018-10981: xen: qemu may drive Xen into + unbounded loop (XSA-262) + xsa262.patch + +------------------------------------------------------------------- +Mon Apr 16 14:03:24 MDT 2018 - carnold@suse.com + +- bsc#1089152 - VUL-0: CVE-2018-10472: xen: Information leak via + crafted user-supplied CDROM (XSA-258) + xsa258.patch +- bsc#1089635 - VUL-0: CVE-2018-10471: xen: x86: PV guest may crash + Xen with XPTI (XSA-259) + xsa259.patch + +------------------------------------------------------------------- +Wed Mar 28 08:28:59 UTC 2018 - ohering@suse.de + +- Preserve xen-syms from xen-dbg.gz to allow processing vmcores + with crash(1) (bsc#1087251) + +------------------------------------------------------------------- +Mon Mar 26 08:20:45 MDT 2018 - carnold@suse.com + +- Upstream patches from Jan (bsc#1027519) and fixes related to + Page Table Isolation (XPTI). See also bsc#1074562 XSA-254 + 5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch + 5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch + 5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch + 5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch + 5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch + 5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch + +------------------------------------------------------------------- +Thu Mar 1 09:36:03 MST 2018 - carnold@suse.com + +- bsc#1072834 - Xen HVM: unchecked MSR access error: RDMSR from + 0xc90 at rIP: 0xffffffff93061456 (native_read_msr+0x6/0x30) + 5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch +- Upstream patches from Jan (bsc#1027519) + 5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch + 5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch + 5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch + 5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch + 5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch + 5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch + 5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch + 5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch (Replaces xsa252.patch) + 5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch (Replaces xsa255-1.patch) + 5a955800-gnttab-dont-free-status-pages-on-ver-change.patch (Replaces xsa255-2.patch) + 5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch (Replaces xsa256.patch) +- Drop + xsa252.patch + xsa255-1.patch + xsa255-2.patch + xsa256.patch + +------------------------------------------------------------------- +Mon Feb 12 13:26:38 MST 2018 - carnold@suse.com + +- bsc#1080635 - VUL-0: CVE-2018-7540: xen: DoS via non-preemptable + L3/L4 pagetable freeing (XSA-252) + xsa252.patch +- bsc#1080662 - VUL-0: CVE-2018-7541: xen: grant table v2 -> v1 + transition may crash Xen (XSA-255) + xsa255-1.patch + xsa255-2.patch +- bsc#1080634 - VUL-0: CVE-2018-7542: xen: x86 PVH guest without + LAPIC may DoS the host (XSA-256) + xsa256.patch + +------------------------------------------------------------------- +Fri Feb 9 12:59:12 UTC 2018 - ohering@suse.de + +- Remove stale systemd presets code for 13.2 and older + +------------------------------------------------------------------- +Fri Feb 9 12:31:33 UTC 2018 - ohering@suse.de + +- fate#324965 - add script, udev rule and systemd service to watch + for vcpu online/offline events in a HVM domU + They are triggered via xl vcpu-set domU N + +------------------------------------------------------------------- +Fri Feb 9 10:23:15 UTC 2018 - ohering@suse.de + +- Replace hardcoded xen with Name tag when refering to subpkgs + +------------------------------------------------------------------- +Fri Feb 9 10:19:49 UTC 2018 - ohering@suse.de + +- Make sure tools and tools-domU require libs from the very same build + +------------------------------------------------------------------- +Wed Feb 7 22:47:44 UTC 2018 - jfehlig@suse.com + +- tools-domU: Add support for qemu guest agent. New files + 80-xen-channel-setup.rules and xen-channel-setup.sh configure a + xen-pv-channel for use by the guest agent + FATE#324963 + +------------------------------------------------------------------- +Wed Feb 7 15:01:10 UTC 2018 - ohering@suse.de + +- Remove outdated /etc/xen/README* + +------------------------------------------------------------------- +Mon Jan 29 10:11:05 MST 2018 - carnold@suse.com + +- bsc#1073961 - VUL-0: CVE-2018-5244: xen: x86: memory leak with + MSR emulation (XSA-253) + 5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch +- bsc#1074562 - VUL-0: CVE-2017-5753,CVE-2017-5715,CVE-2017-5754 + xen: Information leak via side effects of speculative execution + (XSA-254). Includes Spectre v2 mitigation. + 5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch + 5a4caa8c-x86-E820-don-t-overrun-array.patch + 5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch + 5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch + 5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch + 5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch + 5a4fd893-4-x86-introduce-cpuid_policy_updated.patch + 5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch + 5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch + 5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch + 5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch + 5a4fd894-4-clarifications-to-wait-infrastructure.patch + 5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch + 5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch + 5a5e2cff-x86-Meltdown-band-aid.patch + 5a5e2d73-x86-Meltdown-band-aid-conditional.patch + 5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch + 5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch + 5a5e3a4e-3-x86-report-speculative-mitigation-details.patch + 5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch + 5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch + 5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch + 5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch + 5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch + 5a5e459c-2-x86-report-domain-id-on-CPUID.patch + 5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch + 5a69c0b9-x86-fix-GET_STACK_END.patch + 5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch + 5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch + 5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch + 5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch + 5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch + 5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch + 5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch + 5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch + 5a6b36cd-9-x86-issue-speculation-barrier.patch + 5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch + 5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch + +------------------------------------------------------------------- +Fri Jan 26 14:40:14 MST 2018 - carnold@suse.com + +- Fix python3 deprecated atoi call (bsc#1067224) + pygrub-python3-conversion.patch +- Drop xenmon-python3-conversion.patch + +------------------------------------------------------------------- +Wed Jan 10 11:12:07 UTC 2018 - ohering@suse.de + +- bsc#1067317 - pass cache=writeback|unsafe|directsync to qemu, + depending on the libxl disk settings + libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch + +------------------------------------------------------------------- +Mon Jan 8 08:15:11 UTC 2018 - ohering@suse.de + +- Remove libxl.LIBXL_DESTROY_TIMEOUT.debug.patch + +------------------------------------------------------------------- +Fri Jan 5 13:45:40 MST 2018 - carnold@suse.com + +- bsc#1067224 - xen-tools have hard dependency on Python 2 + build-python3-conversion.patch + bin-python3-conversion.patch + +------------------------------------------------------------------- +Wed Dec 20 09:57:09 MST 2017 - carnold@suse.com + +- bsc#1070165 - xen crashes after aborted localhost migration + 5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch +- bsc#1035442 - L3: libxl: error: libxl.c:1676:devices_destroy_cb: + libxl__devices_destroy failed + 5a33a12f-domctl-improve-locking-during-domain-destruction.patch +- Upstream patches from Jan (bsc#1027519) + 5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch + 5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch + 5a313972-x86-microcode-add-support-for-AMD-Fam17.patch + 5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch + +------------------------------------------------------------------- +Wed Dec 13 08:43:00 MST 2017 - carnold@suse.com + +- Update to Xen 4.10.0 FCS (fate#321394, fate#322686) + xen-4.10.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Mon Dec 11 12:07:30 UTC 2017 - ohering@suse.de + +- Rebuild initrd if xen-tools-domU is updated + +------------------------------------------------------------------- +Tue Dec 5 08:38:58 MST 2017 - carnold@suse.com + +- Update to Xen 4.10.0-rc8 (fate#321394, fate#322686) + xen-4.10.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Tue Nov 28 10:14:56 UTC 2017 - ohering@suse.de + +- Increase the value of LIBXL_DESTROY_TIMEOUT from 10 to 100 seconds + If many domUs shutdown in parallel the backends can not keep up + Add some debug output to track how long backend shutdown takes (bsc#1035442) + libxl.LIBXL_DESTROY_TIMEOUT.patch + libxl.LIBXL_DESTROY_TIMEOUT.debug.patch + +------------------------------------------------------------------- +Tue Nov 28 10:06:03 UTC 2017 - ohering@suse.de + +- Adjust xenstore-run-in-studomain.patch to change the defaults + in the code instead of changing the sysconfig template, to also + cover the upgrade case + +------------------------------------------------------------------- +Fri Nov 24 17:28:59 UTC 2017 - carnold@suse.com + +- Update to Xen 4.10.0-rc6 (fate#321394, fate#322686) + xen-4.10.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Fri Nov 24 13:25:07 UTC 2017 - ohering@suse.de + +- Since xen switched to Kconfig, building a debug hypervisor + was done by default. Adjust make logic to build a non-debug + hypervisor by default, and continue to provide one as xen-dbg.gz + +------------------------------------------------------------------- +Fri Nov 24 11:26:45 UTC 2017 - ohering@suse.de + +- fate#316614: set migration constraints from cmdline + fix libxl.set-migration-constraints-from-cmdline.patch for xen-4.10 + +------------------------------------------------------------------- +Thu Nov 23 15:06:44 UTC 2017 - ohering@suse.de + +- Document the suse-diskcache-disable-flush option in + xl-disk-configuration(5) (bsc#879425,bsc#1067317) + +------------------------------------------------------------------- +Thu Nov 23 13:47:42 UTC 2017 - rbrown@suse.com + +- Replace references to /var/adm/fillup-templates with new + %_fillupdir macro (boo#1069468) + +------------------------------------------------------------------- +Thu Nov 16 08:48:07 MST 2017 - carnold@suse.com + +- Update to Xen 4.10.0-rc5 (fate#321394, fate#322686) + xen-4.10.0-testing-src.tar.bz2 +- fate#323663 - Run Xenstore in stubdomain + xenstore-run-in-studomain.patch + +------------------------------------------------------------------- +Thu Nov 9 15:11:57 MST 2017 - carnold@suse.com + +- bsc#1067224 - xen-tools have hard dependency on Python 2 + pygrub-python3-conversion.patch + xenmon-python3-conversion.patch + migration-python3-conversion.patch + xnloader.py + xen2libvirt.py + +------------------------------------------------------------------- +Wed Nov 8 10:47:24 UTC 2017 - ohering@suse.de + +- Remove xendriverdomain.service (bsc#1065185) + Driver domains must be configured manually with custom .service file + +------------------------------------------------------------------- +Thu Nov 2 14:14:02 MDT 2017 - carnold@suse.com + +- Update to Xen 4.10.0-rc3 (fate#321394, fate#322686) + xen-4.10.0-testing-src.tar.bz2 +- Drop 59f31268-libxc-remove-stale-error-check-for-domain-size.patch + +------------------------------------------------------------------- +Thu Nov 2 11:36:27 UTC 2017 - ohering@suse.de + +- Adjust xen-dom0-modules.service to ignore errors (bsc#1065187) + +------------------------------------------------------------------- +Fri Oct 27 07:48:55 MDT 2017 - carnold@suse.com + +- fate#324052 Support migration of Xen HVM domains larger than 1TB + 59f31268-libxc-remove-stale-error-check-for-domain-size.patch + +------------------------------------------------------------------- +Wed Oct 25 16:26:33 MDT 2017 - carnold@suse.com + +- Update to Xen 4.10.0-rc2 (fate#321394, fate#322686) + xen-4.10.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Mon Oct 16 09:34:23 MDT 2017 - carnold@suse.com + +- Update to Xen 4.10.0-rc1 (fate#321394, fate#322686) + xen-4.10.0-testing-src.tar.bz2 +- Drop patches included in new tarball + 592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch + 596f257e-x86-fix-hvmemul_insn_fetch.patch + 5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch + 598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch + 598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch + 5992f1e5-x86-grant-disallow-misaligned-PTEs.patch + 5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch + 5992f233-gnttab-correct-pin-status-fixup-for-copy.patch + 59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch + 59958ebf-gnttab-fix-transitive-grant-handling.patch + 59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch + 599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch + 59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch + 59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch + 59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch + 59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch + 59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch + 59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch + 59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch + 59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch + 59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch + 59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch + 59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch + 59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch + gcc7-arm.patch + gcc7-mini-os.patch + +------------------------------------------------------------------- +Tue Oct 3 09:03:57 MDT 2017 - carnold@suse.com + +- bsc#1061084 - VUL-0: xen: page type reference leak on x86 + (XSA-242) + xsa242.patch +- bsc#1061086 - VUL-0: xen: x86: Incorrect handling of self-linear + shadow mappings with translated guests (XSA-243) + xsa243.patch +- bsc#1061087 - VUL-0: xen: x86: Incorrect handling of IST settings + during CPU hotplug (XSA-244) + xsa244.patch + +------------------------------------------------------------------- +Mon Oct 2 13:26:08 MDT 2017 - carnold@suse.com + +- bsc#1061077 - VUL-0: xen: DMOP map/unmap missing argument checks + (XSA-238) + xsa238.patch +- bsc#1061080 - VUL-0: xen: hypervisor stack leak in x86 I/O + intercept code (XSA-239) + xsa239.patch +- bsc#1061081 - VUL-0: xen: Unlimited recursion in linear pagetable + de-typing (XSA-240) + xsa240-1.patch + xsa240-2.patch +- bsc#1061082 - VUL-0: xen: Stale TLB entry due to page type + release race (XSA-241) + xsa241.patch + +------------------------------------------------------------------- +Fri Sep 29 10:57:35 MDT 2017 - carnold@suse.com + +- bsc#1061075 - VUL-0: xen: pin count / page reference race in + grant table code (XSA-236) + xsa236.patch +- bsc#1061076 - VUL-0: xen: multiple MSI mapping issues on x86 + (XSA-237) + xsa237-1.patch + xsa237-2.patch + xsa237-3.patch + xsa237-4.patch + xsa237-5.patch + +------------------------------------------------------------------- +Tue Sep 26 08:44:03 MDT 2017 - carnold@suse.com + +- bsc#1056278 - VUL-0: xen: Missing NUMA node parameter + verification (XSA-231) + 59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch +- bsc#1056280 - VUL-0: xen: Missing check for grant table (XSA-232) + 59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch +- bsc#1056281 - VUL-0: xen: cxenstored: Race in domain cleanup + (XSA-233) + 59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch +- bsc#1056282 - VUL-0: xen: insufficient grant unmapping checks for + x86 PV guests (XSA-234) + 59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch +- bsc#1055321 - VUL-0: xen: add-to-physmap error paths fail to + release lock on ARM (XSA-235) + 599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch +- Upstream patches from Jan (bsc#1027519) + 59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch + 59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch + 59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch + 59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch + 59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch + 59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch + 59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch + 59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch +- Dropped gcc7-xen.patch + +------------------------------------------------------------------- +Thu Sep 7 04:58:12 MDT 2017 - carnold@suse.com + +- bsc#1057358 - Cannot Boot into SLES12.3 with Xen hypervisor when + Secure Boot is Enabled + xen.spec + +------------------------------------------------------------------- +Tue Sep 5 12:00:59 UTC 2017 - ohering@suse.de + +- bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored + update from v6 to v9 to cover more cases for ballooned domUs + libxc.sr.superpage.patch + +------------------------------------------------------------------- +Mon Aug 28 14:51:54 UTC 2017 - ohering@suse.de + +- bsc#1026236 - remove suse_vtsc_tolerance= cmdline option for Xen + drop the patch because it is not upstream acceptable + remove xen.suse_vtsc_tolerance.patch + +------------------------------------------------------------------- +Sat Aug 26 10:52:46 UTC 2017 - ohering@suse.de + +- bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored + after the save using xl stack + libxc.sr.superpage.patch + +------------------------------------------------------------------- +Tue Aug 22 13:25:33 UTC 2017 - ohering@suse.de + +- Unignore gcc-PIE + the toolstack disables PIE for firmware builds as needed + +------------------------------------------------------------------- +Mon Aug 21 10:42:46 MDT 2017 - carnold@suse.com + +- Upstream patches from Jan (bsc#1027519) + 592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch + 596f257e-x86-fix-hvmemul_insn_fetch.patch + 5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch + 598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch + 598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch + 5992f1e5-x86-grant-disallow-misaligned-PTEs.patch (Replaces xsa227.patch) + 5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch (Replaces xsa228.patch) + 5992f233-gnttab-correct-pin-status-fixup-for-copy.patch (Replaces xsa230.patch) + 59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch (Replaces xsa226-1.patch) + 59958ebf-gnttab-fix-transitive-grant-handling.patch (Replaces xsa226-2.patch) + 59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch + +------------------------------------------------------------------- +Wed Aug 16 15:03:46 MDT 2017 - carnold@suse.com + +- bsc#1044974 - xen-tools require python-pam + xen.spec + +------------------------------------------------------------------- +Fri Aug 11 16:37:44 MDT 2017 - carnold@suse.com + +- Clean up spec file errors and a few warnings. (bsc#1027519) +- Removed conditional 'with_systemd' and some old deprecated + 'sles_version' checks. + xen.spec + +------------------------------------------------------------------- +Thu Aug 10 19:45:31 UTC 2017 - jfehlig@suse.com + +- Remove use of brctl utiltiy from supportconfig plugin + FATE#323639 + +------------------------------------------------------------------- +Thu Aug 10 07:50:47 UTC 2017 - ohering@suse.de + +- Use upstream variant of mini-os __udivmoddi4 change + gcc7-mini-os.patch + +------------------------------------------------------------------- +Wed Aug 9 13:14:56 MDT 2017 - carnold@suse.com + +- fate#323639 Move bridge-utils to legacy + replace-obsolete-network-configuration-commands-in-s.patch + +------------------------------------------------------------------- +Tue Aug 8 08:20:41 MDT 2017 - carnold@suse.com + +- bsc#1052686 - VUL-0: xen: grant_table: possibly premature + clearing of GTF_writing / GTF_reading (XSA-230) + xsa230.patch + +------------------------------------------------------------------- +Mon Aug 7 12:53:44 UTC 2017 - ohering@suse.de + +- bsc#1035231 - migration of HVM domU does not use superpages + on destination dom0 + libxc.sr.superpage.patch + +------------------------------------------------------------------- +Thu Aug 3 11:51:11 MDT 2017 - carnold@suse.com + +- bsc#1051787 - VUL-0: CVE-2017-12135: xen: possibly unbounded + recursion in grant table code (XSA-226) + xsa226-1.patch + xsa226-2.patch +- bsc#1051788 - VUL-0: CVE-2017-12137: xen: x86: PV privilege + escalation via map_grant_ref (XSA-227) + xsa227.patch +- bsc#1051789 - VUL-0: CVE-2017-12136: xen: grant_table: Race + conditions with maptrack free list handling (XSA-228) + xsa228.patch + +------------------------------------------------------------------- +Tue Aug 1 20:02:58 UTC 2017 - jfehlig@suse.com + +- Add a supportconfig plugin + xen-supportconfig + FATE#323661 + +------------------------------------------------------------------- +Tue Jul 25 14:48:02 UTC 2017 - ohering@suse.de + +- bsc#1026236 - add suse_vtsc_tolerance= cmdline option for Xen + To avoid emulation of TSC access from a domU after live migration + add a global tolerance for the measured host kHz + xen.suse_vtsc_tolerance.patch + +------------------------------------------------------------------- +Thu Jul 20 10:46:43 MDT 2017 - carnold@suse.com + +- fate#323662 Drop qemu-dm from xen-tools package + The following tarball and patches have been removed + qemu-xen-traditional-dir-remote.tar.bz2 + VNC-Support-for-ExtendedKeyEvent-client-message.patch + 0001-net-move-the-tap-buffer-into-TAPState.patch + 0002-net-increase-tap-buffer-size.patch + 0003-e1000-fix-access-4-bytes-beyond-buffer-end.patch + 0004-e1000-secrc-support.patch + 0005-e1000-multi-buffer-packet-support.patch + 0006-e1000-clear-EOP-for-multi-buffer-descriptors.patch + 0007-e1000-verify-we-have-buffers-upfront.patch + 0008-e1000-check-buffer-availability.patch + CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch + CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch + CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch + CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch + CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch + CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch + CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch + CVE-2015-4037-qemut-smb-config-dir-name.patch + CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch + CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch + CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch + CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch + CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch + CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch + CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch + CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch + CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch + CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch + CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch + CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch + CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch + CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch + CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch + CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch + CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch + CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch + CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch + CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch + CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch + CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch + CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch + CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch + blktap.patch + cdrom-removable.patch + xen-qemu-iscsi-fix.patch + qemu-security-etch1.patch + xen-disable-qemu-monitor.patch + xen-hvm-default-bridge.patch + qemu-ifup-set-mtu.patch + ioemu-vnc-resize.patch + capslock_enable.patch + altgr_2.patch + log-guest-console.patch + bdrv_open2_fix_flags.patch + bdrv_open2_flags_2.patch + ioemu-7615-qcow2-fix-alloc_cluster_link_l2.patch + qemu-dm-segfault.patch + bdrv_default_rwflag.patch + kernel-boot-hvm.patch + ioemu-watchdog-support.patch + ioemu-watchdog-linkage.patch + ioemu-watchdog-ib700-timer.patch + ioemu-hvm-pv-support.patch + pvdrv_emulation_control.patch + ioemu-disable-scsi.patch + ioemu-disable-emulated-ide-if-pv.patch + xenpaging.qemu.flush-cache.patch + ioemu-devicemodel-include.patch +- Cleanup spec file and remove unused KMP patches + kmp_filelist + supported_module.patch + xen_pvonhvm.xen_emul_unplug.patch + +------------------------------------------------------------------- +Mon Jul 17 15:19:50 MDT 2017 - carnold@suse.com + +- bsc#1002573 - Optimize LVM functions in block-dmmd + block-dmmd + +------------------------------------------------------------------- +Fri Jul 14 18:05:12 UTC 2017 - ohering@suse.de + +- Record initial Xen dmesg in /var/log/xen/xen-boot.log for + supportconfig. Keep previous log in /var/log/xen/xen-boot.prev.log + +------------------------------------------------------------------- +Fri Jul 14 10:41:34 UTC 2017 - ohering@suse.de + +- Remove storytelling from description in xen.rpm + +------------------------------------------------------------------- +Wed Jun 28 01:40:43 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0 FCS (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Wed Jun 21 14:03:40 MDT 2017 - carnold@suse.com + +- Update block-dmmd script (bsc#1002573) + block-dmmd + +------------------------------------------------------------------- +Tue Jun 20 15:18:25 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc8+ (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + gcc7-arm.patch +- Drop gcc7-error-xenpmd.patch + +------------------------------------------------------------------- +Mon Jun 5 10:49:34 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc8 (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Thu Jun 1 13:24:26 MDT 2017 - carnold@suse.com + +- bsc#1042160 - VUL-1: CVE-2017-9330: xen: usb: ohci: infinite loop + due to incorrect return value + CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch + +------------------------------------------------------------------- +Tue May 30 11:24:41 MDT 2017 - carnold@suse.com + +- bsc#1037243 - VUL-1: CVE-2017-8309: xen: audio: host memory + leakage via capture buffer + CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch + +------------------------------------------------------------------- +Fri May 26 12:58:06 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc7 (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Mon May 22 14:43:01 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc6 (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Thu May 18 16:22:53 MDT 2017 - carnold@suse.com + +- bsc#1031343 - xen fails to build with GCC 7 + gcc7-mini-os.patch + gcc7-xen.patch + +------------------------------------------------------------------- +Wed May 17 08:28:37 MDT 2017 - carnold@suse.com + +- bsc#1031343 - xen fails to build with GCC 7 + gcc7-error-xenpmd.patch + +------------------------------------------------------------------- +Tue May 16 09:04:19 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc5 (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 +- Drop xen-tools-pkgconfig-xenlight.patch + +------------------------------------------------------------------- +Wed May 10 15:26:38 MDT 2017 - carnold@suse.com + +- bsc#1037779 - xen breaks kexec-tools build + xen-tools-pkgconfig-xenlight.patch + +------------------------------------------------------------------- +Tue May 9 08:40:58 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc4 (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Tue May 2 09:18:24 MDT 2017 - carnold@suse.com + +- bsc#1036146 - sles12sp2 xen VM dumps core to wrong path + xen.spec + +------------------------------------------------------------------- +Fri Apr 28 09:03:56 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc3 (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + aarch64-maybe-uninitialized.patch + +------------------------------------------------------------------- +Fri Apr 21 16:26:31 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc2 (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + +------------------------------------------------------------------- +Wed Apr 19 07:54:58 MDT 2017 - carnold@suse.com + +- Update to Xen 4.9.0-rc1 (fate#321394, fate#323108) + xen-4.9.0-testing-src.tar.bz2 + ioemu-devicemodel-include.patch +- Dropped patches contained in new tarball + xen-4.8.0-testing-src.tar.bz2 + 0001-xenstore-let-write_node-and-some-callers-return-errn.patch + 0002-xenstore-undo-function-rename.patch + 0003-xenstore-rework-of-transaction-handling.patch + 584806ce-x86emul-correct-PUSHF-POPF.patch + 584fc649-fix-determining-when-domain-creation-is-complete.patch + 58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch + 58510cac-x86emul-MOVNTI-no-REP-prefixes.patch + 58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch + 5853ed37-VT-d-correct-dma_msi_set_affinity.patch + 5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch + 58580060-x86-emul-correct-SYSCALL-eflags-handling.patch + 585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch + 585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch + 585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch + 586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch + 587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch + 587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch + 5882129d-x86emul-LOCK-check-adjustments.patch + 58821300-x86-segment-attribute-handling.patch + 58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch + 58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch + 5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch + 5887888f-credit2-never-consider-CPUs-outside-of-pool.patch + 5887888f-credit2-use-the-correct-scratch-cpumask.patch + 5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch + 5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch + 589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch + 58a44771-IOMMU-always-call-teardown-callback.patch + 58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch + 58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch + 58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch + 58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch + 58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch + 58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch + 58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch + 58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch + 58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch + 58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch + 58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch + 58d25ea2-xenstore-add-missing-checks-for-allocation-failure.patch + 58d91365-sched-dont-call-wrong-hook-via-VCPU2OP.patch + CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch + CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch + glibc-2.25-compatibility-fix.patch + xs-09-add_change_node-params.patch + xs-10-call-add_change_node.patch + xs-11-tdb-record-header.patch + xs-12-node-gen-count.patch + xs-13-read-directory-part-support.patch + xs-14-command-array.patch + xs-15-command-return-val.patch + xs-16-function-static.patch + xs-17-arg-parsing.patch + xs-18-default-buffer.patch + xs-19-handle-alloc-failures.patch + xs-20-tdb-version.patch + xs-21-empty-tdb-database.patch + xs-22-reopen_log-fix.patch + xs-23-XS_DEBUG-rename.patch + xs-24-xenstored_control.patch + xs-25-control-enhance.patch + xs-26-log-control.patch + xs-27-memory-report.patch + xs-28-remove-talloc-report.patch + xs-29-define-off_t.patch + xsa206-0001-xenstored-apply-a-write-transaction-rate-limit.patch + xsa206-0002-xenstored-Log-when-the-write-transaction-rate-limit.patch + +------------------------------------------------------------------- +Wed Apr 5 11:41:52 MDT 2017 - carnold@suse.com + +- bsc#1022703 - Xen HVM guest with OVMF hangs with unattached CDRom + 58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch + +------------------------------------------------------------------- Wed Mar 29 16:18:26 UTC 2017 - jfehlig@suse.com - bsc#1015348 - L3: libvirtd does not start during boot --- xen.spec.orig +++ xen.spec @@ -1,7 +1,7 @@ # # spec file for package xen # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,20 +12,26 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # +# needssslcertforbuild +#Compat macro for new _fillupdir macro introduced in Nov 2017 +%if ! %{defined _fillupdir} + %define _fillupdir /var/adm/fillup-templates +%endif + +# Tumbleweed now defines _libexecdir as /usr/libexec +# Keep it at the original location (/usr/lib) for backward compatibility +%define _libexecdir /usr/lib + Name: xen -ExclusiveArch: %ix86 x86_64 %arm aarch64 -%define changeset 34159 -%define xen_build_dir xen-4.8.0-testing +ExclusiveArch: %ix86 x86_64 aarch64 +%define xen_build_dir xen-4.16.1-testing # -%define with_kmp 0 %define with_gdbsx 0 %define with_dom0_support 0 -%define with_qemu_traditional 0 -%bcond_with xen_oxenstored %ifarch x86_64 %bcond_without xen_debug %bcond_without xen_stubdom @@ -34,15 +40,15 @@ ExclusiveArch: %ix86 x86_64 %arm aarch6 %bcond_with xen_stubdom %endif # +%define qemu_arch i386 %ifarch x86_64 -%define with_kmp 0 %define with_gdbsx 1 %define with_dom0_support 1 -%define with_qemu_traditional 1 %endif # %ifarch %arm aarch64 %define with_dom0_support 1 +%define qemu_arch aarch64 %endif # %define xen_install_suffix %{nil} @@ -56,23 +62,10 @@ ExclusiveArch: %ix86 x86_64 %arm aarch6 # 12.2+ have gcc 4.7 as default compiler %define with_gcc47 0 %define with_gcc48 0 -%if %suse_version == 1110 -%define with_gcc48 1 -%endif %define _fwdefdir /etc/sysconfig/SuSEfirewall2.d/services -%define with_systemd 0 -%if %suse_version > 1220 -%define with_systemd 1 -%define include_systemd_preset 0 -%if %suse_version <= 1320 && 0%{?sle_version} < 120300 -%define include_systemd_preset 1 -%endif %systemd_requires -BuildRequires: systemd-devel +BuildRequires: pkgconfig(libsystemd) %define with_systemd_modules_load %{_prefix}/lib/modules-load.d -%else -PreReq: %insserv_prereq -%endif PreReq: %fillup_prereq %ifarch %arm aarch64 %if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 && 0%{?sle_version} > 120200 ) @@ -81,29 +74,20 @@ BuildRequires: libfdt-devel BuildRequires: libfdt1-devel %endif %endif -%ifarch %ix86 x86_64 -BuildRequires: dev86 -%endif -#!BuildIgnore: gcc-PIE -# JWF: Until Anthony's series to load BIOS via toolstack is merged, -# autoconf is needed by autogen.sh. -# http://lists.xenproject.org/archives/html/xen-devel/2016-03/msg01626.html -BuildRequires: autoconf >= 2.67 BuildRequires: bison BuildRequires: fdupes +%if 0%{?suse_version} > 1315 BuildRequires: figlet +%endif BuildRequires: flex BuildRequires: glib2-devel BuildRequires: libaio-devel BuildRequires: libbz2-devel +BuildRequires: libnl3-devel BuildRequires: libpixman-1-0-devel BuildRequires: libuuid-devel BuildRequires: libxml2-devel BuildRequires: libyajl-devel -%if %{?with_qemu_traditional}0 -BuildRequires: SDL-devel -BuildRequires: pciutils-devel -%endif %if %{with xen_stubdom} %if 0%{?suse_version} < 1230 BuildRequires: texinfo @@ -111,30 +95,15 @@ BuildRequires: texinfo BuildRequires: makeinfo %endif %endif +BuildRequires: acpica BuildRequires: ncurses-devel -%if %{?with_dom0_support}0 -%if %{with xen_oxenstored} -BuildRequires: ocaml -BuildRequires: ocaml-compiler-libs -BuildRequires: ocaml-findlib -BuildRequires: ocaml-ocamldoc -BuildRequires: ocaml-runtime -%endif -%endif BuildRequires: openssl-devel -BuildRequires: python-devel -%if %{?with_systemd}0 -BuildRequires: systemd -%endif -%if %suse_version >= 1120 +BuildRequires: python3-devel BuildRequires: xz-devel -%endif -%if %suse_version <= 1110 -BuildRequires: pmtools -%else -BuildRequires: acpica -%endif +BuildRequires: pkgconfig(systemd) %ifarch x86_64 +BuildRequires: gcc-32bit +BuildRequires: gcc-c++ %if %{?with_gcc47}0 BuildRequires: gcc47 %endif @@ -143,235 +112,126 @@ BuildRequires: gcc48 %endif BuildRequires: glibc-32bit BuildRequires: glibc-devel-32bit +BuildRequires: makeinfo %endif -%if %{?with_kmp}0 -BuildRequires: kernel-source -BuildRequires: kernel-syms -BuildRequires: module-init-tools -%if %suse_version >= 1230 -BuildRequires: lndir +%ifarch x86_64 BuildRequires: pesign-obs-integration -%else -BuildRequires: xorg-x11-util-devel -%endif %endif +Provides: installhint(reboot-needed) -Version: 4.8.0_06 +Version: 4.16.1_02 Release: 0 Summary: Xen Virtualization: Hypervisor (aka VMM aka Microkernel) -License: GPL-2.0 +License: GPL-2.0-only Group: System/Kernel -Source0: xen-4.8.0-testing-src.tar.bz2 +Source0: xen-4.16.1-testing-src.tar.bz2 Source1: stubdom.tar.bz2 -Source2: qemu-xen-traditional-dir-remote.tar.bz2 -Source5: ipxe.tar.bz2 -Source6: mini-os.tar.bz2 +Source2: mini-os.tar.bz2 +Source3: xen-utils-0.1.tar.bz2 Source9: xen.changes Source10: README.SUSE Source11: boot.xen Source12: boot.local.xenU -Source15: logrotate.conf +Source13: xen-supportconfig +Source14: logrotate.conf Source21: block-npiv-common.sh Source22: block-npiv Source23: block-npiv-vport -Source26: init.xen_loop -%if %{?with_kmp}0 -Source28: kmp_filelist -%endif -Source29: block-dmmd +Source24: block-dmmd # Xen API remote authentication sources Source30: etc_pam.d_xen-api Source31: xenapiusers # Init script and sysconf file for pciback Source34: init.pciback Source35: sysconfig.pciback -Source36: xnloader.py -Source37: xen2libvirt.py +Source36: xen2libvirt.py # Systemd service files Source41: xencommons.service Source42: xen-dom0-modules.service -Source57: xen-utils-0.1.tar.bz2 +Source10172: xendomains-wait-disks.sh +Source10173: xendomains-wait-disks.LICENSE +Source10174: xendomains-wait-disks.README.md +Source10183: xen_maskcalc.py # For xen-libs Source99: baselibs.conf # Upstream patches -Patch1: 584806ce-x86emul-correct-PUSHF-POPF.patch -Patch2: 584fc649-fix-determining-when-domain-creation-is-complete.patch -Patch3: 58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch -Patch4: 58510cac-x86emul-MOVNTI-no-REP-prefixes.patch -Patch5: 58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch -Patch6: 5853ed37-VT-d-correct-dma_msi_set_affinity.patch -Patch7: 5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch -Patch8: 58580060-x86-emul-correct-SYSCALL-eflags-handling.patch -Patch9: 585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch -Patch10: 585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch -Patch11: 585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch -Patch12: 586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch -Patch13: 587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch -Patch14: 587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch -Patch15: 5882129d-x86emul-LOCK-check-adjustments.patch -Patch16: 58821300-x86-segment-attribute-handling.patch -Patch17: 58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch -Patch18: 58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch -Patch19: 5887888f-credit2-use-the-correct-scratch-cpumask.patch -Patch20: 5887888f-credit2-never-consider-CPUs-outside-of-pool.patch -Patch21: 5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch -Patch22: 5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch -Patch23: 5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch -Patch24: 589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch -Patch25: 58a44771-IOMMU-always-call-teardown-callback.patch -Patch26: 58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch -Patch27: 58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch -Patch28: 58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch -Patch29: 58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch -Patch30: 58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch -Patch31: 58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch -Patch32: 58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch -Patch33: 58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch -Patch34: 58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch -Patch35: 58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch -Patch36: 58d91365-sched-dont-call-wrong-hook-via-VCPU2OP.patch -# Upstream qemu-traditional patches -Patch250: VNC-Support-for-ExtendedKeyEvent-client-message.patch -Patch251: 0001-net-move-the-tap-buffer-into-TAPState.patch -Patch252: 0002-net-increase-tap-buffer-size.patch -Patch253: 0003-e1000-fix-access-4-bytes-beyond-buffer-end.patch -Patch254: 0004-e1000-secrc-support.patch -Patch255: 0005-e1000-multi-buffer-packet-support.patch -Patch256: 0006-e1000-clear-EOP-for-multi-buffer-descriptors.patch -Patch257: 0007-e1000-verify-we-have-buffers-upfront.patch -Patch258: 0008-e1000-check-buffer-availability.patch -Patch259: CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch -Patch260: CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch -Patch261: CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch -Patch262: CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch -Patch263: CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch -Patch264: CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch -Patch265: CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch -Patch266: CVE-2015-4037-qemut-smb-config-dir-name.patch -Patch267: CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch -Patch268: CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch -Patch269: CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch -Patch270: CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch -Patch271: CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch -Patch272: CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch -Patch273: CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch -Patch274: CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch -Patch275: CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch -Patch276: CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch -Patch277: CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch -Patch278: CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch -Patch279: CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch -Patch280: CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch -Patch281: CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch -Patch282: CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch -Patch283: CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch -Patch284: CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch -Patch285: CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch -Patch286: CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch -Patch287: CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch -Patch288: CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch -Patch289: CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch -Patch290: CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch -# qemu-traditional patches that are not upstream -Patch350: blktap.patch -Patch351: cdrom-removable.patch -Patch353: xen-qemu-iscsi-fix.patch -Patch354: qemu-security-etch1.patch -Patch355: xen-disable-qemu-monitor.patch -Patch356: xen-hvm-default-bridge.patch -Patch357: qemu-ifup-set-mtu.patch -Patch358: ioemu-vnc-resize.patch -Patch359: capslock_enable.patch -Patch360: altgr_2.patch -Patch361: log-guest-console.patch -Patch370: bdrv_open2_fix_flags.patch -Patch371: bdrv_open2_flags_2.patch -Patch372: ioemu-7615-qcow2-fix-alloc_cluster_link_l2.patch -Patch373: qemu-dm-segfault.patch -Patch374: bdrv_default_rwflag.patch -Patch375: kernel-boot-hvm.patch -Patch376: ioemu-watchdog-support.patch -Patch377: ioemu-watchdog-linkage.patch -Patch378: ioemu-watchdog-ib700-timer.patch -Patch379: ioemu-hvm-pv-support.patch -Patch380: pvdrv_emulation_control.patch -Patch381: ioemu-disable-scsi.patch -Patch382: ioemu-disable-emulated-ide-if-pv.patch -Patch383: xenpaging.qemu.flush-cache.patch +# EMBARGOED security fixes +# libxc +Patch301: libxc-bitmap-long.patch +Patch302: libxc-sr-xl-migration-debug.patch +Patch303: libxc-sr-readv_exact.patch +Patch304: libxc-sr-save-show_transfer_rate.patch +Patch305: libxc-sr-save-mfns.patch +Patch306: libxc-sr-save-types.patch +Patch307: libxc-sr-save-errors.patch +Patch308: libxc-sr-save-iov.patch +Patch309: libxc-sr-save-rec_pfns.patch +Patch310: libxc-sr-save-guest_data.patch +Patch311: libxc-sr-save-local_pages.patch +Patch312: libxc-sr-restore-pfns.patch +Patch313: libxc-sr-restore-types.patch +Patch314: libxc-sr-restore-mfns.patch +Patch315: libxc-sr-restore-map_errs.patch +Patch316: libxc-sr-restore-populate_pfns-pfns.patch +Patch317: libxc-sr-restore-populate_pfns-mfns.patch +Patch318: libxc-sr-restore-read_record.patch +Patch319: libxc-sr-restore-handle_buffered_page_data.patch +Patch320: libxc-sr-restore-handle_incoming_page_data.patch +Patch321: libxc-sr-LIBXL_HAVE_DOMAIN_SUSPEND_PROPS.patch +Patch322: libxc-sr-precopy_policy.patch +Patch323: libxc-sr-max_iters.patch +Patch324: libxc-sr-min_remaining.patch +Patch325: libxc-sr-abort_if_busy.patch +Patch326: libxc-sr-xg_sr_bitmap.patch +Patch327: libxc-sr-xg_sr_bitmap-populated_pfns.patch +Patch328: libxc-sr-restore-hvm-legacy-superpage.patch +Patch329: libxc-sr-track-migration-time.patch +Patch330: libxc-sr-number-of-iterations.patch # Our platform specific patches Patch400: xen-destdir.patch Patch401: vif-bridge-no-iptables.patch Patch402: vif-bridge-tap-fix.patch Patch403: xl-conf-default-bridge.patch -Patch404: xen-arch-kconfig-nr_cpus.patch -Patch405: suse-xendomains-service.patch +Patch404: xl-conf-disable-autoballoon.patch +Patch405: xen-arch-kconfig-nr_cpus.patch +Patch406: suse-xendomains-service.patch +Patch407: replace-obsolete-network-configuration-commands-in-s.patch +Patch408: disable-building-pv-shim.patch +Patch409: ignore-ip-command-script-errors.patch # Needs to go upstream Patch420: suspend_evtchn_lock.patch -Patch421: xenpaging.doc.patch -Patch422: stubdom-have-iovec.patch -Patch423: vif-route.patch -Patch424: glibc-2.25-compatibility-fix.patch +Patch421: vif-route.patch # Other bug fixes or features +Patch450: xen.sysconfig-fillup.patch Patch451: xenconsole-no-multiple-connections.patch Patch452: hibernate.patch Patch453: stdvga-cache.patch -Patch454: ipxe-enable-nics.patch -Patch455: pygrub-netware-xnloader.patch -Patch456: pygrub-boot-legacy-sles.patch -Patch457: pygrub-handle-one-line-menu-entries.patch -Patch458: aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch -Patch459: CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch -Patch460: libxl.pvscsi.patch -Patch461: xen.libxl.dmmd.patch -Patch462: libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch -Patch463: blktap2-no-uninit.patch -Patch464: libxl.set-migration-constraints-from-cmdline.patch -# Xenstored -Patch509: xs-09-add_change_node-params.patch -Patch510: xs-10-call-add_change_node.patch -Patch511: xs-11-tdb-record-header.patch -Patch512: xs-12-node-gen-count.patch -Patch513: xs-13-read-directory-part-support.patch -Patch514: xs-14-command-array.patch -Patch515: xs-15-command-return-val.patch -Patch516: xs-16-function-static.patch -Patch517: xs-17-arg-parsing.patch -Patch518: xs-18-default-buffer.patch -Patch519: xs-19-handle-alloc-failures.patch -Patch520: xs-20-tdb-version.patch -Patch521: xs-21-empty-tdb-database.patch -Patch522: xs-22-reopen_log-fix.patch -Patch523: xs-23-XS_DEBUG-rename.patch -Patch524: xs-24-xenstored_control.patch -Patch525: xs-25-control-enhance.patch -Patch526: xs-26-log-control.patch -Patch527: xs-27-memory-report.patch -Patch528: xs-28-remove-talloc-report.patch -Patch529: xs-29-define-off_t.patch -Patch530: xsa206-0001-xenstored-apply-a-write-transaction-rate-limit.patch -Patch531: xsa206-0002-xenstored-Log-when-the-write-transaction-rate-limit.patch -Patch532: 58d25ea2-xenstore-add-missing-checks-for-allocation-failure.patch -Patch533: 0001-xenstore-let-write_node-and-some-callers-return-errn.patch -Patch534: 0002-xenstore-undo-function-rename.patch -Patch535: 0003-xenstore-rework-of-transaction-handling.patch +Patch454: xl-save-pc.patch +Patch455: pygrub-boot-legacy-sles.patch +Patch456: pygrub-handle-one-line-menu-entries.patch +Patch457: aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch +Patch461: libxl.max_event_channels.patch +Patch463: libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch +Patch464: libxl.pvscsi.patch +Patch465: xen.libxl.dmmd.patch +Patch467: xenstore-run-in-studomain.patch +Patch468: libxl.helper_done-crash.patch +Patch469: libxl.LIBXL_HOTPLUG_TIMEOUT.patch +# python3 conversion patches +Patch500: build-python3-conversion.patch +Patch501: migration-python3-conversion.patch +Patch502: bin-python3-conversion.patch # Hypervisor and PV driver Patches +Patch600: xen.bug1026236.suse_vtsc_tolerance.patch Patch601: x86-ioapic-ack-default.patch -Patch602: x86-cpufreq-report.patch -Patch610: xen_pvonhvm.xen_emul_unplug.patch -Patch611: supported_module.patch +Patch602: xenwatchdogd-restart.patch Patch621: xen.build-compare.doc_html.patch -Patch622: xen.build-compare.man.patch -Patch623: ipxe-no-error-logical-not-parentheses.patch -Patch624: ipxe-use-rpm-opt-flags.patch # Build patches Patch99996: xen.stubdom.newlib.patch -Patch99998: tmp_build.patch -Url: http://www.cl.cam.ac.uk/Research/SRG/netos/xen/ +Patch99997: gcc12-fixes.patch +URL: http://www.cl.cam.ac.uk/Research/SRG/netos/xen/ BuildRoot: %{_tmppath}/%{name}-%{version}-build -%define pyver %(python -c "import sys; print sys.version[:3]") -%if %{?with_kmp}0 -%suse_kernel_module_package -n xen um pv xen -f kmp_filelist -%endif +%define pyver %(python3 -c "import sys; print(sys.version.rpartition('.')[0])") %description Xen is a virtual machine monitor for x86 that supports execution of @@ -380,50 +240,11 @@ performance and resource isolation. This package contains the Xen Hypervisor. (tm) -Modern computers are sufficiently powerful to use virtualization to -present the illusion of many smaller virtual machines (VMs), each -running a separate operating system instance. Successful partitioning -of a machine to support the concurrent execution of multiple operating -systems poses several challenges. Firstly, virtual machines must be -isolated from one another: It is not acceptable for the execution of -one to adversely affect the performance of another. This is -particularly true when virtual machines are owned by mutually -untrusting users. Secondly, it is necessary to support a variety of -different operating systems to accommodate the heterogeneity of popular -applications. Thirdly, the performance overhead introduced by -virtualization should be small. - -Xen uses a technique called paravirtualization: The guest OS is -modified, mainly to enhance performance. - -The Xen hypervisor (microkernel) does not provide device drivers for -your hardware (except for CPU and memory). This job is left to the -kernel that's running in domain 0. Thus the domain 0 kernel is -privileged; it has full hardware access. It's started immediately after -Xen starts up. Other domains have no access to the hardware; instead -they use virtual interfaces that are provided by Xen (with the help of -the domain 0 kernel). - -In addition to this package you need to install the kernel-xen, xen-libs -and xen-tools packages to use Xen. Xen version 3 and newer also supports -running unmodified guests using full virtualization, if appropriate hardware -is present. - [Hypervisor is a trademark of IBM] - - -Authors: --------- - Ian Pratt <ian.pratt@cl.cam.ac.uk> - Keir Fraser <Keir.Fraser@cl.cam.ac.uk> - Christian Limpach <Christian.Limpach@cl.cam.ac.uk> - Mark Williamson <mark.williamson@cl.cam.ac.uk> - Ewan Mellor <ewan@xensource.com> - ... - %package libs Summary: Xen Virtualization: Libraries +License: GPL-2.0-only Group: System/Kernel %description libs @@ -434,8 +255,8 @@ performance and resource isolation. This package contains the libraries used to interact with the Xen virtual machine monitor. -In addition to this package you need to install kernel-xen, xen and -xen-tools to use Xen. +In addition to this package you need to install xen and xen-tools +to use Xen. Authors: @@ -447,28 +268,26 @@ Authors: %package tools Summary: Xen Virtualization: Control tools for domain 0 +License: GPL-2.0-only Group: System/Kernel -Requires: bridge-utils %ifarch x86_64 -%if %suse_version >= 1315 +%if 0%{?suse_version} >= 1315 Requires: grub2-x86_64-xen %endif -# Uncomment when ovmf is supported -#Requires: qemu-ovmf-x86_64 +Recommends: qemu-ovmf-x86_64 Requires: qemu-x86 %endif %ifarch %arm aarch64 Requires: qemu-arm %endif -Requires: multipath-tools -Requires: python -Requires: python-curses -Requires: python-lxml -Requires: python-openssl -Requires: python-pam -Requires: python-xml +Requires: %{name} = %{version}-%{release} +Requires: %{name}-libs = %{version}-%{release} +Recommends: multipath-tools +Requires: python3 +Requires: python3-curses +%ifarch %{ix86} x86_64 Requires: qemu-seabios -Requires: xen-libs = %{version} +%endif # subpackage existed in 10.3 Provides: xen-tools-ioemu = %{version} Obsoletes: xen-tools-ioemu < %{version} @@ -482,8 +301,8 @@ performance and resource isolation. This package contains the control tools that allow you to start, stop, migrate, and manage virtual machines. -In addition to this package you need to install kernel-xen, xen and -xen-libs to use Xen. +In addition to this package you need to install xen and xen-libs +to use Xen. Authors: @@ -491,12 +310,39 @@ Authors: Ian Pratt <ian.pratt@cl.cam.ac.uk> +%ifarch x86_64 +%package tools-xendomains-wait-disk +Summary: Adds a new xendomains-wait-disks.service +License: GPL-3.0-or-later +Group: System/Kernel +Requires: %{name}-tools = %{version}-%{release} +Requires: coreutils +Requires: sed +Requires: vim +BuildArch: noarch + +%description tools-xendomains-wait-disk +This package adds a new service named xendomains-wait-disks.service, +that simply calls xendomains-wait-disks. xendomains-wait-disks script +loops checking for the presence of every disk used by domU that +xendomains.service will try to launch. The script returns when +all disks become available or xendomains-wait-disks.service expires. + +xendomains-wait-disks.service has the same dependencies as +xendomains.service, but it adds itself as a Wanted service for xendomains. +If xendomains-wait-disks.service fails, xendomains.service is launched anyway. + +https://github.com/luizluca/xen-tools-xendomains-wait-disk +%endif + %endif %package tools-domU Summary: Xen Virtualization: Control tools for domain U +License: GPL-2.0-only Group: System/Kernel -Conflicts: xen-tools +Conflicts: %{name}-tools +Requires: %{name}-libs = %{version}-%{release} %description tools-domU Xen is a virtual machine monitor for x86 that supports execution of @@ -514,9 +360,10 @@ Authors: %package devel Summary: Xen Virtualization: Headers and libraries for development +License: GPL-2.0-only Group: System/Kernel +Requires: %{name}-libs = %{version} Requires: libuuid-devel -Requires: xen-libs = %{version} %description devel Xen is a virtual machine monitor for x86 that supports execution of @@ -532,30 +379,11 @@ Authors: -------- Ian Pratt <ian.pratt@cl.cam.ac.uk> -%if %{?with_kmp}0 - -%package KMP -Summary: Xen para-virtual device drivers for fully virtualized guests -Group: System/Kernel -Conflicts: xen -%if %suse_version >= 1230 -Requires: pesign-obs-integration -%endif - -%description KMP -Xen is a virtual machine monitor for x86 that supports execution of -multiple guest operating systems with unprecedented levels of -performance and resource isolation. - -This package contains the Xen para-virtual device drivers for fully -virtualized guests. - -%endif - %if %{?with_dom0_support}0 %package doc-html Summary: Xen Virtualization: HTML documentation +License: GPL-2.0-only Group: Documentation/HTML %description doc-html @@ -574,186 +402,11 @@ Authors: %endif %prep -%setup -q -n %xen_build_dir -a 1 -a 2 -a 5 -a 6 -a 57 -# Upstream patches -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch6 -p1 -%patch7 -p1 -%patch8 -p1 -%patch9 -p1 -%patch10 -p1 -%patch11 -p1 -%patch12 -p1 -%patch13 -p1 -%patch14 -p1 -%patch15 -p1 -%patch16 -p1 -%patch17 -p1 -%patch18 -p1 -%patch19 -p1 -%patch20 -p1 -%patch21 -p1 -%patch22 -p1 -%patch23 -p1 -%patch24 -p1 -%patch25 -p1 -%patch26 -p1 -%patch27 -p1 -%patch28 -p1 -%patch29 -p1 -%patch30 -p1 -%patch31 -p1 -%patch32 -p1 -%patch33 -p1 -%patch34 -p1 -%patch35 -p1 -%patch36 -p1 -# Upstream qemu patches -%patch250 -p1 -%patch251 -p1 -%patch252 -p1 -%patch253 -p1 -%patch254 -p1 -%patch255 -p1 -%patch256 -p1 -%patch257 -p1 -%patch258 -p1 -%patch259 -p1 -%patch260 -p1 -%patch261 -p1 -%patch262 -p1 -%patch263 -p1 -%patch264 -p1 -%patch265 -p1 -%patch266 -p1 -%patch267 -p1 -%patch268 -p1 -%patch269 -p1 -%patch270 -p1 -%patch271 -p1 -%patch272 -p1 -%patch273 -p1 -%patch274 -p1 -%patch275 -p1 -%patch276 -p1 -%patch277 -p1 -%patch278 -p1 -%patch279 -p1 -%patch280 -p1 -%patch281 -p1 -%patch282 -p1 -%patch283 -p1 -%patch284 -p1 -%patch285 -p1 -%patch286 -p1 -%patch287 -p1 -%patch288 -p1 -%patch289 -p1 -%patch290 -p1 -# Qemu traditional -%patch350 -p1 -%patch351 -p1 -%patch353 -p1 -%patch354 -p1 -%patch355 -p1 -%patch356 -p1 -%patch357 -p1 -%patch358 -p1 -%patch359 -p1 -%patch360 -p1 -%patch361 -p1 -%patch370 -p1 -%patch371 -p1 -%patch372 -p1 -%patch373 -p1 -%patch374 -p1 -%patch375 -p1 -%patch376 -p1 -%patch377 -p1 -%patch378 -p1 -%patch379 -p1 -%patch380 -p1 -%patch381 -p1 -%patch382 -p1 -%patch383 -p1 -# Our platform specific patches -%patch400 -p1 -%patch401 -p1 -%patch402 -p1 -%patch403 -p1 -%patch404 -p1 -%patch405 -p1 -# Needs to go upstream -%patch420 -p1 -%patch421 -p1 -%patch422 -p1 -%patch423 -p1 -%patch424 -p1 -# Other bug fixes or features -%patch451 -p1 -%patch452 -p1 -%patch453 -p1 -%patch454 -p1 -%patch455 -p1 -%patch456 -p1 -%patch457 -p1 -%patch458 -p1 -%patch459 -p1 -# libxl.pvscsi.patch -%patch460 -p1 -%patch461 -p1 -%patch462 -p1 -%patch463 -p1 -%patch464 -p1 -# Xenstored -%patch509 -p1 -%patch510 -p1 -%patch511 -p1 -%patch512 -p1 -%patch513 -p1 -%patch514 -p1 -%patch515 -p1 -%patch516 -p1 -%patch517 -p1 -%patch518 -p1 -%patch519 -p1 -%patch520 -p1 -%patch521 -p1 -%patch522 -p1 -%patch523 -p1 -%patch524 -p1 -%patch525 -p1 -%patch526 -p1 -%patch527 -p1 -%patch528 -p1 -%patch529 -p1 -%patch530 -p1 -%patch531 -p1 -%patch532 -p1 -%patch533 -p1 -%patch534 -p1 -%patch535 -p1 -# Hypervisor and PV driver Patches -%patch601 -p1 -%patch602 -p1 -%patch610 -p1 -%patch611 -p1 -%patch621 -p1 -%patch622 -p1 -%patch623 -p1 -%patch624 -p1 -# Build patches -%patch99996 -p1 -%patch99998 -p1 +%setup -q -n %xen_build_dir -a 1 -a 2 -a 3 +%autosetup -D -T -n %xen_build_dir -p1 %build -# JWF: Anthony's series to load BIOS from toolstack requires autogen.sh. -# http://lists.xenproject.org/archives/html/xen-devel/2016-03/msg01626.html -./autogen.sh +%define _lto_cflags %{nil} # we control the version info of this package # to gain control of filename of xen.gz @@ -770,22 +423,28 @@ XEN_EXTRAVERSION="${XEN_EXTRAVERSION%%.* XEN_FULLVERSION="$XEN_VERSION.$XEN_SUBVERSION.$XEN_EXTRAVERSION" XEN_BUILD_DATE="`date -u -d '1970-01-01'`" XEN_BUILD_TIME="`date -u -d '1970-01-01' +%%T`" -SMBIOS_DATE="`date -u -d '1970-01-01' +%%m/%%d/%%Y`" +SMBIOS_REL_DATE="`date -u -d '1970-01-01' +%%m/%%d/%%Y`" RELDATE="`date -u -d '1970-01-01' '+%%d %%b %%Y'`" if test -r %{S:9} then XEN_BUILD_DATE="` date -u -d \"$(sed -n '/@/{s/ - .*$//p;q}' %{S:9})\" `" XEN_BUILD_TIME="` date -u -d \"$(sed -n '/@/{s/ - .*$//p;q}' %{S:9})\" +%%T`" - SMBIOS_DATE="` date -u -d \"$(sed -n '/@/{s/ - .*$//p;q}' %{S:9})\" +%%m/%%d/%%Y`" + SMBIOS_REL_DATE="` date -u -d \"$(sed -n '/@/{s/ - .*$//p;q}' %{S:9})\" +%%m/%%d/%%Y`" RELDATE="` date -u -d \"$(sed -n '/@/{s/ - .*$//p;q}' %{S:9})\" '+%%d %%b %%Y'`" fi cat > .our_xenversion <<_EOV_ export WGET=$(type -P false) export FTP=$(type -P false) export GIT=$(type -P false) -export EXTRA_CFLAGS_XEN_TOOLS="$RPM_OPT_FLAGS" -export EXTRA_CFLAGS_QEMU_TRADITIONAL="$RPM_OPT_FLAGS" -export SMBIOS_DATE="$SMBIOS_DATE" +%ifarch aarch64 +# GCC10+ enables outline-atomics option by default and breaks the build, so disable it +%if 0%{?suse_version} >= 1550 +export CFLAGS="%{optflags} -mno-outline-atomics" +%endif +%endif +export EXTRA_CFLAGS_XEN_TOOLS="%{optflags}" +export EXTRA_CFLAGS_QEMU_TRADITIONAL="%{optflags}" +export SMBIOS_REL_DATE="$SMBIOS_REL_DATE" export RELDATE="$RELDATE" XEN_VERSION=$XEN_VERSION XEN_SUBVERSION=$XEN_SUBVERSION @@ -793,7 +452,6 @@ XEN_EXTRAVERSION=$XEN_EXTRAVERSION XEN_FULLVERSION=$XEN_FULLVERSION _EOV_ source ./.our_xenversion -echo "%{changeset}" > xen/.scmversion sed -i~ " s/XEN_VERSION[[:blank:]]*=.*/XEN_VERSION = $XEN_VERSION/ s/XEN_SUBVERSION[[:blank:]]*=.*/XEN_SUBVERSION = $XEN_SUBVERSION/ @@ -808,17 +466,18 @@ if diff -u xen/Makefile~ xen/Makefile then : no changes? fi + configure_flags= +configure_flags="--with-system-qemu=%{_bindir}/qemu-system-%{qemu_arch}" %if %{with xen_stubdom} -configure_flags=--enable-stubdom +configure_flags="${configure_flags} --enable-stubdom" %else -configure_flags=--disable-stubdom +# change the/our default to daemon due to lack of stubdom +sed -i~ 's/ XENSTORETYPE=domain$/ XENSTORETYPE=daemon/' tools/hotplug/Linux/launch-xenstore.in +configure_flags="${configure_flags} --disable-stubdom" %endif -%if %{?with_qemu_traditional}0 -configure_flags="${configure_flags} --enable-qemu-traditional" -%else +export PYTHON="/usr/bin/python3" configure_flags="${configure_flags} --disable-qemu-traditional" -%endif ./configure \ --disable-xen \ --enable-tools \ @@ -829,27 +488,18 @@ configure_flags="${configure_flags} --di --sbindir=%{_sbindir} \ --libdir=%{_libdir} \ --libexecdir=%{_libexecdir} \ + --with-libexec-leaf-dir=%{name} \ --datadir=%{_datadir} \ - --with-xen-dumpdir=%{_sharedstatedir}/xen/dump \ --mandir=%{_mandir} \ --includedir=%{_includedir} \ --docdir=%{_defaultdocdir}/xen \ --with-initddir=%{_initddir} \ -%if %{?with_dom0_support}0 -%if %{with xen_oxenstored} - --with-xenstored=oxenstored \ -%endif -%endif -%if %{?with_systemd}0 + --with-rundir=%{_rundir} \ --enable-systemd \ --with-systemd=%{_unitdir} \ --with-systemd-modules-load=%{with_systemd_modules_load} \ -%else - --disable-systemd \ -%endif - --with-system-ovmf=%{_datadir}/qemu/ovmf-x86_64-ms.bin \ + --with-system-ovmf=%{_datadir}/qemu/ovmf-x86_64-xen-4m.bin \ --with-system-seabios=%{_datadir}/qemu/bios-256k.bin \ - --with-system-qemu=%{_bindir}/qemu-system-i386 \ ${configure_flags} make -C tools/include/xen-foreign %{?_smp_mflags} make %{?_smp_mflags} @@ -857,40 +507,93 @@ make %{?_smp_mflags} make -C tools/xen-utils-0.1 XEN_INTREE_BUILD=yes XEN_ROOT=$PWD %endif # -%if %{?with_kmp}0 -# PV driver modules -export XL=/usr/src/linux -export XEN=/usr/src/linux/include/xen -mkdir -p obj -for flavor in %flavors_to_build; do - rm -rf obj/$flavor - cp -r unmodified_drivers/linux-2.6 obj/$flavor - cd obj/$flavor - ./mkbuildtree - make -C /usr/src/linux-obj/%_target_cpu/$flavor modules \ - %{?_smp_mflags} \ - M=$PWD - cd ../.. -done -%endif %install source ./.our_xenversion # tools make \ - DESTDIR=$RPM_BUILD_ROOT \ - SYSCONFIG_DIR=/var/adm/fillup-templates \ + DESTDIR=%{buildroot} \ + SYSCONFIG_DIR=%{_fillupdir} \ + PKG_INSTALLDIR=%{_libdir}/pkgconfig \ %{?_smp_mflags} \ install -find $RPM_BUILD_ROOT -ls -for i in $RPM_BUILD_ROOT/var/adm/fillup-templates/* +find %{buildroot} -ls +for i in %{buildroot}/%{_fillupdir}/* do - mv -v $i ${i%/*}/sysconfig.${i##*/} + mv -v $i ${i%%/*}/sysconfig.${i##*/} done -%if %{?with_systemd}0 -udev_rulesdir=$RPM_BUILD_ROOT%{_udevrulesdir} +# +udev_rulesdir=%{buildroot}/%{_udevrulesdir} +tools_domU_dir=%{buildroot}/%{_libexecdir}/%{name}-tools-domU mkdir -p ${udev_rulesdir} +mkdir -p ${tools_domU_dir} +# +tee ${udev_rulesdir}/80-%{name}-tools-domU.rules <<'_EOR_' +# XenSource, Inc. Xen Platform Device +SUBSYSTEM=="pci", ATTR{modalias}=="pci:v00005853d00000001sv00005853sd00000001bcFFsc80i00", TAG+="systemd", ENV{SYSTEMD_WANTS}+="%{name}-vcpu-watch.service" +_EOR_ +# +tee %{buildroot}/%{_unitdir}/%{name}-vcpu-watch.service <<'_EOS_' +[Unit] +Description=Listen to CPU online/offline events from dom0 toolstack + +[Service] +Type=simple +ExecStart=%{_libexecdir}/%{name}-tools-domU/%{name}-vcpu-watch.sh +Restart=always +RestartSec=2 +_EOS_ +# +tee %{buildroot}/%{_libexecdir}/%{name}-tools-domU/%{name}-vcpu-watch.sh <<'_EOS_' +#!/bin/bash +unset LANG +unset ${!LC_*} +echo "$0 starting" >&2 +xenstore-watch cpu | while read +do + : xenstore event: ${REPLY} + case "${REPLY}" in + cpu) + : just started + ;; + cpu/[0-9]/availability|cpu/[0-9][0-9]/availability) + vcpu="${REPLY%%/*}" + vcpu="${vcpu#*/}" + sysfs="/sys/devices/system/cpu/cpu${vcpu}/online" + if test -f "${sysfs}" + then + availability="`xenstore-read \"${REPLY}\"`" + case "${availability}" in + online|offline) + if test "${availability}" = "online" + then + new_sysfs_state=1 + else + new_sysfs_state=0 + fi + read cur_sysfs_state rest < "${sysfs}" + if test "${cur_sysfs_state}" = "${new_sysfs_state}" + then + : the vcpu "${vcpu}" already has state "${availability}" via "${sysfs}" + else + : setting vcpu "${vcpu}" to "${availability}" via "${sysfs}" + echo "setting vcpu ${vcpu} to ${availability}" >&2 + echo "${new_sysfs_state}" > "${sysfs}" + fi + ;; + esac + fi + ;; + *) + : unhandled + ;; + esac +done +exit 1 +_EOS_ +chmod 755 %{buildroot}/%{_libexecdir}/%{name}-tools-domU/%{name}-vcpu-watch.sh +# tee ${udev_rulesdir}/60-persistent-xvd.rules <<'_EOR_' ACTION=="remove", GOTO="xvd_aliases_end" SUBSYSTEM!="block", GOTO="xvd_aliases_end" @@ -901,7 +604,13 @@ KERNEL=="xvd*[0-9]", ENV{VBD_HD_SYMLINK LABEL="xvd_aliases_end" _EOR_ # -dracut_moduledir=$RPM_BUILD_ROOT/usr/lib/dracut/modules.d/50%{name}-tools-domU +tee ${udev_rulesdir}/80-%{name}-channel-setup.rules <<'_EOF_' +SUBSYSTEM=="xen", DEVPATH=="/devices/console-[0-9]", IMPORT{program}=="xen-channel-setup.sh $attr{nodename} %%n" + +SUBSYSTEM=="xen", DEVPATH=="/devices/console-[0-9]", ENV{XEN_CHANNEL_NAME}=="org.qemu.guest_agent.0", TAG+="systemd", ENV{SYSTEMD_WANTS}+="qemu-ga@hvc%%n.service" +_EOF_ +# +dracut_moduledir=%{buildroot}/usr/lib/dracut/modules.d/50%{name}-tools-domU mkdir -p ${dracut_moduledir} tee ${dracut_moduledir}/module-setup.sh <<'_EOS_' #!/bin/bash @@ -919,8 +628,9 @@ install() { inst_rules 60-persistent-xvd.rules } _EOS_ +chmod 755 ${dracut_moduledir}/module-setup.sh # -udev_programdir=$RPM_BUILD_ROOT/usr/lib/udev +udev_programdir=%{buildroot}/usr/lib/udev mkdir -p ${udev_programdir} tee ${udev_programdir}/%{name}-tools-domU.sh <<'_EOS_' #!/bin/bash @@ -951,37 +661,72 @@ backend="`xenstore-read device/${d}/back dev="`xenstore-read \"${backend}\"/dev`" test -n "${dev}" && echo "VBD_HD_SYMLINK=${dev}" _EOS_ +# +tee ${udev_programdir}/%{name}-channel-setup.sh <<'_EOF_' +#!/bin/bash + +if test "$#" -ne 2; then + exit 1 +fi + +channel_path="$1" +channel_num="$2" + +name="`xenstore-read \"$channel_path\"/name`" +test -z "$name" && exit 1 + +if test $name != "org.qemu.guest_agent.0"; then + exit 1 +fi + +mkdir -p /dev/xenchannel +devname=/dev/xenchannel/$name +# Xen's console devices are used for channels. See xen-pv-channel(7) +# for more details +ln -sfn /dev/hvc$channel_num $devname + +echo "XEN_CHANNEL_NAME=$name" +_EOF_ chmod 755 ${udev_programdir}/*.sh -%endif # EFI %if %{?with_dom0_support}0 +arch=`uname -m` install_xen() { local ext="" - find $RPM_BUILD_ROOT/boot -ls + find %{buildroot}/boot -ls if [ -n "$1" ]; then ext="-$1" - mv $RPM_BUILD_ROOT/boot/xen-${XEN_FULLVERSION}%{xen_install_suffix} \ - $RPM_BUILD_ROOT/boot/xen${ext}-${XEN_FULLVERSION}%{xen_install_suffix} - if test -d $RPM_BUILD_ROOT%{_libdir}/efi; then - mv $RPM_BUILD_ROOT%{_libdir}/efi/xen-${XEN_FULLVERSION}.efi $RPM_BUILD_ROOT%{_libdir}/efi/xen${ext}-${XEN_FULLVERSION}.efi - ln -sf xen${ext}-${XEN_FULLVERSION}.efi $RPM_BUILD_ROOT%{_libdir}/efi/xen${ext}-$XEN_VERSION.$XEN_SUBVERSION.efi - ln -sf xen${ext}-${XEN_FULLVERSION}.efi $RPM_BUILD_ROOT%{_libdir}/efi/xen${ext}-$XEN_VERSION.efi - ln -sf xen${ext}-${XEN_FULLVERSION}.efi $RPM_BUILD_ROOT%{_libdir}/efi/xen${ext}.efi + mv %{buildroot}/boot/xen-syms-${XEN_FULLVERSION} \ + %{buildroot}/boot/xen-syms${ext}-${XEN_FULLVERSION} + mv %{buildroot}/boot/xen-${XEN_FULLVERSION}%{xen_install_suffix} \ + %{buildroot}/boot/xen${ext}-${XEN_FULLVERSION}%{xen_install_suffix} + if test -d %{buildroot}/%{_libdir}/efi; then + mv %{buildroot}/%{_libdir}/efi/xen-${XEN_FULLVERSION}.efi %{buildroot}/%{_libdir}/efi/xen${ext}-${XEN_FULLVERSION}.efi + ln -sf xen${ext}-${XEN_FULLVERSION}.efi %{buildroot}/%{_libdir}/efi/xen${ext}-$XEN_VERSION.$XEN_SUBVERSION.efi + ln -sf xen${ext}-${XEN_FULLVERSION}.efi %{buildroot}/%{_libdir}/efi/xen${ext}-$XEN_VERSION.efi + ln -sf xen${ext}-${XEN_FULLVERSION}.efi %{buildroot}/%{_libdir}/efi/xen${ext}.efi fi + elif test -d %{buildroot}/%{_libdir}/efi; then + # Move the efi files to /usr/share/efi/<arch> (fate#326960) + mkdir -p %{buildroot}/%{_datadir}/efi/$arch + mv %{buildroot}/%{_libdir}/efi/xen*.efi %{buildroot}/%{_datadir}/efi/$arch/ + ln -s %{_datadir}/efi/$arch/xen-${XEN_FULLVERSION}.efi %{buildroot}/%{_libdir}/efi/xen.efi fi - rm $RPM_BUILD_ROOT/boot/xen-$XEN_VERSION.$XEN_SUBVERSION%{xen_install_suffix} - rm $RPM_BUILD_ROOT/boot/xen-$XEN_VERSION%{xen_install_suffix} - rm $RPM_BUILD_ROOT/boot/xen%{xen_install_suffix} + rm %{buildroot}/boot/xen-$XEN_VERSION.$XEN_SUBVERSION%{xen_install_suffix} + rm %{buildroot}/boot/xen-$XEN_VERSION%{xen_install_suffix} + rm %{buildroot}/boot/xen%{xen_install_suffix} # Do not link to links; grub cannot follow. - ln -s xen${ext}-${XEN_FULLVERSION}%{xen_install_suffix} $RPM_BUILD_ROOT/boot/xen${ext}-$XEN_VERSION.$XEN_SUBVERSION%{xen_install_suffix} - ln -s xen${ext}-${XEN_FULLVERSION}%{xen_install_suffix} $RPM_BUILD_ROOT/boot/xen${ext}-$XEN_VERSION%{xen_install_suffix} - ln -s xen${ext}-${XEN_FULLVERSION}%{xen_install_suffix} $RPM_BUILD_ROOT/boot/xen${ext}%{xen_install_suffix} - ln -sf xen-syms${ext}-${XEN_FULLVERSION} $RPM_BUILD_ROOT/boot/xen-syms${ext} - find $RPM_BUILD_ROOT/boot -ls + ln -s xen${ext}-${XEN_FULLVERSION}%{xen_install_suffix} %{buildroot}/boot/xen${ext}-$XEN_VERSION.$XEN_SUBVERSION%{xen_install_suffix} + ln -s xen${ext}-${XEN_FULLVERSION}%{xen_install_suffix} %{buildroot}/boot/xen${ext}-$XEN_VERSION%{xen_install_suffix} + ln -s xen${ext}-${XEN_FULLVERSION}%{xen_install_suffix} %{buildroot}/boot/xen${ext}%{xen_install_suffix} + if test -f xen-syms${ext}-${XEN_FULLVERSION}; then + ln -sf xen-syms${ext}-${XEN_FULLVERSION} %{buildroot}/boot/xen-syms${ext} + fi + find %{buildroot}/boot -ls } -export BRP_PESIGN_FILES="*.ko *.efi /lib/firmware" +export BRP_PESIGN_FILES="*.efi /lib/firmware" CC=gcc %if %{?with_gcc47}0 CC=gcc-4.7 @@ -989,30 +734,21 @@ CC=gcc-4.7 %if %{?with_gcc48}0 CC=gcc-4.8 %endif +rm -fv xen/.config %if %{with xen_debug} -make -C xen install debug=y DEBUG_DIR=/boot DESTDIR=$RPM_BUILD_ROOT CC=$CC %{?_smp_mflags} +echo CONFIG_DEBUG=y > xen/.config +echo "CONFIG_DOM0_MEM=\"1G+10%%,max:64G\"" >> xen/.config +yes '' | make -C xen oldconfig +make -C xen install DEBUG_DIR=/boot DESTDIR=%{buildroot} CC=$CC %{?_smp_mflags} install_xen dbg make -C xen clean %endif -make -C xen install debug=n DEBUG_DIR=/boot DESTDIR=$RPM_BUILD_ROOT CC=$CC %{?_smp_mflags} +echo CONFIG_DEBUG=n > xen/.config +echo "CONFIG_DOM0_MEM=\"1G+10%%,max:64G\"" >> xen/.config +yes '' | make -C xen oldconfig +make -C xen install DEBUG_DIR=/boot DESTDIR=%{buildroot} CC=$CC %{?_smp_mflags} install_xen make -C xen clean -echo > xen.files.txt -# EFI depends on gcc47 -if test -d $RPM_BUILD_ROOT%{_libdir}/efi -then - echo %{_libdir}/efi >> xen.files.txt -fi -%endif - -# PV driver modules -%if %{?with_kmp}0 -export INSTALL_MOD_PATH=$RPM_BUILD_ROOT -export INSTALL_MOD_DIR=updates -for flavor in %flavors_to_build; do - make -C /usr/src/linux-obj/%_target_cpu/$flavor modules_install \ - M=$PWD/obj/$flavor -done %endif # On x86_64, qemu-xen was installed as /usr/lib/xen/bin/qemu-system-i386 @@ -1021,101 +757,136 @@ done # preserve the path. For x86_64, create a simple wrapper that invokes # /usr/bin/qemu-system-i386 # Using qemu-system-x86_64 will result in an incompatible VM -%ifarch x86_64 -cat > $RPM_BUILD_ROOT/usr/lib/xen/bin/qemu-system-i386 << 'EOF' +%ifarch x86_64 aarch64 +hardcoded_path_in_existing_domU_xml='%{_libexecdir}/%{name}/bin' +mkdir -vp %{buildroot}${hardcoded_path_in_existing_domU_xml} +tee %{buildroot}${hardcoded_path_in_existing_domU_xml}/qemu-system-%{qemu_arch} << 'EOF' #!/bin/sh -exec %{_bindir}/qemu-system-i386 "$@" +exec %{_bindir}/qemu-system-%{qemu_arch} "$@" EOF -chmod 0755 $RPM_BUILD_ROOT/usr/lib/xen/bin/qemu-system-i386 +chmod 0755 %{buildroot}${hardcoded_path_in_existing_domU_xml}/qemu-system-%{qemu_arch} + +# +unit='%{_libexecdir}/%{name}/bin/xendomains-wait-disks' +mkdir -vp '%{buildroot}%{_libexecdir}/%{name}/bin' +cp -avL '%{SOURCE10172}' "%{buildroot}${unit}" +mkdir xendomains-wait-disk +cp -avL '%{SOURCE10173}' xendomains-wait-disk/LICENSE +cp -avL '%{SOURCE10174}' xendomains-wait-disk/README.md +tee %{buildroot}%{_unitdir}/xendomains-wait-disks.service <<_EOS_ +[Unit] +Description=Xendomains - for those machines that will start, wait for their disks to appear +Requires=proc-xen.mount xenstored.service +After=proc-xen.mount xenstored.service xenconsoled.service xen-init-dom0.service +After=network-online.target +After=remote-fs.target +Before=xendomains.service +ConditionPathExists=/proc/xen/capabilities + +[Service] +Type=oneshot +ExecStart=${unit} +TimeoutSec=5min + +[Install] +WantedBy=xendomains.service +_EOS_ +# %endif # Stubdom %if %{?with_dom0_support}0 # Docs -mkdir -p $RPM_BUILD_ROOT/%{_defaultdocdir}/xen/misc +mkdir -p %{buildroot}/%{_defaultdocdir}/xen/misc for name in COPYING %SOURCE10 %SOURCE11 %SOURCE12; do - install -m 644 $name $RPM_BUILD_ROOT/%{_defaultdocdir}/xen/ + install -m 644 $name %{buildroot}/%{_defaultdocdir}/xen/ done -for name in vtpm.txt crashdb.txt \ - xenpaging.txt xl-disk-configuration.txt pci-device-reservations.txt \ - xl-network-configuration.markdown xl-numa-placement.markdown \ - xen-command-line.markdown xenstore-paths.markdown; do - install -m 644 docs/misc/$name $RPM_BUILD_ROOT/%{_defaultdocdir}/xen/misc/ +for name in vtpm-platforms.txt crashdb.txt xenpaging.txt \ + xen-command-line.pandoc xenstore-paths.pandoc; do + install -m 644 docs/misc/$name %{buildroot}/%{_defaultdocdir}/xen/misc/ done -mkdir -p $RPM_BUILD_ROOT/etc/modprobe.d -install -m644 %SOURCE26 $RPM_BUILD_ROOT/etc/modprobe.d/xen_loop.conf - # xen-utils -make -C tools/xen-utils-0.1 install DESTDIR=$RPM_BUILD_ROOT XEN_INTREE_BUILD=yes XEN_ROOT=$PWD -install -m755 %SOURCE37 $RPM_BUILD_ROOT/usr/sbin/xen2libvirt +make -C tools/xen-utils-0.1 install DESTDIR=%{buildroot} XEN_INTREE_BUILD=yes XEN_ROOT=$PWD +install -m755 %SOURCE36 %{buildroot}/usr/sbin/xen2libvirt +install -m755 %SOURCE10183 %{buildroot}/usr/sbin/xen_maskcalc +rm -f %{buildroot}/etc/xen/README* # Example config -mkdir -p $RPM_BUILD_ROOT/etc/xen/{vm,examples,scripts} -mv $RPM_BUILD_ROOT/etc/xen/xlexample* $RPM_BUILD_ROOT/etc/xen/examples -rm -f $RPM_BUILD_ROOT/etc/xen/examples/*nbd -install -m644 tools/xentrace/formats $RPM_BUILD_ROOT/etc/xen/examples/xentrace_formats.txt +mkdir -p %{buildroot}/etc/xen/{vm,examples,scripts} +mv %{buildroot}/etc/xen/xlexample* %{buildroot}/etc/xen/examples +rm -f %{buildroot}/etc/xen/examples/*nbd +install -m644 tools/xentrace/formats %{buildroot}/etc/xen/examples/xentrace_formats.txt # Scripts -rm -f $RPM_BUILD_ROOT/etc/xen/scripts/block-*nbd -install -m755 %SOURCE21 %SOURCE22 %SOURCE23 %SOURCE29 $RPM_BUILD_ROOT/etc/xen/scripts/ +rm -f %{buildroot}/etc/xen/scripts/block-*nbd +install -m755 %SOURCE21 %SOURCE22 %SOURCE23 %SOURCE24 %{buildroot}/etc/xen/scripts/ +mkdir -p %{buildroot}/usr/lib/supportconfig/plugins +install -m 755 %SOURCE13 %{buildroot}/usr/lib/supportconfig/plugins/xen # Xen API remote authentication files -install -d $RPM_BUILD_ROOT/etc/pam.d -install -m644 %SOURCE30 $RPM_BUILD_ROOT/etc/pam.d/xen-api -install -m644 %SOURCE31 $RPM_BUILD_ROOT/etc/xen/ +install -d %{buildroot}/etc/pam.d +install -m644 %SOURCE30 %{buildroot}/etc/pam.d/xen-api +install -m644 %SOURCE31 %{buildroot}/etc/xen/ # Logrotate -install -m644 -D %SOURCE15 $RPM_BUILD_ROOT/etc/logrotate.d/xen +install -m644 -D %SOURCE14 %{buildroot}/etc/logrotate.d/xen # Directories -mkdir -p $RPM_BUILD_ROOT/var/lib/xenstored -mkdir -p $RPM_BUILD_ROOT/var/lib/xen/images -mkdir -p $RPM_BUILD_ROOT/var/lib/xen/jobs -mkdir -p $RPM_BUILD_ROOT/var/lib/xen/save -mkdir -p $RPM_BUILD_ROOT/var/lib/xen/dump -mkdir -p $RPM_BUILD_ROOT/var/log/xen -mkdir -p $RPM_BUILD_ROOT/var/log/xen/console -ln -s /var/lib/xen/images $RPM_BUILD_ROOT/etc/xen/images - -# Bootloader -install -m755 %SOURCE36 $RPM_BUILD_ROOT/%{_libdir}/python%{pyver}/site-packages +mkdir -p %{buildroot}/var/lib/xenstored +mkdir -p %{buildroot}/var/lib/xen/images +mkdir -p %{buildroot}/var/lib/xen/jobs +mkdir -p %{buildroot}/var/lib/xen/save +mkdir -p %{buildroot}/var/lib/xen/dump +mkdir -p %{buildroot}/var/log/xen +mkdir -p %{buildroot}/var/log/xen/console # Systemd -%if %{?with_systemd}0 -%if %{?include_systemd_preset}0 -mkdir -vp $RPM_BUILD_ROOT%_presetdir -cat > $RPM_BUILD_ROOT%_presetdir/00-%{name}.preset <<EOF -enable xencommons.service -EOF -%endif -cp -bavL %{S:41} $RPM_BUILD_ROOT%{_unitdir} +cp -bavL %{S:41} %{buildroot}/%{_unitdir} bn=`basename %{S:42}` -cp -bavL %{S:42} $RPM_BUILD_ROOT%{_unitdir}/${bn} +cp -bavL %{S:42} %{buildroot}/%{_unitdir}/${bn} mods="` -for conf in $(ls $RPM_BUILD_ROOT%{with_systemd_modules_load}/*.conf) +for conf in $(ls %{buildroot}/%{with_systemd_modules_load}/*.conf) do grep -v ^# $conf echo -n > $conf done `" +> mods for mod in $mods do - echo "ExecStart=-/usr/bin/env modprobe $mod" >> $RPM_BUILD_ROOT%{_unitdir}/${bn} + # load by alias, if possible, to handle pvops and xenlinux + alias="$mod" + case "$mod" in + xen-evtchn) ;; + xen-gntdev) ;; + xen-gntalloc) ;; + xen-blkback) alias='xen-backend:vbd' ;; + xen-netback) alias='xen-backend:vif' ;; + xen-pciback) alias='xen-backend:pci' ;; + evtchn) unset alias ;; + gntdev) unset alias ;; + netbk) alias='xen-backend:vif' ;; + blkbk) alias='xen-backend:vbd' ;; + xen-scsibk) unset alias ;; + usbbk) unset alias ;; + pciback) alias='xen-backend:pci' ;; + xen-acpi-processor) ;; + blktap2) unset alias ;; + *) ;; + esac + if test -n "${alias}" + then + echo "ExecStart=-/bin/sh -c 'modprobe $alias || :'" >> mods + fi done -rm -rfv $RPM_BUILD_ROOT%{_initddir} -%else -# Init scripts -mkdir -p $RPM_BUILD_ROOT%{_initddir} -install %SOURCE34 $RPM_BUILD_ROOT%{_initddir}/pciback -ln -s %{_initddir}/pciback $RPM_BUILD_ROOT/usr/sbin/rcpciback -ln -s %{_initddir}/xendomains $RPM_BUILD_ROOT/usr/sbin/rcxendomains -%endif -install %SOURCE35 $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.pciback +sort -u mods | tee -a %{buildroot}/%{_unitdir}/${bn} +rm -rfv %{buildroot}/%{_initddir} +install -m644 %SOURCE35 %{buildroot}/%{_fillupdir}/sysconfig.pciback # Clean up unpackaged files -find $RPM_BUILD_ROOT \( \ +find %{buildroot} \( \ -name .deps -o \ -name README.blktap -o \ -name README.xenmon -o \ @@ -1128,103 +899,100 @@ find $RPM_BUILD_ROOT \( \ -name qemu-img-xen -o \ -name qemu-nbd-xen -o \ -name palcode-clipper -o \ + -name xen-shim-syms -o \ -name "*.dtb" -o \ -name "openbios-*" -o \ -name "petalogix*" -o \ -name "ppc*" -o \ + -name "*.pyc" -o \ -name "s390*" -o \ -name "slof*" -o \ -name "spapr*" -o \ -name "*.egg-info" \) \ -print -delete # Wipe empty directories -if find $RPM_BUILD_ROOT/usr -type d -print0 | xargs -0n1 rmdir -p 2>/dev/null +if find %{buildroot}/usr -type d -print0 | xargs -0n1 rmdir -p 2>/dev/null then : fi -# Create symlinks for keymaps -%fdupes -s $RPM_BUILD_ROOT/%{_datadir} +# "xl devd" has to be called manually in a driver domain +find %{buildroot} -name xendriverdomain.service -print -delete + +# Create hardlinks for 3 .txt files and 1 .py +%fdupes %{buildroot}/%{_prefix} +find %{buildroot} -type f -size 0 -delete -print %else # !with_dom0_support # 32 bit hypervisor no longer supported. Remove dom0 tools. -rm -rf $RPM_BUILD_ROOT/%{_datadir}/doc -rm -rf $RPM_BUILD_ROOT/%{_datadir}/man -rm -rf $RPM_BUILD_ROOT/%{_libdir}/xen -rm -rf $RPM_BUILD_ROOT/%{_libdir}/python* -rm -rf $RPM_BUILD_ROOT/%{_libdir}/ocaml* -rm -rf $RPM_BUILD_ROOT%{_unitdir} -rm -rf $RPM_BUILD_ROOT%{with_systemd_modules_load} -rm -rf $RPM_BUILD_ROOT/usr/sbin -rm -rf $RPM_BUILD_ROOT/etc/xen -rm -rf $RPM_BUILD_ROOT/var -rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/bash_completion.d/xl.sh -rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/init.d/xen* -rm -f $RPM_BUILD_ROOT/%{_bindir}/*trace* -rm -f $RPM_BUILD_ROOT/%{_bindir}/xenalyze* -rm -f $RPM_BUILD_ROOT/%{_bindir}/xenco* -rm -f $RPM_BUILD_ROOT/%{_bindir}/xen-cpuid -rm -f $RPM_BUILD_ROOT/%{_bindir}/xenstore* -rm -f $RPM_BUILD_ROOT/%{_bindir}/pygrub -rm -f $RPM_BUILD_ROOT/%{_bindir}/remus -rm -f $RPM_BUILD_ROOT/usr/etc/qemu/target-x86_64.conf -rm -f $RPM_BUILD_ROOT/usr/libexec/qemu-bridge-helper +rm -rf %{buildroot}/%{_datadir}/doc +rm -rf %{buildroot}/%{_datadir}/man +rm -rf %{buildroot}/%{_libexecdir}/%{name} +rm -rf %{buildroot}/%{_libdir}/python* +rm -rf %{buildroot}/%{_unitdir} +rm -rf %{buildroot}/%{_fillupdir} +rm -rf %{buildroot}/%{with_systemd_modules_load} +rm -rf %{buildroot}/usr/sbin +rm -rf %{buildroot}/etc/xen +rm -rf %{buildroot}/var +rm -f %{buildroot}/%{_sysconfdir}/bash_completion.d/xl +rm -f %{buildroot}/%{_sysconfdir}/init.d/xen* +rm -f %{buildroot}/%{_bindir}/*trace* +rm -f %{buildroot}/%{_bindir}/vchan-socket-proxy +rm -f %{buildroot}/%{_bindir}/xenalyze* +rm -f %{buildroot}/%{_bindir}/xenco* +rm -f %{buildroot}/%{_bindir}/xen-cpuid +rm -f %{buildroot}/%{_bindir}/pygrub +rm -f %{buildroot}/%{_bindir}/remus +rm -f %{buildroot}/usr/etc/qemu/target-x86_64.conf +rm -f %{buildroot}/usr/libexec/qemu-bridge-helper %endif %if %{?with_dom0_support}0 -%files -f xen.files.txt +%files %defattr(-,root,root) /boot/* +%{_libdir}/efi +%{_datadir}/efi %endif %files libs %defattr(-,root,root) -%{_libdir}/fs/ +%{_libdir}/xenfsimage/ %{_libdir}/*.so.* %if %{?with_dom0_support}0 %files tools %defattr(-,root,root) -%ifarch %ix86 x86_64 /usr/bin/xenalyze -%endif /usr/bin/xencons /usr/bin/xenstore* /usr/bin/pygrub -#%if %{?with_qemu_traditional}0 -#/usr/bin/tapdisk-ioemu -#%endif +/usr/bin/vchan-socket-proxy /usr/bin/xencov_split /usr/bin/xentrace_format %ifarch x86_64 /usr/bin/xen-cpuid %endif -/usr/sbin/tap* /usr/sbin/xenbaked /usr/sbin/xenconsoled /usr/sbin/xencov /usr/sbin/xenlockprof -/usr/sbin/xenmon.py +/usr/sbin/xenmon /usr/sbin/xenperf /usr/sbin/xenpm /usr/sbin/xenpmd -/usr/sbin/xen-ringwatch /usr/sbin/xenstored -/usr/sbin/xen-tmem-list-parse /usr/sbin/xentop /usr/sbin/xentrace -/usr/sbin/xentrace_setsize /usr/sbin/xentrace_setmask +/usr/sbin/xentrace_setsize /usr/sbin/xenwatchdogd -/usr/sbin/lock-util -/usr/sbin/td-util -/usr/sbin/vhd-update -/usr/sbin/vhd-util /usr/sbin/flask-get-bool /usr/sbin/flask-getenforce /usr/sbin/flask-label-pci @@ -1236,41 +1004,52 @@ rm -f $RPM_BUILD_ROOT/usr/libexec/qemu- %endif /usr/sbin/xl /usr/sbin/xen2libvirt +/usr/sbin/xen-access +/usr/sbin/xen_maskcalc %ifarch %ix86 x86_64 /usr/sbin/xen-hptool /usr/sbin/xen-hvmcrash /usr/sbin/xen-hvmctx +/usr/sbin/xen-kdd /usr/sbin/xen-lowmemd -/usr/sbin/kdd +/usr/sbin/xen-memshare +/usr/sbin/xen-ucode +/usr/sbin/xen-mceinj +/usr/sbin/xen-vmtrace %endif +/usr/sbin/xenhypfs /usr/sbin/xen-list /usr/sbin/xen-destroy -/usr/sbin/xen-bugtool /usr/sbin/xen-livepatch +/usr/sbin/xen-diag %dir %attr(700,root,root) /etc/xen %dir /etc/xen/scripts -%if %{?with_qemu_traditional}0 -#/usr/sbin/blktapctrl -#/etc/xen/scripts/blktap -/etc/xen/scripts/qemu-ifup -%endif /etc/xen/scripts/block* /etc/xen/scripts/external-device-migrate /etc/xen/scripts/hotplugpath.sh /etc/xen/scripts/launch-xenstore /etc/xen/scripts/locking.sh /etc/xen/scripts/logging.sh -/etc/xen/scripts/vif2 /etc/xen/scripts/vif-* /etc/xen/scripts/vscsi /etc/xen/scripts/xen-hotplug-* /etc/xen/scripts/xen-network-common.sh /etc/xen/scripts/xen-script-common.sh /etc/xen/scripts/colo-proxy-setup -%{_libexecdir}/xen -/var/adm/fillup-templates/sysconfig.pciback -/var/adm/fillup-templates/sysconfig.xencommons -/var/adm/fillup-templates/sysconfig.xendomains +/etc/xen/scripts/remus-netbuf-setup +%dir /usr/lib/supportconfig +%dir /usr/lib/supportconfig/plugins +/usr/lib/supportconfig/plugins/xen +%dir %{_libexecdir}/%{name} +%{_libexecdir}/%{name}/bin +%exclude %{_libexecdir}/%{name}-tools-domU +%ifarch x86_64 +%{_libexecdir}/%{name}/boot +%exclude %{_libexecdir}/%{name}/bin/xendomains-wait-disks +%endif +%{_fillupdir}/sysconfig.pciback +%{_fillupdir}/sysconfig.xencommons +%{_fillupdir}/sysconfig.xendomains %dir /var/lib/xen %dir %attr(700,root,root) /var/lib/xen/images %dir %attr(700,root,root) /var/lib/xen/save @@ -1284,141 +1063,79 @@ rm -f $RPM_BUILD_ROOT/usr/libexec/qemu- %config /etc/logrotate.d/xen /etc/xen/auto %config /etc/xen/examples -/etc/xen/images %config /etc/xen/cpupool -/etc/xen/README* %config /etc/xen/vm %config(noreplace) /etc/xen/xenapiusers %config(noreplace) /etc/xen/xl.conf %config /etc/pam.d/xen-api -%config /etc/modprobe.d/xen_loop.conf -%if %{?with_systemd}0 %config %{_unitdir} +%exclude %{_unitdir}/%{name}-vcpu-watch.service +%exclude %{_unitdir}/xendomains-wait-disks.service %config %{with_systemd_modules_load} -%if %{?include_systemd_preset}0 -%config %_presetdir -%endif -%else -/usr/sbin/rcpciback -/usr/sbin/rcxendomains -%config %{_initddir}/* -%endif -%dir /etc/modprobe.d -/etc/bash_completion.d/xl.sh -%if %{?with_qemu_traditional}0 -%dir %{_datadir}/xen -%dir %{_datadir}/xen/qemu -%{_datadir}/xen/qemu/* -%endif +/etc/bash_completion.d/xl %dir %{_libdir}/python%{pyver}/site-packages/grub %dir %{_libdir}/python%{pyver}/site-packages/xen %dir %{_libdir}/python%{pyver}/site-packages/xen/lowlevel %dir %{_libdir}/python%{pyver}/site-packages/xen/migration %{_libdir}/python%{pyver}/site-packages/grub/* -%{_libdir}/python%{pyver}/site-packages/xen/__init__* +%{_libdir}/python%{pyver}/site-packages/xen/util.py %{_libdir}/python%{pyver}/site-packages/xen/lowlevel/* %{_libdir}/python%{pyver}/site-packages/xen/migration/* -%{_libdir}/python%{pyver}/site-packages/fsimage.so -%{_libdir}/python%{pyver}/site-packages/xnloader.py +%{_libdir}/python%{pyver}/site-packages/*.so %dir %{_defaultdocdir}/xen %{_defaultdocdir}/xen/COPYING %{_defaultdocdir}/xen/README.SUSE %{_defaultdocdir}/xen/boot.local.xenU %{_defaultdocdir}/xen/boot.xen -%{_mandir}/man1/xentop.1.gz -%{_mandir}/man1/xentrace_format.1.gz -%{_mandir}/man1/xl.1.gz -%{_mandir}/man1/xenstore-chmod.1.gz -%{_mandir}/man1/xenstore-ls.1.gz -%{_mandir}/man1/xenstore.1.gz -%{_mandir}/man5/xl.cfg.5.gz -%{_mandir}/man5/xl.conf.5.gz -%{_mandir}/man5/xlcpupool.cfg.5.gz -%{_mandir}/man8/*.8.gz -%{_mandir}/man1/xen-list.1.gz - -%if %{with xen_oxenstored} -/usr/sbin/oxenstored -/etc/xen/oxenstored.conf -%dir %{_libdir}/ocaml -%dir %{_libdir}/ocaml/xenbus -%dir %{_libdir}/ocaml/xenctrl -%dir %{_libdir}/ocaml/xeneventchn -%dir %{_libdir}/ocaml/xenlight -%dir %{_libdir}/ocaml/xenmmap -%dir %{_libdir}/ocaml/xenstore -%dir %{_libdir}/ocaml/xentoollog -%{_libdir}/ocaml/xenbus/META -%{_libdir}/ocaml/xenbus/*.so -%{_libdir}/ocaml/xenbus/*.cma -%{_libdir}/ocaml/xenbus/*.cmi -%{_libdir}/ocaml/xenbus/*.cmo -%{_libdir}/ocaml/xenctrl/META -%{_libdir}/ocaml/xenctrl/*.so -%{_libdir}/ocaml/xenctrl/*.cma -%{_libdir}/ocaml/xenctrl/*.cmi -%{_libdir}/ocaml/xeneventchn/META -%{_libdir}/ocaml/xeneventchn/*.so -%{_libdir}/ocaml/xeneventchn/*.cma -%{_libdir}/ocaml/xeneventchn/*.cmi -%{_libdir}/ocaml/xenlight/META -%{_libdir}/ocaml/xenlight/*.so -%{_libdir}/ocaml/xenlight/*.cma -%{_libdir}/ocaml/xenlight/*.cmi -%{_libdir}/ocaml/xenmmap/META -%{_libdir}/ocaml/xenmmap/*.so -%{_libdir}/ocaml/xenmmap/*.cma -%{_libdir}/ocaml/xenmmap/*.cmi -%{_libdir}/ocaml/xenstore/META -%{_libdir}/ocaml/xenstore/*.cma -%{_libdir}/ocaml/xenstore/*.cmi -%{_libdir}/ocaml/xenstore/*.cmo -%{_libdir}/ocaml/xentoollog/META -%{_libdir}/ocaml/xentoollog/*.so -%{_libdir}/ocaml/xentoollog/*.cma -%{_libdir}/ocaml/xentoollog/*.cmi -%endif +%{_mandir}/man*/* +%ifarch x86_64 +%files tools-xendomains-wait-disk +%license xendomains-wait-disk/LICENSE +%doc xendomains-wait-disk/README.md +%config %{_unitdir}/xendomains-wait-disks.service +%config %attr(0755,root,root) %{_libexecdir}/%{name}/bin/xendomains-wait-disks +%endif # with_dom0_support %endif +%posttrans -n %{name}-tools-domU +%{?regenerate_initrd_posttrans} + %files tools-domU %defattr(-,root,root) %ifarch %ix86 x86_64 /usr/bin/xen-detect +%exclude /usr/bin/xenstore-control +%endif +/usr/bin/xenstore* +%if %{?with_dom0_support}0 +%config %{_unitdir}/%{name}-vcpu-watch.service %endif -/bin/domu-xenstore* -/bin/xenstore-* -%if %{?with_systemd}0 +%{_libexecdir}/%{name}-tools-domU /usr/lib/udev /usr/lib/dracut -%endif %files devel %defattr(-,root,root) %{_libdir}/*.a %{_libdir}/*.so -%if %{?with_dom0_support}0 -%if %{with xen_oxenstored} -%{_libdir}/ocaml/xenbus/*.a -%{_libdir}/ocaml/xenbus/*.cmx* -%{_libdir}/ocaml/xenctrl/*.a -%{_libdir}/ocaml/xenctrl/*.cmx* -%{_libdir}/ocaml/xeneventchn/*.a -%{_libdir}/ocaml/xeneventchn/*.cmx* -%{_libdir}/ocaml/xenlight/*.a -%{_libdir}/ocaml/xenlight/*.cmx* -%{_libdir}/ocaml/xenmmap/*.a -%{_libdir}/ocaml/xenmmap/*.cmx* -%{_libdir}/ocaml/xenstore/*.a -%{_libdir}/ocaml/xenstore/*.cmx* -%{_libdir}/ocaml/xentoollog/*.a -%{_libdir}/ocaml/xentoollog/*.cmx* -%endif -%endif /usr/include/* -%{_datadir}/pkgconfig/xenlight.pc -%{_datadir}/pkgconfig/xlutil.pc +%{_libdir}/pkgconfig/xenlight.pc +%{_libdir}/pkgconfig/xlutil.pc +%{_libdir}/pkgconfig/xencall.pc +%{_libdir}/pkgconfig/xencontrol.pc +%{_libdir}/pkgconfig/xendevicemodel.pc +%{_libdir}/pkgconfig/xenevtchn.pc +%{_libdir}/pkgconfig/xenforeignmemory.pc +%{_libdir}/pkgconfig/xengnttab.pc +%{_libdir}/pkgconfig/xenguest.pc +%{_libdir}/pkgconfig/xenhypfs.pc +%{_libdir}/pkgconfig/xenstat.pc +%{_libdir}/pkgconfig/xenstore.pc +%{_libdir}/pkgconfig/xentoolcore.pc +%{_libdir}/pkgconfig/xentoollog.pc +%{_libdir}/pkgconfig/xenvchan.pc %if %{?with_dom0_support}0 @@ -1434,64 +1151,70 @@ if [ -x /sbin/update-bootloader ]; then fi %pre tools -%if %{?with_systemd}0 %service_add_pre xencommons.service %service_add_pre xendomains.service -%endif +%service_add_pre xen-watchdog.service +%service_add_pre xenstored.service +%service_add_pre xen-dom0-modules.service +%service_add_pre xenconsoled.service +%service_add_pre xen-init-dom0.service +%service_add_pre xen-qemu-dom0-disk-backend.service %post tools -xen_tools_first_arg=$1 -%if %{?with_systemd}0 %{fillup_only -n xencommons xencommons} %{fillup_only -n xendomains xendomains} %service_add_post xencommons.service %service_add_post xendomains.service -%else -%{fillup_only -n pciback} -%{fillup_and_insserv -y -n xencommons xencommons} -%{fillup_and_insserv -i -y -n xendomains xendomains} -%endif +%service_add_post xen-watchdog.service +%service_add_post xenstored.service +%service_add_post xen-dom0-modules.service +%service_add_post xenconsoled.service +%service_add_post xen-init-dom0.service +%service_add_post xen-qemu-dom0-disk-backend.service -if [ -f /usr/bin/qemu-img ]; then - if [ -f /usr/bin/qemu-img-xen ]; then - rm /usr/bin/qemu-img-xen - fi - rm -f %{_libexecdir}/xen/bin/qemu-img-xen - ln -s /usr/bin/qemu-img %{_libexecdir}/xen/bin/qemu-img-xen -fi -if [ -f /usr/bin/qemu-nbd ]; then - if [ -f /usr/bin/qemu-nbd-xen ]; then - rm /usr/bin/qemu-nbd-xen - fi - rm -f %{_libexecdir}/xen/bin/qemu-nbd-xen - ln -s /usr/bin/qemu-nbd %{_libexecdir}/xen/bin/qemu-nbd-xen -fi -if [ -f /usr/bin/qemu-io ]; then - rm -f %{_libexecdir}/xen/bin/qemu-io-xen - ln -s /usr/bin/qemu-io %{_libexecdir}/xen/bin/qemu-io-xen -fi if [ -f /etc/default/grub ] && ! (/usr/bin/grep GRUB_CMDLINE_XEN /etc/default/grub >/dev/null); then echo '# Xen boot parameters for all Xen boots' >> /etc/default/grub echo 'GRUB_CMDLINE_XEN=""' >> /etc/default/grub echo '# Xen boot parameters for non-recovery Xen boots (in addition to GRUB_CMDLINE_XEN)' >> /etc/default/grub echo 'GRUB_CMDLINE_XEN_DEFAULT=""' >> /etc/default/grub fi +if [ -f %{_datadir}/grub2/i386-xen/grub.xen ] && [ ! -f %{_libexecdir}/%{name}/boot/pvgrub32.bin ]; then + ln -sv %{_datadir}/grub2/i386-xen/grub.xen %{_libexecdir}/%{name}/boot/pvgrub32.bin +fi +if [ -f %{_datadir}/grub2/x86_64-xen/grub.xen ] && [ ! -f %{_libexecdir}/%{name}/boot/pvgrub64.bin ]; then + ln -sv %{_datadir}/grub2/x86_64-xen/grub.xen %{_libexecdir}/%{name}/boot/pvgrub64.bin +fi %preun tools -%if %{?with_systemd}0 %service_del_preun xencommons.service %service_del_preun xendomains.service -%else -%{stop_on_removal xendomains xencommons} -%endif +%service_del_preun xen-watchdog.service +%service_del_preun xenstored.service +%service_del_preun xen-dom0-modules.service +%service_del_preun xenconsoled.service +%service_del_preun xen-init-dom0.service +%service_del_preun xen-qemu-dom0-disk-backend.service %postun tools +%if %{defined service_del_postun_without_restart} +%service_del_postun_without_restart xencommons.service +%service_del_postun_without_restart xendomains.service +%service_del_postun_without_restart xen-watchdog.service +%service_del_postun_without_restart xenstored.service +%service_del_postun_without_restart xen-dom0-modules.service +%service_del_postun_without_restart xenconsoled.service +%service_del_postun_without_restart xen-init-dom0.service +%service_del_postun_without_restart xen-qemu-dom0-disk-backend.service +%else export DISABLE_RESTART_ON_UPDATE=yes -%if %{?with_systemd}0 %service_del_postun xencommons.service %service_del_postun xendomains.service -%else -%{insserv_cleanup} +%service_del_postun xen-watchdog.service +%service_del_postun xenstored.service +%service_del_postun xen-dom0-modules.service +%service_del_postun xenconsoled.service +%service_del_postun xen-init-dom0.service +%service_del_postun xen-qemu-dom0-disk-backend.service %endif %endif
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor