diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2014-10-09 12:04:31 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2014-10-09 12:17:58 +0000 |
| commit | d7fcf5542a0a6ab8f821862a9cc050db36c8c2e9 (patch) | |
| tree | 903af9a6ebff1a12405322e7e2a62e57f7f6425f | |
| parent | 0ffb8fd99cbb3535ad5469c4bf17b624c2461dbc (diff) | |
| download | aports-d7fcf5542a0a6ab8f821862a9cc050db36c8c2e9.tar.bz2 aports-d7fcf5542a0a6ab8f821862a9cc050db36c8c2e9.tar.xz | |
main/xen: upgrade to 4.4.1 and remove xend
fixes #3228
| -rw-r--r-- | main/xen/APKBUILD | 88 | ||||
| -rw-r--r-- | main/xen/docs-Fix-generating-qemu-doc.html-with-texinfo-5.patch | 55 | ||||
| -rw-r--r-- | main/xen/qemu-coroutine-gthread.patch | 12 | ||||
| -rw-r--r-- | main/xen/qemu-xen-musl-openpty.patch | 42 | ||||
| -rw-r--r-- | main/xen/qemu-xen-sysconfdir.patch | 10 | ||||
| -rw-r--r-- | main/xen/qemu-xen-tls-websockets.patch | 114 | ||||
| -rw-r--r-- | main/xen/qemu-xen-vnc-robustness.patch | 68 | ||||
| -rw-r--r-- | main/xen/qemu-xen-websocket-plain-hack.patch | 61 | ||||
| -rw-r--r-- | main/xen/qemu-xen-websocket.patch | 960 | ||||
| -rw-r--r-- | main/xen/qemu-xen_paths.patch | 15 | ||||
| -rw-r--r-- | main/xen/xsa41.patch | 72 | ||||
| -rw-r--r-- | main/xen/xsa41b.patch | 67 | ||||
| -rw-r--r-- | main/xen/xsa41c.patch | 39 | ||||
| -rw-r--r-- | main/xen/xsa97-hap-4_3.patch | 485 |
14 files changed, 74 insertions, 2014 deletions
diff --git a/main/xen/APKBUILD b/main/xen/APKBUILD index c92474a55d..6799cfc25f 100644 --- a/main/xen/APKBUILD +++ b/main/xen/APKBUILD @@ -2,7 +2,7 @@ # Contributor: Roger Pau Monne <roger.pau@entel.upc.edu> # Maintainer: William Pitcock <nenolod@dereferenced.org> pkgname=xen -pkgver=4.3.3 +pkgver=4.4.1 pkgrel=0 pkgdesc="Xen hypervisor" url="http://www.xen.org/" @@ -15,26 +15,17 @@ depends_dev="openssl-dev python-dev e2fsprogs-dev gettext zlib-dev ncurses-dev e2fsprogs-dev" makedepends="$depends_dev autoconf automake libtool" install="" -subpackages="$pkgname-doc $pkgname-dev $pkgname-libs $pkgname-hypervisor $pkgname-xend" +subpackages="$pkgname-doc $pkgname-dev $pkgname-libs $pkgname-hypervisor" source="http://bits.xensource.com/oss-xen/release/$pkgver/$pkgname-$pkgver.tar.gz librt.patch - qemu-xen_paths.patch - docs-Fix-generating-qemu-doc.html-with-texinfo-5.patch - xsa41.patch - xsa41b.patch - xsa41c.patch - - xsa97-hap-4_3.patch xsa108.patch fix-pod2man-choking.patch - qemu-xen-websocket.patch - qemu-xen-tls-websockets.patch qemu-coroutine-gthread.patch - qemu-xen-websocket-plain-hack.patch - qemu-xen-vnc-robustness.patch + qemu-xen-musl-openpty.patch + qemu-xen-sysconfdir.patch hotplug-vif-vtrill.patch 0001-ipxe-dont-clobber-ebp.patch @@ -50,8 +41,6 @@ source="http://bits.xensource.com/oss-xen/release/$pkgver/$pkgname-$pkgver.tar.g xenstored.confd xenconsoled.initd xenconsoled.confd - xend.initd - xend.confd xendomains.initd xendomains.confd xen-consoles.logrotate @@ -59,8 +48,6 @@ source="http://bits.xensource.com/oss-xen/release/$pkgver/$pkgname-$pkgver.tar.g xenqemu.initd " -[ "$ALPINE_LIBC" = "eglibc" ] && arch= - _builddir="$srcdir"/$pkgname-$pkgver prepare() { local i @@ -194,34 +181,13 @@ hypervisor() { mv "$pkgdir"/boot "$subpkgdir"/ } -xend() { - pkgdesc="Xend toolstack" - replaces="xen" - depends="udev xen python" - install="xen-xend.post-install xen-xend.post-upgrade" - - mkdir -p "$subpkgdir" - sitepackages=`python -c "from distutils.sysconfig import get_python_lib; print(get_python_lib())"` - mkdir -p "$subpkgdir"/"$sitepackages"/xen - find "$pkgdir"/"$sitepackages"/xen -maxdepth 1 -mindepth 1 -type d -not -name lowlevel \ - -exec mv '{}' "$subpkgdir"/"$sitepackages"/xen \; -} - -md5sums="1b4438a50d8875700ac2c7e1ffbcd91b xen-4.3.3.tar.gz +md5sums="1868433f393503000877d15cd4e93d15 xen-4.4.1.tar.gz 2dc5ddf47c53ea168729975046c3c1f9 librt.patch -1ccde6b36a6f9542a16d998204dc9a22 qemu-xen_paths.patch -6dcff640268d514fa9164b4c812cc52d docs-Fix-generating-qemu-doc.html-with-texinfo-5.patch -8ad8942000b8a4be4917599cad9209cf xsa41.patch -ed7d0399c6ca6aeee479da5d8f807fe0 xsa41b.patch -2f3dd7bdc59d104370066d6582725575 xsa41c.patch -8b0feffc89e3f34d835d60ad62688b30 xsa97-hap-4_3.patch 1f66f6c52941309c825f60e1bf144987 xsa108.patch 4c5455d1adc09752a835e241097fbc39 fix-pod2man-choking.patch -a4097e06a7e000ed00f4607db014d277 qemu-xen-websocket.patch -35bdea1d4e3ae2565edc7e40906efdd5 qemu-xen-tls-websockets.patch -9cf9b155dfa6cd473554aa0f25181c1c qemu-coroutine-gthread.patch -f8ea5786b0a6157b9cb3e67e323b592c qemu-xen-websocket-plain-hack.patch -066acc4af962c57e2f6cc0286bfdc270 qemu-xen-vnc-robustness.patch +de1a3db370b87cfb0bddb51796b50315 qemu-coroutine-gthread.patch +dd8603eaab5857816843bfc37647d569 qemu-xen-musl-openpty.patch +80f5eeed326916ca46ca158b8049a4b9 qemu-xen-sysconfdir.patch e449bb3359b490804ffc7b0ae08d62a0 hotplug-vif-vtrill.patch 229539a822e14a6a62babffd71ecfbf3 0001-ipxe-dont-clobber-ebp.patch 08a30d56902b660f5102a5c208e545c9 init-xenstore-domain.patch @@ -233,28 +199,18 @@ bd6d294c47d4285e770aefa6e63eeea2 xenstored.initd d86504e12f05deca6b3eeeb90157160e xenstored.confd ed262f15fb880badb53575539468646c xenconsoled.initd ec2252c72050d7d5870a3a629b873ba6 xenconsoled.confd -1803ddf6877bdf254082365389a4efa9 xend.initd -9261ad0f285836c1b0ea07f306e4586e xend.confd 10f3ab45a6d0a241b9c7e9757ad59ad8 xendomains.initd 2c80e442cec6dd2a025b61852641834d xendomains.confd 9df68ac65dc3f372f5d61183abdc83ff xen-consoles.logrotate 6a2f777c16678d84039acf670d86fff6 xenqemu.confd f9afbf39e2b5a7d9dde60ebbd249ea7d xenqemu.initd" -sha256sums="59eb0e1c4a1f66965fe56dcf27cdb5872bf7e0585b7f2e60bd7967ec7f744ebf xen-4.3.3.tar.gz +sha256sums="55b49d3c4575d7791275125ff87c0f86f1d1e0f7f2718b6fd1c4f88a9bc7ea25 xen-4.4.1.tar.gz 12bf32f9937b09283f2df4955b50d6739768f66137a7d991f661f45cf77cb53b librt.patch -9440ca31a6911201f02694e93faafb5ca9b17de18b7f15b53ceac39a03411b4a qemu-xen_paths.patch -a0c225d716d343fe041b63e3940900c5b3573ed3bcfc5b7c2d52ea2861c3fc28 docs-Fix-generating-qemu-doc.html-with-texinfo-5.patch -93452beba88a8da8e89b8bfa743074a358ba1d9052151c608e21c4d62f8c4867 xsa41.patch -896a07f57310c9bea9bc2a305166cf796282c381cb7839be49105b1726a860b5 xsa41b.patch -683dd96a0a8899f794070c8c09643dfeeb39f92da531955cba961b45f6075914 xsa41c.patch -cfab6521221a5058a0dfbb6d59c3c4cd0e7f4239bb6cbee2723de22c33caafda xsa97-hap-4_3.patch cf7ecf4b4680c09e8b1f03980d8350a0e1e7eb03060031788f972e0d4d47203e xsa108.patch fcb5b9ff0bc4b4d39fed9b88891491b91628aa449914cfea321abe5da24c1da2 fix-pod2man-choking.patch -e9f6c482fc449e0b540657a8988ad31f2e680b8933e50e6486687a52f6a9ed04 qemu-xen-websocket.patch -435dd428d83acdfde58888532a1cece1e9075b2a2460fe3f6cd33c7d400f2715 qemu-xen-tls-websockets.patch -7477c5acfc756f6498858e4a3eb250b3db84ee491a9d4ae38dddbc27275a370c qemu-coroutine-gthread.patch -6c4c184462d47e7fd00e8d8f6bf12b33f6cf486f00415c1934ecf6c2b62f69c1 qemu-xen-websocket-plain-hack.patch -f34590761b627d69d2033c1350f2403e9d572b2172e852e3b30e7630bc009a9f qemu-xen-vnc-robustness.patch +3941f99b49c7e8dafc9fae8aad2136a14c6d84533cd542cc5f1040a41ef7c6fe qemu-coroutine-gthread.patch +fe76c7c8faf686060b20491bfed4a13ce37b1bc3dcdbf33d242e388cee14c7c1 qemu-xen-musl-openpty.patch +40a865f8bf69fc50780b1a1c87785c630ded832913a6b1a41b80111d94ff3cdb qemu-xen-sysconfdir.patch dd1e784bc455eb62cb85b3fa24bfc34f575ceaab9597ef6a2f1ee7ff7b3cae0a hotplug-vif-vtrill.patch 751ef06569de66578b8713dc170976832b0671ac2696f32eb9ad69d60332d594 0001-ipxe-dont-clobber-ebp.patch 0204d69804e83864cd6b2122f51b9c1940588158a35c159a7ef0c3b8fb0af4cb init-xenstore-domain.patch @@ -266,28 +222,18 @@ dd1e784bc455eb62cb85b3fa24bfc34f575ceaab9597ef6a2f1ee7ff7b3cae0a hotplug-vif-vt 991bb7c9da02941556e29714bd96b26e39e57e0a5b514eadd78d9bfa3fa5a9dc xenstored.confd 93bea2eb90ea1b4628854c8141dd351bbd1fbc5959b12795447ea933ad025f01 xenconsoled.initd 2a74be03eb74f6013242a4a5d721df6cb9b959b43c405de1e32813f52d749060 xenconsoled.confd -a50a4485e84bcc098ad021556cd2aa7947c228f0a546ab942e880787ced57be3 xend.initd -7f7a96349084474b76af98426387fec12a0684f505d1691091ac3d2556bde2de xend.confd c304a6353ba1daebd0547bb57e9ffffc2c90465d6abe7469cfdacf61c5108eab xendomains.initd 2360b1fa1f102ac1b1a6cd0d161a94d13139dfc21d9a2227d35d557b4f04a63e xendomains.confd 0da87a4b9094f934e3de937e8ef8d3afc752e76793aa3d730182d0241e118b19 xen-consoles.logrotate 4cfcddcade5d055422ab4543e8caa6e5c5eee7625c41880a9000b7a87c7c424e xenqemu.confd bf17808a79c57a9efc38b9f14cc87f556b2bb7ecfdec5763d9cf686255a47fce xenqemu.initd" -sha512sums="cd9b7199d2859a856c719b75ee50a059c480f7493bbc493bcc3701d20321bd6d83c6fe1dd58e7b37695639bccf15e6420fb52f7e699586e7750ea665e99f82fc xen-4.3.3.tar.gz +sha512sums="bcd577014f4e8cb37b934f17a4dfb6f12e72e865a9e553cc435fdbe6665c733a4d20a812bf126727eca0946188a6abbd9419579757d7e03a38059f3656371c1c xen-4.4.1.tar.gz 74e3cfc51e367fc445cb3d8149f0c8830e94719a266daf04d2cd0889864591860c4c8842de2bc78070e4c5be7d14dfbb8b236c511d5faeddc2ad97177c1d3764 librt.patch -425149aea57a6deae9f488cea867f125983998dc6e8c63893fb3b9caf0ea34214251dd98ad74db823f5168631c44c49b988b6fe9c11b76bd493ddf51bc0baaa2 qemu-xen_paths.patch -477d3d08bd4fcdfbc54abea1a18acb6a41d298c366cd01c954f474515cb862d0dd59217c0dfca5460a725a8bc036de42132f522c3eefdffcc4fd511f016b783f docs-Fix-generating-qemu-doc.html-with-texinfo-5.patch -94672a4d37db4e370370157cac9507ee1a75832f4be779fba148c1faa0b18f26ed57126eee6256ccd5d218463325a730266b53139554f4865adedb7659154c16 xsa41.patch -bda9105793f2327e1317991762120d0668af0e964076b18c9fdbfd509984b2e88d85df95702c46b2e00d5350e8113f6aa7b34b19064d19abbeb4d43f0c431d38 xsa41b.patch -36b60478660ff7748328f5ab9adff13286eee1a1bad06e42fdf7e6aafe105103988525725aacd660cf5b2a184a9e2d6b3818655203c1fa07e07dcebdf23f35d9 xsa41c.patch -acfd1058632d42bef061a9586565d184c0010d74870a25bc9b0a0bf40dda8abfd882056b8340dec45355efd9326d05f92a933f5d5c1c58e97597a8e88c61c639 xsa97-hap-4_3.patch f511a13ee4223ea2fa9d109fea1802b462f178d3be7de630aeba6eb40ef5d17c7db9d3b99ea414c5794d92d181a60c0bd2061f51987c6deb3a9071f5626fd049 xsa108.patch 2e95ad43bb66f928fe1e8caf474a3211571f75f79ea32aaa3eddb3aed9963444bd131006b67e682395af0d79118b2634bf808404693b813a94662d2a9d665ac2 fix-pod2man-choking.patch -45f1da45f3ff937d0a626e37c130d76f5b97f49a57ddeb11ef2a8e850c04c32c819a3dfcef501eb3784db5fe7b39c88230063e56aa6e5197fd9c7b7d424fff77 qemu-xen-websocket.patch -11eaccc346440ff285552f204d491e3b31bda1665c3219ecae3061b5d55db9dec885af0c031fa19c67e87bbe238002b1911bbd5bfea2f2ba0d61e6b3d0c952c9 qemu-xen-tls-websockets.patch -8b8df4f57ab725f54cfe44fb6b8d271ee22e94873f168e452293dd53955854b171b8311209133e5d825f9ce985219818803182b3451708a3452bc699b7b1dda1 qemu-coroutine-gthread.patch -692e29205fa3d0a6e4d1be69a242d55c44a1fee26c594e6e46d8809339f93dcdc31c0735723a46f63ae0a727741bdc8a899bb1ce9103a2cd701b236f63a17fa2 qemu-xen-websocket-plain-hack.patch -a52aa303dd3d9abae3ddb3af788b1f1f7a6bd9eb0c13f67f0995190238f7638f7909ea7d7bf7d778c64edbb6bdae87a5d5654e12440abded083e4818ff204b47 qemu-xen-vnc-robustness.patch +c3c46f232f0bd9f767b232af7e8ce910a6166b126bd5427bb8dc325aeb2c634b956de3fc225cab5af72649070c8205cc8e1cab7689fc266c204f525086f1a562 qemu-coroutine-gthread.patch +a8b7378516172389450834985e8558d7a86d7cd808154bdc846bb98325e40fc4e87b1fc6d725297f4bef6eb54ebcbcbfa4d9d0363d83f635755795fb0726e006 qemu-xen-musl-openpty.patch +4e314647801613a09b2ec4bf48baabed51451c3479c1ffb218959e2dca514f67463797097dfaf867d1cff48455fd08053a61c43721091808c60cd8f95b308b35 qemu-xen-sysconfdir.patch f095ea373f36381491ad36f0662fb4f53665031973721256b23166e596318581da7cbb0146d0beb2446729adfdb321e01468e377793f6563a67d68b8b0f7ffe3 hotplug-vif-vtrill.patch c3a1b270347a99c8ce21118010ad8d817b4462a31cc5c75352faa7086969ef0646f3f4d0922d85c2e504cff091ce7e9fe79c92f983c2ba4af2fae85c52c3835a 0001-ipxe-dont-clobber-ebp.patch 475eb800660dc928914b8c15562f18f24d6e7a76f4cc7bed9249ce52d444c29aec1aef843eb37ade0c7c9616195bbbc1606a3195e25b2bd4b6a1d1af5f69256e init-xenstore-domain.patch @@ -299,8 +245,6 @@ c3a1b270347a99c8ce21118010ad8d817b4462a31cc5c75352faa7086969ef0646f3f4d0922d85c2 093f7fbd43faf0a16a226486a0776bade5dc1681d281c5946a3191c32d74f9699c6bf5d0ab8de9d1195a2461165d1660788e92a3156c9b3c7054d7b2d52d7ff0 xenstored.confd 12f981b2459c65d66e67ec0b32d0d19b95a029bc54c2a79138cfe488d3524a22e51860f755abfe25ddcdaf1b27f2ded59b6e350b9d5f8791193d00e2d3673137 xenconsoled.initd 30df69cc38d0bed26bc4d6e08a2b62cbdc654d5f663009a05cb3b83b3e3dc5e206362d3fd59abbb753ceb8d6d79eaa6e15d079bb8f4f35dc74667103faf4e85d xenconsoled.confd -55766e22d9374b404b96fba9d30aee49bee6c95fabce9c3d2aed1faba04c1573ecd75fe49e27ce1527ecf9064f53ccc15e4c69a1aa4ea3daa44828f38d687d85 xend.initd -39b38156f0a8498dbbe9aa58d320b85473d0999d62d2e33bb6bf53627fc41f2c67ec318dfab70d2063799f4cd9eeadc015b66fbb211ee3ef765492421a718608 xend.confd d1008996e486bc8243abd0c3f50755da0f414009ba81eebe943514e29c7e2440af3e4aa0bc46258f05a502a7876783e834756b02dc72161be1ab3808e6abe67b xendomains.initd 7c1e32d07aefbde1904ca2d98f9a415543cea7ab8e039b05e0b111e37e78c07c40b540e439b3656d5840dfd76e35e07cf1d6ddea431163d975b1ddf5ddac50d3 xendomains.confd ab2105c75cfe01768aecd5bcbb56269d63666e8a44e42b6a83aee87df6c84ee2f9ab249171c21b2e09f8fec2cae8318f6e87d160989398a3e7dd68db8d52c426 xen-consoles.logrotate diff --git a/main/xen/docs-Fix-generating-qemu-doc.html-with-texinfo-5.patch b/main/xen/docs-Fix-generating-qemu-doc.html-with-texinfo-5.patch deleted file mode 100644 index e442e3d8c3..0000000000 --- a/main/xen/docs-Fix-generating-qemu-doc.html-with-texinfo-5.patch +++ /dev/null @@ -1,55 +0,0 @@ -From patchwork Wed Feb 20 17:20:31 2013 -Content-Type: text/plain; charset="utf-8" -MIME-Version: 1.0 -Content-Transfer-Encoding: 7bit -Subject: docs: Fix generating qemu-doc.html with texinfo 5 -Date: Wed, 20 Feb 2013 07:20:31 -0000 -From: Cole Robinson <crobinso@redhat.com> -X-Patchwork-Id: 222131 -Message-Id: <97218cb913b6b91072f7e6f21d1de39ec5a137dd.1361380831.git.crobinso@redhat.com> -To: qemu-devel@nongnu.org -Cc: qemu-stable@nongnu.org, Cole Robinson <crobinso@redhat.com> - -LC_ALL=C makeinfo --no-headers --no-split --number-sections --html qemu-doc.texi -o qemu-doc.html -./qemu-options.texi:1521: unknown command `list' -./qemu-options.texi:1521: table requires an argument: the formatter for @item -./qemu-options.texi:1521: warning: @table has text but no @item - -CC: qemu-stable@nongnu.org -Signed-off-by: Cole Robinson <crobinso@redhat.com> -Reviewed-by: Markus Armbruster <armbru@redhat.com> - ---- -qemu-options.hx | 19 +++++++------------ - 1 file changed, 7 insertions(+), 12 deletions(-) - -diff --git a/qemu-options.hx b/qemu-options.hx -index 4bc9c85..3af60bf 100644 ---- a/tools/qemu-xen/qemu-options.hx -+++ b/tools/qemu-xen/qemu-options.hx -@@ -2095,18 +2095,13 @@ QEMU supports using either local sheepdog devices or remote networked - devices. - - Syntax for specifying a sheepdog device --@table @list --``sheepdog:<vdiname>'' -- --``sheepdog:<vdiname>:<snapid>'' -- --``sheepdog:<vdiname>:<tag>'' -- --``sheepdog:<host>:<port>:<vdiname>'' -- --``sheepdog:<host>:<port>:<vdiname>:<snapid>'' -- --``sheepdog:<host>:<port>:<vdiname>:<tag>'' -+@table @code -+@item sheepdog:<vdiname> -+@item sheepdog:<vdiname>:<snapid> -+@item sheepdog:<vdiname>:<tag> -+@item sheepdog:<host>:<port>:<vdiname> -+@item sheepdog:<host>:<port>:<vdiname>:<snapid> -+@item sheepdog:<host>:<port>:<vdiname>:<tag> - @end table - - Example diff --git a/main/xen/qemu-coroutine-gthread.patch b/main/xen/qemu-coroutine-gthread.patch index 8c8a71bbfb..4b9b3329e4 100644 --- a/main/xen/qemu-coroutine-gthread.patch +++ b/main/xen/qemu-coroutine-gthread.patch @@ -1,10 +1,10 @@ ---- xen-4.3.0.orig/tools/Makefile -+++ xen-4.3.0/tools/Makefile -@@ -204,6 +204,7 @@ - --sysconfdir=/etc/qemu \ +--- ./tools/Makefile.orig ++++ ./tools/Makefile +@@ -202,6 +202,7 @@ + --localstatedir=/var \ --disable-kvm \ - --enable-vnc-ws \ -+ --with-coroutine=gthread \ --disable-docs \ ++ --with-coroutine=gthread \ + --disable-guest-agent \ --python=$(PYTHON) \ $(IOEMU_CONFIGURE_CROSS); \ diff --git a/main/xen/qemu-xen-musl-openpty.patch b/main/xen/qemu-xen-musl-openpty.patch new file mode 100644 index 0000000000..bb23810551 --- /dev/null +++ b/main/xen/qemu-xen-musl-openpty.patch @@ -0,0 +1,42 @@ +From 828ca41769f5070bec903db348647a47d2e0515e Mon Sep 17 00:00:00 2001 +From: Natanael Copa <ncopa@alpinelinux.org> +Date: Tue, 29 Apr 2014 10:14:57 +0200 +Subject: [PATCH] util/qemu-openpty: fix build with musl libc by include + termios.h as fallback + +Include termios.h as POSIX fallback when not glibc, bsd or solaris. +POSIX says that termios.h should define struct termios and TCAFLUSH. +http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/termios.h.html + +This fixes the following compile errors with musl libc: + +util/qemu-openpty.c: In function 'qemu_openpty_raw': +util/qemu-openpty.c:112:20: error: storage size of 'tty' isn't known + struct termios tty; + ^ +... +util/qemu-openpty.c:128:24: error: 'TCSAFLUSH' undeclared (first use in this function) + tcsetattr(*aslave, TCSAFLUSH, &tty); + ^ + +Signed-off-by: Natanael Copa <ncopa@alpinelinux.org> +--- + util/qemu-openpty.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/util/qemu-openpty.c b/util/qemu-openpty.c +index 4febfe9..4c53211 100644 +--- a/tools/qemu-xen/util/qemu-openpty.c ++++ b/tools/qemu-xen/util/qemu-openpty.c +@@ -47,6 +47,8 @@ + #elif defined CONFIG_SOLARIS + # include <termios.h> + # include <stropts.h> ++#else ++# include <termios.h> + #endif + + #ifdef __sun__ +-- +2.1.2 + diff --git a/main/xen/qemu-xen-sysconfdir.patch b/main/xen/qemu-xen-sysconfdir.patch new file mode 100644 index 0000000000..ad63877498 --- /dev/null +++ b/main/xen/qemu-xen-sysconfdir.patch @@ -0,0 +1,10 @@ +--- ./tools/Makefile.orig ++++ ./tools/Makefile +@@ -189,6 +189,7 @@ + $$source/configure --enable-xen --target-list=i386-softmmu \ + $(QEMU_XEN_ENABLE_DEBUG) \ + --prefix=$(PREFIX) \ ++ --sysconfdir=/etc/xen \ + --source-path=$$source \ + --extra-cflags="-I$(XEN_ROOT)/tools/include \ + -I$(XEN_ROOT)/tools/libxc \ diff --git a/main/xen/qemu-xen-tls-websockets.patch b/main/xen/qemu-xen-tls-websockets.patch deleted file mode 100644 index 8175676f78..0000000000 --- a/main/xen/qemu-xen-tls-websockets.patch +++ /dev/null @@ -1,114 +0,0 @@ ---- xen-4.2.2.orig/tools/qemu-xen/ui/vnc-ws.c -+++ xen-4.2.2/tools/qemu-xen/ui/vnc-ws.c -@@ -20,7 +20,7 @@ - - #include "vnc.h" - --void vncws_handshake_read(void *opaque) -+static void vncws_handshake_read_impl(void *opaque) - { - VncState *vs = opaque; - uint8_t *handshake_end; -@@ -46,6 +46,78 @@ - } - } - -+#ifdef CONFIG_VNC_TLS -+static void vncws_tls_handshake_io(void *opaque); -+ -+int vncws_tls_handshake(struct VncState *vs) { -+ int ret; -+ -+ if ((ret = gnutls_handshake(vs->tls.session)) < 0) { -+ if (!gnutls_error_is_fatal(ret)) { -+ VNC_DEBUG("Handshake interrupted (blocking)\n"); -+ if (!gnutls_record_get_direction(vs->tls.session)) -+ qemu_set_fd_handler(vs->csock, vncws_tls_handshake_io, NULL, vs); -+ else -+ qemu_set_fd_handler(vs->csock, NULL, vncws_tls_handshake_io, vs); -+ return 0; -+ } -+ VNC_DEBUG("Handshake failed %s\n", gnutls_strerror(ret)); -+ vnc_client_error(vs); -+ return -1; -+ } -+ -+ if (vs->vd->tls.x509verify) { -+ if (vnc_tls_validate_certificate(vs) < 0) { -+ VNC_DEBUG("Client verification failed\n"); -+ vnc_client_error(vs); -+ return -1; -+ } else { -+ VNC_DEBUG("Client verification passed\n"); -+ } -+ } -+ -+ VNC_DEBUG("Handshake done, switching to TLS data mode and waiting for HTTPS upgrade\n"); -+ vs->tls.wiremode = VNC_WIREMODE_TLS; -+ qemu_set_fd_handler2(vs->csock, NULL, vncws_handshake_read_impl, NULL, vs); -+ -+ return 0; -+} -+ -+static void vncws_tls_handshake_io(void *opaque) { -+ struct VncState *vs = (struct VncState *)opaque; -+ -+ VNC_DEBUG("Handshake IO continues\n"); -+ vncws_tls_handshake(vs); -+} -+ -+#define NEED_X509_AUTH(vs) \ -+ ((vs)->subauth == VNC_AUTH_VENCRYPT_X509NONE || \ -+ (vs)->subauth == VNC_AUTH_VENCRYPT_X509VNC || \ -+ (vs)->subauth == VNC_AUTH_VENCRYPT_X509PLAIN || \ -+ (vs)->subauth == VNC_AUTH_VENCRYPT_X509SASL) -+#endif -+ -+void vncws_handshake_read(void *opaque) -+{ -+ VncState *vs = opaque; -+ -+#ifdef CONFIG_VNC_TLS -+ if (!vs->vd->want_tls) -+ return vncws_handshake_read_impl(vs); -+ -+ if (vnc_tls_client_setup(vs, NEED_X509_AUTH(vs)) < 0) { -+ VNC_DEBUG("Failed to setup TLS\n"); -+ return 0; -+ } -+ -+ if (vncws_tls_handshake(vs) < 0) { -+ VNC_DEBUG("Failed to start TLS handshake\n"); -+ return 0; -+ } -+#else -+ vncws_handshake_read_impl(vs); -+#endif -+} - - long vnc_client_read_ws(VncState *vs) - { ---- xen-4.2.2.orig/tools/qemu-xen/ui/vnc.c -+++ xen-4.2.2/tools/qemu-xen/ui/vnc.c -@@ -2897,6 +2897,9 @@ - } else if (strncmp(options, "x509", 4) == 0) { - char *start, *end; - x509 = 1; /* Require x509 certificates */ -+#ifdef CONFIG_VNC_WS -+ vs->want_tls = true; -+#endif - if (strncmp(options, "x509verify", 10) == 0) - vs->tls.x509verify = 1; /* ...and verify client certs */ - ---- xen-4.2.2.orig/tools/qemu-xen/ui/vnc.h -+++ xen-4.2.2/tools/qemu-xen/ui/vnc.h -@@ -157,6 +157,9 @@ - bool lossy; - bool non_adaptive; - #ifdef CONFIG_VNC_TLS -+#ifdef CONFIG_VNC_WS -+ bool want_tls; -+#endif - int subauth; /* Used by VeNCrypt */ - VncDisplayTLS tls; - #endif diff --git a/main/xen/qemu-xen-vnc-robustness.patch b/main/xen/qemu-xen-vnc-robustness.patch deleted file mode 100644 index b06bcaf0aa..0000000000 --- a/main/xen/qemu-xen-vnc-robustness.patch +++ /dev/null @@ -1,68 +0,0 @@ ---- xen-4.3.0.orig/tools/qemu-xen/ui/vnc.c -+++ xen-4.3.0/tools/qemu-xen/ui/vnc.c -@@ -2703,6 +2703,8 @@ - - vs->csock = csock; - -+ QTAILQ_INSERT_HEAD(&vd->clients, vs, next); -+ - if (skipauth) { - vs->auth = VNC_AUTH_NONE; - #ifdef CONFIG_VNC_TLS -@@ -2739,17 +2741,11 @@ - - vs->vd = vd; - --#ifdef CONFIG_VNC_WS -- if (!vs->websocket) --#endif -- { -- vnc_init_state(vs); -- } --} -+ if (vs->vd->lock_key_sync) -+ vs->led = qemu_add_led_event_handler(kbd_leds, vs); - --void vnc_init_state(VncState *vs) --{ -- VncDisplay *vd = vs->vd; -+ vs->mouse_mode_notifier.notify = check_pointer_type_change; -+ qemu_add_mouse_mode_change_notifier(&vs->mouse_mode_notifier); - - vs->ds = vd->ds; - vs->last_x = -1; -@@ -2763,21 +2759,26 @@ - qemu_mutex_init(&vs->output_mutex); - vs->bh = qemu_bh_new(vnc_jobs_bh, vs); - -- QTAILQ_INSERT_HEAD(&vd->clients, vs, next); -+ vnc_init_timer(vd); - -+#ifdef CONFIG_VNC_WS -+ if (!vs->websocket) -+#endif -+ { -+ vnc_init_state(vs); -+ } -+} -+ -+void vnc_init_state(VncState *vs) -+{ -+ VncDisplay *vd = vs->vd; -+ - vga_hw_update(); - - vnc_write(vs, "RFB 003.008\n", 12); - vnc_flush(vs); - vnc_read_when(vs, protocol_version, 12); - reset_keys(vs); -- if (vs->vd->lock_key_sync) -- vs->led = qemu_add_led_event_handler(kbd_leds, vs); -- -- vs->mouse_mode_notifier.notify = check_pointer_type_change; -- qemu_add_mouse_mode_change_notifier(&vs->mouse_mode_notifier); -- -- vnc_init_timer(vd); - - /* vs might be free()ed here */ - } diff --git a/main/xen/qemu-xen-websocket-plain-hack.patch b/main/xen/qemu-xen-websocket-plain-hack.patch deleted file mode 100644 index acfabe7a98..0000000000 --- a/main/xen/qemu-xen-websocket-plain-hack.patch +++ /dev/null @@ -1,61 +0,0 @@ ---- xen-4.3.0/tools/qemu-xen/ui/vnc-ws.c -+++ xen-4.3.0.mod/tools/qemu-xen/ui/vnc-ws.c -@@ -90,11 +90,6 @@ - vncws_tls_handshake(vs); - } - --#define NEED_X509_AUTH(vs) \ -- ((vs)->subauth == VNC_AUTH_VENCRYPT_X509NONE || \ -- (vs)->subauth == VNC_AUTH_VENCRYPT_X509VNC || \ -- (vs)->subauth == VNC_AUTH_VENCRYPT_X509PLAIN || \ -- (vs)->subauth == VNC_AUTH_VENCRYPT_X509SASL) - #endif - - void vncws_handshake_read(void *opaque) -@@ -105,7 +100,7 @@ - if (!vs->vd->want_tls) - return vncws_handshake_read_impl(vs); - -- if (vnc_tls_client_setup(vs, NEED_X509_AUTH(vs)) < 0) { -+ if (vnc_tls_client_setup(vs, true) < 0) { - VNC_DEBUG("Failed to setup TLS\n"); - return 0; - } ---- xen-4.3.0/tools/qemu-xen/ui/vnc.c -+++ xen-4.3.0.mod/tools/qemu-xen/ui/vnc.c -@@ -3121,7 +3121,11 @@ - */ - if (password) { - #ifdef CONFIG_VNC_TLS -+#ifdef CONFIG_VNC_WS -+ if (tls && !vs->websocket) { -+#else - if (tls) { -+#endif - vs->auth = VNC_AUTH_VENCRYPT; - if (x509) { - VNC_DEBUG("Initializing VNC server with x509 password auth\n"); -@@ -3141,7 +3145,11 @@ - #ifdef CONFIG_VNC_SASL - } else if (sasl) { - #ifdef CONFIG_VNC_TLS -+#ifdef CONFIG_VNC_WS -+ if (tls && !vs->websocket) { -+#else - if (tls) { -+#endif - vs->auth = VNC_AUTH_VENCRYPT; - if (x509) { - VNC_DEBUG("Initializing VNC server with x509 SASL auth\n"); -@@ -3161,7 +3169,11 @@ - #endif /* CONFIG_VNC_SASL */ - } else { - #ifdef CONFIG_VNC_TLS -+#ifdef CONFIG_VNC_WS -+ if (tls && !vs->websocket) { -+#else - if (tls) { -+#endif - vs->auth = VNC_AUTH_VENCRYPT; - if (x509) { - VNC_DEBUG("Initializing VNC server with x509 no auth\n"); diff --git a/main/xen/qemu-xen-websocket.patch b/main/xen/qemu-xen-websocket.patch deleted file mode 100644 index aa6446e86d..0000000000 --- a/main/xen/qemu-xen-websocket.patch +++ /dev/null @@ -1,960 +0,0 @@ ---- xen-4.3.0.orig/tools/Makefile -+++ xen-4.3.0/tools/Makefile -@@ -203,6 +203,7 @@ - --docdir=$(PREFIX)/share/doc \ - --sysconfdir=/etc/qemu \ - --disable-kvm \ -+ --enable-vnc-ws \ - --disable-docs \ - --python=$(PYTHON) \ - $(IOEMU_CONFIGURE_CROSS); \ ---- xen-4.3.0.orig/tools/qemu-xen/configure -+++ xen-4.3.0/tools/qemu-xen/configure -@@ -158,6 +158,7 @@ - vnc_sasl="" - vnc_jpeg="" - vnc_png="" -+vnc_ws="" - xen="" - xen_ctrl_version="" - xen_pci_passthrough="" -@@ -703,6 +704,10 @@ - ;; - --enable-vnc-png) vnc_png="yes" - ;; -+ --disable-vnc-ws) vnc_ws="no" -+ ;; -+ --enable-vnc-ws) vnc_ws="yes" -+ ;; - --disable-slirp) slirp="no" - ;; - --disable-uuid) uuid="no" -@@ -1048,6 +1053,8 @@ - echo " --enable-vnc-jpeg enable JPEG lossy compression for VNC server" - echo " --disable-vnc-png disable PNG compression for VNC server (default)" - echo " --enable-vnc-png enable PNG compression for VNC server" -+echo " --disable-vnc-ws disable Websockets support for VNC server" -+echo " --enable-vnc-ws enable Websockets support for VNC server" - echo " --disable-curses disable curses output" - echo " --enable-curses enable curses output" - echo " --disable-curl disable curl connectivity" -@@ -1692,8 +1699,8 @@ - fi - - ########################################## --# VNC TLS detection --if test "$vnc" = "yes" -a "$vnc_tls" != "no" ; then -+# VNC TLS/WS detection -+if test "$vnc" = "yes" -a \( "$vnc_tls" != "no" -o "$vnc_ws" != "no" \) ; then - cat > $TMPC <<EOF - #include <gnutls/gnutls.h> - int main(void) { gnutls_session_t s; gnutls_init(&s, GNUTLS_SERVER); return 0; } -@@ -1701,13 +1708,22 @@ - vnc_tls_cflags=`$pkg_config --cflags gnutls 2> /dev/null` - vnc_tls_libs=`$pkg_config --libs gnutls 2> /dev/null` - if compile_prog "$vnc_tls_cflags" "$vnc_tls_libs" ; then -- vnc_tls=yes -+ if test "$vnc_tls" != "no" ; then -+ vnc_tls=yes -+ fi -+ if test "$vnc_ws" != "no" ; then -+ vnc_ws=yes -+ fi - libs_softmmu="$vnc_tls_libs $libs_softmmu" - else - if test "$vnc_tls" = "yes" ; then - feature_not_found "vnc-tls" - fi -+ if test "$vnc_ws" = "yes" ; then -+ feature_not_found "vnc-ws" -+ fi - vnc_tls=no -+ vnc_ws=no - fi - fi - -@@ -3209,6 +3225,7 @@ - echo "VNC SASL support $vnc_sasl" - echo "VNC JPEG support $vnc_jpeg" - echo "VNC PNG support $vnc_png" -+ echo "VNC WS support $vnc_ws" - fi - if test -n "$sparc_cpu"; then - echo "Target Sparc Arch $sparc_cpu" -@@ -3384,6 +3401,10 @@ - if test "$vnc_png" = "yes" ; then - echo "CONFIG_VNC_PNG=y" >> $config_host_mak - echo "VNC_PNG_CFLAGS=$vnc_png_cflags" >> $config_host_mak -+fi -+if test "$vnc_ws" = "yes" ; then -+ echo "CONFIG_VNC_WS=y" >> $config_host_mak -+ echo "VNC_WS_CFLAGS=$vnc_ws_cflags" >> $config_host_mak - fi - if test "$fnmatch" = "yes" ; then - echo "CONFIG_FNMATCH=y" >> $config_host_mak ---- xen-4.3.0.orig/tools/qemu-xen/qemu-options.hx -+++ xen-4.3.0/tools/qemu-xen/qemu-options.hx -@@ -1096,6 +1096,14 @@ - connections (@var{host}:@var{d},@code{reverse}), the @var{d} argument - is a TCP port number, not a display number. - -+@item websocket -+ -+Opens an additional TCP listening port dedicated to VNC Websocket connections. -+By defintion the Websocket port is 5700+@var{display}. If @var{host} is -+specified connections will only be allowed from this host. -+As an alternative the Websocket port could be specified by using -+@code{websocket}=@var{port}. -+ - @item password - - Require that password based authentication is used for client connections. ---- xen-4.3.0.orig/tools/qemu-xen/qemu-options.hx.orig -+++ xen-4.3.0/tools/qemu-xen/qemu-options.hx.orig -@@ -2045,18 +2045,13 @@ - devices. - - Syntax for specifying a sheepdog device --@table @list --``sheepdog:<vdiname>'' -- --``sheepdog:<vdiname>:<snapid>'' -- --``sheepdog:<vdiname>:<tag>'' -- --``sheepdog:<host>:<port>:<vdiname>'' -- --``sheepdog:<host>:<port>:<vdiname>:<snapid>'' -- --``sheepdog:<host>:<port>:<vdiname>:<tag>'' -+@table @code -+@item sheepdog:<vdiname> -+@item sheepdog:<vdiname>:<snapid> -+@item sheepdog:<vdiname>:<tag> -+@item sheepdog:<host>:<port>:<vdiname> -+@item sheepdog:<host>:<port>:<vdiname>:<snapid> -+@item sheepdog:<host>:<port>:<vdiname>:<tag> - @end table - - Example ---- xen-4.3.0.orig/tools/qemu-xen/ui/Makefile.objs -+++ xen-4.3.0/tools/qemu-xen/ui/Makefile.objs -@@ -4,6 +4,7 @@ - vnc-obj-y += vnc-enc-zrle.o - vnc-obj-$(CONFIG_VNC_TLS) += vnc-tls.o vnc-auth-vencrypt.o - vnc-obj-$(CONFIG_VNC_SASL) += vnc-auth-sasl.o -+vnc-obj-$(CONFIG_VNC_WS) += vnc-ws.o - vnc-obj-y += vnc-jobs.o - - common-obj-y += keymaps.o ---- /dev/null -+++ xen-4.3.0/tools/qemu-xen/ui/vnc-ws.c -@@ -0,0 +1,284 @@ -+/* -+ * QEMU VNC display driver: Websockets support -+ * -+ * Copyright (C) 2010 Joel Martin -+ * Copyright (C) 2012 Tim Hardeck -+ * -+ * This is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 2 of the License, or -+ * (at your option) any later version. -+ * -+ * This software is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this software; if not, see <http://www.gnu.org/licenses/>. -+ */ -+ -+#include "vnc.h" -+ -+void vncws_handshake_read(void *opaque) -+{ -+ VncState *vs = opaque; -+ uint8_t *handshake_end; -+ long ret; -+ buffer_reserve(&vs->ws_input, 4096); -+ ret = vnc_client_read_buf(vs, buffer_end(&vs->ws_input), 4096); -+ -+ if (!ret) { -+ if (vs->csock == -1) { -+ vnc_disconnect_finish(vs); -+ } -+ return; -+ } -+ vs->ws_input.offset += ret; -+ -+ handshake_end = (uint8_t *)g_strstr_len((char *)vs->ws_input.buffer, -+ vs->ws_input.offset, WS_HANDSHAKE_END); -+ if (handshake_end) { -+ qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, NULL, vs); -+ vncws_process_handshake(vs, vs->ws_input.buffer, vs->ws_input.offset); -+ buffer_advance(&vs->ws_input, handshake_end - vs->ws_input.buffer + -+ strlen(WS_HANDSHAKE_END)); -+ } -+} -+ -+ -+long vnc_client_read_ws(VncState *vs) -+{ -+ int ret, err; -+ uint8_t *payload; -+ size_t payload_size, frame_size; -+ VNC_DEBUG("Read websocket %p size %zd offset %zd\n", vs->ws_input.buffer, -+ vs->ws_input.capacity, vs->ws_input.offset); -+ buffer_reserve(&vs->ws_input, 4096); -+ ret = vnc_client_read_buf(vs, buffer_end(&vs->ws_input), 4096); -+ if (!ret) { -+ return 0; -+ } -+ vs->ws_input.offset += ret; -+ -+ /* make sure that nothing is left in the ws_input buffer */ -+ do { -+ err = vncws_decode_frame(&vs->ws_input, &payload, -+ &payload_size, &frame_size); -+ if (err <= 0) { -+ return err; -+ } -+ -+ buffer_reserve(&vs->input, payload_size); -+ buffer_append(&vs->input, payload, payload_size); -+ -+ buffer_advance(&vs->ws_input, frame_size); -+ } while (vs->ws_input.offset > 0); -+ -+ return ret; -+} -+ -+long vnc_client_write_ws(VncState *vs) -+{ -+ long ret; -+ VNC_DEBUG("Write WS: Pending output %p size %zd offset %zd\n", -+ vs->output.buffer, vs->output.capacity, vs->output.offset); -+ vncws_encode_frame(&vs->ws_output, vs->output.buffer, vs->output.offset); -+ buffer_reset(&vs->output); -+ ret = vnc_client_write_buf(vs, vs->ws_output.buffer, vs->ws_output.offset); -+ if (!ret) { -+ return 0; -+ } -+ -+ buffer_advance(&vs->ws_output, ret); -+ -+ if (vs->ws_output.offset == 0) { -+ qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, NULL, vs); -+ } -+ -+ return ret; -+} -+ -+static char *vncws_extract_handshake_entry(const char *handshake, -+ size_t handshake_len, const char *name) -+{ -+ char *begin, *end, *ret = NULL; -+ char *line = g_strdup_printf("%s%s: ", WS_HANDSHAKE_DELIM, name); -+ begin = g_strstr_len(handshake, handshake_len, line); -+ if (begin != NULL) { -+ begin += strlen(line); -+ end = g_strstr_len(begin, handshake_len - (begin - handshake), -+ WS_HANDSHAKE_DELIM); -+ if (end != NULL) { -+ ret = g_strndup(begin, end - begin); -+ } -+ } -+ g_free(line); -+ return ret; -+} -+ -+static void vncws_send_handshake_response(VncState *vs, const char* key) -+{ -+ char combined_key[WS_CLIENT_KEY_LEN + WS_GUID_LEN + 1]; -+ char hash[SHA1_DIGEST_LEN]; -+ size_t hash_size = SHA1_DIGEST_LEN; -+ char *accept = NULL, *response = NULL; -+ gnutls_datum_t in; -+ -+ g_strlcpy(combined_key, key, WS_CLIENT_KEY_LEN + 1); -+ g_strlcat(combined_key, WS_GUID, WS_CLIENT_KEY_LEN + WS_GUID_LEN + 1); -+ -+ /* hash and encode it */ -+ in.data = (void *)combined_key; -+ in.size = WS_CLIENT_KEY_LEN + WS_GUID_LEN; -+ if (gnutls_fingerprint(GNUTLS_DIG_SHA1, &in, hash, &hash_size) -+ == GNUTLS_E_SUCCESS) { -+ accept = g_base64_encode((guchar *)hash, SHA1_DIGEST_LEN); -+ } -+ if (accept == NULL) { -+ VNC_DEBUG("Hashing Websocket combined key failed\n"); -+ vnc_client_error(vs); -+ return; -+ } -+ -+ response = g_strdup_printf(WS_HANDSHAKE, accept); -+ vnc_write(vs, response, strlen(response)); -+ vnc_flush(vs); -+ -+ g_free(accept); -+ g_free(response); -+ -+ vs->encode_ws = 1; -+ vnc_init_state(vs); -+} -+ -+void vncws_process_handshake(VncState *vs, uint8_t *line, size_t size) -+{ -+ char *protocols = vncws_extract_handshake_entry((const char *)line, size, -+ "Sec-WebSocket-Protocol"); -+ char *version = vncws_extract_handshake_entry((const char *)line, size, -+ "Sec-WebSocket-Version"); -+ char *key = vncws_extract_handshake_entry((const char *)line, size, -+ "Sec-WebSocket-Key"); -+ -+ if (protocols && version && key -+ && g_strrstr(protocols, "binary") -+ && !strcmp(version, WS_SUPPORTED_VERSION) -+ && strlen(key) == WS_CLIENT_KEY_LEN) { -+ vncws_send_handshake_response(vs, key); -+ } else { -+ VNC_DEBUG("Defective Websockets header or unsupported protocol\n"); -+ vnc_client_error(vs); -+ } -+ -+ g_free(protocols); -+ g_free(version); -+ g_free(key); -+} -+ -+void vncws_encode_frame(Buffer *output, const void *payload, -+ const size_t payload_size) -+{ -+ size_t header_size = 0; -+ unsigned char opcode = WS_OPCODE_BINARY_FRAME; -+ union { -+ char buf[WS_HEAD_MAX_LEN]; -+ WsHeader ws; -+ } header; -+ -+ if (!payload_size) { -+ return; -+ } -+ -+ header.ws.b0 = 0x80 | (opcode & 0x0f); -+ if (payload_size <= 125) { -+ header.ws.b1 = (uint8_t)payload_size; -+ header_size = 2; -+ } else if (payload_size < 65536) { -+ header.ws.b1 = 0x7e; -+ header.ws.u.s16.l16 = cpu_to_be16((uint16_t)payload_size); -+ header_size = 4; -+ } else { -+ header.ws.b1 = 0x7f; -+ header.ws.u.s64.l64 = cpu_to_be64(payload_size); -+ header_size = 10; -+ } -+ -+ buffer_reserve(output, header_size + payload_size); -+ buffer_append(output, header.buf, header_size); -+ buffer_append(output, payload, payload_size); -+} -+ -+int vncws_decode_frame(Buffer *input, uint8_t **payload, -+ size_t *payload_size, size_t *frame_size) -+{ -+ unsigned char opcode = 0, fin = 0, has_mask = 0; -+ size_t header_size = 0; -+ uint32_t *payload32; -+ WsHeader *header = (WsHeader *)input->buffer; -+ WsMask mask; -+ int i; -+ -+ if (input->offset < WS_HEAD_MIN_LEN + 4) { -+ /* header not complete */ -+ return 0; -+ } -+ -+ fin = (header->b0 & 0x80) >> 7; -+ opcode = header->b0 & 0x0f; -+ has_mask = (header->b1 & 0x80) >> 7; -+ *payload_size = header->b1 & 0x7f; -+ -+ if (opcode == WS_OPCODE_CLOSE) { -+ /* disconnect */ -+ return -1; -+ } -+ -+ /* Websocket frame sanity check: -+ * * Websocket fragmentation is not supported. -+ * * All websockets frames sent by a client have to be masked. -+ * * Only binary encoding is supported. -+ */ -+ if (!fin || !has_mask || opcode != WS_OPCODE_BINARY_FRAME) { -+ VNC_DEBUG("Received faulty/unsupported Websocket frame\n"); -+ return -2; -+ } -+ -+ if (*payload_size < 126) { -+ header_size = 6; -+ mask = header->u.m; -+ } else if (*payload_size == 126 && input->offset >= 8) { -+ *payload_size = be16_to_cpu(header->u.s16.l16); -+ header_size = 8; -+ mask = header->u.s16.m16; -+ } else if (*payload_size == 127 && input->offset >= 14) { -+ *payload_size = be64_to_cpu(header->u.s64.l64); -+ header_size = 14; -+ mask = header->u.s64.m64; -+ } else { -+ /* header not complete */ -+ return 0; -+ } -+ -+ *frame_size = header_size + *payload_size; -+ -+ if (input->offset < *frame_size) { -+ /* frame not complete */ -+ return 0; -+ } -+ -+ *payload = input->buffer + header_size; -+ -+ /* unmask frame */ -+ /* process 1 frame (32 bit op) */ -+ payload32 = (uint32_t *)(*payload); -+ for (i = 0; i < *payload_size / 4; i++) { -+ payload32[i] ^= mask.u; -+ } -+ /* process the remaining bytes (if any) */ -+ for (i *= 4; i < *payload_size; i++) { -+ (*payload)[i] ^= mask.c[i % 4]; -+ } -+ -+ return 1; -+} ---- /dev/null -+++ xen-4.3.0/tools/qemu-xen/ui/vnc-ws.h -@@ -0,0 +1,86 @@ -+/* -+ * QEMU VNC display driver: Websockets support -+ * -+ * Copyright (C) 2010 Joel Martin -+ * Copyright (C) 2012 Tim Hardeck -+ * -+ * This is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 2 of the License, or -+ * (at your option) any later version. -+ * -+ * This software is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this software; if not, see <http://www.gnu.org/licenses/>. -+ */ -+ -+#ifndef __QEMU_UI_VNC_WS_H -+#define __QEMU_UI_VNC_WS_H -+ -+#include <gnutls/gnutls.h> -+ -+#define B64LEN(__x) (((__x + 2) / 3) * 12 / 3) -+#define SHA1_DIGEST_LEN 20 -+ -+#define WS_ACCEPT_LEN (B64LEN(SHA1_DIGEST_LEN) + 1) -+#define WS_CLIENT_KEY_LEN 24 -+#define WS_GUID "258EAFA5-E914-47DA-95CA-C5AB0DC85B11" -+#define WS_GUID_LEN strlen(WS_GUID) -+ -+#define WS_HANDSHAKE "HTTP/1.1 101 Switching Protocols\r\n\ -+Upgrade: websocket\r\n\ -+Connection: Upgrade\r\n\ -+Sec-WebSocket-Accept: %s\r\n\ -+Sec-WebSocket-Protocol: binary\r\n\ -+\r\n" -+#define WS_HANDSHAKE_DELIM "\r\n" -+#define WS_HANDSHAKE_END "\r\n\r\n" -+#define WS_SUPPORTED_VERSION "13" -+ -+#define WS_HEAD_MIN_LEN sizeof(uint16_t) -+#define WS_HEAD_MAX_LEN (WS_HEAD_MIN_LEN + sizeof(uint64_t) + sizeof(uint32_t)) -+ -+typedef union WsMask { -+ char c[4]; -+ uint32_t u; -+} WsMask; -+ -+typedef struct QEMU_PACKED WsHeader { -+ unsigned char b0; -+ unsigned char b1; -+ union { -+ struct QEMU_PACKED { -+ uint16_t l16; -+ WsMask m16; -+ } s16; -+ struct QEMU_PACKED { -+ uint64_t l64; -+ WsMask m64; -+ } s64; -+ WsMask m; -+ } u; -+} WsHeader; -+ -+enum { -+ WS_OPCODE_CONTINUATION = 0x0, -+ WS_OPCODE_TEXT_FRAME = 0x1, -+ WS_OPCODE_BINARY_FRAME = 0x2, -+ WS_OPCODE_CLOSE = 0x8, -+ WS_OPCODE_PING = 0x9, -+ WS_OPCODE_PONG = 0xA -+}; -+ -+void vncws_handshake_read(void *opaque); -+long vnc_client_write_ws(VncState *vs); -+long vnc_client_read_ws(VncState *vs); -+void vncws_process_handshake(VncState *vs, uint8_t *line, size_t size); -+void vncws_encode_frame(Buffer *output, const void *payload, -+ const size_t payload_size); -+int vncws_decode_frame(Buffer *input, uint8_t **payload, -+ size_t *payload_size, size_t *frame_size); -+ -+#endif /* __QEMU_UI_VNC_WS_H */ ---- xen-4.3.0.orig/tools/qemu-xen/ui/vnc.c -+++ xen-4.3.0/tools/qemu-xen/ui/vnc.c -@@ -420,7 +420,6 @@ - static int vnc_update_client(VncState *vs, int has_dirty); - static int vnc_update_client_sync(VncState *vs, int has_dirty); - static void vnc_disconnect_start(VncState *vs); --static void vnc_disconnect_finish(VncState *vs); - static void vnc_init_timer(VncDisplay *vd); - static void vnc_remove_timer(VncDisplay *vd); - -@@ -486,7 +485,7 @@ - return buffer->offset == 0; - } - --static uint8_t *buffer_end(Buffer *buffer) -+uint8_t *buffer_end(Buffer *buffer) - { - return buffer->buffer + buffer->offset; - } -@@ -510,6 +509,13 @@ - buffer->offset += len; - } - -+void buffer_advance(Buffer *buf, size_t len) -+{ -+ memmove(buf->buffer, buf->buffer + len, -+ (buf->offset - len)); -+ buf->offset -= len; -+} -+ - static void vnc_desktop_resize(VncState *vs) - { - DisplayState *ds = vs->ds; -@@ -1016,7 +1022,7 @@ - vs->csock = -1; - } - --static void vnc_disconnect_finish(VncState *vs) -+void vnc_disconnect_finish(VncState *vs) - { - int i; - -@@ -1027,6 +1033,10 @@ - - buffer_free(&vs->input); - buffer_free(&vs->output); -+#ifdef CONFIG_VNC_WS -+ buffer_free(&vs->ws_input); -+ buffer_free(&vs->ws_output); -+#endif /* CONFIG_VNC_WS */ - - qobject_decref(vs->info); - -@@ -1166,8 +1176,7 @@ - if (!ret) - return 0; - -- memmove(vs->output.buffer, vs->output.buffer + ret, (vs->output.offset - ret)); -- vs->output.offset -= ret; -+ buffer_advance(&vs->output, ret); - - if (vs->output.offset == 0) { - qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, NULL, vs); -@@ -1193,7 +1202,16 @@ - vnc_client_write_sasl(vs); - } else - #endif /* CONFIG_VNC_SASL */ -- vnc_client_write_plain(vs); -+ { -+#ifdef CONFIG_VNC_WS -+ if (vs->encode_ws) { -+ vnc_client_write_ws(vs); -+ } else -+#endif /* CONFIG_VNC_WS */ -+ { -+ vnc_client_write_plain(vs); -+ } -+ } - } - - void vnc_client_write(void *opaque) -@@ -1201,7 +1219,11 @@ - VncState *vs = opaque; - - vnc_lock_output(vs); -- if (vs->output.offset) { -+ if (vs->output.offset -+#ifdef CONFIG_VNC_WS -+ || vs->ws_output.offset -+#endif -+ ) { - vnc_client_write_locked(opaque); - } else if (vs->csock != -1) { - qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, NULL, vs); -@@ -1295,7 +1317,21 @@ - ret = vnc_client_read_sasl(vs); - else - #endif /* CONFIG_VNC_SASL */ -+#ifdef CONFIG_VNC_WS -+ if (vs->encode_ws) { -+ ret = vnc_client_read_ws(vs); -+ if (ret == -1) { -+ vnc_disconnect_start(vs); -+ return; -+ } else if (ret == -2) { -+ vnc_client_error(vs); -+ return; -+ } -+ } else -+#endif /* CONFIG_VNC_WS */ -+ { - ret = vnc_client_read_plain(vs); -+ } - if (!ret) { - if (vs->csock == -1) - vnc_disconnect_finish(vs); -@@ -1313,8 +1349,7 @@ - } - - if (!ret) { -- memmove(vs->input.buffer, vs->input.buffer + len, (vs->input.offset - len)); -- vs->input.offset -= len; -+ buffer_advance(&vs->input, len); - } else { - vs->read_handler_expect = ret; - } -@@ -1367,7 +1402,11 @@ - void vnc_flush(VncState *vs) - { - vnc_lock_output(vs); -- if (vs->csock != -1 && vs->output.offset) { -+ if (vs->csock != -1 && (vs->output.offset -+#ifdef CONFIG_VNC_WS -+ || vs->ws_output.offset -+#endif -+ )) { - vnc_client_write_locked(vs); - } - vnc_unlock_output(vs); -@@ -2657,7 +2696,7 @@ - } - } - --static void vnc_connect(VncDisplay *vd, int csock, int skipauth) -+static void vnc_connect(VncDisplay *vd, int csock, int skipauth, bool websocket) - { - VncState *vs = g_malloc0(sizeof(VncState)); - int i; -@@ -2684,13 +2723,34 @@ - VNC_DEBUG("New client on socket %d\n", csock); - dcl->idle = 0; - socket_set_nonblock(vs->csock); -- qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, NULL, vs); -+#ifdef CONFIG_VNC_WS -+ if (websocket) { -+ vs->websocket = 1; -+ qemu_set_fd_handler2(vs->csock, NULL, vncws_handshake_read, NULL, vs); -+ } else -+#endif /* CONFIG_VNC_WS */ -+ { -+ qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, NULL, vs); -+ } - - vnc_client_cache_addr(vs); - vnc_qmp_event(vs, QEVENT_VNC_CONNECTED); - vnc_set_share_mode(vs, VNC_SHARE_MODE_CONNECTING); - - vs->vd = vd; -+ -+#ifdef CONFIG_VNC_WS -+ if (!vs->websocket) -+#endif -+ { -+ vnc_init_state(vs); -+ } -+} -+ -+void vnc_init_state(VncState *vs) -+{ -+ VncDisplay *vd = vs->vd; -+ - vs->ds = vd->ds; - vs->last_x = -1; - vs->last_y = -1; -@@ -2722,21 +2782,41 @@ - /* vs might be free()ed here */ - } - --static void vnc_listen_read(void *opaque) -+static void vnc_listen_read(void *opaque, bool websocket) - { - VncDisplay *vs = opaque; - struct sockaddr_in addr; - socklen_t addrlen = sizeof(addr); -+ int csock; - - /* Catch-up */ - vga_hw_update(); -+#ifdef CONFIG_VNC_WS -+ if (websocket) { -+ csock = qemu_accept(vs->lwebsock, (struct sockaddr *)&addr, &addrlen); -+ } else -+#endif /* CONFIG_VNC_WS */ -+ { -+ csock = qemu_accept(vs->lsock, (struct sockaddr *)&addr, &addrlen); -+ } - -- int csock = qemu_accept(vs->lsock, (struct sockaddr *)&addr, &addrlen); - if (csock != -1) { -- vnc_connect(vs, csock, 0); -+ vnc_connect(vs, csock, 0, websocket); - } - } - -+static void vnc_listen_regular_read(void *opaque) -+{ -+ vnc_listen_read(opaque, 0); -+} -+ -+#ifdef CONFIG_VNC_WS -+static void vnc_listen_websocket_read(void *opaque) -+{ -+ vnc_listen_read(opaque, 1); -+} -+#endif /* CONFIG_VNC_WS */ -+ - void vnc_display_init(DisplayState *ds) - { - VncDisplay *vs = g_malloc0(sizeof(*vs)); -@@ -2748,6 +2828,9 @@ - vnc_display = vs; - - vs->lsock = -1; -+#ifdef CONFIG_VNC_WS -+ vs->lwebsock = -1; -+#endif - - vs->ds = ds; - QTAILQ_INIT(&vs->clients); -@@ -2789,6 +2872,15 @@ - close(vs->lsock); - vs->lsock = -1; - } -+#ifdef CONFIG_VNC_WS -+ g_free(vs->ws_display); -+ vs->ws_display = NULL; -+ if (vs->lwebsock != -1) { -+ qemu_set_fd_handler2(vs->lwebsock, NULL, NULL, NULL, NULL); -+ close(vs->lwebsock); -+ vs->lwebsock = -1; -+ } -+#endif /* CONFIG_VNC_WS */ - vs->auth = VNC_AUTH_INVALID; - #ifdef CONFIG_VNC_TLS - vs->subauth = VNC_AUTH_INVALID; -@@ -2910,6 +3002,36 @@ - } else if (strncmp(options, "sasl", 4) == 0) { - sasl = 1; /* Require SASL auth */ - #endif -+#ifdef CONFIG_VNC_WS -+ } else if (strncmp(options, "websocket", 9) == 0) { -+ char *start, *end; -+ vs->websocket = 1; -+ -+ /* Check for 'websocket=<port>' */ -+ start = strchr(options, '='); -+ end = strchr(options, ','); -+ if (start && (!end || (start < end))) { -+ int len = end ? end-(start+1) : strlen(start+1); -+ if (len < 6) { -+ /* extract the host specification from display */ -+ char *host = NULL, *port = NULL, *host_end = NULL; -+ port = g_strndup(start + 1, len); -+ -+ /* ipv6 hosts have colons */ -+ end = strchr(display, ','); -+ host_end = g_strrstr_len(display, end - display, ":"); -+ -+ if (host_end) { -+ host = g_strndup(display, host_end - display + 1); -+ } else { -+ host = g_strndup(":", 1); -+ } -+ vs->ws_display = g_strconcat(host, port, NULL); -+ g_free(host); -+ g_free(port); -+ } -+ } -+#endif /* CONFIG_VNC_WS */ - #ifdef CONFIG_VNC_TLS - } else if (strncmp(options, "tls", 3) == 0) { - tls = 1; /* Require TLS */ -@@ -3068,6 +3190,9 @@ - /* connect to viewer */ - int csock; - vs->lsock = -1; -+#ifdef CONFIG_VNC_WS -+ vs->lwebsock = -1; -+#endif - if (strncmp(display, "unix:", 5) == 0) { - csock = unix_connect(display+5, errp); - } else { -@@ -3076,7 +3201,7 @@ - if (csock < 0) { - goto fail; - } -- vnc_connect(vs, csock, 0); -+ vnc_connect(vs, csock, 0, 0); - } else { - /* listen for connects */ - char *dpy; -@@ -3087,25 +3212,54 @@ - } else { - vs->lsock = inet_listen(display, dpy, 256, - SOCK_STREAM, 5900, errp); -+ if (vs->lsock < 0) { -+ g_free(dpy); -+ goto fail; -+ } -+#ifdef CONFIG_VNC_WS -+ if (vs->websocket) { -+ if (vs->ws_display) { -+ vs->lwebsock = inet_listen(vs->ws_display, NULL, 256, -+ SOCK_STREAM, 0, errp); -+ } else { -+ vs->lwebsock = inet_listen(vs->display, NULL, 256, -+ SOCK_STREAM, 5700, errp); -+ } -+ -+ if (vs->lwebsock < 0) { -+ if (vs->lsock) { -+ close(vs->lsock); -+ vs->lsock = -1; -+ } -+ g_free(dpy); -+ goto fail; -+ } -+ } -+#endif /* CONFIG_VNC_WS */ - } -- if (vs->lsock < 0) { -- g_free(dpy); -- goto fail; -- } - g_free(vs->display); - vs->display = dpy; -- qemu_set_fd_handler2(vs->lsock, NULL, vnc_listen_read, NULL, vs); -+ qemu_set_fd_handler2(vs->lsock, NULL, vnc_listen_regular_read, NULL, vs); -+#ifdef CONFIG_VNC_WS -+ if (vs->websocket) { -+ qemu_set_fd_handler2(vs->lwebsock, NULL, vnc_listen_websocket_read, NULL, vs); -+ } -+#endif - } - return; - - fail: - g_free(vs->display); - vs->display = NULL; -+#ifdef CONFIG_VNC_WS -+ g_free(vs->ws_display); -+ vs->ws_display = NULL; -+#endif /* CONFIG_VNC_WS */ - } - - void vnc_display_add_client(DisplayState *ds, int csock, int skipauth) - { - VncDisplay *vs = ds ? (VncDisplay *)ds->opaque : vnc_display; - -- vnc_connect(vs, csock, skipauth); -+ vnc_connect(vs, csock, skipauth, 0); - } ---- xen-4.3.0.orig/tools/qemu-xen/ui/vnc.h -+++ xen-4.3.0/tools/qemu-xen/ui/vnc.h -@@ -99,6 +99,9 @@ - #ifdef CONFIG_VNC_SASL - #include "vnc-auth-sasl.h" - #endif -+#ifdef CONFIG_VNC_WS -+#include "vnc-ws.h" -+#endif - - struct VncRectStat - { -@@ -142,6 +145,11 @@ - QEMUTimer *timer; - int timer_interval; - int lsock; -+#ifdef CONFIG_VNC_WS -+ int lwebsock; -+ bool websocket; -+ char *ws_display; -+#endif - DisplayState *ds; - kbd_layout_t *kbd_layout; - int lock_key_sync; -@@ -269,11 +277,19 @@ - #ifdef CONFIG_VNC_SASL - VncStateSASL sasl; - #endif -+#ifdef CONFIG_VNC_WS -+ bool encode_ws; -+ bool websocket; -+#endif - - QObject *info; - - Buffer output; - Buffer input; -+#ifdef CONFIG_VNC_WS -+ Buffer ws_input; -+ Buffer ws_output; -+#endif - /* current output mode information */ - VncWritePixels *write_pixels; - PixelFormat client_pf; -@@ -493,6 +509,8 @@ - void vnc_write_u8(VncState *vs, uint8_t value); - void vnc_flush(VncState *vs); - void vnc_read_when(VncState *vs, VncReadEvent *func, size_t expecting); -+void vnc_disconnect_finish(VncState *vs); -+void vnc_init_state(VncState *vs); - - - /* Buffer I/O functions */ -@@ -510,7 +528,8 @@ - void buffer_reset(Buffer *buffer); - void buffer_free(Buffer *buffer); - void buffer_append(Buffer *buffer, const void *data, size_t len); -- -+void buffer_advance(Buffer *buf, size_t len); -+uint8_t *buffer_end(Buffer *buffer); - - /* Misc helpers */ - diff --git a/main/xen/qemu-xen_paths.patch b/main/xen/qemu-xen_paths.patch deleted file mode 100644 index 1a17fc6bed..0000000000 --- a/main/xen/qemu-xen_paths.patch +++ /dev/null @@ -1,15 +0,0 @@ -diff --git a/tools/Makefile b/tools/Makefile -index 0edeb62..d5d02e8 100644 ---- a/tools/Makefile -+++ b/tools/Makefile -@@ -166,6 +166,9 @@ subdir-all-qemu-xen-dir: qemu-xen-dir-find - -L$(XEN_ROOT)/tools/xenstore" \ - --bindir=$(LIBEXEC) \ - --datadir=$(SHAREDIR)/qemu-xen \ -+ --mandir=$(PREFIX)/share/man \ -+ --docdir=$(PREFIX)/share/doc \ -+ --sysconfdir=/etc/qemu \ - --disable-kvm \ - --python=$(PYTHON) \ - $(IOEMU_CONFIGURE_CROSS); \ - diff --git a/main/xen/xsa41.patch b/main/xen/xsa41.patch deleted file mode 100644 index 782183946d..0000000000 --- a/main/xen/xsa41.patch +++ /dev/null @@ -1,72 +0,0 @@ -From b0d9ffcd0251161c7c92f94804dcf599dfa3edeb Mon Sep 17 00:00:00 2001 -From: Michael Contreras <michael@inetric.com> -Date: Sun, 2 Dec 2012 20:11:22 -0800 -Subject: [PATCH] e1000: Discard packets that are too long if !SBP and !LPE - -The e1000_receive function for the e1000 needs to discard packets longer than -1522 bytes if the SBP and LPE flags are disabled. The linux driver assumes -this behavior and allocates memory based on this assumption. - -Signed-off-by: Michael Contreras <michael@inetric.com> -Signed-off-by: Anthony Liguori <aliguori@us.ibm.com> ---- - -diff --git a/tools/qemu-xen/hw/e1000.c b/tools/qemu-xen/hw/e1000.c -index cb7e7e8..5537ad2 100644 ---- a/tools/qemu-xen/hw/e1000.c -+++ b/tools/qemu-xen/hw/e1000.c -@@ -59,6 +59,9 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL); - #define PNPMMIO_SIZE 0x20000 - #define MIN_BUF_SIZE 60 /* Min. octets in an ethernet frame sans FCS */ - -+/* this is the size past which hardware will drop packets when setting LPE=0 */ -+#define MAXIMUM_ETHERNET_VLAN_SIZE 1522 -+ - /* - * HW models: - * E1000_DEV_ID_82540EM works with Windows and Linux -@@ -805,6 +808,13 @@ e1000_receive(NetClientState *nc, const uint8_t *buf, size_t size) - size = sizeof(min_buf); - } - -+ /* Discard oversized packets if !LPE and !SBP. */ -+ if (size > MAXIMUM_ETHERNET_VLAN_SIZE -+ && !(s->mac_reg[RCTL] & E1000_RCTL_LPE) -+ && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { -+ return size; -+ } -+ - if (!receive_filter(s, buf, size)) - return size; - -diff --git a/tools/qemu-xen-traditional/hw/e1000.c b/tools/qemu-xen-traditional/hw/e1000.c -index cb7e7e8..5537ad2 100644 ---- a/tools/qemu-xen-traditional/hw/e1000.c -+++ b/tools/qemu-xen-traditional/hw/e1000.c -@@ -59,6 +59,9 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL); - #define PNPMMIO_SIZE 0x20000 - #define MIN_BUF_SIZE 60 /* Min. octets in an ethernet frame sans FCS */ - -+/* this is the size past which hardware will drop packets when setting LPE=0 */ -+#define MAXIMUM_ETHERNET_VLAN_SIZE 1522 -+ - /* - * HW models: - * E1000_DEV_ID_82540EM works with Windows and Linux -@@ -805,6 +808,13 @@ e1000_receive(NetClientState *nc, const uint8_t *buf, size_t size) - size = sizeof(min_buf); - } - -+ /* Discard oversized packets if !LPE and !SBP. */ -+ if (size > MAXIMUM_ETHERNET_VLAN_SIZE -+ && !(s->mac_reg[RCTL] & E1000_RCTL_LPE) -+ && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { -+ return size; -+ } -+ - if (!receive_filter(s, buf, size)) - return size; - --- -1.7.0.4 - diff --git a/main/xen/xsa41b.patch b/main/xen/xsa41b.patch deleted file mode 100644 index b599c2a5d5..0000000000 --- a/main/xen/xsa41b.patch +++ /dev/null @@ -1,67 +0,0 @@ -From 70454385eeee6f0b3f7a9eddca9f7340b5060824 Mon Sep 17 00:00:00 2001 -From: Michael Contreras <michael@inetric.com> -Date: Thu, 17 Jan 2013 11:49:37 +0000 -Subject: [PATCH] e1000: Discard oversized packets based on SBP|LPE - -Discard packets longer than 16384 when !SBP to match the hardware behavior. - -upstream-commit-id: 2c0331f4f7d241995452b99afaf0aab00493334a -security-tags: XSA-41, CVE-2012-6075 -This is the second of two security fixes for XSA-41. - -Signed-off-by: Michael Contreras <michael@inetric.com> -Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> ---- -diff --git a/tools/qemu-xen/hw/e1000.c b/tools/qemu-xen/hw/e1000.c -index 37d207e..a5e67a8 100644 ---- a/tools/qemu-xen/hw/e1000.c -+++ b/tools/qemu-xen/hw/e1000.c -@@ -61,6 +61,8 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL); - - /* this is the size past which hardware will drop packets when setting LPE=0 */ - #define MAXIMUM_ETHERNET_VLAN_SIZE 1522 -+/* this is the size past which hardware will drop packets when setting LPE=1 */ -+#define MAXIMUM_ETHERNET_LPE_SIZE 16384 - - /* - * HW models: -@@ -697,8 +699,9 @@ e1000_receive(VLANClientState *nc, const uint8_t *buf, size_t size) - } - - /* Discard oversized packets if !LPE and !SBP. */ -- if (size > MAXIMUM_ETHERNET_VLAN_SIZE -- && !(s->mac_reg[RCTL] & E1000_RCTL_LPE) -+ if ((size > MAXIMUM_ETHERNET_LPE_SIZE || -+ (size > MAXIMUM_ETHERNET_VLAN_SIZE -+ && !(s->mac_reg[RCTL] & E1000_RCTL_LPE))) - && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { - return size; - } -diff --git a/tools/qemu-xen-traditional/hw/e1000.c b/tools/qemu-xen-traditional/hw/e1000.c -index 37d207e..a5e67a8 100644 ---- a/tools/qemu-xen-traditional/hw/e1000.c -+++ b/tools/qemu-xen-traditional/hw/e1000.c -@@ -61,6 +61,8 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL); - - /* this is the size past which hardware will drop packets when setting LPE=0 */ - #define MAXIMUM_ETHERNET_VLAN_SIZE 1522 -+/* this is the size past which hardware will drop packets when setting LPE=1 */ -+#define MAXIMUM_ETHERNET_LPE_SIZE 16384 - - /* - * HW models: -@@ -697,8 +699,9 @@ e1000_receive(VLANClientState *nc, const uint8_t *buf, size_t size) - } - - /* Discard oversized packets if !LPE and !SBP. */ -- if (size > MAXIMUM_ETHERNET_VLAN_SIZE -- && !(s->mac_reg[RCTL] & E1000_RCTL_LPE) -+ if ((size > MAXIMUM_ETHERNET_LPE_SIZE || -+ (size > MAXIMUM_ETHERNET_VLAN_SIZE -+ && !(s->mac_reg[RCTL] & E1000_RCTL_LPE))) - && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { - return size; - } --- -1.7.2.5 - diff --git a/main/xen/xsa41c.patch b/main/xen/xsa41c.patch deleted file mode 100644 index d346937817..0000000000 --- a/main/xen/xsa41c.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 2a1354d655d816feaad7dbdb8364f40a208439c1 Mon Sep 17 00:00:00 2001 -From: Ian Jackson <ian.jackson@eu.citrix.com> -Date: Thu, 17 Jan 2013 15:52:16 +0000 -Subject: [PATCH] e1000: fix compile warning introduced by security fix, and debugging - -e33f918c19e393900b95a2bb6b10668dfe96a8f2, the fix for XSA-41, -and its cherry picks in 4.2 and 4.1 introduced this compiler warning: - hw/e1000.c:641: warning: 'return' with a value, in function returning void - -In upstream qemu (where this change came from), e1000_receive returns -a value used by queueing machinery to decide whether to try -resubmitting the packet later. Returning "size" means that the packet -has been dealt with and should not be retried. - -In this old branch (aka qemu-xen-traditional), this machinery is -absent and e1000_receive returns void. Fix the return statement. - -Also add a debugging statement along the lines of the others in this -function. - -Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com> ---- -diff --git a/tools/qemu-xen-traditional/hw/e1000.c b/tools/qemu-xen-traditional/hw/e1000.c -index 67d2651..c75bc5e 100644 ---- a/tools/qemu-xen-traditional/hw/e1000.c -+++ b/tools/qemu-xen-traditional/hw/e1000.c -@@ -638,7 +638,8 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) - (size > MAXIMUM_ETHERNET_VLAN_SIZE - && !(s->mac_reg[RCTL] & E1000_RCTL_LPE))) - && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { -- return size; -+ DBGOUT(RX, "packet too large for applicable LPE/VLAN size\n"); -+ return; - } - - if (!receive_filter(s, buf, size)) --- -1.7.2.5 - diff --git a/main/xen/xsa97-hap-4_3.patch b/main/xen/xsa97-hap-4_3.patch deleted file mode 100644 index 6d7c1d36eb..0000000000 --- a/main/xen/xsa97-hap-4_3.patch +++ /dev/null @@ -1,485 +0,0 @@ -x86/paging: make log-dirty operations preemptible - -Both the freeing and the inspection of the bitmap get done in (nested) -loops which - besides having a rather high iteration count in general, -albeit that would be covered by XSA-77 - have the number of non-trivial -iterations they need to perform (indirectly) controllable by both the -guest they are for and any domain controlling the guest (including the -one running qemu for it). - -This is XSA-97. - -Signed-off-by: Jan Beulich <jbeulich@suse.com> -Reviewed-by: Tim Deegan <tim@xen.org> - ---- a/xen/arch/x86/domain.c -+++ b/xen/arch/x86/domain.c -@@ -1867,7 +1867,9 @@ int domain_relinquish_resources(struct d - pci_release_devices(d); - - /* Tear down paging-assistance stuff. */ -- paging_teardown(d); -+ ret = paging_teardown(d); -+ if ( ret ) -+ return ret; - - /* Drop the in-use references to page-table bases. */ - for_each_vcpu ( d, v ) ---- a/xen/arch/x86/domctl.c -+++ b/xen/arch/x86/domctl.c -@@ -61,6 +61,9 @@ long arch_do_domctl( - ret = paging_domctl(d, - &domctl->u.shadow_op, - guest_handle_cast(u_domctl, void)); -+ if ( ret == -EAGAIN ) -+ return hypercall_create_continuation(__HYPERVISOR_domctl, -+ "h", u_domctl); - copyback = 1; - } - break; ---- a/xen/arch/x86/mm/hap/hap.c -+++ b/xen/arch/x86/mm/hap/hap.c -@@ -565,8 +565,7 @@ int hap_domctl(struct domain *d, xen_dom - paging_unlock(d); - if ( preempted ) - /* Not finished. Set up to re-run the call. */ -- rc = hypercall_create_continuation(__HYPERVISOR_domctl, "h", -- u_domctl); -+ rc = -EAGAIN; - else - /* Finished. Return the new allocation */ - sc->mb = hap_get_allocation(d); ---- a/xen/arch/x86/mm/paging.c -+++ b/xen/arch/x86/mm/paging.c -@@ -26,6 +26,7 @@ - #include <asm/shadow.h> - #include <asm/p2m.h> - #include <asm/hap.h> -+#include <asm/event.h> - #include <asm/hvm/nestedhvm.h> - #include <xen/numa.h> - #include <xsm/xsm.h> -@@ -116,26 +117,46 @@ static void paging_free_log_dirty_page(s - d->arch.paging.free_page(d, mfn_to_page(mfn)); - } - --void paging_free_log_dirty_bitmap(struct domain *d) -+static int paging_free_log_dirty_bitmap(struct domain *d, int rc) - { - mfn_t *l4, *l3, *l2; - int i4, i3, i2; - -+ paging_lock(d); -+ - if ( !mfn_valid(d->arch.paging.log_dirty.top) ) -- return; -+ { -+ paging_unlock(d); -+ return 0; -+ } - -- paging_lock(d); -+ if ( !d->arch.paging.preempt.vcpu ) -+ { -+ memset(&d->arch.paging.preempt.log_dirty, 0, -+ sizeof(d->arch.paging.preempt.log_dirty)); -+ ASSERT(rc <= 0); -+ d->arch.paging.preempt.log_dirty.done = -rc; -+ } -+ else if ( d->arch.paging.preempt.vcpu != current || -+ d->arch.paging.preempt.op != XEN_DOMCTL_SHADOW_OP_OFF ) -+ { -+ paging_unlock(d); -+ return -EBUSY; -+ } - - l4 = map_domain_page(mfn_x(d->arch.paging.log_dirty.top)); -+ i4 = d->arch.paging.preempt.log_dirty.i4; -+ i3 = d->arch.paging.preempt.log_dirty.i3; -+ rc = 0; - -- for ( i4 = 0; i4 < LOGDIRTY_NODE_ENTRIES; i4++ ) -+ for ( ; i4 < LOGDIRTY_NODE_ENTRIES; i4++, i3 = 0 ) - { - if ( !mfn_valid(l4[i4]) ) - continue; - - l3 = map_domain_page(mfn_x(l4[i4])); - -- for ( i3 = 0; i3 < LOGDIRTY_NODE_ENTRIES; i3++ ) -+ for ( ; i3 < LOGDIRTY_NODE_ENTRIES; i3++ ) - { - if ( !mfn_valid(l3[i3]) ) - continue; -@@ -148,20 +169,54 @@ void paging_free_log_dirty_bitmap(struct - - unmap_domain_page(l2); - paging_free_log_dirty_page(d, l3[i3]); -+ l3[i3] = _mfn(INVALID_MFN); -+ -+ if ( i3 < LOGDIRTY_NODE_ENTRIES - 1 && hypercall_preempt_check() ) -+ { -+ d->arch.paging.preempt.log_dirty.i3 = i3 + 1; -+ d->arch.paging.preempt.log_dirty.i4 = i4; -+ rc = -EAGAIN; -+ break; -+ } - } - - unmap_domain_page(l3); -+ if ( rc ) -+ break; - paging_free_log_dirty_page(d, l4[i4]); -+ l4[i4] = _mfn(INVALID_MFN); -+ -+ if ( i4 < LOGDIRTY_NODE_ENTRIES - 1 && hypercall_preempt_check() ) -+ { -+ d->arch.paging.preempt.log_dirty.i3 = 0; -+ d->arch.paging.preempt.log_dirty.i4 = i4 + 1; -+ rc = -EAGAIN; -+ break; -+ } - } - - unmap_domain_page(l4); -- paging_free_log_dirty_page(d, d->arch.paging.log_dirty.top); -- d->arch.paging.log_dirty.top = _mfn(INVALID_MFN); - -- ASSERT(d->arch.paging.log_dirty.allocs == 0); -- d->arch.paging.log_dirty.failed_allocs = 0; -+ if ( !rc ) -+ { -+ paging_free_log_dirty_page(d, d->arch.paging.log_dirty.top); -+ d->arch.paging.log_dirty.top = _mfn(INVALID_MFN); -+ -+ ASSERT(d->arch.paging.log_dirty.allocs == 0); -+ d->arch.paging.log_dirty.failed_allocs = 0; -+ -+ rc = -d->arch.paging.preempt.log_dirty.done; -+ d->arch.paging.preempt.vcpu = NULL; -+ } -+ else -+ { -+ d->arch.paging.preempt.vcpu = current; -+ d->arch.paging.preempt.op = XEN_DOMCTL_SHADOW_OP_OFF; -+ } - - paging_unlock(d); -+ -+ return rc; - } - - int paging_log_dirty_enable(struct domain *d) -@@ -178,15 +233,25 @@ int paging_log_dirty_enable(struct domai - return ret; - } - --int paging_log_dirty_disable(struct domain *d) -+static int paging_log_dirty_disable(struct domain *d, bool_t resuming) - { -- int ret; -+ int ret = 1; -+ -+ if ( !resuming ) -+ { -+ domain_pause(d); -+ /* Safe because the domain is paused. */ -+ ret = d->arch.paging.log_dirty.disable_log_dirty(d); -+ ASSERT(ret <= 0); -+ } - -- domain_pause(d); -- /* Safe because the domain is paused. */ -- ret = d->arch.paging.log_dirty.disable_log_dirty(d); - if ( !paging_mode_log_dirty(d) ) -- paging_free_log_dirty_bitmap(d); -+ { -+ ret = paging_free_log_dirty_bitmap(d, ret); -+ if ( ret == -EAGAIN ) -+ return ret; -+ } -+ - domain_unpause(d); - - return ret; -@@ -326,7 +391,9 @@ int paging_mfn_is_dirty(struct domain *d - - /* Read a domain's log-dirty bitmap and stats. If the operation is a CLEAN, - * clear the bitmap and stats as well. */ --int paging_log_dirty_op(struct domain *d, struct xen_domctl_shadow_op *sc) -+static int paging_log_dirty_op(struct domain *d, -+ struct xen_domctl_shadow_op *sc, -+ bool_t resuming) - { - int rv = 0, clean = 0, peek = 1; - unsigned long pages = 0; -@@ -334,9 +401,22 @@ int paging_log_dirty_op(struct domain *d - unsigned long *l1 = NULL; - int i4, i3, i2; - -- domain_pause(d); -+ if ( !resuming ) -+ domain_pause(d); - paging_lock(d); - -+ if ( !d->arch.paging.preempt.vcpu ) -+ memset(&d->arch.paging.preempt.log_dirty, 0, -+ sizeof(d->arch.paging.preempt.log_dirty)); -+ else if ( d->arch.paging.preempt.vcpu != current || -+ d->arch.paging.preempt.op != sc->op ) -+ { -+ paging_unlock(d); -+ ASSERT(!resuming); -+ domain_unpause(d); -+ return -EBUSY; -+ } -+ - clean = (sc->op == XEN_DOMCTL_SHADOW_OP_CLEAN); - - PAGING_DEBUG(LOGDIRTY, "log-dirty %s: dom %u faults=%u dirty=%u\n", -@@ -365,17 +445,15 @@ int paging_log_dirty_op(struct domain *d - goto out; - } - -- pages = 0; - l4 = paging_map_log_dirty_bitmap(d); -+ i4 = d->arch.paging.preempt.log_dirty.i4; -+ i3 = d->arch.paging.preempt.log_dirty.i3; -+ pages = d->arch.paging.preempt.log_dirty.done; - -- for ( i4 = 0; -- (pages < sc->pages) && (i4 < LOGDIRTY_NODE_ENTRIES); -- i4++ ) -+ for ( ; (pages < sc->pages) && (i4 < LOGDIRTY_NODE_ENTRIES); i4++, i3 = 0 ) - { - l3 = (l4 && mfn_valid(l4[i4])) ? map_domain_page(mfn_x(l4[i4])) : NULL; -- for ( i3 = 0; -- (pages < sc->pages) && (i3 < LOGDIRTY_NODE_ENTRIES); -- i3++ ) -+ for ( ; (pages < sc->pages) && (i3 < LOGDIRTY_NODE_ENTRIES); i3++ ) - { - l2 = ((l3 && mfn_valid(l3[i3])) ? - map_domain_page(mfn_x(l3[i3])) : NULL); -@@ -410,18 +488,51 @@ int paging_log_dirty_op(struct domain *d - } - if ( l2 ) - unmap_domain_page(l2); -+ -+ if ( i3 < LOGDIRTY_NODE_ENTRIES - 1 && hypercall_preempt_check() ) -+ { -+ d->arch.paging.preempt.log_dirty.i4 = i4; -+ d->arch.paging.preempt.log_dirty.i3 = i3 + 1; -+ rv = -EAGAIN; -+ break; -+ } - } - if ( l3 ) - unmap_domain_page(l3); -+ -+ if ( !rv && i4 < LOGDIRTY_NODE_ENTRIES - 1 && -+ hypercall_preempt_check() ) -+ { -+ d->arch.paging.preempt.log_dirty.i4 = i4 + 1; -+ d->arch.paging.preempt.log_dirty.i3 = 0; -+ rv = -EAGAIN; -+ } -+ if ( rv ) -+ break; - } - if ( l4 ) - unmap_domain_page(l4); - -- if ( pages < sc->pages ) -- sc->pages = pages; -+ if ( !rv ) -+ d->arch.paging.preempt.vcpu = NULL; -+ else -+ { -+ d->arch.paging.preempt.vcpu = current; -+ d->arch.paging.preempt.op = sc->op; -+ d->arch.paging.preempt.log_dirty.done = pages; -+ } - - paging_unlock(d); - -+ if ( rv ) -+ { -+ /* Never leave the domain paused for other errors. */ -+ ASSERT(rv == -EAGAIN); -+ return rv; -+ } -+ -+ if ( pages < sc->pages ) -+ sc->pages = pages; - if ( clean ) - { - /* We need to further call clean_dirty_bitmap() functions of specific -@@ -432,6 +543,7 @@ int paging_log_dirty_op(struct domain *d - return rv; - - out: -+ d->arch.paging.preempt.vcpu = NULL; - paging_unlock(d); - domain_unpause(d); - -@@ -498,12 +610,6 @@ void paging_log_dirty_init(struct domain - d->arch.paging.log_dirty.clean_dirty_bitmap = clean_dirty_bitmap; - } - --/* This function fress log dirty bitmap resources. */ --static void paging_log_dirty_teardown(struct domain*d) --{ -- paging_free_log_dirty_bitmap(d); --} -- - /************************************************/ - /* CODE FOR PAGING SUPPORT */ - /************************************************/ -@@ -547,6 +653,7 @@ void paging_vcpu_init(struct vcpu *v) - int paging_domctl(struct domain *d, xen_domctl_shadow_op_t *sc, - XEN_GUEST_HANDLE_PARAM(void) u_domctl) - { -+ bool_t resuming = 0; - int rc; - - if ( unlikely(d == current->domain) ) -@@ -569,6 +676,20 @@ int paging_domctl(struct domain *d, xen_ - return -EINVAL; - } - -+ if ( d->arch.paging.preempt.vcpu ) -+ { -+ if ( d->arch.paging.preempt.vcpu != current || -+ d->arch.paging.preempt.op != sc->op ) -+ { -+ printk(XENLOG_G_DEBUG -+ "d%d:v%d: Paging op %#x on Dom%u with unfinished prior op %#x\n", -+ current->domain->domain_id, current->vcpu_id, -+ sc->op, d->domain_id, d->arch.paging.preempt.op); -+ return -EBUSY; -+ } -+ resuming = 1; -+ } -+ - rc = xsm_shadow_control(XSM_HOOK, d, sc->op); - if ( rc ) - return rc; -@@ -594,13 +714,13 @@ int paging_domctl(struct domain *d, xen_ - - case XEN_DOMCTL_SHADOW_OP_OFF: - if ( paging_mode_log_dirty(d) ) -- if ( (rc = paging_log_dirty_disable(d)) != 0 ) -+ if ( (rc = paging_log_dirty_disable(d, resuming)) != 0 ) - return rc; - break; - - case XEN_DOMCTL_SHADOW_OP_CLEAN: - case XEN_DOMCTL_SHADOW_OP_PEEK: -- return paging_log_dirty_op(d, sc); -+ return paging_log_dirty_op(d, sc, resuming); - } - - /* Here, dispatch domctl to the appropriate paging code */ -@@ -611,18 +731,24 @@ int paging_domctl(struct domain *d, xen_ - } - - /* Call when destroying a domain */ --void paging_teardown(struct domain *d) -+int paging_teardown(struct domain *d) - { -+ int rc; -+ - if ( hap_enabled(d) ) - hap_teardown(d); - else - shadow_teardown(d); - - /* clean up log dirty resources. */ -- paging_log_dirty_teardown(d); -+ rc = paging_free_log_dirty_bitmap(d, 0); -+ if ( rc == -EAGAIN ) -+ return rc; - - /* Move populate-on-demand cache back to domain_list for destruction */ - p2m_pod_empty_cache(d); -+ -+ return rc; - } - - /* Call once all of the references to the domain have gone away */ ---- a/xen/arch/x86/mm/shadow/common.c -+++ b/xen/arch/x86/mm/shadow/common.c -@@ -3706,8 +3706,7 @@ int shadow_domctl(struct domain *d, - paging_unlock(d); - if ( preempted ) - /* Not finished. Set up to re-run the call. */ -- rc = hypercall_create_continuation( -- __HYPERVISOR_domctl, "h", u_domctl); -+ rc = -EAGAIN; - else - /* Finished. Return the new allocation */ - sc->mb = shadow_get_allocation(d); ---- a/xen/common/domain.c -+++ b/xen/common/domain.c -@@ -527,7 +527,6 @@ int domain_kill(struct domain *d) - rc = domain_relinquish_resources(d); - if ( rc != 0 ) - { -- BUG_ON(rc != -EAGAIN); - break; - } - if ( sched_move_domain(d, cpupool0) ) ---- a/xen/include/asm-x86/domain.h -+++ b/xen/include/asm-x86/domain.h -@@ -186,6 +186,20 @@ struct paging_domain { - struct hap_domain hap; - /* log dirty support */ - struct log_dirty_domain log_dirty; -+ -+ /* preemption handling */ -+ struct { -+ struct vcpu *vcpu; -+ unsigned int op; -+ union { -+ struct { -+ unsigned long done:PADDR_BITS - PAGE_SHIFT; -+ unsigned long i4:PAGETABLE_ORDER; -+ unsigned long i3:PAGETABLE_ORDER; -+ } log_dirty; -+ }; -+ } preempt; -+ - /* alloc/free pages from the pool for paging-assistance structures - * (used by p2m and log-dirty code for their tries) */ - struct page_info * (*alloc_page)(struct domain *d); ---- a/xen/include/asm-x86/paging.h -+++ b/xen/include/asm-x86/paging.h -@@ -133,9 +133,6 @@ struct paging_mode { - /***************************************************************************** - * Log dirty code */ - --/* free log dirty bitmap resource */ --void paging_free_log_dirty_bitmap(struct domain *d); -- - /* get the dirty bitmap for a specific range of pfns */ - void paging_log_dirty_range(struct domain *d, - unsigned long begin_pfn, -@@ -145,9 +142,6 @@ void paging_log_dirty_range(struct domai - /* enable log dirty */ - int paging_log_dirty_enable(struct domain *d); - --/* disable log dirty */ --int paging_log_dirty_disable(struct domain *d); -- - /* log dirty initialization */ - void paging_log_dirty_init(struct domain *d, - int (*enable_log_dirty)(struct domain *d), -@@ -206,7 +200,7 @@ int paging_domctl(struct domain *d, xen_ - XEN_GUEST_HANDLE_PARAM(void) u_domctl); - - /* Call when destroying a domain */ --void paging_teardown(struct domain *d); -+int paging_teardown(struct domain *d); - - /* Call once all of the references to the domain have gone away */ - void paging_final_teardown(struct domain *d); |