summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--main/xen/APKBUILD21
-rw-r--r--main/xen/xen-xend.post-install10
-rw-r--r--main/xen/xen-xend.post-upgrade10
-rw-r--r--main/xen/xsa73-4_3-unstable.patch105
-rw-r--r--main/xen/xsa75-4.3-unstable.patch55
5 files changed, 27 insertions, 174 deletions
diff --git a/main/xen/APKBUILD b/main/xen/APKBUILD
index 97f41962b..8bce8da58 100644
--- a/main/xen/APKBUILD
+++ b/main/xen/APKBUILD
@@ -2,8 +2,8 @@
# Contributor: Roger Pau Monne <roger.pau@entel.upc.edu>
# Maintainer: William Pitcock <nenolod@dereferenced.org>
pkgname=xen
-pkgver=4.3.1
-pkgrel=3
+pkgver=4.3.2
+pkgrel=0
pkgdesc="Xen hypervisor"
url="http://www.xen.org/"
arch="x86_64"
@@ -25,9 +25,6 @@ source="http://bits.xensource.com/oss-xen/release/$pkgver/$pkgname-$pkgver.tar.g
xsa41b.patch
xsa41c.patch
- xsa73-4_3-unstable.patch
- xsa75-4.3-unstable.patch
-
fix-pod2man-choking.patch
qemu-xen-websocket.patch
@@ -191,6 +188,8 @@ xend() {
pkgdesc="Xend toolstack"
replaces="xen"
depends="udev xen python"
+ install="xen-xend.post-install xen-xend.post-upgrade"
+
mkdir -p "$subpkgdir"
sitepackages=`python -c "from distutils.sysconfig import get_python_lib; print(get_python_lib())"`
mkdir -p "$subpkgdir"/"$sitepackages"/xen
@@ -198,15 +197,13 @@ xend() {
-exec mv '{}' "$subpkgdir"/"$sitepackages"/xen \;
}
-md5sums="7616b8704e1ab89c81f011f0e3703bc8 xen-4.3.1.tar.gz
+md5sums="83e0e13678383e4fbcaa69ce6064b187 xen-4.3.2.tar.gz
2dc5ddf47c53ea168729975046c3c1f9 librt.patch
1ccde6b36a6f9542a16d998204dc9a22 qemu-xen_paths.patch
6dcff640268d514fa9164b4c812cc52d docs-Fix-generating-qemu-doc.html-with-texinfo-5.patch
8ad8942000b8a4be4917599cad9209cf xsa41.patch
ed7d0399c6ca6aeee479da5d8f807fe0 xsa41b.patch
2f3dd7bdc59d104370066d6582725575 xsa41c.patch
-5005efdb8bf44ccc2ce869611b507c83 xsa73-4_3-unstable.patch
-94b925ecbea7c4d879203776dc1903db xsa75-4.3-unstable.patch
4c5455d1adc09752a835e241097fbc39 fix-pod2man-choking.patch
a4097e06a7e000ed00f4607db014d277 qemu-xen-websocket.patch
35bdea1d4e3ae2565edc7e40906efdd5 qemu-xen-tls-websockets.patch
@@ -228,15 +225,13 @@ fa8c72b42e0479d521a353386d8543ef xendomains.initd
9df68ac65dc3f372f5d61183abdc83ff xen-consoles.logrotate
6a2f777c16678d84039acf670d86fff6 xenqemu.confd
f9afbf39e2b5a7d9dde60ebbd249ea7d xenqemu.initd"
-sha256sums="3b5b7cc508b1739753585b5c25635471cdcef680e8770a78bf6ef9333d26a9fd xen-4.3.1.tar.gz
+sha256sums="17611d95f955302560ff72d97c08933b4e62bc2e8ffb71400fc54e388746ff69 xen-4.3.2.tar.gz
12bf32f9937b09283f2df4955b50d6739768f66137a7d991f661f45cf77cb53b librt.patch
9440ca31a6911201f02694e93faafb5ca9b17de18b7f15b53ceac39a03411b4a qemu-xen_paths.patch
a0c225d716d343fe041b63e3940900c5b3573ed3bcfc5b7c2d52ea2861c3fc28 docs-Fix-generating-qemu-doc.html-with-texinfo-5.patch
93452beba88a8da8e89b8bfa743074a358ba1d9052151c608e21c4d62f8c4867 xsa41.patch
896a07f57310c9bea9bc2a305166cf796282c381cb7839be49105b1726a860b5 xsa41b.patch
683dd96a0a8899f794070c8c09643dfeeb39f92da531955cba961b45f6075914 xsa41c.patch
-48411cd6b15e4e4fa3c4335298179a4b1094c5e1ae8dc7582bbfb9439d97037b xsa73-4_3-unstable.patch
-91936421279fd2fa5321d9ed5a2b71fe76bc0e1348e67126e8b9cde0cb1d32b2 xsa75-4.3-unstable.patch
fcb5b9ff0bc4b4d39fed9b88891491b91628aa449914cfea321abe5da24c1da2 fix-pod2man-choking.patch
e9f6c482fc449e0b540657a8988ad31f2e680b8933e50e6486687a52f6a9ed04 qemu-xen-websocket.patch
435dd428d83acdfde58888532a1cece1e9075b2a2460fe3f6cd33c7d400f2715 qemu-xen-tls-websockets.patch
@@ -258,15 +253,13 @@ a50a4485e84bcc098ad021556cd2aa7947c228f0a546ab942e880787ced57be3 xend.initd
0da87a4b9094f934e3de937e8ef8d3afc752e76793aa3d730182d0241e118b19 xen-consoles.logrotate
4cfcddcade5d055422ab4543e8caa6e5c5eee7625c41880a9000b7a87c7c424e xenqemu.confd
bf17808a79c57a9efc38b9f14cc87f556b2bb7ecfdec5763d9cf686255a47fce xenqemu.initd"
-sha512sums="f5250ad5ad3defc5dc1207eb6208a3928128ef57ac4162018bd92b750dc1df1eaaf37835528aca33a0f9e04c82d5f8c4ba79c03a1780d2b72cbb90cc26f77275 xen-4.3.1.tar.gz
+sha512sums="ec94d849b56ec590b89022075ce43768d8ef44b7be9580ce032509b44c085f0f66495845607a18cd3dea6b89c69bc2a18012705556f59288cd8653c3e5eca302 xen-4.3.2.tar.gz
74e3cfc51e367fc445cb3d8149f0c8830e94719a266daf04d2cd0889864591860c4c8842de2bc78070e4c5be7d14dfbb8b236c511d5faeddc2ad97177c1d3764 librt.patch
425149aea57a6deae9f488cea867f125983998dc6e8c63893fb3b9caf0ea34214251dd98ad74db823f5168631c44c49b988b6fe9c11b76bd493ddf51bc0baaa2 qemu-xen_paths.patch
477d3d08bd4fcdfbc54abea1a18acb6a41d298c366cd01c954f474515cb862d0dd59217c0dfca5460a725a8bc036de42132f522c3eefdffcc4fd511f016b783f docs-Fix-generating-qemu-doc.html-with-texinfo-5.patch
94672a4d37db4e370370157cac9507ee1a75832f4be779fba148c1faa0b18f26ed57126eee6256ccd5d218463325a730266b53139554f4865adedb7659154c16 xsa41.patch
bda9105793f2327e1317991762120d0668af0e964076b18c9fdbfd509984b2e88d85df95702c46b2e00d5350e8113f6aa7b34b19064d19abbeb4d43f0c431d38 xsa41b.patch
36b60478660ff7748328f5ab9adff13286eee1a1bad06e42fdf7e6aafe105103988525725aacd660cf5b2a184a9e2d6b3818655203c1fa07e07dcebdf23f35d9 xsa41c.patch
-8eb555bc589bc4848f640dd93bdfaf0d0a61667e26667ff2ff89ab60c8c5a777982647e8c440be7510620281bac8d9bb3281afcae36e974f09bd70184ba6ba9a xsa73-4_3-unstable.patch
-8406618c8b2398aba740713df253763a2b4e102c46ae59a8189acf6069845288fbcb5e8dafe72212b96714a18787c69106255d257b4445d69853dcfec1dc02af xsa75-4.3-unstable.patch
2e95ad43bb66f928fe1e8caf474a3211571f75f79ea32aaa3eddb3aed9963444bd131006b67e682395af0d79118b2634bf808404693b813a94662d2a9d665ac2 fix-pod2man-choking.patch
45f1da45f3ff937d0a626e37c130d76f5b97f49a57ddeb11ef2a8e850c04c32c819a3dfcef501eb3784db5fe7b39c88230063e56aa6e5197fd9c7b7d424fff77 qemu-xen-websocket.patch
11eaccc346440ff285552f204d491e3b31bda1665c3219ecae3061b5d55db9dec885af0c031fa19c67e87bbe238002b1911bbd5bfea2f2ba0d61e6b3d0c952c9 qemu-xen-tls-websockets.patch
diff --git a/main/xen/xen-xend.post-install b/main/xen/xen-xend.post-install
new file mode 100644
index 000000000..9fc742fe5
--- /dev/null
+++ b/main/xen/xen-xend.post-install
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+echo
+echo "*** DEPRECATION WARNING ***"
+echo "Support in Alpine for the xend toolstack is planned for removal in the Xen 4.5 packages."
+echo "We strongly recommend switching to the newer xl toolstack at earliest convenience."
+echo
+
+exit 0
+
diff --git a/main/xen/xen-xend.post-upgrade b/main/xen/xen-xend.post-upgrade
new file mode 100644
index 000000000..9fc742fe5
--- /dev/null
+++ b/main/xen/xen-xend.post-upgrade
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+echo
+echo "*** DEPRECATION WARNING ***"
+echo "Support in Alpine for the xend toolstack is planned for removal in the Xen 4.5 packages."
+echo "We strongly recommend switching to the newer xl toolstack at earliest convenience."
+echo
+
+exit 0
+
diff --git a/main/xen/xsa73-4_3-unstable.patch b/main/xen/xsa73-4_3-unstable.patch
deleted file mode 100644
index efa64f9b1..000000000
--- a/main/xen/xsa73-4_3-unstable.patch
+++ /dev/null
@@ -1,105 +0,0 @@
-From 068bfa76bbd52430e65853375e1d5db99d193e2f Mon Sep 17 00:00:00 2001
-From: Andrew Cooper <andrew.cooper3@citrix.com>
-Date: Thu, 31 Oct 2013 20:49:00 +0000
-Subject: [PATCH] gnttab: correct locking order reversal
-
-Coverity ID 1087189
-
-Correct a lock order reversal between a domains page allocation and grant
-table locks.
-
-This is XSA-73.
-
-Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
-
-Consolidate error handling.
-
-Signed-off-by: Jan Beulich <jbeulich@suse.com>
-Reviewed-by: Keir Fraser <keir@xen.org>
-Tested-by: Matthew Daley <mattjd@gmail.com>
----
- xen/common/grant_table.c | 52 +++++++++++++++++++++++++++++++++++++++-------
- 1 file changed, 44 insertions(+), 8 deletions(-)
-
-diff --git a/xen/common/grant_table.c b/xen/common/grant_table.c
-index f42bc7a..48df928 100644
---- a/xen/common/grant_table.c
-+++ b/xen/common/grant_table.c
-@@ -1517,6 +1517,8 @@ gnttab_transfer(
-
- for ( i = 0; i < count; i++ )
- {
-+ bool_t okay;
-+
- if (i && hypercall_preempt_check())
- return i;
-
-@@ -1625,16 +1627,18 @@ gnttab_transfer(
- * pages when it is dying.
- */
- if ( unlikely(e->is_dying) ||
-- unlikely(e->tot_pages >= e->max_pages) ||
-- unlikely(!gnttab_prepare_for_transfer(e, d, gop.ref)) )
-+ unlikely(e->tot_pages >= e->max_pages) )
- {
-- if ( !e->is_dying )
-- gdprintk(XENLOG_INFO, "gnttab_transfer: "
-- "Transferee has no reservation "
-- "headroom (%d,%d) or provided a bad grant ref (%08x) "
-- "or is dying (%d)\n",
-- e->tot_pages, e->max_pages, gop.ref, e->is_dying);
- spin_unlock(&e->page_alloc_lock);
-+
-+ if ( e->is_dying )
-+ gdprintk(XENLOG_INFO, "gnttab_transfer: "
-+ "Transferee (d%d) is dying\n", e->domain_id);
-+ else
-+ gdprintk(XENLOG_INFO, "gnttab_transfer: "
-+ "Transferee (d%d) has no headroom (tot %u, max %u)\n",
-+ e->domain_id, e->tot_pages, e->max_pages);
-+
- rcu_unlock_domain(e);
- put_gfn(d, gop.mfn);
- page->count_info &= ~(PGC_count_mask|PGC_allocated);
-@@ -1646,6 +1650,38 @@ gnttab_transfer(
- /* Okay, add the page to 'e'. */
- if ( unlikely(domain_adjust_tot_pages(e, 1) == 1) )
- get_knownalive_domain(e);
-+
-+ /*
-+ * We must drop the lock to avoid a possible deadlock in
-+ * gnttab_prepare_for_transfer. We have reserved a page in e so can
-+ * safely drop the lock and re-aquire it later to add page to the
-+ * pagelist.
-+ */
-+ spin_unlock(&e->page_alloc_lock);
-+ okay = gnttab_prepare_for_transfer(e, d, gop.ref);
-+ spin_lock(&e->page_alloc_lock);
-+
-+ if ( unlikely(!okay) || unlikely(e->is_dying) )
-+ {
-+ bool_t drop_dom_ref = (domain_adjust_tot_pages(e, -1) == 0);
-+
-+ spin_unlock(&e->page_alloc_lock);
-+
-+ if ( okay /* i.e. e->is_dying due to the surrounding if() */ )
-+ gdprintk(XENLOG_INFO, "gnttab_transfer: "
-+ "Transferee (d%d) is now dying\n", e->domain_id);
-+
-+ if ( drop_dom_ref )
-+ put_domain(e);
-+ rcu_unlock_domain(e);
-+
-+ put_gfn(d, gop.mfn);
-+ page->count_info &= ~(PGC_count_mask|PGC_allocated);
-+ free_domheap_page(page);
-+ gop.status = GNTST_general_error;
-+ goto copyback;
-+ }
-+
- page_list_add_tail(page, &e->page_list);
- page_set_owner(page, e);
-
---
-1.7.10.4
-
diff --git a/main/xen/xsa75-4.3-unstable.patch b/main/xen/xsa75-4.3-unstable.patch
deleted file mode 100644
index b3724c35d..000000000
--- a/main/xen/xsa75-4.3-unstable.patch
+++ /dev/null
@@ -1,55 +0,0 @@
-nested VMX: VMLANUCH/VMRESUME emulation must check permission first thing
-
-Otherwise uninitialized data may be used, leading to crashes.
-
-This is XSA-75.
-
-Reported-and-tested-by: Jeff Zimmerman <Jeff_Zimmerman@McAfee.com>
-Signed-off-by: Jan Beulich <jbeulich@suse.com>
-Reviewed-and-tested-by: Andrew Cooper <andrew.cooper3@citrix.com>
-
---- a/xen/arch/x86/hvm/vmx/vvmx.c
-+++ b/xen/arch/x86/hvm/vmx/vvmx.c
-@@ -1509,15 +1509,10 @@ static void clear_vvmcs_launched(struct
- }
- }
-
--int nvmx_vmresume(struct vcpu *v, struct cpu_user_regs *regs)
-+static int nvmx_vmresume(struct vcpu *v, struct cpu_user_regs *regs)
- {
- struct nestedvmx *nvmx = &vcpu_2_nvmx(v);
- struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v);
-- int rc;
--
-- rc = vmx_inst_check_privilege(regs, 0);
-- if ( rc != X86EMUL_OKAY )
-- return rc;
-
- /* check VMCS is valid and IO BITMAP is set */
- if ( (nvcpu->nv_vvmcxaddr != VMCX_EADDR) &&
-@@ -1536,6 +1531,10 @@ int nvmx_handle_vmresume(struct cpu_user
- struct vcpu *v = current;
- struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v);
- struct nestedvmx *nvmx = &vcpu_2_nvmx(v);
-+ int rc = vmx_inst_check_privilege(regs, 0);
-+
-+ if ( rc != X86EMUL_OKAY )
-+ return rc;
-
- if ( vcpu_nestedhvm(v).nv_vvmcxaddr == VMCX_EADDR )
- {
-@@ -1555,10 +1554,13 @@ int nvmx_handle_vmresume(struct cpu_user
- int nvmx_handle_vmlaunch(struct cpu_user_regs *regs)
- {
- bool_t launched;
-- int rc;
- struct vcpu *v = current;
- struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v);
- struct nestedvmx *nvmx = &vcpu_2_nvmx(v);
-+ int rc = vmx_inst_check_privilege(regs, 0);
-+
-+ if ( rc != X86EMUL_OKAY )
-+ return rc;
-
- if ( vcpu_nestedhvm(v).nv_vvmcxaddr == VMCX_EADDR )
- {
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-11 22:34:57 +0000