summaryrefslogtreecommitdiff
path: root/kernels
diff options
context:
space:
mode:
Diffstat (limited to 'kernels')
-rw-r--r--kernels/xen/ChangeLog15
-rw-r--r--kernels/xen/PKGBUILD35
-rw-r--r--kernels/xen/disable-bluez.patch21
-rw-r--r--kernels/xen/localgcc490fix.patch114
-rw-r--r--kernels/xen/pvh_pit_init.patch107
-rw-r--r--kernels/xen/xen.install5
-rw-r--r--kernels/xen/xsa89.patch96
-rw-r--r--kernels/xen/xsa92.patch36
8 files changed, 52 insertions, 377 deletions
diff --git a/kernels/xen/ChangeLog b/kernels/xen/ChangeLog
index 17133d08c..42c9ef681 100644
--- a/kernels/xen/ChangeLog
+++ b/kernels/xen/ChangeLog
@@ -1,3 +1,18 @@
+2014-09-04 David Sutton <kantras - gmail.com>
+ * 4.4.1-1:
+ New Upstream release
+ Cleared out unnecessary patches (security, gcc compile and pit)
+
+2014-06-22 David Sutton <kantras - gmail.com>
+ * 4.4.0-6:
+ Added additional patch to support XSA 100 on AMD platform
+
+2014-06-17 David Sutton <kantras - gmail.com>
+ * 4.4.0-5:
+ Added XSA 96 and 100 security patches
+ Added patch to explictly disable searching for bluez libs
+ Cleaned up PKGBUILD
+
2014-05-17 David Sutton <kantras - gmail.com>
* 4.4.0-4:
Added patch to fix shutdown issues with pvh domains
diff --git a/kernels/xen/PKGBUILD b/kernels/xen/PKGBUILD
index 7313bfd75..7761893c4 100644
--- a/kernels/xen/PKGBUILD
+++ b/kernels/xen/PKGBUILD
@@ -6,13 +6,13 @@
# Maintainer: André Silva <emulatorman@parabola.nu>
pkgname=xen
-pkgver=4.4.0
-pkgrel=4
+pkgver=4.4.1
+pkgrel=1.parabola1
pkgdesc="Virtual Machine Hypervisor & Tools (Parabola rebranded)"
arch=(i686 x86_64)
url="http://www.xenproject.org/"
license=(GPL2)
-depends=(bin86 bluez bridge-utils curl e2fsprogs gnutls iproute2 libaio libcap-ng libiscsi libjpeg-turbo libpng libseccomp lzo2 nss pixman pciutils python python2 sdl wget vde2 yajl)
+depends=(bin86 bridge-utils curl gnutls iproute2 libaio libcap-ng libiscsi libjpeg-turbo libpng libseccomp lzo2 nss pixman pciutils python python2 sdl wget vde2 yajl)
[[ "$CARCH" == "x86_64" ]] && depends+=(lib32-glibc)
makedepends=(cmake dev86 git iasl markdown ocaml-findlib)
optdepends=('xen-docs: Official Xen Documentation' 'openvswitch: Optional Networking support')
@@ -34,10 +34,7 @@ source=(http://bits.xensource.com/oss-xen/release/$pkgver/$pkgname-$pkgver.tar.g
xen.install
09_xen
ati-passthrough.patch
- localgcc490fix.patch
- pvh_pit_init.patch
- xsa89.patch
- xsa92.patch
+ disable-bluez.patch
proc-xen.mount
var-lib-xenstored.mount
xenconsoled.service
@@ -59,7 +56,7 @@ noextract=(lwip-1.3.0.tar.gz
gmp-4.3.2.tar.bz2
ipxe-git-9a93db3f0947484e30e753bbd61a10b17336e20e.tar.gz)
-sha256sums=('6910a504fe2ffe8db0e7a44756ce1c4c95e1ccbef942a1fc8da27aced5aac021'
+sha256sums=('55b49d3c4575d7791275125ff87c0f86f1d1e0f7f2718b6fd1c4f88a9bc7ea25'
'632ce8c193ccacc3012bd354bdb733a4be126f7c098e111930aa41dad537405c'
'772e4d550e07826665ed0528c071dd5404ef7dbe1825a38c8adbc2a00bca948f'
'1795c7d067a43174113fdf03447532f373e1c6c57c08d61d9e4e9be5e244b05e'
@@ -69,13 +66,10 @@ sha256sums=('6910a504fe2ffe8db0e7a44756ce1c4c95e1ccbef942a1fc8da27aced5aac021'
'4e1d15d12dbd3e9208111d6b806ad5a9857ca8850c47877d36575b904559260b'
'4e48ea0d83dd9441cc1af04ab18cd6c961b9fa54d5cbf2c2feee038988dea459'
'936162c0312886c21581002b79932829aa048cfaf9937c6265aeaa14f1cd1775'
- '9d41f4456f1ce82ab912467a230b6e78b69b39579bccca1337328945ae7e3edb'
+ 'b29b6529c84348bfaf86ff52fac3b3b49c8259741820a0edf056809bd7e65532'
'b0a3cfe2d524371ee04a26a29ad04cd9f3dae8c5d4a18b6b41576c6c7547f946'
'd93c2d5bcdf0c3e4c6e8efb357cb4b9d618209025361f5ccd9d03651a8acd7a3'
- '83d4672470437e0a6d2c371681384d67f2056ba85fe3b7898e2b806edecaebd6'
- '7dcf63e1f7158e0d8d5144f549f4e5fe9a532f9da2650c13968aa39b2730d8b2'
- '741c8fbbfa8e425d8debba17135d4c2e1e962d15717769bc93d68a65b5dc5ea6'
- '184dcb88dfb4540fca33016ffcfe0f4f557449ab5b4ec6a4bf486c75926d23f3'
+ '0ba03980b4d300fea3f8bbe47b188a491ddf871246e5bd214b1ed15e971324d2'
'139eed988bfaf8edc8ccdfd0b668382bd63db48ce17be91776182a7e28e9d88c'
'c19146931c6ab8e53092bd9b2ebbfda5c76fd22ad3b1d42dcda3dd1b61f123ff'
'e4af7891e816b9549ebeff766a78036626c0e278734e5625b8e7d68729530ded'
@@ -94,14 +88,9 @@ prepare() {
### Patching
# Security Patches
- patch -Np1 -i $srcdir/xsa89.patch
- patch -Np1 -i $srcdir/xsa92.patch
- # GCC 4.9.0 compile workaround
- patch -Np1 -i $srcdir/localgcc490fix.patch
-
- # Issue resolution patches
- patch -Np1 -i $srcdir/pvh_pit_init.patch
+ # Compile Patches
+ patch -Np1 -i $srcdir/disable-bluez.patch
# Uncomment line below if you want to enable ATI Passthrough support (some reported successes, untested with 4.4)
#patch -Np1 -i ../ati-passthrough.patch
@@ -128,14 +117,16 @@ build() {
export CFLAGS+='-Wall -Wstrict-prototypes -Wno-unused-local-typedefs -Wno-sizeof-pointer-memaccess'
cd $pkgname-$pkgver/
./autogen.sh
- ./configure PYTHON=/usr/bin/python2 --prefix=/usr --localstatedir=/run
+ ./configure PYTHON=/usr/bin/python2 --prefix=/usr --localstatedir=/run --enable-xend
+ make LANG=C PYTHON=python2 dist-{xen,tools,kernels}
unset CFLAGS
+ make LANG=C PYTHON=python2 dist-stubdom
}
package() {
cd $pkgname-$pkgver/
- make DESTDIR="$pkgdir" LANG=C PYTHON=python2 install-{xen,tools,stubdom}
+ make DESTDIR="$pkgdir" LANG=C PYTHON=python2 install-{xen,tools,kernels,stubdom}
# Install files
cd ../
diff --git a/kernels/xen/disable-bluez.patch b/kernels/xen/disable-bluez.patch
new file mode 100644
index 000000000..d420f038c
--- /dev/null
+++ b/kernels/xen/disable-bluez.patch
@@ -0,0 +1,21 @@
+--- a/tools/qemu-xen-traditional/xen-setup 2013-12-19 09:19:49.000000000 -0600
++++ b/tools/qemu-xen-traditional/xen-setup 2014-06-18 19:07:28.018807657 -0500
+@@ -18,7 +18,7 @@
+ XEN_SCRIPT_DIR="/etc/xen/scripts"
+ fi
+
+-${QEMU_ROOT:-.}/configure --disable-gfx-check --disable-curses --disable-slirp "$@" --prefix=${PREFIX}
++${QEMU_ROOT:-.}/configure --disable-gfx-check --disable-curses --disable-slirp "$@" --prefix=${PREFIX} --disable-bluez
+
+ if [ "x$XEN_ROOT" != x ]; then
+ echo "XEN_ROOT=$XEN_ROOT" >>config-host.mak
+--- a/tools/Makefile 2014-03-10 05:43:57.000000000 -0500
++++ b/tools/Makefile.new 2014-06-18 20:07:56.707835949 -0500
+@@ -203,6 +203,7 @@
+ --disable-kvm \
+ --disable-docs \
+ --disable-guest-agent \
++ --disable-bluez \
+ --python=$(PYTHON) \
+ $(IOEMU_CONFIGURE_CROSS); \
+ $(MAKE) all
diff --git a/kernels/xen/localgcc490fix.patch b/kernels/xen/localgcc490fix.patch
deleted file mode 100644
index c24cdddfb..000000000
--- a/kernels/xen/localgcc490fix.patch
+++ /dev/null
@@ -1,114 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
- "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns='http://www.w3.org/1999/xhtml' xml:lang='en' lang='en'>
-<head>
-<title>xen.git - xen</title>
-<meta name='generator' content='cgit v0.10.1'/>
-<meta name='robots' content='index, nofollow'/>
-<link rel='stylesheet' type='text/css' href='/cgit-data/cgit.css'/>
-<link rel='shortcut icon' href='/favicon.ico'/>
-<link rel='alternate' title='Atom feed' href='http://pkgs.fedoraproject.org/cgit/xen.git/atom/localgcc490fix.patch?h=master' type='application/atom+xml'/>
-</head>
-<body>
-<div id='cgit'><table id='header'>
-<tr>
-<td class='logo' rowspan='2'><a href='/cgit/'><img src='/cgit-data/cgit.png' alt='cgit logo'/></a></td>
-<td class='main'><a href='/cgit/'>index</a> : <a title='xen.git' href='/cgit/xen.git/'>xen.git</a></td><td class='form'><form method='get' action=''>
-<select name='h' onchange='this.form.submit();'>
-<option value='f10'>f10</option>
-<option value='f11'>f11</option>
-<option value='f12'>f12</option>
-<option value='f13'>f13</option>
-<option value='f14'>f14</option>
-<option value='f15'>f15</option>
-<option value='f16'>f16</option>
-<option value='f17'>f17</option>
-<option value='f18'>f18</option>
-<option value='f19'>f19</option>
-<option value='f20'>f20</option>
-<option value='f7'>f7</option>
-<option value='f8'>f8</option>
-<option value='f9'>f9</option>
-<option value='master' selected='selected'>master</option>
-<option value='private-20060208-sct-branch'>private-20060208-sct-branch</option>
-</select> <input type='submit' name='' value='switch'/></form></td></tr>
-<tr><td class='sub'>xen</td><td class='sub right'>Jesse Keating</td></tr></table>
-<table class='tabs'><tr><td>
-<a href='/cgit/xen.git/'>summary</a><a href='/cgit/xen.git/refs/'>refs</a><a href='/cgit/xen.git/log/localgcc490fix.patch'>log</a><a class='active' href='/cgit/xen.git/tree/localgcc490fix.patch'>tree</a><a href='/cgit/xen.git/commit/localgcc490fix.patch'>commit</a><a href='/cgit/xen.git/diff/localgcc490fix.patch'>diff</a><a href='/cgit/xen.git/stats/localgcc490fix.patch'>stats</a></td><td class='form'><form class='right' method='get' action='/cgit/xen.git/log/localgcc490fix.patch'>
-<select name='qt'>
-<option value='grep'>log msg</option>
-<option value='author'>author</option>
-<option value='committer'>committer</option>
-<option value='range'>range</option>
-</select>
-<input class='txt' type='text' size='10' name='q' value=''/>
-<input type='submit' value='search'/>
-</form>
-</td></tr></table>
-<div class='path'>path: <a href='/cgit/xen.git/tree/'>root</a>/<a href='/cgit/xen.git/tree/localgcc490fix.patch'>localgcc490fix.patch</a></div><div class='content'>blob: e34f4d723267328a82ea993aae117d6ce9ed8c6e (<a href='/cgit/xen.git/plain/localgcc490fix.patch'>plain</a>)
-<table summary='blob content' class='blob'>
-<tr><td class='linenumbers'><pre><a id='n1' href='#n1'>1</a>
-<a id='n2' href='#n2'>2</a>
-<a id='n3' href='#n3'>3</a>
-<a id='n4' href='#n4'>4</a>
-<a id='n5' href='#n5'>5</a>
-<a id='n6' href='#n6'>6</a>
-<a id='n7' href='#n7'>7</a>
-<a id='n8' href='#n8'>8</a>
-<a id='n9' href='#n9'>9</a>
-<a id='n10' href='#n10'>10</a>
-<a id='n11' href='#n11'>11</a>
-<a id='n12' href='#n12'>12</a>
-<a id='n13' href='#n13'>13</a>
-<a id='n14' href='#n14'>14</a>
-<a id='n15' href='#n15'>15</a>
-<a id='n16' href='#n16'>16</a>
-<a id='n17' href='#n17'>17</a>
-<a id='n18' href='#n18'>18</a>
-<a id='n19' href='#n19'>19</a>
-<a id='n20' href='#n20'>20</a>
-<a id='n21' href='#n21'>21</a>
-<a id='n22' href='#n22'>22</a>
-<a id='n23' href='#n23'>23</a>
-<a id='n24' href='#n24'>24</a>
-<a id='n25' href='#n25'>25</a>
-<a id='n26' href='#n26'>26</a>
-<a id='n27' href='#n27'>27</a>
-<a id='n28' href='#n28'>28</a>
-<a id='n29' href='#n29'>29</a>
-</pre></td>
-<td class='lines'><pre><code>--- xen-4.4.0/Config.mk.orig 2014-04-29 20:54:43.117010822 +0100
-+++ xen-4.4.0/Config.mk 2014-04-29 20:58:23.100055325 +0100
-@@ -188,6 +188,8 @@
- CFLAGS += -std=gnu99
-
- CFLAGS += -Wall -Wstrict-prototypes
-+# add temporary build flags to identify build issues using gcc 4.9.0
-+CFLAGS += -Wno-error=maybe-uninitialized
-
- # Clang complains about macros that expand to 'if ( ( foo == bar ) ) ...'
- # and is over-zealous with the printf format lint
---- xen-4.4.0/tools/blktap2/drivers/block-qcow.c.orig 2014-03-10 10:43:57.000000000 +0000
-+++ xen-4.4.0/tools/blktap2/drivers/block-qcow.c 2014-04-30 21:10:26.270699187 +0100
-@@ -427,6 +427,7 @@
-
- if (posix_memalign((void **)&amp;tmp_ptr, 4096, 4096) != 0) {
- DPRINTF("ERROR allocating memory for L1 table\n");
-+ return -1;
- }
- memcpy(tmp_ptr, l1_ptr, 4096);
-
-@@ -600,6 +601,7 @@
-
- if (posix_memalign((void **)&amp;tmp_ptr2, 4096, 4096) != 0) {
- DPRINTF("ERROR allocating memory for L1 table\n");
-+ return -1;
- }
- memcpy(tmp_ptr2, l2_ptr, 4096);
- lseek(s-&gt;fd, l2_offset + (l2_sector &lt;&lt; 12), SEEK_SET);
-</code></pre></td></tr></table>
-</div> <!-- class=content -->
-<div class='footer'>generated by cgit v0.10.1 at 2014-05-04 21:13:33 (GMT)</div>
-</div> <!-- id=cgit -->
-</body>
-</html>
diff --git a/kernels/xen/pvh_pit_init.patch b/kernels/xen/pvh_pit_init.patch
deleted file mode 100644
index 4f14e5ddf..000000000
--- a/kernels/xen/pvh_pit_init.patch
+++ /dev/null
@@ -1,107 +0,0 @@
-From 3a148e0a7ee0ae56a498be5ba973314ec50cd999 Mon Sep 17 00:00:00 2001
-From: Mukesh Rathor <mukesh.rathor@oracle.com>
-Date: Fri, 4 Apr 2014 10:36:29 +0200
-Subject: [PATCH] x86: call pit_init for pvh also
-
-During halt of a pvh guest, the guest may do speaker shutdown. This
-results in call to handle_speaker_io in xen. It will hang on the vpit
-spin lock because it has not been initialized.
-Since, pit_init is also called for both pv and hvm, the call is
-moved to a more generic place.
-
-Signed-off-by: Mukesh Rathor <mukesh.rathor@oracle.com>
-Reviewed-by: Jan Beulich <jbeulich@suse.com>
-master commit: c30c544b199f70eada597c7352cdcb44648f6dcd
-master date: 2014-03-11 13:56:50 +0100
----
- xen/arch/x86/domain.c | 9 +++++----
- xen/arch/x86/hvm/hvm.c | 2 --
- xen/arch/x86/hvm/i8254.c | 3 +--
- xen/include/asm-x86/hvm/vpt.h | 2 +-
- 4 files changed, 7 insertions(+), 9 deletions(-)
-
-diff --git a/xen/arch/x86/domain.c b/xen/arch/x86/domain.c
-index 6618ae6..bc073e5 100644
---- a/xen/arch/x86/domain.c
-+++ b/xen/arch/x86/domain.c
-@@ -422,10 +422,6 @@ int vcpu_initialise(struct vcpu *v)
-
- /* PV guests by default have a 100Hz ticker. */
- v->periodic_period = MILLISECS(10);
--
-- /* PV guests get an emulated PIT too for video BIOSes to use. */
-- if ( v->vcpu_id == 0 )
-- pit_init(v, cpu_khz);
- }
-
- v->arch.schedule_tail = continue_nonidle_domain;
-@@ -579,6 +575,9 @@ int arch_domain_create(struct domain *d, unsigned int domcr_flags)
- tsc_set_info(d, TSC_MODE_DEFAULT, 0UL, 0, 0);
- spin_lock_init(&d->arch.vtsc_lock);
-
-+ /* PV/PVH guests get an emulated PIT too for video BIOSes to use. */
-+ pit_init(d, cpu_khz);
-+
- return 0;
-
- fail:
-@@ -1980,6 +1979,8 @@ int domain_relinquish_resources(struct domain *d)
- BUG();
- }
-
-+ pit_deinit(d);
-+
- if ( has_hvm_container_domain(d) )
- hvm_domain_relinquish_resources(d);
-
-diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
-index 6150899..a666471 100644
---- a/xen/arch/x86/hvm/hvm.c
-+++ b/xen/arch/x86/hvm/hvm.c
-@@ -643,7 +643,6 @@ void hvm_domain_relinquish_resources(struct domain *d)
- rtc_deinit(d);
- if ( d->vcpu != NULL && d->vcpu[0] != NULL )
- {
-- pit_deinit(d);
- pmtimer_deinit(d);
- hpet_deinit(d);
- }
-@@ -1217,7 +1216,6 @@ int hvm_vcpu_initialise(struct vcpu *v)
- if ( v->vcpu_id == 0 )
- {
- /* NB. All these really belong in hvm_domain_initialise(). */
-- pit_init(v, cpu_khz);
- pmtimer_init(v);
- hpet_init(v);
-
-diff --git a/xen/arch/x86/hvm/i8254.c b/xen/arch/x86/hvm/i8254.c
-index c0d6bc2..f7493b8 100644
---- a/xen/arch/x86/hvm/i8254.c
-+++ b/xen/arch/x86/hvm/i8254.c
-@@ -447,9 +447,8 @@ void pit_reset(struct domain *d)
- spin_unlock(&pit->lock);
- }
-
--void pit_init(struct vcpu *v, unsigned long cpu_khz)
-+void pit_init(struct domain *d, unsigned long cpu_khz)
- {
-- struct domain *d = v->domain;
- PITState *pit = domain_vpit(d);
-
- spin_lock_init(&pit->lock);
-diff --git a/xen/include/asm-x86/hvm/vpt.h b/xen/include/asm-x86/hvm/vpt.h
-index 87c3a66..9f3ec8d 100644
---- a/xen/include/asm-x86/hvm/vpt.h
-+++ b/xen/include/asm-x86/hvm/vpt.h
-@@ -175,7 +175,7 @@ void destroy_periodic_time(struct periodic_time *pt);
- int pv_pit_handler(int port, int data, int write);
- void pit_reset(struct domain *d);
-
--void pit_init(struct vcpu *v, unsigned long cpu_khz);
-+void pit_init(struct domain *d, unsigned long cpu_khz);
- void pit_stop_channel0_irq(PITState * pit);
- void pit_deinit(struct domain *d);
- void rtc_init(struct domain *d);
---
-1.7.2.5
-
diff --git a/kernels/xen/xen.install b/kernels/xen/xen.install
index aabe063c3..d25d3a93d 100644
--- a/kernels/xen/xen.install
+++ b/kernels/xen/xen.install
@@ -29,10 +29,11 @@ Note: If you are upgrading from one of the previous 4.2 xen builds, and are havi
line into your domain config file:
device_model_version = "qemu-xen-traditional"
- Also remember to rebuild your grub configuration if upgrading from a non-xen 4.4.0
+ Also remember to rebuild your grub configuration if upgrading from a non-xen 4.4.1
install.
- xen 4.4 no longer includes the xend daemon or the xm toolset
+ xen 4.4 no longer includes the xend daemon or the xm toolset by default, however
+ this build does enable it.
This install is now using a new version of the 09_xen file, used when generating
a new grub.cfg file. The new version inherits the default linux-libre kernel command
diff --git a/kernels/xen/xsa89.patch b/kernels/xen/xsa89.patch
deleted file mode 100644
index 3443e3360..000000000
--- a/kernels/xen/xsa89.patch
+++ /dev/null
@@ -1,96 +0,0 @@
-x86: enforce preemption in HVM_set_mem_access / p2m_set_mem_access()
-
-Processing up to 4G PFNs may take almost arbitrarily long, so
-preemption is needed here.
-
-This is XSA-89.
-
-Signed-off-by: Jan Beulich <jbeulich@suse.com>
-Reviewed-by: Tim Deegan <tim@xen.org>
-
---- a/xen/arch/x86/hvm/hvm.c
-+++ b/xen/arch/x86/hvm/hvm.c
-@@ -4593,6 +4593,15 @@ long do_hvm_op(unsigned long op, XEN_GUE
- goto param_fail5;
-
- rc = p2m_set_mem_access(d, a.first_pfn, a.nr, a.hvmmem_access);
-+ if ( rc > 0 )
-+ {
-+ a.first_pfn += a.nr - rc;
-+ a.nr = rc;
-+ if ( __copy_to_guest(arg, &a, 1) )
-+ rc = -EFAULT;
-+ else
-+ rc = -EAGAIN;
-+ }
-
- param_fail5:
- rcu_unlock_domain(d);
---- a/xen/arch/x86/mm/p2m.c
-+++ b/xen/arch/x86/mm/p2m.c
-@@ -1333,15 +1333,14 @@ void p2m_mem_access_resume(struct domain
-
- /* Set access type for a region of pfns.
- * If start_pfn == -1ul, sets the default access type */
--int p2m_set_mem_access(struct domain *d, unsigned long start_pfn,
-- uint32_t nr, hvmmem_access_t access)
-+long p2m_set_mem_access(struct domain *d, unsigned long pfn, uint32_t nr,
-+ hvmmem_access_t access)
- {
- struct p2m_domain *p2m = p2m_get_hostp2m(d);
-- unsigned long pfn;
- p2m_access_t a, _a;
- p2m_type_t t;
- mfn_t mfn;
-- int rc = 0;
-+ long rc;
-
- /* N.B. _not_ static: initializer depends on p2m->default_access */
- p2m_access_t memaccess[] = {
-@@ -1364,14 +1363,17 @@ int p2m_set_mem_access(struct domain *d,
- a = memaccess[access];
-
- /* If request to set default access */
-- if ( start_pfn == ~0ull )
-+ if ( pfn == ~0ul )
- {
- p2m->default_access = a;
- return 0;
- }
-
-+ if ( !nr )
-+ return 0;
-+
- p2m_lock(p2m);
-- for ( pfn = start_pfn; pfn < start_pfn + nr; pfn++ )
-+ for ( ; ; ++pfn )
- {
- mfn = p2m->get_entry(p2m, pfn, &t, &_a, 0, NULL);
- if ( p2m->set_entry(p2m, pfn, mfn, PAGE_ORDER_4K, t, a) == 0 )
-@@ -1379,6 +1381,13 @@ int p2m_set_mem_access(struct domain *d,
- rc = -ENOMEM;
- break;
- }
-+
-+ /* Check for continuation if it's not the last interation. */
-+ if ( !--nr || hypercall_preempt_check() )
-+ {
-+ rc = nr;
-+ break;
-+ }
- }
- p2m_unlock(p2m);
- return rc;
---- a/xen/include/asm-x86/p2m.h
-+++ b/xen/include/asm-x86/p2m.h
-@@ -576,8 +576,8 @@ void p2m_mem_access_resume(struct domain
-
- /* Set access type for a region of pfns.
- * If start_pfn == -1ul, sets the default access type */
--int p2m_set_mem_access(struct domain *d, unsigned long start_pfn,
-- uint32_t nr, hvmmem_access_t access);
-+long p2m_set_mem_access(struct domain *d, unsigned long start_pfn,
-+ uint32_t nr, hvmmem_access_t access);
-
- /* Get access type for a pfn
- * If pfn == -1ul, gets the default access type */
diff --git a/kernels/xen/xsa92.patch b/kernels/xen/xsa92.patch
deleted file mode 100644
index 60ef934aa..000000000
--- a/kernels/xen/xsa92.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-x86/HVM: restrict HVMOP_set_mem_type
-
-Permitting arbitrary type changes here has the potential of creating
-present P2M (and hence EPT/NPT/IOMMU) entries pointing to an invalid
-MFN (INVALID_MFN truncated to the respective hardware structure field's
-width). This would become a problem the latest when something real sat
-at the end of the physical address space; I'm suspecting though that
-other things might break with such bogus entries.
-
-Along with that drop a bogus (and otherwise becoming stale) log
-message.
-
-Afaict the similar operation in p2m_set_mem_access() is safe.
-
-This is XSA-92.
-
-Signed-off-by: Jan Beulich <jbeulich@suse.com>
-Reviewed-by: Tim Deegan <tim@xen.org>
-
---- a/xen/arch/x86/hvm/hvm.c
-+++ b/xen/arch/x86/hvm/hvm.c
-@@ -4541,12 +4541,10 @@ long do_hvm_op(unsigned long op, XEN_GUE
- rc = -EINVAL;
- goto param_fail4;
- }
-- if ( p2m_is_grant(t) )
-+ if ( !p2m_is_ram(t) &&
-+ (!p2m_is_hole(t) || a.hvmmem_type != HVMMEM_mmio_dm) )
- {
- put_gfn(d, pfn);
-- gdprintk(XENLOG_WARNING,
-- "type for pfn %#lx changed to grant while "
-- "we were working?\n", pfn);
- goto param_fail4;
- }
- else