Minix/pkgsrc-ng
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Import of pkgsrc-2016Q3

Browse Source
This commit is contained in:
Lionel Sambuc
2016-10-14 07:49:11 +02:00
committed by Lionel Sambuc
parent 9d819b6d54
commit 1242aa1e36
35952 changed files with 949749 additions and 377083 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
sysutils/xentools42/Makefile
View File

@@ -1,11 +1,11 @@
# $NetBSD: Makefile,v 1.35 2015/08/23 16:17:12 spz Exp $
# $NetBSD: Makefile,v 1.50 2016/07/09 13:04:08 wiz Exp $
VERSION= 4.2.5
VERSION_IPXE= 1.0.0
DISTNAME= xen-${VERSION}
PKGNAME= xentools42-${VERSION}
PKGREVISION= 12
PKGREVISION= 18
CATEGORIES= sysutils
MASTER_SITES= http://bits.xensource.com/oss-xen/release/${VERSION}/
@@ -26,7 +26,7 @@ BUILD_DEPENDS+= acpica-utils-[0-9]*:../../sysutils/acpica-utils
DEPENDS+= ${PYPKGPREFIX}-curses>=0nb4:../../devel/py-curses
DEPENDS+= ${PYPKGPREFIX}-lxml-[0-9]*:../../textproc/py-lxml
PYTHON_VERSIONS_INCOMPATIBLE= 33 34 # py-xml
PYTHON_VERSIONS_INCOMPATIBLE= 34 35 # py-xml
PKG_SYSCONFSUBDIR= xen
@@ -51,12 +51,13 @@ GNU_CONFIGURE= YES
#CONFIGURE_ARGS+= --enable-xenapi
CONFIGURE_ARGS+= --disable-seabios
CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFBASE}
MAKE_ENV+= PREFIX=${prefix:Q} WRKSRC=${WRKSRC}
MAKE_ENV+= EGDIR=${EGDIR}
MAKE_ENV+= BASH_COMPLETION_DIR=${EGDIR}
MAKE_ENV+= MV=${MV:Q} PYTHON=${PYTHONBIN:Q} SED=${SED:Q}
MAKE_ENV+= VARBASE=${VARBASE}
MAKE_ENV+= XEN_CONFIG_DIR=${PKG_SYSCONFDIR}
MAKE_ENV+= V=YES
MAKE_ENV+= NO_WERROR=1
@@ -140,22 +141,23 @@ SUBST_CLASSES+= conf
SUBST_STAGE.conf= pre-configure
SUBST_FILES.conf+= python/xen/xm/create.py
SUBST_FILES.conf+= ocaml/xenstored/define.ml
SUBST_FILES.conf+= libxl/xl_cmdtable.c
SUBST_FILES.conf+= ../docs/misc/xl-disk-configuration.txt
SUBST_SED.conf= -e "s,@XENDCONFDIR@,${PKG_SYSCONFDIR},g"
.include "../../mk/bsd.prefs.mk"
XEND_SCRIPTS= block vif-bridge vif-ip qemu-ifup hotplugpath.sh locking.sh
XEND_SCRIPTS= block vif-bridge vif-ip qemu-ifup hotplugpath.sh
.if ${OPSYS} == "NetBSD"
SUBST_CLASSES+= proc
SUBST_CLASSES.NetBSD+= proc
SUBST_STAGE.proc= pre-configure
SUBST_FILES.proc= python/xen/xend/XendVnet.py
SUBST_FILES.proc+= ocaml/xenstored/define.ml
SUBST_SED.proc= -e "s|/proc|/kern|g"
PROCPATH= /kern
.else
PROCPATH= /proc
.endif
OPSYSVARS+= PROCPATH
PROCPATH.NetBSD= /kern
PROCPATH.*= /proc
.include "../../mk/bsd.prefs.mk"
SUBST_CLASSES+= procdev
SUBST_STAGE.procdev= pre-configure
@@ -198,27 +200,28 @@ pre-build:
.for s in ${BLKTAP_FILES}
${CP} -f ${FILESDIR}/${s} ${WRKSRC}/blktap/drivers/
.endfor
${CP} -f ${FILESDIR}/locking.sh ${WRKSRC}/hotplug/NetBSD/
${SED} -e "s,@XENDCONFDIR@,${PKG_SYSCONFDIR},g" \
${XENTOP}/docs/man/xl.pod.1 |\
pod2man >${WRKDIR}/xl.1
pod2man -n xl >${WRKDIR}/xl.1
${SED} -e "s,@XENDCONFDIR@,${PKG_SYSCONFDIR},g" \
${XENTOP}/docs/man/xm.pod.1 |\
pod2man >${WRKDIR}/xm.1
pod2man -n xm >${WRKDIR}/xm.1
${SED} -e "s,@XENDCONFDIR@,${PKG_SYSCONFDIR},g" \
${XENTOP}/docs/man/xend-config.sxp.pod.5 |\
pod2man >${WRKDIR}/xend-config.sxp.5
pod2man -n xend-config.sxp >${WRKDIR}/xend-config.sxp.5
${SED} -e "s,@XENDCONFDIR@,${PKG_SYSCONFDIR},g" \
${XENTOP}/docs/man/xl.cfg.pod.5 |\
pod2man >${WRKDIR}/xl.cfg.5
pod2man -n xl.cfg >${WRKDIR}/xl.cfg.5
${SED} -e "s,@XENDCONFDIR@,${PKG_SYSCONFDIR},g" \
${XENTOP}/docs/man/xl.conf.pod.5 |\
pod2man >${WRKDIR}/xl.conf.5
pod2man -n xl.conf >${WRKDIR}/xl.conf.5
${SED} -e "s,@XENDCONFDIR@,${PKG_SYSCONFDIR},g" \
${XENTOP}/docs/man/xlcpupool.cfg.pod.5 |\
pod2man >${WRKDIR}/xlcpupool.cfg.5
pod2man -n xlcpupool.cfg >${WRKDIR}/xlcpupool.cfg.5
${SED} -e "s,@XENDCONFDIR@,${PKG_SYSCONFDIR},g" \
${XENTOP}/docs/man/xmdomain.cfg.pod.5 |\
pod2man >${WRKDIR}/xmdomain.cfg.5
pod2man -n xmdomain.cfg >${WRKDIR}/xmdomain.cfg.5
INSTALLATION_DIRS= ${EGDIR} ${PKGMANDIR}/man5
@@ -233,7 +236,8 @@ post-install:
${INSTALL_DATA} ${WRKDIR}/xend-config.sxp.5 ${DESTDIR}${PREFIX}/${PKGMANDIR}/man5
${INSTALL_DATA} ${WRKDIR}/xmdomain.cfg.5 ${DESTDIR}${PREFIX}/${PKGMANDIR}/man5
.if ${OPSYS} == "NetBSD" && !exists(/var/shm)
.if (${OPSYS} == "NetBSD" && \
(empty(OS_VERSION:M6.99.[3-9]?) && empty(OS_VERSION:M[7-9].*)))
CPPFLAGS+= -Dshm_open=open -Dshm_unlink=unlink
.endif
@@ -247,7 +251,7 @@ EXTRA_CFLAGS+= -Wno-error=ignored-attributes -no-integrated-as \
-Wno-error=unused-function -Wno-error=format \
-Wno-error=unused-const-variable \
-Wno-error=gnu-designator -Wno-error=uninitialized \
-Wno-error=parentheses-equality
-Wno-error=parentheses-equality -Wno-error=enum-conversion
BUILDLINK_TRANSFORM+= rm:-falign-jumps=1 rm:-falign-loops=1 \
rm:-mpreferred-stack-boundary=2
.endif

3
sysutils/xentools42/PLIST
View File

@@ -1,4 +1,4 @@
@comment $NetBSD: PLIST,v 1.6 2014/03/11 14:05:17 jperkin Exp $
@comment $NetBSD: PLIST,v 1.7 2016/04/04 15:13:15 bad Exp $
bin/libxl-save-helper
bin/lsevtchn
bin/pygrub
@@ -682,6 +682,7 @@ share/examples/xen/formats
share/examples/xen/oxenstored.conf
share/examples/xen/scripts/block
share/examples/xen/scripts/hotplugpath.sh
share/examples/xen/scripts/locking.sh
share/examples/xen/scripts/qemu-ifup
share/examples/xen/scripts/vif-bridge
share/examples/xen/scripts/vif-ip

16
sysutils/xentools42/distinfo
View File

@@ -1,10 +1,12 @@
$NetBSD: distinfo,v 1.19 2015/08/23 16:17:12 spz Exp $
$NetBSD: distinfo,v 1.27 2016/05/21 20:12:18 bad Exp $
SHA1 (ipxe-git-v1.0.0.tar.gz) = da052c8de5f3485fe0253c19cf52ed6d72528485
RMD160 (ipxe-git-v1.0.0.tar.gz) = dcd9b6eaafa1ce05c1ebf2a15f2f73ad7a8c5547
SHA512 (ipxe-git-v1.0.0.tar.gz) = 6921fb857ca615899a5912d5590ca36b6f46daf828b85edc75461c08a189d9fed71ee74a82e42724da7a1355e45070d28a0a61694b3a4872c3554390e4bb4147
Size (ipxe-git-v1.0.0.tar.gz) = 1996881 bytes
SHA1 (xen-4.2.5.tar.gz) = f42741e4ec174495ace70c4b17a6b9b0e60e798a
RMD160 (xen-4.2.5.tar.gz) = 7d4f7f1b32ee541d341a756b1f8da02816438d19
SHA512 (xen-4.2.5.tar.gz) = 42c0fc241952fc55fc44480fb6752b004b54ae40e946159ec047adf229b65cbfbd810271d01b064ad8fdbddb73c640dcdcb6bc19f91e8968829889c129920dac
Size (xen-4.2.5.tar.gz) = 15671925 bytes
SHA1 (patch-.._.._ipxe_src_Makefile.housekeeping) = 5ec8020a9705b2f64096c2942473a8de4db578bb
SHA1 (patch-.._.._ipxe_src_arch_i386_include_librm.h) = 4549ac641b112321b4731a918d85219c3fce6808
@@ -24,6 +26,7 @@ SHA1 (patch-.._docs_man_xl.pod.1) = 740ad6f53e113b755bc6b04abce4ec9ba08eb815
SHA1 (patch-.._docs_man_xlcpupool.cfg.pod.5) = a693a79a1f1c16548f62f7da1fa58fa28030990f
SHA1 (patch-.._docs_man_xm.pod.1) = 975b7570da4bf9fd9cb79539fbd36b8dfbcbd571
SHA1 (patch-.._docs_man_xmdomain.cfg.pod.5) = 5563a72e203e789a86f4166c71ddb3fcff5215c6
SHA1 (patch-.._docs_misc_xl-disk-configuration.txt) = 2e6d363228fa050679db1016ca925c279c657490
SHA1 (patch-CVE-2015-2152) = 676339abef9e79595f6c40de31ca740f8284c7a2
SHA1 (patch-CVE-2015-2752) = 81c197a9adba59b1a1fe86a35f1edc55c27d2c2c
SHA1 (patch-CVE-2015-3209) = abbfe580c03b5fd591d1fd893671f8d2b48f4123
@@ -32,6 +35,8 @@ SHA1 (patch-CVE-2015-3456) = e1600393860110c3093559f2f58273ba47478dd8
SHA1 (patch-CVE-2015-5154) = 29e0f8ad5696b6b1f4d5dbcc8d35579fb8d67375
SHA1 (patch-CVE-2015-5165) = c0b5324cb85ced435f869a0aa7232c5670a9995d
SHA1 (patch-CVE-2015-5166) = 947ac0945091027d5973963765a3ab8975d2226a
SHA1 (patch-CVE-2015-8550) = 63613ca0dd9fe06f5c88774151f72e1c540e62c5
SHA1 (patch-CVE-2015-8554) = 908783cf619fc130d5a107ba2c4997fca0f0da88
SHA1 (patch-Makefile) = 3a474d28a5b838bae4a67b5ca76e23b950bf0133
SHA1 (patch-Rules.mk) = 25a04293f6fe638ba5f3bd5e09b2b091cd201023
SHA1 (patch-blktap_drivers_Makefile) = c6be57154a403a64e3d6bc22d6bd833fe33fc9af
@@ -43,7 +48,8 @@ SHA1 (patch-firmware_etherboot_patches_boot__prompt__option.patch) = 95d6e140643
SHA1 (patch-firmware_etherboot_patches_series) = 2ced4e380f436a0287744e0a817ff24b91a43e7c
SHA1 (patch-firmware_hvmloader_Makefile) = d4d9f34335a178f50e7fda52747cf6551ceeccc6
SHA1 (patch-firmware_hvmloader_util.h) = 8ec0efdf56b9f2ea66cac7e90cba4abf727d4605
SHA1 (patch-hotplug_NetBSD_Makefile) = 7b14179d0d00dc1b6f9a85fff706d82ce9b0cd66
SHA1 (patch-hotplug_NetBSD_Makefile) = efc7c4d5b2f4aa5d3de2c7f77427db77fd95898a
SHA1 (patch-hotplug_NetBSD_block) = 35af7f18a8edf3b7743dfa3cc869ea223aafaefa
SHA1 (patch-hotplug_NetBSD_vif-bridge) = 7d01f15273c983c2cfe125e75800f9719961427c
SHA1 (patch-hotplug_NetBSD_vif-ip) = d3b0555f5ba0bfcbf0f7027eb5f74a84d0cf7c80
SHA1 (patch-hotplug_common_Makefile) = 3ee2fec5c4cb171c35c7e73379da4235b5ddca99
@@ -53,6 +59,8 @@ SHA1 (patch-libfsimage_ufs_ufs.h) = 598d2c9d8e563c9ed6eb32e0877a5ea8d865e2ca
SHA1 (patch-libxc_xc__netbsd.c) = 1ed0804174badf9e0c788a8ff0b1797459663d68
SHA1 (patch-libxl_libxl__create.c) = 1706f782bcd3bea19b8127e9aefe8bda4a4061de
SHA1 (patch-libxl_libxl__internal.h) = bc2865f5c14b1fb9df1f9ad77d3be4a1494068c6
SHA1 (patch-libxl_libxl__save__helper.c) = 1592f07e30db119905ae1efa9bd272fa75f60651
SHA1 (patch-libxl_xl.c) = f7ca33eac8ce6c2383d985c82bf8cb406588e2c9
SHA1 (patch-ocaml_common.make) = a809e3bed475cdffea3cb7ae480c8fe7af6aa798
SHA1 (patch-ocaml_xenstored_Makefile) = a0e91b946307a610490a492d4d56dfe426bddb63
SHA1 (patch-ocaml_xenstored_define.ml) = c0772dff8e59f495a0ebe17a905aed04a29f2469
@@ -75,8 +83,12 @@ SHA1 (patch-qemu-xen-traditional_hw_pt-msi.h) = 8c9f2c39ddab9b5efc7e9a1a10aad4d7
SHA1 (patch-qemu-xen-traditional_i386-dm_hookstarget.mak) = dbefbb3c32fd9d1af4b5d32ef269233d641a0bd4
SHA1 (patch-qemu-xen-traditional_xen-hooks.mak) = 07426cfb7a552032b56aad7fc679e74a7bdd67fe
SHA1 (patch-qemu-xen_audio_audio.c) = 996bbabfc195e4809d9343da31dc924e2fb3b22f
SHA1 (patch-qemu-xen_dyngen-exec.h) = fad93fe2f570c27edcba961b0dc4507e56258a1a
SHA1 (patch-qemu-xen_fpu_softfloat-specialize.h) = 25aada20285cc2f9f4e91811a42c2f55da63758f
SHA1 (patch-qemu-xen_ioport.c) = b88f7b3f8ea9ea64aefe6048ffd950c6a452c9cf
SHA1 (patch-qemu-xen_memory.c) = 8c5440055111a5c2b350346b8db06ec15912bc4c
SHA1 (patch-qemu-xen_pc-bios_optionrom_Makefile) = c3f35cb5f9ab46834351efe683562ddf8f28b9cf
SHA1 (patch-qemu-xen_qemu-doc.texi) = 843adbe6a37fe5d600b0cf61d6bd78bf527aa4a6
SHA1 (patch-qemu-xen_target-i386_op__helper.c) = a3fd45a03dc739234712bc9f2dba4fb414cced96
SHA1 (patch-qemu-xen_xen-all.c) = 4c8c8ae1cffc88db7cfa5a56dfef9e0ee35047db
SHA1 (patch-xentrace_Makefile) = 751b59769254509c5da199c5498d428f9788b7e5

72
sysutils/xentools42/files/locking.sh Normal file
View File

@@ -0,0 +1,72 @@
#!/bin/sh
#
# Copyright (c) 2016, Christoph Badura. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS
# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT,
# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
LOCK_BASEDIR="$XEN_LOCK_DIR/xen-hotplug"
_lockfd=9
_have_lock=0 # lock not taken yet.
SHLOCK="shlock ${_shlock_debug-}"
_lock_set_vars() {
_lockfile="$LOCK_BASEDIR/$1.lock"
_lockfifo="$LOCK_BASEDIR/$1.fifo"
}
_lock_init() {
mkdir -p "$LOCK_BASEDIR" 2>/dev/null || true
mkfifo $_lockfifo 2>/dev/null || true
}
#
# use a named pipe as condition variable
# opening for read-only blocks when there's no writer.
# opening for read-write never blocks but unblocks any waiting readers.
#
_lock_wait_cv() {
eval "exec $_lockfd< $_lockfifo ; exec $_lockfd<&-"
}
_lock_signal_cv() {
eval "exec $_lockfd<> $_lockfifo ; exec $_lockfd<&-"
}
claim_lock() {
_lock_set_vars $1
_lock_init
until $SHLOCK -f $_lockfile -p $$; do
_lock_wait_cv
done
_have_lock=1
# be sure to release the lock when the shell exits
trap "release_lock $1" 0 1 2 15
}
release_lock() {
_lock_set_vars $1
[ "$_have_lock" != 0 -a -f $_lockfile ] && rm $_lockfile
_have_lock=0
_lock_signal_cv;
}

13
sysutils/xentools42/patches/patch-.._docs_misc_xl-disk-configuration.txt Normal file
View File

@@ -0,0 +1,13 @@
$NetBSD: patch-.._docs_misc_xl-disk-configuration.txt,v 1.1 2016/04/04 15:03:14 bad Exp $
--- ../docs/misc/xl-disk-configuration.txt.orig 2015-11-03 10:11:18.000000000 +0100
+++ ../docs/misc/xl-disk-configuration.txt 2016-03-29 22:48:24.000000000 +0200
@@ -161,7 +161,7 @@
Specifies that <target> is not a normal host path, but rather
information to be interpreted by the executable program <script>,
-(looked for in /etc/xen/scripts, if it doesn't contain a slash).
+(looked for in @XENDCONFDIR@/scripts, if it doesn't contain a slash).
These scripts are normally called "block-<script>".

213
sysutils/xentools42/patches/patch-CVE-2015-8550 Normal file
View File

@@ -0,0 +1,213 @@
$NetBSD: patch-CVE-2015-8550,v 1.1 2016/01/07 17:53:58 bouyer Exp $
patch for CVE-2015-8550 aka XSA-155 from
http://xenbits.xenproject.org/xsa/xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch
http://xenbits.xenproject.org/xsa/xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch
http://xenbits.xenproject.org/xsa/xsa155-xen44-0003-libvchan-Read-prod-cons-only-once.patch
http://xenbits.xenproject.org/xsa/xsa155-qemut-qdisk-double-access.patch
http://xenbits.xenproject.org/xsa/xsa155-qemut-xenfb.patch
http://xenbits.xenproject.org/xsa/xsa155-qemu-qdisk-double-access.patch
http://xenbits.xenproject.org/xsa/xsa155-qemu-xenfb.patch
--- ../xen/include/public/io/ring.h.orig
+++ ../xen/include/public/io/ring.h
@@ -212,6 +212,20 @@ typedef struct __name##_back_ring __name##_back_ring_t
#define RING_GET_REQUEST(_r, _idx) \
(&((_r)->sring->ring[((_idx) & (RING_SIZE(_r) - 1))].req))
+/*
+ * Get a local copy of a request.
+ *
+ * Use this in preference to RING_GET_REQUEST() so all processing is
+ * done on a local copy that cannot be modified by the other end.
+ *
+ * Note that https://gcc.gnu.org/bugzilla/show_bug.cgi?id=58145 may cause this
+ * to be ineffective where _req is a struct which consists of only bitfields.
+ */
+#define RING_COPY_REQUEST(_r, _idx, _req) do { \
+ /* Use volatile to force the copy into _req. */ \
+ *(_req) = *(volatile typeof(_req))RING_GET_REQUEST(_r, _idx); \
+} while (0)
+
#define RING_GET_RESPONSE(_r, _idx) \
(&((_r)->sring->ring[((_idx) & (RING_SIZE(_r) - 1))].rsp))
--- blktap2/drivers/block-log.c.orig
+++ blktap2/drivers/block-log.c
@@ -494,11 +494,12 @@ static int ctl_kick(struct tdlog_state* s, int fd)
reqstart = s->bring.req_cons;
reqend = s->sring->req_prod;
+ xen_mb();
BDPRINTF("ctl: ring kicked (start = %u, end = %u)", reqstart, reqend);
while (reqstart != reqend) {
/* XXX actually submit these! */
- memcpy(&req, RING_GET_REQUEST(&s->bring, reqstart), sizeof(req));
+ RING_COPY_REQUEST(&s->bring, reqstart, &req);
BDPRINTF("ctl: read request %"PRIu64":%u", req.sector, req.count);
s->bring.req_cons = ++reqstart;
--- blktap2/drivers/tapdisk-vbd.c.orig
+++ blktap2/drivers/tapdisk-vbd.c
@@ -1555,7 +1555,7 @@ tapdisk_vbd_pull_ring_requests(td_vbd_t *vbd)
int idx;
RING_IDX rp, rc;
td_ring_t *ring;
- blkif_request_t *req;
+ blkif_request_t req;
td_vbd_request_t *vreq;
ring = &vbd->ring;
@@ -1566,16 +1566,16 @@ tapdisk_vbd_pull_ring_requests(td_vbd_t *vbd)
xen_rmb();
for (rc = ring->fe_ring.req_cons; rc != rp; rc++) {
- req = RING_GET_REQUEST(&ring->fe_ring, rc);
+ RING_COPY_REQUEST(&ring->fe_ring, rc, &req);
++ring->fe_ring.req_cons;
- idx = req->id;
+ idx = req.id;
vreq = &vbd->request_list[idx];
ASSERT(list_empty(&vreq->next));
ASSERT(vreq->secs_pending == 0);
- memcpy(&vreq->req, req, sizeof(blkif_request_t));
+ memcpy(&vreq->req, &req, sizeof(blkif_request_t));
vbd->received++;
vreq->vbd = vbd;
--- libvchan/io.c.orig
+++ libvchan/io.c
@@ -118,6 +118,7 @@ static inline int send_notify(struct libxenvchan *ctrl, uint8_t bit)
static inline int raw_get_data_ready(struct libxenvchan *ctrl)
{
uint32_t ready = rd_prod(ctrl) - rd_cons(ctrl);
+ xen_mb(); /* Ensure 'ready' is read only once. */
if (ready >= rd_ring_size(ctrl))
/* We have no way to return errors. Locking up the ring is
* better than the alternatives. */
@@ -159,6 +160,7 @@ int libxenvchan_data_ready(struct libxenvchan *ctrl)
static inline int raw_get_buffer_space(struct libxenvchan *ctrl)
{
uint32_t ready = wr_ring_size(ctrl) - (wr_prod(ctrl) - wr_cons(ctrl));
+ xen_mb(); /* Ensure 'ready' is read only once. */
if (ready > wr_ring_size(ctrl))
/* We have no way to return errors. Locking up the ring is
* better than the alternatives. */
--- qemu-xen-traditional/hw/xen_blkif.h.orig 2013-10-10 16:15:47.000000000 +0200
+++ qemu-xen-traditional/hw/xen_blkif.h 2016-01-07 17:35:36.000000000 +0100
@@ -79,8 +79,10 @@
dst->handle = src->handle;
dst->id = src->id;
dst->sector_number = src->sector_number;
- if (n > src->nr_segments)
- n = src->nr_segments;
+ /* prevent the compiler from optimizing the code and using src->nr_segments instead */
+ xen_mb();
+ if (n > dst->nr_segments)
+ n = dst->nr_segments;
for (i = 0; i < n; i++)
dst->seg[i] = src->seg[i];
}
@@ -94,8 +96,10 @@
dst->handle = src->handle;
dst->id = src->id;
dst->sector_number = src->sector_number;
- if (n > src->nr_segments)
- n = src->nr_segments;
+ /* prevent the compiler from optimizing the code and using src->nr_segments instead */
+ xen_mb();
+ if (n > dst->nr_segments)
+ n = dst->nr_segments;
for (i = 0; i < n; i++)
dst->seg[i] = src->seg[i];
}
--- qemu-xen-traditional/hw/xenfb.c
+++ qemu-xen-traditional/hw/xenfb.c
@@ -827,18 +827,20 @@ static void xenfb_invalidate(void *opaque)
static void xenfb_handle_events(struct XenFB *xenfb)
{
- uint32_t prod, cons;
+ uint32_t prod, cons, out_cons;
struct xenfb_page *page = xenfb->c.page;
prod = page->out_prod;
- if (prod == page->out_cons)
+ out_cons = page->out_cons;
+ if (prod == out_cons)
return;
xen_rmb(); /* ensure we see ring contents up to prod */
- for (cons = page->out_cons; cons != prod; cons++) {
+ for (cons = out_cons; cons != prod; cons++) {
union xenfb_out_event *event = &XENFB_OUT_RING_REF(page, cons);
+ uint8_t type = event->type;
int x, y, w, h;
- switch (event->type) {
+ switch (type) {
case XENFB_TYPE_UPDATE:
if (xenfb->up_count == UP_QUEUE)
xenfb->up_fullscreen = 1;
--- qemu-xen/hw/xen_blkif.h.orig 2013-10-10 16:15:47.000000000 +0200
+++ qemu-xen/hw/xen_blkif.h 2016-01-07 17:35:36.000000000 +0100
@@ -79,8 +79,10 @@
dst->handle = src->handle;
dst->id = src->id;
dst->sector_number = src->sector_number;
- if (n > src->nr_segments)
- n = src->nr_segments;
+ /* prevent the compiler from optimizing the code and using src->nr_segments instead */
+ xen_mb();
+ if (n > dst->nr_segments)
+ n = dst->nr_segments;
for (i = 0; i < n; i++)
dst->seg[i] = src->seg[i];
}
@@ -94,8 +96,10 @@
dst->handle = src->handle;
dst->id = src->id;
dst->sector_number = src->sector_number;
- if (n > src->nr_segments)
- n = src->nr_segments;
+ /* prevent the compiler from optimizing the code and using src->nr_segments instead */
+ xen_mb();
+ if (n > dst->nr_segments)
+ n = dst->nr_segments;
for (i = 0; i < n; i++)
dst->seg[i] = src->seg[i];
}
--- qemu-xen/hw/xenfb.c.orig
+++ qemu-xen/hw/xenfb.c
@@ -784,18 +784,20 @@ static void xenfb_invalidate(void *opaque)
static void xenfb_handle_events(struct XenFB *xenfb)
{
- uint32_t prod, cons;
+ uint32_t prod, cons, out_cons;
struct xenfb_page *page = xenfb->c.page;
prod = page->out_prod;
- if (prod == page->out_cons)
+ out_cons = page->out_cons;
+ if (prod == out_cons)
return;
xen_rmb(); /* ensure we see ring contents up to prod */
- for (cons = page->out_cons; cons != prod; cons++) {
+ for (cons = out_cons; cons != prod; cons++) {
union xenfb_out_event *event = &XENFB_OUT_RING_REF(page, cons);
+ uint8_t type = event->type;
int x, y, w, h;
- switch (event->type) {
+ switch (type) {
case XENFB_TYPE_UPDATE:
if (xenfb->up_count == UP_QUEUE)
xenfb->up_fullscreen = 1;

21
sysutils/xentools42/patches/patch-CVE-2015-8554 Normal file
View File

@@ -0,0 +1,21 @@
$NetBSD: patch-CVE-2015-8554,v 1.1 2016/01/07 17:53:58 bouyer Exp $
patch for CVE-2015-8554 aka XSA-164 from
http://xenbits.xenproject.org/xsa/xsa164.patch
--- qemu-xen-traditional/hw/pt-msi.c.orig
+++ qemu-xen-traditional/hw/pt-msi.c
@@ -440,6 +440,13 @@ static void pci_msix_writel(void *opaque
return;
}
+ if ( addr - msix->mmio_base_addr >= msix->total_entries * 16 )
+ {
+ PT_LOG("Error: Out of bounds write to MSI-X table,"
+ " addr %016"PRIx64"\n", addr);
+ return;
+ }
+
entry_nr = (addr - msix->mmio_base_addr) / 16;
entry = &msix->msix_entry[entry_nr];
offset = ((addr - msix->mmio_base_addr) % 16) / 4;

14
sysutils/xentools42/patches/patch-hotplug_NetBSD_Makefile
View File

@@ -1,8 +1,14 @@
$NetBSD: patch-hotplug_NetBSD_Makefile,v 1.2 2015/08/23 16:17:12 spz Exp $
$NetBSD: patch-hotplug_NetBSD_Makefile,v 1.3 2016/04/04 15:13:15 bad Exp $
--- hotplug/NetBSD/Makefile.orig 2014-09-02 06:22:57.000000000 +0000
+++ hotplug/NetBSD/Makefile
@@ -8,7 +8,7 @@ XEN_SCRIPTS += vif-bridge
@@ -3,12 +3,13 @@ include $(XEN_ROOT)/tools/Rules.mk
# Xen script dir and scripts to go there.
XEN_SCRIPTS =
+XEN_SCRIPTS += locking.sh
XEN_SCRIPTS += block
XEN_SCRIPTS += vif-bridge
XEN_SCRIPTS += vif-ip
XEN_SCRIPT_DATA =
@@ -11,7 +17,7 @@ $NetBSD: patch-hotplug_NetBSD_Makefile,v 1.2 2015/08/23 16:17:12 spz Exp $
.PHONY: all
all:
@@ -21,10 +21,11 @@ install: all install-scripts install-rcd
@@ -21,10 +22,11 @@ install: all install-scripts install-rcd
.PHONY: install-scripts
install-scripts:
@@ -25,7 +31,7 @@ $NetBSD: patch-hotplug_NetBSD_Makefile,v 1.2 2015/08/23 16:17:12 spz Exp $
done
set -e; for i in $(XEN_SCRIPT_DATA); \
do \
@@ -33,12 +34,6 @@ install-scripts:
@@ -33,12 +35,6 @@ install-scripts:
.PHONY: install-rcd
install-rcd:

43
sysutils/xentools42/patches/patch-hotplug_NetBSD_block Normal file
View File

@@ -0,0 +1,43 @@
$NetBSD: patch-hotplug_NetBSD_block,v 1.3 2016/05/21 20:12:18 bad Exp $
Use a lock around the allocation of an unused vnd because xl(1) starts
the hotplug scripts in parallel.
Use "stat -L" to get device major/minor numbers through symlinks e.g. for
lvm volumes.
--- hotplug/NetBSD/block.orig 2014-09-02 08:22:57.000000000 +0200
+++ hotplug/NetBSD/block 2016-05-21 17:03:35.000000000 +0200
@@ -6,6 +6,7 @@
DIR=$(dirname "$0")
. "${DIR}/hotplugpath.sh"
+. "${DIR}/locking.sh"
PATH=${BINDIR}:${SBINDIR}:${LIBEXEC}:${PRIVATE_BINDIR}:/bin:/usr/bin:/sbin:/usr/sbin
export PATH
@@ -62,6 +63,7 @@
available_disks="$available_disks $disk"
eval $disk=free
done
+ claim_lock block
# Mark the used vnd(4) devices as ``used''.
for disk in `sysctl hw.disknames`; do
case $disk in
@@ -77,6 +79,7 @@
break
fi
done
+ release_lock block
if [ x$device = x ] ; then
error "no available vnd device"
fi
@@ -86,7 +89,7 @@
device=$xparams
;;
esac
- physical_device=$(stat -f '%r' "$device")
+ physical_device=$(stat -L -f '%r' "$device")
xenstore-write $xpath/physical-device $physical_device
xenstore-write $xpath/hotplug-status connected
exit 0

14
sysutils/xentools42/patches/patch-libxl_libxl__save__helper.c Normal file
View File

@@ -0,0 +1,14 @@
$NetBSD: patch-libxl_libxl__save__helper.c,v 1.1 2015/10/19 16:40:41 joerg Exp $
Avoid format string warnings.
--- libxl/libxl_save_helper.c.orig 2015-10-09 22:56:13.000000000 +0000
+++ libxl/libxl_save_helper.c
@@ -92,6 +92,7 @@ typedef struct {
xentoollog_logger vtable;
} xentoollog_logger_tellparent;
+__attribute__((__format__(__printf__, 5, 0)))
static void tellparent_vmessage(xentoollog_logger *logger_in,
xentoollog_level level,
int errnoval,

15
sysutils/xentools42/patches/patch-libxl_xl.c Normal file
View File

@@ -0,0 +1,15 @@
$NetBSD: patch-libxl_xl.c,v 1.1 2015/10/19 16:40:41 joerg Exp $
Fix obviously incorrect logic.
--- libxl/xl.c.orig 2015-10-09 22:54:31.000000000 +0000
+++ libxl/xl.c
@@ -80,7 +80,7 @@ static void parse_global_config(const ch
lockfile = strdup(XL_LOCK_FILE);
}
- if (!lockfile < 0) {
+ if (lockfile == 0) {
fprintf(stderr, "failed to allocate lockdir \n");
exit(1);
}

20
sysutils/xentools42/patches/patch-qemu-xen_dyngen-exec.h Normal file
View File

@@ -0,0 +1,20 @@
$NetBSD: patch-qemu-xen_dyngen-exec.h,v 1.1 2015/10/19 16:40:41 joerg Exp $
--- qemu-xen/dyngen-exec.h.orig 2015-10-09 22:41:38.000000000 +0000
+++ qemu-xen/dyngen-exec.h
@@ -19,6 +19,7 @@
#if !defined(__DYNGEN_EXEC_H__)
#define __DYNGEN_EXEC_H__
+#if !defined(__clang__)
#if defined(CONFIG_TCG_INTERPRETER)
/* The TCG interpreter does not need a special register AREG0,
* but it is possible to use one by defining AREG0.
@@ -59,6 +60,7 @@
#else
#error unsupported CPU
#endif
+#endif
#if defined(AREG0)
register CPUState *env asm(AREG0);

13
sysutils/xentools42/patches/patch-qemu-xen_pc-bios_optionrom_Makefile Normal file
View File

@@ -0,0 +1,13 @@
$NetBSD: patch-qemu-xen_pc-bios_optionrom_Makefile,v 1.1 2015/10/19 16:40:41 joerg Exp $
--- qemu-xen/pc-bios/optionrom/Makefile.orig 2015-10-09 22:32:24.000000000 +0000
+++ qemu-xen/pc-bios/optionrom/Makefile
@@ -11,7 +11,7 @@ $(call set-vpath, $(SRC_PATH)/pc-bios/op
CFLAGS := -Wall -Wstrict-prototypes -Werror -fomit-frame-pointer -fno-builtin
CFLAGS += -I$(SRC_PATH)
-CFLAGS += $(call cc-option, $(CFLAGS), -fno-stack-protector)
+CFLAGS += $(call cc-option, $(CFLAGS), -fno-stack-protector) ${EXTRA_CFLAGS}
QEMU_CFLAGS = $(CFLAGS)
build-all: multiboot.bin linuxboot.bin

15
sysutils/xentools42/patches/patch-qemu-xen_target-i386_op__helper.c Normal file
View File

@@ -0,0 +1,15 @@
$NetBSD: patch-qemu-xen_target-i386_op__helper.c,v 1.1 2015/10/19 16:40:41 joerg Exp $
--- qemu-xen/target-i386/op_helper.c.orig 2015-10-09 23:00:48.000000000 +0000
+++ qemu-xen/target-i386/op_helper.c
@@ -68,6 +68,10 @@ static inline target_long lshift(target_
#define MANTD(fp) (fp.l.lower)
#define BIASEXPONENT(fp) fp.l.upper = (fp.l.upper & ~(0x7fff)) | EXPBIAS
+#if !defined(AREG0)
+CPUState *env;
+#endif
+
static inline void fpush(void)
{
env->fpstt = (env->fpstt - 1) & 7;

15
sysutils/xentools42/patches/patch-qemu-xen_xen-all.c Normal file
View File

@@ -0,0 +1,15 @@
$NetBSD: patch-qemu-xen_xen-all.c,v 1.1 2015/10/19 16:40:41 joerg Exp $
ffsl doesn't exist on NetBSD, so just force the compiler builtin.
--- qemu-xen/xen-all.c.orig 2015-10-09 22:51:02.000000000 +0000
+++ qemu-xen/xen-all.c
@@ -490,7 +490,7 @@ static int xen_sync_dirty_bitmap(XenIOSt
for (i = 0; i < ARRAY_SIZE(bitmap); i++) {
unsigned long map = bitmap[i];
while (map != 0) {
- j = ffsl(map) - 1;
+ j = __builtin_ffsl(map) - 1;
map &= ~(1ul << j);
target_phys_addr_t todirty = vram_offset + (i * width + j) * TARGET_PAGE_SIZE;
xen_modified_memory(todirty, TARGET_PAGE_SIZE);