aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDaniel Néri <dne+alpine@mayonnaise.net>2020-09-11 08:36:03 +0200
committerDaniel Néri <dne+alpine@mayonnaise.net>2020-09-17 08:42:42 +0200
commit55081730691c949106c90da68b15dd1576d7c9f0 (patch)
tree4e33872af016522fb0204e21bd253c36471559e7
parent4a58ff14108f7eab12c1bc315e554402eb6e6376 (diff)
downloadaports-55081730691c949106c90da68b15dd1576d7c9f0.tar.gz
aports-55081730691c949106c90da68b15dd1576d7c9f0.tar.bz2
aports-55081730691c949106c90da68b15dd1576d7c9f0.tar.xz
main/xen: upgrade to 4.14.0
The locking patch was removed, as the runtime dependency on Perl was removed by the upstream – the code now uses stat instead, which should work with either busybox or coreutils.
-rw-r--r--main/xen/APKBUILD60
-rw-r--r--main/xen/drop-test.py.patch1230
-rw-r--r--main/xen/gcc10-arm64-force-inline-atomics.patch43
-rw-r--r--main/xen/gcc10-fix-multiple-defs.patch64
-rw-r--r--main/xen/py3-compat.patch472
-rw-r--r--main/xen/qemu-xen-time64.patch8
-rw-r--r--main/xen/xen-fd-is-file.c62
-rw-r--r--main/xen/xen-hotplug-lockfd.patch24
-rw-r--r--main/xen/xsa317.patch50
-rw-r--r--main/xen/xsa319.patch27
-rw-r--r--main/xen/xsa320-4.13-1.patch117
-rw-r--r--main/xen/xsa320-4.13-2.patch179
-rw-r--r--main/xen/xsa321-4.13-1.patch31
-rw-r--r--main/xen/xsa321-4.13-2.patch175
-rw-r--r--main/xen/xsa321-4.13-3.patch82
-rw-r--r--main/xen/xsa321-4.13-4.patch36
-rw-r--r--main/xen/xsa321-4.13-5.patch24
-rw-r--r--main/xen/xsa321-4.13-6.patch91
-rw-r--r--main/xen/xsa321-4.13-7.patch153
-rw-r--r--main/xen/xsa327.patch63
-rw-r--r--main/xen/xsa328-4.13-1.patch118
-rw-r--r--main/xen/xsa328-4.13-2.patch48
22 files changed, 46 insertions, 3111 deletions
diff --git a/main/xen/APKBUILD b/main/xen/APKBUILD
index b2692bc46b..ec609c5302 100644
--- a/main/xen/APKBUILD
+++ b/main/xen/APKBUILD
@@ -1,8 +1,8 @@
# Contributor: Roger Pau Monne <roger.pau@entel.upc.edu>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=xen
-pkgver=4.13.1
-pkgrel=5
+pkgver=4.14.0
+pkgrel=0
pkgdesc="Xen hypervisor"
url="https://www.xenproject.org/"
arch="x86_64 armhf aarch64" # enable armv7 when builds with gcc8
@@ -204,7 +204,6 @@ _LIBPCI_VERSION="2.2.9"
_NEWLIB_VERSION="1.16.0"
_LWIP_VERSION="1.3.0"
_GRUB_VERSION="0.97"
-_OCAML_VERSION="4.02.0"
_GMP_VERSION="4.3.2"
_POLARSSL_VERSION="1.1.4"
_TPMEMU_VERSION="0.7.4"
@@ -232,34 +231,13 @@ source="https://downloads.xenproject.org/release/xen/$pkgver/xen-$pkgver.tar.gz
stdint_local.h
elf_local.h
- xen-hotplug-lockfd.patch
- xen-fd-is-file.c
-
xenqemu-xattr-size-max.patch
hotplug-Linux-iscsi-block-handle-lun-1.patch
- drop-test.py.patch
- py3-compat.patch
-
- xsa320-4.13-1.patch
- xsa320-4.13-2.patch
- xsa317.patch
- xsa319.patch
- xsa328-4.13-1.patch
- xsa328-4.13-2.patch
- xsa321-4.13-1.patch
- xsa321-4.13-2.patch
- xsa321-4.13-3.patch
- xsa321-4.13-4.patch
- xsa321-4.13-5.patch
- xsa321-4.13-6.patch
- xsa321-4.13-7.patch
- xsa327.patch
xsa335-qemu.patch
qemu-xen-time64.patch
- gcc10-fix-multiple-defs.patch
gcc10-etherboot-enum.patch
gcc10-arm64-force-inline-atomics.patch
@@ -286,7 +264,7 @@ aarch64) export XEN_TARGET_ARCH="arm64";;
esac
prepare() {
- local i _failed= _series=
+ local i _failed=''
for i in $source; do
case $i in
@@ -324,7 +302,7 @@ prepare() {
# remove all -Werror
msg "Eradicating -Werror..."
- find . -name '*.mk' -o -name 'Make*' | xargs sed -i -e 's/-Werror//g'
+ find . \( -name '*.mk' -o -name 'Make*' \) -exec sed -i -e 's/-Werror//g' {} +
msg "Updating config.sub..."
update_config_sub
@@ -400,12 +378,9 @@ build() {
case "$CARCH" in
x86*) build_stubdom;;
esac
-
- ${CC:-gcc} -o xen-fd-is-file "$srcdir"/xen-fd-is-file.c
}
package() {
-
unset CFLAGS
unset LDFLAGS
@@ -430,8 +405,6 @@ package() {
install -Dm644 "$srcdir"/xen-consoles.logrotate \
"$pkgdir"/etc/xen/xen-consoles.logrotate
- install -m755 xen-fd-is-file "$pkgdir"/usr/lib/xen/bin/xen-fd-is-file
-
# we need to exclude /usr/share when stripping
msg "Stripping binaries"
scanelf --recursive --nobanner --etype "ET_DYN,ET_EXEC" "$pkgdir"/usr/lib \
@@ -486,7 +459,7 @@ EOF
}
-sha512sums="b56d20704155d98d803496cba83eb928e0f986a750831cd5600fc88d0ae772fe1456571654375054043d2da8daca255cc98385ebf08b1b1a75ecf7f4b7a0ee90 xen-4.13.1.tar.gz
+sha512sums="ebce47a2f754955d8517123d69f62006634d97620fbbe3784869a0667466e586a249f57ffaf7846d5bcb45d69377cde43354c82c233fbb5407e55653b9a33ac0 xen-4.14.0.tar.gz
2e0b0fd23e6f10742a5517981e5171c6e88b0a93c83da701b296f5c0861d72c19782daab589a7eac3f9032152a0fc7eff7f5362db8fccc4859564a9aa82329cf gmp-4.3.2.tar.bz2
c2bc9ffc8583aeae71cee9ddcc4418969768d4e3764d47307da54f93981c0109fb07d84b061b3a3628bd00ba4d14a54742bc04848110eb3ae8ca25dbfbaabadb grub-0.97.tar.gz
1465b58279af1647f909450e394fe002ca165f0ff4a0254bfa9fe0e64316f50facdde2729d79a4e632565b4500cf4d6c74192ac0dd3bc9fe09129bbd67ba089d lwip-1.3.0.tar.gz
@@ -502,31 +475,12 @@ f095ea373f36381491ad36f0662fb4f53665031973721256b23166e596318581da7cbb0146d0beb2
77b08e9655e091b0352e4630d520b54c6ca6d659d1d38fbb4b3bfc9ff3e66db433a2e194ead32bb10ff962c382d800a670e82b7a62835b238e294b22808290ea musl-hvmloader-fix-stdint.patch
8c3b57eab8641bcee3dbdc1937ea7874f77b9722a5a0aa3ddb8dff8cc0ced7e19703ef5d998621b3809bea7c16f3346cfa47610ec9ab014ad0de12651c94e5ff stdint_local.h
853467a2d055c5bfbdc7bdca175a334241be44a7c5ac3c0a84a4bc5463b5c070b66d37e2a557429ef860727a6b7350683af758cc2494d85b6be4d883143a2c0d elf_local.h
-79cb1b6b81b17cb87a064dfe3548949dfb80f64f203cac11ef327102b7a25794549ce2d9c019ebf05f752214da8e05065e9219d069e679c0ae5bee3d090c685e xen-hotplug-lockfd.patch
-e76816c6ad0e91dc5f81947f266da3429b20e6d976c3e8c41202c6179532eec878a3f0913921ef3ac853c5dbad8082da3c9cd53b65081910516feb492577b7fc xen-fd-is-file.c
2094ea964fa610b2bf72fd2c7ede7e954899a75c0f5b08030cf1d74460fb759ade84866176e32f8fe29c921dfdc6dafd2b31e23ab9b0a3874d3dceeabdd1913b xenqemu-xattr-size-max.patch
8c9cfc6afca325df1d8026e21ed03fa8cd2c7e1a21a56cc1968301c5ab634bfe849951899e75d328951d7a41273d1e49a2448edbadec0029ed410c43c0549812 hotplug-Linux-iscsi-block-handle-lun-1.patch
-61f66bab603778fb41bfe8e85320c15f2bf3e5d8583e077b56a93784dbdb9b2c7c5e55ce18f06b87501429086f8410d102d3ed5f2a77d54bcfa328bc07681f4d drop-test.py.patch
-8cb12dbfc05a53898a97d47d71ab6b8a6f81c5e5579fd765b37303faea95c645cb8dedc05e3d064bdf070e93814e00bf8939767acc1127513375bab0fe2f4436 py3-compat.patch
-be3b2ece73ba625024fd9c85eda0fb04b60dab3533a78a1d768783e242b0d81e4af5b91cfb85245be89d37f26807f3e846054c1e4518d208e4f7768b05a80ba0 xsa320-4.13-1.patch
-91ae9b5fb7ba950aa508b2e3fdd1c1618fea3a3d51affc232e4880d6c12d9056bc595a34843d70c7fba8b2ec5f856a97b1dec60bcc4abdf9240df1643fe2184a xsa320-4.13-2.patch
-325f66b008a76ff569fdca430e2926633996511f1bd7dcd375259377e4c88758b13c95ee66b8edaa5ffebc3d927442409dc36bd8e35b2c928e43d82a539583cf xsa317.patch
-d57d8cfd749df1816060345bedd9fa7ef2381ea9d85562ddf0c39ffe832ca56834c3e8c1fb67a64fd5631fd219c4d66a3ef655dca0989bf39911c87e0145717f xsa319.patch
-14699f43d8ef857c3ddf17d95a80cfe4234a50349e0220a110c2046a63873037686ddbd3cd06ad708a4a76148fe0b812179e46431f04abb8ac7ae01c37b8cf2b xsa328-4.13-1.patch
-a9551daa73a7deb332fcfd647d0df6ebab84699a91eaca43697e182612304910610f80c1edc3c5e3b86e4a580137a4ae178fadba62fe148795a6ab240df174cf xsa328-4.13-2.patch
-05e23669ce04a6d03a159310756a0d2b71b3abb8b24cffd3a58c84bca1ca8597f293c31945d08a2b95a75dcbd013c9bdd89ba2682433c7d42f4765615d097b45 xsa321-4.13-1.patch
-8bae6927a462160c46976f5425cc4c51b6788d86b52ad8cccee576c0f3783ec6af4059365191030909372d8aa229001127c4aeba95d480422a781550657df2da xsa321-4.13-2.patch
-0c8e3371e0cc17b1e785cc98d888e6871ad8551c4486afc8450bc56444347a3168700fc77a508d0a2b9545e21aac107bb1ff3cf17be358f45e0bb895806ad14f xsa321-4.13-3.patch
-7ebbb7e1a647aa209aa7303964050d29aa4e2c39a4dcd1f5b64d51d20812323b95e48906161f410a46a11a5b94d06c5a6d25551a8d837bf2d099604646870a72 xsa321-4.13-4.patch
-90a2ca8bbbac8f82f934ab3bf4bbdc61d23ff87e3d8154d71b794e84df65b81b26b13bd95cc9a66912c98566f33993ab4f222d99756feccdf3309b3e255e2856 xsa321-4.13-5.patch
-d7edad538e74d27d877e6393b6a98cd7df44d405d9b99534c16a3e7eee60193b53a1fa983cd90700ea8ffaf74e444327bf92ffb432591ceb963e028ae57c1e8f xsa321-4.13-6.patch
-061a6ad3c01de21bb980fd11df38c4f9d4e48288f1a2f28bcbd82c2b01ce85e65c2b3103a84f2f95c87af50ee6344a1c0850f533528f6a32aa0961780f2b0a5a xsa321-4.13-7.patch
-83823056dbd0142585d8b0fb9b3179ac8cc099a21ee489008a4cfb1f310daae72dff1fb6c7cd3a1c8ca5cec43a6b964587d8121a2423226baad0bcd302e73263 xsa327.patch
a18f552845ca105ce846ff8281b6c5b10f45301571f3163a33a6c212b87b742bb039f15c2d346bd34a9fdedd8a007fd9e51f319900cb8ee05febf178ed6ef8b0 xsa335-qemu.patch
-61d27f5ec967e59b416cf2b29e7e3dc9774897a7d75d2744b9327a1a6d66522d11de7a61434fd1ffa87518dee327db4a680bfeabce38ab71663429709a1e9dc7 qemu-xen-time64.patch
-db5dea0aa26d977dcdaf3da87feb394c046e210b430145c84704c5e6a4ab4563a5a77647950dd8e7144fd755af7ac6bf07ad998374ca63773cb534cde695daf9 gcc10-fix-multiple-defs.patch
+231b5d0abf6420722534bf48b4f263bdf70dd258f5f34b344f230b4e166edb3ebaf769592f40653ea5836b4431ef951ebcf1995f09e2beb4a591edd3b024a652 qemu-xen-time64.patch
e72ae17cb80c78412996845b996e442cdc21ee4b840c8b7ebacca101619b3d47104bf6b6330520aecf0d7ccf2699826b4f2a649c729b21d5ac81b37f7fc505fc gcc10-etherboot-enum.patch
-0d73af97c09f83eb23c01264d8c7ec85aacaf780bfe3f46289b5009baba5b3dc10cc9b1032a693885bd6a03b6f4075018f033814944d7397c19bb7ea1cb0e9b6 gcc10-arm64-force-inline-atomics.patch
+ea55e0a35e4282ccf6c38b0529edd5995fdfd82506cc19bf97ad677d218a5a44eae354d4fabbd524986700262e39684eb8239837e21b21d0da0051b669728a71 gcc10-arm64-force-inline-atomics.patch
52c43beb2596d645934d0f909f2d21f7587b6898ed5e5e7046799a8ed6d58f7a09c5809e1634fa26152f3fd4f3e7cfa07da7076f01b4a20cc8f5df8b9cb77e50 xenstored.initd
093f7fbd43faf0a16a226486a0776bade5dc1681d281c5946a3191c32d74f9699c6bf5d0ab8de9d1195a2461165d1660788e92a3156c9b3c7054d7b2d52d7ff0 xenstored.confd
3c86ed48fbee0af4051c65c4a3893f131fa66e47bf083caf20c9b6aa4b63fdead8832f84a58d0e27964bc49ec8397251b34e5be5c212c139f556916dc8da9523 xenconsoled.initd
diff --git a/main/xen/drop-test.py.patch b/main/xen/drop-test.py.patch
deleted file mode 100644
index 5ff5cfe52e..0000000000
--- a/main/xen/drop-test.py.patch
+++ /dev/null
@@ -1,1230 +0,0 @@
-From 0cd791c499bdc698d14a24050ec56d60b45732e0 Mon Sep 17 00:00:00 2001
-From: Andrew Cooper <andrew.cooper3@citrix.com>
-Date: Wed, 18 Dec 2019 12:43:48 +0000
-Subject: [PATCH] tools/python: Drop test.py
-
-This file hasn't been touched since it was introduced in 2005 (c/s 0c6f36628)
-and has a wildly obsolete shebang for Python 2.3. Most importantly for us is
-that it isn't Python 3 compatible.
-
-Drop the file entirely. Since the 2.3 days, automatic discovery of tests has
-been included in standard functionality. Rewrite the test rule to use
-"$(PYTHON) -m unittest discover" which is equivelent.
-
-Dropping test.py drops the only piece of ZPL-2.0 code in the tree. Drop the
-ancillary files, and adjust COPYING to match.
-
-Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
-Acked-by: Wei Liu <wl@xen.org>
-Reviewed-by: Lars Kurth <lars.kurth@citrix.com>
----
- COPYING | 1 -
- tools/python/Makefile | 2 +-
- tools/python/README | 3 -
- tools/python/ZPL-2.0 | 59 ---
- tools/python/test.py | 1094 -----------------------------------------
- 5 files changed, 1 insertion(+), 1158 deletions(-)
- delete mode 100644 tools/python/README
- delete mode 100644 tools/python/ZPL-2.0
- delete mode 100644 tools/python/test.py
-
-diff --git a/COPYING b/COPYING
-index 80fac091d318..a4bc2b2dd43e 100644
---- a/COPYING
-+++ b/COPYING
-@@ -57,7 +57,6 @@ Xen tree, retaining the original license, such as
- - Laurikari License
- - Public Domain
- - ZLIB License
-- - ZPL 2.0
-
- Significant code imports are highlighted in a README.source file
- in the directory into which the file or code snippet was imported.
-diff --git a/tools/python/Makefile b/tools/python/Makefile
-index 541858e2f886..e99f78a5373a 100644
---- a/tools/python/Makefile
-+++ b/tools/python/Makefile
-@@ -33,7 +33,7 @@ uninstall:
-
- .PHONY: test
- test:
-- export LD_LIBRARY_PATH=$$(readlink -f ../libxc):$$(readlink -f ../xenstore); $(PYTHON) test.py -b -u
-+ LD_LIBRARY_PATH=$$(readlink -f ../libxc):$$(readlink -f ../xenstore) $(PYTHON) -m unittest discover
-
- .PHONY: clean
- clean:
-diff --git a/tools/python/README b/tools/python/README
-deleted file mode 100644
-index 8fffef3a0023..000000000000
---- a/tools/python/README
-+++ /dev/null
-@@ -1,3 +0,0 @@
--The file test.py here is from the Zope project, and is Copyright (c) 2001,
--2002 Zope Corporation and Contributors. This file is released under the Zope
--Public License, version 2.0, a copy of which is in the file ZPL-2.0.
-diff --git a/tools/python/ZPL-2.0 b/tools/python/ZPL-2.0
-deleted file mode 100644
-index 5582f08b8999..000000000000
---- a/tools/python/ZPL-2.0
-+++ /dev/null
-@@ -1,59 +0,0 @@
--Zope Public License (ZPL) Version 2.0
-------------------------------------------------
--
--This software is Copyright (c) Zope Corporation (tm) and
--Contributors. All rights reserved.
--
--This license has been certified as open source. It has also
--been designated as GPL compatible by the Free Software
--Foundation (FSF).
--
--Redistribution and use in source and binary forms, with or
--without modification, are permitted provided that the
--following conditions are met:
--
--1. Redistributions in source code must retain the above
-- copyright notice, this list of conditions, and the following
-- disclaimer.
--
--2. Redistributions in binary form must reproduce the above
-- copyright notice, this list of conditions, and the following
-- disclaimer in the documentation and/or other materials
-- provided with the distribution.
--
--3. The name Zope Corporation (tm) must not be used to
-- endorse or promote products derived from this software
-- without prior written permission from Zope Corporation.
--
--4. The right to distribute this software or to use it for
-- any purpose does not give you the right to use Servicemarks
-- (sm) or Trademarks (tm) of Zope Corporation. Use of them is
-- covered in a separate agreement (see
-- http://www.zope.com/Marks).
--
--5. If any files are modified, you must cause the modified
-- files to carry prominent notices stating that you changed
-- the files and the date of any change.
--
--Disclaimer
--
-- THIS SOFTWARE IS PROVIDED BY ZOPE CORPORATION ``AS IS''
-- AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT
-- NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN
-- NO EVENT SHALL ZOPE CORPORATION OR ITS CONTRIBUTORS BE
-- LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
-- EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-- LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-- LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-- HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
-- OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
-- SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
-- DAMAGE.
--
--
--This software consists of contributions made by Zope
--Corporation and many individuals on behalf of Zope
--Corporation. Specific attributions are listed in the
--accompanying credits file.
-\ No newline at end of file
-diff --git a/tools/python/test.py b/tools/python/test.py
-deleted file mode 100644
-index 13912f61a631..000000000000
---- a/tools/python/test.py
-+++ /dev/null
-@@ -1,1094 +0,0 @@
--#! /usr/bin/env python2.3
--##############################################################################
--#
--# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
--# All Rights Reserved.
--#
--# This software is subject to the provisions of the Zope Public License,
--# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
--# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
--# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
--# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
--# FOR A PARTICULAR PURPOSE.
--#
--##############################################################################
--"""
--test.py [-abBcdDfFgGhklLmMPprstTuUv] [modfilter [testfilter]]
--
--Find and run tests written using the unittest module.
--
--The test runner searches for Python modules that contain test suites.
--It collects those suites, and runs the tests. There are many options
--for controlling how the tests are run. There are options for using
--the debugger, reporting code coverage, and checking for refcount problems.
--
--The test runner uses the following rules for finding tests to run. It
--searches for packages and modules that contain "tests" as a component
--of the name, e.g. "frob.tests.nitz" matches this rule because tests is
--a sub-package of frob. Within each "tests" package, it looks for
--modules that begin with the name "test." For each test module, it
--imports the module and calls the module's test_suite() function, which must
--return a unittest TestSuite object.
--
--Options can be specified as command line arguments (see below). However,
--options may also be specified in a file named 'test.config', a Python
--script which, if found, will be executed before the command line
--arguments are processed.
--
--The test.config script should specify options by setting zero or more of the
--global variables: LEVEL, BUILD, and other capitalized variable names found in
--the test runner script (see the list of global variables in process_args().).
--
--
---a level
----at-level level
----all
-- Run the tests at the given level. Any test at a level at or below
-- this is run, any test at a level above this is not run. Level 0
-- runs all tests. The default is to run tests at level 1. --all is
-- a shortcut for -a 0.
--
---b
----build
-- Run "python setup.py build" before running tests, where "python"
-- is the version of python used to run test.py. Highly recommended.
-- Tests will be run from the build directory.
--
---B
----build-inplace
-- Run "python setup.py build_ext -i" before running tests. Tests will be
-- run from the source directory.
--
---c
----pychecker
-- use pychecker
--
---d
----debug
-- Instead of the normal test harness, run a debug version which
-- doesn't catch any exceptions. This is occasionally handy when the
-- unittest code catching the exception doesn't work right.
-- Unfortunately, the debug harness doesn't print the name of the
-- test, so Use With Care.
--
---D
----debug-inplace
-- Works like -d, except that it loads pdb when an exception occurs.
--
----dir directory
---s directory
-- Option to limit where tests are searched for. This is important
-- when you *really* want to limit the code that gets run. This can
-- be specified more than once to run tests in two different parts of
-- the source tree.
-- For example, if refactoring interfaces, you don't want to see the way
-- you have broken setups for tests in other packages. You *just* want to
-- run the interface tests.
--
---f
----skip-unit
-- Run functional tests but not unit tests.
-- Note that functional tests will be skipped if the module
-- zope.app.tests.functional cannot be imported.
-- Functional tests also expect to find the file ftesting.zcml,
-- which is used to configure the functional-test run.
--
---F
-- DEPRECATED. Run both unit and functional tests.
-- This option is deprecated, because this is the new default mode.
-- Note that functional tests will be skipped if the module
-- zope.app.tests.functional cannot be imported.
--
---g threshold
----gc-threshold threshold
-- Set the garbage collector generation0 threshold. This can be used
-- to stress memory and gc correctness. Some crashes are only
-- reproducible when the threshold is set to 1 (agressive garbage
-- collection). Do "-g 0" to disable garbage collection altogether.
--
---G gc_option
----gc-option gc_option
-- Set the garbage collection debugging flags. The argument must be one
-- of the DEBUG_ flags defined bythe Python gc module. Multiple options
-- can be specified by using "-G OPTION1 -G OPTION2."
--
---k
----keepbytecode
-- Do not delete all stale bytecode before running tests
--
---l test_root
----libdir test_root
-- Search for tests starting in the specified start directory
-- (useful for testing components being developed outside the main
-- "src" or "build" trees).
--
---L
----loop
-- Keep running the selected tests in a loop. You may experience
-- memory leakage.
--
---m
---M minimal GUI. See -U.
--
---P
----profile
-- Run the tests under hotshot and display the top 50 stats, sorted by
-- cumulative time and number of calls.
--
---p
----progress
-- Show running progress. It can be combined with -v or -vv.
--
---r
----refcount
-- Look for refcount problems.
-- This requires that Python was built --with-pydebug.
--
---t
----top-fifty
-- Time the individual tests and print a list of the top 50, sorted from
-- longest to shortest.
--
----times n
----times outfile
-- With an integer argument, time the tests and print a list of the top <n>
-- tests, sorted from longest to shortest.
-- With a non-integer argument, specifies a file to which timing information
-- is to be printed.
--
---T
----trace
-- Use the trace module from Python for code coverage. The current
-- utility writes coverage files to a directory named `coverage' that
-- is parallel to `build'. It also prints a summary to stdout.
--
---u
----skip-functional
-- CHANGED. Run unit tests but not functional tests.
-- Note that the meaning of -u is changed from its former meaning,
-- which is now specified by -U or --gui.
--
---U
----gui
-- Use the PyUnit GUI instead of output to the command line. The GUI
-- imports tests on its own, taking care to reload all dependencies
-- on each run. The debug (-d), verbose (-v), progress (-p), and
-- Loop (-L) options will be ignored. The testfilter filter is also
-- not applied.
--
---m
---M
----minimal-gui
-- Note: -m is DEPRECATED in favour of -M or --minimal-gui.
-- -m starts the gui minimized. Double-clicking the progress bar
-- will start the import and run all tests.
--
--
---v
----verbose
-- Verbose output. With one -v, unittest prints a dot (".") for each
-- test run. With -vv, unittest prints the name of each test (for
-- some definition of "name" ...). With no -v, unittest is silent
-- until the end of the run, except when errors occur.
--
-- When -p is also specified, the meaning of -v is slightly
-- different. With -p and no -v only the percent indicator is
-- displayed. With -p and -v the test name of the current test is
-- shown to the right of the percent indicator. With -p and -vv the
-- test name is not truncated to fit into 80 columns and it is not
-- cleared after the test finishes.
--
--
--modfilter
--testfilter
-- Case-sensitive regexps to limit which tests are run, used in search
-- (not match) mode.
-- In an extension of Python regexp notation, a leading "!" is stripped
-- and causes the sense of the remaining regexp to be negated (so "!bc"
-- matches any string that does not match "bc", and vice versa).
-- By default these act like ".", i.e. nothing is excluded.
--
-- modfilter is applied to a test file's path, starting at "build" and
-- including (OS-dependent) path separators.
--
-- testfilter is applied to the (method) name of the unittest methods
-- contained in the test files whose paths modfilter matched.
--
--Extreme (yet useful) examples:
--
-- test.py -vvb . "^testWriteClient$"
--
-- Builds the project silently, then runs unittest in verbose mode on all
-- tests whose names are precisely "testWriteClient". Useful when
-- debugging a specific test.
--
-- test.py -vvb . "!^testWriteClient$"
--
-- As before, but runs all tests whose names aren't precisely
-- "testWriteClient". Useful to avoid a specific failing test you don't
-- want to deal with just yet.
--
-- test.py -M . "!^testWriteClient$"
--
-- As before, but now opens up a minimized PyUnit GUI window (only showing
-- the progress bar). Useful for refactoring runs where you continually want
-- to make sure all tests still pass.
--"""
--
--import gc
--import hotshot, hotshot.stats
--import os
--import re
--import pdb
--import sys
--import threading # just to get at Thread objects created by tests
--import time
--import traceback
--import unittest
--import warnings
--
--def set_trace_doctest(stdin=sys.stdin, stdout=sys.stdout, trace=pdb.set_trace):
-- sys.stdin = stdin
-- sys.stdout = stdout
-- trace()
--
--pdb.set_trace_doctest = set_trace_doctest
--
--from distutils.util import get_platform
--
--PLAT_SPEC = "%s-%s" % (get_platform(), sys.version[0:3])
--
--class ImmediateTestResult(unittest._TextTestResult):
--
-- __super_init = unittest._TextTestResult.__init__
-- __super_startTest = unittest._TextTestResult.startTest
-- __super_printErrors = unittest._TextTestResult.printErrors
--
-- def __init__(self, stream, descriptions, verbosity, debug=False,
-- count=None, progress=False):
-- self.__super_init(stream, descriptions, verbosity)
-- self._debug = debug
-- self._progress = progress
-- self._progressWithNames = False
-- self.count = count
-- self._testtimes = {}
-- if progress and verbosity == 1:
-- self.dots = False
-- self._progressWithNames = True
-- self._lastWidth = 0
-- self._maxWidth = 80
-- try:
-- import curses
-- except ImportError:
-- pass
-- else:
-- curses.setupterm()
-- self._maxWidth = curses.tigetnum('cols')
-- self._maxWidth -= len("xxxx/xxxx (xxx.x%): ") + 1
--
-- def stopTest(self, test):
-- self._testtimes[test] = time.time() - self._testtimes[test]
-- if gc.garbage:
-- print "The following test left garbage:"
-- print test
-- print gc.garbage
-- # XXX Perhaps eat the garbage here, so that the garbage isn't
-- # printed for every subsequent test.
--
-- # Did the test leave any new threads behind?
-- new_threads = [t for t in threading.enumerate()
-- if (t.isAlive()
-- and
-- t not in self._threads)]
-- if new_threads:
-- print "The following test left new threads behind:"
-- print test
-- print "New thread(s):", new_threads
--
-- def print_times(self, stream, count=None):
-- results = self._testtimes.items()
-- results.sort(lambda x, y: cmp(y[1], x[1]))
-- if count:
-- n = min(count, len(results))
-- if n:
-- print >>stream, "Top %d longest tests:" % n
-- else:
-- n = len(results)
-- if not n:
-- return
-- for i in range(n):
-- print >>stream, "%6dms" % int(results[i][1] * 1000), results[i][0]
--
-- def _print_traceback(self, msg, err, test, errlist):
-- if self.showAll or self.dots or self._progress:
-- self.stream.writeln("\n")
-- self._lastWidth = 0
--
-- tb = "".join(traceback.format_exception(*err))
-- self.stream.writeln(msg)
-- self.stream.writeln(tb)
-- errlist.append((test, tb))
--
-- def startTest(self, test):
-- if self._progress:
-- self.stream.write("\r%4d" % (self.testsRun + 1))
-- if self.count:
-- self.stream.write("/%d (%5.1f%%)" % (self.count,
-- (self.testsRun + 1) * 100.0 / self.count))
-- if self.showAll:
-- self.stream.write(": ")
-- elif self._progressWithNames:
-- # XXX will break with multibyte strings
-- name = self.getShortDescription(test)
-- width = len(name)
-- if width < self._lastWidth:
-- name += " " * (self._lastWidth - width)
-- self.stream.write(": %s" % name)
-- self._lastWidth = width
-- self.stream.flush()
-- self._threads = threading.enumerate()
-- self.__super_startTest(test)
-- self._testtimes[test] = time.time()
--
-- def getShortDescription(self, test):
-- s = self.getDescription(test)
-- if len(s) > self._maxWidth:
-- pos = s.find(" (")
-- if pos >= 0:
-- w = self._maxWidth - (pos + 5)
-- if w < 1:
-- # first portion (test method name) is too long
-- s = s[:self._maxWidth-3] + "..."
-- else:
-- pre = s[:pos+2]
-- post = s[-w:]
-- s = "%s...%s" % (pre, post)
-- return s[:self._maxWidth]
--
-- def addError(self, test, err):
-- if self._progress:
-- self.stream.write("\r")
-- if self._debug:
-- raise err[0], err[1], err[2]
-- self._print_traceback("Error in test %s" % test, err,
-- test, self.errors)
--
-- def addFailure(self, test, err):
-- if self._progress:
-- self.stream.write("\r")
-- if self._debug:
-- raise err[0], err[1], err[2]
-- self._print_traceback("Failure in test %s" % test, err,
-- test, self.failures)
--
-- def printErrors(self):
-- if self._progress and not (self.dots or self.showAll):
-- self.stream.writeln()
-- self.__super_printErrors()
--
-- def printErrorList(self, flavor, errors):
-- for test, err in errors:
-- self.stream.writeln(self.separator1)
-- self.stream.writeln("%s: %s" % (flavor, self.getDescription(test)))
-- self.stream.writeln(self.separator2)
-- self.stream.writeln(err)
--
--
--class ImmediateTestRunner(unittest.TextTestRunner):
--
-- __super_init = unittest.TextTestRunner.__init__
--
-- def __init__(self, **kwarg):
-- debug = kwarg.get("debug")
-- if debug is not None:
-- del kwarg["debug"]
-- progress = kwarg.get("progress")
-- if progress is not None:
-- del kwarg["progress"]
-- profile = kwarg.get("profile")
-- if profile is not None:
-- del kwarg["profile"]
-- self.__super_init(**kwarg)
-- self._debug = debug
-- self._progress = progress
-- self._profile = profile
-- # Create the test result here, so that we can add errors if
-- # the test suite search process has problems. The count
-- # attribute must be set in run(), because we won't know the
-- # count until all test suites have been found.
-- self.result = ImmediateTestResult(
-- self.stream, self.descriptions, self.verbosity, debug=self._debug,
-- progress=self._progress)
--
-- def _makeResult(self):
-- # Needed base class run method.
-- return self.result
--
-- def run(self, test):
-- self.result.count = test.countTestCases()
-- if self._debug:
-- club_debug(test)
-- if self._profile:
-- prof = hotshot.Profile("tests_profile.prof")
-- args = (self, test)
-- r = prof.runcall(unittest.TextTestRunner.run, *args)
-- prof.close()
-- stats = hotshot.stats.load("tests_profile.prof")
-- stats.sort_stats('cumulative', 'calls')
-- stats.print_stats(50)
-- return r
-- return unittest.TextTestRunner.run(self, test)
--
--def club_debug(test):
-- # Beat a debug flag into debug-aware test cases
-- setDebugModeOn = getattr(test, 'setDebugModeOn', None)
-- if setDebugModeOn is not None:
-- setDebugModeOn()
--
-- for subtest in getattr(test, '_tests', ()):
-- club_debug(subtest)
--
--# setup list of directories to put on the path
--class PathInit:
-- def __init__(self, build, build_inplace, libdir=None):
-- self.inplace = None
-- # Figure out if we should test in-place or test in-build. If the -b
-- # or -B option was given, test in the place we were told to build in.
-- # Otherwise, we'll look for a build directory and if we find one,
-- # we'll test there, otherwise we'll test in-place.
-- if build:
-- self.inplace = build_inplace
-- if self.inplace is None:
-- # Need to figure it out
-- if os.path.isdir(os.path.join("build", "lib.%s" % PLAT_SPEC)):
-- self.inplace = False
-- else:
-- self.inplace = True
-- # Calculate which directories we're going to add to sys.path, and cd
-- # to the appropriate working directory
-- self.org_cwd = os.getcwd()
-- if self.inplace:
-- self.libdir = "src"
-- else:
-- self.libdir = "lib.%s" % PLAT_SPEC
-- os.chdir("build")
-- # Hack sys.path
-- self.cwd = os.getcwd()
-- sys.path.insert(0, os.path.join(self.cwd, self.libdir))
-- # Hack again for external products.
-- global functional
-- kind = functional and "FUNCTIONAL" or "UNIT"
-- if libdir:
-- extra = os.path.join(self.org_cwd, libdir)
-- print "Running %s tests from %s" % (kind, extra)
-- self.libdir = extra
-- sys.path.insert(0, extra)
-- else:
-- print "Running %s tests from %s" % (kind, self.cwd)
-- # Make sure functional tests find ftesting.zcml
-- if functional:
-- config_file = 'ftesting.zcml'
-- if not self.inplace:
-- # We chdired into build, so ftesting.zcml is in the
-- # parent directory
-- config_file = os.path.join('..', 'ftesting.zcml')
-- print "Parsing %s" % config_file
-- from zope.app.tests.functional import FunctionalTestSetup
-- FunctionalTestSetup(config_file)
--
--def match(rx, s):
-- if not rx:
-- return True
-- if rx[0] == "!":
-- return re.search(rx[1:], s) is None
-- else:
-- return re.search(rx, s) is not None
--
--class TestFileFinder:
-- def __init__(self, prefix):
-- self.files = []
-- self._plen = len(prefix)
-- if not prefix.endswith(os.sep):
-- self._plen += 1
-- global functional
-- if functional:
-- self.dirname = "ftests"
-- else:
-- self.dirname = "tests"
--
-- def visit(self, rx, dir, files):
-- if os.path.split(dir)[1] != self.dirname:
-- # Allow tests/ftests module rather than package.
-- modfname = self.dirname + '.py'
-- if modfname in files:
-- path = os.path.join(dir, modfname)
-- if match(rx, path):
-- self.files.append(path)
-- return
-- return
-- # ignore tests that aren't in packages
-- if not "__init__.py" in files:
-- if not files or files == ["CVS"]:
-- return
-- print "not a package", dir
-- return
--
-- # Put matching files in matches. If matches is non-empty,
-- # then make sure that the package is importable.
-- matches = []
-- for file in files:
-- if file.startswith('test') and os.path.splitext(file)[-1] == '.py':
-- path = os.path.join(dir, file)
-- if match(rx, path):
-- matches.append(path)
--
-- # ignore tests when the package can't be imported, possibly due to
-- # dependency failures.
-- pkg = dir[self._plen:].replace(os.sep, '.')
-- try:
-- __import__(pkg)
-- # We specifically do not want to catch ImportError since that's useful
-- # information to know when running the tests.
-- except RuntimeError, e:
-- if VERBOSE:
-- print "skipping %s because: %s" % (pkg, e)
-- return
-- else:
-- self.files.extend(matches)
--
-- def module_from_path(self, path):
-- """Return the Python package name indicated by the filesystem path."""
-- assert path.endswith(".py")
-- path = path[self._plen:-3]
-- mod = path.replace(os.sep, ".")
-- return mod
--
--def walk_with_symlinks(top, func, arg):
-- """Like os.path.walk, but follows symlinks on POSIX systems.
--
-- This could theoreticaly result in an infinite loop, if you create symlink
-- cycles in your Zope sandbox, so don't do that.
-- """
-- try:
-- names = os.listdir(top)
-- except os.error:
-- return
-- func(arg, top, names)
-- exceptions = ('.', '..')
-- for name in names:
-- if name not in exceptions:
-- name = os.path.join(top, name)
-- if os.path.isdir(name):
-- walk_with_symlinks(name, func, arg)
--
--def find_test_dir(dir):
-- if os.path.exists(dir):
-- return dir
-- d = os.path.join(pathinit.libdir, dir)
-- if os.path.exists(d):
-- if os.path.isdir(d):
-- return d
-- raise ValueError("%s does not exist and %s is not a directory"
-- % (dir, d))
-- raise ValueError("%s does not exist!" % dir)
--
--def find_tests(rx):
-- global finder
-- finder = TestFileFinder(pathinit.libdir)
--
-- if TEST_DIRS:
-- for d in TEST_DIRS:
-- d = find_test_dir(d)
-- walk_with_symlinks(d, finder.visit, rx)
-- else:
-- walk_with_symlinks(pathinit.libdir, finder.visit, rx)
-- return finder.files
--
--def package_import(modname):
-- mod = __import__(modname)
-- for part in modname.split(".")[1:]:
-- mod = getattr(mod, part)
-- return mod
--
--class PseudoTestCase:
-- """Minimal test case objects to create error reports.
--
-- If test.py finds something that looks like it should be a test but
-- can't load it or find its test suite, it will report an error
-- using a PseudoTestCase.
-- """
--
-- def __init__(self, name, descr=None):
-- self.name = name
-- self.descr = descr
--
-- def shortDescription(self):
-- return self.descr
--
-- def __str__(self):
-- return "Invalid Test (%s)" % self.name
--
--def get_suite(file, result):
-- modname = finder.module_from_path(file)
-- try:
-- mod = package_import(modname)
-- return mod.test_suite()
-- except:
-- result.addError(PseudoTestCase(modname), sys.exc_info())
-- return None
--
--def filter_testcases(s, rx):
-- new = unittest.TestSuite()
-- for test in s._tests:
-- # See if the levels match
-- dolevel = (LEVEL == 0) or LEVEL >= getattr(test, "level", 0)
-- if not dolevel:
-- continue
-- if isinstance(test, unittest.TestCase):
-- name = test.id() # Full test name: package.module.class.method
-- name = name[1 + name.rfind("."):] # extract method name
-- if not rx or match(rx, name):
-- new.addTest(test)
-- else:
-- filtered = filter_testcases(test, rx)
-- if filtered:
-- new.addTest(filtered)
-- return new
--
--def gui_runner(files, test_filter):
-- if BUILD_INPLACE:
-- utildir = os.path.join(os.getcwd(), "utilities")
-- else:
-- utildir = os.path.join(os.getcwd(), "..", "utilities")
-- sys.path.append(utildir)
-- import unittestgui
-- suites = []
-- for file in files:
-- suites.append(finder.module_from_path(file) + ".test_suite")
--
-- suites = ", ".join(suites)
-- minimal = (GUI == "minimal")
-- unittestgui.main(suites, minimal)
--
--class TrackRefs:
-- """Object to track reference counts across test runs."""
--
-- def __init__(self):
-- self.type2count = {}
-- self.type2all = {}
--
-- def update(self):
-- obs = sys.getobjects(0)
-- type2count = {}
-- type2all = {}
-- for o in obs:
-- all = sys.getrefcount(o)
--
-- if type(o) is str and o == '<dummy key>':
-- # avoid dictionary madness
-- continue
-- t = type(o)
-- if t in type2count:
-- type2count[t] += 1
-- type2all[t] += all
-- else:
-- type2count[t] = 1
-- type2all[t] = all
--
-- ct = [(type2count[t] - self.type2count.get(t, 0),
-- type2all[t] - self.type2all.get(t, 0),
-- t)
-- for t in type2count.iterkeys()]
-- ct.sort()
-- ct.reverse()
-- printed = False
-- for delta1, delta2, t in ct:
-- if delta1 or delta2:
-- if not printed:
-- print "%-55s %8s %8s" % ('', 'insts', 'refs')
-- printed = True
-- print "%-55s %8d %8d" % (t, delta1, delta2)
--
-- self.type2count = type2count
-- self.type2all = type2all
--
--def runner(files, test_filter, debug):
-- runner = ImmediateTestRunner(verbosity=VERBOSE, debug=DEBUG,
-- progress=PROGRESS, profile=PROFILE,
-- descriptions=False)
-- suite = unittest.TestSuite()
-- for file in files:
-- s = get_suite(file, runner.result)
-- # See if the levels match
-- dolevel = (LEVEL == 0) or LEVEL >= getattr(s, "level", 0)
-- if s is not None and dolevel:
-- s = filter_testcases(s, test_filter)
-- suite.addTest(s)
-- try:
-- r = runner.run(suite)
-- if TIMESFN:
-- r.print_times(open(TIMESFN, "w"))
-- if VERBOSE:
-- print "Wrote timing data to", TIMESFN
-- if TIMETESTS:
-- r.print_times(sys.stdout, TIMETESTS)
-- except:
-- if DEBUGGER:
-- print "%s:" % (sys.exc_info()[0], )
-- print sys.exc_info()[1]
-- pdb.post_mortem(sys.exc_info()[2])
-- else:
-- raise
--
--def remove_stale_bytecode(arg, dirname, names):
-- names = map(os.path.normcase, names)
-- for name in names:
-- if name.endswith(".pyc") or name.endswith(".pyo"):
-- srcname = name[:-1]
-- if srcname not in names:
-- fullname = os.path.join(dirname, name)
-- print "Removing stale bytecode file", fullname
-- os.unlink(fullname)
--
--def main(module_filter, test_filter, libdir):
-- if not KEEP_STALE_BYTECODE:
-- os.path.walk(os.curdir, remove_stale_bytecode, None)
--
-- configure_logging()
--
-- # Initialize the path and cwd
-- global pathinit
-- pathinit = PathInit(BUILD, BUILD_INPLACE, libdir)
--
-- files = find_tests(module_filter)
-- files.sort()
--
-- if GUI:
-- gui_runner(files, test_filter)
-- elif LOOP:
-- if REFCOUNT:
-- rc = sys.gettotalrefcount()
-- track = TrackRefs()
-- while True:
-- runner(files, test_filter, DEBUG)
-- gc.collect()
-- if gc.garbage:
-- print "GARBAGE:", len(gc.garbage), gc.garbage
-- return
-- if REFCOUNT:
-- prev = rc
-- rc = sys.gettotalrefcount()
-- print "totalrefcount=%-8d change=%-6d" % (rc, rc - prev)
-- track.update()
-- else:
-- runner(files, test_filter, DEBUG)
--
-- os.chdir(pathinit.org_cwd)
--
--
--def configure_logging():
-- """Initialize the logging module."""
-- import logging.config
--
-- # Get the log.ini file from the current directory instead of possibly
-- # buried in the build directory. XXX This isn't perfect because if
-- # log.ini specifies a log file, it'll be relative to the build directory.
-- # Hmm...
-- logini = os.path.abspath("log.ini")
--
-- if os.path.exists(logini):
-- logging.config.fileConfig(logini)
-- else:
-- logging.basicConfig()
--
-- if os.environ.has_key("LOGGING"):
-- level = int(os.environ["LOGGING"])
-- logging.getLogger().setLevel(level)
--
--
--def process_args(argv=None):
-- import getopt
-- global MODULE_FILTER
-- global TEST_FILTER
-- global VERBOSE
-- global LOOP
-- global GUI
-- global TRACE
-- global REFCOUNT
-- global DEBUG
-- global DEBUGGER
-- global BUILD
-- global LEVEL
-- global LIBDIR
-- global TIMESFN
-- global TIMETESTS
-- global PROGRESS
-- global BUILD_INPLACE
-- global KEEP_STALE_BYTECODE
-- global TEST_DIRS
-- global PROFILE
-- global GC_THRESHOLD
-- global GC_FLAGS
-- global RUN_UNIT
-- global RUN_FUNCTIONAL
-- global PYCHECKER
--
-- if argv is None:
-- argv = sys.argv
--
-- MODULE_FILTER = None
-- TEST_FILTER = None
-- VERBOSE = 0
-- LOOP = False
-- GUI = False
-- TRACE = False
-- REFCOUNT = False
-- DEBUG = False # Don't collect test results; simply let tests crash
-- DEBUGGER = False
-- BUILD = False
-- BUILD_INPLACE = False
-- GC_THRESHOLD = None
-- gcdebug = 0
-- GC_FLAGS = []
-- LEVEL = 1
-- LIBDIR = None
-- PROGRESS = False
-- TIMESFN = None
-- TIMETESTS = 0
-- KEEP_STALE_BYTECODE = 0
-- RUN_UNIT = True
-- RUN_FUNCTIONAL = True
-- TEST_DIRS = []
-- PROFILE = False
-- PYCHECKER = False
-- config_filename = 'test.config'
--
-- # import the config file
-- if os.path.isfile(config_filename):
-- print 'Configuration file found.'
-- execfile(config_filename, globals())
--
--
-- try:
-- opts, args = getopt.getopt(argv[1:], "a:bBcdDfFg:G:hkl:LmMPprs:tTuUv",
-- ["all", "help", "libdir=", "times=",
-- "keepbytecode", "dir=", "build",
-- "build-inplace",
-- "at-level=",
-- "pychecker", "debug", "pdebug",
-- "gc-threshold=", "gc-option=",
-- "loop", "gui", "minimal-gui",
-- "profile", "progress", "refcount", "trace",
-- "top-fifty", "verbose",
-- ])
-- # fixme: add the long names
-- # fixme: add the extra documentation
-- # fixme: test for functional first!
-- except getopt.error, msg:
-- print msg
-- print "Try `python %s -h' for more information." % argv[0]
-- sys.exit(2)
--
-- for k, v in opts:
-- if k in ("-a", "--at-level"):
-- LEVEL = int(v)
-- elif k == "--all":
-- LEVEL = 0
-- os.environ["COMPLAIN_IF_TESTS_MISSED"]='1'
-- elif k in ("-b", "--build"):
-- BUILD = True
-- elif k in ("-B", "--build-inplace"):
-- BUILD = BUILD_INPLACE = True
-- elif k in("-c", "--pychecker"):
-- PYCHECKER = True
-- elif k in ("-d", "--debug"):
-- DEBUG = True
-- elif k in ("-D", "--pdebug"):
-- DEBUG = True
-- DEBUGGER = True
-- elif k in ("-f", "--skip-unit"):
-- RUN_UNIT = False
-- elif k in ("-u", "--skip-functional"):
-- RUN_FUNCTIONAL = False
-- elif k == "-F":
-- message = 'Unit plus functional is the default behaviour.'
-- warnings.warn(message, DeprecationWarning)
-- RUN_UNIT = True
-- RUN_FUNCTIONAL = True
-- elif k in ("-h", "--help"):
-- print __doc__
-- sys.exit(0)
-- elif k in ("-g", "--gc-threshold"):
-- GC_THRESHOLD = int(v)
-- elif k in ("-G", "--gc-option"):
-- if not v.startswith("DEBUG_"):
-- print "-G argument must be DEBUG_ flag, not", repr(v)
-- sys.exit(1)
-- GC_FLAGS.append(v)
-- elif k in ('-k', '--keepbytecode'):
-- KEEP_STALE_BYTECODE = 1
-- elif k in ('-l', '--libdir'):
-- LIBDIR = v
-- elif k in ("-L", "--loop"):
-- LOOP = 1
-- elif k == "-m":
-- GUI = "minimal"
-- msg = "Use -M or --minimal-gui instead of -m."
-- warnings.warn(msg, DeprecationWarning)
-- elif k in ("-M", "--minimal-gui"):
-- GUI = "minimal"
-- elif k in ("-P", "--profile"):
-- PROFILE = True
-- elif k in ("-p", "--progress"):
-- PROGRESS = True
-- elif k in ("-r", "--refcount"):
-- REFCOUNT = True
-- elif k in ("-T", "--trace"):
-- TRACE = True
-- elif k in ("-t", "--top-fifty"):
-- if not TIMETESTS:
-- TIMETESTS = 50
-- elif k in ("-u", "--gui"):
-- GUI = 1
-- elif k in ("-v", "--verbose"):
-- VERBOSE += 1
-- elif k == "--times":
-- try:
-- TIMETESTS = int(v)
-- except ValueError:
-- # must be a filename to write
-- TIMESFN = v
-- elif k in ('-s', '--dir'):
-- TEST_DIRS.append(v)
--
-- if PYCHECKER:
-- # make sure you have a recent version of pychecker
-- if not os.environ.get("PYCHECKER"):
-- os.environ["PYCHECKER"] = "-q"
-- import pychecker.checker
--
-- if REFCOUNT and not hasattr(sys, "gettotalrefcount"):
-- print "-r ignored, because it needs a debug build of Python"
-- REFCOUNT = False
--
-- if sys.version_info < ( 2,3,2 ):
-- print """\
-- ERROR: Your python version is not supported by Zope3.
-- Zope3 needs Python 2.3.2 or greater. You are running:""" + sys.version
-- sys.exit(1)
--
-- if GC_THRESHOLD is not None:
-- if GC_THRESHOLD == 0:
-- gc.disable()
-- print "gc disabled"
-- else:
-- gc.set_threshold(GC_THRESHOLD)
-- print "gc threshold:", gc.get_threshold()
--
-- if GC_FLAGS:
-- val = 0
-- for flag in GC_FLAGS:
-- v = getattr(gc, flag, None)
-- if v is None:
-- print "Unknown gc flag", repr(flag)
-- print gc.set_debug.__doc__
-- sys.exit(1)
-- val |= v
-- gcdebug |= v
--
-- if gcdebug:
-- gc.set_debug(gcdebug)
--
-- if BUILD:
-- # Python 2.3 is more sane in its non -q output
-- if sys.hexversion >= 0x02030000:
-- qflag = ""
-- else:
-- qflag = "-q"
-- cmd = sys.executable + " setup.py " + qflag + " build"
-- if BUILD_INPLACE:
-- cmd += "_ext -i"
-- if VERBOSE:
-- print cmd
-- sts = os.system(cmd)
-- if sts:
-- print "Build failed", hex(sts)
-- sys.exit(1)
--
-- k = []
-- if RUN_UNIT:
-- k.append(False)
-- if RUN_FUNCTIONAL:
-- k.append(True)
--
-- global functional
-- for functional in k:
--
-- if VERBOSE:
-- kind = functional and "FUNCTIONAL" or "UNIT"
-- if LEVEL == 0:
-- print "Running %s tests at all levels" % kind
-- else:
-- print "Running %s tests at level %d" % (kind, LEVEL)
--
--# This was to avoid functional tests outside of z3, but this doesn't really
--# work right.
--## if functional:
--## try:
--## from zope.app.tests.functional import FunctionalTestSetup
--## except ImportError:
--## raise
--## print ('Skipping functional tests: could not import '
--## 'zope.app.tests.functional')
--## continue
--
-- # XXX We want to change *visible* warnings into errors. The next
-- # line changes all warnings into errors, including warnings we
-- # normally never see. In particular, test_datetime does some
-- # short-integer arithmetic that overflows to long ints, and, by
-- # default, Python doesn't display the overflow warning that can
-- # be enabled when this happens. The next line turns that into an
-- # error instead. Guido suggests that a better to get what we're
-- # after is to replace warnings.showwarning() with our own thing
-- # that raises an error.
-- ## warnings.filterwarnings("error")
-- warnings.filterwarnings("ignore", module="logging")
--
-- if args:
-- if len(args) > 1:
-- TEST_FILTER = args[1]
-- MODULE_FILTER = args[0]
-- try:
-- if TRACE:
-- # if the trace module is used, then we don't exit with
-- # status if on a false return value from main.
-- coverdir = os.path.join(os.getcwd(), "coverage")
-- import trace
-- ignoremods = ["os", "posixpath", "stat"]
-- tracer = trace.Trace(ignoredirs=[sys.prefix, sys.exec_prefix],
-- ignoremods=ignoremods,
-- trace=False, count=True)
--
-- tracer.runctx("main(MODULE_FILTER, TEST_FILTER, LIBDIR)",
-- globals=globals(), locals=vars())
-- r = tracer.results()
-- path = "/tmp/trace.%s" % os.getpid()
-- import cPickle
-- f = open(path, "wb")
-- cPickle.dump(r, f)
-- f.close()
-- print path
-- r.write_results(show_missing=True,
-- summary=True, coverdir=coverdir)
-- else:
-- bad = main(MODULE_FILTER, TEST_FILTER, LIBDIR)
-- if bad:
-- sys.exit(1)
-- except ImportError, err:
-- print err
-- print sys.path
-- raise
--
--
--if __name__ == "__main__":
-- process_args()
diff --git a/main/xen/gcc10-arm64-force-inline-atomics.patch b/main/xen/gcc10-arm64-force-inline-atomics.patch
index 1ffdd2d212..4491fe9447 100644
--- a/main/xen/gcc10-arm64-force-inline-atomics.patch
+++ b/main/xen/gcc10-arm64-force-inline-atomics.patch
@@ -1,15 +1,42 @@
-Based on https://lists.xenproject.org/archives/html/xen-devel/2020-09/msg00478.html
+From 5d45ecabe3c0b2097df623ab7b471f8915cfdde6 Mon Sep 17 00:00:00 2001
+From: Jan Beulich <jbeulich@suse.com>
+Date: Fri, 11 Sep 2020 12:45:33 +0200
+Subject: [PATCH] xen/arm64: force gcc 10+ to always inline generic atomics
+ helpers
-[This patch should be replaced with the committed version, when it's
-available from the Xen git repository.]
+Recent versions of gcc (at least 10.x) will not inline generic atomics
+helpers by default. Instead they will expect the software to either link
+with libatomic.so or implement the helpers, which would result in
---- a/xen/arch/arm/Rules.mk 2020-05-14 14:19:32.000000000 +0200
-+++ b/xen/arch/arm/Rules.mk 2020-09-10 11:17:53.640315194 +0200
-@@ -17,6 +17,7 @@
+undefined reference to `__aarch64_ldadd4_acq_rel'
+
+for us (not having any local implementation).
+
+To keep the previous behavior, force gcc to always inline the generic
+atomics helpers.
+
+Long term we probably want to avoid relying on gcc atomics helpers as
+this doesn't allow us to switch between LSE and LL/SC atomics.
+
+Suggested-by: Julien Grall <jgrall@amazon.com>
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-by: Julien Grall <jgrall@amazon.com>
+---
+ xen/arch/arm/arch.mk | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/xen/arch/arm/arch.mk b/xen/arch/arm/arch.mk
+index c8186f5828..11caec86ba 100644
+--- a/xen/arch/arm/arch.mk
++++ b/xen/arch/arm/arch.mk
+@@ -12,6 +12,7 @@ CFLAGS-$(CONFIG_ARM_32) += -mcpu=cortex-a15
CFLAGS-$(CONFIG_ARM_64) += -mcpu=generic
CFLAGS-$(CONFIG_ARM_64) += -mgeneral-regs-only # No fp registers etc
+$(call cc-option-add,CFLAGS-$(CONFIG_ARM_64),CC,-mno-outline-atomics)
- ifneq ($(call cc-option,$(CC),-fvisibility=hidden,n),n)
- CFLAGS += -DGCC_HAS_VISIBILITY_ATTRIBUTE
+ ifneq ($(filter command line environment,$(origin CONFIG_EARLY_PRINTK)),)
+ $(error You must use 'make menuconfig' to enable/disable early printk now)
+--
+2.20.1
+
diff --git a/main/xen/gcc10-fix-multiple-defs.patch b/main/xen/gcc10-fix-multiple-defs.patch
deleted file mode 100644
index 69ec5f19ae..0000000000
--- a/main/xen/gcc10-fix-multiple-defs.patch
+++ /dev/null
@@ -1,64 +0,0 @@
-From dacdbf7088d6a3705a9831e73991c2b14c519a65 Mon Sep 17 00:00:00 2001
-From: Anthony PERARD <anthony.perard@citrix.com>
-Date: Wed, 20 May 2020 17:39:42 +0100
-Subject: [PATCH] tools/xenstore: mark variable in header as extern
-
-This patch fix "multiple definition of `xprintf'" (or xgt_handle)
-build error with GCC 10.1.0.
-
-These are the error reported:
- gcc xs_tdb_dump.o utils.o tdb.o talloc.o -o xs_tdb_dump
- /usr/bin/ld: utils.o:./utils.h:27: multiple definition of `xprintf'; xs_tdb_dump.o:./utils.h:27: first defined here
- [...]
- gcc xenstored_core.o xenstored_watch.o xenstored_domain.o xenstored_transaction.o xenstored_control.o xs_lib.o talloc.o utils.o tdb.o hashtable.o xenstored_posix.o -lsystemd -Wl,-rpath-link=... ../libxc/libxenctrl.so -lrt -o xenstored
- /usr/bin/ld: xenstored_watch.o:./xenstored_core.h:207: multiple definition of `xgt_handle'; xenstored_core.o:./xenstored_core.h:207: first defined here
- /usr/bin/ld: xenstored_domain.o:./xenstored_core.h:207: multiple definition of `xgt_handle'; xenstored_core.o:./xenstored_core.h:207: first defined here
- /usr/bin/ld: xenstored_transaction.o:./xenstored_core.h:207: multiple definition of `xgt_handle'; xenstored_core.o:./xenstored_core.h:207: first defined here
- /usr/bin/ld: xenstored_control.o:./xenstored_core.h:207: multiple definition of `xgt_handle'; xenstored_core.o:./xenstored_core.h:207: first defined here
- /usr/bin/ld: xenstored_posix.o:./xenstored_core.h:207: multiple definition of `xgt_handle'; xenstored_core.o:./xenstored_core.h:207: first defined here
-
-A difference that I noticed with earlier version of the build chain is
-that before, I had:
- $ nm xs_tdb_dump.o | grep xprintf
- 0000000000000008 C xprintf
-And now, it's:
- 0000000000000000 B xprintf
-With the patch apply, the symbol isn't in xs_tdb_dump.o anymore.
-
-Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
-Acked-by: Andrew Cooper <andrew.cooper3@citrix.com>
-Reviewed-by: Ian Jackson <ian.jackson@eu.citrix.com>
----
- tools/xenstore/utils.h | 2 +-
- tools/xenstore/xenstored_core.h | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/tools/xenstore/utils.h b/tools/xenstore/utils.h
-index 522c3594a2..6a1b5de9bd 100644
---- a/tools/xenstore/utils.h
-+++ b/tools/xenstore/utils.h
-@@ -24,7 +24,7 @@ static inline bool strends(const char *a, const char *b)
- void barf(const char *fmt, ...) __attribute__((noreturn));
- void barf_perror(const char *fmt, ...) __attribute__((noreturn));
-
--void (*xprintf)(const char *fmt, ...);
-+extern void (*xprintf)(const char *fmt, ...);
-
- #define eprintf(_fmt, _args...) xprintf("[ERR] %s" _fmt, __FUNCTION__, ##_args)
-
-diff --git a/tools/xenstore/xenstored_core.h b/tools/xenstore/xenstored_core.h
-index 56a279cfbb..c4c32bc88f 100644
---- a/tools/xenstore/xenstored_core.h
-+++ b/tools/xenstore/xenstored_core.h
-@@ -204,7 +204,7 @@ void finish_daemonize(void);
- /* Open a pipe for signal handling */
- void init_pipe(int reopen_log_pipe[2]);
-
--xengnttab_handle **xgt_handle;
-+extern xengnttab_handle **xgt_handle;
-
- int remember_string(struct hashtable *hash, const char *str);
-
---
-2.20.1
-
diff --git a/main/xen/py3-compat.patch b/main/xen/py3-compat.patch
deleted file mode 100644
index 371a4537d6..0000000000
--- a/main/xen/py3-compat.patch
+++ /dev/null
@@ -1,472 +0,0 @@
-From 1430c5a8cad45d689b035255f3d7ca6a07ae02e4 Mon Sep 17 00:00:00 2001
-From: Andrew Cooper <andrew.cooper3@citrix.com>
-Date: Wed, 18 Dec 2019 14:00:16 +0000
-Subject: [PATCH] tools/python: Python 3 compatibility
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-convert-legacy-stream is only used for incomming migration from pre Xen 4.7,
-and verify-stream-v2 appears to only be used by me during migration
-development - it is little surprise that they missed the main converstion
-effort in Xen 4.13.
-
-Fix it all up.
-
-Move open_file_or_fd() into a new util.py to avoid duplication, making it a
-more generic wrapper around open() or fdopen().
-
-In libxc.py, drop all long() conversion. Python 2 will DTRT with int => long
-promotion, even on 32bit builds.
-
-In convert-legacy-stream, don't pass empty strings to write_record(). Join on
-the empty argl will do the right thing.
-
-Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
-Acked-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
----
- tools/python/scripts/convert-legacy-stream | 77 +++++++---------------
- tools/python/scripts/verify-stream-v2 | 42 +++---------
- tools/python/xen/__init__.py | 1 -
- tools/python/xen/lowlevel/__init__.py | 1 -
- tools/python/xen/migration/libxc.py | 34 +++++-----
- tools/python/xen/migration/libxl.py | 2 +-
- tools/python/xen/migration/verify.py | 4 +-
- tools/python/xen/util.py | 23 +++++++
- 8 files changed, 74 insertions(+), 110 deletions(-)
- create mode 100644 tools/python/xen/util.py
-
-diff --git a/tools/python/scripts/convert-legacy-stream b/tools/python/scripts/convert-legacy-stream
-index 5f80f1365417..6b68ef5923f6 100755
---- a/tools/python/scripts/convert-legacy-stream
-+++ b/tools/python/scripts/convert-legacy-stream
-@@ -5,6 +5,8 @@
- Convert a legacy migration stream to a v2 stream.
- """
-
-+from __future__ import print_function
-+
- import sys
- import os, os.path
- import syslog
-@@ -12,6 +14,7 @@ import traceback
-
- from struct import calcsize, unpack, pack
-
-+from xen.util import open_file_or_fd as open_file_or_fd
- from xen.migration import legacy, public, libxc, libxl, xl
-
- __version__ = 1
-@@ -39,16 +42,16 @@ def info(msg):
- for line in msg.split("\n"):
- syslog.syslog(syslog.LOG_INFO, line)
- else:
-- print msg
-+ print(msg)
-
- def err(msg):
- """Error message, routed to appropriate destination"""
- if log_to_syslog:
- for line in msg.split("\n"):
- syslog.syslog(syslog.LOG_ERR, line)
-- print >> sys.stderr, msg
-+ print(msg, file = sys.stderr)
-
--class StreamError(StandardError):
-+class StreamError(Exception):
- """Error with the incoming migration stream"""
- pass
-
-@@ -70,7 +73,7 @@ class VM(object):
-
- # libxl
- self.libxl = fmt == "libxl"
-- self.emu_xenstore = "" # NUL terminated key&val pairs from "toolstack" records
-+ self.emu_xenstore = b"" # NUL terminated key&val pairs from "toolstack" records
-
- def write_libxc_ihdr():
- stream_write(pack(libxc.IHDR_FORMAT,
-@@ -102,12 +105,12 @@ def write_libxl_hdr():
- ))
-
- def write_record(rt, *argl):
-- alldata = ''.join(argl)
-+ alldata = b''.join(argl)
- length = len(alldata)
-
- record = pack(libxc.RH_FORMAT, rt, length) + alldata
- plen = (8 - (length & 7)) & 7
-- record += '\x00' * plen
-+ record += b'\x00' * plen
-
- stream_write(record)
-
-@@ -164,10 +167,10 @@ def write_libxc_hvm_params(params):
- pack("Q" * len(params), *params))
-
- def write_libxl_end():
-- write_record(libxl.REC_TYPE_end, "")
-+ write_record(libxl.REC_TYPE_end)
-
- def write_libxl_libxc_context():
-- write_record(libxl.REC_TYPE_libxc_context, "")
-+ write_record(libxl.REC_TYPE_libxc_context)
-
- def write_libxl_emulator_xenstore_data(data):
- write_record(libxl.REC_TYPE_emulator_xenstore_data,
-@@ -225,7 +228,7 @@ def read_pv_extended_info(vm):
- so_far += datasz
-
- # Eww, but this is how it is done :(
-- if blkid == "vcpu":
-+ if blkid == b"vcpu":
-
- vm.basic_len = datasz
-
-@@ -242,10 +245,10 @@ def read_pv_extended_info(vm):
-
- write_libxc_pv_info(vm)
-
-- elif blkid == "extv":
-+ elif blkid == b"extv":
- vm.extd = True
-
-- elif blkid == "xcnt":
-+ elif blkid == b"xcnt":
- vm.xsave_len, = unpack("I", data[:4])
- info("xcnt sz 0x%x" % (vm.xsave_len, ))
-
-@@ -296,7 +299,7 @@ def read_pv_tail(vm):
- info("Got shinfo")
-
- write_record(libxc.REC_TYPE_shared_info, shinfo)
-- write_record(libxc.REC_TYPE_end, "")
-+ write_record(libxc.REC_TYPE_end)
-
-
- def read_libxl_toolstack(vm, data):
-@@ -336,18 +339,18 @@ def read_libxl_toolstack(vm, data):
- if twidth == 64:
- name = name[:-4]
-
-- if name[-1] != '\x00':
-+ if name[-1] != b'\x00':
- raise StreamError("physmap name not NUL terminated")
-
-- root = "physmap/%x" % (phys,)
-- kv = [root + "/start_addr", "%x" % (start, ),
-- root + "/size", "%x" % (size, ),
-- root + "/name", name[:-1]]
-+ root = b"physmap/%x" % (phys, )
-+ kv = [root + b"/start_addr", b"%x" % (start, ),
-+ root + b"/size", b"%x" % (size, ),
-+ root + b"/name", name[:-1]]
-
- for key, val in zip(kv[0::2], kv[1::2]):
-- info(" '%s' = '%s'" % (key, val))
-+ info(" '%s' = '%s'" % (key.decode(), val.decode()))
-
-- vm.emu_xenstore += '\x00'.join(kv) + '\x00'
-+ vm.emu_xenstore += b'\x00'.join(kv) + b'\x00'
-
-
- def read_chunks(vm):
-@@ -524,7 +527,7 @@ def read_hvm_tail(vm):
- blob = rdexact(blobsz)
-
- write_record(libxc.REC_TYPE_hvm_context, blob)
-- write_record(libxc.REC_TYPE_end, "")
-+ write_record(libxc.REC_TYPE_end)
-
-
-
-@@ -534,7 +537,7 @@ def read_qemu(vm):
- sig, = unpack("21s", rawsig)
- info("Qemu signature: %s" % (sig, ))
-
-- if sig == "DeviceModelRecord0002":
-+ if sig == b"DeviceModelRecord0002":
- rawsz = rdexact(4)
- sz, = unpack("I", rawsz)
- qdata = rdexact(sz)
-@@ -617,36 +620,6 @@ def read_legacy_stream(vm):
- return 2
- return 0
-
--def open_file_or_fd(val, mode):
-- """
-- If 'val' looks like a decimal integer, open it as an fd. If not, try to
-- open it as a regular file.
-- """
--
-- fd = -1
-- try:
-- # Does it look like an integer?
-- try:
-- fd = int(val, 10)
-- except ValueError:
-- pass
--
-- # Try to open it...
-- if fd != -1:
-- return os.fdopen(fd, mode, 0)
-- else:
-- return open(val, mode, 0)
--
-- except StandardError, e:
-- if fd != -1:
-- err("Unable to open fd %d: %s: %s" %
-- (fd, e.__class__.__name__, e))
-- else:
-- err("Unable to open file '%s': %s: %s" %
-- (val, e.__class__.__name__, e))
--
-- raise SystemExit(1)
--
-
- def main():
- from optparse import OptionParser
-@@ -723,7 +696,7 @@ def main():
- if __name__ == "__main__":
- try:
- sys.exit(main())
-- except SystemExit, e:
-+ except SystemExit as e:
- sys.exit(e.code)
- except KeyboardInterrupt:
- sys.exit(1)
-diff --git a/tools/python/scripts/verify-stream-v2 b/tools/python/scripts/verify-stream-v2
-index 3daf25791e59..8bac04d5666f 100755
---- a/tools/python/scripts/verify-stream-v2
-+++ b/tools/python/scripts/verify-stream-v2
-@@ -3,12 +3,15 @@
-
- """ Verify a v2 format migration stream """
-
-+from __future__ import print_function
-+
- import sys
- import struct
- import os, os.path
- import syslog
- import traceback
-
-+from xen.util import open_file_or_fd as open_file_or_fd
- from xen.migration.verify import StreamError, RecordError
- from xen.migration.libxc import VerifyLibxc
- from xen.migration.libxl import VerifyLibxl
-@@ -25,7 +28,7 @@ def info(msg):
- for line in msg.split("\n"):
- syslog.syslog(syslog.LOG_INFO, line)
- else:
-- print msg
-+ print(msg)
-
- def err(msg):
- """Error message, routed to appropriate destination"""
-@@ -33,7 +36,7 @@ def err(msg):
- if log_to_syslog:
- for line in msg.split("\n"):
- syslog.syslog(syslog.LOG_ERR, line)
-- print >> sys.stderr, msg
-+ print(msg, file = sys.stderr)
-
- def stream_read(_ = None):
- """Read from input"""
-@@ -56,7 +59,7 @@ def skip_xl_header():
- """Skip over an xl header in the stream"""
-
- hdr = rdexact(32)
-- if hdr != "Xen saved domain, xl format\n \0 \r":
-+ if hdr != b"Xen saved domain, xl format\n \0 \r":
- raise StreamError("No xl header")
-
- _, mflags, _, optlen = unpack_exact("=IIII")
-@@ -86,7 +89,7 @@ def read_stream(fmt):
- err(traceback.format_exc())
- return 1
-
-- except StandardError:
-+ except Exception:
- err("Script Error:")
- err(traceback.format_exc())
- err("Please fix me")
-@@ -94,35 +97,6 @@ def read_stream(fmt):
-
- return 0
-
--def open_file_or_fd(val, mode, buffering):
-- """
-- If 'val' looks like a decimal integer, open it as an fd. If not, try to
-- open it as a regular file.
-- """
--
-- fd = -1
-- try:
-- # Does it look like an integer?
-- try:
-- fd = int(val, 10)
-- except ValueError:
-- pass
--
-- # Try to open it...
-- if fd != -1:
-- return os.fdopen(fd, mode, buffering)
-- else:
-- return open(val, mode, buffering)
--
-- except StandardError, e:
-- if fd != -1:
-- err("Unable to open fd %d: %s: %s" %
-- (fd, e.__class__.__name__, e))
-- else:
-- err("Unable to open file '%s': %s: %s" %
-- (val, e.__class__.__name__, e))
--
-- raise SystemExit(2)
-
- def main():
- """ main """
-@@ -168,7 +142,7 @@ def main():
- if __name__ == "__main__":
- try:
- sys.exit(main())
-- except SystemExit, e:
-+ except SystemExit as e:
- sys.exit(e.code)
- except KeyboardInterrupt:
- sys.exit(2)
-diff --git a/tools/python/xen/__init__.py b/tools/python/xen/__init__.py
-index 8d1c8b69c3fc..e69de29bb2d1 100644
---- a/tools/python/xen/__init__.py
-+++ b/tools/python/xen/__init__.py
-@@ -1 +0,0 @@
--
-diff --git a/tools/python/xen/lowlevel/__init__.py b/tools/python/xen/lowlevel/__init__.py
-index 8d1c8b69c3fc..e69de29bb2d1 100644
---- a/tools/python/xen/lowlevel/__init__.py
-+++ b/tools/python/xen/lowlevel/__init__.py
-@@ -1 +0,0 @@
--
-diff --git a/tools/python/xen/migration/libxc.py b/tools/python/xen/migration/libxc.py
-index f24448a9eff7..0a329c209030 100644
---- a/tools/python/xen/migration/libxc.py
-+++ b/tools/python/xen/migration/libxc.py
-@@ -14,10 +14,6 @@
-
- from xen.migration.verify import StreamError, RecordError, VerifyBase
-
--# In Python3 long type have been merged into int, 1L syntax is no longer valid
--if sys.version_info > (3,):
-- long = int
--
- # Image Header
- IHDR_FORMAT = "!QIIHHI"
-
-@@ -87,23 +83,23 @@
-
- # page_data
- PAGE_DATA_FORMAT = "II"
--PAGE_DATA_PFN_MASK = (long(1) << 52) - 1
--PAGE_DATA_PFN_RESZ_MASK = ((long(1) << 60) - 1) & ~((long(1) << 52) - 1)
-+PAGE_DATA_PFN_MASK = (1 << 52) - 1
-+PAGE_DATA_PFN_RESZ_MASK = ((1 << 60) - 1) & ~((1 << 52) - 1)
-
- # flags from xen/public/domctl.h: XEN_DOMCTL_PFINFO_* shifted by 32 bits
- PAGE_DATA_TYPE_SHIFT = 60
--PAGE_DATA_TYPE_LTABTYPE_MASK = (long(0x7) << PAGE_DATA_TYPE_SHIFT)
--PAGE_DATA_TYPE_LTAB_MASK = (long(0xf) << PAGE_DATA_TYPE_SHIFT)
--PAGE_DATA_TYPE_LPINTAB = (long(0x8) << PAGE_DATA_TYPE_SHIFT) # Pinned pagetable
--
--PAGE_DATA_TYPE_NOTAB = (long(0x0) << PAGE_DATA_TYPE_SHIFT) # Regular page
--PAGE_DATA_TYPE_L1TAB = (long(0x1) << PAGE_DATA_TYPE_SHIFT) # L1 pagetable
--PAGE_DATA_TYPE_L2TAB = (long(0x2) << PAGE_DATA_TYPE_SHIFT) # L2 pagetable
--PAGE_DATA_TYPE_L3TAB = (long(0x3) << PAGE_DATA_TYPE_SHIFT) # L3 pagetable
--PAGE_DATA_TYPE_L4TAB = (long(0x4) << PAGE_DATA_TYPE_SHIFT) # L4 pagetable
--PAGE_DATA_TYPE_BROKEN = (long(0xd) << PAGE_DATA_TYPE_SHIFT) # Broken
--PAGE_DATA_TYPE_XALLOC = (long(0xe) << PAGE_DATA_TYPE_SHIFT) # Allocate-only
--PAGE_DATA_TYPE_XTAB = (long(0xf) << PAGE_DATA_TYPE_SHIFT) # Invalid
-+PAGE_DATA_TYPE_LTABTYPE_MASK = (0x7 << PAGE_DATA_TYPE_SHIFT)
-+PAGE_DATA_TYPE_LTAB_MASK = (0xf << PAGE_DATA_TYPE_SHIFT)
-+PAGE_DATA_TYPE_LPINTAB = (0x8 << PAGE_DATA_TYPE_SHIFT) # Pinned pagetable
-+
-+PAGE_DATA_TYPE_NOTAB = (0x0 << PAGE_DATA_TYPE_SHIFT) # Regular page
-+PAGE_DATA_TYPE_L1TAB = (0x1 << PAGE_DATA_TYPE_SHIFT) # L1 pagetable
-+PAGE_DATA_TYPE_L2TAB = (0x2 << PAGE_DATA_TYPE_SHIFT) # L2 pagetable
-+PAGE_DATA_TYPE_L3TAB = (0x3 << PAGE_DATA_TYPE_SHIFT) # L3 pagetable
-+PAGE_DATA_TYPE_L4TAB = (0x4 << PAGE_DATA_TYPE_SHIFT) # L4 pagetable
-+PAGE_DATA_TYPE_BROKEN = (0xd << PAGE_DATA_TYPE_SHIFT) # Broken
-+PAGE_DATA_TYPE_XALLOC = (0xe << PAGE_DATA_TYPE_SHIFT) # Allocate-only
-+PAGE_DATA_TYPE_XTAB = (0xf << PAGE_DATA_TYPE_SHIFT) # Invalid
-
- # x86_pv_info
- X86_PV_INFO_FORMAT = "BBHI"
-@@ -223,7 +219,7 @@ def verify_record(self):
- self.squashed_pagedata_records += 1
-
- padding = content[length:]
-- if padding != "\x00" * len(padding):
-+ if padding != b"\x00" * len(padding):
- raise StreamError("Padding containing non0 bytes found")
-
- if rtype not in record_verifiers:
-diff --git a/tools/python/xen/migration/libxl.py b/tools/python/xen/migration/libxl.py
-index d5f54dc48932..79f4024e7280 100644
---- a/tools/python/xen/migration/libxl.py
-+++ b/tools/python/xen/migration/libxl.py
-@@ -128,7 +128,7 @@ def verify_record(self):
- content = self.rdexact(contentsz)
-
- padding = content[length:]
-- if padding != "\x00" * len(padding):
-+ if padding != b"\x00" * len(padding):
- raise StreamError("Padding containing non0 bytes found")
-
- if rtype not in record_verifiers:
-diff --git a/tools/python/xen/migration/verify.py b/tools/python/xen/migration/verify.py
-index 7a42dbfc5868..1e38f4a3c01e 100644
---- a/tools/python/xen/migration/verify.py
-+++ b/tools/python/xen/migration/verify.py
-@@ -7,11 +7,11 @@
-
- from struct import calcsize, unpack
-
--class StreamError(StandardError):
-+class StreamError(Exception):
- """Error with the stream"""
- pass
-
--class RecordError(StandardError):
-+class RecordError(Exception):
- """Error with a record in the stream"""
- pass
-
-diff --git a/tools/python/xen/util.py b/tools/python/xen/util.py
-new file mode 100644
-index 000000000000..a11358eefa13
---- /dev/null
-+++ b/tools/python/xen/util.py
-@@ -0,0 +1,23 @@
-+#!/usr/bin/env python
-+# -*- coding: utf-8 -*-
-+
-+import os
-+
-+def open_file_or_fd(val, *argl, **kwargs):
-+ """
-+ If 'val' looks like a decimal integer, open it as an fd. If not, try to
-+ open it as a regular file.
-+ """
-+
-+ fd = -1
-+ try:
-+ # Does it look like an integer?
-+ fd = int(val, 10)
-+ except ValueError:
-+ pass
-+
-+ # Try to open it...
-+ if fd != -1:
-+ return os.fdopen(fd, *argl, **kwargs)
-+ else:
-+ return open(val, *argl, **kwargs)
diff --git a/main/xen/qemu-xen-time64.patch b/main/xen/qemu-xen-time64.patch
index c0c65fb27f..20fa4af118 100644
--- a/main/xen/qemu-xen-time64.patch
+++ b/main/xen/qemu-xen-time64.patch
@@ -1,6 +1,6 @@
diff -urN xen-4.13.1.orig/tools/qemu-xen/contrib/vhost-user-input/main.c xen-4.13.1/tools/qemu-xen/contrib/vhost-user-input/main.c
---- xen-4.13.1.orig/tools/qemu-xen/contrib/vhost-user-input/main.c 2020-07-22 02:06:07.554540365 -0600
-+++ xen-4.13.1/tools/qemu-xen/contrib/vhost-user-input/main.c 2020-07-22 02:36:31.253058465 -0600
+--- a/tools/qemu-xen/contrib/vhost-user-input/main.c 2020-07-22 02:06:07.554540365 -0600
++++ b/tools/qemu-xen/contrib/vhost-user-input/main.c 2020-07-22 02:36:31.253058465 -0600
@@ -115,13 +115,16 @@
static void vi_handle_status(VuInput *vi, virtio_input_event *event)
{
@@ -20,8 +20,8 @@ diff -urN xen-4.13.1.orig/tools/qemu-xen/contrib/vhost-user-input/main.c xen-4.1
evdev.code = le16toh(event->code);
evdev.value = le32toh(event->value);
diff -urN xen-4.13.1.orig/tools/qemu-xen/hw/input/virtio-input-host.c xen-4.13.1/tools/qemu-xen/hw/input/virtio-input-host.c
---- xen-4.13.1.orig/tools/qemu-xen/hw/input/virtio-input-host.c 2020-07-22 02:06:07.561207062 -0600
-+++ xen-4.13.1/tools/qemu-xen/hw/input/virtio-input-host.c 2020-07-22 02:13:05.923156710 -0600
+--- a/tools/qemu-xen/hw/input/virtio-input-host.c 2020-07-22 02:06:07.561207062 -0600
++++ b/tools/qemu-xen/hw/input/virtio-input-host.c 2020-07-22 02:13:05.923156710 -0600
@@ -192,14 +192,17 @@
virtio_input_event *event)
{
diff --git a/main/xen/xen-fd-is-file.c b/main/xen/xen-fd-is-file.c
deleted file mode 100644
index a1518e4df0..0000000000
--- a/main/xen/xen-fd-is-file.c
+++ /dev/null
@@ -1,62 +0,0 @@
-#include <sys/stat.h>
-
-#include <stdio.h>
-#include <fcntl.h>
-#include <err.h>
-
-/*
-
-this is to be used as:
-
- while true; do
- eval "exec $_lockfd<>$_lockfile"
- flock -x $_lockfd || return $?
- if xen-fd-is-file $_lockfd $_lockfile; then break; fi
- eval "exec $_lockfd<&-"
- done
-
-instead of:
-
- local rightfile
- while true; do
- eval "exec $_lockfd<>$_lockfile"
- flock -x $_lockfd || return $?
- # We can't just stat /dev/stdin or /proc/self/fd/$_lockfd or
- # use bash's test -ef because those all go through what is
- # actually a synthetic symlink in /proc and we aren't
- # guaranteed that our stat(2) won't lose the race with an
- # rm(1) between reading the synthetic link and traversing the
- # file system to find the inum. Perl is very fast so use that.
- rightfile=$( perl -e '
- open STDIN, "<&'$_lockfd'" or die $!;
- my $fd_inum = (stat STDIN)[1]; die $! unless defined $fd_inum;
- my $file_inum = (stat $ARGV[0])[1];
- print "y\n" if $fd_inum eq $file_inum;
- ' "$_lockfile" )
- if [ x$rightfile = xy ]; then break; fi
- # Some versions of bash appear to be buggy if the same
- # $_lockfile is opened repeatedly. Close the current fd here.
- eval "exec $_lockfd<&-"
- done
-*/
-
-int main(int argc, char *argv[])
-{
- int lockfd;
- const char *filename;
- struct stat fdst, filest;
-
- if (argc <= 2)
- errx(1, "usage: %s FDNUM FILENAME\n", argv[0]);
-
- lockfd = atoi(argv[1]);
- filename = argv[2];
-
- if (fstat(lockfd, &fdst) < 0)
- err(2, "fstat(%i)", lockfd);
-
- if (stat(filename, &filest) < 0)
- err(3, "stat(%s)", filename);
-
- return (fdst.st_ino != filest.st_ino);
-}
diff --git a/main/xen/xen-hotplug-lockfd.patch b/main/xen/xen-hotplug-lockfd.patch
deleted file mode 100644
index 2f91889948..0000000000
--- a/main/xen/xen-hotplug-lockfd.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-We remove the perl snippet to verify the lockfile with lockfd to
-avoid perl dependency
-
-use a tiny C app to do the same job.
-
---- ./tools/hotplug/Linux/locking.sh.orig
-+++ ./tools/hotplug/Linux/locking.sh
-@@ -51,14 +51,8 @@
- # actually a synthetic symlink in /proc and we aren't
- # guaranteed that our stat(2) won't lose the race with an
- # rm(1) between reading the synthetic link and traversing the
-- # file system to find the inum. Perl is very fast so use that.
-- rightfile=$( perl -e '
-- open STDIN, "<&'$_lockfd'" or die $!;
-- my $fd_inum = (stat STDIN)[1]; die $! unless defined $fd_inum;
-- my $file_inum = (stat $ARGV[0])[1];
-- print "y\n" if $fd_inum eq $file_inum;
-- ' "$_lockfile" )
-- if [ x$rightfile = xy ]; then break; fi
-+ # file system to find the inum. We use tiny C file for that
-+ if /usr/lib/xen/bin/xen-fd-is-file $_lockfd $_lockfile; then break; fi
- # Some versions of bash appear to be buggy if the same
- # $_lockfile is opened repeatedly. Close the current fd here.
- eval "exec $_lockfd<&-"
diff --git a/main/xen/xsa317.patch b/main/xen/xsa317.patch
deleted file mode 100644
index 20e2c643d0..0000000000
--- a/main/xen/xsa317.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-From aeb46e92f915f19a61d5a8a1f4b696793f64e6fb Mon Sep 17 00:00:00 2001
-From: Julien Grall <jgrall@amazon.com>
-Date: Thu, 19 Mar 2020 13:17:31 +0000
-Subject: [PATCH] xen/common: event_channel: Don't ignore error in
- get_free_port()
-
-Currently, get_free_port() is assuming that the port has been allocated
-when evtchn_allocate_port() is not return -EBUSY.
-
-However, the function may return an error when:
- - We exhausted all the event channels. This can happen if the limit
- configured by the administrator for the guest ('max_event_channels'
- in xl cfg) is higher than the ABI used by the guest. For instance,
- if the guest is using 2L, the limit should not be higher than 4095.
- - We cannot allocate memory (e.g Xen has not more memory).
-
-Users of get_free_port() (such as EVTCHNOP_alloc_unbound) will validly
-assuming the port was valid and will next call evtchn_from_port(). This
-will result to a crash as the memory backing the event channel structure
-is not present.
-
-Fixes: 368ae9a05fe ("xen/pvshim: forward evtchn ops between L0 Xen and L2 DomU")
-Signed-off-by: Julien Grall <jgrall@amazon.com>
-Reviewed-by: Jan Beulich <jbeulich@suse.com>
----
- xen/common/event_channel.c | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/xen/common/event_channel.c b/xen/common/event_channel.c
-index e86e2bfab0..a8d182b584 100644
---- a/xen/common/event_channel.c
-+++ b/xen/common/event_channel.c
-@@ -195,10 +195,10 @@ static int get_free_port(struct domain *d)
- {
- int rc = evtchn_allocate_port(d, port);
-
-- if ( rc == -EBUSY )
-- continue;
--
-- return port;
-+ if ( rc == 0 )
-+ return port;
-+ else if ( rc != -EBUSY )
-+ return rc;
- }
-
- return -ENOSPC;
---
-2.17.1
-
diff --git a/main/xen/xsa319.patch b/main/xen/xsa319.patch
deleted file mode 100644
index 769443c900..0000000000
--- a/main/xen/xsa319.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From: Jan Beulich <jbeulich@suse.com>
-Subject: x86/shadow: correct an inverted conditional in dirty VRAM tracking
-
-This originally was "mfn_x(mfn) == INVALID_MFN". Make it like this
-again, taking the opportunity to also drop the unnecessary nearby
-braces.
-
-This is XSA-319.
-
-Fixes: 246a5a3377c2 ("xen: Use a typesafe to define INVALID_MFN")
-Signed-off-by: Jan Beulich <jbeulich@suse.com>
-Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
-
---- a/xen/arch/x86/mm/shadow/common.c
-+++ b/xen/arch/x86/mm/shadow/common.c
-@@ -3252,10 +3252,8 @@ int shadow_track_dirty_vram(struct domai
- int dirty = 0;
- paddr_t sl1ma = dirty_vram->sl1ma[i];
-
-- if ( !mfn_eq(mfn, INVALID_MFN) )
-- {
-+ if ( mfn_eq(mfn, INVALID_MFN) )
- dirty = 1;
-- }
- else
- {
- page = mfn_to_page(mfn);
diff --git a/main/xen/xsa320-4.13-1.patch b/main/xen/xsa320-4.13-1.patch
deleted file mode 100644
index 09eb8ea98e..0000000000
--- a/main/xen/xsa320-4.13-1.patch
+++ /dev/null
@@ -1,117 +0,0 @@
-From: Andrew Cooper <andrew.cooper3@citrix.com>
-Subject: x86/spec-ctrl: CPUID/MSR definitions for Special Register Buffer Data Sampling
-
-This is part of XSA-320 / CVE-2020-0543
-
-Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
-Reviewed-by: Jan Beulich <jbeulich@suse.com>
-Acked-by: Wei Liu <wl@xen.org>
-
-diff --git a/docs/misc/xen-command-line.pandoc b/docs/misc/xen-command-line.pandoc
-index 1d9d816622..9268454297 100644
---- a/docs/misc/xen-command-line.pandoc
-+++ b/docs/misc/xen-command-line.pandoc
-@@ -483,10 +483,10 @@ accounting for hardware capabilities as enumerated via CPUID.
-
- Currently accepted:
-
--The Speculation Control hardware features `md-clear`, `ibrsb`, `stibp`, `ibpb`,
--`l1d-flush` and `ssbd` are used by default if available and applicable. They can
--be ignored, e.g. `no-ibrsb`, at which point Xen won't use them itself, and
--won't offer them to guests.
-+The Speculation Control hardware features `srbds-ctrl`, `md-clear`, `ibrsb`,
-+`stibp`, `ibpb`, `l1d-flush` and `ssbd` are used by default if available and
-+applicable. They can be ignored, e.g. `no-ibrsb`, at which point Xen won't
-+use them itself, and won't offer them to guests.
-
- ### cpuid_mask_cpu
- > `= fam_0f_rev_[cdefg] | fam_10_rev_[bc] | fam_11_rev_b`
-diff --git a/tools/libxl/libxl_cpuid.c b/tools/libxl/libxl_cpuid.c
-index 6cea4227ba..a78f08b927 100644
---- a/tools/libxl/libxl_cpuid.c
-+++ b/tools/libxl/libxl_cpuid.c
-@@ -213,6 +213,7 @@ int libxl_cpuid_parse_config(libxl_cpuid_policy_list *cpuid, const char* str)
-
- {"avx512-4vnniw",0x00000007, 0, CPUID_REG_EDX, 2, 1},
- {"avx512-4fmaps",0x00000007, 0, CPUID_REG_EDX, 3, 1},
-+ {"srbds-ctrl", 0x00000007, 0, CPUID_REG_EDX, 9, 1},
- {"md-clear", 0x00000007, 0, CPUID_REG_EDX, 10, 1},
- {"cet-ibt", 0x00000007, 0, CPUID_REG_EDX, 20, 1},
- {"ibrsb", 0x00000007, 0, CPUID_REG_EDX, 26, 1},
-diff --git a/tools/misc/xen-cpuid.c b/tools/misc/xen-cpuid.c
-index 603e1d65fd..a09440813b 100644
---- a/tools/misc/xen-cpuid.c
-+++ b/tools/misc/xen-cpuid.c
-@@ -157,6 +157,7 @@ static const char *const str_7d0[32] =
- [ 2] = "avx512_4vnniw", [ 3] = "avx512_4fmaps",
- [ 4] = "fsrm",
-
-+ /* 8 */ [ 9] = "srbds-ctrl",
- [10] = "md-clear",
- /* 12 */ [13] = "tsx-force-abort",
-
-diff --git a/xen/arch/x86/msr.c b/xen/arch/x86/msr.c
-index 4b12103482..0cded3c0ad 100644
---- a/xen/arch/x86/msr.c
-+++ b/xen/arch/x86/msr.c
-@@ -134,6 +134,7 @@ int guest_rdmsr(struct vcpu *v, uint32_t msr, uint64_t *val)
- /* Write-only */
- case MSR_TSX_FORCE_ABORT:
- case MSR_TSX_CTRL:
-+ case MSR_MCU_OPT_CTRL:
- case MSR_U_CET:
- case MSR_S_CET:
- case MSR_PL0_SSP ... MSR_INTERRUPT_SSP_TABLE:
-@@ -288,6 +289,7 @@ int guest_wrmsr(struct vcpu *v, uint32_t msr, uint64_t val)
- /* Read-only */
- case MSR_TSX_FORCE_ABORT:
- case MSR_TSX_CTRL:
-+ case MSR_MCU_OPT_CTRL:
- case MSR_U_CET:
- case MSR_S_CET:
- case MSR_PL0_SSP ... MSR_INTERRUPT_SSP_TABLE:
-diff --git a/xen/arch/x86/spec_ctrl.c b/xen/arch/x86/spec_ctrl.c
-index 6656c44aec..5fc1c6827e 100644
---- a/xen/arch/x86/spec_ctrl.c
-+++ b/xen/arch/x86/spec_ctrl.c
-@@ -312,12 +312,13 @@ static void __init print_details(enum ind_thunk thunk, uint64_t caps)
- printk("Speculative mitigation facilities:\n");
-
- /* Hardware features which pertain to speculative mitigations. */
-- printk(" Hardware features:%s%s%s%s%s%s%s%s%s%s%s%s%s%s\n",
-+ printk(" Hardware features:%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s\n",
- (_7d0 & cpufeat_mask(X86_FEATURE_IBRSB)) ? " IBRS/IBPB" : "",
- (_7d0 & cpufeat_mask(X86_FEATURE_STIBP)) ? " STIBP" : "",
- (_7d0 & cpufeat_mask(X86_FEATURE_L1D_FLUSH)) ? " L1D_FLUSH" : "",
- (_7d0 & cpufeat_mask(X86_FEATURE_SSBD)) ? " SSBD" : "",
- (_7d0 & cpufeat_mask(X86_FEATURE_MD_CLEAR)) ? " MD_CLEAR" : "",
-+ (_7d0 & cpufeat_mask(X86_FEATURE_SRBDS_CTRL)) ? " SRBDS_CTRL" : "",
- (e8b & cpufeat_mask(X86_FEATURE_IBPB)) ? " IBPB" : "",
- (caps & ARCH_CAPS_IBRS_ALL) ? " IBRS_ALL" : "",
- (caps & ARCH_CAPS_RDCL_NO) ? " RDCL_NO" : "",
-diff --git a/xen/include/asm-x86/msr-index.h b/xen/include/asm-x86/msr-index.h
-index 7693c4a71a..91994669e1 100644
---- a/xen/include/asm-x86/msr-index.h
-+++ b/xen/include/asm-x86/msr-index.h
-@@ -179,6 +179,9 @@
- #define MSR_IA32_VMX_TRUE_ENTRY_CTLS 0x490
- #define MSR_IA32_VMX_VMFUNC 0x491
-
-+#define MSR_MCU_OPT_CTRL 0x00000123
-+#define MCU_OPT_CTRL_RNGDS_MITG_DIS (_AC(1, ULL) << 0)
-+
- #define MSR_U_CET 0x000006a0
- #define MSR_S_CET 0x000006a2
- #define MSR_PL0_SSP 0x000006a4
-diff --git a/xen/include/public/arch-x86/cpufeatureset.h b/xen/include/public/arch-x86/cpufeatureset.h
-index 2835688f1c..a2482c3627 100644
---- a/xen/include/public/arch-x86/cpufeatureset.h
-+++ b/xen/include/public/arch-x86/cpufeatureset.h
-@@ -252,6 +252,7 @@ XEN_CPUFEATURE(IBPB, 8*32+12) /*A IBPB support only (no IBRS, used by
- /* Intel-defined CPU features, CPUID level 0x00000007:0.edx, word 9 */
- XEN_CPUFEATURE(AVX512_4VNNIW, 9*32+ 2) /*A AVX512 Neural Network Instructions */
- XEN_CPUFEATURE(AVX512_4FMAPS, 9*32+ 3) /*A AVX512 Multiply Accumulation Single Precision */
-+XEN_CPUFEATURE(SRBDS_CTRL, 9*32+ 9) /* MSR_MCU_OPT_CTRL and RNGDS_MITG_DIS. */
- XEN_CPUFEATURE(MD_CLEAR, 9*32+10) /*A VERW clears microarchitectural buffers */
- XEN_CPUFEATURE(TSX_FORCE_ABORT, 9*32+13) /* MSR_TSX_FORCE_ABORT.RTM_ABORT */
- XEN_CPUFEATURE(CET_IBT, 9*32+20) /* CET - Indirect Branch Tracking */
diff --git a/main/xen/xsa320-4.13-2.patch b/main/xen/xsa320-4.13-2.patch
deleted file mode 100644
index 8a8080a312..0000000000
--- a/main/xen/xsa320-4.13-2.patch
+++ /dev/null
@@ -1,179 +0,0 @@
-From: Andrew Cooper <andrew.cooper3@citrix.com>
-Subject: x86/spec-ctrl: Mitigate the Special Register Buffer Data Sampling sidechannel
-
-See patch documentation and comments.
-
-This is part of XSA-320 / CVE-2020-0543
-
-Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
-Reviewed-by: Jan Beulich <jbeulich@suse.com>
-
-diff --git a/docs/misc/xen-command-line.pandoc b/docs/misc/xen-command-line.pandoc
-index 9268454297..c780312531 100644
---- a/docs/misc/xen-command-line.pandoc
-+++ b/docs/misc/xen-command-line.pandoc
-@@ -1991,7 +1991,7 @@ By default SSBD will be mitigated at runtime (i.e `ssbd=runtime`).
- ### spec-ctrl (x86)
- > `= List of [ <bool>, xen=<bool>, {pv,hvm,msr-sc,rsb,md-clear}=<bool>,
- > bti-thunk=retpoline|lfence|jmp, {ibrs,ibpb,ssbd,eager-fpu,
--> l1d-flush,branch-harden}=<bool> ]`
-+> l1d-flush,branch-harden,srb-lock}=<bool> ]`
-
- Controls for speculative execution sidechannel mitigations. By default, Xen
- will pick the most appropriate mitigations based on compiled in support,
-@@ -2068,6 +2068,12 @@ If Xen is compiled with `CONFIG_SPECULATIVE_HARDEN_BRANCH`, the
- speculation barriers to protect selected conditional branches. By default,
- Xen will enable this mitigation.
-
-+On hardware supporting SRBDS_CTRL, the `srb-lock=` option can be used to force
-+or prevent Xen from protect the Special Register Buffer from leaking stale
-+data. By default, Xen will enable this mitigation, except on parts where MDS
-+is fixed and TAA is fixed/mitigated (in which case, there is believed to be no
-+way for an attacker to obtain the stale data).
-+
- ### sync_console
- > `= <boolean>`
-
-diff --git a/xen/arch/x86/acpi/power.c b/xen/arch/x86/acpi/power.c
-index feb0f6ce20..75c6e34164 100644
---- a/xen/arch/x86/acpi/power.c
-+++ b/xen/arch/x86/acpi/power.c
-@@ -295,6 +295,9 @@ static int enter_state(u32 state)
- ci->spec_ctrl_flags |= (default_spec_ctrl_flags & SCF_ist_wrmsr);
- spec_ctrl_exit_idle(ci);
-
-+ if ( boot_cpu_has(X86_FEATURE_SRBDS_CTRL) )
-+ wrmsrl(MSR_MCU_OPT_CTRL, default_xen_mcu_opt_ctrl);
-+
- done:
- spin_debug_enable();
- local_irq_restore(flags);
-diff --git a/xen/arch/x86/smpboot.c b/xen/arch/x86/smpboot.c
-index dc8fdac1a1..b1e51b3aff 100644
---- a/xen/arch/x86/smpboot.c
-+++ b/xen/arch/x86/smpboot.c
-@@ -361,12 +361,14 @@ void start_secondary(void *unused)
- microcode_update_one(false);
-
- /*
-- * If MSR_SPEC_CTRL is available, apply Xen's default setting and discard
-- * any firmware settings. Note: MSR_SPEC_CTRL may only become available
-- * after loading microcode.
-+ * If any speculative control MSRs are available, apply Xen's default
-+ * settings. Note: These MSRs may only become available after loading
-+ * microcode.
- */
- if ( boot_cpu_has(X86_FEATURE_IBRSB) )
- wrmsrl(MSR_SPEC_CTRL, default_xen_spec_ctrl);
-+ if ( boot_cpu_has(X86_FEATURE_SRBDS_CTRL) )
-+ wrmsrl(MSR_MCU_OPT_CTRL, default_xen_mcu_opt_ctrl);
-
- tsx_init(); /* Needs microcode. May change HLE/RTM feature bits. */
-
-diff --git a/xen/arch/x86/spec_ctrl.c b/xen/arch/x86/spec_ctrl.c
-index 5fc1c6827e..33343062a7 100644
---- a/xen/arch/x86/spec_ctrl.c
-+++ b/xen/arch/x86/spec_ctrl.c
-@@ -65,6 +65,9 @@ static unsigned int __initdata l1d_maxphysaddr;
- static bool __initdata cpu_has_bug_msbds_only; /* => minimal HT impact. */
- static bool __initdata cpu_has_bug_mds; /* Any other M{LP,SB,FB}DS combination. */
-
-+static int8_t __initdata opt_srb_lock = -1;
-+uint64_t __read_mostly default_xen_mcu_opt_ctrl;
-+
- static int __init parse_spec_ctrl(const char *s)
- {
- const char *ss;
-@@ -112,6 +115,7 @@ static int __init parse_spec_ctrl(const char *s)
- opt_ssbd = false;
- opt_l1d_flush = 0;
- opt_branch_harden = false;
-+ opt_srb_lock = 0;
- }
- else if ( val > 0 )
- rc = -EINVAL;
-@@ -178,6 +182,8 @@ static int __init parse_spec_ctrl(const char *s)
- opt_l1d_flush = val;
- else if ( (val = parse_boolean("branch-harden", s, ss)) >= 0 )
- opt_branch_harden = val;
-+ else if ( (val = parse_boolean("srb-lock", s, ss)) >= 0 )
-+ opt_srb_lock = val;
- else
- rc = -EINVAL;
-
-@@ -341,7 +347,7 @@ static void __init print_details(enum ind_thunk thunk, uint64_t caps)
- "\n");
-
- /* Settings for Xen's protection, irrespective of guests. */
-- printk(" Xen settings: BTI-Thunk %s, SPEC_CTRL: %s%s%s, Other:%s%s%s%s\n",
-+ printk(" Xen settings: BTI-Thunk %s, SPEC_CTRL: %s%s%s, Other:%s%s%s%s%s\n",
- thunk == THUNK_NONE ? "N/A" :
- thunk == THUNK_RETPOLINE ? "RETPOLINE" :
- thunk == THUNK_LFENCE ? "LFENCE" :
-@@ -352,6 +358,8 @@ static void __init print_details(enum ind_thunk thunk, uint64_t caps)
- (default_xen_spec_ctrl & SPEC_CTRL_SSBD) ? " SSBD+" : " SSBD-",
- !(caps & ARCH_CAPS_TSX_CTRL) ? "" :
- (opt_tsx & 1) ? " TSX+" : " TSX-",
-+ !boot_cpu_has(X86_FEATURE_SRBDS_CTRL) ? "" :
-+ opt_srb_lock ? " SRB_LOCK+" : " SRB_LOCK-",
- opt_ibpb ? " IBPB" : "",
- opt_l1d_flush ? " L1D_FLUSH" : "",
- opt_md_clear_pv || opt_md_clear_hvm ? " VERW" : "",
-@@ -1149,6 +1157,34 @@ void __init init_speculation_mitigations(void)
- tsx_init();
- }
-
-+ /* Calculate suitable defaults for MSR_MCU_OPT_CTRL */
-+ if ( boot_cpu_has(X86_FEATURE_SRBDS_CTRL) )
-+ {
-+ uint64_t val;
-+
-+ rdmsrl(MSR_MCU_OPT_CTRL, val);
-+
-+ /*
-+ * On some SRBDS-affected hardware, it may be safe to relax srb-lock
-+ * by default.
-+ *
-+ * On parts which enumerate MDS_NO and not TAA_NO, TSX is the only way
-+ * to access the Fill Buffer. If TSX isn't available (inc. SKU
-+ * reasons on some models), or TSX is explicitly disabled, then there
-+ * is no need for the extra overhead to protect RDRAND/RDSEED.
-+ */
-+ if ( opt_srb_lock == -1 &&
-+ (caps & (ARCH_CAPS_MDS_NO|ARCH_CAPS_TAA_NO)) == ARCH_CAPS_MDS_NO &&
-+ (!cpu_has_hle || ((caps & ARCH_CAPS_TSX_CTRL) && opt_tsx == 0)) )
-+ opt_srb_lock = 0;
-+
-+ val &= ~MCU_OPT_CTRL_RNGDS_MITG_DIS;
-+ if ( !opt_srb_lock )
-+ val |= MCU_OPT_CTRL_RNGDS_MITG_DIS;
-+
-+ default_xen_mcu_opt_ctrl = val;
-+ }
-+
- print_details(thunk, caps);
-
- /*
-@@ -1180,6 +1216,9 @@ void __init init_speculation_mitigations(void)
-
- wrmsrl(MSR_SPEC_CTRL, bsp_delay_spec_ctrl ? 0 : default_xen_spec_ctrl);
- }
-+
-+ if ( boot_cpu_has(X86_FEATURE_SRBDS_CTRL) )
-+ wrmsrl(MSR_MCU_OPT_CTRL, default_xen_mcu_opt_ctrl);
- }
-
- static void __init __maybe_unused build_assertions(void)
-diff --git a/xen/include/asm-x86/spec_ctrl.h b/xen/include/asm-x86/spec_ctrl.h
-index 9caecddfec..b252bb8631 100644
---- a/xen/include/asm-x86/spec_ctrl.h
-+++ b/xen/include/asm-x86/spec_ctrl.h
-@@ -54,6 +54,8 @@ extern int8_t opt_pv_l1tf_hwdom, opt_pv_l1tf_domu;
- */
- extern paddr_t l1tf_addr_mask, l1tf_safe_maddr;
-
-+extern uint64_t default_xen_mcu_opt_ctrl;
-+
- static inline void init_shadow_spec_ctrl_state(void)
- {
- struct cpu_info *info = get_cpu_info();
diff --git a/main/xen/xsa321-4.13-1.patch b/main/xen/xsa321-4.13-1.patch
deleted file mode 100644
index 9a08ab240e..0000000000
--- a/main/xen/xsa321-4.13-1.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From: Jan Beulich <jbeulich@suse.com>
-Subject: vtd: improve IOMMU TLB flush
-
-Do not limit PSI flushes to order 0 pages, in order to avoid doing a
-full TLB flush if the passed in page has an order greater than 0 and
-is aligned. Should increase the performance of IOMMU TLB flushes when
-dealing with page orders greater than 0.
-
-This is part of XSA-321.
-
-Signed-off-by: Jan Beulich <jbeulich@suse.com>
-
---- a/xen/drivers/passthrough/vtd/iommu.c
-+++ b/xen/drivers/passthrough/vtd/iommu.c
-@@ -570,13 +570,14 @@ static int __must_check iommu_flush_iotl
- if ( iommu_domid == -1 )
- continue;
-
-- if ( page_count != 1 || dfn_eq(dfn, INVALID_DFN) )
-+ if ( !page_count || (page_count & (page_count - 1)) ||
-+ dfn_eq(dfn, INVALID_DFN) || !IS_ALIGNED(dfn_x(dfn), page_count) )
- rc = iommu_flush_iotlb_dsi(iommu, iommu_domid,
- 0, flush_dev_iotlb);
- else
- rc = iommu_flush_iotlb_psi(iommu, iommu_domid,
- dfn_to_daddr(dfn),
-- PAGE_ORDER_4K,
-+ get_order_from_pages(page_count),
- !dma_old_pte_present,
- flush_dev_iotlb);
-
diff --git a/main/xen/xsa321-4.13-2.patch b/main/xen/xsa321-4.13-2.patch
deleted file mode 100644
index 1e48615f2b..0000000000
--- a/main/xen/xsa321-4.13-2.patch
+++ /dev/null
@@ -1,175 +0,0 @@
-From: <security@xenproject.org>
-Subject: vtd: prune (and rename) cache flush functions
-
-Rename __iommu_flush_cache to iommu_sync_cache and remove
-iommu_flush_cache_page. Also remove the iommu_flush_cache_entry
-wrapper and just use iommu_sync_cache instead. Note the _entry suffix
-was meaningless as the wrapper was already taking a size parameter in
-bytes. While there also constify the addr parameter.
-
-No functional change intended.
-
-This is part of XSA-321.
-
-Reviewed-by: Jan Beulich <jbeulich@suse.com>
-
---- a/xen/drivers/passthrough/vtd/extern.h
-+++ b/xen/drivers/passthrough/vtd/extern.h
-@@ -43,8 +43,7 @@ void disable_qinval(struct vtd_iommu *io
- int enable_intremap(struct vtd_iommu *iommu, int eim);
- void disable_intremap(struct vtd_iommu *iommu);
-
--void iommu_flush_cache_entry(void *addr, unsigned int size);
--void iommu_flush_cache_page(void *addr, unsigned long npages);
-+void iommu_sync_cache(const void *addr, unsigned int size);
- int iommu_alloc(struct acpi_drhd_unit *drhd);
- void iommu_free(struct acpi_drhd_unit *drhd);
-
---- a/xen/drivers/passthrough/vtd/intremap.c
-+++ b/xen/drivers/passthrough/vtd/intremap.c
-@@ -230,7 +230,7 @@ static void free_remap_entry(struct vtd_
- iremap_entries, iremap_entry);
-
- update_irte(iommu, iremap_entry, &new_ire, false);
-- iommu_flush_cache_entry(iremap_entry, sizeof(*iremap_entry));
-+ iommu_sync_cache(iremap_entry, sizeof(*iremap_entry));
- iommu_flush_iec_index(iommu, 0, index);
-
- unmap_vtd_domain_page(iremap_entries);
-@@ -406,7 +406,7 @@ static int ioapic_rte_to_remap_entry(str
- }
-
- update_irte(iommu, iremap_entry, &new_ire, !init);
-- iommu_flush_cache_entry(iremap_entry, sizeof(*iremap_entry));
-+ iommu_sync_cache(iremap_entry, sizeof(*iremap_entry));
- iommu_flush_iec_index(iommu, 0, index);
-
- unmap_vtd_domain_page(iremap_entries);
-@@ -695,7 +695,7 @@ static int msi_msg_to_remap_entry(
- update_irte(iommu, iremap_entry, &new_ire, msi_desc->irte_initialized);
- msi_desc->irte_initialized = true;
-
-- iommu_flush_cache_entry(iremap_entry, sizeof(*iremap_entry));
-+ iommu_sync_cache(iremap_entry, sizeof(*iremap_entry));
- iommu_flush_iec_index(iommu, 0, index);
-
- unmap_vtd_domain_page(iremap_entries);
---- a/xen/drivers/passthrough/vtd/iommu.c
-+++ b/xen/drivers/passthrough/vtd/iommu.c
-@@ -140,7 +140,8 @@ static int context_get_domain_id(struct
- }
-
- static int iommus_incoherent;
--static void __iommu_flush_cache(void *addr, unsigned int size)
-+
-+void iommu_sync_cache(const void *addr, unsigned int size)
- {
- int i;
- static unsigned int clflush_size = 0;
-@@ -155,16 +156,6 @@ static void __iommu_flush_cache(void *ad
- cacheline_flush((char *)addr + i);
- }
-
--void iommu_flush_cache_entry(void *addr, unsigned int size)
--{
-- __iommu_flush_cache(addr, size);
--}
--
--void iommu_flush_cache_page(void *addr, unsigned long npages)
--{
-- __iommu_flush_cache(addr, PAGE_SIZE * npages);
--}
--
- /* Allocate page table, return its machine address */
- uint64_t alloc_pgtable_maddr(unsigned long npages, nodeid_t node)
- {
-@@ -183,7 +174,7 @@ uint64_t alloc_pgtable_maddr(unsigned lo
- vaddr = __map_domain_page(cur_pg);
- memset(vaddr, 0, PAGE_SIZE);
-
-- iommu_flush_cache_page(vaddr, 1);
-+ iommu_sync_cache(vaddr, PAGE_SIZE);
- unmap_domain_page(vaddr);
- cur_pg++;
- }
-@@ -216,7 +207,7 @@ static u64 bus_to_context_maddr(struct v
- }
- set_root_value(*root, maddr);
- set_root_present(*root);
-- iommu_flush_cache_entry(root, sizeof(struct root_entry));
-+ iommu_sync_cache(root, sizeof(struct root_entry));
- }
- maddr = (u64) get_context_addr(*root);
- unmap_vtd_domain_page(root_entries);
-@@ -263,7 +254,7 @@ static u64 addr_to_dma_page_maddr(struct
- */
- dma_set_pte_readable(*pte);
- dma_set_pte_writable(*pte);
-- iommu_flush_cache_entry(pte, sizeof(struct dma_pte));
-+ iommu_sync_cache(pte, sizeof(struct dma_pte));
- }
-
- if ( level == 2 )
-@@ -640,7 +631,7 @@ static int __must_check dma_pte_clear_on
- *flush_flags |= IOMMU_FLUSHF_modified;
-
- spin_unlock(&hd->arch.mapping_lock);
-- iommu_flush_cache_entry(pte, sizeof(struct dma_pte));
-+ iommu_sync_cache(pte, sizeof(struct dma_pte));
-
- unmap_vtd_domain_page(page);
-
-@@ -679,7 +670,7 @@ static void iommu_free_page_table(struct
- iommu_free_pagetable(dma_pte_addr(*pte), next_level);
-
- dma_clear_pte(*pte);
-- iommu_flush_cache_entry(pte, sizeof(struct dma_pte));
-+ iommu_sync_cache(pte, sizeof(struct dma_pte));
- }
-
- unmap_vtd_domain_page(pt_vaddr);
-@@ -1400,7 +1391,7 @@ int domain_context_mapping_one(
- context_set_address_width(*context, agaw);
- context_set_fault_enable(*context);
- context_set_present(*context);
-- iommu_flush_cache_entry(context, sizeof(struct context_entry));
-+ iommu_sync_cache(context, sizeof(struct context_entry));
- spin_unlock(&iommu->lock);
-
- /* Context entry was previously non-present (with domid 0). */
-@@ -1564,7 +1555,7 @@ int domain_context_unmap_one(
-
- context_clear_present(*context);
- context_clear_entry(*context);
-- iommu_flush_cache_entry(context, sizeof(struct context_entry));
-+ iommu_sync_cache(context, sizeof(struct context_entry));
-
- iommu_domid= domain_iommu_domid(domain, iommu);
- if ( iommu_domid == -1 )
-@@ -1791,7 +1782,7 @@ static int __must_check intel_iommu_map_
-
- *pte = new;
-
-- iommu_flush_cache_entry(pte, sizeof(struct dma_pte));
-+ iommu_sync_cache(pte, sizeof(struct dma_pte));
- spin_unlock(&hd->arch.mapping_lock);
- unmap_vtd_domain_page(page);
-
-@@ -1866,7 +1857,7 @@ int iommu_pte_flush(struct domain *d, ui
- int iommu_domid;
- int rc = 0;
-
-- iommu_flush_cache_entry(pte, sizeof(struct dma_pte));
-+ iommu_sync_cache(pte, sizeof(struct dma_pte));
-
- for_each_drhd_unit ( drhd )
- {
-@@ -2724,7 +2715,7 @@ static int __init intel_iommu_quarantine
- dma_set_pte_addr(*pte, maddr);
- dma_set_pte_readable(*pte);
- }
-- iommu_flush_cache_page(parent, 1);
-+ iommu_sync_cache(parent, PAGE_SIZE);
-
- unmap_vtd_domain_page(parent);
- parent = map_vtd_domain_page(maddr);
diff --git a/main/xen/xsa321-4.13-3.patch b/main/xen/xsa321-4.13-3.patch
deleted file mode 100644
index c141c4b785..0000000000
--- a/main/xen/xsa321-4.13-3.patch
+++ /dev/null
@@ -1,82 +0,0 @@
-From: <security@xenproject.org>
-Subject: x86/iommu: introduce a cache sync hook
-
-The hook is only implemented for VT-d and it uses the already existing
-iommu_sync_cache function present in VT-d code. The new hook is
-added so that the cache can be flushed by code outside of VT-d when
-using shared page tables.
-
-Note that alloc_pgtable_maddr must use the now locally defined
-sync_cache function, because IOMMU ops are not yet setup the first
-time the function gets called during IOMMU initialization.
-
-No functional change intended.
-
-This is part of XSA-321.
-
-Reviewed-by: Jan Beulich <jbeulich@suse.com>
-
---- a/xen/drivers/passthrough/vtd/extern.h
-+++ b/xen/drivers/passthrough/vtd/extern.h
-@@ -43,7 +43,6 @@ void disable_qinval(struct vtd_iommu *io
- int enable_intremap(struct vtd_iommu *iommu, int eim);
- void disable_intremap(struct vtd_iommu *iommu);
-
--void iommu_sync_cache(const void *addr, unsigned int size);
- int iommu_alloc(struct acpi_drhd_unit *drhd);
- void iommu_free(struct acpi_drhd_unit *drhd);
-
---- a/xen/drivers/passthrough/vtd/iommu.c
-+++ b/xen/drivers/passthrough/vtd/iommu.c
-@@ -141,7 +141,7 @@ static int context_get_domain_id(struct
-
- static int iommus_incoherent;
-
--void iommu_sync_cache(const void *addr, unsigned int size)
-+static void sync_cache(const void *addr, unsigned int size)
- {
- int i;
- static unsigned int clflush_size = 0;
-@@ -174,7 +174,7 @@ uint64_t alloc_pgtable_maddr(unsigned lo
- vaddr = __map_domain_page(cur_pg);
- memset(vaddr, 0, PAGE_SIZE);
-
-- iommu_sync_cache(vaddr, PAGE_SIZE);
-+ sync_cache(vaddr, PAGE_SIZE);
- unmap_domain_page(vaddr);
- cur_pg++;
- }
-@@ -2763,6 +2763,7 @@ const struct iommu_ops __initconstrel in
- .iotlb_flush_all = iommu_flush_iotlb_all,
- .get_reserved_device_memory = intel_iommu_get_reserved_device_memory,
- .dump_p2m_table = vtd_dump_p2m_table,
-+ .sync_cache = sync_cache,
- };
-
- const struct iommu_init_ops __initconstrel intel_iommu_init_ops = {
---- a/xen/include/asm-x86/iommu.h
-+++ b/xen/include/asm-x86/iommu.h
-@@ -121,6 +121,13 @@ extern bool untrusted_msi;
- int pi_update_irte(const struct pi_desc *pi_desc, const struct pirq *pirq,
- const uint8_t gvec);
-
-+#define iommu_sync_cache(addr, size) ({ \
-+ const struct iommu_ops *ops = iommu_get_ops(); \
-+ \
-+ if ( ops->sync_cache ) \
-+ iommu_vcall(ops, sync_cache, addr, size); \
-+})
-+
- #endif /* !__ARCH_X86_IOMMU_H__ */
- /*
- * Local variables:
---- a/xen/include/xen/iommu.h
-+++ b/xen/include/xen/iommu.h
-@@ -250,6 +250,7 @@ struct iommu_ops {
- int (*setup_hpet_msi)(struct msi_desc *);
-
- int (*adjust_irq_affinities)(void);
-+ void (*sync_cache)(const void *addr, unsigned int size);
- #endif /* CONFIG_X86 */
-
- int __must_check (*suspend)(void);
diff --git a/main/xen/xsa321-4.13-4.patch b/main/xen/xsa321-4.13-4.patch
deleted file mode 100644
index 62bbcc7271..0000000000
--- a/main/xen/xsa321-4.13-4.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From: <security@xenproject.org>
-Subject: vtd: don't assume addresses are aligned in sync_cache
-
-Current code in sync_cache assume that the address passed in is
-aligned to a cache line size. Fix the code to support passing in
-arbitrary addresses not necessarily aligned to a cache line size.
-
-This is part of XSA-321.
-
-Reviewed-by: Jan Beulich <jbeulich@suse.com>
-
---- a/xen/drivers/passthrough/vtd/iommu.c
-+++ b/xen/drivers/passthrough/vtd/iommu.c
-@@ -143,8 +143,8 @@ static int iommus_incoherent;
-
- static void sync_cache(const void *addr, unsigned int size)
- {
-- int i;
-- static unsigned int clflush_size = 0;
-+ static unsigned long clflush_size = 0;
-+ const void *end = addr + size;
-
- if ( !iommus_incoherent )
- return;
-@@ -152,8 +152,9 @@ static void sync_cache(const void *addr,
- if ( clflush_size == 0 )
- clflush_size = get_cache_line_size();
-
-- for ( i = 0; i < size; i += clflush_size )
-- cacheline_flush((char *)addr + i);
-+ addr -= (unsigned long)addr & (clflush_size - 1);
-+ for ( ; addr < end; addr += clflush_size )
-+ cacheline_flush((char *)addr);
- }
-
- /* Allocate page table, return its machine address */
diff --git a/main/xen/xsa321-4.13-5.patch b/main/xen/xsa321-4.13-5.patch
deleted file mode 100644
index 60cfe6ccdf..0000000000
--- a/main/xen/xsa321-4.13-5.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-From: <security@xenproject.org>
-Subject: x86/alternative: introduce alternative_2
-
-It's based on alternative_io_2 without inputs or outputs but with an
-added memory clobber.
-
-This is part of XSA-321.
-
-Acked-by: Jan Beulich <jbeulich@suse.com>
-
---- a/xen/include/asm-x86/alternative.h
-+++ b/xen/include/asm-x86/alternative.h
-@@ -114,6 +114,11 @@ extern void alternative_branches(void);
- #define alternative(oldinstr, newinstr, feature) \
- asm volatile (ALTERNATIVE(oldinstr, newinstr, feature) : : : "memory")
-
-+#define alternative_2(oldinstr, newinstr1, feature1, newinstr2, feature2) \
-+ asm volatile (ALTERNATIVE_2(oldinstr, newinstr1, feature1, \
-+ newinstr2, feature2) \
-+ : : : "memory")
-+
- /*
- * Alternative inline assembly with input.
- *
diff --git a/main/xen/xsa321-4.13-6.patch b/main/xen/xsa321-4.13-6.patch
deleted file mode 100644
index 4c5c5ab0ba..0000000000
--- a/main/xen/xsa321-4.13-6.patch
+++ /dev/null
@@ -1,91 +0,0 @@
-From: <security@xenproject.org>
-Subject: vtd: optimize CPU cache sync
-
-Some VT-d IOMMUs are non-coherent, which requires a cache write back
-in order for the changes made by the CPU to be visible to the IOMMU.
-This cache write back was unconditionally done using clflush, but there are
-other more efficient instructions to do so, hence implement support
-for them using the alternative framework.
-
-This is part of XSA-321.
-
-Reviewed-by: Jan Beulich <jbeulich@suse.com>
-
---- a/xen/drivers/passthrough/vtd/extern.h
-+++ b/xen/drivers/passthrough/vtd/extern.h
-@@ -68,7 +68,6 @@ int __must_check qinval_device_iotlb_syn
- u16 did, u16 size, u64 addr);
-
- unsigned int get_cache_line_size(void);
--void cacheline_flush(char *);
- void flush_all_cache(void);
-
- uint64_t alloc_pgtable_maddr(unsigned long npages, nodeid_t node);
---- a/xen/drivers/passthrough/vtd/iommu.c
-+++ b/xen/drivers/passthrough/vtd/iommu.c
-@@ -31,6 +31,7 @@
- #include <xen/pci_regs.h>
- #include <xen/keyhandler.h>
- #include <asm/msi.h>
-+#include <asm/nops.h>
- #include <asm/irq.h>
- #include <asm/hvm/vmx/vmx.h>
- #include <asm/p2m.h>
-@@ -154,7 +155,42 @@ static void sync_cache(const void *addr,
-
- addr -= (unsigned long)addr & (clflush_size - 1);
- for ( ; addr < end; addr += clflush_size )
-- cacheline_flush((char *)addr);
-+/*
-+ * The arguments to a macro must not include preprocessor directives. Doing so
-+ * results in undefined behavior, so we have to create some defines here in
-+ * order to avoid it.
-+ */
-+#if defined(HAVE_AS_CLWB)
-+# define CLWB_ENCODING "clwb %[p]"
-+#elif defined(HAVE_AS_XSAVEOPT)
-+# define CLWB_ENCODING "data16 xsaveopt %[p]" /* clwb */
-+#else
-+# define CLWB_ENCODING ".byte 0x66, 0x0f, 0xae, 0x30" /* clwb (%%rax) */
-+#endif
-+
-+#define BASE_INPUT(addr) [p] "m" (*(const char *)(addr))
-+#if defined(HAVE_AS_CLWB) || defined(HAVE_AS_XSAVEOPT)
-+# define INPUT BASE_INPUT
-+#else
-+# define INPUT(addr) "a" (addr), BASE_INPUT(addr)
-+#endif
-+ /*
-+ * Note regarding the use of NOP_DS_PREFIX: it's faster to do a clflush
-+ * + prefix than a clflush + nop, and hence the prefix is added instead
-+ * of letting the alternative framework fill the gap by appending nops.
-+ */
-+ alternative_io_2(".byte " __stringify(NOP_DS_PREFIX) "; clflush %[p]",
-+ "data16 clflush %[p]", /* clflushopt */
-+ X86_FEATURE_CLFLUSHOPT,
-+ CLWB_ENCODING,
-+ X86_FEATURE_CLWB, /* no outputs */,
-+ INPUT(addr));
-+#undef INPUT
-+#undef BASE_INPUT
-+#undef CLWB_ENCODING
-+
-+ alternative_2("", "sfence", X86_FEATURE_CLFLUSHOPT,
-+ "sfence", X86_FEATURE_CLWB);
- }
-
- /* Allocate page table, return its machine address */
---- a/xen/drivers/passthrough/vtd/x86/vtd.c
-+++ b/xen/drivers/passthrough/vtd/x86/vtd.c
-@@ -51,11 +51,6 @@ unsigned int get_cache_line_size(void)
- return ((cpuid_ebx(1) >> 8) & 0xff) * 8;
- }
-
--void cacheline_flush(char * addr)
--{
-- clflush(addr);
--}
--
- void flush_all_cache()
- {
- wbinvd();
diff --git a/main/xen/xsa321-4.13-7.patch b/main/xen/xsa321-4.13-7.patch
deleted file mode 100644
index 0bd018f972..0000000000
--- a/main/xen/xsa321-4.13-7.patch
+++ /dev/null
@@ -1,153 +0,0 @@
-From: <security@xenproject.org>
-Subject: x86/ept: flush cache when modifying PTEs and sharing page tables
-
-Modifications made to the page tables by EPT code need to be written
-to memory when the page tables are shared with the IOMMU, as Intel
-IOMMUs can be non-coherent and thus require changes to be written to
-memory in order to be visible to the IOMMU.
-
-In order to achieve this make sure data is written back to memory
-after writing an EPT entry when the recalc bit is not set in
-atomic_write_ept_entry. If such bit is set, the entry will be
-adjusted and atomic_write_ept_entry will be called a second time
-without the recalc bit set. Note that when splitting a super page the
-new tables resulting of the split should also be written back.
-
-Failure to do so can allow devices behind the IOMMU access to the
-stale super page, or cause coherency issues as changes made by the
-processor to the page tables are not visible to the IOMMU.
-
-This allows to remove the VT-d specific iommu_pte_flush helper, since
-the cache write back is now performed by atomic_write_ept_entry, and
-hence iommu_iotlb_flush can be used to flush the IOMMU TLB. The newly
-used method (iommu_iotlb_flush) can result in less flushes, since it
-might sometimes be called rightly with 0 flags, in which case it
-becomes a no-op.
-
-This is part of XSA-321.
-
-Reviewed-by: Jan Beulich <jbeulich@suse.com>
-
---- a/xen/arch/x86/mm/p2m-ept.c
-+++ b/xen/arch/x86/mm/p2m-ept.c
-@@ -58,6 +58,19 @@ static int atomic_write_ept_entry(struct
-
- write_atomic(&entryptr->epte, new.epte);
-
-+ /*
-+ * The recalc field on the EPT is used to signal either that a
-+ * recalculation of the EMT field is required (which doesn't effect the
-+ * IOMMU), or a type change. Type changes can only be between ram_rw,
-+ * logdirty and ioreq_server: changes to/from logdirty won't work well with
-+ * an IOMMU anyway, as IOMMU #PFs are not synchronous and will lead to
-+ * aborts, and changes to/from ioreq_server are already fully flushed
-+ * before returning to guest context (see
-+ * XEN_DMOP_map_mem_type_to_ioreq_server).
-+ */
-+ if ( !new.recalc && iommu_use_hap_pt(p2m->domain) )
-+ iommu_sync_cache(entryptr, sizeof(*entryptr));
-+
- return 0;
- }
-
-@@ -278,6 +291,9 @@ static bool_t ept_split_super_page(struc
- break;
- }
-
-+ if ( iommu_use_hap_pt(p2m->domain) )
-+ iommu_sync_cache(table, EPT_PAGETABLE_ENTRIES * sizeof(ept_entry_t));
-+
- unmap_domain_page(table);
-
- /* Even failed we should install the newly allocated ept page. */
-@@ -337,6 +353,9 @@ static int ept_next_level(struct p2m_dom
- if ( !next )
- return GUEST_TABLE_MAP_FAILED;
-
-+ if ( iommu_use_hap_pt(p2m->domain) )
-+ iommu_sync_cache(next, EPT_PAGETABLE_ENTRIES * sizeof(ept_entry_t));
-+
- rc = atomic_write_ept_entry(p2m, ept_entry, e, next_level);
- ASSERT(rc == 0);
- }
-@@ -821,7 +840,10 @@ out:
- need_modify_vtd_table )
- {
- if ( iommu_use_hap_pt(d) )
-- rc = iommu_pte_flush(d, gfn, &ept_entry->epte, order, vtd_pte_present);
-+ rc = iommu_iotlb_flush(d, _dfn(gfn), (1u << order),
-+ (iommu_flags ? IOMMU_FLUSHF_added : 0) |
-+ (vtd_pte_present ? IOMMU_FLUSHF_modified
-+ : 0));
- else if ( need_iommu_pt_sync(d) )
- rc = iommu_flags ?
- iommu_legacy_map(d, _dfn(gfn), mfn, order, iommu_flags) :
---- a/xen/drivers/passthrough/vtd/iommu.c
-+++ b/xen/drivers/passthrough/vtd/iommu.c
-@@ -1884,53 +1884,6 @@ static int intel_iommu_lookup_page(struc
- return 0;
- }
-
--int iommu_pte_flush(struct domain *d, uint64_t dfn, uint64_t *pte,
-- int order, int present)
--{
-- struct acpi_drhd_unit *drhd;
-- struct vtd_iommu *iommu = NULL;
-- struct domain_iommu *hd = dom_iommu(d);
-- bool_t flush_dev_iotlb;
-- int iommu_domid;
-- int rc = 0;
--
-- iommu_sync_cache(pte, sizeof(struct dma_pte));
--
-- for_each_drhd_unit ( drhd )
-- {
-- iommu = drhd->iommu;
-- if ( !test_bit(iommu->index, &hd->arch.iommu_bitmap) )
-- continue;
--
-- flush_dev_iotlb = !!find_ats_dev_drhd(iommu);
-- iommu_domid= domain_iommu_domid(d, iommu);
-- if ( iommu_domid == -1 )
-- continue;
--
-- rc = iommu_flush_iotlb_psi(iommu, iommu_domid,
-- __dfn_to_daddr(dfn),
-- order, !present, flush_dev_iotlb);
-- if ( rc > 0 )
-- {
-- iommu_flush_write_buffer(iommu);
-- rc = 0;
-- }
-- }
--
-- if ( unlikely(rc) )
-- {
-- if ( !d->is_shutting_down && printk_ratelimit() )
-- printk(XENLOG_ERR VTDPREFIX
-- " d%d: IOMMU pages flush failed: %d\n",
-- d->domain_id, rc);
--
-- if ( !is_hardware_domain(d) )
-- domain_crash(d);
-- }
--
-- return rc;
--}
--
- static int __init vtd_ept_page_compatible(struct vtd_iommu *iommu)
- {
- u64 ept_cap, vtd_cap = iommu->cap;
---- a/xen/include/asm-x86/iommu.h
-+++ b/xen/include/asm-x86/iommu.h
-@@ -97,10 +97,6 @@ static inline int iommu_adjust_irq_affin
- : 0;
- }
-
--/* While VT-d specific, this must get declared in a generic header. */
--int __must_check iommu_pte_flush(struct domain *d, u64 gfn, u64 *pte,
-- int order, int present);
--
- static inline bool iommu_supports_x2apic(void)
- {
- return iommu_init_ops && iommu_init_ops->supports_x2apic
diff --git a/main/xen/xsa327.patch b/main/xen/xsa327.patch
deleted file mode 100644
index 0541cfa0df..0000000000
--- a/main/xen/xsa327.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-From 030300ebbb86c40c12db038714479d746167c767 Mon Sep 17 00:00:00 2001
-From: Julien Grall <jgrall@amazon.com>
-Date: Tue, 26 May 2020 18:31:33 +0100
-Subject: [PATCH] xen: Check the alignment of the offset pased via
- VCPUOP_register_vcpu_info
-
-Currently a guest is able to register any guest physical address to use
-for the vcpu_info structure as long as the structure can fits in the
-rest of the frame.
-
-This means a guest can provide an address that is not aligned to the
-natural alignment of the structure.
-
-On Arm 32-bit, unaligned access are completely forbidden by the
-hypervisor. This will result to a data abort which is fatal.
-
-On Arm 64-bit, unaligned access are only forbidden when used for atomic
-access. As the structure contains fields (such as evtchn_pending_self)
-that are updated using atomic operations, any unaligned access will be
-fatal as well.
-
-While the misalignment is only fatal on Arm, a generic check is added
-as an x86 guest shouldn't sensibly pass an unaligned address (this
-would result to a split lock).
-
-This is XSA-327.
-
-Reported-by: Julien Grall <jgrall@amazon.com>
-Signed-off-by: Julien Grall <jgrall@amazon.com>
-Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
-Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
----
- xen/common/domain.c | 10 ++++++++++
- 1 file changed, 10 insertions(+)
-
-diff --git a/xen/common/domain.c b/xen/common/domain.c
-index 7cc9526139a6..e9be05f1d05f 100644
---- a/xen/common/domain.c
-+++ b/xen/common/domain.c
-@@ -1227,10 +1227,20 @@ int map_vcpu_info(struct vcpu *v, unsigned long gfn, unsigned offset)
- void *mapping;
- vcpu_info_t *new_info;
- struct page_info *page;
-+ unsigned int align;
-
- if ( offset > (PAGE_SIZE - sizeof(vcpu_info_t)) )
- return -EINVAL;
-
-+#ifdef CONFIG_COMPAT
-+ if ( has_32bit_shinfo(d) )
-+ align = alignof(new_info->compat);
-+ else
-+#endif
-+ align = alignof(*new_info);
-+ if ( offset & (align - 1) )
-+ return -EINVAL;
-+
- if ( !mfn_eq(v->vcpu_info_mfn, INVALID_MFN) )
- return -EINVAL;
-
---
-2.17.1
-
diff --git a/main/xen/xsa328-4.13-1.patch b/main/xen/xsa328-4.13-1.patch
deleted file mode 100644
index 56e48de3e9..0000000000
--- a/main/xen/xsa328-4.13-1.patch
+++ /dev/null
@@ -1,118 +0,0 @@
-From: Jan Beulich <jbeulich@suse.com>
-Subject: x86/EPT: ept_set_middle_entry() related adjustments
-
-ept_split_super_page() wants to further modify the newly allocated
-table, so have ept_set_middle_entry() return the mapped pointer rather
-than tearing it down and then getting re-established right again.
-
-Similarly ept_next_level() wants to hand back a mapped pointer of
-the next level page, so re-use the one established by
-ept_set_middle_entry() in case that path was taken.
-
-Pull the setting of suppress_ve ahead of insertion into the higher level
-table, and don't have ept_split_super_page() set the field a 2nd time.
-
-This is part of XSA-328.
-
-Signed-off-by: Jan Beulich <jbeulich@suse.com>
-
---- a/xen/arch/x86/mm/p2m-ept.c
-+++ b/xen/arch/x86/mm/p2m-ept.c
-@@ -187,8 +187,9 @@ static void ept_p2m_type_to_flags(struct
- #define GUEST_TABLE_SUPER_PAGE 2
- #define GUEST_TABLE_POD_PAGE 3
-
--/* Fill in middle levels of ept table */
--static int ept_set_middle_entry(struct p2m_domain *p2m, ept_entry_t *ept_entry)
-+/* Fill in middle level of ept table; return pointer to mapped new table. */
-+static ept_entry_t *ept_set_middle_entry(struct p2m_domain *p2m,
-+ ept_entry_t *ept_entry)
- {
- mfn_t mfn;
- ept_entry_t *table;
-@@ -196,7 +197,12 @@ static int ept_set_middle_entry(struct p
-
- mfn = p2m_alloc_ptp(p2m, 0);
- if ( mfn_eq(mfn, INVALID_MFN) )
-- return 0;
-+ return NULL;
-+
-+ table = map_domain_page(mfn);
-+
-+ for ( i = 0; i < EPT_PAGETABLE_ENTRIES; i++ )
-+ table[i].suppress_ve = 1;
-
- ept_entry->epte = 0;
- ept_entry->mfn = mfn_x(mfn);
-@@ -208,14 +214,7 @@ static int ept_set_middle_entry(struct p
-
- ept_entry->suppress_ve = 1;
-
-- table = map_domain_page(mfn);
--
-- for ( i = 0; i < EPT_PAGETABLE_ENTRIES; i++ )
-- table[i].suppress_ve = 1;
--
-- unmap_domain_page(table);
--
-- return 1;
-+ return table;
- }
-
- /* free ept sub tree behind an entry */
-@@ -253,10 +252,10 @@ static bool_t ept_split_super_page(struc
-
- ASSERT(is_epte_superpage(ept_entry));
-
-- if ( !ept_set_middle_entry(p2m, &new_ept) )
-+ table = ept_set_middle_entry(p2m, &new_ept);
-+ if ( !table )
- return 0;
-
-- table = map_domain_page(_mfn(new_ept.mfn));
- trunk = 1UL << ((level - 1) * EPT_TABLE_ORDER);
-
- for ( i = 0; i < EPT_PAGETABLE_ENTRIES; i++ )
-@@ -267,7 +266,6 @@ static bool_t ept_split_super_page(struc
- epte->sp = (level > 1);
- epte->mfn += i * trunk;
- epte->snp = is_iommu_enabled(p2m->domain) && iommu_snoop;
-- epte->suppress_ve = 1;
-
- ept_p2m_type_to_flags(p2m, epte, epte->sa_p2mt, epte->access);
-
-@@ -306,8 +304,7 @@ static int ept_next_level(struct p2m_dom
- ept_entry_t **table, unsigned long *gfn_remainder,
- int next_level)
- {
-- unsigned long mfn;
-- ept_entry_t *ept_entry, e;
-+ ept_entry_t *ept_entry, *next = NULL, e;
- u32 shift, index;
-
- shift = next_level * EPT_TABLE_ORDER;
-@@ -332,19 +329,17 @@ static int ept_next_level(struct p2m_dom
- if ( read_only )
- return GUEST_TABLE_MAP_FAILED;
-
-- if ( !ept_set_middle_entry(p2m, ept_entry) )
-+ next = ept_set_middle_entry(p2m, ept_entry);
-+ if ( !next )
- return GUEST_TABLE_MAP_FAILED;
-- else
-- e = atomic_read_ept_entry(ept_entry); /* Refresh */
-+ /* e is now stale and hence may not be used anymore below. */
- }
--
- /* The only time sp would be set here is if we had hit a superpage */
-- if ( is_epte_superpage(&e) )
-+ else if ( is_epte_superpage(&e) )
- return GUEST_TABLE_SUPER_PAGE;
-
-- mfn = e.mfn;
- unmap_domain_page(*table);
-- *table = map_domain_page(_mfn(mfn));
-+ *table = next ?: map_domain_page(_mfn(e.mfn));
- *gfn_remainder &= (1UL << shift) - 1;
- return GUEST_TABLE_NORMAL_PAGE;
- }
diff --git a/main/xen/xsa328-4.13-2.patch b/main/xen/xsa328-4.13-2.patch
deleted file mode 100644
index c4f437f625..0000000000
--- a/main/xen/xsa328-4.13-2.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From: <security@xenproject.org>
-Subject: x86/ept: atomically modify entries in ept_next_level
-
-ept_next_level was passing a live PTE pointer to ept_set_middle_entry,
-which was then modified without taking into account that the PTE could
-be part of a live EPT table. This wasn't a security issue because the
-pages returned by p2m_alloc_ptp are zeroed, so adding such an entry
-before actually initializing it didn't allow a guest to access
-physical memory addresses it wasn't supposed to access.
-
-This is part of XSA-328.
-
-Reviewed-by: Jan Beulich <jbeulich@suse.com>
-
---- a/xen/arch/x86/mm/p2m-ept.c
-+++ b/xen/arch/x86/mm/p2m-ept.c
-@@ -307,6 +307,8 @@ static int ept_next_level(struct p2m_dom
- ept_entry_t *ept_entry, *next = NULL, e;
- u32 shift, index;
-
-+ ASSERT(next_level);
-+
- shift = next_level * EPT_TABLE_ORDER;
-
- index = *gfn_remainder >> shift;
-@@ -323,16 +325,20 @@ static int ept_next_level(struct p2m_dom
-
- if ( !is_epte_present(&e) )
- {
-+ int rc;
-+
- if ( e.sa_p2mt == p2m_populate_on_demand )
- return GUEST_TABLE_POD_PAGE;
-
- if ( read_only )
- return GUEST_TABLE_MAP_FAILED;
-
-- next = ept_set_middle_entry(p2m, ept_entry);
-+ next = ept_set_middle_entry(p2m, &e);
- if ( !next )
- return GUEST_TABLE_MAP_FAILED;
-- /* e is now stale and hence may not be used anymore below. */
-+
-+ rc = atomic_write_ept_entry(p2m, ept_entry, e, next_level);
-+ ASSERT(rc == 0);
- }
- /* The only time sp would be set here is if we had hit a superpage */
- else if ( is_epte_superpage(&e) )