--- /dev/null
+# see git-dpm(1) from git-dpm package
+bfef8af1dbdd3e12537a7379f057b35d006e0145
+bfef8af1dbdd3e12537a7379f057b35d006e0145
+9fafe903bcadf774d3eb5fbef4666166aa876d2d
+9fafe903bcadf774d3eb5fbef4666166aa876d2d
+xen_4.6.0.orig.tar.xz
+3a298ab580a62dd4ffbe63567d4114f9c36d570c
+3525684
--- /dev/null
+.debhelper
+build
+files
+*.debhelper.log
+*.substvars
+*.postinst.debhelper
+*.postrm.debhelper
+*.prerm.debhelper
+stamps
+libxen-*.*
+xen-utils-*.*
+xen-utils-common
+xenstore-utils
+libxen-dev
+libxenstore3.0
+xen-hypervisor-*.*-*
+xen-system-*
--- /dev/null
+[base]
+flavours:
+ amd64
+xen-arch: x86_64
+image-suffix: .gz
+
+[amd64_description]
+hardware: AMD64
+hardware-long: all 64bit single- and multiprocessor AMD and Intel
+
--- /dev/null
+[base]
+flavours:
+ arm64
+xen-arch: arm64
+image-suffix:
+with-ocaml: no
+
+[arm64_description]
+hardware: ARM64
+hardware-long: all 64bit ARMv8
+
--- /dev/null
+[base]
+flavours:
+ armhf
+xen-arch: arm32
+image-suffix:
+
+[armhf_description]
+hardware: ARMHF
+hardware-long: all 32bit ARMv7 with virtualisation extensions
+
--- /dev/null
+[abi]
+
+[base]
+arches:
+ amd64
+ arm64
+ armhf
+ i386
--- /dev/null
+[base]
+flavours:
+ amd64
+xen-arch: x86_32
+
+[amd64_base]
+xen-arch: x86_64
+
+[amd64_description]
+hardware: AMD64
+hardware-long: all 64bit single- and multiprocessor AMD and Intel
--- /dev/null
+#!/bin/sh -e
+
+TMPDIR=$(mktemp -d)
+trap "rm -rf $TMPDIR" EXIT
+grep -v "^#" debian/patches/series | awk '{if (NF == 1) print "debian/patches/" $1}' | sort -u > $TMPDIR/used
+find debian/patches -type f -name "*.diff" -printf "%p\n" | sort > $TMPDIR/avail
+echo "Used patches"
+echo "=============="
+cat $TMPDIR/used
+echo
+echo "Unused patches"
+echo "=============="
+fgrep -v -f $TMPDIR/used $TMPDIR/avail
--- /dev/null
+#!/usr/bin/env python3
+
+import os, sys
+sys.path.append(os.path.join(sys.path[0], "../lib/python"))
+
+from debian_xen.debian import VersionXen
+from debian_linux.config import ConfigCoreHierarchy
+from debian_linux.debian import Changelog, PackageArchitecture
+from debian_linux.gencontrol import Gencontrol as Base
+from debian_linux.utils import Templates
+
+class Gencontrol(Base):
+ config_schema = {
+ 'description': {
+ }
+ }
+
+ def __init__(self):
+ super(Gencontrol, self).__init__(ConfigCoreHierarchy(self.config_schema, ["debian/arch"]), Templates(["debian/templates"]))
+ self.process_changelog()
+
+ def do_main_setup(self, vars, makeflags, extra):
+ makeflags.update({
+ 'VERSION': self.version.xen_version,
+ })
+
+ def do_arch_setup(self, vars, makeflags, arch, extra):
+ config_entry = self.config.merge('base', arch)
+ config_entry_description = self.config.merge('description', arch)
+
+ for i in (
+ ('xen-arch', 'XEN_ARCH'),
+ ):
+ makeflags[i[1]] = config_entry[i[0]]
+
+ def do_arch_packages(self, packages, makefile, arch, vars, makeflags, extra):
+ packages_main = self.process_packages(self.templates["control.main"], vars)
+ packages_utils = self.process_packages(self.templates["control.utils"], vars)
+
+ for package in packages_main + packages_utils:
+ name = package['Package']
+ if name in packages:
+ package = packages.get(name)
+ else:
+ packages.append(package)
+
+ arches = package.setdefault('Architecture', PackageArchitecture())
+ if 'all' not in arches:
+ arches.add(arch)
+
+ package_utils_name = packages_utils[0]['Package']
+
+ for i in ('postinst', 'prerm', 'lintian-overrides'):
+ j = self.substitute(self.templates["xen-utils.%s" % i], vars)
+ open("debian/%s.%s" % (package_utils_name, i), 'w').write(j)
+
+ cmds_binary_arch = ["$(MAKE) -f debian/rules.real binary-arch-arch %s" % makeflags]
+ cmds_build = ["$(MAKE) -f debian/rules.real build-arch-arch %s" % makeflags]
+ cmds_setup = ["$(MAKE) -f debian/rules.real setup-arch %s" % makeflags]
+ makefile.add('binary-arch_%s_real' % arch, cmds = cmds_binary_arch)
+ makefile.add('build-arch_%s_real' % arch, cmds = cmds_build)
+ makefile.add('setup_%s_real' % arch, cmds = cmds_setup)
+
+ def do_flavour_setup(self, vars, makeflags, arch, featureset, flavour, extra):
+ config_entry = self.config.merge('base', arch, featureset, flavour)
+ config_description = self.config.merge('description', arch, featureset, flavour)
+
+ vars['class'] = config_description['hardware']
+ vars['longclass'] = config_description.get('hardware-long') or vars['class']
+
+ for i in (
+ ('xen-arch', 'XEN_ARCH'),
+ ('image-suffix', 'IMAGE_SUFFIX'),
+ ):
+ if i[0] in config_entry:
+ makeflags[i[1]] = config_entry[i[0]]
+
+ def do_flavour_packages(self, packages, makefile, arch, featureset, flavour, vars, makeflags, extra):
+ hypervisor = self.templates["control.hypervisor"]
+ system_latest = self.templates["control.system.latest"]
+
+ if not 'desc' in vars:
+ vars['desc'] = ''
+
+ packages_own = []
+ packages_own.extend(self.process_packages(hypervisor, vars))
+ packages_dummy = self.process_packages(system_latest, vars)
+
+ for package in packages_own + packages_dummy:
+ name = package['Package']
+ package.setdefault('Architecture', PackageArchitecture()).add(arch)
+ if name in packages:
+ package = packages.get(name)
+ else:
+ packages.append(package)
+
+ arches = package.setdefault('Architecture', PackageArchitecture())
+ if 'all' not in arches:
+ arches.add(arch)
+
+ package_name = packages_own[0]['Package']
+
+ for i in ('postinst', 'postrm'):
+ j = self.substitute(self.templates["xen-hypervisor.%s" % i], vars)
+ open("debian/%s.%s" % (package_name, i), 'w').write(j)
+
+ cmds_binary_arch = ["$(MAKE) -f debian/rules.real binary-arch-flavour %s" % makeflags]
+ cmds_build = ["$(MAKE) -f debian/rules.real build-arch-flavour %s" % makeflags]
+ cmds_setup = ["$(MAKE) -f debian/rules.real setup-flavour %s" % makeflags]
+
+ cmds_binary_arch += ["$(MAKE) -f debian/rules.real install-dummy DH_OPTIONS='%s' %s" % (u' '.join([u"-p%s" % i['Package'] for i in packages_dummy]), makeflags)]
+
+ makefile.add("binary-arch_%s_%s_%s" % (arch, featureset, flavour), cmds = cmds_binary_arch)
+ makefile.add("build-arch_%s_%s_%s" % (arch, featureset, flavour), cmds = cmds_build)
+ makefile.add("setup_%s_%s_%s" % (arch, featureset, flavour), cmds = cmds_setup)
+
+ def process_changelog(self):
+ changelog = Changelog(version = VersionXen)
+ self.version = changelog[0].version
+ self.vars = {
+ 'version': self.version.xen_version,
+ }
+
+if __name__ == '__main__':
+ Gencontrol()()
--- /dev/null
+#!/usr/bin/env python3
+
+import sys
+sys.path.append(sys.path[0] + '/../lib/python')
+
+import itertools
+import os, os.path
+import shutil
+import subprocess
+
+from debian_xen.debian import VersionXen
+from debian_linux.debian import Changelog
+
+
+class Main(object):
+ log = sys.stdout.write
+
+ def __init__(self, options, repo):
+ self.options = options
+
+ self.changelog_entry = Changelog(version=VersionXen)[0]
+ self.source = self.changelog_entry.source
+ self.version = self.changelog_entry.version
+
+ if options.override_version:
+ self.version = VersionXen('%s-0' % options.override_version)
+
+ if options.component:
+ self.orig_dir = options.component
+ self.orig_tar = '%s_%s.orig-%s.tar.xz' % (self.source, self.version.upstream, options.component)
+ else:
+ self.orig_dir = '%s-%s' % (self.source, self.version.upstream)
+ self.orig_tar = '%s_%s.orig.tar.xz' % (self.source, self.version.upstream)
+ if options.tag is None:
+ options.tag = 'RELEASE-' + self.version.upstream
+
+ def __call__(self):
+ out = "../orig/%s" % self.orig_tar
+ self.log("Generate tarball %s\n" % out)
+
+ try:
+ os.stat(out)
+ raise RuntimeError("Destination already exists")
+ except OSError: pass
+
+ try:
+ with open(out, 'wb') as f:
+ tag = self.options.tag or 'HEAD'
+ p1 = subprocess.Popen(('git', 'archive', '--prefix', '%s/' % self.orig_dir, tag), stdout=subprocess.PIPE)
+ subprocess.check_call(('xz', ), stdin=p1.stdout, stdout=f)
+ if p1.wait():
+ raise RuntimeError
+ except:
+ os.unlink(out)
+ raise
+
+ try:
+ os.symlink(os.path.join('orig', self.orig_tar), os.path.join('..', self.orig_tar))
+ except OSError:
+ pass
+
+
+if __name__ == '__main__':
+ from optparse import OptionParser
+ p = OptionParser(prog=sys.argv[0], usage='%prog [OPTION]... DIR')
+ p.add_option('-c', '--component', dest='component')
+ p.add_option('-t', '--tag', dest='tag')
+ p.add_option('-V', '--override-version', dest='override_version')
+ options, args = p.parse_args()
+ if len(args) != 1:
+ raise RuntimeError
+ Main(options, *args)()
--- /dev/null
+xen (4.8.1-1+deb9u3) stretch-security; urgency=high
+
+ * Security fixes for
+ XSA-226 CVE-2017-12135
+ XSA-227 CVE-2017-12137
+ XSA-228 CVE-2017-12136
+ XSA-230 CVE-2017-12855
+ XSA-235 (no CVE yet)
+ * Adjust changelog entry for 4.8.1-1+deb9u2 to record
+ that XSA-225 fix was indeed included.
+ * Security fix for XSA-229 not included as that bug is in Linux, not Xen.
+ * Security fixes for XSA-231..234 inc. not inclued as still embargoed.
+
+ -- Ian Jackson <ian.jackson@eu.citrix.com> Thu, 07 Sep 2017 19:17:58 +0100
+
+xen (4.8.1-1+deb9u2) stretch-security; urgency=high
+
+ * Security fixes for
+ XSA-216 XSA-217 XSA-218 XSA-219 XSA-220
+ XSA-221 XSA-222 XSA-223 XSA-224 XSA-225
+
+ -- Ian Jackson <ian.jackson@eu.citrix.com> Tue, 20 Jun 2017 14:06:34 +0100
+
+xen (4.8.1-1+deb9u1) unstable; urgency=medium
+
+ * Security fixes for XSA-213 (Closes:#861659) and XSA-214
+ (Closes:#861660). (Xen 4.7 and later is not affected by XSA-215.)
+
+ -- Ian Jackson <ian.jackson@eu.citrix.com> Tue, 02 May 2017 12:19:57 +0100
+
+xen (4.8.1-1) unstable; urgency=high
+
+ * Update to upstream 4.8.1 release.
+ Changes include numerous bugfixes, including security fixes for:
+ XSA-212 / CVE-2017-7228 Closes:#859560
+ XSA-207 / no cve yet Closes:#856229
+ XSA-206 / no cve yet no Debian bug
+
+ -- Ian Jackson <ian.jackson@eu.citrix.com> Tue, 18 Apr 2017 18:05:00 +0100
+
+xen (4.8.1~pre.2017.01.23-1) unstable; urgency=medium
+
+ * Update to current upstream stable-4.8 git branch (Xen 4.8.1-pre).
+ Contains bugfixes.
+ * debian/control-real etc.: debian.py: Allow version numbers like this.
+
+ -- Ian Jackson <ian.jackson@eu.citrix.com> Mon, 23 Jan 2017 16:03:31 +0000
+
+xen (4.8.0-1) unstable; urgency=high
+
+ * Update to upstream Xen 4.8.0.
+ Includes the following security fixes:
+ XSA-201 CVE-2016-9815 CVE-2016-9816 CVE-2016-9817 CVE-2016-9818
+ XSA-198 CVE-2016-9379 CVE-2016-9380
+ XSA-196 CVE-2016-9378 CVE-2016-9377 Closes:#845669
+ XSA-195 CVE-2016-9383
+ XSA-194 CVE-2016-9384 Closes:#845667
+ XSA-193 CVE-2016-9385
+ XSA-192 CVE-2016-9382
+ XSA-191 CVE-2016-9386
+ Includes other bugfixes too:
+ Closes:#812166, Closes:#818525.
+
+ Cherry picks from upstream:
+ * Security fixes:
+ XSA-204 CVE-2016-10013 Closes:#848713
+ XSA-203 CVE-2016-10025
+ XSA-202 CVE-2016-10024
+ For completeness, the following XSAs do not apply here:
+ XSA-197 CVE-2016-9381 Bug is in qemu
+ XSA-199 CVE-2016-9637 Bug is in qemu
+ XSA-200 CVE-2016-9932 Xen 4.8 is not affected
+ * Cherry pick a build failure fix:
+ "x86/emul: add likely()/unlikely() to test harness"
+
+ [ Ian Jackson ]
+ * Drop -lcrypto search from upstream configure, and from our
+ Build-Depends. Closes:#844419.
+ * Change my own email address to my work (Citrix) address. When
+ uploading, I will swap hats to effectively sponsor my own upload.
+
+ [ Ian Campbell ]
+ * Start a qemu process in dom0 to service the toolstacks loopback disk
+ attaches. (Closes: #770456)
+ * Remove correct pidfile when stopping xenconsoled.
+ * Check that xenstored has actually started before talking to it.
+ Incorporate a timeout so as not to block boot (Mitigates #737613)
+ * Correct syntax error in xen-init-list when running with xend
+ (Closes: #763102)
+ * Apply SELinux labels to directories created by initscripts. Patch from
+ Russell Coker. (Closes: #764912)
+ * Include a reportbug control file to redirect bugs to src:xen for
+ packages which contain the Xen version in the name. Closes:#796370.
+
+ [ Lubomir Host ]
+ * Fix xen-init-name to not fail looking for a nonexistent 'config'
+ entry in xl's JSON output. Closes:#818129.
+
+ -- Ian Jackson <ian.jackson@eu.citrix.com> Thu, 22 Dec 2016 14:51:46 +0000
+
+xen (4.8.0~rc5-1) unstable; urgency=medium
+
+ * New upstream version, Xen 4.8.0 RC5.
+
+ -- Ian Jackson <ijackson@chiark.greenend.org.uk> Fri, 11 Nov 2016 15:26:58 +0000
+
+xen (4.8.0~rc3-1) unstable; urgency=medium
+
+ * Upload 4.8.0~rc3 to unstable. (RC5 is out upstream, but let's not
+ update to that in the middle of the Xen 4.6 -> 4.8 transition.)
+ * No source changes.
+
+ -- Ian Jackson <ijackson@chiark.greenend.org.uk> Sat, 05 Nov 2016 15:08:47 +0000
+
+xen (4.8.0~rc3-0exp2) experimental; urgency=medium
+
+ * Build-Depend on iasl on all architectures. ARM has ACPI now.
+ Fixes FTBFS on arm64 (at least).
+ * Add qemu-utils and seabios to Suggests.
+ * Pass -no-pie -fno-pic to x86 emulator test build. (Patch
+ also submitted upstream.) Fixes FTBFS on i386 with GCC6.
+ * Add myself to Uploaders.
+
+ -- Ian Jackson <ijackson@chiark.greenend.org.uk> Tue, 01 Nov 2016 18:00:25 +0000
+
+xen (4.8.0~rc3-0exp1) experimental; urgency=high
+
+ * New upstream version, Xen 4.8.0 RC3.
+ Fixes many outstanding CVEs.
+ * Incorporated many changes from 4.8.0-0ubuntu2
+ - libxen-dev is M-A: same
+ - Work around grep bug http://bugs.launchpad.net/bugs/1547466
+ - debian/xen-hypervisor-4.6.xen.cfg:
+ Additional config file to simplify grub configuration.
+ - Use new library/abiname scheme.
+ - Document what xl and xm are in default.xen
+ - Add libvirtd dependency to xendomains init script
+ (Thanks to Stefan Bader and others.)
+
+ -- Ian Jackson <ijackson@chiark.greenend.org.uk> Mon, 24 Oct 2016 17:31:27 +0100
+
+xen (4.6.0-1+nmu2) unstable; urgency=medium
+
+ * Ensure debian/control.md5sum is correctly updated. Fixes FTBFS of
+ 4.6.0-1+nmu1 on buildds where linux-support-4.2.0-1 is not expected to be
+ installed.
+
+ -- Ian Campbell <ijc@debian.org> Tue, 09 Feb 2016 16:41:16 +0000
+
+xen (4.6.0-1+nmu1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Drop unused patching in of $(PREFIX), $(SBINDIR) and $(BINDIR)
+ which are no longer used by the upstream build system.
+ * Use correct/consistent LIBEXEC dirs throughout build
+ (Closes: #805508).
+
+ -- Ian Campbell <ijc@debian.org> Tue, 19 Jan 2016 14:43:54 +0000
+
+xen (4.6.0-1) unstable; urgency=medium
+
+ * New upstream release.
+ * CVE-2015-7812
+ * CVE-2015-7813
+ * CVE-2015-7814
+ * CVE-2015-7835
+ * CVE-2015-7969
+ * CVE-2015-7970
+ * CVE-2015-7971
+ * CVE-2015-7972
+
+ -- Bastian Blank <waldi@debian.org> Sun, 01 Nov 2015 21:49:07 +0100
+
+xen (4.5.1~rc1-1) experimental; urgency=medium
+
+ [ Ian Campbell ]
+ * Use xen-init-dom0 from initscript when it is available.
+ * Install some user facing docs in xen-utils-common. (Closes: #688308)
+
+ [ Bastian Blank ]
+ * New upstream release candidate.
+
+ -- Bastian Blank <waldi@debian.org> Sun, 31 May 2015 21:59:56 +0200
+
+xen (4.5.0-1) experimental; urgency=medium
+
+ [ Ian Campbell ]
+ * New upstream release
+
+ -- Bastian Blank <waldi@debian.org> Wed, 21 Jan 2015 20:21:45 +0100
+
+xen (4.5.0~rc3-1) experimental; urgency=medium
+
+ * New upstream release candidate.
+ * Re-add xend config.
+
+ -- Bastian Blank <waldi@debian.org> Wed, 17 Dec 2014 22:37:23 +0100
+
+xen (4.4.1-6) unstable; urgency=medium
+
+ * Fix starvation of writers in locks.
+ CVE-2014-9065
+
+ -- Bastian Blank <waldi@debian.org> Thu, 11 Dec 2014 15:56:08 +0100
+
+xen (4.4.1-5) unstable; urgency=medium
+
+ * Fix excessive checks of hypercall arguments.
+ CVE-2014-8866
+ * Fix boundary checks of emulated MMIO access.
+ CVE-2014-8867
+ * Fix additional memory leaks in xl. (closes: #767295)
+
+ -- Bastian Blank <waldi@debian.org> Sun, 30 Nov 2014 20:13:32 +0100
+
+xen (4.4.1-4) unstable; urgency=medium
+
+ [ Bastian Blank ]
+ * Make operations pre-emptible.
+ CVE-2014-5146, CVE-2014-5149
+ * Don't allow page table updates from non-PV page tables.
+ CVE-2014-8594
+ * Enforce privilege level while loading code segment.
+ CVE-2014-8595
+ * Fix reference counter leak.
+ CVE-2014-9030
+ * Use linux 3.16.0-4 stuff.
+ * Fix memory leak in xl. (closes: #767295)
+
+ [ Ian Campbell ]
+ * Add licensing for tools/python/logging to debian/copyright.
+ (Closes: #759384)
+ * Correctly include xen-init-name in xen-utils-common. (Closes: #769543)
+ * xen-utils recommends grub-xen-host package (Closes: #770460)
+
+ -- Bastian Blank <waldi@debian.org> Thu, 27 Nov 2014 20:17:36 +0100
+
+xen (4.4.1-3) unstable; urgency=medium
+
+ [ Bastian Blank ]
+ * Remove unused build-depencencies.
+ * Extend list affected systems for broken interrupt assignment.
+ CVE-2013-3495
+ * Fix race in hvm memory management.
+ CVE-2014-7154
+ * Fix missing privilege checks on instruction emulation.
+ CVE-2014-7155, CVE-2014-7156
+ * Fix uninitialized control structures in FIFO handling.
+ CVE-2014-6268
+ * Fix MSR range check in emulation.
+ CVE-2014-7188
+
+ [ Ian Campbell ]
+ * Install xen.efi into /boot for amd64 builds.
+
+ -- Bastian Blank <waldi@debian.org> Fri, 17 Oct 2014 16:27:46 +0200
+
+xen (4.4.1-2) unstable; urgency=medium
+
+ * Re-build with correct content.
+ * Use dh_lintian.
+
+ -- Bastian Blank <waldi@debian.org> Wed, 24 Sep 2014 20:23:14 +0200
+
+xen (4.4.1-1) unstable; urgency=medium
+
+ * New upstream release.
+ - Fix several vulnerabilities. (closes: #757724)
+ CVE-2014-2599, CVE-2014-3124,
+ CVE-2014-3967, CVE-2014-3968,
+ CVE-2014-4021
+
+ -- Bastian Blank <waldi@debian.org> Sun, 21 Sep 2014 10:45:47 +0200
+
+xen (4.4.0-5) unstable; urgency=medium
+
+ [ Ian Campbell ]
+ * Expand on the descriptions of some packages. (Closes: #466683)
+ * Clarify where xen-utils-common is required. (Closes: #612403)
+ * No longer depend on gawk. Xen can now use any awk one of which is always
+ present. (Closes: #589176)
+ * Put core dumps in /var/lib/xen/dump and ensure it exists.
+ (Closes: #444000)
+
+ [ Bastian Blank ]
+ * Handle JSON output from xl in xendomains init script.
+
+ -- Bastian Blank <waldi@debian.org> Sat, 06 Sep 2014 22:11:20 +0200
+
+xen (4.4.0-4) unstable; urgency=medium
+
+ [ Bastian Blank ]
+ * Also remove unused OCaml packages from control file.
+ * Make library packages multi-arch: same. (closes: #730417)
+ * Use debhelper compat level 9. (closes: #692352)
+
+ [ Ian Campbell ]
+ * Correct contents of /etc/xen/scripts/hotplugpath.sh (Closes: #706283)
+ * Drop references cpuperf-xen and cpuperf-perfcntr. (Closes: #733847)
+ * Install xentrace_format(1), xentrace(8) and xentop(1). (Closes: #407143)
+
+ -- Bastian Blank <waldi@debian.org> Sat, 30 Aug 2014 13:34:04 +0200
+
+xen (4.4.0-3) unstable; urgency=medium
+
+ [ Ian Campbell ]
+ * Use correct SeaBIOS binary which supports Xen (Closes: #737905).
+
+ [ Bastian Blank ]
+ * Really update config.{sub,guess}.
+
+ -- Bastian Blank <waldi@debian.org> Fri, 29 Aug 2014 16:33:19 +0200
+
+xen (4.4.0-2) unstable; urgency=medium
+
+ * Remove broken and unused OCaml-support.
+
+ -- Bastian Blank <waldi@debian.org> Mon, 18 Aug 2014 15:18:42 +0200
+
+xen (4.4.0-1) unstable; urgency=medium
+
+ [ Bastian Blank ]
+ * New upstream release.
+ - Update scripts for compatiblity with latest coreutils.
+ (closes: #718898)
+ - Fix guest reboot with xl toolstack. (closes: #727100)
+ - CVE-2013-6375: Insufficient TLB flushing in VT-d (iommu) code.
+ (closes: #730254)
+ - xl support for global VNC options. (closes: #744157)
+ - vif scripts can now be named relative to /etc/xen/scripts.
+ (closes: #744160)
+ - Support for arbitrary sized SeaBIOS binaries. (closes: #737905)
+ - pygrub searches for extlinux.conf in the expected places.
+ (closes: #697407)
+ - Update scripts to use correct syntax for ip command.
+ (closes: #705659)
+ * Fix install of xend configs to not break compatibility.
+
+ [ Ian Campbell ]
+ * Disable blktap1 support using new configure option instead of by patching.
+ * Disable qemu-traditional and rombios support using new configure option
+ instead of by patching. No need to build-depend on ipxe any more.
+ * Use system qemu-xen via new configure option instead of patching.
+ * Use system seabios via new configure option instead of patching.
+ * Use EXTRA_CFLAGS_XEN_TOOLS and APPEND_{CPPFLAGS,LDFLAGS} during build.
+ * Add support for armhf and arm64.
+ * Update config.{sub,guess}.
+
+ -- Bastian Blank <waldi@debian.org> Sat, 09 Aug 2014 13:09:00 +0200
+
+xen (4.3.0-3) unstable; urgency=low
+
+ * Revive hypervisor on i386.
+
+ -- Bastian Blank <waldi@debian.org> Fri, 18 Oct 2013 00:15:16 +0200
+
+xen (4.3.0-2) unstable; urgency=low
+
+ * Force proper install order. (closes: #721999)
+
+ -- Bastian Blank <waldi@debian.org> Sat, 05 Oct 2013 15:03:36 +0000
+
+xen (4.3.0-1) unstable; urgency=low
+
+ * New upstream release.
+ - Fix HVM PCI passthrough. (closes: #706543)
+ * Call configure with proper arguments.
+ * Remove now empty xen-docs package.
+ * Disable external code retrieval.
+ * Drop all i386 hypervisor packages.
+ * Drop complete blktap support.
+ * Create /run/xen.
+ * Make xen-utils recommend qemu-system-x86. (closes: #688311)
+ - This version comes with audio support. (closes: #635166)
+ * Make libxenlight and libxlutil public. (closes: #644390)
+ - Set versioned ABI name.
+ - Install headers.
+ - Move libs into normal library path.
+ * Use build flags in the tools build.
+ - Fix fallout from harderning flags.
+ * Update Standards-Version to 3.9.4. No changes.
+
+ -- Bastian Blank <waldi@debian.org> Thu, 05 Sep 2013 13:54:03 +0200
+
+xen (4.2.2-1) unstable; urgency=low
+
+ * New upstream release.
+ - Fix build with gcc 4.8. (closes: #712376)
+ * Build-depend on libssl-dev. (closes: #712366)
+ * Enable hardening as much as possible.
+ * Re-enable ocaml build fixes. (closes: #695176)
+ * Check for out-of-bound values in CPU affinity setup.
+ CVE-2013-2072
+ * Fix information leak on AMD CPUs.
+ CVE-2013-2076
+ * Recover from faults on XRSTOR.
+ CVE-2013-2077
+ * Properly check guest input to XSETBV.
+ CVE-2013-2078
+
+ -- Bastian Blank <waldi@debian.org> Thu, 11 Jul 2013 00:28:24 +0200
+
+xen (4.2.1-2) unstable; urgency=low
+
+ * Actually upload to unstable.
+
+ -- Bastian Blank <waldi@debian.org> Sun, 12 May 2013 00:20:58 +0200
+
+xen (4.2.1-1) experimental; urgency=low
+
+ * New upstream release.
+ * Enable usage of seabios.
+ * Fix some toolchain issues.
+
+ -- Bastian Blank <waldi@debian.org> Sat, 11 May 2013 23:55:46 +0200
+
+xen (4.2.0-2) experimental; urgency=low
+
+ * Support JSON output in domain init script helper.
+
+ -- Bastian Blank <waldi@debian.org> Mon, 01 Oct 2012 15:11:30 +0200
+
+xen (4.2.0-1) experimental; urgency=low
+
+ * New upstream release.
+
+ -- Bastian Blank <waldi@debian.org> Tue, 18 Sep 2012 13:54:30 +0200
+
+xen (4.2.0~rc3-1) experimental; urgency=low
+
+ * New upstream snapshot.
+
+ -- Bastian Blank <waldi@debian.org> Fri, 07 Sep 2012 20:28:46 +0200
+
+xen (4.2.0~rc2-1) experimental; urgency=low
+
+ * New upstream snapshot.
+ * Build-depend against libglib2.0-dev and libyajl-dev.
+ * Disable seabios build for now.
+ * Remove support for Lenny and earlier.
+ * Support build-arch and build-indep make targets.
+
+ -- Bastian Blank <waldi@debian.org> Sun, 13 May 2012 12:21:10 +0000
+
+xen (4.1.4-4) unstable; urgency=high
+
+ * Make several long runing operations preemptible.
+ CVE-2013-1918
+ * Fix source validation for VT-d interrupt remapping.
+ CVE-2013-1952
+
+ -- Bastian Blank <waldi@debian.org> Thu, 02 May 2013 14:30:29 +0200
+
+xen (4.1.4-3) unstable; urgency=high
+
+ * Fix return from SYSENTER.
+ CVE-2013-1917
+ * Fix various problems with guest interrupt handling.
+ CVE-2013-1919
+ * Only save pointer after access checks.
+ CVE-2013-1920
+ * Fix domain locking for transitive grants.
+ CVE-2013-1964
+
+ -- Bastian Blank <waldi@debian.org> Fri, 19 Apr 2013 13:01:57 +0200
+
+xen (4.1.4-2) unstable; urgency=low
+
+ * Use pre-device interrupt remapping mode per default. Fix removing old
+ remappings.
+ CVE-2013-0153
+
+ -- Bastian Blank <waldi@debian.org> Wed, 06 Feb 2013 13:04:52 +0100
+
+xen (4.1.4-1) unstable; urgency=low
+
+ * New upstream release.
+ - Disable process-context identifier support in newer CPUs for all
+ domains.
+ - Add workarounds for AMD errata.
+ - Don't allow any non-canonical addresses.
+ - Use Multiboot memory map if BIOS emulation does not provide one.
+ - Fix several problems in tmem.
+ CVE-2012-3497
+ - Fix error handling in domain creation.
+ - Adjust locking and interrupt handling during S3 resume.
+ - Tighten more resource and memory range checks.
+ - Reset performance counters. (closes: #698651)
+ - Remove special-case for first IO-APIC.
+ - Fix MSI handling for HVM domains. (closes: #695123)
+ - Revert cache value of disks in HVM domains.
+
+ -- Bastian Blank <waldi@debian.org> Thu, 31 Jan 2013 15:44:50 +0100
+
+xen (4.1.3-8) unstable; urgency=high
+
+ * Fix error in VT-d interrupt remapping source validation.
+ CVE-2012-5634
+ * Fix buffer overflow in qemu e1000 emulation.
+ CVE-2012-6075
+ * Update patch, mention second CVE.
+ CVE-2012-5511, CVE-2012-6333
+
+ -- Bastian Blank <waldi@debian.org> Sat, 19 Jan 2013 13:55:07 +0100
+
+xen (4.1.3-7) unstable; urgency=low
+
+ * Fix clock jump due to incorrect annotated inline assembler.
+ (closes: #599161)
+ * Add support for XZ compressed Linux kernels to hypervisor and userspace
+ based loaders, it is needed for any Linux kernels newer then Wheezy.
+ (closes: #695056)
+
+ -- Bastian Blank <waldi@debian.org> Tue, 11 Dec 2012 18:54:59 +0100
+
+xen (4.1.3-6) unstable; urgency=high
+
+ * Fix error handling in physical to machine memory mapping.
+ CVE-2012-5514
+
+ -- Bastian Blank <waldi@debian.org> Tue, 04 Dec 2012 10:51:43 +0100
+
+xen (4.1.3-5) unstable; urgency=high
+
+ * Fix state corruption due to incomplete grant table switch.
+ CVE-2012-5510
+ * Check range of arguments to several HVM operations.
+ CVE-2012-5511, CVE-2012-6333
+ * Check array index before using it in HVM memory operation.
+ CVE-2012-5512
+ * Check memory range in memory exchange operation.
+ CVE-2012-5513
+ * Don't allow too large memory size and avoid busy looping.
+ CVE-2012-5515
+
+ -- Bastian Blank <waldi@debian.org> Mon, 03 Dec 2012 19:37:38 +0100
+
+xen (4.1.3-4) unstable; urgency=high
+
+ * Use linux 3.2.0-4 stuff.
+ * Fix overflow in timer calculations.
+ CVE-2012-4535
+ * Check value of physical interrupts parameter before using it.
+ CVE-2012-4536
+ * Error out on incorrect memory mapping updates.
+ CVE-2012-4537
+ * Check if toplevel page tables are present.
+ CVE-2012-4538
+ * Fix infinite loop in compatibility code.
+ CVE-2012-4539
+ * Limit maximum kernel and ramdisk size.
+ CVE-2012-2625, CVE-2012-4544
+
+ -- Bastian Blank <waldi@debian.org> Tue, 20 Nov 2012 15:51:01 +0100
+
+xen (4.1.3-3) unstable; urgency=low
+
+ * Xen domain init script:
+ - Make sure Open vSwitch is started before any domain.
+ - Properly handle and show output of failed migration and save.
+ - Ask all domains to shut down before checking them.
+
+ -- Bastian Blank <waldi@debian.org> Tue, 18 Sep 2012 13:26:32 +0200
+
+xen (4.1.3-2) unstable; urgency=medium
+
+ * Don't allow writing reserved bits in debug register.
+ CVE-2012-3494
+ * Fix error handling in interrupt assignment.
+ CVE-2012-3495
+ * Don't trigger bug messages on invalid flags.
+ CVE-2012-3496
+ * Check array bounds in interrupt assignment.
+ CVE-2012-3498
+ * Properly check bounds while setting the cursor in qemu.
+ CVE-2012-3515
+ * Disable monitor in qemu by default.
+ CVE-2012-4411
+
+ -- Bastian Blank <waldi@debian.org> Fri, 07 Sep 2012 19:41:46 +0200
+
+xen (4.1.3-1) unstable; urgency=medium
+
+ * New upstream release: (closes: #683286)
+ - Don't leave the x86 emulation in a bad state. (closes: #683279)
+ CVE-2012-3432
+ - Only check for shared pages while any exist on teardown.
+ CVE-2012-3433
+ - Fix error handling for unexpected conditions.
+ - Update CPUID masking to latest Intel spec.
+ - Allow large ACPI ids.
+ - Fix IOMMU support for PCI-to-PCIe bridges.
+ - Disallow access to some sensitive IO-ports.
+ - Fix wrong address in IOTLB.
+ - Fix deadlock on CPUs without working cpufreq driver.
+ - Use uncached disk access in qemu.
+ - Fix buffer size on emulated e1000 device in qemu.
+ * Fixup broken and remove applied patches.
+
+ -- Bastian Blank <waldi@debian.org> Fri, 17 Aug 2012 11:25:02 +0200
+
+xen (4.1.3~rc1+hg-20120614.a9c0a89c08f2-5) unstable; urgency=low
+
+ [ Ian Campbell ]
+ * Set tap device MAC addresses to fe:ff:ff:ff:ff:ff (Closes: #671018)
+ * Only run xendomains initscript if toolstack is xl or xm (Closes: #680528)
+
+ [ Bastian Blank ]
+ * Actually build-depend on new enough version of dpkg-dev.
+ * Add xen-sytem-* meta-packages. We are finally in a position to do
+ automatic upgrades and this package is missing. (closes: #681376)
+
+ -- Bastian Blank <waldi@debian.org> Sat, 28 Jul 2012 10:23:26 +0200
+
+xen (4.1.3~rc1+hg-20120614.a9c0a89c08f2-4) unstable; urgency=low
+
+ * Add Build-Using info to xen-utils package.
+ * Fix build-arch target.
+
+ -- Bastian Blank <waldi@debian.org> Sun, 01 Jul 2012 19:52:30 +0200
+
+xen (4.1.3~rc1+hg-20120614.a9c0a89c08f2-3) unstable; urgency=low
+
+ * Remove /usr/lib/xen-default. It breaks systems if xenstored is not
+ compatible.
+ * Fix init script usage.
+ * Fix udev rules for emulated network devices:
+ - Force names of emulated network devices to a predictable name.
+
+ -- Bastian Blank <waldi@debian.org> Sun, 01 Jul 2012 16:59:04 +0200
+
+xen (4.1.3~rc1+hg-20120614.a9c0a89c08f2-2) unstable; urgency=low
+
+ * Fix pointer missmatch in interrupt functions. Fixes build on i386.
+
+ -- Bastian Blank <waldi@debian.org> Fri, 15 Jun 2012 18:00:51 +0200
+
+xen (4.1.3~rc1+hg-20120614.a9c0a89c08f2-1) unstable; urgency=low
+
+ * New upstream snapshot.
+ - Fix privilege escalation and syscall/sysenter DoS while using
+ non-canonical addresses by untrusted PV guests. (closes: #677221)
+ CVE-2012-0217
+ CVE-2012-0218
+ - Disable Xen on CPUs affected by AMD Erratum #121. PV guests can
+ cause a DoS of the host.
+ CVE-2012-2934
+ * Don't fail if standard toolstacks are not available. (closes: #677244)
+
+ -- Bastian Blank <waldi@debian.org> Thu, 14 Jun 2012 17:06:25 +0200
+
+xen (4.1.2-7) unstable; urgency=low
+
+ * Really use ucf.
+ * Update init script dependencies:
+ - Start $syslog before xen.
+ - Start drbd and iscsi before xendomains. (closes: #626356)
+ - Start corosync and heartbeat after xendomains.
+ * Remove /var/log/xen on purge. (closes: #656216)
+
+ -- Bastian Blank <waldi@debian.org> Tue, 22 May 2012 10:44:41 +0200
+
+xen (4.1.2-6) unstable; urgency=low
+
+ * Fix generation of architectures for hypervisor packages.
+ * Remove information about loop devices, it is incorrect. (closes: #503044)
+ * Update xendomains init script:
+ - Create directory for domain images only root readable. (closes: #596048)
+ - Add missing sanity checks for variables. (closes: #671750)
+ - Remove not longer supported config options.
+ - Don't fail if no config is available.
+ - Remove extra output if domain was restored.
+
+ -- Bastian Blank <waldi@debian.org> Sun, 06 May 2012 20:07:41 +0200
+
+xen (4.1.2-5) unstable; urgency=low
+
+ * Actually force init script rename. (closes: #669341)
+ * Fix long output from xl.
+ * Move complete init script setup.
+ * Rewrite xendomains init script:
+ - Use LSB output functions.
+ - Make output more clear.
+ - Use xen toolstack wrapper.
+ - Use a python script to properly read domain details.
+ * Set name for Domain-0.
+
+ -- Bastian Blank <waldi@debian.org> Mon, 23 Apr 2012 11:56:45 +0200
+
+xen (4.1.2-4) unstable; urgency=low
+
+ [ Bastian Blank ]
+ * Build-depend on ipxe-qemu instead of ipxe. (closes: #665070)
+ * Don't longer use a4wide latex package.
+ * Use ucf for /etc/default/xen.
+ * Remove handling for old udev rules link and xenstored directory.
+ * Rename xend init script to xen.
+
+ [ Lionel Elie Mamane ]
+ * Fix toolstack script to work with old dash. (closes: #648029)
+
+ -- Bastian Blank <waldi@debian.org> Mon, 16 Apr 2012 08:47:29 +0000
+
+xen (4.1.2-3) unstable; urgency=low
+
+ * Merge xen-common source package.
+ * Remove xend wrapper, it should not be called by users.
+ * Support xl in init script.
+ * Restart xen daemons on upgrade.
+ * Restart and stop xenconsoled in init script.
+ * Load xen-gntdev module.
+ * Create /var/lib/xen. (closes: #658101)
+ * Cleanup udev rules. (closes: #657745)
+
+ -- Bastian Blank <waldi@debian.org> Wed, 01 Feb 2012 19:28:28 +0100
+
+xen (4.1.2-2) unstable; urgency=low
+
+ [ Jon Ludlam ]
+ * Import (partially reworked) upstream changes for OCaml support.
+ - Rename the ocamlfind packages.
+ - Remove uuid and log libraries.
+ - Fix 2 bit-twiddling bugs and an off-by-one
+ * Fix build of OCaml libraries.
+ * Add OCaml library and development package.
+ * Include some missing headers.
+
+ -- Bastian Blank <waldi@debian.org> Sat, 10 Dec 2011 19:13:25 +0000
+
+xen (4.1.2-1) unstable; urgency=low
+
+ * New upstream release.
+ * Build-depend on pkg-config.
+ * Add package libxen-4.1. Includes some shared libs.
+
+ -- Bastian Blank <waldi@debian.org> Sat, 26 Nov 2011 18:28:06 +0100
+
+xen (4.1.1-3) unstable; urgency=low
+
+ [ Julien Danjou ]
+ * Remove Julien Danjou from the Uploaders field. (closes: #590439)
+
+ [ Bastian Blank ]
+ * Use current version of python. (closes: #646660)
+ * Build-depend against liblzma-dev, it is used if available.
+ (closes: #646694)
+ * Update Standards-Version to 3.9.2. No changes.
+ * Don't use brace-expansion in debhelper install files.
+
+ -- Bastian Blank <waldi@debian.org> Wed, 26 Oct 2011 14:42:33 +0200
+
+xen (4.1.1-2) unstable; urgency=low
+
+ * Fix hvmloader with gcc 4.6.
+
+ -- Bastian Blank <waldi@debian.org> Fri, 05 Aug 2011 23:58:36 +0200
+
+xen (4.1.1-1) unstable; urgency=low
+
+ * New upstream release.
+ * Don't use qemu-dm if it is not needed. (Backport from xen-unstable.)
+ * Use dh_python2.
+
+ -- Bastian Blank <waldi@debian.org> Mon, 18 Jul 2011 19:38:38 +0200
+
+xen (4.1.0-3) unstable; urgency=low
+
+ * Add ghostscript to build-deps.
+ * Enable qemu-dm build.
+ - Add qemu as another orig tar.
+ - Remove blktap1, bluetooth and sdl support from qemu.
+ - Recommend qemu-keymaps and qemu-utils.
+
+ -- Bastian Blank <waldi@debian.org> Thu, 28 Apr 2011 15:20:45 +0200
+
+xen (4.1.0-2) unstable; urgency=low
+
+ * Re-enable hvmloader:
+ - Use packaged ipxe.
+ * Workaround incompatibility with xenstored of Xen 4.0.
+
+ -- Bastian Blank <waldi@debian.org> Fri, 15 Apr 2011 11:38:25 +0200
+
+xen (4.1.0-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Bastian Blank <waldi@debian.org> Sun, 27 Mar 2011 18:09:28 +0000
+
+xen (4.1.0~rc6-1) unstable; urgency=low
+
+ * New upstream release candidate.
+ * Build documentation using pdflatex.
+ * Use python 2.6. (closes: #596545)
+ * Fix lintian override.
+ * Install new tools: xl, xenpaging.
+ * Enable blktap2.
+ - Use own md5 implementation.
+ - Fix includes.
+ - Fix linking of blktap2 binaries.
+ - Remove optimization setting.
+ * Temporarily disable hvmloader, wants to download ipxe.
+ * Remove xenstored pid check from xl.
+
+ -- Bastian Blank <waldi@debian.org> Thu, 17 Mar 2011 16:12:45 +0100
+
+xen (4.0.1-2) unstable; urgency=low
+
+ * Fix races in memory management.
+ * Make sure that frame-table compression leaves enough alligned.
+ * Disable XSAVE support. (closes: #595490)
+ * Check for dying domain instead of raising an assertion.
+ * Add C6 state with EOI errata for Intel.
+ * Make some memory management interrupt safe. Unsure if really needed.
+ * Raise bar for inter-socket migrations on mostly-idle systems.
+ * Fix interrupt handling for legacy routed interrupts.
+ * Allow to set maximal domain memory even during a running change.
+ * Support new partition name in pygrub. (closes: #599243)
+ * Fix some comparisions "< 0" that may be optimized away.
+ * Check for MWAIT support before using it.
+ * Fix endless loop on interrupts on Nehalem cpus.
+ * Don't crash upon direct GDT/LDT access. (closes: #609531)
+ CVE-2010-4255
+ * Don't loose timer ticks after domain restore.
+ * Reserve some space for IOMMU area in dom0. (closes: #608715)
+ * Fix hypercall arguments after trace callout.
+ * Fix some error paths in vtd support. Memory leak.
+ * Reinstate ACPI DMAR table.
+
+ -- Bastian Blank <waldi@debian.org> Wed, 12 Jan 2011 15:01:40 +0100
+
+xen (4.0.1-1) unstable; urgency=low
+
+ * New upstream release.
+ - Fix IOAPIC S3 with interrupt remapping enabled.
+
+ -- Bastian Blank <waldi@debian.org> Fri, 03 Sep 2010 17:14:28 +0200
+
+xen (4.0.1~rc6-1) unstable; urgency=low
+
+ * New upstream release candidate.
+ - Add some missing locks for page table walk.
+ - Fix NMU injection into guest.
+ - Fix ioapic updates for vt-d.
+ - Add check for GRUB2 commandline behaviour.
+ - Fix handling of invalid kernel images.
+ - Allow usage of powernow.
+ * Remove lowlevel python modules usage from pygrub. (closes: #588811)
+
+ -- Bastian Blank <waldi@debian.org> Tue, 17 Aug 2010 23:15:34 +0200
+
+xen (4.0.1~rc5-1) unstable; urgency=low
+
+ * New upstream release candidate.
+
+ -- Bastian Blank <waldi@debian.org> Mon, 02 Aug 2010 17:06:27 +0200
+
+xen (4.0.1~rc3-1) unstable; urgency=low
+
+ * New upstream release candidate.
+ * Call dh_pyversion with the correct version.
+ * Restart xen daemon on upgrade.
+
+ -- Bastian Blank <waldi@debian.org> Wed, 30 Jun 2010 16:30:47 +0200
+
+xen (4.0.0-2) unstable; urgency=low
+
+ * Fix python dependency. (closes: #586666)
+ - Use python-support.
+ - Hardcode to use python 2.5 for now.
+
+ -- Bastian Blank <waldi@debian.org> Mon, 21 Jun 2010 17:23:16 +0200
+
+xen (4.0.0-1) unstable; urgency=low
+
+ * Update to unstable.
+ * Fix spelling in README.
+ * Remove unnecessary build-depends.
+ * Fixup xend to use different filename lookup.
+
+ -- Bastian Blank <waldi@debian.org> Thu, 17 Jun 2010 11:16:55 +0200
+
+xen (4.0.0-1~experimental.2) experimental; urgency=low
+
+ * Merge changes from 3.4.3-1.
+
+ -- Bastian Blank <waldi@debian.org> Fri, 28 May 2010 12:58:12 +0200
+
+xen (4.0.0-1~experimental.1) experimental; urgency=low
+
+ * New upstream version.
+ * Rename source package to xen.
+ * Build depend against iasl and uuid-dev.
+ * Disable blktap2 support, it links against OpenSSL.
+ * Update copyright file.
+
+ -- Bastian Blank <waldi@debian.org> Thu, 06 May 2010 15:47:38 +0200
+
+xen-3 (3.4.3-1) unstable; urgency=low
+
+ * New upstream version.
+ * Disable blktap support, it is unusable with current kernels.
+ * Disable libaio, was only used by blktap.
+ * Drop device creation support. (closes: #583283)
+
+ -- Bastian Blank <waldi@debian.org> Fri, 28 May 2010 11:43:18 +0200
+
+xen-3 (3.4.3~rc6-1) unstable; urgency=low
+
+ * New upstream release candidate.
+ - Relocate multiboot modules. (closes: #580045)
+ - Support grub2 in pygrub. (closes: #573311)
+
+ -- Bastian Blank <waldi@debian.org> Sat, 08 May 2010 11:32:29 +0200
+
+xen-3 (3.4.3~rc3-2) unstable; urgency=low
+
+ * Again list the complete version in the hypervisor.
+ * Fix path detection for bootloader, document it. (closes: #481105)
+ * Rewrite README.
+
+ -- Bastian Blank <waldi@debian.org> Thu, 08 Apr 2010 16:14:58 +0200
+
+xen-3 (3.4.3~rc3-1) unstable; urgency=low
+
+ * New upstream release candidate.
+ * Use 3.0 (quilt) source format.
+ * Always use current python version.
+
+ -- Bastian Blank <waldi@debian.org> Mon, 01 Mar 2010 22:14:22 +0100
+
+xen-3 (3.4.2-2) unstable; urgency=low
+
+ * Remove Jeremy T. Bouse from uploaders.
+ * Export blktap lib and headers.
+ * Build amd64 hypervisor on i386. (closes: #366315)
+
+ -- Bastian Blank <waldi@debian.org> Sun, 22 Nov 2009 16:54:47 +0100
+
+xen-3 (3.4.2-1) unstable; urgency=low
+
+ * New upstream version.
+ * Strip hvmloader by hand.
+ * Remove extra license file from libxen-dev.
+
+ -- Bastian Blank <waldi@debian.org> Mon, 16 Nov 2009 20:57:07 +0100
+
+xen-3 (3.4.1-1) unstable; urgency=low
+
+ * New upstream version.
+
+ -- Bastian Blank <waldi@debian.org> Fri, 21 Aug 2009 21:34:38 +0200
+
+xen-3 (3.4.0-2) unstable; urgency=low
+
+ * Add symbols file for libxenstore3.0. (closes: #536173)
+ * Document that ioemu is currently unsupported. (closes: #536175)
+ * Fix location of fsimage plugins. (closes: #536174)
+
+ -- Bastian Blank <waldi@debian.org> Sat, 18 Jul 2009 18:05:35 +0200
+
+xen-3 (3.4.0-1) unstable; urgency=low
+
+ [ Bastian Blank ]
+ * New upstream version.
+ * Remove ioemu for now. (closes: #490409, #496367)
+ * Remove non-pae hypervisor.
+ * Use debhelper compat level 7.
+ * Make the init script start all daemons.
+
+ -- Bastian Blank <waldi@debian.org> Tue, 30 Jun 2009 22:33:22 +0200
+
+xen-3 (3.2.1-2) unstable; urgency=low
+
+ * Use e2fslibs based ext2 support for pygrub. (closes: #476366)
+ * Fix missing checks in pvfb code.
+ See CVE-2008-1952. (closes: #487095)
+ * Add support for loading bzImage files. (closes: #474509)
+ * Enable TLS support in ioemu code.
+ * Drop libcrypto usage because of GPL-incompatibility.
+ * Remove AES code from blktap drivers. Considered broken.
+
+ -- Bastian Blank <waldi@debian.org> Sat, 28 Jun 2008 11:30:43 +0200
+
+xen-3 (3.2.1-1) unstable; urgency=low
+
+ * New upstream version.
+ * Set rpath relative to ${ORIGIN}.
+ * Add lintian override to xen-utils package.
+
+ -- Bastian Blank <waldi@debian.org> Thu, 22 May 2008 14:01:47 +0200
+
+xen-3 (3.2.0-5) unstable; urgency=low
+
+ * Provide correct directory to dh_pycentral.
+
+ -- Bastian Blank <waldi@debian.org> Mon, 14 Apr 2008 21:43:49 +0200
+
+xen-3 (3.2.0-4) unstable; urgency=low
+
+ * Pull in newer xen-utils-common.
+ * Fix missing size checks in the ioemu block driver. (closes: #469654)
+ See: CVE-2008-0928
+
+ -- Bastian Blank <waldi@debian.org> Fri, 07 Mar 2008 14:21:38 +0100
+
+xen-3 (3.2.0-3) unstable; urgency=low
+
+ * Clean environment for build.
+ * Add packages libxenstore3.0 and xenstore-utils.
+ * Move docs package in docs section to match overwrites.
+ * Make the hypervisor only recommend the utils.
+ * Cleanup installation. (closes: #462989)
+
+ -- Bastian Blank <waldi@debian.org> Tue, 12 Feb 2008 12:40:56 +0000
+
+xen-3 (3.2.0-2) unstable; urgency=low
+
+ * Fix broken patch. (closes: #462522)
+
+ -- Bastian Blank <waldi@debian.org> Sat, 26 Jan 2008 17:21:52 +0000
+
+xen-3 (3.2.0-1) unstable; urgency=low
+
+ * New upstream version.
+ * Add package libxen-dev. Including public headers and static libs.
+ (closes: #402249)
+ * Don't longer install xenfb, removed upstream.
+
+ -- Bastian Blank <waldi@debian.org> Tue, 22 Jan 2008 12:51:49 +0000
+
+xen-3 (3.1.2-2) unstable; urgency=low
+
+ * Add missing rpath definitions.
+ * Fix building of pae version.
+
+ -- Bastian Blank <waldi@debian.org> Sat, 08 Dec 2007 12:07:42 +0000
+
+xen-3 (3.1.2-1) unstable; urgency=high
+
+ * New upstream release:
+ - Move shared file into /var/run. (closes: #447795)
+ See CVE-2007-3919.
+ - x86: Fix various problems with debug-register handling. (closes: #451626)
+ See CVE-2007-5906.
+
+ -- Bastian Blank <waldi@debian.org> Sat, 24 Nov 2007 13:24:45 +0000
+
+xen-3 (3.1.1-1) unstable; urgency=low
+
+ * New upstream release:
+ - Don't use exec with untrusted values in pygrub. (closes: #444430)
+ See CVE-2007-4993.
+
+ -- Bastian Blank <waldi@debian.org> Fri, 19 Oct 2007 16:02:37 +0000
+
+xen-3 (3.1.0-2) unstable; urgency=low
+
+ * Switch to texlive for documentation.
+ * Drop unused transfig.
+ * Drop unused latex features from documentation.
+ * Build depend against gcc-multilib for amd64. (closes: #439662)
+
+ -- Bastian Blank <waldi@debian.org> Fri, 31 Aug 2007 08:15:50 +0000
+
+xen-3 (3.1.0-1) unstable; urgency=low
+
+ [ Julien Danjou ]
+ * New upstream version.
+
+ [ Ralph Passgang ]
+ * Added graphviz to Build-Indeps
+
+ [ Bastian Blank ]
+ * Upstream removed one part of the version. Do it also.
+ * Merge utils packages.
+ * Install blktap support.
+ * Install pygrub.
+ * Install xenfb tools.
+ * xenconsoled startup is racy, wait a little bit.
+
+ -- Bastian Blank <waldi@debian.org> Mon, 20 Aug 2007 15:05:08 +0000
+
+xen-3.0 (3.0.4-1-1) unstable; urgency=low
+
+ [ Bastian Blank ]
+ * New upstream version (closes: #394411)
+
+ [ Guido Trotter ]
+ * Actually try to build and release xen 3.0.4
+ * Update build dependencies
+
+ -- Guido Trotter <ultrotter@debian.org> Wed, 23 May 2007 11:57:29 +0100
+
+xen-3.0 (3.0.3-0-2) unstable; urgency=medium
+
+ [Bastian Blank]
+ * Remove device recreate code.
+ * Remove build dependency on linux-support-X
+
+ [ Guido Trotter ]
+ * Add missing build dependency on zlib1g-dev (closes: #396557)
+ * Add missing build dependencies on libncurses5-dev and x11proto-core-dev
+ (closes: #396561, #396567)
+
+ -- Guido Trotter <ultrotter@debian.org> Thu, 2 Nov 2006 16:38:02 +0000
+
+xen-3.0 (3.0.3-0-1) unstable; urgency=low
+
+ * New upstream version.
+
+ -- Bastian Blank <waldi@debian.org> Fri, 20 Oct 2006 11:04:35 +0000
+
+xen-3.0 (3.0.3~rc4+hg11760-1) unstable; urgency=low
+
+ * New upstream snapshot.
+ * Ignore update-grub errors. (closes: #392534)
+
+ -- Bastian Blank <waldi@debian.org> Sat, 14 Oct 2006 13:09:53 +0000
+
+xen-3.0 (3.0.3~rc1+hg11686-1) unstable; urgency=low
+
+ * New upstream snapshot.
+ * Rename ioemu package to include the complete version.
+ * Fix name of hypervisor. (closes: #391771)
+
+ -- Bastian Blank <waldi@debian.org> Mon, 9 Oct 2006 12:48:13 +0000
+
+xen-3.0 (3.0.2-3+hg9762-1) unstable; urgency=low
+
+ * New upstream snapshot.
+ * Rename hypervisor and utils packages to include the complete version.
+ * Redo build environment.
+
+ -- Bastian Blank <waldi@debian.org> Mon, 4 Sep 2006 18:43:12 +0000
+
+xen-3.0 (3.0.2+hg9697-2) unstable; urgency=low
+
+ [ Guido Trotter ]
+ * Update xen-utils' README.Debian (closes: #372524)
+
+ [ Bastian Blank ]
+ * Adopt new python policy. (closes: #380990)
+ * Add patch to make new kernels working on the hypervisor.
+
+ -- Bastian Blank <waldi@debian.org> Tue, 15 Aug 2006 19:20:08 +0000
+
+xen-3.0 (3.0.2+hg9697-1) unstable; urgency=low
+
+ [ Guido Trotter ]
+ * Update Standards Version
+ * Merge upstream fixes trunk (upstream 3.0.2-3 + a couple of fixes)
+
+ [ Bastian Blank ]
+ * Add xen-ioemu-3.0 package to support HVM guests (closes: #368496)
+
+ -- Guido Trotter <ultrotter@debian.org> Wed, 31 May 2006 10:50:05 +0200
+
+xen-3.0 (3.0.2+hg9681-1) unstable; urgency=low
+
+ * Update xen-hypervisor-3.0-i386 and xen-hypervisor-3.0-i386-pae
+ descriptions, specifying what the difference between the two packages is
+ (closes: #366019)
+ * Merge upstream fixes trunk
+
+ -- Guido Trotter <ultrotter@debian.org> Thu, 18 May 2006 15:25:02 +0200
+
+xen-3.0 (3.0.2+hg9656-1) unstable; urgency=low
+
+ * Merge upstream fixes trunk
+ - This includes a fix for CVE-2006-1056
+
+ -- Guido Trotter <ultrotter@debian.org> Thu, 27 Apr 2006 17:34:03 +0200
+
+xen-3.0 (3.0.2+hg9651-1) unstable; urgency=low
+
+ * Merge upstream fixes trunk
+ * Fix PAE disabled in pae build (Closes: #364875)
+
+ -- Julien Danjou <acid@debian.org> Wed, 26 Apr 2006 13:19:39 +0200
+
+xen-3.0 (3.0.2+hg9646-1) unstable; urgency=low
+
+ [ Guido Trotter ]
+ * Merge upstream fixes trunk
+
+ [ Bastian Blank ]
+ * debian/patches/libdir.dpatch: Update to make xm save work
+
+ -- Julien Danjou <acid@debian.org> Mon, 24 Apr 2006 18:02:07 +0200
+
+xen-3.0 (3.0.2+hg9611-1) unstable; urgency=low
+
+ * Merge upstream bug fixes
+ * Fix bug with xend init.d script
+
+ -- Julien Danjou <acid@debian.org> Wed, 12 Apr 2006 17:35:35 +0200
+
+xen-3.0 (3.0.2+hg9598-1) unstable; urgency=low
+
+ * New upstream release
+ * Fix copyright file
+
+ -- Julien Danjou <acid@debian.org> Mon, 10 Apr 2006 17:02:55 +0200
+
+xen-3.0 (3.0.1+hg8762-1) unstable; urgency=low
+
+ * The "preserve our homes" release
+ * Now cooperatively maintained by the Debian Xen Team
+ * New upstream release (closes: #327493, #342249)
+ * Build depend on transfig (closes: #321157)
+ * Use gcc rather than gcc-3.4 to compile (closes: #323698)
+ * Split xen-hypervisor-3.0 and xen-utils-3.0
+ * Build both normal and pae hypervisor packages
+ * Change maintainer and add uploaders field
+ * Add force-reload support for init script xendomains
+ * Remove dependency against bash
+ * Bump standards version to 3.6.2.2
+ * xen-utils-3.0 conflicts and replaces xen
+ * Add dpatch structure to the package
+ * Remove build-dependency on gcc (it's build essential anyway)
+ * Make SrvServer.py not executable
+ * Create NEWS.Debian file with important upgrade notices
+ * Update copyright file
+ * Remove the linux-patch-xen package
+ * Removed useless build-dependencies: libncurses5-dev, wget
+ * Changed xendomains config path to /etc/default
+ * xen-utils-3.0 now provides xen-utils and xen-hypervisor-3.0-i386 &
+ xen-hypervisor-3.0-i386-pae & xen-hypervizor-amd64 now provide
+ xen-hypervisor
+ * Made xen-utils-3.0.postinst more fault-tolerant, so that upgrading
+ xen2 -> xen3 don't fail because of a running xen2 hypervisor
+ * Updated the "Replaces & Conflicts"
+ * Install only and correctly udev files
+ * Compile date is no more in current locale
+ * Add patch which add the debian version and maintainer in the version
+ string and removes the banner.
+ * Don't install unusable cruft in xen-utils
+ * Remove libxen packages (no stable API/ABI)
+
+ -- Julien Danjou <acid@debian.org> Wed, 5 Apr 2006 16:05:07 +0200
+
+xen (2.0.6-1) unstable; urgency=low
+
+ * Patches applied upstream: non-xen-init-exit.patch, add-build.patch,
+ python-install.patch, disable-html-docs.patch.
+ * New upstream released. Closes: #311336.
+ * Remove comparison to UML from xen short description. Closes: #317066.
+ * Make packages conflicts with 1.2 doc debs. Closes: #304285.
+ * Add iproute to xen depends, as it uses /bin/ip. Closes: #300488,
+ #317468.
+
+ -- Adam Heath <doogie@brainfood.com> Wed, 06 Jul 2005 12:35:50 -0500
+
+xen (2.0.5-3) experimental; urgency=low
+
+ * Change priority/section to match the overrides file.
+
+ -- Adam Heath <doogie@brainfood.com> Fri, 18 Mar 2005 12:43:50 -0600
+
+xen (2.0.5-2) experimental; urgency=low
+
+ * Mike McCallister <mike+debian@metalogue.com>,
+ Tommi Virtanen <tv@debian.org>, Tom Hibbert <tom@nsp.co.nz>:
+ Fix missing '.' in update-rc.d call in xen.postinst. Closes: #299384
+
+ -- Adam Heath <doogie@brainfood.com> Fri, 18 Mar 2005 11:39:56 -0600
+
+xen (2.0.5-1) experimental; urgency=low
+
+ * New upstream.
+ * Remove pic-lib.patch, tools-misc-TARGETS.patch, and clean-mttr.patch
+ as they have been applied upstream(in various forms).
+ * xend now starts at priority 20, stops at 21, while xendomains starts
+ at 21, and stops at 20.
+
+ -- Adam Heath <doogie@brainfood.com> Fri, 11 Mar 2005 14:33:33 -0600
+
+xen (2.0.4-4) experimental; urgency=low
+
+ * Bah, major booboo. Add /boot to debian/xen.install, so xen.gz will
+ get shipped. Reported by Clint Adams <schizo@debian.org>.
+
+ -- Adam Heath <doogie@brainfood.com> Tue, 15 Feb 2005 13:00:57 -0600
+
+xen (2.0.4-3) experimental; urgency=low
+
+ * Fix file overlap(/usr/share/doc/xen/examples/*) between xen and
+ xen-docs. Reported by Tupshin Harper <tupshin@tupshin.com>.
+
+ -- Adam Heath <doogie@brainfood.com> Sun, 06 Feb 2005 01:22:45 -0600
+
+xen (2.0.4-2) experimental; urgency=low
+
+ * Fix kernel patch generation. It was broken when I integrated with
+ debian's kernel source. I used a symlink, and diff doesn't follow
+ those.
+
+ -- Adam Heath <doogie@brainfood.com> Sat, 05 Feb 2005 18:16:35 -0600
+
+xen (2.0.4-1) experimental; urgency=low
+
+ * New upstream.
+ * xen.deb can now install on a plain kernel; that is, the init scripts
+ exit successfully if /proc/xen/privcmd doesn't exist. This allows
+ for dual-boot setups.
+ * Manpages do not yet exist xend, xenperf, xensv, xfrd, nor xm. xend
+ xfrd are daemons, and take little if any options. I've not had a need
+ to use xenperf nor xensv yet. xm has nice built in help(xm help).
+ * Upstream now requires either linux 2.4.29, or 2.6.10. Since 2.4.29 is
+ not yet in debian, disable the 2.4 patch generation. Closes: #271245.
+ * Not certain how the kernel-patch-xen was empty. It's not now, with
+ the repackaging. Closes: #272299.
+ * Xen no longer produces kernel images, so problems about missing features
+ are no longer valid. Closes: #253924.
+ * Acknowledge nmu bugs:
+ * No longer build-depend on gcc 3.3, as the default gcc works. Closes:
+ #243048.
+
+ -- Adam Heath <doogie@brainfood.com> Sat, 05 Feb 2005 18:04:27 -0600
+
+xen (2.0.3-0.1) unstable; urgency=low
+
+ * Changes from Tommi Virtanen:
+ * Added dh-kpatches and libcurl3-dev to Build-Depends.
+ * Add /etc/xen/sv/params.py and /etc/xen/xend/params.py.
+ * Add xmexample1 and xmexample2 to xen/doc/examples.
+
+ -- Adam Heath <doogie@brainfood.com> Wed, 26 Jan 2005 10:55:07 -0600
+
+xen (2.0.3-0) unstable; urgency=low
+
+ * New upstream. Closes: #280733.
+ * Repackaged from scratch.
+ * Using unreleased patch management system. See debian/README.build.
+ * After extracting the .dsc, there are no special steps needed
+ * Those wanting to change the source, use the normal procedures for
+ any package, including using interdiff(or other tool) to send a
+ patch to me or the bts.
+ * No longer try to do anything fancy with regard to the layout of the
+ built kernels. Now, only patches are distributed. Please make use of
+ the xen support in kernel-package.
+ * Early preview release to #debian-devel.
+
+ -- Adam Heath <doogie@brainfood.com> Tue, 25 Jan 2005 13:24:54 -0600
+
+xen (1.2-4.1) unstable; urgency=high
+
+ * NMU
+ * Remove gcc-3.2 from Build-Depends as isn't used during build
+ (Closes: #243048)
+
+ -- Frank Lichtenheld <djpig@debian.org> Sat, 21 Aug 2004 17:42:28 +0200
+
+xen (1.2-4) unstable; urgency=low
+
+ * Added xen-docs.README.Debian, which explains the kernel image layout,
+ and contains references on the locations differ from what is mentioned
+ by the upstream documentation. Closes: #230345.
+
+ -- Adam Heath <doogie@brainfood.com> Fri, 26 Mar 2004 17:36:41 -0600
+
+xen (1.2-3) unstable; urgency=low
+
+ * Add kernel-source-2.4.25 and kernel-patch-debian-2.4.25 to
+ Build-Depends-Indep.
+
+ -- Adam Heath <doogie@brainfood.com> Tue, 23 Mar 2004 20:14:39 -0600
+
+xen (1.2-2) unstable; urgency=low
+
+ * xen: moved /boot/xen.gz to /usr/lib/kernels/xen-i386/images/vmlinuz
+ * kernel-image, kernel-modules: swapped i386/xeno to xeno/i386 in
+ /usr/lib/kernels.
+ * Add kernel-patch-nfs-swap deb.
+ * Apply additional patches to kernel-image-xen:
+ * nfs-group
+ * nfs-swap
+
+ -- Adam Heath <doogie@brainfood.com> Thu, 04 Mar 2004 12:47:47 -0600
+
+xen (1.2-1) unstable; urgency=low
+
+ * Initial version.
+
+ -- Adam Heath <doogie@brainfood.com> Tue, 02 Mar 2004 13:21:52 -0600
--- /dev/null
+Source: xen
+Section: kernel
+Priority: optional
+Maintainer: Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org>
+Uploaders: Guido Trotter <ultrotter@debian.org>, Bastian Blank <waldi@debian.org>, Ian Jackson <ian.jackson@eu.citrix.com>
+Standards-Version: 3.9.4
+Build-Depends: autotools-dev, debhelper (>> 9), dpkg-dev (>= 1.16.0~), lsb-release, python-dev, bcc [i386 amd64], gcc-multilib [i386 amd64], e2fslibs-dev, iasl, seabios (>= 1.7.4-2~) [i386 amd64], libaio-dev, libfdt-dev [armhf arm64], libglib2.0-dev, liblzma-dev, libncurses5-dev, libpixman-1-dev, libyajl-dev, pkg-config, uuid-dev, zlib1g-dev
+XS-Python-Version: current
+
+Package: libxen-4.8
+Architecture: amd64 arm64 armhf i386
+Section: libs
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Description: Public libs for Xen
+ This package contains the shared toolstack libraries for Xen.
+Multi-Arch: same
+
+Package: libxenstore3.0
+Architecture: amd64 arm64 armhf i386
+Section: libs
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Description: Xenstore communications library for Xen
+ This package contains the client library interface to XenStore. .
+Multi-Arch: same
+
+Package: libxen-dev
+Architecture: amd64 arm64 armhf i386
+Section: libdevel
+Depends: libxen-4.8 (= ${binary:Version}), libxenstore3.0 (= ${binary:Version}), ${misc:Depends}
+Description: Public headers and libs for Xen
+ This package contains the public headers and static libraries for Xen.
+ .
+ The libxenlight library is intended as a common base for all Xen toolstack
+ developers. The libxlutil library contains additional helpers which may
+ be useful to toolstack developers.
+ .
+ The libxenstore library allows userspace processes to interact with the
+ XenStore database. XenStore is a shared database used for interdomain
+ communication of configuration and status information. It is accessible
+ to all domains running on the same Xen host. See
+ http://wiki.xen.org/wiki/XenStore for more information.
+ .
+ The libxenctrl and libxenguest libraries are internal libraries intended
+ for use by the Xen toolstack and are not intended to be used directly.
+ Toolstack authors should use libxenlight.
+Multi-Arch: same
+
+Package: xenstore-utils
+Architecture: amd64 arm64 armhf i386
+Section: admin
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Replaces: xen-utils-common (<= 3.1.0-1)
+Conflicts: xen-utils-common (<= 3.1.0-1)
+Description: Xenstore command line utilities for Xen
+ This package contains command line utilities for interacting with
+ XenStore.
+ .
+ XenStore is a shared database used for interdomain communication of
+ configuration and status information. It is accessible to all domains
+ running on the same Xen host. See http://wiki.xen.org/wiki/XenStore for
+ more information.
+ .
+ In the common case these tools are used by the Xen toolstack running in
+ domain0 (or a driver domain) however they may also be used in a guest
+ domain to support local scripting which wants to communicate via XenStore.
+
+Package: xen-utils-common
+Architecture: all
+Depends: lsb-base, python, udev, xenstore-utils, ${misc:Depends}
+Description: Xen administrative tools - common files
+ The userspace tools to manage a system virtualized through the Xen virtual
+ machine monitor.
+ .
+ This package is only required on the host system (Domain 0) and not on the
+ virtual guest systems (Domain U).
+
+Package: xen-utils-4.8
+Architecture: amd64 arm64 armhf i386
+Provides: xen-utils
+Depends: ${shlibs:Depends}, ${misc:Depends}, ${python:Depends}, xen-utils-common (>= ${source:Version})
+Recommends: bridge-utils, libc6-xen [i386], xen-hypervisor-4.8, qemu-system-x86, grub-xen-host [i386 amd64]
+Suggests: qemu-utils [i386 amd64], seabios [i386 amd64]
+Description: XEN administrative tools
+ The userspace tools to manage a system virtualized through the XEN virtual
+ machine monitor.
+ .
+ qemu-utils and seabios are neded for "Xen HVM" (amd64 and i386)
+Built-Using: ${misc:Built-Using}
+
+Package: xen-hypervisor-4.8-amd64
+Architecture: amd64 i386
+Provides: xen-hypervisor, xen-hypervisor-4.8, xen-hypervisor-amd64
+Depends: ${misc:Depends}
+Recommends: xen-utils-4.8
+Description: Xen Hypervisor on AMD64
+ The hypervisor is the "core" for XEN itself. It gets booted by the boot
+ loader and controls cpu and memory, sharing them between your
+ administrative domain (Domain 0) and the virtual guest systems.
+ .
+ In order to boot a XEN system along with this package you also need a
+ kernel specifically crafted to work as the Domain 0, mediating hardware
+ access for XEN itself.
+
+Package: xen-system-amd64
+Architecture: amd64 i386
+Provides: xen-system
+Depends: xen-hypervisor-4.8-amd64, xen-utils-4.8, ${misc:Depends}
+Description: Xen System on AMD64 (meta-package)
+ This package depends on the latest Xen hypervisor for use on AMD64 and the
+ Xen utils.
+
+Package: xen-hypervisor-4.8-arm64
+Architecture: arm64
+Provides: xen-hypervisor, xen-hypervisor-4.8, xen-hypervisor-arm64
+Depends: ${misc:Depends}
+Recommends: xen-utils-4.8
+Description: Xen Hypervisor on ARM64
+ The hypervisor is the "core" for XEN itself. It gets booted by the boot
+ loader and controls cpu and memory, sharing them between your
+ administrative domain (Domain 0) and the virtual guest systems.
+ .
+ In order to boot a XEN system along with this package you also need a
+ kernel specifically crafted to work as the Domain 0, mediating hardware
+ access for XEN itself.
+
+Package: xen-system-arm64
+Architecture: arm64
+Provides: xen-system
+Depends: xen-hypervisor-4.8-arm64, xen-utils-4.8, ${misc:Depends}
+Description: Xen System on ARM64 (meta-package)
+ This package depends on the latest Xen hypervisor for use on ARM64 and the
+ Xen utils.
+
+Package: xen-hypervisor-4.8-armhf
+Architecture: armhf
+Provides: xen-hypervisor, xen-hypervisor-4.8, xen-hypervisor-armhf
+Depends: ${misc:Depends}
+Recommends: xen-utils-4.8
+Description: Xen Hypervisor on ARMHF
+ The hypervisor is the "core" for XEN itself. It gets booted by the boot
+ loader and controls cpu and memory, sharing them between your
+ administrative domain (Domain 0) and the virtual guest systems.
+ .
+ In order to boot a XEN system along with this package you also need a
+ kernel specifically crafted to work as the Domain 0, mediating hardware
+ access for XEN itself.
+
+Package: xen-system-armhf
+Architecture: armhf
+Provides: xen-system
+Depends: xen-hypervisor-4.8-armhf, xen-utils-4.8, ${misc:Depends}
+Description: Xen System on ARMHF (meta-package)
+ This package depends on the latest Xen hypervisor for use on ARMHF and the
+ Xen utils.
+
--- /dev/null
+414390ca652da67ac85ebd905500eb66 debian/changelog
+dc7b5d9f0538e3180af4e9aff9b0bd57 debian/bin/gencontrol.py
+20e336dbea44b1641802eff0dde9569b debian/templates/control.main.in
+a15fa64ce6deead28d33c1581b14dba7 debian/templates/xen-hypervisor.postinst.in
+fe9f3e8a9c9b716f7b4c5b7d7aec3128 debian/templates/control.system.latest.in
+03f63e67cf2d915bfbb535f8c9d9e2e4 debian/templates/xen-utils.postinst.in
+63ad8a975156f7bf2327f0e1dc7fc9e2 debian/templates/control.source.in
+22492e0565a4754b5e008ca7cac871da debian/templates/xen-hypervisor.postrm.in
+a4fad0ec66d977759a362165bf8aa31d debian/templates/control.hypervisor.in
+df5a318ff90cd0ca3ac7f1a8976bae39 debian/templates/control.utils.in
+dcabf82578122540e0534f72750698d5 debian/templates/xen-utils.lintian-overrides.in
+b6acd21c3924e6ec6f9c547afbbc7d9e debian/templates/xen-utils.prerm.in
+f48f31b0af755ff8b08b4575e94d6390 debian/arch/defines
+bda767ffd62b57de88b50731794f1374 debian/arch/i386/defines
+06efb201e83233c4607b13c8dad5c031 debian/arch/armhf/defines
+afd11afd204a8929340d194894572353 debian/arch/amd64/defines
+b6a35272efc8545fafab547e1cf492cb debian/arch/arm64/defines
--- /dev/null
+This work was downloaded from
+
+ http://xenbits.xensource.com/
+
+Copyright:
+
+ Copyright (C) 1998-2005 Hewlett-Packard Co
+ 1999-2006 Silicon Graphics, Inc
+ 2001-2006 IBM Corporation
+ 2005-2006 XenSource Inc
+ 2006-2010 Citrix Systems Inc.
+ and many others
+
+License:
+
+ This package is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License version 2 as
+ published by the Free Software Foundation.
+
+ This package is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>
+
+On Debian systems, the complete text of the GNU General
+Public License version 2 can be found in "/usr/share/common-licenses/GPL-2".
+
+The bundled qemu is:
+
+ Copyright (C) 2007 Alexander Graf
+ 2005,2007 Alex Beregszaszi
+ 2005-2008 Andrzej Zaborowski <balrog@zabor.org>
+ 2005-2007 Anthony Liguori <anthony@codemonkey.ws>
+ 2004 Antony T Curtis
+ 2007 Arastra, Inc.
+ 2007 Armin Kuster <akuster@kama-aina.net> or
+ 1999 AT&T Laboratories Cambridge
+ 2006,2007 Aurelien Jarno
+ 2007-2008 AXIS Communications AB
+ 2007-2008 Bull S.A.S.
+ 2006 Christian Limpach
+ 2008 Citrix Systems, Inc.
+ 2005-2008 CodeSourcery
+ 2007 Dan Aloni
+ 1995,1996 Danny Gasparovski
+ 2000-2003 David McCullough <davidm@snapgear.com>
+ 2008 Dmitry Baryshkov
+ 2007-2009 Edgar E. Iglesias, Axis Communications AB.
+ 1996-1999 Eduardo Horvath
+ 1998,2003-2008 Fabrice Bellard
+ 2005 Filip Navara
+ 2006 Frederick Reeve
+ 2009 Freescale Semiconductor
+ 1986-2007 Free Software Foundation, Inc.
+ 2004 Gianni Tedesco
+ 2008 Gleb Natapov
+ 2002 Greg Ungerer <gerg@snapgear.com>
+ 2007-2009 Hervé Poussineau
+ 2005,2007,2008 IBM Corporation
+ 2008 IBM Corporation
+ 2006 Igor Kovalenko
+ 2006 InnoTek Systemberatung GmbH
+ 1999-2008 Intel Corporation
+ 2009 Isaku Yamahata
+ 2003-2004 James Yonan
+ 2008 Jan Kiszka
+ 2006 Joachim Henke
+ 2003-2007 Jocelyn Mayer
+ 2004,2005 Johannes E. Schindelin
+ 2005 Julian Chesterfield and Andrew Warfield.
+ 2008 Kamala Narasimhan
+ 1998 Kenneth Albanowski <kjahds@kjahds.com>
+ 2008 Kevin Wolf
+ 2009 Kevin Wolf <kwolf@suse.de>
+ 2009 Laurent Vivier
+ 2007-2008 Lauro Ramos Venancio <lauro.venancio@indt.org.br>
+ 2000,2001 Lineo, by David McCullough <davidm@lineo.com>
+ 1991,1992,1996 Linus Torvalds
+ 2006 Lonnie Mendez
+ 2008 Lubomir Rintel
+ 2004,2007 Magnus Damm
+ 2004 Makoto Suzuki (suzu)
+ 2002-2006 Marcel Holtmann <marcel@holtmann.org>
+ 2006 Marius Groeger (FPU operations)
+ 2007 Marko Kohtala
+ 2002-2003 Maxim Krasnyansky <maxk@qualcomm.com>
+ 2008 Max Krasnyansky
+ 2005,2008 Mike Kronenberg
+ 2007 MontaVista Software, Inc
+ 2007 Neocleus Corporation.
+ 2007-2008 Nokia Corporation
+ 2001 OKTET Ltd., St.-Petersburg, Russia
+ 2006-2008 Openedhand Ltd.
+ 2007-2008 OpenMoko, Inc.
+ 1996 Paul Mackerras.
+ 2008 Paul Mundt
+ 2006 Pierre d'Herbemont
+ 2000-2001 Qualcomm Incorporated
+ 2006-2008 Qumranet Technologies
+ 1997-1999,2001,2009 Red Hat, Inc.
+ 1988,1989,1990,1991,1992 Richard Outerbridge
+ 2007 Robert Reif
+ 1998-2004 Samuel Rydh (samuel@ibrium.se)
+ 2005 Samuel Tardieu
+ 2007,2008 Samuel Thibault
+ 2008 Semihalf
+ 2008 Shin-ichiro KAWASAKI
+ 2002 SnapGear, by Paul Dale <pauli@snapgear.com>
+ 2006-2007 Stefan Weil
+ 2008 Takashi YOSHII
+ 1999,2000 Tatsuyuki Satoh , MultiArcadeMachineEmurator development
+ 1993 Theodore Ts'o
+ 2006,2007 Thiemo Seufer
+ 2003 Thomas M. Ogrisegg <tom@fnord.at>
+ 2006 Thomas Sailer
+ 1998-2001,2003 Thomas Sailer (t.sailer@alumni.ethz.ch)
+ 2006,2007 Thorsten Zitterell
+ 2000-2007 Tibor "TS" Schütz
+ 2008 TJ <linux@tjworld.net>
+ 2002-2005 Vassili Karpov (malc)
+ 2005 Vassili Karpov (malc)
+ 2007 Vladimir Ananiev <vovan888@gmail.com>
+ 2006 XenSource
+
+The Debian packaging is:
+
+ Copyright (C) 2008-2010 Bastian Blank <waldi@debian.org>
+
+you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or
+(at your option) any later version.
+
+The following parts are subject of a different license:
+* tools/firmware/vgabios
+* tools/libaio
+* tools/libxen
+* tools/xenstat/libxenstat
+* tools/xenstore
+
+ This package is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ This package is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+On Debian systems, the complete text of the GNU Lesser General
+Public License can be found in "/usr/share/common-licenses/LGPL-2".
+
+Files in xen/include/public are subject to the following license:
+
+ Permission is hereby granted, free of charge, to any person obtaining a
+ copy of this software and associated documentation files (the "Software"),
+ to deal in the Software without restriction, including without limitation
+ the rights to use, copy, modify, merge, publish, distribute, sublicense,
+ and/or sell copies of the Software, and to permit persons to whom the
+ Software is furnished to do so, subject to the following conditions:
+
+ The above copyright notice and this permission notice shall be included in
+ all copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ DEALINGS IN THE SOFTWARE.
+
+Files in extra/mini-os are subject to the following license:
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
+ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ SUCH DAMAGE.
+
+Files in tools/vtpm_manager are subject to the following license:
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above
+ copyright notice, this list of conditions and the following
+ disclaimer in the documentation and/or other materials provided
+ with the distribution.
+ * Neither the name of Intel Corporation nor the names of its
+ contributors may be used to endorse or promote products derived
+ from this software without specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ OF THE POSSIBILITY OF SUCH DAMAGE.
+
+File tools/python/test.py is subject to the following license:
+
+ This software is Copyright (c) Zope Corporation (tm) and
+ Contributors. All rights reserved.
+
+ This license has been certified as open source. It has also
+ been designated as GPL compatible by the Free Software
+ Foundation (FSF).
+
+ Redistribution and use in source and binary forms, with or
+ without modification, are permitted provided that the
+ following conditions are met:
+
+ 1. Redistributions in source code must retain the above
+ copyright notice, this list of conditions, and the following
+ disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above
+ copyright notice, this list of conditions, and the following
+ disclaimer in the documentation and/or other materials
+ provided with the distribution.
+
+ 3. The name Zope Corporation (tm) must not be used to
+ endorse or promote products derived from this software
+ without prior written permission from Zope Corporation.
+
+ 4. The right to distribute this software or to use it for
+ any purpose does not give you the right to use Servicemarks
+ (sm) or Trademarks (tm) of Zope Corporation. Use of them is
+ covered in a separate agreement (see
+ http://www.zope.com/Marks).
+
+ 5. If any files are modified, you must cause the modified
+ files to carry prominent notices stating that you changed
+ the files and the date of any change.
+
+ Disclaimer
+
+ THIS SOFTWARE IS PROVIDED BY ZOPE CORPORATION ``AS IS''
+ AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT
+ NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN
+ NO EVENT SHALL ZOPE CORPORATION OR ITS CONTRIBUTORS BE
+ LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+ OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
+ DAMAGE.
+
+ This software consists of contributions made by Zope
+ Corporation and many individuals on behalf of Zope
+ Corporation. Specific attributions are listed in the
+ accompanying credits file.
+
+Files in tools/python/logging are subject to the following license:
+
+ Copyright (C) 2001-2004 by Vinay Sajip. All Rights Reserved.
+
+ Permission to use, copy, modify, and distribute this software and its
+ documentation for any purpose and without fee is hereby granted,
+ provided that the above copyright notice appear in all copies and that
+ both that copyright notice and this permission notice appear in
+ supporting documentation, and that the name of Vinay Sajip
+ not be used in advertising or publicity pertaining to distribution
+ of the software without specific, written prior permission.
+
+ VINAY SAJIP DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING
+ ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
+ VINAY SAJIP BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR
+ ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
+ AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
+ IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
--- /dev/null
+def _setup():
+ import os.path, sys
+ version = None
+ rules = os.path.join(__path__[0], "../../../rules.defs")
+ f = open(rules)
+ for l in f:
+ l = l.strip().split()
+ if l[0] == 'KERNELVERSION':
+ version = l[-1]
+ f.close()
+ if version is None:
+ raise RuntimeError("Can't find KERNELVERSION setting")
+ global support
+ support = '/usr/src/linux-support-%s' % version
+ if not os.path.exists(support):
+ raise RuntimeError("Can't find %s, please install the linux-support-%s package" % (support, version))
+ sys.path.append('%s/lib/python' % support)
+
+_setup()
--- /dev/null
+import re
+from debian_linux.debian import Version
+
+
+class VersionXen(Version):
+ _version_xen_rules = r"""
+^
+(?P<version>
+ \d+\.\d+
+)
+(?:
+ \.\d+
+ (?:
+ ~rc\d+
+ )?
+ (?:
+ \+hg-\d+.[a-z0-9]+
+ )?
+ (?:
+ ~pre\.\d{4,}\.\d{2}\.\d{2}(?:\b[-+0-9a-z])?
+ )?
+ |
+ ~hg-\d+.[a-z0-9]+
+)
+-
+(?:[^-]+)
+$
+"""
+ _version_xen_re = re.compile(_version_xen_rules, re.X)
+
+ def __init__(self, version):
+ super(VersionXen, self).__init__(version)
+ match = self._version_xen_re.match(version)
+ if match is None:
+ raise ValueError("Invalid debian xen version")
+ d = match.groupdict()
+ self.xen_version = d['version']
+
--- /dev/null
+usr/lib/*/libxenctrl.a
+usr/lib/*/libxenctrl.so
+usr/lib/*/libxenguest.a
+usr/lib/*/libxenguest.so
+usr/lib/*/libxenlight.a
+usr/lib/*/libxenlight.so
+usr/lib/*/libxenstore.a
+usr/lib/*/libxenstore.so
+usr/lib/*/libxlutil.a
+usr/lib/*/libxlutil.so
+usr/lib/*/libxencall.a
+usr/lib/*/libxencall.so
+usr/lib/*/libxenevtchn.a
+usr/lib/*/libxenevtchn.so
+usr/lib/*/libxenforeignmemory.a
+usr/lib/*/libxenforeignmemory.so
+usr/lib/*/libxengnttab.a
+usr/lib/*/libxengnttab.so
+usr/lib/*/libxentoollog.a
+usr/lib/*/libxentoollog.so
+usr/include/_libxl*.h
+usr/include/libxl*.h
+usr/include/xenctrl.h
+usr/include/xenguest.h
+usr/include/xenstore*.h
+usr/include/xenstore-compat/xs* usr/include
+usr/include/xentoollog.h
+usr/include/xen
+usr/lib/*/pkgconfig/*.pc
+# New headers in xen-4.8
+#usr/include/fsimage_grub.h
+#usr/include/fsimage.h
+#usr/include/fsimage_plugin.h
+#usr/include/libxenvchan.h
+usr/include/xencall.h
+usr/include/xenctrl_compat.h
+usr/include/xenevtchn.h
+usr/include/xenforeignmemory.h
+usr/include/xengnttab.h
+usr/include/xenstat.h
--- /dev/null
+usr/lib/*/libxenstore.so.*
--- /dev/null
+libxenstore.so.3.0 libxenstore3.0 #MINVER#
+ expanding_buffer_ensure@Base 3.2.0
+ sanitise_value@Base 3.2.0
+ unsanitise_value@Base 3.2.0
+ xprintf@Base 3.2.0
+ xs_check_watch@Base 4.2~
+ xs_close@Base 4.1.0~rc6
+ xs_count_strings@Base 3.2.0
+ xs_daemon_close@Base 3.2.0
+ xs_daemon_destroy_postfork@Base 4.0.1~rc4
+ xs_daemon_open@Base 3.2.0
+ xs_daemon_open_readonly@Base 3.2.0
+ xs_daemon_rootdir@Base 3.2.0
+ xs_daemon_rundir@Base 3.2.0
+ xs_daemon_socket@Base 3.2.0
+ xs_daemon_socket_ro@Base 3.2.0
+ xs_daemon_tdb@Base 3.2.0
+ xs_debug_command@Base 3.2.0
+ xs_directory@Base 3.2.0
+ xs_domain_dev@Base 3.2.0
+ xs_domain_open@Base 3.2.0
+ xs_fileno@Base 3.2.0
+ xs_get_domain_path@Base 3.2.0
+ xs_get_permissions@Base 3.2.0
+ xs_introduce_domain@Base 3.2.0
+ xs_is_domain_introduced@Base 3.2.0
+ xs_mkdir@Base 3.2.0
+ xs_open@Base 4.1.0~rc6
+ xs_path_is_subpath@Base 4.2~
+ xs_perm_to_string@Base 3.2.0
+ xs_read@Base 3.2.0
+ xs_read_watch@Base 3.2.0
+ xs_release_domain@Base 3.2.0
+ xs_restrict@Base 4.1.0~rc6
+ xs_resume_domain@Base 3.2.0
+ xs_rm@Base 3.2.0
+ xs_set_permissions@Base 3.2.0
+ xs_set_target@Base 3.4.0
+ xs_strings_to_perms@Base 3.2.0
+ xs_suspend_evtchn_port@Base 3.4.0
+ xs_transaction_end@Base 3.2.0
+ xs_transaction_start@Base 3.2.0
+ xs_unwatch@Base 3.2.0
+ xs_watch@Base 3.2.0
+ xs_write@Base 3.2.0
+ xs_write_all@Base 3.2.0
--- /dev/null
+From: Julien Grall <julien.grall@arm.com>
+Date: Tue, 20 Jun 2017 13:24:47 +0100
+X-Dgit-Generated: 4.8.1-1+deb9u2 eb44d9032d2f1917d6eee889df7a37602435b483
+Subject: arm: vgic: Don't update the LR when the IRQ is not enabled
+
+gic_raise_inflight_irq will be called if the IRQ is already inflight
+(i.e the IRQ is injected to the guest). If the IRQ is already already in
+the LRs, then the associated LR will be updated.
+
+To know if the interrupt is already in the LR, the function check if the
+interrupt is queued. However, if the interrupt is not enabled then the
+interrupt may not be queued nor in the LR. So gic_update_one_lr may be
+called (if we inject on the current vCPU) and read the LR.
+
+Because the interrupt is not in the LR, Xen will either read:
+ * LR 0 if the interrupt was never injected before
+ * LR 255 (GIC_INVALID_LR) if the interrupt was injected once. This
+ is because gic_update_one_lr will reset p->lr.
+
+Reading LR 0 will result to potentially update the wrong interrupt and
+not keep the LRs in sync with Xen.
+
+Reading LR 255 will result to:
+ * Crash Xen on GICv3 as the LR index is bigger than supported (see
+ gicv3_ich_read_lr).
+ * Read/write always GICH_LR + 255 * 4 that is not part of the memory
+ mapped.
+
+The problem can be prevented by checking whether the interrupt is
+enabled in gic_raise_inflight_irq before calling gic_update_one_lr.
+
+A follow-up of this patch is expected to mitigate the issue in the
+future.
+
+This is XSA-223.
+
+Reported-by: Julien Grall <julien.grall@arm.com>
+Signed-off-by: Julien Grall <julien.grall@arm.com>
+Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
+
+---
+
+--- xen-4.8.1.orig/xen/arch/arm/gic.c
++++ xen-4.8.1/xen/arch/arm/gic.c
+@@ -418,6 +418,10 @@ void gic_raise_inflight_irq(struct vcpu
+
+ ASSERT(spin_is_locked(&v->arch.vgic.lock));
+
++ /* Don't try to update the LR if the interrupt is disabled */
++ if ( !test_bit(GIC_IRQ_GUEST_ENABLED, &n->status) )
++ return;
++
+ if ( list_empty(&n->lr_queue) )
+ {
+ if ( v == current )
--- /dev/null
+From: Jan Beulich <jbeulich@suse.com>
+Date: Thu, 7 Sep 2017 18:19:26 +0100
+X-Dgit-Generated: 4.8.1-1+deb9u3 6cb32448a8e4317a97b8aa1fbd5e28de71febb5a
+Subject: arm/mm: release grant lock on xenmem_add_to_physmap_one() error paths
+
+Commit 55021ff9ab ("xen/arm: add_to_physmap_one: Avoid to map mfn 0 if
+an error occurs") introduced error paths not releasing the grant table
+lock. Replace them by a suitable check after the lock was dropped.
+
+This is XSA-235.
+
+Reported-by: Wei Liu <wei.liu2@citrix.com>
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-by: Julien Grall <julien.grall@arm.com>
+
+---
+
+--- xen-4.8.1.orig/xen/arch/arm/mm.c
++++ xen-4.8.1/xen/arch/arm/mm.c
+@@ -1112,7 +1112,7 @@ int xenmem_add_to_physmap_one(
+ if ( idx < nr_status_frames(d->grant_table) )
+ mfn = virt_to_mfn(d->grant_table->status[idx]);
+ else
+- return -EINVAL;
++ mfn = mfn_x(INVALID_MFN);
+ }
+ else
+ {
+@@ -1123,14 +1123,21 @@ int xenmem_add_to_physmap_one(
+ if ( idx < nr_grant_frames(d->grant_table) )
+ mfn = virt_to_mfn(d->grant_table->shared_raw[idx]);
+ else
+- return -EINVAL;
++ mfn = mfn_x(INVALID_MFN);
+ }
+
+- d->arch.grant_table_gfn[idx] = gfn;
++ if ( mfn != mfn_x(INVALID_MFN) )
++ {
++ d->arch.grant_table_gfn[idx] = gfn;
+
+- t = p2m_ram_rw;
++ t = p2m_ram_rw;
++ }
+
+ grant_write_unlock(d->grant_table);
++
++ if ( mfn == mfn_x(INVALID_MFN) )
++ return -EINVAL;
++
+ break;
+ case XENMAPSPACE_shared_info:
+ if ( idx != 0 )
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 5 Jul 2014 11:46:45 +0200
+X-Dgit-Generated: 4.8.1-1 a376dc60f2926c349685de141c3993c7d791a494
+Subject: config-prefix.diff
+
+Patch-Name: config-prefix.diff
+
+---
+
+--- xen-4.8.1.orig/Config.mk
++++ xen-4.8.1/Config.mk
+@@ -82,7 +82,7 @@ EXTRA_LIB += $(EXTRA_PREFIX)/lib
+ endif
+
+ PYTHON ?= python
+-PYTHON_PREFIX_ARG ?= --prefix="$(prefix)"
++PYTHON_PREFIX_ARG ?= --home="$(LIBEXEC)"
+ # The above requires that prefix contains *no spaces*. This variable is here
+ # to permit the user to set PYTHON_PREFIX_ARG to '' to workaround this bug:
+ # https://bugs.launchpad.net/ubuntu/+bug/362570
+--- xen-4.8.1.orig/config/Paths.mk.in
++++ xen-4.8.1/config/Paths.mk.in
+@@ -13,6 +13,7 @@
+ # http://wiki.xen.org/wiki/Category:Host_Configuration#System_wide_xen_configuration
+
+ PACKAGE_TARNAME := @PACKAGE_TARNAME@
++PACKAGE_VERSION := @PACKAGE_VERSION@
+ prefix := @prefix@
+ bindir := @bindir@
+ sbindir := @sbindir@
--- /dev/null
+From: Jan Beulich <jbeulich@suse.com>
+Date: Tue, 20 Jun 2017 13:24:06 +0100
+X-Dgit-Generated: 4.8.1-1+deb9u2 bd58decc7c116363753450f3c281c6b7f6b3c721
+Subject: evtchn: avoid NULL derefs
+
+Commit fbbd5009e6 ("evtchn: refactor low-level event channel port ops")
+added a de-reference of the struct evtchn pointer for a port without
+first making sure the bucket pointer is non-NULL. This de-reference is
+actually entirely unnecessary, as all relevant callers (beyond the
+problematic do_poll()) already hold the port number in their hands, and
+the actual leaf functions need nothing else.
+
+For FIFO event channels there's a second problem in that the ordering
+of reads and updates to ->num_evtchns and ->event_array[] was so far
+undefined (the read side isn't always holding the domain's event lock).
+Add respective barriers.
+
+This is XSA-221.
+
+Reported-by: Ankur Arora <ankur.a.arora@oracle.com>
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+
+---
+
+--- xen-4.8.1.orig/xen/arch/x86/irq.c
++++ xen-4.8.1/xen/arch/x86/irq.c
+@@ -1487,7 +1487,7 @@ int pirq_guest_unmask(struct domain *d)
+ {
+ pirq = pirqs[i]->pirq;
+ if ( pirqs[i]->masked &&
+- !evtchn_port_is_masked(d, evtchn_from_port(d, pirqs[i]->evtchn)) )
++ !evtchn_port_is_masked(d, pirqs[i]->evtchn) )
+ pirq_guest_eoi(pirqs[i]);
+ }
+ } while ( ++pirq < d->nr_pirqs && n == ARRAY_SIZE(pirqs) );
+@@ -2245,7 +2245,6 @@ static void dump_irqs(unsigned char key)
+ int i, irq, pirq;
+ struct irq_desc *desc;
+ irq_guest_action_t *action;
+- struct evtchn *evtchn;
+ struct domain *d;
+ const struct pirq *info;
+ unsigned long flags;
+@@ -2288,11 +2287,10 @@ static void dump_irqs(unsigned char key)
+ d = action->guest[i];
+ pirq = domain_irq_to_pirq(d, irq);
+ info = pirq_info(d, pirq);
+- evtchn = evtchn_from_port(d, info->evtchn);
+ printk("%u:%3d(%c%c%c)",
+ d->domain_id, pirq,
+- (evtchn_port_is_pending(d, evtchn) ? 'P' : '-'),
+- (evtchn_port_is_masked(d, evtchn) ? 'M' : '-'),
++ evtchn_port_is_pending(d, info->evtchn) ? 'P' : '-',
++ evtchn_port_is_masked(d, info->evtchn) ? 'M' : '-',
+ (info->masked ? 'M' : '-'));
+ if ( i != action->nr_guests )
+ printk(",");
+--- xen-4.8.1.orig/xen/common/event_2l.c
++++ xen-4.8.1/xen/common/event_2l.c
+@@ -62,16 +62,20 @@ static void evtchn_2l_unmask(struct doma
+ }
+ }
+
+-static bool_t evtchn_2l_is_pending(struct domain *d,
+- const struct evtchn *evtchn)
++static bool_t evtchn_2l_is_pending(struct domain *d, evtchn_port_t port)
+ {
+- return test_bit(evtchn->port, &shared_info(d, evtchn_pending));
++ unsigned int max_ports = BITS_PER_EVTCHN_WORD(d) * BITS_PER_EVTCHN_WORD(d);
++
++ ASSERT(port < max_ports);
++ return port < max_ports && test_bit(port, &shared_info(d, evtchn_pending));
+ }
+
+-static bool_t evtchn_2l_is_masked(struct domain *d,
+- const struct evtchn *evtchn)
++static bool_t evtchn_2l_is_masked(struct domain *d, evtchn_port_t port)
+ {
+- return test_bit(evtchn->port, &shared_info(d, evtchn_mask));
++ unsigned int max_ports = BITS_PER_EVTCHN_WORD(d) * BITS_PER_EVTCHN_WORD(d);
++
++ ASSERT(port < max_ports);
++ return port >= max_ports || test_bit(port, &shared_info(d, evtchn_mask));
+ }
+
+ static void evtchn_2l_print_state(struct domain *d,
+--- xen-4.8.1.orig/xen/common/event_channel.c
++++ xen-4.8.1/xen/common/event_channel.c
+@@ -1381,8 +1381,8 @@ static void domain_dump_evtchn_info(stru
+
+ printk(" %4u [%d/%d/",
+ port,
+- !!evtchn_port_is_pending(d, chn),
+- !!evtchn_port_is_masked(d, chn));
++ evtchn_port_is_pending(d, port),
++ evtchn_port_is_masked(d, port));
+ evtchn_port_print_state(d, chn);
+ printk("]: s=%d n=%d x=%d",
+ chn->state, chn->notify_vcpu_id, chn->xen_consumer);
+--- xen-4.8.1.orig/xen/common/event_fifo.c
++++ xen-4.8.1/xen/common/event_fifo.c
+@@ -28,6 +28,12 @@ static inline event_word_t *evtchn_fifo_
+ if ( unlikely(port >= d->evtchn_fifo->num_evtchns) )
+ return NULL;
+
++ /*
++ * Callers aren't required to hold d->event_lock, so we need to synchronize
++ * with add_page_to_event_array().
++ */
++ smp_rmb();
++
+ p = port / EVTCHN_FIFO_EVENT_WORDS_PER_PAGE;
+ w = port % EVTCHN_FIFO_EVENT_WORDS_PER_PAGE;
+
+@@ -288,24 +294,22 @@ static void evtchn_fifo_unmask(struct do
+ evtchn_fifo_set_pending(v, evtchn);
+ }
+
+-static bool_t evtchn_fifo_is_pending(struct domain *d,
+- const struct evtchn *evtchn)
++static bool_t evtchn_fifo_is_pending(struct domain *d, evtchn_port_t port)
+ {
+ event_word_t *word;
+
+- word = evtchn_fifo_word_from_port(d, evtchn->port);
++ word = evtchn_fifo_word_from_port(d, port);
+ if ( unlikely(!word) )
+ return 0;
+
+ return test_bit(EVTCHN_FIFO_PENDING, word);
+ }
+
+-static bool_t evtchn_fifo_is_masked(struct domain *d,
+- const struct evtchn *evtchn)
++static bool_t evtchn_fifo_is_masked(struct domain *d, evtchn_port_t port)
+ {
+ event_word_t *word;
+
+- word = evtchn_fifo_word_from_port(d, evtchn->port);
++ word = evtchn_fifo_word_from_port(d, port);
+ if ( unlikely(!word) )
+ return 1;
+
+@@ -594,6 +598,10 @@ static int add_page_to_event_array(struc
+ return rc;
+
+ d->evtchn_fifo->event_array[slot] = virt;
++
++ /* Synchronize with evtchn_fifo_word_from_port(). */
++ smp_wmb();
++
+ d->evtchn_fifo->num_evtchns += EVTCHN_FIFO_EVENT_WORDS_PER_PAGE;
+
+ /*
+--- xen-4.8.1.orig/xen/common/schedule.c
++++ xen-4.8.1/xen/common/schedule.c
+@@ -955,7 +955,7 @@ static long do_poll(struct sched_poll *s
+ goto out;
+
+ rc = 0;
+- if ( evtchn_port_is_pending(d, evtchn_from_port(d, port)) )
++ if ( evtchn_port_is_pending(d, port) )
+ goto out;
+ }
+
+--- xen-4.8.1.orig/xen/include/xen/event.h
++++ xen-4.8.1/xen/include/xen/event.h
+@@ -137,8 +137,8 @@ struct evtchn_port_ops {
+ void (*set_pending)(struct vcpu *v, struct evtchn *evtchn);
+ void (*clear_pending)(struct domain *d, struct evtchn *evtchn);
+ void (*unmask)(struct domain *d, struct evtchn *evtchn);
+- bool_t (*is_pending)(struct domain *d, const struct evtchn *evtchn);
+- bool_t (*is_masked)(struct domain *d, const struct evtchn *evtchn);
++ bool_t (*is_pending)(struct domain *d, evtchn_port_t port);
++ bool_t (*is_masked)(struct domain *d, evtchn_port_t port);
+ /*
+ * Is the port unavailable because it's still being cleaned up
+ * after being closed?
+@@ -175,15 +175,15 @@ static inline void evtchn_port_unmask(st
+ }
+
+ static inline bool_t evtchn_port_is_pending(struct domain *d,
+- const struct evtchn *evtchn)
++ evtchn_port_t port)
+ {
+- return d->evtchn_port_ops->is_pending(d, evtchn);
++ return d->evtchn_port_ops->is_pending(d, port);
+ }
+
+ static inline bool_t evtchn_port_is_masked(struct domain *d,
+- const struct evtchn *evtchn)
++ evtchn_port_t port)
+ {
+- return d->evtchn_port_ops->is_masked(d, evtchn);
++ return d->evtchn_port_ops->is_masked(d, port);
+ }
+
+ static inline bool_t evtchn_port_is_busy(struct domain *d, evtchn_port_t port)
--- /dev/null
+From: Jan Beulich <jbeulich@suse.com>
+Date: Thu, 15 Jun 2017 16:25:27 +0100
+X-Dgit-Generated: 4.8.1-1+deb9u2 82a12bfd92a12b98d861585a1b3b2dee64495b6a
+Subject: gnttab: __gnttab_unmap_common_complete() is all-or-nothing
+
+All failures have to be detected in __gnttab_unmap_common(), the
+completion function must not skip part of its processing. In particular
+the GNTMAP_device_map related putting of page references and adjustment
+of pin count must not occur if __gnttab_unmap_common() signaled an
+error. Furthermore the function must not make adjustments to global
+state (here: clearing GNTTAB_device_map) before all possibly failing
+operations have been performed.
+
+There's one exception for IOMMU related failures: As IOMMU manipulation
+occurs after GNTMAP_*_map have been cleared already, the related page
+reference and pin count adjustments need to be done nevertheless. A
+fundamental requirement for the correctness of this is that
+iommu_{,un}map_page() crash any affected DomU in case of failure.
+
+The version check appears to be pointless (or could perhaps be a
+BUG_ON() or ASSERT()), but for the moment also move it.
+
+This is part of XSA-224.
+
+Reported-by: Jan Beulich <jbeulich@suse.com>
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+
+---
+
+--- xen-4.8.1.orig/xen/common/grant_table.c
++++ xen-4.8.1/xen/common/grant_table.c
+@@ -96,7 +96,7 @@ struct gnttab_unmap_common {
+ int16_t status;
+
+ /* Shared state beteen *_unmap and *_unmap_complete */
+- u16 flags;
++ u16 done;
+ unsigned long frame;
+ struct domain *rd;
+ grant_ref_t ref;
+@@ -948,7 +948,8 @@ __gnttab_map_grant_ref(
+ refcnt++;
+ }
+
+- if ( gnttab_host_mapping_get_page_type(op, ld, rd) )
++ if ( gnttab_host_mapping_get_page_type(op->flags & GNTMAP_readonly,
++ ld, rd) )
+ {
+ if ( (owner == dom_cow) ||
+ !get_page_type(pg, PGT_writable_page) )
+@@ -1095,6 +1096,7 @@ __gnttab_unmap_common(
+ struct active_grant_entry *act;
+ s16 rc = 0;
+ struct grant_mapping *map;
++ unsigned int flags;
+ bool put_handle = false;
+
+ ld = current->domain;
+@@ -1145,6 +1147,20 @@ __gnttab_unmap_common(
+
+ grant_read_lock(rgt);
+
++ if ( rgt->gt_version == 0 )
++ {
++ /*
++ * This ought to be impossible, as such a mapping should not have
++ * been established (see the nr_grant_entries(rgt) bounds check in
++ * __gnttab_map_grant_ref()). Doing this check only in
++ * __gnttab_unmap_common_complete() - as it used to be done - would,
++ * however, be too late.
++ */
++ rc = GNTST_bad_gntref;
++ flags = 0;
++ goto unlock_out;
++ }
++
+ op->rd = rd;
+ op->ref = map->ref;
+
+@@ -1160,6 +1176,7 @@ __gnttab_unmap_common(
+ {
+ gdprintk(XENLOG_WARNING, "Unstable handle %u\n", op->handle);
+ rc = GNTST_bad_handle;
++ flags = 0;
+ goto unlock_out;
+ }
+
+@@ -1173,9 +1190,9 @@ __gnttab_unmap_common(
+ * hold anyway; see docs/misc/grant-tables.txt's "Locking" section.
+ */
+
+- op->flags = read_atomic(&map->flags);
++ flags = read_atomic(&map->flags);
+ smp_rmb();
+- if ( unlikely(!op->flags) || unlikely(map->domid != dom) ||
++ if ( unlikely(!flags) || unlikely(map->domid != dom) ||
+ unlikely(map->ref != op->ref) )
+ {
+ gdprintk(XENLOG_WARNING, "Unstable handle %#x\n", op->handle);
+@@ -1185,24 +1202,27 @@ __gnttab_unmap_common(
+
+ op->frame = act->frame;
+
+- if ( op->dev_bus_addr )
+- {
+- if ( unlikely(op->dev_bus_addr != pfn_to_paddr(act->frame)) )
+- PIN_FAIL(act_release_out, GNTST_general_error,
+- "Bus address doesn't match gntref (%"PRIx64" != %"PRIpaddr")\n",
+- op->dev_bus_addr, pfn_to_paddr(act->frame));
+-
+- map->flags &= ~GNTMAP_device_map;
+- }
++ if ( op->dev_bus_addr &&
++ unlikely(op->dev_bus_addr != pfn_to_paddr(act->frame)) )
++ PIN_FAIL(act_release_out, GNTST_general_error,
++ "Bus address doesn't match gntref (%"PRIx64" != %"PRIpaddr")\n",
++ op->dev_bus_addr, pfn_to_paddr(act->frame));
+
+- if ( (op->host_addr != 0) && (op->flags & GNTMAP_host_map) )
++ if ( op->host_addr && (flags & GNTMAP_host_map) )
+ {
+ if ( (rc = replace_grant_host_mapping(op->host_addr,
+ op->frame, op->new_addr,
+- op->flags)) < 0 )
++ flags)) < 0 )
+ goto act_release_out;
+
+ map->flags &= ~GNTMAP_host_map;
++ op->done |= GNTMAP_host_map | (flags & GNTMAP_readonly);
++ }
++
++ if ( op->dev_bus_addr && (flags & GNTMAP_device_map) )
++ {
++ map->flags &= ~GNTMAP_device_map;
++ op->done |= GNTMAP_device_map | (flags & GNTMAP_readonly);
+ }
+
+ if ( !(map->flags & (GNTMAP_device_map|GNTMAP_host_map)) )
+@@ -1239,7 +1259,7 @@ __gnttab_unmap_common(
+ }
+
+ /* If just unmapped a writable mapping, mark as dirtied */
+- if ( rc == GNTST_okay && !(op->flags & GNTMAP_readonly) )
++ if ( rc == GNTST_okay && !(flags & GNTMAP_readonly) )
+ gnttab_mark_dirty(rd, op->frame);
+
+ op->status = rc;
+@@ -1256,13 +1276,9 @@ __gnttab_unmap_common_complete(struct gn
+ struct page_info *pg;
+ uint16_t *status;
+
+- if ( rd == NULL )
++ if ( !op->done )
+ {
+- /*
+- * Suggests that __gntab_unmap_common failed in
+- * rcu_lock_domain_by_id() or earlier, and so we have nothing
+- * to complete
+- */
++ /* __gntab_unmap_common() didn't do anything - nothing to complete. */
+ return;
+ }
+
+@@ -1272,8 +1288,6 @@ __gnttab_unmap_common_complete(struct gn
+ rgt = rd->grant_table;
+
+ grant_read_lock(rgt);
+- if ( rgt->gt_version == 0 )
+- goto unlock_out;
+
+ act = active_entry_acquire(rgt, op->ref);
+ sha = shared_entry_header(rgt, op->ref);
+@@ -1283,72 +1297,50 @@ __gnttab_unmap_common_complete(struct gn
+ else
+ status = &status_entry(rgt, op->ref);
+
+- if ( op->dev_bus_addr &&
+- unlikely(op->dev_bus_addr != pfn_to_paddr(act->frame)) )
+- {
+- /*
+- * Suggests that __gntab_unmap_common failed early and so
+- * nothing further to do
+- */
+- goto act_release_out;
+- }
+-
+ pg = mfn_to_page(op->frame);
+
+- if ( op->dev_bus_addr && (op->flags & GNTMAP_device_map) )
++ if ( op->done & GNTMAP_device_map )
+ {
+ if ( !is_iomem_page(act->frame) )
+ {
+- if ( op->flags & GNTMAP_readonly )
++ if ( op->done & GNTMAP_readonly )
+ put_page(pg);
+ else
+ put_page_and_type(pg);
+ }
+
+ ASSERT(act->pin & (GNTPIN_devw_mask | GNTPIN_devr_mask));
+- if ( op->flags & GNTMAP_readonly )
++ if ( op->done & GNTMAP_readonly )
+ act->pin -= GNTPIN_devr_inc;
+ else
+ act->pin -= GNTPIN_devw_inc;
+ }
+
+- if ( (op->host_addr != 0) && (op->flags & GNTMAP_host_map) )
++ if ( op->done & GNTMAP_host_map )
+ {
+- if ( op->status != 0 )
++ if ( !is_iomem_page(op->frame) )
+ {
+- /*
+- * Suggests that __gntab_unmap_common failed in
+- * replace_grant_host_mapping() or IOMMU handling, so nothing
+- * further to do (short of re-establishing the mapping in the
+- * latter case).
+- */
+- goto act_release_out;
+- }
+-
+- if ( !is_iomem_page(op->frame) )
+- {
+- if ( gnttab_host_mapping_get_page_type(op, ld, rd) )
++ if ( gnttab_host_mapping_get_page_type(op->done & GNTMAP_readonly,
++ ld, rd) )
+ put_page_type(pg);
+ put_page(pg);
+ }
+
+ ASSERT(act->pin & (GNTPIN_hstw_mask | GNTPIN_hstr_mask));
+- if ( op->flags & GNTMAP_readonly )
++ if ( op->done & GNTMAP_readonly )
+ act->pin -= GNTPIN_hstr_inc;
+ else
+ act->pin -= GNTPIN_hstw_inc;
+ }
+
+ if ( ((act->pin & (GNTPIN_devw_mask|GNTPIN_hstw_mask)) == 0) &&
+- !(op->flags & GNTMAP_readonly) )
++ !(op->done & GNTMAP_readonly) )
+ gnttab_clear_flag(_GTF_writing, status);
+
+ if ( act->pin == 0 )
+ gnttab_clear_flag(_GTF_reading, status);
+
+- act_release_out:
+ active_entry_release(act);
+- unlock_out:
+ grant_read_unlock(rgt);
+
+ rcu_unlock_domain(rd);
+@@ -1364,6 +1356,7 @@ __gnttab_unmap_grant_ref(
+ common->handle = op->handle;
+
+ /* Intialise these in case common contains old state */
++ common->done = 0;
+ common->new_addr = 0;
+ common->rd = NULL;
+ common->frame = 0;
+@@ -1429,6 +1422,7 @@ __gnttab_unmap_and_replace(
+ common->handle = op->handle;
+
+ /* Intialise these in case common contains old state */
++ common->done = 0;
+ common->dev_bus_addr = 0;
+ common->rd = NULL;
+ common->frame = 0;
+@@ -3388,7 +3382,9 @@ gnttab_release_mappings(
+ if ( gnttab_release_host_mappings(d) &&
+ !is_iomem_page(act->frame) )
+ {
+- if ( gnttab_host_mapping_get_page_type(map, d, rd) )
++ if ( gnttab_host_mapping_get_page_type((map->flags &
++ GNTMAP_readonly),
++ d, rd) )
+ put_page_type(pg);
+ put_page(pg);
+ }
+--- xen-4.8.1.orig/xen/include/asm-arm/grant_table.h
++++ xen-4.8.1/xen/include/asm-arm/grant_table.h
+@@ -9,7 +9,7 @@ void gnttab_clear_flag(unsigned long nr,
+ int create_grant_host_mapping(unsigned long gpaddr,
+ unsigned long mfn, unsigned int flags, unsigned int
+ cache_flags);
+-#define gnttab_host_mapping_get_page_type(op, d, rd) (0)
++#define gnttab_host_mapping_get_page_type(ro, ld, rd) (0)
+ int replace_grant_host_mapping(unsigned long gpaddr, unsigned long mfn,
+ unsigned long new_gpaddr, unsigned int flags);
+ void gnttab_mark_dirty(struct domain *d, unsigned long l);
+--- xen-4.8.1.orig/xen/include/asm-x86/grant_table.h
++++ xen-4.8.1/xen/include/asm-x86/grant_table.h
+@@ -58,9 +58,8 @@ static inline void gnttab_clear_flag(uns
+ }
+
+ /* Foreign mappings of HHVM-guest pages do not modify the type count. */
+-#define gnttab_host_mapping_get_page_type(op, ld, rd) \
+- (!((op)->flags & GNTMAP_readonly) && \
+- (((ld) == (rd)) || !paging_mode_external(rd)))
++#define gnttab_host_mapping_get_page_type(ro, ld, rd) \
++ (!(ro) && (((ld) == (rd)) || !paging_mode_external(rd)))
+
+ /* Done implicitly when page tables are destroyed. */
+ #define gnttab_release_host_mappings(domain) ( paging_mode_external(domain) )
--- /dev/null
+From: George Dunlap <george.dunlap@citrix.com>
+Date: Thu, 15 Jun 2017 12:05:14 +0100
+X-Dgit-Generated: 4.8.1-1+deb9u2 e1db06b5ebcafb09b16cf9c77d7d453a5d05a805
+Subject: gnttab: Avoid potential double-put of maptrack entry
+
+Each grant mapping for a particular domain is tracked by an in-Xen
+"maptrack" entry. This entry is is referenced by a "handle", which is
+given to the guest when it calls gnttab_map_grant_ref().
+
+There are two types of mapping a particular handle can refer to:
+GNTMAP_host_map and GNTMAP_device_map. A given
+gnttab_unmap_grant_ref() call can remove either only one or both of
+these entries. When a particular handle has no entries left, it must
+be freed.
+
+gnttab_unmap_grant_ref() loops through its grant unmap request list
+twice. It first removes entries from any host pagetables and (if
+appropraite) iommus; then it does a single domain TLB flush; then it
+does the clean-up, including telling the granter that entries are no
+longer being used (if appropriate).
+
+At the moment, it's during the first pass that the maptrack flags are
+cleared, but the second pass that the maptrack entry is freed.
+
+Unfortunately this allows the following race, which results in a
+double-free:
+
+ A: (pass 1) clear host_map
+ B: (pass 1) clear device_map
+ A: (pass 2) See that maptrack entry has no mappings, free it
+ B: (pass 2) See that maptrack entry has no mappings, free it #
+
+Unfortunately, unlike the active entry pinning update, we can't simply
+move the maptrack flag changes to the second half, because the
+maptrack flags are used to determine if iommu entries need to be
+added: a domain's iommu must never have fewer permissions than the
+maptrack flags indicate, or a subsequent map_grant_ref() might fail to
+add the necessary iommu entries.
+
+Instead, free the maptrack entry in the first pass if there are no
+further mappings.
+
+This is part of XSA-218.
+
+Reported-by: Jan Beulich <jbeulich.com>
+Signed-off-by: George Dunlap <george.dunlap@citrix.com>
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+
+---
+
+--- xen-4.8.1.orig/xen/common/grant_table.c
++++ xen-4.8.1/xen/common/grant_table.c
+@@ -98,8 +98,8 @@ struct gnttab_unmap_common {
+ /* Shared state beteen *_unmap and *_unmap_complete */
+ u16 flags;
+ unsigned long frame;
+- struct grant_mapping *map;
+ struct domain *rd;
++ grant_ref_t ref;
+ };
+
+ /* Number of unmap operations that are done between each tlb flush */
+@@ -1079,6 +1079,8 @@ __gnttab_unmap_common(
+ struct grant_table *lgt, *rgt;
+ struct active_grant_entry *act;
+ s16 rc = 0;
++ struct grant_mapping *map;
++ bool put_handle = false;
+
+ ld = current->domain;
+ lgt = ld->grant_table;
+@@ -1092,11 +1094,11 @@ __gnttab_unmap_common(
+ return;
+ }
+
+- op->map = &maptrack_entry(lgt, op->handle);
++ map = &maptrack_entry(lgt, op->handle);
+
+ grant_read_lock(lgt);
+
+- if ( unlikely(!read_atomic(&op->map->flags)) )
++ if ( unlikely(!read_atomic(&map->flags)) )
+ {
+ grant_read_unlock(lgt);
+ gdprintk(XENLOG_INFO, "Zero flags for handle (%d).\n", op->handle);
+@@ -1104,7 +1106,7 @@ __gnttab_unmap_common(
+ return;
+ }
+
+- dom = op->map->domid;
++ dom = map->domid;
+ grant_read_unlock(lgt);
+
+ if ( unlikely((rd = rcu_lock_domain_by_id(dom)) == NULL) )
+@@ -1129,16 +1131,43 @@ __gnttab_unmap_common(
+
+ grant_read_lock(rgt);
+
+- op->flags = read_atomic(&op->map->flags);
+- if ( unlikely(!op->flags) || unlikely(op->map->domid != dom) )
++ op->rd = rd;
++ op->ref = map->ref;
++
++ /*
++ * We can't assume there was no racing unmap for this maptrack entry,
++ * and hence we can't assume map->ref is valid for rd. While the checks
++ * below (with the active entry lock held) will reject any such racing
++ * requests, we still need to make sure we don't attempt to acquire an
++ * invalid lock.
++ */
++ smp_rmb();
++ if ( unlikely(op->ref >= nr_grant_entries(rgt)) )
+ {
+ gdprintk(XENLOG_WARNING, "Unstable handle %u\n", op->handle);
+ rc = GNTST_bad_handle;
+- goto unmap_out;
++ goto unlock_out;
+ }
+
+- op->rd = rd;
+- act = active_entry_acquire(rgt, op->map->ref);
++ act = active_entry_acquire(rgt, op->ref);
++
++ /*
++ * Note that we (ab)use the active entry lock here to protect against
++ * multiple unmaps of the same mapping here. We don't want to hold lgt's
++ * lock, and we only hold rgt's lock for reading (but the latter wouldn't
++ * be the right one anyway). Hence the easiest is to rely on a lock we
++ * hold anyway; see docs/misc/grant-tables.txt's "Locking" section.
++ */
++
++ op->flags = read_atomic(&map->flags);
++ smp_rmb();
++ if ( unlikely(!op->flags) || unlikely(map->domid != dom) ||
++ unlikely(map->ref != op->ref) )
++ {
++ gdprintk(XENLOG_WARNING, "Unstable handle %#x\n", op->handle);
++ rc = GNTST_bad_handle;
++ goto act_release_out;
++ }
+
+ if ( op->frame == 0 )
+ {
+@@ -1151,7 +1180,7 @@ __gnttab_unmap_common(
+ "Bad frame number doesn't match gntref. (%lx != %lx)\n",
+ op->frame, act->frame);
+
+- op->map->flags &= ~GNTMAP_device_map;
++ map->flags &= ~GNTMAP_device_map;
+ }
+
+ if ( (op->host_addr != 0) && (op->flags & GNTMAP_host_map) )
+@@ -1161,14 +1190,23 @@ __gnttab_unmap_common(
+ op->flags)) < 0 )
+ goto act_release_out;
+
+- op->map->flags &= ~GNTMAP_host_map;
++ map->flags &= ~GNTMAP_host_map;
++ }
++
++ if ( !(map->flags & (GNTMAP_device_map|GNTMAP_host_map)) )
++ {
++ map->flags = 0;
++ put_handle = true;
+ }
+
+ act_release_out:
+ active_entry_release(act);
+- unmap_out:
++ unlock_out:
+ grant_read_unlock(rgt);
+
++ if ( put_handle )
++ put_maptrack_handle(lgt, op->handle);
++
+ if ( rc == GNTST_okay && gnttab_need_iommu_mapping(ld) )
+ {
+ unsigned int kind;
+@@ -1205,7 +1243,6 @@ __gnttab_unmap_common_complete(struct gn
+ grant_entry_header_t *sha;
+ struct page_info *pg;
+ uint16_t *status;
+- bool_t put_handle = 0;
+
+ if ( rd == NULL )
+ {
+@@ -1226,13 +1263,13 @@ __gnttab_unmap_common_complete(struct gn
+ if ( rgt->gt_version == 0 )
+ goto unlock_out;
+
+- act = active_entry_acquire(rgt, op->map->ref);
+- sha = shared_entry_header(rgt, op->map->ref);
++ act = active_entry_acquire(rgt, op->ref);
++ sha = shared_entry_header(rgt, op->ref);
+
+ if ( rgt->gt_version == 1 )
+ status = &sha->flags;
+ else
+- status = &status_entry(rgt, op->map->ref);
++ status = &status_entry(rgt, op->ref);
+
+ if ( unlikely(op->frame != act->frame) )
+ {
+@@ -1289,9 +1326,6 @@ __gnttab_unmap_common_complete(struct gn
+ act->pin -= GNTPIN_hstw_inc;
+ }
+
+- if ( (op->map->flags & (GNTMAP_device_map|GNTMAP_host_map)) == 0 )
+- put_handle = 1;
+-
+ if ( ((act->pin & (GNTPIN_devw_mask|GNTPIN_hstw_mask)) == 0) &&
+ !(op->flags & GNTMAP_readonly) )
+ gnttab_clear_flag(_GTF_writing, status);
+@@ -1304,11 +1338,6 @@ __gnttab_unmap_common_complete(struct gn
+ unlock_out:
+ grant_read_unlock(rgt);
+
+- if ( put_handle )
+- {
+- op->map->flags = 0;
+- put_maptrack_handle(ld->grant_table, op->handle);
+- }
+ rcu_unlock_domain(rd);
+ }
+
--- /dev/null
+From: George Dunlap <george.dunlap@citrix.com>
+Date: Fri, 2 Jun 2017 15:21:27 +0100
+X-Dgit-Generated: 4.8.1-1+deb9u2 3561a445755b055d940e91df7fdaff18d2613fd5
+Subject: gnttab: correct logic to get page references during map requests
+
+The rules for reference counting are somewhat complicated:
+
+* Each of GNTTAB_host_map and GNTTAB_device_map need their own
+reference count
+
+* If the mapping is writeable:
+ - GNTTAB_host_map needs a type count under only some conditions
+ - GNTTAB_device_map always needs a type count
+
+If the mapping succeeds, we need to keep all of these; if the mapping
+fails, we need to release whatever references we have acquired so far.
+
+Additionally, the code that does a lot of this calculation "inherits"
+a reference as part of the process of finding out who the owner is.
+
+Finally, if the grant is mapped as writeable (without the
+GNTMAP_readonly flag), but the hypervisor cannot grab a
+PGT_writeable_page type, the entire operation should fail.
+
+Unfortunately, the current code has several logic holes:
+
+* If a grant is mapped only GNTTAB_device_map, and with a writeable
+ mapping, but in conditions where a *host* type count is not
+ necessary, the code will fail to grab the necessary type count.
+
+* If a grant is mapped both GNTTAB_device_map and GNTTAB_host_map,
+ with a writeable mapping, in conditions where the host type count is
+ not necessary, *and* where the page cannot be changed to type
+ PGT_writeable, the condition will not be detected.
+
+In both cases, this means that on success, the type count will be
+erroneously reduced when the grant is unmapped. In the second case,
+the type count will be erroneously reduced on the failure path as
+well. (In the first case the failure path logic has the same hole
+as the reference grabbing logic.)
+
+Additionally, the return value of get_page() is not checked; but this
+may fail even if the first get_page() succeeded due to a reference
+counting overflow.
+
+First of all, simplify the restoration logic by explicitly counting
+the reference and type references acquired.
+
+Consider each mapping type separately, explicitly marking the
+'incoming' reference as used so we know when we need to grab a second
+one.
+
+Finally, always check the return value of get_page[_type]() and go to
+the failure path if appropriate.
+
+This is part of XSA-224.
+
+Reported-by: Jan Beulich <jbeulich@suse.com>
+Signed-off-by: George Dunlap <george.dunlap@citrix.com>
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+
+---
+
+--- xen-4.8.1.orig/xen/common/grant_table.c
++++ xen-4.8.1/xen/common/grant_table.c
+@@ -758,12 +758,12 @@ __gnttab_map_grant_ref(
+ struct grant_table *lgt, *rgt;
+ struct vcpu *led;
+ int handle;
+- unsigned long frame = 0, nr_gets = 0;
++ unsigned long frame = 0;
+ struct page_info *pg = NULL;
+ int rc = GNTST_okay;
+ u32 old_pin;
+ u32 act_pin;
+- unsigned int cache_flags;
++ unsigned int cache_flags, refcnt = 0, typecnt = 0;
+ struct active_grant_entry *act = NULL;
+ struct grant_mapping *mt;
+ grant_entry_header_t *shah;
+@@ -889,11 +889,17 @@ __gnttab_map_grant_ref(
+ else
+ owner = page_get_owner(pg);
+
++ if ( owner )
++ refcnt++;
++
+ if ( !pg || (owner == dom_io) )
+ {
+ /* Only needed the reference to confirm dom_io ownership. */
+ if ( pg )
++ {
+ put_page(pg);
++ refcnt--;
++ }
+
+ if ( paging_mode_external(ld) )
+ {
+@@ -921,27 +927,38 @@ __gnttab_map_grant_ref(
+ }
+ else if ( owner == rd || owner == dom_cow )
+ {
+- if ( gnttab_host_mapping_get_page_type(op, ld, rd) )
++ if ( (op->flags & GNTMAP_device_map) && !(op->flags & GNTMAP_readonly) )
+ {
+ if ( (owner == dom_cow) ||
+ !get_page_type(pg, PGT_writable_page) )
+ goto could_not_pin;
++ typecnt++;
+ }
+
+- nr_gets++;
+ if ( op->flags & GNTMAP_host_map )
+ {
+- rc = create_grant_host_mapping(op->host_addr, frame, op->flags, 0);
+- if ( rc != GNTST_okay )
+- goto undo_out;
+-
++ /*
++ * Only need to grab another reference if device_map claimed
++ * the other one.
++ */
+ if ( op->flags & GNTMAP_device_map )
+ {
+- nr_gets++;
+- (void)get_page(pg, rd);
+- if ( !(op->flags & GNTMAP_readonly) )
+- get_page_type(pg, PGT_writable_page);
++ if ( !get_page(pg, rd) )
++ goto could_not_pin;
++ refcnt++;
+ }
++
++ if ( gnttab_host_mapping_get_page_type(op, ld, rd) )
++ {
++ if ( (owner == dom_cow) ||
++ !get_page_type(pg, PGT_writable_page) )
++ goto could_not_pin;
++ typecnt++;
++ }
++
++ rc = create_grant_host_mapping(op->host_addr, frame, op->flags, 0);
++ if ( rc != GNTST_okay )
++ goto undo_out;
+ }
+ }
+ else
+@@ -950,8 +967,6 @@ __gnttab_map_grant_ref(
+ if ( !rd->is_dying )
+ gdprintk(XENLOG_WARNING, "Could not pin grant frame %lx\n",
+ frame);
+- if ( owner != NULL )
+- put_page(pg);
+ rc = GNTST_general_error;
+ goto undo_out;
+ }
+@@ -1014,18 +1029,11 @@ __gnttab_map_grant_ref(
+ return;
+
+ undo_out:
+- if ( nr_gets > 1 )
+- {
+- if ( !(op->flags & GNTMAP_readonly) )
+- put_page_type(pg);
+- put_page(pg);
+- }
+- if ( nr_gets > 0 )
+- {
+- if ( gnttab_host_mapping_get_page_type(op, ld, rd) )
+- put_page_type(pg);
++ while ( typecnt-- )
++ put_page_type(pg);
++
++ while ( refcnt-- )
+ put_page(pg);
+- }
+
+ grant_read_lock(rgt);
+
--- /dev/null
+From: Jan Beulich <jbeulich@suse.com>
+Date: Thu, 15 Jun 2017 12:05:29 +0100
+X-Dgit-Generated: 4.8.1-1+deb9u2 4303b5a04eb8c48bba4b7082c4c441b404b82474
+Subject: gnttab: correct maptrack table accesses
+
+In order to observe a consistent (limit,pointer-table) pair, the reader
+needs to either hold the maptrack lock (in line with documentation) or
+both sides need to order their accesses suitably (the writer side
+barrier was removed by commit dff515dfea ["gnttab: use per-VCPU
+maptrack free lists"], and a read side barrier has never been there).
+
+Make the writer publish a new table page before limit (for bounds
+checks to work), and new list head last (for racing maptrack_entry()
+invocations to work). At the same time add read barriers to lockless
+readers.
+
+Additionally get_maptrack_handle() must not assume ->maptrack_head to
+not change behind its back: Another handle may be put (updating only
+->maptrack_tail) and then got or stolen (updating ->maptrack_head).
+
+This is part of XSA-218.
+
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-by: George Dunlap <george.dunlap@citrix.com>
+
+---
+
+--- xen-4.8.1.orig/xen/common/grant_table.c
++++ xen-4.8.1/xen/common/grant_table.c
+@@ -395,7 +395,7 @@ get_maptrack_handle(
+ struct grant_table *lgt)
+ {
+ struct vcpu *curr = current;
+- int i;
++ unsigned int i, head;
+ grant_handle_t handle;
+ struct grant_mapping *new_mt;
+
+@@ -451,17 +451,20 @@ get_maptrack_handle(
+ new_mt[i].ref = handle + i + 1;
+ new_mt[i].vcpu = curr->vcpu_id;
+ }
+- new_mt[i - 1].ref = curr->maptrack_head;
+
+ /* Set tail directly if this is the first page for this VCPU. */
+ if ( curr->maptrack_tail == MAPTRACK_TAIL )
+ curr->maptrack_tail = handle + MAPTRACK_PER_PAGE - 1;
+
+- write_atomic(&curr->maptrack_head, handle + 1);
+-
+ lgt->maptrack[nr_maptrack_frames(lgt)] = new_mt;
++ smp_wmb();
+ lgt->maptrack_limit += MAPTRACK_PER_PAGE;
+
++ do {
++ new_mt[i - 1].ref = read_atomic(&curr->maptrack_head);
++ head = cmpxchg(&curr->maptrack_head, new_mt[i - 1].ref, handle + 1);
++ } while ( head != new_mt[i - 1].ref );
++
+ spin_unlock(&lgt->maptrack_lock);
+
+ return handle;
+@@ -727,6 +730,7 @@ static unsigned int mapkind(
+ for ( handle = 0; !(kind & MAPKIND_WRITE) &&
+ handle < lgt->maptrack_limit; handle++ )
+ {
++ smp_rmb();
+ map = &maptrack_entry(lgt, handle);
+ if ( !(map->flags & (GNTMAP_device_map|GNTMAP_host_map)) ||
+ map->domid != rd->domain_id )
+@@ -1094,6 +1098,7 @@ __gnttab_unmap_common(
+ return;
+ }
+
++ smp_rmb();
+ map = &maptrack_entry(lgt, op->handle);
+
+ grant_read_lock(lgt);
--- /dev/null
+From: Jan Beulich <jbeulich@suse.com>
+Date: Thu, 7 Sep 2017 18:18:50 +0100
+X-Dgit-Generated: 4.8.1-1+deb9u3 56b8a16f699a8d83ef40fef740ffe6f85e9d70b8
+Subject: gnttab: correct pin status fixup for copy
+
+Regardless of copy operations only setting GNTPIN_hst*, GNTPIN_dev*
+also need to be taken into account when deciding whether to clear
+_GTF_{read,writ}ing. At least for consistency with code elsewhere the
+read part better doesn't use any mask at all.
+
+This is XSA-230.
+
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
+
+---
+
+--- xen-4.8.1.orig/xen/common/grant_table.c
++++ xen-4.8.1/xen/common/grant_table.c
+@@ -2110,10 +2110,10 @@ __release_grant_for_copy(
+ static void __fixup_status_for_copy_pin(const struct active_grant_entry *act,
+ uint16_t *status)
+ {
+- if ( !(act->pin & GNTPIN_hstw_mask) )
++ if ( !(act->pin & (GNTPIN_hstw_mask | GNTPIN_devw_mask)) )
+ gnttab_clear_flag(_GTF_writing, status);
+
+- if ( !(act->pin & GNTPIN_hstr_mask) )
++ if ( !act->pin )
+ gnttab_clear_flag(_GTF_reading, status);
+ }
+
+@@ -2348,7 +2348,7 @@ __acquire_grant_for_copy(
+
+ unlock_out_clear:
+ if ( !(readonly) &&
+- !(act->pin & GNTPIN_hstw_mask) )
++ !(act->pin & (GNTPIN_hstw_mask | GNTPIN_devw_mask)) )
+ gnttab_clear_flag(_GTF_writing, status);
+
+ if ( !act->pin )
--- /dev/null
+From: Jan Beulich <jbeulich@suse.com>
+Date: Thu, 7 Sep 2017 18:16:55 +0100
+X-Dgit-Generated: 4.8.1-1+deb9u3 d8321a710e81b0569620e8d380f906be3b66f287
+Subject: gnttab: don't use possibly unbounded tail calls
+
+There is no guarantee that the compiler would actually translate them
+to branches instead of calls, so only ones with a known recursion limit
+are okay:
+- __release_grant_for_copy() can call itself only once, as
+ __acquire_grant_for_copy() won't permit use of multi-level transitive
+ grants,
+- __acquire_grant_for_copy() is fine to call itself with the last
+ argument false, as that prevents further recursion,
+- __acquire_grant_for_copy() must not call itself to recover from an
+ observed change to the active entry's pin count
+
+This is part of CVE-2017-12135 / XSA-226.
+
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+
+---
+
+--- xen-4.8.1.orig/xen/common/compat/grant_table.c
++++ xen-4.8.1/xen/common/compat/grant_table.c
+@@ -258,9 +258,9 @@ int compat_grant_table_op(unsigned int c
+ rc = gnttab_copy(guest_handle_cast(nat.uop, gnttab_copy_t), n);
+ if ( rc > 0 )
+ {
+- ASSERT(rc < n);
+- i -= n - rc;
+- n = rc;
++ ASSERT(rc <= n);
++ i -= rc;
++ n -= rc;
+ }
+ if ( rc >= 0 )
+ {
+--- xen-4.8.1.orig/xen/common/grant_table.c
++++ xen-4.8.1/xen/common/grant_table.c
+@@ -2086,8 +2086,10 @@ __release_grant_for_copy(
+
+ if ( td != rd )
+ {
+- /* Recursive calls, but they're tail calls, so it's
+- okay. */
++ /*
++ * Recursive calls, but they're bounded (acquire permits only a single
++ * level of transitivity), so it's okay.
++ */
+ if ( released_write )
+ __release_grant_for_copy(td, trans_gref, 0);
+ else if ( released_read )
+@@ -2238,10 +2240,11 @@ __acquire_grant_for_copy(
+ return rc;
+ }
+
+- /* We dropped the lock, so we have to check that nobody
+- else tried to pin (or, for that matter, unpin) the
+- reference in *this* domain. If they did, just give up
+- and try again. */
++ /*
++ * We dropped the lock, so we have to check that nobody else tried
++ * to pin (or, for that matter, unpin) the reference in *this*
++ * domain. If they did, just give up and tell the caller to retry.
++ */
+ if ( act->pin != old_pin )
+ {
+ __fixup_status_for_copy_pin(act, status);
+@@ -2249,9 +2252,8 @@ __acquire_grant_for_copy(
+ active_entry_release(act);
+ grant_read_unlock(rgt);
+ put_page(*page);
+- return __acquire_grant_for_copy(rd, gref, ldom, readonly,
+- frame, page, page_off, length,
+- allow_transitive);
++ *page = NULL;
++ return ERESTART;
+ }
+
+ /* The actual remote remote grant may or may not be a
+@@ -2557,7 +2559,7 @@ static int gnttab_copy_one(const struct
+ {
+ gnttab_copy_release_buf(src);
+ rc = gnttab_copy_claim_buf(op, &op->source, src, GNTCOPY_source_gref);
+- if ( rc < 0 )
++ if ( rc )
+ goto out;
+ }
+
+@@ -2567,7 +2569,7 @@ static int gnttab_copy_one(const struct
+ {
+ gnttab_copy_release_buf(dest);
+ rc = gnttab_copy_claim_buf(op, &op->dest, dest, GNTCOPY_dest_gref);
+- if ( rc < 0 )
++ if ( rc )
+ goto out;
+ }
+
+@@ -2576,6 +2578,14 @@ static int gnttab_copy_one(const struct
+ return rc;
+ }
+
++/*
++ * gnttab_copy(), other than the various other helpers of
++ * do_grant_table_op(), returns (besides possible error indicators)
++ * "count - i" rather than "i" to ensure that even if no progress
++ * was made at all (perhaps due to gnttab_copy_one() returning a
++ * positive value) a non-zero value is being handed back (zero needs
++ * to be avoided, as that means "success, all done").
++ */
+ static long gnttab_copy(
+ XEN_GUEST_HANDLE_PARAM(gnttab_copy_t) uop, unsigned int count)
+ {
+@@ -2589,7 +2599,7 @@ static long gnttab_copy(
+ {
+ if ( i && hypercall_preempt_check() )
+ {
+- rc = i;
++ rc = count - i;
+ break;
+ }
+
+@@ -2599,13 +2609,20 @@ static long gnttab_copy(
+ break;
+ }
+
+- op.status = gnttab_copy_one(&op, &dest, &src);
+- if ( op.status != GNTST_okay )
++ rc = gnttab_copy_one(&op, &dest, &src);
++ if ( rc > 0 )
++ {
++ rc = count - i;
++ break;
++ }
++ if ( rc != GNTST_okay )
+ {
+ gnttab_copy_release_buf(&src);
+ gnttab_copy_release_buf(&dest);
+ }
+
++ op.status = rc;
++ rc = 0;
+ if ( unlikely(__copy_field_to_guest(uop, &op, status)) )
+ {
+ rc = -EFAULT;
+@@ -3143,6 +3160,7 @@ do_grant_table_op(
+ rc = gnttab_copy(copy, count);
+ if ( rc > 0 )
+ {
++ rc = count - rc;
+ guest_handle_add_offset(copy, rc);
+ uop = guest_handle_cast(copy, void);
+ }
--- /dev/null
+From: George Dunlap <george.dunlap@citrix.com>
+Date: Thu, 15 Jun 2017 16:24:02 +0100
+X-Dgit-Generated: 4.8.1-1+deb9u2 0a915357527121342ded8480e68c63c8395cb8ca
+Subject: gnttab: Fix handling of dev_bus_addr during unmap
+
+If a grant has been mapped with the GNTTAB_device_map flag, calling
+grant_unmap_ref() with dev_bus_addr set to zero should cause the
+GNTTAB_device_map part of the mapping to be left alone.
+
+Unfortunately, at the moment, op->dev_bus_addr is implicitly checked
+before clearing the map and adjusting the pin count, but only the bits
+above 12; and it is not checked at all before dropping page
+references. This means a guest can repeatedly make such a call to
+cause the reference count to drop to zero, causing the page to be
+freed and re-used, even though it's still mapped in its pagetables.
+
+To fix this, always check op->dev_bus_addr explicitly for being
+non-zero, as well as op->flag & GNTMAP_device_map, before doing
+operations on the device_map.
+
+While we're here, make the logic a bit cleaner:
+
+* Always initialize op->frame to zero and set it from act->frame, to reduce the
+chance of untrusted input being used
+
+* Explicitly check the full dev_bus_addr against act->frame <<
+ PAGE_SHIFT, rather than ignoring the lower 12 bits
+
+This is part of XSA-224.
+
+Reported-by: Jan Beulich <jbeulich@suse.com>
+Signed-off-by: George Dunlap <george.dunlap@citrix.com>
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+
+---
+
+--- xen-4.8.1.orig/xen/common/grant_table.c
++++ xen-4.8.1/xen/common/grant_table.c
+@@ -1089,8 +1089,6 @@ __gnttab_unmap_common(
+ ld = current->domain;
+ lgt = ld->grant_table;
+
+- op->frame = (unsigned long)(op->dev_bus_addr >> PAGE_SHIFT);
+-
+ if ( unlikely(op->handle >= lgt->maptrack_limit) )
+ {
+ gdprintk(XENLOG_INFO, "Bad handle (%d).\n", op->handle);
+@@ -1174,16 +1172,14 @@ __gnttab_unmap_common(
+ goto act_release_out;
+ }
+
+- if ( op->frame == 0 )
+- {
+- op->frame = act->frame;
+- }
+- else
++ op->frame = act->frame;
++
++ if ( op->dev_bus_addr )
+ {
+- if ( unlikely(op->frame != act->frame) )
++ if ( unlikely(op->dev_bus_addr != pfn_to_paddr(act->frame)) )
+ PIN_FAIL(act_release_out, GNTST_general_error,
+- "Bad frame number doesn't match gntref. (%lx != %lx)\n",
+- op->frame, act->frame);
++ "Bus address doesn't match gntref (%"PRIx64" != %"PRIpaddr")\n",
++ op->dev_bus_addr, pfn_to_paddr(act->frame));
+
+ map->flags &= ~GNTMAP_device_map;
+ }
+@@ -1276,7 +1272,8 @@ __gnttab_unmap_common_complete(struct gn
+ else
+ status = &status_entry(rgt, op->ref);
+
+- if ( unlikely(op->frame != act->frame) )
++ if ( op->dev_bus_addr &&
++ unlikely(op->dev_bus_addr != pfn_to_paddr(act->frame)) )
+ {
+ /*
+ * Suggests that __gntab_unmap_common failed early and so
+@@ -1287,7 +1284,7 @@ __gnttab_unmap_common_complete(struct gn
+
+ pg = mfn_to_page(op->frame);
+
+- if ( op->flags & GNTMAP_device_map )
++ if ( op->dev_bus_addr && (op->flags & GNTMAP_device_map) )
+ {
+ if ( !is_iomem_page(act->frame) )
+ {
+@@ -1358,6 +1355,7 @@ __gnttab_unmap_grant_ref(
+ /* Intialise these in case common contains old state */
+ common->new_addr = 0;
+ common->rd = NULL;
++ common->frame = 0;
+
+ __gnttab_unmap_common(common);
+ op->status = common->status;
+@@ -1422,6 +1420,7 @@ __gnttab_unmap_and_replace(
+ /* Intialise these in case common contains old state */
+ common->dev_bus_addr = 0;
+ common->rd = NULL;
++ common->frame = 0;
+
+ __gnttab_unmap_common(common);
+ op->status = common->status;
--- /dev/null
+From: Jan Beulich <jbeulich@suse.com>
+Date: Thu, 7 Sep 2017 18:16:58 +0100
+X-Dgit-Generated: 4.8.1-1+deb9u3 e8d7c64f2ab550185429d3462ac5c031d443ec6c
+Subject: gnttab: fix transitive grant handling
+
+Processing of transitive grants must not use the fast path, or else
+reference counting breaks due to the skipped recursive call to
+__acquire_grant_for_copy() (its __release_grant_for_copy()
+counterpart occurs independent of original pin count). Furthermore
+after re-acquiring temporarily dropped locks we need to verify no grant
+properties changed if the original pin count was non-zero; checking
+just the pin counts is sufficient only for well-behaved guests. As a
+result, __release_grant_for_copy() needs to mirror that new behavior.
+
+Furthermore a __release_grant_for_copy() invocation was missing on the
+retry path of __acquire_grant_for_copy(), and gnttab_set_version() also
+needs to bail out upon encountering a transitive grant.
+
+This is part of CVE-2017-12135 / XSA-226.
+
+Reported-by: Andrew Cooper <andrew.cooper3@citrix.com>
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
+
+---
+
+--- xen-4.8.1.orig/xen/common/grant_table.c
++++ xen-4.8.1/xen/common/grant_table.c
+@@ -2033,13 +2033,8 @@ __release_grant_for_copy(
+ unsigned long r_frame;
+ uint16_t *status;
+ grant_ref_t trans_gref;
+- int released_read;
+- int released_write;
+ struct domain *td;
+
+- released_read = 0;
+- released_write = 0;
+-
+ grant_read_lock(rgt);
+
+ act = active_entry_acquire(rgt, gref);
+@@ -2069,17 +2064,11 @@ __release_grant_for_copy(
+
+ act->pin -= GNTPIN_hstw_inc;
+ if ( !(act->pin & (GNTPIN_devw_mask|GNTPIN_hstw_mask)) )
+- {
+- released_write = 1;
+ gnttab_clear_flag(_GTF_writing, status);
+- }
+ }
+
+ if ( !act->pin )
+- {
+ gnttab_clear_flag(_GTF_reading, status);
+- released_read = 1;
+- }
+
+ active_entry_release(act);
+ grant_read_unlock(rgt);
+@@ -2087,13 +2076,10 @@ __release_grant_for_copy(
+ if ( td != rd )
+ {
+ /*
+- * Recursive calls, but they're bounded (acquire permits only a single
++ * Recursive call, but it is bounded (acquire permits only a single
+ * level of transitivity), so it's okay.
+ */
+- if ( released_write )
+- __release_grant_for_copy(td, trans_gref, 0);
+- else if ( released_read )
+- __release_grant_for_copy(td, trans_gref, 1);
++ __release_grant_for_copy(td, trans_gref, readonly);
+
+ rcu_unlock_domain(td);
+ }
+@@ -2167,8 +2153,108 @@ __acquire_grant_for_copy(
+ act->domid, ldom, act->pin);
+
+ old_pin = act->pin;
+- if ( !act->pin ||
+- (!readonly && !(act->pin & (GNTPIN_devw_mask|GNTPIN_hstw_mask))) )
++ if ( sha2 && (shah->flags & GTF_type_mask) == GTF_transitive )
++ {
++ if ( (!old_pin || (!readonly &&
++ !(old_pin & (GNTPIN_devw_mask|GNTPIN_hstw_mask)))) &&
++ (rc = _set_status_v2(ldom, readonly, 0, shah, act,
++ status)) != GNTST_okay )
++ goto unlock_out;
++
++ if ( !allow_transitive )
++ PIN_FAIL(unlock_out_clear, GNTST_general_error,
++ "transitive grant when transitivity not allowed\n");
++
++ trans_domid = sha2->transitive.trans_domid;
++ trans_gref = sha2->transitive.gref;
++ barrier(); /* Stop the compiler from re-loading
++ trans_domid from shared memory */
++ if ( trans_domid == rd->domain_id )
++ PIN_FAIL(unlock_out_clear, GNTST_general_error,
++ "transitive grants cannot be self-referential\n");
++
++ /*
++ * We allow the trans_domid == ldom case, which corresponds to a
++ * grant being issued by one domain, sent to another one, and then
++ * transitively granted back to the original domain. Allowing it
++ * is easy, and means that you don't need to go out of your way to
++ * avoid it in the guest.
++ */
++
++ /* We need to leave the rrd locked during the grant copy. */
++ td = rcu_lock_domain_by_id(trans_domid);
++ if ( td == NULL )
++ PIN_FAIL(unlock_out_clear, GNTST_general_error,
++ "transitive grant referenced bad domain %d\n",
++ trans_domid);
++
++ /*
++ * __acquire_grant_for_copy() could take the lock on the
++ * remote table (if rd == td), so we have to drop the lock
++ * here and reacquire.
++ */
++ active_entry_release(act);
++ grant_read_unlock(rgt);
++
++ rc = __acquire_grant_for_copy(td, trans_gref, rd->domain_id,
++ readonly, &grant_frame, page,
++ &trans_page_off, &trans_length, 0);
++
++ grant_read_lock(rgt);
++ act = active_entry_acquire(rgt, gref);
++
++ if ( rc != GNTST_okay )
++ {
++ __fixup_status_for_copy_pin(act, status);
++ rcu_unlock_domain(td);
++ active_entry_release(act);
++ grant_read_unlock(rgt);
++ return rc;
++ }
++
++ /*
++ * We dropped the lock, so we have to check that the grant didn't
++ * change, and that nobody else tried to pin/unpin it. If anything
++ * changed, just give up and tell the caller to retry.
++ */
++ if ( rgt->gt_version != 2 ||
++ act->pin != old_pin ||
++ (old_pin && (act->domid != ldom || act->frame != grant_frame ||
++ act->start != trans_page_off ||
++ act->length != trans_length ||
++ act->trans_domain != td ||
++ act->trans_gref != trans_gref ||
++ !act->is_sub_page)) )
++ {
++ __release_grant_for_copy(td, trans_gref, readonly);
++ __fixup_status_for_copy_pin(act, status);
++ rcu_unlock_domain(td);
++ active_entry_release(act);
++ grant_read_unlock(rgt);
++ put_page(*page);
++ *page = NULL;
++ return ERESTART;
++ }
++
++ if ( !old_pin )
++ {
++ act->domid = ldom;
++ act->start = trans_page_off;
++ act->length = trans_length;
++ act->trans_domain = td;
++ act->trans_gref = trans_gref;
++ act->frame = grant_frame;
++ act->gfn = -1ul;
++ /*
++ * The actual remote remote grant may or may not be a sub-page,
++ * but we always treat it as one because that blocks mappings of
++ * transitive grants.
++ */
++ act->is_sub_page = 1;
++ }
++ }
++ else if ( !old_pin ||
++ (!readonly && !(old_pin & (GNTPIN_devw_mask|GNTPIN_hstw_mask))) )
+ {
+ if ( (rc = _set_status(rgt->gt_version, ldom,
+ readonly, 0, shah, act,
+@@ -2189,79 +2275,6 @@ __acquire_grant_for_copy(
+ trans_page_off = 0;
+ trans_length = PAGE_SIZE;
+ }
+- else if ( (shah->flags & GTF_type_mask) == GTF_transitive )
+- {
+- if ( !allow_transitive )
+- PIN_FAIL(unlock_out_clear, GNTST_general_error,
+- "transitive grant when transitivity not allowed\n");
+-
+- trans_domid = sha2->transitive.trans_domid;
+- trans_gref = sha2->transitive.gref;
+- barrier(); /* Stop the compiler from re-loading
+- trans_domid from shared memory */
+- if ( trans_domid == rd->domain_id )
+- PIN_FAIL(unlock_out_clear, GNTST_general_error,
+- "transitive grants cannot be self-referential\n");
+-
+- /* We allow the trans_domid == ldom case, which
+- corresponds to a grant being issued by one domain, sent
+- to another one, and then transitively granted back to
+- the original domain. Allowing it is easy, and means
+- that you don't need to go out of your way to avoid it
+- in the guest. */
+-
+- /* We need to leave the rrd locked during the grant copy */
+- td = rcu_lock_domain_by_id(trans_domid);
+- if ( td == NULL )
+- PIN_FAIL(unlock_out_clear, GNTST_general_error,
+- "transitive grant referenced bad domain %d\n",
+- trans_domid);
+-
+- /*
+- * __acquire_grant_for_copy() could take the lock on the
+- * remote table (if rd == td), so we have to drop the lock
+- * here and reacquire
+- */
+- active_entry_release(act);
+- grant_read_unlock(rgt);
+-
+- rc = __acquire_grant_for_copy(td, trans_gref, rd->domain_id,
+- readonly, &grant_frame, page,
+- &trans_page_off, &trans_length, 0);
+-
+- grant_read_lock(rgt);
+- act = active_entry_acquire(rgt, gref);
+-
+- if ( rc != GNTST_okay ) {
+- __fixup_status_for_copy_pin(act, status);
+- rcu_unlock_domain(td);
+- active_entry_release(act);
+- grant_read_unlock(rgt);
+- return rc;
+- }
+-
+- /*
+- * We dropped the lock, so we have to check that nobody else tried
+- * to pin (or, for that matter, unpin) the reference in *this*
+- * domain. If they did, just give up and tell the caller to retry.
+- */
+- if ( act->pin != old_pin )
+- {
+- __fixup_status_for_copy_pin(act, status);
+- rcu_unlock_domain(td);
+- active_entry_release(act);
+- grant_read_unlock(rgt);
+- put_page(*page);
+- *page = NULL;
+- return ERESTART;
+- }
+-
+- /* The actual remote remote grant may or may not be a
+- sub-page, but we always treat it as one because that
+- blocks mappings of transitive grants. */
+- is_sub_page = 1;
+- act->gfn = -1ul;
+- }
+ else if ( !(sha2->hdr.flags & GTF_sub_page) )
+ {
+ rc = __get_paged_frame(sha2->full_page.frame, &grant_frame, page, readonly, rd);
+@@ -2693,10 +2706,13 @@ gnttab_set_version(XEN_GUEST_HANDLE_PARA
+ case 2:
+ for ( i = 0; i < GNTTAB_NR_RESERVED_ENTRIES; i++ )
+ {
+- if ( ((shared_entry_v2(gt, i).hdr.flags & GTF_type_mask) ==
+- GTF_permit_access) &&
+- (shared_entry_v2(gt, i).full_page.frame >> 32) )
++ switch ( shared_entry_v2(gt, i).hdr.flags & GTF_type_mask )
+ {
++ case GTF_permit_access:
++ if ( !(shared_entry_v2(gt, i).full_page.frame >> 32) )
++ break;
++ /* fall through */
++ case GTF_transitive:
+ gdprintk(XENLOG_WARNING,
+ "tried to change grant table version to 1 with non-representable entries\n");
+ res = -ERANGE;
--- /dev/null
+From: Jan Beulich <jbeulich@suse.com>
+Date: Fri, 2 Jun 2017 12:22:42 +0100
+X-Dgit-Generated: 4.8.1-1+deb9u2 cbe9168b320ecaa96a2a3f42d8783eb6eb27b18b
+Subject: gnttab: fix unmap pin accounting race
+
+Once all {writable} mappings of a grant entry have been unmapped, the
+hypervisor informs the guest that the grant entry has been released by
+clearing the _GTF_{reading,writing} usage flags in the guest's grant
+table as appropriate.
+
+Unfortunately, at the moment, the code that updates the accounting
+happens in a different critical section than the one which updates the
+usage flags; this means that under the right circumstances, there may be
+a window in time after the hypervisor reported the grant as being free
+during which the grant referee still had access to the page.
+
+Move the grant accounting code into the same critical section as the
+reporting code to make sure this kind of race can't happen.
+
+This is part of XSA-218.
+
+Reported-by: Jann Horn <jannh.com>
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+
+---
+
+--- xen-4.8.1.orig/xen/common/grant_table.c
++++ xen-4.8.1/xen/common/grant_table.c
+@@ -1150,15 +1150,8 @@ __gnttab_unmap_common(
+ PIN_FAIL(act_release_out, GNTST_general_error,
+ "Bad frame number doesn't match gntref. (%lx != %lx)\n",
+ op->frame, act->frame);
+- if ( op->flags & GNTMAP_device_map )
+- {
+- ASSERT(act->pin & (GNTPIN_devw_mask | GNTPIN_devr_mask));
+- op->map->flags &= ~GNTMAP_device_map;
+- if ( op->flags & GNTMAP_readonly )
+- act->pin -= GNTPIN_devr_inc;
+- else
+- act->pin -= GNTPIN_devw_inc;
+- }
++
++ op->map->flags &= ~GNTMAP_device_map;
+ }
+
+ if ( (op->host_addr != 0) && (op->flags & GNTMAP_host_map) )
+@@ -1168,12 +1161,7 @@ __gnttab_unmap_common(
+ op->flags)) < 0 )
+ goto act_release_out;
+
+- ASSERT(act->pin & (GNTPIN_hstw_mask | GNTPIN_hstr_mask));
+ op->map->flags &= ~GNTMAP_host_map;
+- if ( op->flags & GNTMAP_readonly )
+- act->pin -= GNTPIN_hstr_inc;
+- else
+- act->pin -= GNTPIN_hstw_inc;
+ }
+
+ act_release_out:
+@@ -1266,6 +1254,12 @@ __gnttab_unmap_common_complete(struct gn
+ else
+ put_page_and_type(pg);
+ }
++
++ ASSERT(act->pin & (GNTPIN_devw_mask | GNTPIN_devr_mask));
++ if ( op->flags & GNTMAP_readonly )
++ act->pin -= GNTPIN_devr_inc;
++ else
++ act->pin -= GNTPIN_devw_inc;
+ }
+
+ if ( (op->host_addr != 0) && (op->flags & GNTMAP_host_map) )
+@@ -1274,7 +1268,9 @@ __gnttab_unmap_common_complete(struct gn
+ {
+ /*
+ * Suggests that __gntab_unmap_common failed in
+- * replace_grant_host_mapping() so nothing further to do
++ * replace_grant_host_mapping() or IOMMU handling, so nothing
++ * further to do (short of re-establishing the mapping in the
++ * latter case).
+ */
+ goto act_release_out;
+ }
+@@ -1285,6 +1281,12 @@ __gnttab_unmap_common_complete(struct gn
+ put_page_type(pg);
+ put_page(pg);
+ }
++
++ ASSERT(act->pin & (GNTPIN_hstw_mask | GNTPIN_hstr_mask));
++ if ( op->flags & GNTMAP_readonly )
++ act->pin -= GNTPIN_hstr_inc;
++ else
++ act->pin -= GNTPIN_hstw_inc;
+ }
+
+ if ( (op->map->flags & (GNTMAP_device_map|GNTMAP_host_map)) == 0 )
--- /dev/null
+From: Jan Beulich <jbeulich@suse.com>
+Date: Fri, 2 Jun 2017 15:21:27 +0100
+X-Dgit-Generated: 4.8.1-1+deb9u2 3ee63df99edde59558357cd3452f5fca184cec56
+Subject: gnttab: never create host mapping unless asked to
+
+We shouldn't create a host mapping unless asked to even in the case of
+mapping a granted MMIO page. In particular the mapping wouldn't be torn
+down when processing the matching unmap request.
+
+This is part of XSA-224.
+
+Reported-by: Jan Beulich <jbeulich@suse.com>
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+
+---
+
+--- xen-4.8.1.orig/xen/common/grant_table.c
++++ xen-4.8.1/xen/common/grant_table.c
+@@ -911,10 +911,13 @@ __gnttab_map_grant_ref(
+ goto undo_out;
+ }
+
+- rc = create_grant_host_mapping(
+- op->host_addr, frame, op->flags, cache_flags);
+- if ( rc != GNTST_okay )
+- goto undo_out;
++ if ( op->flags & GNTMAP_host_map )
++ {
++ rc = create_grant_host_mapping(op->host_addr, frame, op->flags,
++ cache_flags);
++ if ( rc != GNTST_okay )
++ goto undo_out;
++ }
+ }
+ else if ( owner == rd || owner == dom_cow )
+ {
--- /dev/null
+From: Jan Beulich <jbeulich@suse.com>
+Date: Mon, 31 Jul 2017 15:17:56 +0100
+X-Dgit-Generated: 4.8.1-1+deb9u3 84a862297be91da9afefeda853b8414205d44fa8
+Subject: gnttab: split maptrack lock to make it fulfill its purpose again
+
+The way the lock is currently being used in get_maptrack_handle(), it
+protects only the maptrack limit: The function acts on current's list
+only, so races on list accesses are impossible even without the lock.
+
+Otoh list access races are possible between __get_maptrack_handle() and
+put_maptrack_handle(), due to the invocation of the former for other
+than current from steal_maptrack_handle(). Introduce a per-vCPU lock
+for list accesses to become race free again. This lock will be
+uncontended except when it becomes necessary to take the steal path,
+i.e. in the common case there should be no meaningful performance
+impact.
+
+When in get_maptrack_handle adds a stolen entry to a fresh, empty,
+freelist, we think that there is probably no concurrency. However,
+this is not a fast path and adding the locking there makes the code
+clearly correct.
+
+Also, while we are here: the stolen maptrack_entry's tail pointer was
+not properly set. Set it.
+
+This is XSA-228.
+
+Reported-by: Ian Jackson <ian.jackson@eu.citrix.com>
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
+
+---
+
+--- xen-4.8.1.orig/docs/misc/grant-tables.txt
++++ xen-4.8.1/docs/misc/grant-tables.txt
+@@ -87,7 +87,8 @@ is complete.
+ inconsistent grant table state such as current
+ version, partially initialized active table pages,
+ etc.
+- grant_table->maptrack_lock : spinlock used to protect the maptrack free list
++ grant_table->maptrack_lock : spinlock used to protect the maptrack limit
++ v->maptrack_freelist_lock : spinlock used to protect the maptrack free list
+ active_grant_entry->lock : spinlock used to serialize modifications to
+ active entries
+
+@@ -102,6 +103,10 @@ is complete.
+ The maptrack free list is protected by its own spinlock. The maptrack
+ lock may be locked while holding the grant table lock.
+
++ The maptrack_freelist_lock is an innermost lock. It may be locked
++ while holding other locks, but no other locks may be acquired within
++ it.
++
+ Active entries are obtained by calling active_entry_acquire(gt, ref).
+ This function returns a pointer to the active entry after locking its
+ spinlock. The caller must hold the grant table read lock before
+--- xen-4.8.1.orig/xen/common/grant_table.c
++++ xen-4.8.1/xen/common/grant_table.c
+@@ -304,11 +304,16 @@ __get_maptrack_handle(
+ {
+ unsigned int head, next, prev_head;
+
++ spin_lock(&v->maptrack_freelist_lock);
++
+ do {
+ /* No maptrack pages allocated for this VCPU yet? */
+ head = read_atomic(&v->maptrack_head);
+ if ( unlikely(head == MAPTRACK_TAIL) )
++ {
++ spin_unlock(&v->maptrack_freelist_lock);
+ return -1;
++ }
+
+ /*
+ * Always keep one entry in the free list to make it easier to
+@@ -316,12 +321,17 @@ __get_maptrack_handle(
+ */
+ next = read_atomic(&maptrack_entry(t, head).ref);
+ if ( unlikely(next == MAPTRACK_TAIL) )
++ {
++ spin_unlock(&v->maptrack_freelist_lock);
+ return -1;
++ }
+
+ prev_head = head;
+ head = cmpxchg(&v->maptrack_head, prev_head, next);
+ } while ( head != prev_head );
+
++ spin_unlock(&v->maptrack_freelist_lock);
++
+ return head;
+ }
+
+@@ -380,6 +390,8 @@ put_maptrack_handle(
+ /* 2. Add entry to the tail of the list on the original VCPU. */
+ v = currd->vcpu[maptrack_entry(t, handle).vcpu];
+
++ spin_lock(&v->maptrack_freelist_lock);
++
+ cur_tail = read_atomic(&v->maptrack_tail);
+ do {
+ prev_tail = cur_tail;
+@@ -388,6 +400,8 @@ put_maptrack_handle(
+
+ /* 3. Update the old tail entry to point to the new entry. */
+ write_atomic(&maptrack_entry(t, prev_tail).ref, handle);
++
++ spin_unlock(&v->maptrack_freelist_lock);
+ }
+
+ static inline int
+@@ -411,10 +425,6 @@ get_maptrack_handle(
+ */
+ if ( nr_maptrack_frames(lgt) >= max_maptrack_frames )
+ {
+- /*
+- * Can drop the lock since no other VCPU can be adding a new
+- * frame once they've run out.
+- */
+ spin_unlock(&lgt->maptrack_lock);
+
+ /*
+@@ -426,8 +436,12 @@ get_maptrack_handle(
+ handle = steal_maptrack_handle(lgt, curr);
+ if ( handle == -1 )
+ return -1;
++ spin_lock(&curr->maptrack_freelist_lock);
++ maptrack_entry(lgt, handle).ref = MAPTRACK_TAIL;
+ curr->maptrack_tail = handle;
+- write_atomic(&curr->maptrack_head, handle);
++ if ( curr->maptrack_head == MAPTRACK_TAIL )
++ write_atomic(&curr->maptrack_head, handle);
++ spin_unlock(&curr->maptrack_freelist_lock);
+ }
+ return steal_maptrack_handle(lgt, curr);
+ }
+@@ -460,12 +474,15 @@ get_maptrack_handle(
+ smp_wmb();
+ lgt->maptrack_limit += MAPTRACK_PER_PAGE;
+
++ spin_unlock(&lgt->maptrack_lock);
++ spin_lock(&curr->maptrack_freelist_lock);
++
+ do {
+ new_mt[i - 1].ref = read_atomic(&curr->maptrack_head);
+ head = cmpxchg(&curr->maptrack_head, new_mt[i - 1].ref, handle + 1);
+ } while ( head != new_mt[i - 1].ref );
+
+- spin_unlock(&lgt->maptrack_lock);
++ spin_unlock(&curr->maptrack_freelist_lock);
+
+ return handle;
+ }
+@@ -3508,6 +3525,7 @@ grant_table_destroy(
+
+ void grant_table_init_vcpu(struct vcpu *v)
+ {
++ spin_lock_init(&v->maptrack_freelist_lock);
+ v->maptrack_head = MAPTRACK_TAIL;
+ v->maptrack_tail = MAPTRACK_TAIL;
+ }
+--- xen-4.8.1.orig/xen/include/xen/grant_table.h
++++ xen-4.8.1/xen/include/xen/grant_table.h
+@@ -78,7 +78,7 @@ struct grant_table {
+ /* Mapping tracking table per vcpu. */
+ struct grant_mapping **maptrack;
+ unsigned int maptrack_limit;
+- /* Lock protecting the maptrack page list, head, and limit */
++ /* Lock protecting the maptrack limit */
+ spinlock_t maptrack_lock;
+ /* The defined versions are 1 and 2. Set to 0 if we don't know
+ what version to use yet. */
+--- xen-4.8.1.orig/xen/include/xen/sched.h
++++ xen-4.8.1/xen/include/xen/sched.h
+@@ -223,6 +223,7 @@ struct vcpu
+ int controller_pause_count;
+
+ /* Maptrack */
++ spinlock_t maptrack_freelist_lock;
+ unsigned int maptrack_head;
+ unsigned int maptrack_tail;
+
--- /dev/null
+From: Jan Beulich <jbeulich@suse.com>
+Date: Tue, 20 Jun 2017 13:24:40 +0100
+X-Dgit-Generated: 4.8.1-1+deb9u2 639e3990fb7a1ca84665400f258eca0ef04d001b
+Subject: guest_physmap_remove_page() needs its return value checked
+
+Callers, namely such subsequently freeing the page, must not blindly
+assume success - the function may namely fail when needing to shatter a
+super page, but there not being memory available for the then needed
+intermediate page table.
+
+As it happens, guest_remove_page() callers now also all check the
+return value.
+
+Furthermore a missed put_gfn() on an error path in gnttab_transfer() is
+also being taken care of.
+
+This is part of XSA-222.
+
+Reported-by: Julien Grall <julien.grall@arm.com>
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Signed-off-by: Julien Grall <julien.grall@arm.com>
+Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
+
+---
+
+--- xen-4.8.1.orig/xen/arch/arm/mm.c
++++ xen-4.8.1/xen/arch/arm/mm.c
+@@ -1340,13 +1340,14 @@ int replace_grant_host_mapping(unsigned
+ {
+ gfn_t gfn = _gfn(addr >> PAGE_SHIFT);
+ struct domain *d = current->domain;
++ int rc;
+
+ if ( new_addr != 0 || (flags & GNTMAP_contains_pte) )
+ return GNTST_general_error;
+
+- guest_physmap_remove_page(d, gfn, _mfn(mfn), 0);
++ rc = guest_physmap_remove_page(d, gfn, _mfn(mfn), 0);
+
+- return GNTST_okay;
++ return rc ? GNTST_general_error : GNTST_okay;
+ }
+
+ int is_iomem_page(unsigned long mfn)
+--- xen-4.8.1.orig/xen/arch/arm/p2m.c
++++ xen-4.8.1/xen/arch/arm/p2m.c
+@@ -1211,11 +1211,10 @@ int guest_physmap_add_entry(struct domai
+ return p2m_insert_mapping(d, gfn, (1 << page_order), mfn, t);
+ }
+
+-void guest_physmap_remove_page(struct domain *d,
+- gfn_t gfn,
+- mfn_t mfn, unsigned int page_order)
++int guest_physmap_remove_page(struct domain *d, gfn_t gfn, mfn_t mfn,
++ unsigned int page_order)
+ {
+- p2m_remove_mapping(d, gfn, (1 << page_order), mfn);
++ return p2m_remove_mapping(d, gfn, (1 << page_order), mfn);
+ }
+
+ static int p2m_alloc_table(struct domain *d)
+--- xen-4.8.1.orig/xen/arch/x86/domain.c
++++ xen-4.8.1/xen/arch/x86/domain.c
+@@ -808,7 +808,15 @@ int arch_domain_soft_reset(struct domain
+ ret = -ENOMEM;
+ goto exit_put_gfn;
+ }
+- guest_physmap_remove_page(d, _gfn(gfn), _mfn(mfn), PAGE_ORDER_4K);
++
++ ret = guest_physmap_remove_page(d, _gfn(gfn), _mfn(mfn), PAGE_ORDER_4K);
++ if ( ret )
++ {
++ printk(XENLOG_G_ERR "Failed to remove Dom%d's shared_info frame %lx\n",
++ d->domain_id, gfn);
++ free_domheap_page(new_page);
++ goto exit_put_gfn;
++ }
+
+ ret = guest_physmap_add_page(d, _gfn(gfn), _mfn(page_to_mfn(new_page)),
+ PAGE_ORDER_4K);
+--- xen-4.8.1.orig/xen/arch/x86/domain_build.c
++++ xen-4.8.1/xen/arch/x86/domain_build.c
+@@ -427,7 +427,9 @@ static __init void pvh_add_mem_mapping(s
+ if ( !iomem_access_permitted(d, mfn + i, mfn + i) )
+ {
+ omfn = get_gfn_query_unlocked(d, gfn + i, &t);
+- guest_physmap_remove_page(d, _gfn(gfn + i), omfn, PAGE_ORDER_4K);
++ if ( guest_physmap_remove_page(d, _gfn(gfn + i), omfn,
++ PAGE_ORDER_4K) )
++ /* nothing, best effort only */;
+ continue;
+ }
+
+--- xen-4.8.1.orig/xen/arch/x86/hvm/ioreq.c
++++ xen-4.8.1/xen/arch/x86/hvm/ioreq.c
+@@ -267,8 +267,9 @@ bool_t is_ioreq_server_page(struct domai
+ static void hvm_remove_ioreq_gmfn(
+ struct domain *d, struct hvm_ioreq_page *iorp)
+ {
+- guest_physmap_remove_page(d, _gfn(iorp->gmfn),
+- _mfn(page_to_mfn(iorp->page)), 0);
++ if ( guest_physmap_remove_page(d, _gfn(iorp->gmfn),
++ _mfn(page_to_mfn(iorp->page)), 0) )
++ domain_crash(d);
+ clear_page(iorp->va);
+ }
+
+--- xen-4.8.1.orig/xen/arch/x86/mm.c
++++ xen-4.8.1/xen/arch/x86/mm.c
+@@ -4276,7 +4276,11 @@ static int replace_grant_p2m_mapping(
+ type, mfn_x(old_mfn), frame);
+ return GNTST_general_error;
+ }
+- guest_physmap_remove_page(d, _gfn(gfn), _mfn(frame), PAGE_ORDER_4K);
++ if ( guest_physmap_remove_page(d, _gfn(gfn), _mfn(frame), PAGE_ORDER_4K) )
++ {
++ put_gfn(d, gfn);
++ return GNTST_general_error;
++ }
+
+ put_gfn(d, gfn);
+ return GNTST_okay;
+@@ -4801,7 +4805,7 @@ int xenmem_add_to_physmap_one(
+ struct page_info *page = NULL;
+ unsigned long gfn = 0; /* gcc ... */
+ unsigned long prev_mfn, mfn = 0, old_gpfn;
+- int rc;
++ int rc = 0;
+ p2m_type_t p2mt;
+
+ switch ( space )
+@@ -4875,25 +4879,30 @@ int xenmem_add_to_physmap_one(
+ {
+ if ( is_xen_heap_mfn(prev_mfn) )
+ /* Xen heap frames are simply unhooked from this phys slot. */
+- guest_physmap_remove_page(d, gpfn, _mfn(prev_mfn), PAGE_ORDER_4K);
++ rc = guest_physmap_remove_page(d, gpfn, _mfn(prev_mfn), PAGE_ORDER_4K);
+ else
+ /* Normal domain memory is freed, to avoid leaking memory. */
+- guest_remove_page(d, gfn_x(gpfn));
++ rc = guest_remove_page(d, gfn_x(gpfn));
+ }
+ /* In the XENMAPSPACE_gmfn case we still hold a ref on the old page. */
+ put_gfn(d, gfn_x(gpfn));
+
++ if ( rc )
++ goto put_both;
++
+ /* Unmap from old location, if any. */
+ old_gpfn = get_gpfn_from_mfn(mfn);
+ ASSERT( old_gpfn != SHARED_M2P_ENTRY );
+ if ( space == XENMAPSPACE_gmfn || space == XENMAPSPACE_gmfn_range )
+ ASSERT( old_gpfn == gfn );
+ if ( old_gpfn != INVALID_M2P_ENTRY )
+- guest_physmap_remove_page(d, _gfn(old_gpfn), _mfn(mfn), PAGE_ORDER_4K);
++ rc = guest_physmap_remove_page(d, _gfn(old_gpfn), _mfn(mfn), PAGE_ORDER_4K);
+
+ /* Map at new location. */
+- rc = guest_physmap_add_page(d, gpfn, _mfn(mfn), PAGE_ORDER_4K);
++ if ( !rc )
++ rc = guest_physmap_add_page(d, gpfn, _mfn(mfn), PAGE_ORDER_4K);
+
++ put_both:
+ /* In the XENMAPSPACE_gmfn, we took a ref of the gfn at the top */
+ if ( space == XENMAPSPACE_gmfn || space == XENMAPSPACE_gmfn_range )
+ put_gfn(d, gfn);
+--- xen-4.8.1.orig/xen/arch/x86/mm/p2m.c
++++ xen-4.8.1/xen/arch/x86/mm/p2m.c
+@@ -2925,10 +2925,12 @@ int p2m_add_foreign(struct domain *tdom,
+ {
+ if ( is_xen_heap_mfn(mfn_x(prev_mfn)) )
+ /* Xen heap frames are simply unhooked from this phys slot */
+- guest_physmap_remove_page(tdom, _gfn(gpfn), prev_mfn, 0);
++ rc = guest_physmap_remove_page(tdom, _gfn(gpfn), prev_mfn, 0);
+ else
+ /* Normal domain memory is freed, to avoid leaking memory. */
+- guest_remove_page(tdom, gpfn);
++ rc = guest_remove_page(tdom, gpfn);
++ if ( rc )
++ goto put_both;
+ }
+ /*
+ * Create the new mapping. Can't use guest_physmap_add_page() because it
+@@ -2941,6 +2943,7 @@ int p2m_add_foreign(struct domain *tdom,
+ "gpfn:%lx mfn:%lx fgfn:%lx td:%d fd:%d\n",
+ gpfn, mfn_x(mfn), fgfn, tdom->domain_id, fdom->domain_id);
+
++ put_both:
+ put_page(page);
+
+ /*
+--- xen-4.8.1.orig/xen/common/grant_table.c
++++ xen-4.8.1/xen/common/grant_table.c
+@@ -1804,6 +1804,7 @@ gnttab_transfer(
+ for ( i = 0; i < count; i++ )
+ {
+ bool_t okay;
++ int rc;
+
+ if (i && hypercall_preempt_check())
+ return i;
+@@ -1854,27 +1855,33 @@ gnttab_transfer(
+ goto copyback;
+ }
+
+- guest_physmap_remove_page(d, _gfn(gop.mfn), _mfn(mfn), 0);
++ rc = guest_physmap_remove_page(d, _gfn(gop.mfn), _mfn(mfn), 0);
+ gnttab_flush_tlb(d);
++ if ( rc )
++ {
++ gdprintk(XENLOG_INFO,
++ "gnttab_transfer: can't remove GFN %"PRI_xen_pfn" (MFN %lx)\n",
++ gop.mfn, mfn);
++ gop.status = GNTST_general_error;
++ goto put_gfn_and_copyback;
++ }
+
+ /* Find the target domain. */
+ if ( unlikely((e = rcu_lock_domain_by_id(gop.domid)) == NULL) )
+ {
+- put_gfn(d, gop.mfn);
+ gdprintk(XENLOG_INFO, "gnttab_transfer: can't find domain %d\n",
+ gop.domid);
+- page->count_info &= ~(PGC_count_mask|PGC_allocated);
+- free_domheap_page(page);
+ gop.status = GNTST_bad_domain;
+- goto copyback;
++ goto put_gfn_and_copyback;
+ }
+
+ if ( xsm_grant_transfer(XSM_HOOK, d, e) )
+ {
+- put_gfn(d, gop.mfn);
+ gop.status = GNTST_permission_denied;
+ unlock_and_copyback:
+ rcu_unlock_domain(e);
++ put_gfn_and_copyback:
++ put_gfn(d, gop.mfn);
+ page->count_info &= ~(PGC_count_mask|PGC_allocated);
+ free_domheap_page(page);
+ goto copyback;
+@@ -1923,12 +1930,8 @@ gnttab_transfer(
+ "Transferee (d%d) has no headroom (tot %u, max %u)\n",
+ e->domain_id, e->tot_pages, e->max_pages);
+
+- rcu_unlock_domain(e);
+- put_gfn(d, gop.mfn);
+- page->count_info &= ~(PGC_count_mask|PGC_allocated);
+- free_domheap_page(page);
+ gop.status = GNTST_general_error;
+- goto copyback;
++ goto unlock_and_copyback;
+ }
+
+ /* Okay, add the page to 'e'. */
+@@ -1957,13 +1960,8 @@ gnttab_transfer(
+
+ if ( drop_dom_ref )
+ put_domain(e);
+- rcu_unlock_domain(e);
+-
+- put_gfn(d, gop.mfn);
+- page->count_info &= ~(PGC_count_mask|PGC_allocated);
+- free_domheap_page(page);
+ gop.status = GNTST_general_error;
+- goto copyback;
++ goto unlock_and_copyback;
+ }
+
+ page_list_add_tail(page, &e->page_list);
+--- xen-4.8.1.orig/xen/common/memory.c
++++ xen-4.8.1/xen/common/memory.c
+@@ -270,8 +270,12 @@ int guest_remove_page(struct domain *d,
+ mfn = get_gfn_query(d, gmfn, &p2mt);
+ if ( unlikely(p2m_is_paging(p2mt)) )
+ {
+- guest_physmap_remove_page(d, _gfn(gmfn), mfn, 0);
++ rc = guest_physmap_remove_page(d, _gfn(gmfn), mfn, 0);
+ put_gfn(d, gmfn);
++
++ if ( rc )
++ return rc;
++
+ /* If the page hasn't yet been paged out, there is an
+ * actual page that needs to be released. */
+ if ( p2mt == p2m_ram_paging_out )
+@@ -335,7 +339,9 @@ int guest_remove_page(struct domain *d,
+ return -ENXIO;
+ }
+
+- if ( test_and_clear_bit(_PGT_pinned, &page->u.inuse.type_info) )
++ rc = guest_physmap_remove_page(d, _gfn(gmfn), mfn, 0);
++
++ if ( !rc && test_and_clear_bit(_PGT_pinned, &page->u.inuse.type_info) )
+ put_page_and_type(page);
+
+ /*
+@@ -346,16 +352,14 @@ int guest_remove_page(struct domain *d,
+ * For this purpose (and to match populate_physmap() behavior), the page
+ * is kept allocated.
+ */
+- if ( !is_domain_direct_mapped(d) &&
++ if ( !rc && !is_domain_direct_mapped(d) &&
+ test_and_clear_bit(_PGC_allocated, &page->count_info) )
+ put_page(page);
+
+- guest_physmap_remove_page(d, _gfn(gmfn), mfn, 0);
+-
+ put_page(page);
+ put_gfn(d, gmfn);
+
+- return 0;
++ return rc;
+ }
+
+ static void decrease_reservation(struct memop_args *a)
+@@ -590,7 +594,8 @@ static long memory_exchange(XEN_GUEST_HA
+ gfn = mfn_to_gmfn(d, mfn);
+ /* Pages were unshared above */
+ BUG_ON(SHARED_M2P(gfn));
+- guest_physmap_remove_page(d, _gfn(gfn), _mfn(mfn), 0);
++ if ( guest_physmap_remove_page(d, _gfn(gfn), _mfn(mfn), 0) )
++ domain_crash(d);
+ put_page(page);
+ }
+
+@@ -1146,8 +1151,8 @@ long do_memory_op(unsigned long cmd, XEN
+ page = get_page_from_gfn(d, xrfp.gpfn, NULL, P2M_ALLOC);
+ if ( page )
+ {
+- guest_physmap_remove_page(d, _gfn(xrfp.gpfn),
+- _mfn(page_to_mfn(page)), 0);
++ rc = guest_physmap_remove_page(d, _gfn(xrfp.gpfn),
++ _mfn(page_to_mfn(page)), 0);
+ put_page(page);
+ }
+ else
+--- xen-4.8.1.orig/xen/drivers/passthrough/arm/smmu.c
++++ xen-4.8.1/xen/drivers/passthrough/arm/smmu.c
+@@ -2786,9 +2786,7 @@ static int __must_check arm_smmu_unmap_p
+ if ( !is_domain_direct_mapped(d) )
+ return -EINVAL;
+
+- guest_physmap_remove_page(d, _gfn(gfn), _mfn(gfn), 0);
+-
+- return 0;
++ return guest_physmap_remove_page(d, _gfn(gfn), _mfn(gfn), 0);
+ }
+
+ static const struct iommu_ops arm_smmu_iommu_ops = {
+--- xen-4.8.1.orig/xen/include/asm-arm/p2m.h
++++ xen-4.8.1/xen/include/asm-arm/p2m.h
+@@ -268,10 +268,6 @@ static inline int guest_physmap_add_page
+ return guest_physmap_add_entry(d, gfn, mfn, page_order, p2m_ram_rw);
+ }
+
+-void guest_physmap_remove_page(struct domain *d,
+- gfn_t gfn,
+- mfn_t mfn, unsigned int page_order);
+-
+ mfn_t gfn_to_mfn(struct domain *d, gfn_t gfn);
+
+ /*
+--- xen-4.8.1.orig/xen/include/asm-x86/p2m.h
++++ xen-4.8.1/xen/include/asm-x86/p2m.h
+@@ -561,10 +561,6 @@ static inline int guest_physmap_add_page
+ return guest_physmap_add_entry(d, gfn, mfn, page_order, p2m_ram_rw);
+ }
+
+-/* Remove a page from a domain's p2m table */
+-int guest_physmap_remove_page(struct domain *d,
+- gfn_t gfn, mfn_t mfn, unsigned int page_order);
+-
+ /* Set a p2m range as populate-on-demand */
+ int guest_physmap_mark_populate_on_demand(struct domain *d, unsigned long gfn,
+ unsigned int order);
+--- xen-4.8.1.orig/xen/include/xen/mm.h
++++ xen-4.8.1/xen/include/xen/mm.h
+@@ -554,7 +554,7 @@ int xenmem_add_to_physmap_one(struct dom
+ unsigned long idx, gfn_t gfn);
+
+ /* Returns 0 on success, or negative on error. */
+-int guest_remove_page(struct domain *d, unsigned long gmfn);
++int __must_check guest_remove_page(struct domain *d, unsigned long gmfn);
+
+ #define RAM_TYPE_CONVENTIONAL 0x00000001
+ #define RAM_TYPE_RESERVED 0x00000002
+--- xen-4.8.1.orig/xen/include/xen/p2m-common.h
++++ xen-4.8.1/xen/include/xen/p2m-common.h
+@@ -1,6 +1,7 @@
+ #ifndef _XEN_P2M_COMMON_H
+ #define _XEN_P2M_COMMON_H
+
++#include <xen/mm.h>
+ #include <public/vm_event.h>
+
+ /*
+@@ -33,6 +34,11 @@ typedef enum {
+ /* NOTE: Assumed to be only 4 bits right now on x86. */
+ } p2m_access_t;
+
++/* Remove a page from a domain's p2m table */
++int __must_check
++guest_physmap_remove_page(struct domain *d, gfn_t gfn, mfn_t mfn,
++ unsigned int page_order);
++
+ /* Map MMIO regions in the p2m: start_gfn and nr describe the range in
+ * * the guest physical address space to map, starting from the machine
+ * * frame number mfn. */
--- /dev/null
+From: Jan Beulich <jbeulich@suse.com>
+Date: Tue, 2 May 2017 12:18:35 +0100
+X-Dgit-Generated: 4.8.1-1+deb9u1 993a6534cae6d9ca2793799cfe369c9b3694ee1e
+Subject: multicall: deal with early exit conditions
+
+In particular changes to guest privilege level require the multicall
+sequence to be aborted, as hypercalls are permitted from kernel mode
+only. While likely not very useful in a multicall, also properly handle
+the return value in the HYPERVISOR_iret case (which should be the guest
+specified value).
+
+This is XSA-213.
+
+Reported-by: Jann Horn <jannh@google.com>
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
+Acked-by: Julien Grall <julien.grall@arm.com>
+
+---
+
+--- xen-4.8.1.orig/xen/arch/arm/traps.c
++++ xen-4.8.1/xen/arch/arm/traps.c
+@@ -1531,7 +1531,7 @@ static bool_t check_multicall_32bit_clea
+ return true;
+ }
+
+-void arch_do_multicall_call(struct mc_state *state)
++enum mc_disposition arch_do_multicall_call(struct mc_state *state)
+ {
+ struct multicall_entry *multi = &state->call;
+ arm_hypercall_fn_t call = NULL;
+@@ -1539,23 +1539,26 @@ void arch_do_multicall_call(struct mc_st
+ if ( multi->op >= ARRAY_SIZE(arm_hypercall_table) )
+ {
+ multi->result = -ENOSYS;
+- return;
++ return mc_continue;
+ }
+
+ call = arm_hypercall_table[multi->op].fn;
+ if ( call == NULL )
+ {
+ multi->result = -ENOSYS;
+- return;
++ return mc_continue;
+ }
+
+ if ( is_32bit_domain(current->domain) &&
+ !check_multicall_32bit_clean(multi) )
+- return;
++ return mc_continue;
+
+ multi->result = call(multi->args[0], multi->args[1],
+ multi->args[2], multi->args[3],
+ multi->args[4]);
++
++ return likely(!psr_mode_is_user(guest_cpu_user_regs()))
++ ? mc_continue : mc_preempt;
+ }
+
+ /*
+--- xen-4.8.1.orig/xen/arch/x86/hypercall.c
++++ xen-4.8.1/xen/arch/x86/hypercall.c
+@@ -255,15 +255,19 @@ void pv_hypercall(struct cpu_user_regs *
+ perfc_incr(hypercalls);
+ }
+
+-void arch_do_multicall_call(struct mc_state *state)
++enum mc_disposition arch_do_multicall_call(struct mc_state *state)
+ {
+- if ( !is_pv_32bit_vcpu(current) )
++ struct vcpu *curr = current;
++ unsigned long op;
++
++ if ( !is_pv_32bit_vcpu(curr) )
+ {
+ struct multicall_entry *call = &state->call;
+
+- if ( (call->op < ARRAY_SIZE(pv_hypercall_table)) &&
+- pv_hypercall_table[call->op].native )
+- call->result = pv_hypercall_table[call->op].native(
++ op = call->op;
++ if ( (op < ARRAY_SIZE(pv_hypercall_table)) &&
++ pv_hypercall_table[op].native )
++ call->result = pv_hypercall_table[op].native(
+ call->args[0], call->args[1], call->args[2],
+ call->args[3], call->args[4], call->args[5]);
+ else
+@@ -274,15 +278,21 @@ void arch_do_multicall_call(struct mc_st
+ {
+ struct compat_multicall_entry *call = &state->compat_call;
+
+- if ( (call->op < ARRAY_SIZE(pv_hypercall_table)) &&
+- pv_hypercall_table[call->op].compat )
+- call->result = pv_hypercall_table[call->op].compat(
++ op = call->op;
++ if ( (op < ARRAY_SIZE(pv_hypercall_table)) &&
++ pv_hypercall_table[op].compat )
++ call->result = pv_hypercall_table[op].compat(
+ call->args[0], call->args[1], call->args[2],
+ call->args[3], call->args[4], call->args[5]);
+ else
+ call->result = -ENOSYS;
+ }
+ #endif
++
++ return unlikely(op == __HYPERVISOR_iret)
++ ? mc_exit
++ : likely(guest_kernel_mode(curr, guest_cpu_user_regs()))
++ ? mc_continue : mc_preempt;
+ }
+
+ /*
+--- xen-4.8.1.orig/xen/common/multicall.c
++++ xen-4.8.1/xen/common/multicall.c
+@@ -40,6 +40,7 @@ do_multicall(
+ struct mc_state *mcs = ¤t->mc_state;
+ uint32_t i;
+ int rc = 0;
++ enum mc_disposition disp = mc_continue;
+
+ if ( unlikely(__test_and_set_bit(_MCSF_in_multicall, &mcs->flags)) )
+ {
+@@ -50,7 +51,7 @@ do_multicall(
+ if ( unlikely(!guest_handle_okay(call_list, nr_calls)) )
+ rc = -EFAULT;
+
+- for ( i = 0; !rc && i < nr_calls; i++ )
++ for ( i = 0; !rc && disp == mc_continue && i < nr_calls; i++ )
+ {
+ if ( i && hypercall_preempt_check() )
+ goto preempted;
+@@ -63,7 +64,7 @@ do_multicall(
+
+ trace_multicall_call(&mcs->call);
+
+- arch_do_multicall_call(mcs);
++ disp = arch_do_multicall_call(mcs);
+
+ #ifndef NDEBUG
+ {
+@@ -77,7 +78,14 @@ do_multicall(
+ }
+ #endif
+
+- if ( unlikely(__copy_field_to_guest(call_list, &mcs->call, result)) )
++ if ( unlikely(disp == mc_exit) )
++ {
++ if ( __copy_field_to_guest(call_list, &mcs->call, result) )
++ /* nothing, best effort only */;
++ rc = mcs->call.result;
++ }
++ else if ( unlikely(__copy_field_to_guest(call_list, &mcs->call,
++ result)) )
+ rc = -EFAULT;
+ else if ( mcs->flags & MCSF_call_preempted )
+ {
+@@ -93,6 +101,9 @@ do_multicall(
+ guest_handle_add_offset(call_list, 1);
+ }
+
++ if ( unlikely(disp == mc_preempt) && i < nr_calls )
++ goto preempted;
++
+ perfc_incr(calls_to_multicall);
+ perfc_add(calls_from_multicall, i);
+ mcs->flags = 0;
+--- xen-4.8.1.orig/xen/include/xen/multicall.h
++++ xen-4.8.1/xen/include/xen/multicall.h
+@@ -24,6 +24,10 @@ struct mc_state {
+ };
+ };
+
+-void arch_do_multicall_call(struct mc_state *mc);
++enum mc_disposition {
++ mc_continue,
++ mc_exit,
++ mc_preempt,
++} arch_do_multicall_call(struct mc_state *mc);
+
+ #endif /* __XEN_MULTICALL_H__ */
--- /dev/null
+From: Ian Jackson <ian.jackson@citrix.com>
+Date: Fri, 28 Oct 2016 14:52:13 +0100
+X-Dgit-Generated: 4.8.1-1 b1ceff30c4420ee49c49761e183b4ee2a66e3ed4
+Subject: Rerun autogen.sh (stretch)
+
+Using autoconf 2.69-10 (amd64)
+
+Signed-off-by: Ian Jackson <ian.jackson@citrix.com>
+
+---
+
+--- xen-4.8.1.orig/configure
++++ xen-4.8.1/configure
+@@ -641,6 +641,7 @@ infodir
+ docdir
+ oldincludedir
+ includedir
++runstatedir
+ localstatedir
+ sharedstatedir
+ sysconfdir
+@@ -717,6 +718,7 @@ datadir='${datarootdir}'
+ sysconfdir='${prefix}/etc'
+ sharedstatedir='${prefix}/com'
+ localstatedir='${prefix}/var'
++runstatedir='${localstatedir}/run'
+ includedir='${prefix}/include'
+ oldincludedir='/usr/include'
+ docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
+@@ -969,6 +971,15 @@ do
+ | -silent | --silent | --silen | --sile | --sil)
+ silent=yes ;;
+
++ -runstatedir | --runstatedir | --runstatedi | --runstated \
++ | --runstate | --runstat | --runsta | --runst | --runs \
++ | --run | --ru | --r)
++ ac_prev=runstatedir ;;
++ -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
++ | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
++ | --run=* | --ru=* | --r=*)
++ runstatedir=$ac_optarg ;;
++
+ -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
+ ac_prev=sbindir ;;
+ -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
+@@ -1106,7 +1117,7 @@ fi
+ for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
+ datadir sysconfdir sharedstatedir localstatedir includedir \
+ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
+- libdir localedir mandir
++ libdir localedir mandir runstatedir
+ do
+ eval ac_val=\$$ac_var
+ # Remove trailing slashes.
+@@ -1259,6 +1270,7 @@ Fine tuning of the installation director
+ --sysconfdir=DIR read-only single-machine data [PREFIX/etc]
+ --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
+ --localstatedir=DIR modifiable single-machine data [PREFIX/var]
++ --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run]
+ --libdir=DIR object code libraries [EPREFIX/lib]
+ --includedir=DIR C header files [PREFIX/include]
+ --oldincludedir=DIR C header files for non-gcc [/usr/include]
+--- xen-4.8.1.orig/docs/configure
++++ xen-4.8.1/docs/configure
+@@ -632,6 +632,7 @@ infodir
+ docdir
+ oldincludedir
+ includedir
++runstatedir
+ localstatedir
+ sharedstatedir
+ sysconfdir
+@@ -707,6 +708,7 @@ datadir='${datarootdir}'
+ sysconfdir='${prefix}/etc'
+ sharedstatedir='${prefix}/com'
+ localstatedir='${prefix}/var'
++runstatedir='${localstatedir}/run'
+ includedir='${prefix}/include'
+ oldincludedir='/usr/include'
+ docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
+@@ -959,6 +961,15 @@ do
+ | -silent | --silent | --silen | --sile | --sil)
+ silent=yes ;;
+
++ -runstatedir | --runstatedir | --runstatedi | --runstated \
++ | --runstate | --runstat | --runsta | --runst | --runs \
++ | --run | --ru | --r)
++ ac_prev=runstatedir ;;
++ -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
++ | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
++ | --run=* | --ru=* | --r=*)
++ runstatedir=$ac_optarg ;;
++
+ -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
+ ac_prev=sbindir ;;
+ -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
+@@ -1096,7 +1107,7 @@ fi
+ for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
+ datadir sysconfdir sharedstatedir localstatedir includedir \
+ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
+- libdir localedir mandir
++ libdir localedir mandir runstatedir
+ do
+ eval ac_val=\$$ac_var
+ # Remove trailing slashes.
+@@ -1249,6 +1260,7 @@ Fine tuning of the installation director
+ --sysconfdir=DIR read-only single-machine data [PREFIX/etc]
+ --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
+ --localstatedir=DIR modifiable single-machine data [PREFIX/var]
++ --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run]
+ --libdir=DIR object code libraries [EPREFIX/lib]
+ --includedir=DIR C header files [PREFIX/include]
+ --oldincludedir=DIR C header files for non-gcc [/usr/include]
+--- xen-4.8.1.orig/stubdom/configure
++++ xen-4.8.1/stubdom/configure
+@@ -659,6 +659,7 @@ infodir
+ docdir
+ oldincludedir
+ includedir
++runstatedir
+ localstatedir
+ sharedstatedir
+ sysconfdir
+@@ -748,6 +749,7 @@ datadir='${datarootdir}'
+ sysconfdir='${prefix}/etc'
+ sharedstatedir='${prefix}/com'
+ localstatedir='${prefix}/var'
++runstatedir='${localstatedir}/run'
+ includedir='${prefix}/include'
+ oldincludedir='/usr/include'
+ docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
+@@ -1000,6 +1002,15 @@ do
+ | -silent | --silent | --silen | --sile | --sil)
+ silent=yes ;;
+
++ -runstatedir | --runstatedir | --runstatedi | --runstated \
++ | --runstate | --runstat | --runsta | --runst | --runs \
++ | --run | --ru | --r)
++ ac_prev=runstatedir ;;
++ -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
++ | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
++ | --run=* | --ru=* | --r=*)
++ runstatedir=$ac_optarg ;;
++
+ -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
+ ac_prev=sbindir ;;
+ -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
+@@ -1137,7 +1148,7 @@ fi
+ for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
+ datadir sysconfdir sharedstatedir localstatedir includedir \
+ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
+- libdir localedir mandir
++ libdir localedir mandir runstatedir
+ do
+ eval ac_val=\$$ac_var
+ # Remove trailing slashes.
+@@ -1290,6 +1301,7 @@ Fine tuning of the installation director
+ --sysconfdir=DIR read-only single-machine data [PREFIX/etc]
+ --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
+ --localstatedir=DIR modifiable single-machine data [PREFIX/var]
++ --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run]
+ --libdir=DIR object code libraries [EPREFIX/lib]
+ --includedir=DIR C header files [PREFIX/include]
+ --oldincludedir=DIR C header files for non-gcc [/usr/include]
+--- xen-4.8.1.orig/tools/configure
++++ xen-4.8.1/tools/configure
+@@ -767,6 +767,7 @@ infodir
+ docdir
+ oldincludedir
+ includedir
++runstatedir
+ localstatedir
+ sharedstatedir
+ sysconfdir
+@@ -889,6 +890,7 @@ datadir='${datarootdir}'
+ sysconfdir='${prefix}/etc'
+ sharedstatedir='${prefix}/com'
+ localstatedir='${prefix}/var'
++runstatedir='${localstatedir}/run'
+ includedir='${prefix}/include'
+ oldincludedir='/usr/include'
+ docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
+@@ -1141,6 +1143,15 @@ do
+ | -silent | --silent | --silen | --sile | --sil)
+ silent=yes ;;
+
++ -runstatedir | --runstatedir | --runstatedi | --runstated \
++ | --runstate | --runstat | --runsta | --runst | --runs \
++ | --run | --ru | --r)
++ ac_prev=runstatedir ;;
++ -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
++ | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
++ | --run=* | --ru=* | --r=*)
++ runstatedir=$ac_optarg ;;
++
+ -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
+ ac_prev=sbindir ;;
+ -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
+@@ -1278,7 +1289,7 @@ fi
+ for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
+ datadir sysconfdir sharedstatedir localstatedir includedir \
+ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
+- libdir localedir mandir
++ libdir localedir mandir runstatedir
+ do
+ eval ac_val=\$$ac_var
+ # Remove trailing slashes.
+@@ -1431,6 +1442,7 @@ Fine tuning of the installation director
+ --sysconfdir=DIR read-only single-machine data [PREFIX/etc]
+ --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
+ --localstatedir=DIR modifiable single-machine data [PREFIX/var]
++ --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run]
+ --libdir=DIR object code libraries [EPREFIX/lib]
+ --includedir=DIR C header files [PREFIX/include]
+ --oldincludedir=DIR C header files for non-gcc [/usr/include]
--- /dev/null
+rerun-autogen.sh-stretch
+version.diff
+config-prefix.diff
+tools-libfsimage-abiname.diff
+tools-libxc-abiname.diff
+tools-libxl-abiname.diff
+tools-xenstat-abiname.diff
+tools-rpath.diff
+tools-blktap2-prefix.diff
+tools-console-prefix.diff
+tools-libfsimage-prefix.diff
+tools-libxl-prefix.diff
+tools-misc-prefix.diff
+tools-pygrub-prefix.diff
+tools-python-prefix.diff
+tools-xcutils-rpath.diff
+tools-xenmon-prefix.diff
+tools-xenpaging-prefix.diff
+tools-xenpmd-prefix.diff
+tools-xenstat-prefix.diff
+tools-xenstore-prefix.diff
+tools-xentrace-prefix.diff
+tools-pygrub-remove-static-solaris-support
+tools-include-install.diff
+tools-xenmon-install.diff
+tools-xenstore-compatibility.diff
+ubuntu-tools-libs-abiname.diff
+toolstestsx86_emulator-pass--no-pie--fno
+multicall-deal-with-early-exit-condition
+x86-discard-type-information-when-steali
+x86mm-disallow-page-stealing-from-hvm-do
+gnttab-fix-unmap-pin-accounting-race
+gnttab-avoid-potential-double-put-of-map
+gnttab-correct-maptrack-table-accesses
+x86shadow-hold-references-for-the-durati
+x86-avoid-leaking-pkru-and-bnd-between-v
+evtchn-avoid-null-derefs
+xenmemory-fix-return-value-handing-of-gu
+guest_physmap_remove_page-needs-its-retu
+arm-vgic-dont-update-the-lr-when-the-irq
+gnttab-fix-handling-of-dev_bus_addr-duri
+gnttab-never-create-host-mapping-unless-
+gnttab-correct-logic-to-get-page-referen
+gnttab-__gnttab_unmap_common_complete-is
+xenarm-vgic-sanitize-target-mask-used-to
+gnttab-dont-use-possibly-unbounded-tail-
+gnttab-fix-transitive-grant-handling
+x86grant-disallow-misaligned-ptes
+gnttab-split-maptrack-lock-to-make-it-fu
+gnttab-correct-pin-status-fixup-for-copy
+armmm-release-grant-lock-on-xenmem_add_t
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 5 Jul 2014 11:46:53 +0200
+X-Dgit-Generated: 4.8.1-1 ad82a5763c9d4ebeb72fa838c4abc77b72596370
+Subject: tools-blktap2-prefix.diff
+
+Patch-Name: tools-blktap2-prefix.diff
+
+---
+
+--- xen-4.8.1.orig/tools/blktap2/control/Makefile
++++ xen-4.8.1/tools/blktap2/control/Makefile
+@@ -1,10 +1,7 @@
+ XEN_ROOT := $(CURDIR)/../../../
+ include $(XEN_ROOT)/tools/Rules.mk
+
+-MAJOR = 1.0
+-MINOR = 0
+ LIBNAME = libblktapctl
+-LIBSONAME = $(LIBNAME).so.$(MAJOR)
+
+ IBIN = tap-ctl
+
+@@ -38,39 +35,32 @@ OBJS = $(CTL_OBJS) tap-ctl.o
+ PICS = $(CTL_PICS)
+
+ LIB_STATIC = $(LIBNAME).a
+-LIB_SHARED = $(LIBSONAME).$(MINOR)
++LIB_SHARED = $(LIBNAME).so
+ IBIN = tap-ctl
+
+ all: build
+
+ build: $(IBIN) $(LIB_STATIC) $(LIB_SHARED)
+
+-$(LIBNAME).so: $(LIBSONAME)
+- ln -sf $< $@
+-
+-$(LIBSONAME): $(LIB_SHARED)
+- ln -sf $< $@
+-
+ tap-ctl: tap-ctl.o $(LIBNAME).so
+- $(CC) $(LDFLAGS) -o $@ $^ $(APPEND_LDFLAGS)
++ $(CC) $(LDFLAGS) $(call LDFLAGS_RPATH,../lib) -o $@ $^ $(APPEND_LDFLAGS)
+
+ $(LIB_STATIC): $(CTL_OBJS)
+ $(AR) r $@ $^
+
+ $(LIB_SHARED): $(CTL_PICS)
+- $(CC) $(LDFLAGS) -fPIC -Wl,$(SONAME_LDFLAG) -Wl,$(LIBSONAME) $(SHLIB_LDFLAGS) -rdynamic $^ -o $@ $(APPEND_LDFLAGS)
++ $(CC) $(LDFLAGS) -fPIC $(SHLIB_LDFLAGS) -rdynamic $^ -o $@ $(APPEND_LDFLAGS)
+
+ install: $(IBIN) $(LIB_STATIC) $(LIB_SHARED)
+- $(INSTALL_DIR) -p $(DESTDIR)$(sbindir)
+- $(INSTALL_PROG) $(IBIN) $(DESTDIR)$(sbindir)
++ $(INSTALL_DIR) -p $(DESTDIR)$(libdir)
++ $(INSTALL_DIR) -p $(DESTDIR)$(LIBEXEC_BIN)
++ $(INSTALL_DIR) -p $(DESTDIR)$(LIBEXEC_LIB)
++ $(INSTALL_PROG) $(IBIN) $(DESTDIR)$(LIBEXEC_BIN)
+ $(INSTALL_DATA) $(LIB_STATIC) $(DESTDIR)$(libdir)
+- $(INSTALL_PROG) $(LIB_SHARED) $(DESTDIR)$(libdir)
+- ln -sf $(LIBSONAME) $(DESTDIR)$(libdir)/$(LIBNAME).so
+- ln -sf $(LIB_SHARED) $(DESTDIR)$(libdir)/$(LIBSONAME)
++ $(INSTALL_PROG) $(LIB_SHARED) $(DESTDIR)$(LIBEXEC_LIB)
+
+ clean:
+ rm -f $(OBJS) $(PICS) $(DEPS) $(IBIN) $(LIB_STATIC) $(LIB_SHARED)
+- rm -f $(LIBNAME).so $(LIBSONAME)
+ rm -f *~
+
+ distclean: clean
+--- xen-4.8.1.orig/tools/blktap2/vhd/Makefile
++++ xen-4.8.1/tools/blktap2/vhd/Makefile
+@@ -12,6 +12,7 @@ CFLAGS += -Werror
+ CFLAGS += -Wno-unused
+ CFLAGS += -I../include
+ CFLAGS += -D_GNU_SOURCE
++CFLAGS += $(CFLAGS_libxenctrl)
+
+ ifeq ($(CONFIG_X86_64),y)
+ CFLAGS += -fPIC
+--- xen-4.8.1.orig/tools/blktap2/vhd/lib/Makefile
++++ xen-4.8.1/tools/blktap2/vhd/lib/Makefile
+@@ -2,25 +2,19 @@ XEN_ROOT=$(CURDIR)/../../../..
+ BLKTAP_ROOT := ../..
+ include $(XEN_ROOT)/tools/Rules.mk
+
+-LIBVHD-MAJOR = 1.0
+-LIBVHD-MINOR = 0
+-LIBVHD-SONAME = libvhd.so.$(LIBVHD-MAJOR)
+-
+ LVM-UTIL-OBJ := $(BLKTAP_ROOT)/lvm/lvm-util.o
+
+-LIBVHD-BUILD := libvhd.a
+-
+-INST-DIR = $(libdir)
+-
+ CFLAGS += -Werror
+ CFLAGS += -Wno-unused
+ CFLAGS += -I../../include
+ CFLAGS += -D_GNU_SOURCE
+ CFLAGS += -fPIC
++CFLAGS += $(CFLAGS_libxenctrl)
+
+ ifeq ($(CONFIG_Linux),y)
+ LIBS := -luuid
+ endif
++LDFLAGS += $(LDFLAGS_libxenctrl) $(call LDFLAGS_RPATH)
+
+ ifeq ($(CONFIG_LIBICONV),y)
+ LIBS += -liconv
+@@ -50,27 +44,22 @@ LIB-OBJS += $(LVM-UTIL-OBJ)
+
+ LIB-PICOBJS = $(patsubst %.o,%.opic,$(LIB-OBJS))
+
+-LIBVHD = libvhd.a libvhd.so.$(LIBVHD-MAJOR).$(LIBVHD-MINOR)
++LIBVHD = libvhd.a libvhd.so
+
+ all: build
+
+-build: libvhd.a libvhd.so.$(LIBVHD-MAJOR).$(LIBVHD-MINOR)
++build: libvhd.a libvhd.so
+
+ libvhd.a: $(LIB-OBJS)
+ $(AR) rc $@ $^
+
+-libvhd.so.$(LIBVHD-MAJOR).$(LIBVHD-MINOR): $(LIB-PICOBJS)
+- $(CC) -Wl,$(SONAME_LDFLAG),$(LIBVHD-SONAME) $(SHLIB_LDFLAGS) \
+- $(LDFLAGS) -o libvhd.so.$(LIBVHD-MAJOR).$(LIBVHD-MINOR) $^ $(LIBS)
+- ln -sf libvhd.so.$(LIBVHD-MAJOR).$(LIBVHD-MINOR) libvhd.so.$(LIBVHD-MAJOR)
+- ln -sf libvhd.so.$(LIBVHD-MAJOR) libvhd.so
++libvhd.so: $(LIB-PICOBJS)
++ $(CC) $(SHLIB_LDFLAGS) $(LDFLAGS) -o libvhd.so $^ $(LIBS)
+
+ install: all
+- $(INSTALL_DIR) -p $(DESTDIR)$(INST-DIR)
+- $(INSTALL_DATA) libvhd.a $(DESTDIR)$(INST-DIR)
+- $(INSTALL_PROG) libvhd.so.$(LIBVHD-MAJOR).$(LIBVHD-MINOR) $(DESTDIR)$(INST-DIR)
+- ln -sf libvhd.so.$(LIBVHD-MAJOR).$(LIBVHD-MINOR) $(DESTDIR)$(INST-DIR)/libvhd.so.$(LIBVHD-MAJOR)
+- ln -sf libvhd.so.$(LIBVHD-MAJOR) $(DESTDIR)$(INST-DIR)/libvhd.so
++ $(INSTALL_DIR) -p $(DESTDIR)$(libdir)
++ $(INSTALL_DATA) libvhd.a $(DESTDIR)$(libdir)
++ $(INSTALL_PROG) libvhd.so $(DESTDIR)$(libdir)
+
+ clean:
+ rm -rf *.a *.so* *.o *.opic *~ $(DEPS) $(LIBVHD)
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 5 Jul 2014 11:46:54 +0200
+X-Dgit-Generated: 4.8.1-1 54721627e1abd8f67827b3383ddfa6c174b572b9
+Subject: tools-console-prefix.diff
+
+Patch-Name: tools-console-prefix.diff
+
+---
+
+--- xen-4.8.1.orig/tools/console/Makefile
++++ xen-4.8.1/tools/console/Makefile
+@@ -8,6 +8,7 @@ CFLAGS += $(CFLAGS_libxenstore)
+ LDLIBS += $(LDLIBS_libxenctrl)
+ LDLIBS += $(LDLIBS_libxenstore)
+ LDLIBS += $(SOCKET_LIBS)
++LDFLAGS += $(call LDFLAGS_RPATH,../lib)
+
+ LDLIBS_xenconsoled += $(UTIL_LIBS)
+ LDLIBS_xenconsoled += -lrt
+@@ -44,9 +45,7 @@ $(eval $(genpath-target))
+
+ .PHONY: install
+ install: $(BIN)
+- $(INSTALL_DIR) $(DESTDIR)/$(sbindir)
+- $(INSTALL_PROG) xenconsoled $(DESTDIR)/$(sbindir)
+ $(INSTALL_DIR) $(DESTDIR)$(LIBEXEC_BIN)
+- $(INSTALL_PROG) xenconsole $(DESTDIR)$(LIBEXEC_BIN)
++ $(INSTALL_PROG) xenconsole xenconsoled $(DESTDIR)$(LIBEXEC_BIN)
+
+ -include $(DEPS)
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 5 Jul 2014 11:47:30 +0200
+X-Dgit-Generated: 4.8.1-1 732acd91e545566bca164b886afa82027df7c463
+Subject: tools-include-install.diff
+
+Patch-Name: tools-include-install.diff
+
+---
+
+--- xen-4.8.1.orig/tools/include/Makefile
++++ xen-4.8.1/tools/include/Makefile
+@@ -14,7 +14,6 @@ xen-foreign:
+ xen/.dir:
+ @rm -rf xen
+ mkdir -p xen/libelf
+- ln -sf $(XEN_ROOT)/xen/include/public/COPYING xen
+ ln -sf $(wildcard $(XEN_ROOT)/xen/include/public/*.h) xen
+ ln -sf $(addprefix $(XEN_ROOT)/xen/include/public/,arch-x86 arch-arm hvm io xsm) xen
+ ln -sf ../xen-sys/$(XEN_OS) xen/sys
+@@ -43,7 +42,6 @@ install: all
+ $(INSTALL_DIR) $(DESTDIR)$(includedir)/xen/io
+ $(INSTALL_DIR) $(DESTDIR)$(includedir)/xen/sys
+ $(INSTALL_DIR) $(DESTDIR)$(includedir)/xen/xsm
+- $(INSTALL_DATA) xen/COPYING $(DESTDIR)$(includedir)/xen
+ $(INSTALL_DATA) xen/*.h $(DESTDIR)$(includedir)/xen
+ $(INSTALL_DATA) xen/arch-x86/*.h $(DESTDIR)$(includedir)/xen/arch-x86
+ $(INSTALL_DATA) xen/arch-x86/hvm/*.h $(DESTDIR)$(includedir)/xen/arch-x86/hvm
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 5 Jul 2014 11:46:47 +0200
+X-Dgit-Generated: 4.8.1-1 2a020aa59aec69c1d00f3fb8c86b188873e802ea
+Subject: tools-libfsimage-abiname.diff
+
+Patch-Name: tools-libfsimage-abiname.diff
+
+---
+
+--- xen-4.8.1.orig/tools/libfsimage/common/Makefile
++++ xen-4.8.1/tools/libfsimage/common/Makefile
+@@ -1,9 +1,6 @@
+ XEN_ROOT = $(CURDIR)/../../..
+ include $(XEN_ROOT)/tools/libfsimage/Rules.mk
+
+-MAJOR = 1.0
+-MINOR = 0
+-
+ LDFLAGS-$(CONFIG_SunOS) = -Wl,-M -Wl,mapfile-SunOS
+ LDFLAGS-$(CONFIG_Linux) = -Wl,mapfile-GNU
+ LDFLAGS = $(LDFLAGS-y)
+@@ -15,7 +12,7 @@ LIB_SRCS-y = fsimage.c fsimage_plugin.c
+
+ PIC_OBJS := $(patsubst %.c,%.opic,$(LIB_SRCS-y))
+
+-LIB = libfsimage.so libfsimage.so.$(MAJOR) libfsimage.so.$(MAJOR).$(MINOR)
++LIB = libfsimage.so
+
+ .PHONY: all
+ all: $(LIB)
+@@ -24,9 +21,7 @@ all: $(LIB)
+ install: all
+ $(INSTALL_DIR) $(DESTDIR)$(libdir)
+ $(INSTALL_DIR) $(DESTDIR)$(includedir)
+- $(INSTALL_PROG) libfsimage.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)
+- ln -sf libfsimage.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)/libfsimage.so.$(MAJOR)
+- ln -sf libfsimage.so.$(MAJOR) $(DESTDIR)$(libdir)/libfsimage.so
++ $(INSTALL_PROG) libfsimage.so $(DESTDIR)$(libdir)
+ $(INSTALL_DATA) fsimage.h $(DESTDIR)$(includedir)
+ $(INSTALL_DATA) fsimage_plugin.h $(DESTDIR)$(includedir)
+ $(INSTALL_DATA) fsimage_grub.h $(DESTDIR)$(includedir)
+@@ -34,13 +29,8 @@ install: all
+ clean distclean::
+ rm -f $(LIB)
+
+-libfsimage.so: libfsimage.so.$(MAJOR)
+- ln -sf $< $@
+-libfsimage.so.$(MAJOR): libfsimage.so.$(MAJOR).$(MINOR)
+- ln -sf $< $@
+-
+-libfsimage.so.$(MAJOR).$(MINOR): $(PIC_OBJS)
+- $(CC) $(LDFLAGS) -Wl,$(SONAME_LDFLAG) -Wl,libfsimage.so.$(MAJOR) $(SHLIB_LDFLAGS) -o $@ $^ $(PTHREAD_LIBS) $(APPEND_LDFLAGS)
++libfsimage.so: $(PIC_OBJS)
++ $(CC) $(LDFLAGS) -Wl,$(SONAME_LDFLAG),$@ $(SHLIB_LDFLAGS) -o $@ $^ $(PTHREAD_LIBS) $(APPEND_LDFLAGS)
+
+ -include $(DEPS)
+
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 5 Jul 2014 11:46:55 +0200
+X-Dgit-Generated: 4.8.1-1 0fc6ef9d31deed6668d7f18924664cbde155ea85
+Subject: tools-libfsimage-prefix.diff
+
+Patch-Name: tools-libfsimage-prefix.diff
+
+---
+
+--- xen-4.8.1.orig/tools/libfsimage/Rules.mk
++++ xen-4.8.1/tools/libfsimage/Rules.mk
+@@ -3,10 +3,11 @@ include $(XEN_ROOT)/tools/Rules.mk
+ CFLAGS += -Wno-unknown-pragmas -I$(XEN_ROOT)/tools/libfsimage/common/ -DFSIMAGE_FSDIR=\"$(FSDIR)\"
+ CFLAGS += -Werror -D_GNU_SOURCE
+ LDFLAGS += -L../common/
++LDFLAGS += $(call LDFLAGS_RPATH,../..)
+
+ PIC_OBJS := $(patsubst %.c,%.opic,$(LIB_SRCS-y))
+
+-FSDIR = $(libdir)/fs
++FSDIR = $(LIBEXEC_LIB)/fs
+
+ FSLIB = fsimage.so
+
+--- xen-4.8.1.orig/tools/libfsimage/common/Makefile
++++ xen-4.8.1/tools/libfsimage/common/Makefile
+@@ -1,6 +1,8 @@
+ XEN_ROOT = $(CURDIR)/../../..
+ include $(XEN_ROOT)/tools/libfsimage/Rules.mk
+
++CFLAGS += -DFSDIR="\"$(LIBEXEC_LIB)/fs\""
++
+ LDFLAGS-$(CONFIG_SunOS) = -Wl,-M -Wl,mapfile-SunOS
+ LDFLAGS-$(CONFIG_Linux) = -Wl,mapfile-GNU
+ LDFLAGS = $(LDFLAGS-y)
+@@ -19,9 +21,9 @@ all: $(LIB)
+
+ .PHONY: install
+ install: all
+- $(INSTALL_DIR) $(DESTDIR)$(libdir)
++ $(INSTALL_DIR) $(DESTDIR)$(LIBEXEC_LIB)
+ $(INSTALL_DIR) $(DESTDIR)$(includedir)
+- $(INSTALL_PROG) libfsimage.so $(DESTDIR)$(libdir)
++ $(INSTALL_PROG) libfsimage.so $(DESTDIR)$(LIBEXEC_LIB)
+ $(INSTALL_DATA) fsimage.h $(DESTDIR)$(includedir)
+ $(INSTALL_DATA) fsimage_plugin.h $(DESTDIR)$(includedir)
+ $(INSTALL_DATA) fsimage_grub.h $(DESTDIR)$(includedir)
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 5 Jul 2014 11:46:48 +0200
+X-Dgit-Generated: 4.8.1-1 45ad000e7e61a57a78bca482c464c78badbfeab5
+Subject: tools-libxc-abiname.diff
+
+Patch-Name: tools-libxc-abiname.diff
+
+---
+
+--- xen-4.8.1.orig/tools/libxc/Makefile
++++ xen-4.8.1/tools/libxc/Makefile
+@@ -1,9 +1,6 @@
+ XEN_ROOT = $(CURDIR)/../..
+ include $(XEN_ROOT)/tools/Rules.mk
+
+-MAJOR = 4.8
+-MINOR = 0
+-
+ ifeq ($(CONFIG_LIBXC_MINIOS),y)
+ # Save/restore of a domain is currently incompatible with a stubdom environment
+ override CONFIG_MIGRATE := n
+@@ -132,12 +129,12 @@ $(CTRL_LIB_OBJS) $(CTRL_PIC_OBJS): CFLAG
+
+ LIB := libxenctrl.a
+ ifneq ($(nosharedlibs),y)
+-LIB += libxenctrl.so libxenctrl.so.$(MAJOR) libxenctrl.so.$(MAJOR).$(MINOR)
++LIB += libxenctrl.so libxenctrl-$(PACKAGE_VERSION).so
+ endif
+
+ LIB += libxenguest.a
+ ifneq ($(nosharedlibs),y)
+-LIB += libxenguest.so libxenguest.so.$(MAJOR) libxenguest.so.$(MAJOR).$(MINOR)
++LIB += libxenguest.so libxenguest-$(PACKAGE_VERSION).so
+ endif
+
+ genpath-target = $(call buildmakevars2header,_paths.h)
+@@ -171,15 +168,13 @@ libs: $(LIB)
+ install: build
+ $(INSTALL_DIR) $(DESTDIR)$(libdir)
+ $(INSTALL_DIR) $(DESTDIR)$(includedir)
+- $(INSTALL_SHLIB) libxenctrl.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)
++ $(INSTALL_SHLIB) libxenctrl-$(PACKAGE_VERSION).so $(DESTDIR)$(libdir)
++ $(SYMLINK_SHLIB) libxenctrl-$(PACKAGE_VERSION).so $(DESTDIR)$(libdir)/libxenctrl.so
+ $(INSTALL_DATA) libxenctrl.a $(DESTDIR)$(libdir)
+- $(SYMLINK_SHLIB) libxenctrl.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)/libxenctrl.so.$(MAJOR)
+- $(SYMLINK_SHLIB) libxenctrl.so.$(MAJOR) $(DESTDIR)$(libdir)/libxenctrl.so
+ $(INSTALL_DATA) include/xenctrl.h include/xenctrl_compat.h $(DESTDIR)$(includedir)
+- $(INSTALL_SHLIB) libxenguest.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)
++ $(INSTALL_SHLIB) libxenguest-$(PACKAGE_VERSION).so $(DESTDIR)$(libdir)
++ $(SYMLINK_SHLIB) libxenguest-$(PACKAGE_VERSION).so $(DESTDIR)$(libdir)/libxenguest.so
+ $(INSTALL_DATA) libxenguest.a $(DESTDIR)$(libdir)
+- $(SYMLINK_SHLIB) libxenguest.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)/libxenguest.so.$(MAJOR)
+- $(SYMLINK_SHLIB) libxenguest.so.$(MAJOR) $(DESTDIR)$(libdir)/libxenguest.so
+ $(INSTALL_DATA) include/xenguest.h $(DESTDIR)$(includedir)
+
+ .PHONY: TAGS
+@@ -211,22 +206,18 @@ rpm: build
+ libxenctrl.a: $(CTRL_LIB_OBJS)
+ $(AR) rc $@ $^
+
+-libxenctrl.so: libxenctrl.so.$(MAJOR)
+- $(SYMLINK_SHLIB) $< $@
+-libxenctrl.so.$(MAJOR): libxenctrl.so.$(MAJOR).$(MINOR)
++libxenctrl.so: libxenctrl-$(PACKAGE_VERSION).so
+ $(SYMLINK_SHLIB) $< $@
+
+-libxenctrl.so.$(MAJOR).$(MINOR): $(CTRL_PIC_OBJS)
+- $(CC) $(LDFLAGS) $(PTHREAD_LDFLAGS) -Wl,$(SONAME_LDFLAG) -Wl,libxenctrl.so.$(MAJOR) $(SHLIB_LDFLAGS) -o $@ $^ $(LDLIBS_libxentoollog) $(LDLIBS_libxenevtchn) $(LDLIBS_libxengnttab) $(LDLIBS_libxengntshr) $(LDLIBS_libxencall) $(LDLIBS_libxenforeignmemory) $(PTHREAD_LIBS) $(APPEND_LDFLAGS)
++libxenctrl-$(PACKAGE_VERSION).so: $(CTRL_PIC_OBJS)
++ $(CC) $(LDFLAGS) $(PTHREAD_LDFLAGS) -Wl,$(SONAME_LDFLAG),$@ $(SHLIB_LDFLAGS) -o $@ $^ $(LDLIBS_libxentoollog) $(LDLIBS_libxenevtchn) $(LDLIBS_libxengnttab) $(LDLIBS_libxengntshr) $(LDLIBS_libxencall) $(LDLIBS_libxenforeignmemory) $(PTHREAD_LIBS) $(APPEND_LDFLAGS)
+
+ # libxenguest
+
+ libxenguest.a: $(GUEST_LIB_OBJS)
+ $(AR) rc $@ $^
+
+-libxenguest.so: libxenguest.so.$(MAJOR)
+- $(SYMLINK_SHLIB) $< $@
+-libxenguest.so.$(MAJOR): libxenguest.so.$(MAJOR).$(MINOR)
++libxenguest.so: libxenguest-$(PACKAGE_VERSION).so
+ $(SYMLINK_SHLIB) $< $@
+
+ ifeq ($(CONFIG_MiniOS),y)
+@@ -238,9 +229,9 @@ endif
+ xc_dom_bzimageloader.o: CFLAGS += $(filter -D%,$(zlib-options))
+ xc_dom_bzimageloader.opic: CFLAGS += $(filter -D%,$(zlib-options))
+
+-libxenguest.so.$(MAJOR).$(MINOR): COMPRESSION_LIBS = $(filter -l%,$(zlib-options))
+-libxenguest.so.$(MAJOR).$(MINOR): $(GUEST_PIC_OBJS) libxenctrl.so
+- $(CC) $(LDFLAGS) -Wl,$(SONAME_LDFLAG) -Wl,libxenguest.so.$(MAJOR) $(SHLIB_LDFLAGS) -o $@ $(GUEST_PIC_OBJS) $(COMPRESSION_LIBS) -lz $(LDLIBS_libxenevtchn) $(LDLIBS_libxenctrl) $(PTHREAD_LIBS) $(APPEND_LDFLAGS)
++libxenguest-$(PACKAGE_VERSION).so: COMPRESSION_LIBS = $(call zlib-options,l)
++libxenguest-$(PACKAGE_VERSION).so: $(GUEST_PIC_OBJS) libxenctrl-$(PACKAGE_VERSION).so
++ $(CC) $(LDFLAGS) -Wl,$(SONAME_LDFLAG),$@ $(SHLIB_LDFLAGS) -o $@ $(GUEST_PIC_OBJS) $(COMPRESSION_LIBS) -lz $(LDLIBS_libxenevtchn) $(LDLIBS_libxenctrl) $(PTHREAD_LIBS) $(APPEND_LDFLAGS)
+
+ -include $(DEPS)
+
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 5 Jul 2014 11:46:49 +0200
+X-Dgit-Generated: 4.8.1-1 b6860f8b5e4980eedd3e75e5e81be73343d92558
+Subject: tools-libxl-abiname.diff
+
+Patch-Name: tools-libxl-abiname.diff
+
+---
+
+--- xen-4.8.1.orig/tools/libxl/Makefile
++++ xen-4.8.1/tools/libxl/Makefile
+@@ -5,12 +5,6 @@
+ XEN_ROOT = $(CURDIR)/../..
+ include $(XEN_ROOT)/tools/Rules.mk
+
+-MAJOR = 4.8
+-MINOR = 0
+-
+-XLUMAJOR = 4.8
+-XLUMINOR = 0
+-
+ CFLAGS += -Werror -Wno-format-zero-length -Wmissing-declarations \
+ -Wno-declaration-after-statement -Wformat-nonliteral
+ CFLAGS += -I. -fPIC
+@@ -258,29 +252,23 @@ _libxl_type%.h _libxl_type%_json.h _libx
+ $(call move-if-changed,__libxl_type$*_json.h,_libxl_type$*_json.h)
+ $(call move-if-changed,__libxl_type$*.c,_libxl_type$*.c)
+
+-libxenlight.so: libxenlight.so.$(MAJOR)
+- $(SYMLINK_SHLIB) $< $@
+-
+-libxenlight.so.$(MAJOR): libxenlight.so.$(MAJOR).$(MINOR)
++libxenlight.so: libxenlight-$(PACKAGE_VERSION).so
+ $(SYMLINK_SHLIB) $< $@
+
+-libxenlight.so.$(MAJOR).$(MINOR): $(LIBXL_OBJS)
+- $(CC) $(LDFLAGS) -Wl,$(SONAME_LDFLAG) -Wl,libxenlight.so.$(MAJOR) $(SHLIB_LDFLAGS) -o $@ $^ $(LIBXL_LIBS) $(APPEND_LDFLAGS)
++libxenlight-$(PACKAGE_VERSION).so: $(LIBXL_OBJS)
++ $(CC) $(LDFLAGS) -Wl,$(SONAME_LDFLAG),$@ $(SHLIB_LDFLAGS) -o $@ $^ $(LIBXL_LIBS) $(APPEND_LDFLAGS)
+
+ libxenlight_test.so: $(LIBXL_OBJS) $(LIBXL_TEST_OBJS)
+- $(CC) $(LDFLAGS) -Wl,$(SONAME_LDFLAG) -Wl,libxenlight.so.$(MAJOR) $(SHLIB_LDFLAGS) -o $@ $^ $(LIBXL_LIBS) $(APPEND_LDFLAGS)
++ $(CC) $(LDFLAGS) -Wl,$(SONAME_LDFLAG),$@ $(SHLIB_LDFLAGS) -o $@ $^ $(LIBXL_LIBS) $(APPEND_LDFLAGS)
+
+ libxenlight.a: $(LIBXL_OBJS)
+ $(AR) rcs libxenlight.a $^
+
+-libxlutil.so: libxlutil.so.$(XLUMAJOR)
+- $(SYMLINK_SHLIB) $< $@
+-
+-libxlutil.so.$(XLUMAJOR): libxlutil.so.$(XLUMAJOR).$(XLUMINOR)
++libxlutil.so: libxlutil-$(PACKAGE_VERSION).so
+ $(SYMLINK_SHLIB) $< $@
+
+-libxlutil.so.$(XLUMAJOR).$(XLUMINOR): $(LIBXLU_OBJS) libxenlight.so
+- $(CC) $(LDFLAGS) -Wl,$(SONAME_LDFLAG) -Wl,libxlutil.so.$(XLUMAJOR) $(SHLIB_LDFLAGS) -o $@ $(LIBXLU_OBJS) $(LIBXLU_LIBS) $(APPEND_LDFLAGS)
++libxlutil-$(PACKAGE_VERSION).so: $(LIBXLU_OBJS) libxenlight.so
++ $(CC) $(LDFLAGS) -Wl,$(SONAME_LDFLAG),$@ $(SHLIB_LDFLAGS) -o $@ $(LIBXLU_OBJS) $(LIBXLU_LIBS) $(APPEND_LDFLAGS)
+
+ libxlutil.a: $(LIBXLU_OBJS)
+ $(AR) rcs libxlutil.a $^
+@@ -298,7 +286,7 @@ testidl: testidl.o libxlutil.so libxenli
+ $(CC) $(LDFLAGS) -o $@ testidl.o libxlutil.so $(LDLIBS_libxenlight) $(LDLIBS_libxentoollog) $(APPEND_LDFLAGS)
+
+ $(PKG_CONFIG): % : %.in Makefile
+- @sed -e 's/@@version@@/$(MAJOR).$(MINOR)/g' < $< > $@.new
++ @sed -e 's/@@version@@/$(PACKAGE_VERSION)/g' < $< > $@.new
+ @mv -f $@.new $@
+
+ .PHONY: install
+@@ -311,13 +299,11 @@ install: all
+ $(INSTALL_DIR) $(DESTDIR)$(PKG_INSTALLDIR)
+ $(INSTALL_PROG) xl $(DESTDIR)$(sbindir)
+ $(INSTALL_PROG) libxl-save-helper $(DESTDIR)$(LIBEXEC_BIN)
+- $(INSTALL_SHLIB) libxenlight.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)
+- $(SYMLINK_SHLIB) libxenlight.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)/libxenlight.so.$(MAJOR)
+- $(SYMLINK_SHLIB) libxenlight.so.$(MAJOR) $(DESTDIR)$(libdir)/libxenlight.so
++ $(INSTALL_SHLIB) libxenlight-$(PACKAGE_VERSION).so $(DESTDIR)$(libdir)
++ $(SYMLINK_SHLIB) libxenlight-$(PACKAGE_VERSION).so $(DESTDIR)$(libdir)/libxenlight.so
+ $(INSTALL_DATA) libxenlight.a $(DESTDIR)$(libdir)
+- $(INSTALL_SHLIB) libxlutil.so.$(XLUMAJOR).$(XLUMINOR) $(DESTDIR)$(libdir)
+- $(SYMLINK_SHLIB) libxlutil.so.$(XLUMAJOR).$(XLUMINOR) $(DESTDIR)$(libdir)/libxlutil.so.$(XLUMAJOR)
+- $(SYMLINK_SHLIB) libxlutil.so.$(XLUMAJOR) $(DESTDIR)$(libdir)/libxlutil.so
++ $(INSTALL_SHLIB) libxlutil-$(PACKAGE_VERSION).so $(DESTDIR)$(libdir)
++ $(SYMLINK_SHLIB) libxlutil-$(PACKAGE_VERSION).so $(DESTDIR)$(libdir)/libxlutil.so
+ $(INSTALL_DATA) libxlutil.a $(DESTDIR)$(libdir)
+ $(INSTALL_DATA) libxl.h libxl_event.h libxl_json.h _libxl_types.h _libxl_types_json.h _libxl_list.h libxl_utils.h libxl_uuid.h libxlutil.h $(DESTDIR)$(includedir)
+ $(INSTALL_DATA) bash-completion $(DESTDIR)$(BASH_COMPLETION_DIR)/xl.sh
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 5 Jul 2014 11:46:57 +0200
+X-Dgit-Generated: 4.8.1-1 0c590f711182ecc6c0aaee5fc0bf89f384c98fce
+Subject: tools-libxl-prefix.diff
+
+Patch-Name: tools-libxl-prefix.diff
+
+---
+
+--- xen-4.8.1.orig/tools/libxl/Makefile
++++ xen-4.8.1/tools/libxl/Makefile
+@@ -12,6 +12,8 @@ CFLAGS += -I. -fPIC
+ ifeq ($(CONFIG_Linux),y)
+ LIBUUID_LIBS += -luuid
+ endif
++LDFLAGS_XL = $(call LDFLAGS_RPATH,../lib)
++LDFLAGS_LIBXL = $(call LDFLAGS_RPATH)
+
+ LIBXL_LIBS =
+ LIBXL_LIBS = $(LDLIBS_libxentoollog) $(LDLIBS_libxenevtchn) $(LDLIBS_libxenctrl) $(LDLIBS_libxenguest) $(LDLIBS_libxenstore) $(LDLIBS_libblktapctl) $(PTYFUNCS_LIBS) $(LIBUUID_LIBS)
+@@ -256,7 +258,7 @@ libxenlight.so: libxenlight-$(PACKAGE_VE
+ $(SYMLINK_SHLIB) $< $@
+
+ libxenlight-$(PACKAGE_VERSION).so: $(LIBXL_OBJS)
+- $(CC) $(LDFLAGS) -Wl,$(SONAME_LDFLAG),$@ $(SHLIB_LDFLAGS) -o $@ $^ $(LIBXL_LIBS) $(APPEND_LDFLAGS)
++ $(CC) $(LDFLAGS) -Wl,$(SONAME_LDFLAG),$@ $(LDFLAGS_LIBXL) $(SHLIB_LDFLAGS) -o $@ $^ $(LIBXL_LIBS) $(APPEND_LDFLAGS)
+
+ libxenlight_test.so: $(LIBXL_OBJS) $(LIBXL_TEST_OBJS)
+ $(CC) $(LDFLAGS) -Wl,$(SONAME_LDFLAG),$@ $(SHLIB_LDFLAGS) -o $@ $^ $(LIBXL_LIBS) $(APPEND_LDFLAGS)
+@@ -274,7 +276,7 @@ libxlutil.a: $(LIBXLU_OBJS)
+ $(AR) rcs libxlutil.a $^
+
+ xl: $(XL_OBJS) libxlutil.so libxenlight.so
+- $(CC) $(LDFLAGS) -o $@ $(XL_OBJS) libxlutil.so $(LDLIBS_libxenlight) $(LDLIBS_libxentoollog) -lyajl $(APPEND_LDFLAGS)
++ $(CC) $(LDFLAGS) $(LDFLAGS_XL) -o $@ $(XL_OBJS) libxlutil.so $(LDLIBS_libxenlight) $(LDLIBS_libxentoollog) -lyajl $(APPEND_LDFLAGS)
+
+ test_%: test_%.o test_common.o libxlutil.so libxenlight_test.so
+ $(CC) $(LDFLAGS) -o $@ $^ $(filter-out %libxenlight.so, $(LDLIBS_libxenlight)) $(LDLIBS_libxentoollog) -lyajl $(APPEND_LDFLAGS)
+@@ -291,13 +293,12 @@ $(PKG_CONFIG): % : %.in Makefile
+
+ .PHONY: install
+ install: all
+- $(INSTALL_DIR) $(DESTDIR)$(sbindir)
+ $(INSTALL_DIR) $(DESTDIR)$(libdir)
+ $(INSTALL_DIR) $(DESTDIR)$(includedir)
+ $(INSTALL_DIR) $(DESTDIR)$(BASH_COMPLETION_DIR)
+ $(INSTALL_DIR) $(DESTDIR)$(LIBEXEC_BIN)
+ $(INSTALL_DIR) $(DESTDIR)$(PKG_INSTALLDIR)
+- $(INSTALL_PROG) xl $(DESTDIR)$(sbindir)
++ $(INSTALL_PROG) xl $(DESTDIR)$(LIBEXEC_BIN)
+ $(INSTALL_PROG) libxl-save-helper $(DESTDIR)$(LIBEXEC_BIN)
+ $(INSTALL_SHLIB) libxenlight-$(PACKAGE_VERSION).so $(DESTDIR)$(libdir)
+ $(SYMLINK_SHLIB) libxenlight-$(PACKAGE_VERSION).so $(DESTDIR)$(libdir)/libxenlight.so
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 5 Jul 2014 11:46:59 +0200
+X-Dgit-Generated: 4.8.1-1 92bd9e6a61c01d45b42463d3097f87935167e731
+Subject: tools-misc-prefix.diff
+
+Patch-Name: tools-misc-prefix.diff
+
+---
+
+--- xen-4.8.1.orig/tools/misc/Makefile
++++ xen-4.8.1/tools/misc/Makefile
+@@ -54,12 +54,8 @@ all build: $(TARGETS_BUILD)
+
+ .PHONY: install
+ install: build
+- $(INSTALL_DIR) $(DESTDIR)$(bindir)
+- $(INSTALL_DIR) $(DESTDIR)$(sbindir)
+ $(INSTALL_DIR) $(DESTDIR)$(LIBEXEC_BIN)
+- $(INSTALL_PYTHON_PROG) $(INSTALL_BIN) $(DESTDIR)$(bindir)
+- $(INSTALL_PYTHON_PROG) $(INSTALL_SBIN) $(DESTDIR)$(sbindir)
+- $(INSTALL_PYTHON_PROG) $(INSTALL_PRIVBIN) $(DESTDIR)$(LIBEXEC_BIN)
++ $(INSTALL_PYTHON_PROG) $(INSTALL_BIN) $(INSTALL_SBIN) $(INSTALL_PRIVBIN) $(DESTDIR)$(LIBEXEC_BIN)
+
+ .PHONY: clean
+ clean:
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 5 Jul 2014 11:47:01 +0200
+X-Dgit-Generated: 4.8.1-1 e11fc351a6d75288200f781c656599ec3547c484
+Subject: tools-pygrub-prefix.diff
+
+Patch-Name: tools-pygrub-prefix.diff
+
+---
+
+--- xen-4.8.1.orig/tools/pygrub/Makefile
++++ xen-4.8.1/tools/pygrub/Makefile
+@@ -16,11 +16,6 @@ install: all
+ CC="$(CC)" CFLAGS="$(PY_CFLAGS)" LDFLAGS="$(PY_LDFLAGS)" $(PYTHON) \
+ setup.py install $(PYTHON_PREFIX_ARG) --root="$(DESTDIR)" \
+ --install-scripts=$(LIBEXEC_BIN) --force
+- set -e; if [ $(bindir) != $(LIBEXEC_BIN) -a \
+- "`readlink -f $(DESTDIR)/$(bindir)`" != \
+- "`readlink -f $(LIBEXEC_BIN)`" ]; then \
+- ln -sf $(LIBEXEC_BIN)/pygrub $(DESTDIR)/$(bindir); \
+- fi
+
+ .PHONY: clean
+ clean:
+--- xen-4.8.1.orig/tools/pygrub/setup.py
++++ xen-4.8.1/tools/pygrub/setup.py
+@@ -4,11 +4,13 @@ import os
+ import sys
+
+ extra_compile_args = [ "-fno-strict-aliasing", "-Werror" ]
++extra_link_args = [ "-Wl,-rpath,${ORIGIN}/.." ]
+
+ XEN_ROOT = "../.."
+
+ fsimage = Extension("fsimage",
+ extra_compile_args = extra_compile_args,
++ extra_link_args = extra_link_args,
+ include_dirs = [ XEN_ROOT + "/tools/libfsimage/common/" ],
+ library_dirs = [ XEN_ROOT + "/tools/libfsimage/common/" ],
+ libraries = ["fsimage"],
+--- xen-4.8.1.orig/tools/pygrub/src/pygrub
++++ xen-4.8.1/tools/pygrub/src/pygrub
+@@ -21,6 +21,8 @@ import xen.lowlevel.xc
+ import curses, _curses, curses.wrapper, curses.textpad, curses.ascii
+ import getopt
+
++sys.path.insert(1, sys.path[0] + '/../lib/python')
++
+ import fsimage
+ import grub.GrubConf
+ import grub.LiloConf
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 5 Jul 2014 11:47:29 +0200
+X-Dgit-Generated: 4.8.1-1 00315ed8c451173d0d212d55a831023166f3b212
+Subject: Remove static solaris support from pygrub
+
+Patch-Name: tools-pygrub-remove-static-solaris-support
+
+---
+
+--- xen-4.8.1.orig/tools/pygrub/src/pygrub
++++ xen-4.8.1/tools/pygrub/src/pygrub
+@@ -16,7 +16,6 @@ import os, sys, string, struct, tempfile
+ import copy
+ import logging
+ import platform
+-import xen.lowlevel.xc
+
+ import curses, _curses, curses.wrapper, curses.textpad, curses.ascii
+ import getopt
+@@ -668,51 +667,6 @@ def run_grub(file, entry, fs, cfg_args):
+
+ return grubcfg
+
+-def supports64bitPVguest():
+- xc = xen.lowlevel.xc.xc()
+- caps = xc.xeninfo()['xen_caps'].split(" ")
+- for cap in caps:
+- if cap == "xen-3.0-x86_64":
+- return True
+- return False
+-
+-# If nothing has been specified, look for a Solaris domU. If found, perform the
+-# necessary tweaks.
+-def sniff_solaris(fs, cfg):
+- if not fs.file_exists("/platform/i86xpv/kernel/unix") and \
+- not fs.file_exists("/platform/i86xpv/kernel/amd64/unix"):
+- return cfg
+-
+- if not cfg["kernel"]:
+- if supports64bitPVguest() and \
+- fs.file_exists("/platform/i86xpv/kernel/amd64/unix"):
+- cfg["kernel"] = "/platform/i86xpv/kernel/amd64/unix"
+- cfg["ramdisk"] = "/platform/i86pc/amd64/boot_archive"
+- elif fs.file_exists("/platform/i86xpv/kernel/unix"):
+- cfg["kernel"] = "/platform/i86xpv/kernel/unix"
+- cfg["ramdisk"] = "/platform/i86pc/boot_archive"
+- else:
+- return cfg
+-
+- # Unpleasant. Typically we'll have 'root=foo -k' or 'root=foo /kernel -k',
+- # and we need to maintain Xen properties (root= and ip=) and the kernel
+- # before any user args.
+-
+- xenargs = ""
+- userargs = ""
+-
+- if not cfg["args"]:
+- cfg["args"] = cfg["kernel"]
+- else:
+- for arg in cfg["args"].split():
+- if re.match("^root=", arg) or re.match("^ip=", arg):
+- xenargs += arg + " "
+- elif arg != cfg["kernel"]:
+- userargs += arg + " "
+- cfg["args"] = xenargs + " " + cfg["kernel"] + " " + userargs
+-
+- return cfg
+-
+ def sniff_netware(fs, cfg):
+ if not fs.file_exists("/nwserver/xnloader.sys"):
+ return cfg
+@@ -901,10 +855,7 @@ if __name__ == "__main__":
+ try:
+ fs = fsimage.open(file, offset, bootfsoptions)
+
+- chosencfg = sniff_solaris(fs, incfg)
+-
+- if not chosencfg["kernel"]:
+- chosencfg = sniff_netware(fs, incfg)
++ chosencfg = sniff_netware(fs, incfg)
+
+ if not chosencfg["kernel"]:
+ chosencfg = run_grub(file, entry, fs, incfg["args"])
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 5 Jul 2014 11:47:02 +0200
+X-Dgit-Generated: 4.8.1-1 5ea3aead5ce755e99c1e811dc3bdf74cec9e991f
+Subject: tools-python-prefix.diff
+
+Patch-Name: tools-python-prefix.diff
+
+---
+
+--- xen-4.8.1.orig/tools/python/setup.py
++++ xen-4.8.1/tools/python/setup.py
+@@ -5,6 +5,7 @@ import os, sys
+ XEN_ROOT = "../.."
+
+ extra_compile_args = [ "-fno-strict-aliasing", "-Werror" ]
++extra_link_args = [ "-Wl,-rpath,${ORIGIN}/../../.." ]
+
+ PATH_XEN = XEN_ROOT + "/tools/include"
+ PATH_LIBXENTOOLLOG = XEN_ROOT + "/tools/libs/toollog"
+@@ -23,11 +24,12 @@ xc = Extension("xc",
+ library_dirs = [ PATH_LIBXC ],
+ libraries = [ "xenctrl", "xenguest" ],
+ depends = [ PATH_LIBXC + "/libxenctrl.so", PATH_LIBXC + "/libxenguest.so" ],
+- extra_link_args = [ "-Wl,-rpath-link="+PATH_LIBXENTOOLLOG ],
++ extra_link_args = extra_link_args + [ "-Wl,-rpath-link="+PATH_LIBXENTOOLLOG ],
+ sources = [ "xen/lowlevel/xc/xc.c" ])
+
+ xs = Extension("xs",
+ extra_compile_args = extra_compile_args,
++ extra_link_args = extra_link_args,
+ include_dirs = [ PATH_XEN, PATH_XENSTORE + "/include", "xen/lowlevel/xs" ],
+ library_dirs = [ PATH_XENSTORE ],
+ libraries = [ "xenstore" ],
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 5 Jul 2014 11:46:51 +0200
+X-Dgit-Generated: 4.8.1-1 31f508fde90e729a0f734dc00d0c75213f075a2e
+Subject: tools-rpath.diff
+
+Patch-Name: tools-rpath.diff
+
+---
+
+--- xen-4.8.1.orig/tools/Rules.mk
++++ xen-4.8.1/tools/Rules.mk
+@@ -9,6 +9,8 @@ include $(XEN_ROOT)/Config.mk
+ export _INSTALL := $(INSTALL)
+ INSTALL = $(XEN_ROOT)/tools/cross-install
+
++LDFLAGS_RPATH = -Wl,-rpath,'$${ORIGIN}$(if $(1),/$(1))'
++
+ XEN_INCLUDE = $(XEN_ROOT)/tools/include
+ XEN_LIBXENTOOLLOG = $(XEN_ROOT)/tools/libs/toollog
+ XEN_LIBXENEVTCHN = $(XEN_ROOT)/tools/libs/evtchn
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 5 Jul 2014 11:47:05 +0200
+X-Dgit-Generated: 4.8.1-1 845c9126f103d039326ba1cc06575de8a2d32d39
+Subject: tools-xcutils-rpath.diff
+
+Patch-Name: tools-xcutils-rpath.diff
+
+---
+
+--- xen-4.8.1.orig/tools/xcutils/Makefile
++++ xen-4.8.1/tools/xcutils/Makefile
+@@ -19,6 +19,8 @@ CFLAGS += -Werror
+ CFLAGS_readnotes.o := $(CFLAGS_libxenevtchn) $(CFLAGS_libxenctrl) $(CFLAGS_libxenguest) -I$(XEN_ROOT)/tools/libxc $(CFLAGS_libxencall)
+ CFLAGS_lsevtchn.o := $(CFLAGS_libxenevtchn) $(CFLAGS_libxenctrl)
+
++APPEND_LDFLAGS += $(call LDFLAGS_RPATH,../lib)
++
+ .PHONY: all
+ all: build
+
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 5 Jul 2014 11:47:31 +0200
+X-Dgit-Generated: 4.8.1-1 75dded97d0701561959c2fab12f0328058078b40
+Subject: tools-xenmon-install.diff
+
+Patch-Name: tools-xenmon-install.diff
+
+---
+
+--- xen-4.8.1.orig/tools/xenmon/Makefile
++++ xen-4.8.1/tools/xenmon/Makefile
+@@ -13,6 +13,10 @@
+ XEN_ROOT=$(CURDIR)/../..
+ include $(XEN_ROOT)/tools/Rules.mk
+
++DEFAULT_PYTHON_PATH := $(shell $(XEN_ROOT)/tools/python/get-path)
++PYTHON_PATH ?= $(DEFAULT_PYTHON_PATH)
++INSTALL_PYTHON_PROG = $(XEN_ROOT)/tools/python/install-wrap "$(PYTHON_PATH)" $(INSTALL_PROG)
++
+ CFLAGS += -Werror
+ CFLAGS += $(CFLAGS_libxenevtchn)
+ CFLAGS += $(CFLAGS_libxenctrl)
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 5 Jul 2014 11:47:06 +0200
+X-Dgit-Generated: 4.8.1-1 3c1dc49f92bcdb9e031a419f3c0014b57fcb96a9
+Subject: tools-xenmon-prefix.diff
+
+Patch-Name: tools-xenmon-prefix.diff
+
+---
+
+--- xen-4.8.1.orig/tools/xenmon/Makefile
++++ xen-4.8.1/tools/xenmon/Makefile
+@@ -18,6 +18,7 @@ CFLAGS += $(CFLAGS_libxenevtchn)
+ CFLAGS += $(CFLAGS_libxenctrl)
+ LDLIBS += $(LDLIBS_libxenctrl)
+ LDLIBS += $(LDLIBS_libxenevtchn)
++LDFLAGS += $(call LDFLAGS_RPATH,../lib)
+
+ SCRIPTS = xenmon.py
+
+@@ -29,10 +30,10 @@ build: xentrace_setmask xenbaked
+
+ .PHONY: install
+ install: build
+- $(INSTALL_DIR) $(DESTDIR)$(sbindir)
+- $(INSTALL_PROG) xenbaked $(DESTDIR)$(sbindir)/xenbaked
+- $(INSTALL_PROG) xentrace_setmask $(DESTDIR)$(sbindir)/xentrace_setmask
+- $(INSTALL_PROG) xenmon.py $(DESTDIR)$(sbindir)/xenmon.py
++ $(INSTALL_DIR) $(DESTDIR)$(LIBEXEC_BIN)
++ $(INSTALL_PROG) xenbaked $(DESTDIR)$(LIBEXEC_BIN)/xenbaked
++ $(INSTALL_PROG) xentrace_setmask $(DESTDIR)$(LIBEXEC_BIN)/xentrace_setmask
++ $(INSTALL_PROG) xenmon.py $(DESTDIR)$(LIBEXEC_BIN)/xenmon.py
+
+ .PHONY: clean
+ clean:
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 5 Jul 2014 11:47:08 +0200
+X-Dgit-Generated: 4.8.1-1 6b66a39ea6db832a88d94c4d8e256f77e08fe1a3
+Subject: tools-xenpaging-prefix.diff
+
+Patch-Name: tools-xenpaging-prefix.diff
+
+---
+
+--- xen-4.8.1.orig/tools/xenpaging/Makefile
++++ xen-4.8.1/tools/xenpaging/Makefile
+@@ -4,7 +4,7 @@ include $(XEN_ROOT)/tools/Rules.mk
+ # xenpaging.c and file_ops.c incorrectly use libxc internals
+ CFLAGS += $(CFLAGS_libxentoollog) $(CFLAGS_libxenevtchn) $(CFLAGS_libxenctrl) $(CFLAGS_libxenstore) $(PTHREAD_CFLAGS) -I$(XEN_ROOT)/tools/libxc $(CFLAGS_libxencall)
+ LDLIBS += $(LDLIBS_libxentoollog) $(LDLIBS_libxenevtchn) $(LDLIBS_libxenctrl) $(LDLIBS_libxenstore) $(PTHREAD_LIBS)
+-LDFLAGS += $(PTHREAD_LDFLAGS)
++LDFLAGS += $(PTHREAD_LDFLAGS) $(call LDFLAGS_RPATH,../lib)
+
+ POLICY = default
+
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 13 Dec 2014 19:37:02 +0100
+X-Dgit-Generated: 4.8.1-1 abbd6a5b077ff2f14d6e715c7f342f02f3b78ef8
+Subject: tools-xenpmd-prefix.diff
+
+Patch-Name: tools-xenpmd-prefix.diff
+
+---
+
+--- xen-4.8.1.orig/tools/xenpmd/Makefile
++++ xen-4.8.1/tools/xenpmd/Makefile
+@@ -11,8 +11,8 @@ all: xenpmd
+
+ .PHONY: install
+ install: all
+- $(INSTALL_DIR) $(DESTDIR)$(sbindir)
+- $(INSTALL_PROG) xenpmd $(DESTDIR)$(sbindir)
++ $(INSTALL_DIR) $(DESTDIR)$(LIBEXEC_BIN)
++ $(INSTALL_PROG) xenpmd $(DESTDIR)$(LIBEXEC_BIN)
+
+ .PHONY: clean
+ clean:
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 5 Jul 2014 11:46:50 +0200
+X-Dgit-Generated: 4.8.1-1 a968429393f380a5bf1eab604bd1720f31369fcd
+Subject: tools-xenstat-abiname.diff
+
+Patch-Name: tools-xenstat-abiname.diff
+
+---
+
+--- xen-4.8.1.orig/tools/xenstat/libxenstat/Makefile
++++ xen-4.8.1/tools/xenstat/libxenstat/Makefile
+@@ -18,18 +18,14 @@ include $(XEN_ROOT)/tools/Rules.mk
+ LDCONFIG=ldconfig
+ MAKE_LINK=ln -sf
+
+-MAJOR=0
+-MINOR=0
+-
+ LIB=src/libxenstat.a
+-SHLIB=src/libxenstat.so.$(MAJOR).$(MINOR)
+-SHLIB_LINKS=src/libxenstat.so.$(MAJOR) src/libxenstat.so
+-OBJECTS-y=src/xenstat.o src/xenstat_qmp.o
++SHLIB=src/libxenstat.so
++OBJECTS-y=src/xenstat.o
+ OBJECTS-$(CONFIG_Linux) += src/xenstat_linux.o
+ OBJECTS-$(CONFIG_SunOS) += src/xenstat_solaris.o
+ OBJECTS-$(CONFIG_NetBSD) += src/xenstat_netbsd.o
+ OBJECTS-$(CONFIG_FreeBSD) += src/xenstat_freebsd.o
+-SONAME_FLAGS=-Wl,$(SONAME_LDFLAG) -Wl,libxenstat.so.$(MAJOR)
++SONAME_FLAGS=-Wl,$(SONAME_LDFLAG),libxenstat.so
+
+ CFLAGS+=-fPIC
+ CFLAGS+=-Isrc $(CFLAGS_libxenctrl) $(CFLAGS_libxenstore) $(CFLAGS_xeninclude) -include $(XEN_ROOT)/tools/config.h
+@@ -38,7 +34,7 @@ LDLIBS-y = $(LDLIBS_libxenstore) $(LDLIB
+ LDLIBS-$(CONFIG_SunOS) += -lkstat
+
+ .PHONY: all
+-all: $(LIB) $(SHLIB) $(SHLIB_LINKS)
++all: $(LIB) $(SHLIB)
+
+ $(OBJECTS-y): src/_paths.h
+
+@@ -50,19 +46,11 @@ $(SHLIB): $(OBJECTS-y)
+ $(CC) $(LDFLAGS) $(SONAME_FLAGS) $(SHLIB_LDFLAGS) -o $@ \
+ $(OBJECTS-y) $(LDLIBS-y) $(APPEND_LDFLAGS)
+
+-src/libxenstat.so.$(MAJOR): $(SHLIB)
+- $(MAKE_LINK) $(<F) $@
+-
+-src/libxenstat.so: src/libxenstat.so.$(MAJOR)
+- $(MAKE_LINK) $(<F) $@
+-
+ .PHONY: install
+ install: all
+ $(INSTALL_DATA) src/xenstat.h $(DESTDIR)$(includedir)
+ $(INSTALL_DATA) $(LIB) $(DESTDIR)$(libdir)/libxenstat.a
+- $(INSTALL_PROG) src/libxenstat.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)
+- ln -sf libxenstat.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)/libxenstat.so.$(MAJOR)
+- ln -sf libxenstat.so.$(MAJOR) $(DESTDIR)$(libdir)/libxenstat.so
++ $(INSTALL_PROG) src/libxenstat.so $(DESTDIR)$(libdir)
+
+ PYLIB=bindings/swig/python/_xenstat.so
+ PYMOD=bindings/swig/python/xenstat.py
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 5 Jul 2014 11:47:09 +0200
+X-Dgit-Generated: 4.8.1-1 fa062a38ebfa9a8d1e52ee698c72aff4cb39e969
+Subject: tools-xenstat-prefix.diff
+
+Patch-Name: tools-xenstat-prefix.diff
+
+---
+
+--- xen-4.8.1.orig/tools/xenstat/libxenstat/Makefile
++++ xen-4.8.1/tools/xenstat/libxenstat/Makefile
+@@ -20,7 +20,7 @@ MAKE_LINK=ln -sf
+
+ LIB=src/libxenstat.a
+ SHLIB=src/libxenstat.so
+-OBJECTS-y=src/xenstat.o
++OBJECTS-y=src/xenstat.o src/xenstat_qmp.o
+ OBJECTS-$(CONFIG_Linux) += src/xenstat_linux.o
+ OBJECTS-$(CONFIG_SunOS) += src/xenstat_solaris.o
+ OBJECTS-$(CONFIG_NetBSD) += src/xenstat_netbsd.o
+@@ -48,9 +48,11 @@ $(SHLIB): $(OBJECTS-y)
+
+ .PHONY: install
+ install: all
++ $(INSTALL_DIR) $(DESTDIR)$(includedir)
++ $(INSTALL_DIR) $(DESTDIR)$(LIBEXEC_LIB)
+ $(INSTALL_DATA) src/xenstat.h $(DESTDIR)$(includedir)
+ $(INSTALL_DATA) $(LIB) $(DESTDIR)$(libdir)/libxenstat.a
+- $(INSTALL_PROG) src/libxenstat.so $(DESTDIR)$(libdir)
++ $(INSTALL_PROG) src/libxenstat.so $(DESTDIR)$(LIBEXEC_LIB)
+
+ PYLIB=bindings/swig/python/_xenstat.so
+ PYMOD=bindings/swig/python/xenstat.py
+--- xen-4.8.1.orig/tools/xenstat/xentop/Makefile
++++ xen-4.8.1/tools/xenstat/xentop/Makefile
+@@ -19,7 +19,9 @@ all install xentop:
+ else
+
+ CFLAGS += -DGCC_PRINTF -Werror $(CFLAGS_libxenstat)
++LDFLAGS += $(call LDFLAGS_RPATH,../lib)
+ LDLIBS += $(LDLIBS_libxenstat) $(CURSES_LIBS) $(TINFO_LIBS) $(SOCKET_LIBS) -lm -lyajl
++LDLIBS += $(LDLIBS_libxenctrl) $(LDLIBS_libxenstore)
+ CFLAGS += -DHOST_$(XEN_OS)
+
+ # Include configure output (config.h)
+@@ -31,8 +33,8 @@ all: xentop
+
+ .PHONY: install
+ install: xentop
+- $(INSTALL_DIR) $(DESTDIR)$(sbindir)
+- $(INSTALL_PROG) xentop $(DESTDIR)$(sbindir)/xentop
++ $(INSTALL_DIR) $(DESTDIR)$(LIBEXEC_BIN)
++ $(INSTALL_PROG) xentop $(DESTDIR)$(LIBEXEC_BIN)/xentop
+
+ endif
+
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 5 Jul 2014 11:47:36 +0200
+X-Dgit-Generated: 4.8.1-1 e0deca5e873be2aeb99ad58aed95eaa9c7c8ce35
+Subject: tools-xenstore-compatibility.diff
+
+Patch-Name: tools-xenstore-compatibility.diff
+
+---
+
+--- xen-4.8.1.orig/tools/xenstore/include/xenstore.h
++++ xen-4.8.1/tools/xenstore/include/xenstore.h
+@@ -25,6 +25,7 @@
+
+ #define XS_OPEN_READONLY 1UL<<0
+ #define XS_OPEN_SOCKETONLY 1UL<<1
++#define XS_OPEN_DOMAINONLY 1UL<<2
+
+ /*
+ * Setting XS_UNWATCH_FILTER arranges that after xs_unwatch, no
+--- xen-4.8.1.orig/tools/xenstore/xenstore_client.c
++++ xen-4.8.1/tools/xenstore/xenstore_client.c
+@@ -636,7 +636,7 @@ main(int argc, char **argv)
+ max_width = ws.ws_col - 2;
+ }
+
+- xsh = xs_open(socket ? XS_OPEN_SOCKETONLY : 0);
++ xsh = xs_open(socket ? XS_OPEN_SOCKETONLY : XS_OPEN_DOMAINONLY);
+ if (xsh == NULL) err(1, "xs_open");
+
+ again:
+--- xen-4.8.1.orig/tools/xenstore/xs.c
++++ xen-4.8.1/tools/xenstore/xs.c
+@@ -281,17 +281,19 @@ struct xs_handle *xs_daemon_open_readonl
+
+ struct xs_handle *xs_domain_open(void)
+ {
+- return xs_open(0);
++ return xs_open(XS_OPEN_DOMAINONLY);
+ }
+
+ struct xs_handle *xs_open(unsigned long flags)
+ {
+ struct xs_handle *xsh = NULL;
+
++ if (!(flags & XS_OPEN_DOMAINONLY)) {
+ if (flags & XS_OPEN_READONLY)
+ xsh = get_handle(xs_daemon_socket_ro());
+ else
+ xsh = get_handle(xs_daemon_socket());
++ }
+
+ if (!xsh && !(flags & XS_OPEN_SOCKETONLY))
+ xsh = get_handle(xs_domain_dev());
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 5 Jul 2014 11:47:12 +0200
+X-Dgit-Generated: 4.8.1-1 dda6e65fe8f36391534f781ebdf0bc9f9e58192a
+Subject: tools-xenstore-prefix.diff
+
+Patch-Name: tools-xenstore-prefix.diff
+
+---
+
+--- xen-4.8.1.orig/tools/helpers/Makefile
++++ xen-4.8.1/tools/helpers/Makefile
+@@ -31,7 +31,7 @@ xen-init-dom0: $(XEN_INIT_DOM0_OBJS)
+ $(INIT_XENSTORE_DOMAIN_OBJS): _paths.h
+
+ init-xenstore-domain: $(INIT_XENSTORE_DOMAIN_OBJS)
+- $(CC) $(LDFLAGS) -o $@ $(INIT_XENSTORE_DOMAIN_OBJS) $(LDLIBS_libxentoollog) $(LDLIBS_libxenstore) $(LDLIBS_libxenctrl) $(LDLIBS_libxenguest) $(LDLIBS_libxenlight) $(APPEND_LDFLAGS)
++ $(CC) $(LDFLAGS) -o $@ $(INIT_XENSTORE_DOMAIN_OBJS) $(LDLIBS_libxentoollog) $(LDLIBS_libxenstore) $(LDLIBS_libxenctrl) $(LDLIBS_libxenguest) $(LDLIBS_libxenlight) $(call LDFLAGS_RPATH,../lib) $(APPEND_LDFLAGS)
+
+ .PHONY: install
+ install: all
+--- xen-4.8.1.orig/tools/xenstore/Makefile
++++ xen-4.8.1/tools/xenstore/Makefile
+@@ -20,6 +20,8 @@ LDFLAGS-$(CONFIG_SYSTEMD) += $(SYSTEMD_L
+ CFLAGS += $(CFLAGS-y)
+ LDFLAGS += $(LDFLAGS-y)
+
++LDFLAGS_libxenctrl += $(call LDFLAGS_RPATH,../lib)
++
+ CLIENTS := xenstore-exists xenstore-list xenstore-read xenstore-rm xenstore-chmod
+ CLIENTS += xenstore-write xenstore-ls xenstore-watch
+
+@@ -74,7 +76,7 @@ endif
+ $(XENSTORED_OBJS): CFLAGS += $(CFLAGS_libxengnttab)
+
+ xenstored: $(XENSTORED_OBJS)
+- $(CC) $^ $(LDFLAGS) $(LDLIBS_libxenevtchn) $(LDLIBS_libxengnttab) $(LDLIBS_libxenctrl) $(LDLIBS_xenstored) $(SOCKET_LIBS) -o $@ $(APPEND_LDFLAGS)
++ $(CC) $^ $(LDFLAGS) $(LDLIBS_libxenevtchn) $(LDLIBS_libxengnttab) $(LDLIBS_libxenctrl) $(SOCKET_LIBS) $(LDLIBS_xenstored) $(call LDFLAGS_RPATH,../lib) -o $@ $(APPEND_LDFLAGS)
+
+ xenstored.a: $(XENSTORED_OBJS)
+ $(AR) cr $@ $^
+@@ -127,13 +129,13 @@ tarball: clean
+ install: all
+ $(INSTALL_DIR) $(DESTDIR)$(bindir)
+ $(INSTALL_DIR) $(DESTDIR)$(includedir)
++ $(INSTALL_DIR) $(DESTDIR)$(LIBEXEC_BIN)
+ $(INSTALL_DIR) $(DESTDIR)$(includedir)/xenstore-compat
+ ifeq ($(XENSTORE_XENSTORED),y)
+- $(INSTALL_DIR) $(DESTDIR)$(sbindir)
+ $(INSTALL_DIR) $(DESTDIR)$(XEN_LIB_STORED)
+- $(INSTALL_PROG) xenstored $(DESTDIR)$(sbindir)
++ $(INSTALL_PROG) xenstored $(DESTDIR)$(LIBEXEC_BIN)
+ endif
+- $(INSTALL_PROG) xenstore-control $(DESTDIR)$(bindir)
++ $(INSTALL_PROG) xenstore-control $(DESTDIR)$(LIBEXEC_BIN)
+ $(INSTALL_PROG) xenstore $(DESTDIR)$(bindir)
+ set -e ; for c in $(CLIENTS) ; do \
+ ln -f $(DESTDIR)$(bindir)/xenstore $(DESTDIR)$(bindir)/$${c} ; \
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 5 Jul 2014 11:47:14 +0200
+X-Dgit-Generated: 4.8.1-1 bded2269fb168938a662711d0a632d9d644bfc30
+Subject: tools-xentrace-prefix.diff
+
+Patch-Name: tools-xentrace-prefix.diff
+
+---
+
+--- xen-4.8.1.orig/tools/xentrace/Makefile
++++ xen-4.8.1/tools/xentrace/Makefile
+@@ -8,6 +8,7 @@ CFLAGS += $(CFLAGS_libxenctrl)
+ LDLIBS += $(LDLIBS_libxenevtchn)
+ LDLIBS += $(LDLIBS_libxenctrl)
+ LDLIBS += $(ARGP_LDFLAGS)
++LDFLAGS += $(call LDFLAGS_RPATH,../lib)
+
+ BIN-$(CONFIG_X86) = xenalyze
+ BIN = $(BIN-y)
+@@ -23,15 +24,9 @@ build: $(BIN) $(SBIN) $(LIBBIN)
+
+ .PHONY: install
+ install: build
+- $(INSTALL_DIR) $(DESTDIR)$(bindir)
+- $(INSTALL_DIR) $(DESTDIR)$(sbindir)
+- [ -z "$(LIBBIN)" ] || $(INSTALL_DIR) $(DESTDIR)$(LIBEXEC_BIN)
+-ifneq ($(BIN),)
+- $(INSTALL_PROG) $(BIN) $(DESTDIR)$(bindir)
+-endif
+- $(INSTALL_PROG) $(SBIN) $(DESTDIR)$(sbindir)
+- $(INSTALL_PYTHON_PROG) $(SCRIPTS) $(DESTDIR)$(bindir)
+- [ -z "$(LIBBIN)" ] || $(INSTALL_PROG) $(LIBBIN) $(DESTDIR)$(LIBEXEC_BIN)
++ $(INSTALL_DIR) $(DESTDIR)$(LIBEXEC_BIN)
++ $(INSTALL_PROG) $(BIN) $(SBIN) $(LIBBIN) $(DESTDIR)$(LIBEXEC_BIN)
++ $(INSTALL_PYTHON_PROG) $(SCRIPTS) $(DESTDIR)$(LIBEXEC_BIN)
+
+ .PHONY: clean
+ clean:
--- /dev/null
+From: Ian Jackson <ian.jackson@citrix.com>
+Date: Tue, 1 Nov 2016 16:20:27 +0000
+X-Dgit-Generated: 4.8.1-1 0b669a48e4ac450fded811b1ea297d644044d179
+Subject: tools/tests/x86_emulator: Pass -no-pie -fno-pic to gcc on x86_32
+
+The current build fails with GCC6 on Debian sid i386 (unstable):
+
+ /tmp/ccqjaueF.s: Assembler messages:
+ /tmp/ccqjaueF.s:3713: Error: missing or invalid displacement expression `vmovd_to_reg_len@GOT'
+
+This is due to the combination of GCC6, and Debian's decision to
+enable some hardening flags by default (to try to make runtime
+addresses less predictable):
+ https://wiki.debian.org/Hardening/PIEByDefaultTransition
+
+This is of no benefit for the x86 instruction emulator test, which is
+a rebuild of the emulator code for testing purposes only. So pass
+options to disable this.
+
+These options will be no-ops if they are the same as the compiler
+default.
+
+On amd64, the -fno-pic breaks the build in a different way. So do
+this only on i386.
+
+Signed-off-by: Ian Jackson <ian.jackson@citrix.com>
+CC: Jan Beulich <jbeulich@suse.com>
+CC: Andrew Cooper <andrew.cooper3@citrix.com>
+
+squash! tools/tests/x86_emulator: Pass -no-pie -fno-pic to gcc
+
+Signed-off-by: Ian Jackson <ian.jackson@citrix.com>
+
+---
+
+--- xen-4.8.1.orig/tools/tests/x86_emulator/Makefile
++++ xen-4.8.1/tools/tests/x86_emulator/Makefile
+@@ -45,6 +45,10 @@ x86_emulate/x86_emulate.c x86_emulate/x8
+
+ HOSTCFLAGS += $(CFLAGS_xeninclude)
+
++ifeq ($(XEN_TARGET_ARCH),x86_32)
++HOSTCFLAGS += -no-pie -fno-pic
++endif
++
+ x86_emulate.o: x86_emulate.c x86_emulate/x86_emulate.c x86_emulate/x86_emulate.h
+ $(HOSTCC) $(HOSTCFLAGS) -c -g -o $@ $<
+
--- /dev/null
+From: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
+Date: Thu, 6 Oct 2016 14:24:46 +0100
+X-Dgit-Generated: 4.8.1-1 a80895b1222bf96c423953a78171ca38ee847a9f
+Subject: ubuntu-tools-libs-abiname
+
+
+---
+
+--- xen-4.8.1.orig/tools/libs/call/Makefile
++++ xen-4.8.1/tools/libs/call/Makefile
+@@ -39,22 +39,22 @@ headers.chk: $(wildcard include/*.h)
+ libxencall.a: $(LIB_OBJS)
+ $(AR) rc $@ $^
+
+-libxencall.so: libxencall.so.$(MAJOR)
++libxencall.so: libxencall-$(PACKAGE_VERSION).so.$(MAJOR)
+ $(SYMLINK_SHLIB) $< $@
+-libxencall.so.$(MAJOR): libxencall.so.$(MAJOR).$(MINOR)
++libxencall-$(PACKAGE_VERSION).so.$(MAJOR): libxencall-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR)
+ $(SYMLINK_SHLIB) $< $@
+
+-libxencall.so.$(MAJOR).$(MINOR): $(PIC_OBJS) libxencall.map
+- $(CC) $(LDFLAGS) $(PTHREAD_LDFLAGS) -Wl,$(SONAME_LDFLAG) -Wl,libxencall.so.$(MAJOR) $(SHLIB_LDFLAGS) -o $@ $(PIC_OBJS) $(LDLIBS_libxentoollog) $(APPEND_LDFLAGS)
++libxencall-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR): $(PIC_OBJS) libxencall.map
++ $(CC) $(LDFLAGS) $(PTHREAD_LDFLAGS) -Wl,$(SONAME_LDFLAG) -Wl,libxencall-$(PACKAGE_VERSION).so.$(MAJOR) $(SHLIB_LDFLAGS) -o $@ $(PIC_OBJS) $(LDLIBS_libxentoollog) $(APPEND_LDFLAGS)
+
+ .PHONY: install
+ install: build
+ $(INSTALL_DIR) $(DESTDIR)$(libdir)
+ $(INSTALL_DIR) $(DESTDIR)$(includedir)
+- $(INSTALL_SHLIB) libxencall.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)
++ $(INSTALL_SHLIB) libxencall-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)
+ $(INSTALL_DATA) libxencall.a $(DESTDIR)$(libdir)
+- $(SYMLINK_SHLIB) libxencall.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)/libxencall.so.$(MAJOR)
+- $(SYMLINK_SHLIB) libxencall.so.$(MAJOR) $(DESTDIR)$(libdir)/libxencall.so
++ $(SYMLINK_SHLIB) libxencall-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)/libxencall-$(PACKAGE_VERSION).so.$(MAJOR)
++ $(SYMLINK_SHLIB) libxencall-$(PACKAGE_VERSION).so.$(MAJOR) $(DESTDIR)$(libdir)/libxencall.so
+ $(INSTALL_DATA) include/xencall.h $(DESTDIR)$(includedir)
+
+ .PHONY: TAGS
+@@ -64,7 +64,7 @@ TAGS:
+ .PHONY: clean
+ clean:
+ rm -rf *.rpm $(LIB) *~ $(DEPS) $(LIB_OBJS) $(PIC_OBJS)
+- rm -f libxencall.so.$(MAJOR).$(MINOR) libxencall.so.$(MAJOR)
++ rm -f libxencall-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR) libxencall-$(PACKAGE_VERSION).so.$(MAJOR)
+ rm -f headers.chk
+
+ .PHONY: distclean
+--- xen-4.8.1.orig/tools/libs/evtchn/Makefile
++++ xen-4.8.1/tools/libs/evtchn/Makefile
+@@ -39,22 +39,22 @@ headers.chk: $(wildcard include/*.h)
+ libxenevtchn.a: $(LIB_OBJS)
+ $(AR) rc $@ $^
+
+-libxenevtchn.so: libxenevtchn.so.$(MAJOR)
++libxenevtchn.so: libxenevtchn-$(PACKAGE_VERSION).so.$(MAJOR)
+ $(SYMLINK_SHLIB) $< $@
+-libxenevtchn.so.$(MAJOR): libxenevtchn.so.$(MAJOR).$(MINOR)
++libxenevtchn-$(PACKAGE_VERSION).so.$(MAJOR): libxenevtchn-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR)
+ $(SYMLINK_SHLIB) $< $@
+
+-libxenevtchn.so.$(MAJOR).$(MINOR): $(PIC_OBJS) libxenevtchn.map
+- $(CC) $(LDFLAGS) -Wl,$(SONAME_LDFLAG) -Wl,libxenevtchn.so.$(MAJOR) $(SHLIB_LDFLAGS) -o $@ $(PIC_OBJS) $(LDLIBS_libxentoollog) $(APPEND_LDFLAGS)
++libxenevtchn-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR): $(PIC_OBJS) libxenevtchn.map
++ $(CC) $(LDFLAGS) -Wl,$(SONAME_LDFLAG) -Wl,libxenevtchn-$(PACKAGE_VERSION).so.$(MAJOR) $(SHLIB_LDFLAGS) -o $@ $(PIC_OBJS) $(LDLIBS_libxentoollog) $(APPEND_LDFLAGS)
+
+ .PHONY: install
+ install: build
+ $(INSTALL_DIR) $(DESTDIR)$(libdir)
+ $(INSTALL_DIR) $(DESTDIR)$(includedir)
+- $(INSTALL_SHLIB) libxenevtchn.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)
++ $(INSTALL_SHLIB) libxenevtchn-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)
+ $(INSTALL_DATA) libxenevtchn.a $(DESTDIR)$(libdir)
+- $(SYMLINK_SHLIB) libxenevtchn.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)/libxenevtchn.so.$(MAJOR)
+- $(SYMLINK_SHLIB) libxenevtchn.so.$(MAJOR) $(DESTDIR)$(libdir)/libxenevtchn.so
++ $(SYMLINK_SHLIB) libxenevtchn-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)/libxenevtchn-$(PACKAGE_VERSION).so.$(MAJOR)
++ $(SYMLINK_SHLIB) libxenevtchn-$(PACKAGE_VERSION).so.$(MAJOR) $(DESTDIR)$(libdir)/libxenevtchn.so
+ $(INSTALL_DATA) include/xenevtchn.h $(DESTDIR)$(includedir)
+
+ .PHONY: TAGS
+@@ -64,7 +64,7 @@ TAGS:
+ .PHONY: clean
+ clean:
+ rm -rf *.rpm $(LIB) *~ $(DEPS) $(LIB_OBJS) $(PIC_OBJS)
+- rm -f libxenevtchn.so.$(MAJOR).$(MINOR) libxenevtchn.so.$(MAJOR)
++ rm -f libxenevtchn-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR) libxenevtchn-$(PACKAGE_VERSION).so.$(MAJOR)
+ rm -f headers.chk
+
+ .PHONY: distclean
+--- xen-4.8.1.orig/tools/libs/foreignmemory/Makefile
++++ xen-4.8.1/tools/libs/foreignmemory/Makefile
+@@ -39,22 +39,22 @@ headers.chk: $(wildcard include/*.h)
+ libxenforeignmemory.a: $(LIB_OBJS)
+ $(AR) rc $@ $^
+
+-libxenforeignmemory.so: libxenforeignmemory.so.$(MAJOR)
++libxenforeignmemory.so: libxenforeignmemory-$(PACKAGE_VERSION).so.$(MAJOR)
+ $(SYMLINK_SHLIB) $< $@
+-libxenforeignmemory.so.$(MAJOR): libxenforeignmemory.so.$(MAJOR).$(MINOR)
++libxenforeignmemory-$(PACKAGE_VERSION).so.$(MAJOR): libxenforeignmemory-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR)
+ $(SYMLINK_SHLIB) $< $@
+
+-libxenforeignmemory.so.$(MAJOR).$(MINOR): $(PIC_OBJS) libxenforeignmemory.map
+- $(CC) $(LDFLAGS) $(PTHREAD_LDFLAGS) -Wl,$(SONAME_LDFLAG) -Wl,libxenforeignmemory.so.$(MAJOR) $(SHLIB_LDFLAGS) -o $@ $(PIC_OBJS) $(LDLIBS_libxentoollog) $(APPEND_LDFLAGS)
++libxenforeignmemory-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR): $(PIC_OBJS) libxenforeignmemory.map
++ $(CC) $(LDFLAGS) $(PTHREAD_LDFLAGS) -Wl,$(SONAME_LDFLAG) -Wl,libxenforeignmemory-$(PACKAGE_VERSION).so.$(MAJOR) $(SHLIB_LDFLAGS) -o $@ $(PIC_OBJS) $(LDLIBS_libxentoollog) $(APPEND_LDFLAGS)
+
+ .PHONY: install
+ install: build
+ $(INSTALL_DIR) $(DESTDIR)$(libdir)
+ $(INSTALL_DIR) $(DESTDIR)$(includedir)
+- $(INSTALL_SHLIB) libxenforeignmemory.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)
++ $(INSTALL_SHLIB) libxenforeignmemory-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)
+ $(INSTALL_DATA) libxenforeignmemory.a $(DESTDIR)$(libdir)
+- $(SYMLINK_SHLIB) libxenforeignmemory.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)/libxenforeignmemory.so.$(MAJOR)
+- $(SYMLINK_SHLIB) libxenforeignmemory.so.$(MAJOR) $(DESTDIR)$(libdir)/libxenforeignmemory.so
++ $(SYMLINK_SHLIB) libxenforeignmemory-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)/libxenforeignmemory-$(PACKAGE_VERSION).so.$(MAJOR)
++ $(SYMLINK_SHLIB) libxenforeignmemory-$(PACKAGE_VERSION).so.$(MAJOR) $(DESTDIR)$(libdir)/libxenforeignmemory.so
+ $(INSTALL_DATA) include/xenforeignmemory.h $(DESTDIR)$(includedir)
+
+ .PHONY: TAGS
+@@ -64,7 +64,7 @@ TAGS:
+ .PHONY: clean
+ clean:
+ rm -rf *.rpm $(LIB) *~ $(DEPS) $(LIB_OBJS) $(PIC_OBJS)
+- rm -f libxenforeignmemory.so.$(MAJOR).$(MINOR) libxenforeignmemory.so.$(MAJOR)
++ rm -f libxenforeignmemory-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR) libxenforeignmemory-$(PACKAGE_VERSION).so.$(MAJOR)
+ rm -f headers.chk
+
+ .PHONY: distclean
+--- xen-4.8.1.orig/tools/libs/gnttab/Makefile
++++ xen-4.8.1/tools/libs/gnttab/Makefile
+@@ -41,22 +41,22 @@ headers.chk: $(wildcard include/*.h)
+ libxengnttab.a: $(LIB_OBJS)
+ $(AR) rc $@ $^
+
+-libxengnttab.so: libxengnttab.so.$(MAJOR)
++libxengnttab.so: libxengnttab-$(PACKAGE_VERSION).so.$(MAJOR)
+ $(SYMLINK_SHLIB) $< $@
+-libxengnttab.so.$(MAJOR): libxengnttab.so.$(MAJOR).$(MINOR)
++libxengnttab-$(PACKAGE_VERSION).so.$(MAJOR): libxengnttab-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR)
+ $(SYMLINK_SHLIB) $< $@
+
+-libxengnttab.so.$(MAJOR).$(MINOR): $(PIC_OBJS) libxengnttab.map
+- $(CC) $(LDFLAGS) -Wl,$(SONAME_LDFLAG) -Wl,libxengnttab.so.$(MAJOR) $(SHLIB_LDFLAGS) -o $@ $(PIC_OBJS) $(LDLIBS_libxentoollog) $(APPEND_LDFLAGS)
++libxengnttab-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR): $(PIC_OBJS) libxengnttab.map
++ $(CC) $(LDFLAGS) -Wl,$(SONAME_LDFLAG) -Wl,libxengnttab-$(PACKAGE_VERSION).so.$(MAJOR) $(SHLIB_LDFLAGS) -o $@ $(PIC_OBJS) $(LDLIBS_libxentoollog) $(APPEND_LDFLAGS)
+
+ .PHONY: install
+ install: build
+ $(INSTALL_DIR) $(DESTDIR)$(libdir)
+ $(INSTALL_DIR) $(DESTDIR)$(includedir)
+- $(INSTALL_SHLIB) libxengnttab.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)
++ $(INSTALL_SHLIB) libxengnttab-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)
+ $(INSTALL_DATA) libxengnttab.a $(DESTDIR)$(libdir)
+- $(SYMLINK_SHLIB) libxengnttab.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)/libxengnttab.so.$(MAJOR)
+- $(SYMLINK_SHLIB) libxengnttab.so.$(MAJOR) $(DESTDIR)$(libdir)/libxengnttab.so
++ $(SYMLINK_SHLIB) libxengnttab-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)/libxengnttab-$(PACKAGE_VERSION).so.$(MAJOR)
++ $(SYMLINK_SHLIB) libxengnttab-$(PACKAGE_VERSION).so.$(MAJOR) $(DESTDIR)$(libdir)/libxengnttab.so
+ $(INSTALL_DATA) include/xengnttab.h $(DESTDIR)$(includedir)
+
+ .PHONY: TAGS
+@@ -66,7 +66,7 @@ TAGS:
+ .PHONY: clean
+ clean:
+ rm -rf *.rpm $(LIB) *~ $(DEPS) $(LIB_OBJS) $(PIC_OBJS)
+- rm -f libxengnttab.so.$(MAJOR).$(MINOR) libxengnttab.so.$(MAJOR)
++ rm -f libxengnttab-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR) libxengnttab-$(PACKAGE_VERSION).so.$(MAJOR)
+ rm -f headers.chk
+
+ .PHONY: distclean
+--- xen-4.8.1.orig/tools/libs/toollog/Makefile
++++ xen-4.8.1/tools/libs/toollog/Makefile
+@@ -34,22 +34,22 @@ headers.chk: $(wildcard include/*.h)
+ libxentoollog.a: $(LIB_OBJS)
+ $(AR) rc $@ $^
+
+-libxentoollog.so: libxentoollog.so.$(MAJOR)
++libxentoollog.so: libxentoollog-$(PACKAGE_VERSION).so.$(MAJOR)
+ $(SYMLINK_SHLIB) $< $@
+-libxentoollog.so.$(MAJOR): libxentoollog.so.$(MAJOR).$(MINOR)
++libxentoollog-$(PACKAGE_VERSION).so.$(MAJOR): libxentoollog-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR)
+ $(SYMLINK_SHLIB) $< $@
+
+-libxentoollog.so.$(MAJOR).$(MINOR): $(PIC_OBJS) libxentoollog.map
+- $(CC) $(LDFLAGS) -Wl,$(SONAME_LDFLAG) -Wl,libxentoollog.so.$(MAJOR) $(SHLIB_LDFLAGS) -o $@ $(PIC_OBJS) $(APPEND_LDFLAGS)
++libxentoollog-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR): $(PIC_OBJS) libxentoollog.map
++ $(CC) $(LDFLAGS) -Wl,$(SONAME_LDFLAG) -Wl,libxentoollog-$(PACKAGE_VERSION).so.$(MAJOR) $(SHLIB_LDFLAGS) -o $@ $(PIC_OBJS) $(APPEND_LDFLAGS)
+
+ .PHONY: install
+ install: build
+ $(INSTALL_DIR) $(DESTDIR)$(libdir)
+ $(INSTALL_DIR) $(DESTDIR)$(includedir)
+- $(INSTALL_SHLIB) libxentoollog.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)
++ $(INSTALL_SHLIB) libxentoollog-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)
+ $(INSTALL_DATA) libxentoollog.a $(DESTDIR)$(libdir)
+- $(SYMLINK_SHLIB) libxentoollog.so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)/libxentoollog.so.$(MAJOR)
+- $(SYMLINK_SHLIB) libxentoollog.so.$(MAJOR) $(DESTDIR)$(libdir)/libxentoollog.so
++ $(SYMLINK_SHLIB) libxentoollog-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR) $(DESTDIR)$(libdir)/libxentoollog-$(PACKAGE_VERSION).so.$(MAJOR)
++ $(SYMLINK_SHLIB) libxentoollog-$(PACKAGE_VERSION).so.$(MAJOR) $(DESTDIR)$(libdir)/libxentoollog.so
+ $(INSTALL_DATA) include/xentoollog.h $(DESTDIR)$(includedir)
+
+ .PHONY: TAGS
+@@ -59,7 +59,7 @@ TAGS:
+ .PHONY: clean
+ clean:
+ rm -rf *.rpm $(LIB) *~ $(DEPS) $(LIB_OBJS) $(PIC_OBJS)
+- rm -f libxentoollog.so.$(MAJOR).$(MINOR) libxentoollog.so.$(MAJOR)
++ rm -f libxentoollog-$(PACKAGE_VERSION).so.$(MAJOR).$(MINOR) libxentoollog-$(PACKAGE_VERSION).so.$(MAJOR)
+ rm -f headers.chk
+
+ .PHONY: distclean
--- /dev/null
+From: Bastian Blank <waldi@debian.org>
+Date: Sat, 5 Jul 2014 11:46:43 +0200
+X-Dgit-Generated: 4.8.1-1 adc50830f6c334569f54255310fc489d139d542f
+Subject: version
+
+Patch-Name: version.diff
+
+---
+
+--- xen-4.8.1.orig/xen/Makefile
++++ xen-4.8.1/xen/Makefile
+@@ -160,7 +160,7 @@ delete-unfresh-files:
+ @mv -f $@.tmp $@
+
+ # compile.h contains dynamic build info. Rebuilt on every 'make' invocation.
+-include/xen/compile.h: include/xen/compile.h.in .banner
++include/xen/compile.h: include/xen/compile.h.in
+ @sed -e 's/@@date@@/$(XEN_BUILD_DATE)/g' \
+ -e 's/@@time@@/$(XEN_BUILD_TIME)/g' \
+ -e 's/@@whoami@@/$(XEN_WHOAMI)/g' \
+@@ -171,9 +171,11 @@ include/xen/compile.h: include/xen/compi
+ -e 's/@@subversion@@/$(XEN_SUBVERSION)/g' \
+ -e 's/@@extraversion@@/$(XEN_EXTRAVERSION)/g' \
+ -e 's!@@changeset@@!$(shell tools/scmversion $(XEN_ROOT) || echo "unavailable")!g' \
++ -e 's/@@system_distribution@@/$(shell lsb_release -is)/g' \
++ -e 's/@@system_maintainer_domain@@/$(shell cd ../../../..; dpkg-parsechangelog | sed -ne 's,^Maintainer: .[^<]*<[^@>]*@\([^>]*\)>,\1,p')/g' \
++ -e 's/@@system_maintainer_local@@/$(shell cd ../../../..; dpkg-parsechangelog | sed -ne 's,^Maintainer: .[^<]*<\([^@>]*\)@.*>,\1,p')/g' \
++ -e 's/@@system_version@@/$(shell cd ../../../..; dpkg-parsechangelog | awk '/^Version:/ {print $$2}')/g' \
+ < include/xen/compile.h.in > $@.new
+- @cat .banner
+- @$(PYTHON) tools/fig-to-oct.py < .banner >> $@.new
+ @mv -f $@.new $@
+
+ include/asm-$(TARGET_ARCH)/asm-offsets.h: arch/$(TARGET_ARCH)/asm-offsets.s
+--- xen-4.8.1.orig/xen/common/kernel.c
++++ xen-4.8.1/xen/common/kernel.c
+@@ -252,8 +252,8 @@ DO(xen_version)(int cmd, XEN_GUEST_HANDL
+
+ memset(&info, 0, sizeof(info));
+ safe_strcpy(info.compiler, deny ? xen_deny() : xen_compiler());
+- safe_strcpy(info.compile_by, deny ? xen_deny() : xen_compile_by());
+- safe_strcpy(info.compile_domain, deny ? xen_deny() : xen_compile_domain());
++ safe_strcpy(info.compile_by, deny ? xen_deny() : xen_compile_system_maintainer_local());
++ safe_strcpy(info.compile_domain, deny ? xen_deny() : xen_compile_system_maintainer_domain());
+ safe_strcpy(info.compile_date, deny ? xen_deny() : xen_compile_date());
+ if ( copy_to_guest(arg, &info, 1) )
+ return -EFAULT;
+--- xen-4.8.1.orig/xen/common/version.c
++++ xen-4.8.1/xen/common/version.c
+@@ -20,19 +20,24 @@ const char *xen_compile_time(void)
+ return XEN_COMPILE_TIME;
+ }
+
+-const char *xen_compile_by(void)
++const char *xen_compile_system_distribution(void)
+ {
+- return XEN_COMPILE_BY;
++ return XEN_COMPILE_SYSTEM_DISTRIBUTION;
+ }
+
+-const char *xen_compile_domain(void)
++const char *xen_compile_system_maintainer_local(void)
+ {
+- return XEN_COMPILE_DOMAIN;
++ return XEN_COMPILE_SYSTEM_MAINTAINER_LOCAL;
+ }
+
+-const char *xen_compile_host(void)
++const char *xen_compile_system_maintainer_domain(void)
+ {
+- return XEN_COMPILE_HOST;
++ return XEN_COMPILE_SYSTEM_MAINTAINER_DOMAIN;
++}
++
++const char *xen_compile_system_version(void)
++{
++ return XEN_COMPILE_SYSTEM_VERSION;
+ }
+
+ const char *xen_compiler(void)
+@@ -60,11 +65,6 @@ const char *xen_changeset(void)
+ return XEN_CHANGESET;
+ }
+
+-const char *xen_banner(void)
+-{
+- return XEN_BANNER;
+-}
+-
+ const char *xen_deny(void)
+ {
+ return "<denied>";
+--- xen-4.8.1.orig/xen/drivers/char/console.c
++++ xen-4.8.1/xen/drivers/char/console.c
+@@ -732,14 +732,11 @@ void __init console_init_preirq(void)
+ serial_set_rx_handler(sercon_handle, serial_rx);
+
+ /* HELLO WORLD --- start-of-day banner text. */
+- spin_lock(&console_lock);
+- __putstr(xen_banner());
+- spin_unlock(&console_lock);
+- printk("Xen version %d.%d%s (%s@%s) (%s) debug=%c " gcov_string " %s\n",
++ printk("Xen version %d.%d%s (%s %s) (%s@%s) (%s) debug=%c " gcov_string " %s\n",
+ xen_major_version(), xen_minor_version(), xen_extra_version(),
+- xen_compile_by(), xen_compile_domain(),
++ xen_compile_system_distribution(), xen_compile_system_version(),
++ xen_compile_system_maintainer_local(), xen_compile_system_maintainer_domain(),
+ xen_compiler(), debug_build() ? 'y' : 'n', xen_compile_date());
+- printk("Latest ChangeSet: %s\n", xen_changeset());
+
+ if ( opt_sync_console )
+ {
+--- xen-4.8.1.orig/xen/include/xen/compile.h.in
++++ xen-4.8.1/xen/include/xen/compile.h.in
+@@ -1,8 +1,9 @@
+ #define XEN_COMPILE_DATE "@@date@@"
+ #define XEN_COMPILE_TIME "@@time@@"
+-#define XEN_COMPILE_BY "@@whoami@@"
+-#define XEN_COMPILE_DOMAIN "@@domain@@"
+-#define XEN_COMPILE_HOST "@@hostname@@"
++#define XEN_COMPILE_SYSTEM_DISTRIBUTION "@@system_distribution@@"
++#define XEN_COMPILE_SYSTEM_MAINTAINER_DOMAIN "@@system_maintainer_domain@@"
++#define XEN_COMPILE_SYSTEM_MAINTAINER_LOCAL "@@system_maintainer_local@@"
++#define XEN_COMPILE_SYSTEM_VERSION "@@system_version@@"
+ #define XEN_COMPILER "@@compiler@@"
+
+ #define XEN_VERSION @@version@@
+@@ -10,4 +11,3 @@
+ #define XEN_EXTRAVERSION "@@extraversion@@"
+
+ #define XEN_CHANGESET "@@changeset@@"
+-#define XEN_BANNER \
+--- xen-4.8.1.orig/xen/include/xen/version.h
++++ xen-4.8.1/xen/include/xen/version.h
+@@ -6,9 +6,10 @@
+
+ const char *xen_compile_date(void);
+ const char *xen_compile_time(void);
+-const char *xen_compile_by(void);
+-const char *xen_compile_domain(void);
+-const char *xen_compile_host(void);
++const char *xen_compile_system_distribution(void);
++const char *xen_compile_system_maintainer_domain(void);
++const char *xen_compile_system_maintainer_local(void);
++const char *xen_compile_system_version(void);
+ const char *xen_compiler(void);
+ unsigned int xen_major_version(void);
+ unsigned int xen_minor_version(void);
--- /dev/null
+From: Jan Beulich <jbeulich@suse.com>
+Date: Tue, 20 Jun 2017 13:24:03 +0100
+X-Dgit-Generated: 4.8.1-1+deb9u2 ad4cf7024d6fc069ad59913b70ccdd3db291e93e
+Subject: x86: avoid leaking PKRU and BND* between vCPU-s
+
+PKRU is explicitly "XSAVE-managed but not XSAVE-enabled", so guests
+might access the register (via {RD,WR}PKRU) without setting XCR0.PKRU.
+Force context switching as well as migrating the register as soon as
+CR4.PKE is being set the first time.
+
+For MPX (BND<n>, BNDCFGU, and BNDSTATUS) the situation is less clear,
+and the SDM has not entirely consistent information for that case.
+While experimentally the instructions don't change register state as
+long as the two XCR0 bits aren't both 1, be on the safe side and enable
+both if BNDCFGS.EN is being set the first time.
+
+This is XSA-220.
+
+Reported-by: Andrew Cooper <andrew.cooper3@citrix.com>
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
+
+---
+
+--- xen-4.8.1.orig/xen/arch/x86/hvm/hvm.c
++++ xen-4.8.1/xen/arch/x86/hvm/hvm.c
+@@ -311,10 +311,39 @@ int hvm_set_guest_pat(struct vcpu *v, u6
+
+ bool hvm_set_guest_bndcfgs(struct vcpu *v, u64 val)
+ {
+- return hvm_funcs.set_guest_bndcfgs &&
+- is_canonical_address(val) &&
+- !(val & IA32_BNDCFGS_RESERVED) &&
+- hvm_funcs.set_guest_bndcfgs(v, val);
++ if ( !hvm_funcs.set_guest_bndcfgs ||
++ !is_canonical_address(val) ||
++ (val & IA32_BNDCFGS_RESERVED) )
++ return false;
++
++ /*
++ * While MPX instructions are supposed to be gated on XCR0.BND*, let's
++ * nevertheless force the relevant XCR0 bits on when the feature is being
++ * enabled in BNDCFGS.
++ */
++ if ( (val & IA32_BNDCFGS_ENABLE) &&
++ !(v->arch.xcr0_accum & (XSTATE_BNDREGS | XSTATE_BNDCSR)) )
++ {
++ uint64_t xcr0 = get_xcr0();
++ int rc;
++
++ if ( v != current )
++ return false;
++
++ rc = handle_xsetbv(XCR_XFEATURE_ENABLED_MASK,
++ xcr0 | XSTATE_BNDREGS | XSTATE_BNDCSR);
++
++ if ( rc )
++ {
++ HVM_DBG_LOG(DBG_LEVEL_1, "Failed to force XCR0.BND*: %d", rc);
++ return false;
++ }
++
++ if ( handle_xsetbv(XCR_XFEATURE_ENABLED_MASK, xcr0) )
++ /* nothing, best effort only */;
++ }
++
++ return hvm_funcs.set_guest_bndcfgs(v, val);
+ }
+
+ /*
+@@ -2477,6 +2506,27 @@ int hvm_set_cr4(unsigned long value, boo
+ paging_update_paging_modes(v);
+ }
+
++ /*
++ * {RD,WR}PKRU are not gated on XCR0.PKRU and hence an oddly behaving
++ * guest may enable the feature in CR4 without enabling it in XCR0. We
++ * need to context switch / migrate PKRU nevertheless.
++ */
++ if ( (value & X86_CR4_PKE) && !(v->arch.xcr0_accum & XSTATE_PKRU) )
++ {
++ int rc = handle_xsetbv(XCR_XFEATURE_ENABLED_MASK,
++ get_xcr0() | XSTATE_PKRU);
++
++ if ( rc )
++ {
++ HVM_DBG_LOG(DBG_LEVEL_1, "Failed to force XCR0.PKRU: %d", rc);
++ goto gpf;
++ }
++
++ if ( handle_xsetbv(XCR_XFEATURE_ENABLED_MASK,
++ get_xcr0() & ~XSTATE_PKRU) )
++ /* nothing, best effort only */;
++ }
++
+ return X86EMUL_OKAY;
+
+ gpf:
--- /dev/null
+From: Jan Beulich <jbeulich@suse.com>
+Date: Tue, 2 May 2017 12:18:38 +0100
+X-Dgit-Generated: 4.8.1-1+deb9u1 8733567025e5095d178d6d294dbf0405d2250e37
+Subject: x86: discard type information when stealing pages
+
+While a page having just a single general reference left necessarily
+has a zero type reference count too, its type may still be valid (and
+in validated state; at present this is only possible and relevant for
+PGT_seg_desc_page, as page tables have their type forcibly zapped when
+their type reference count drops to zero, and
+PGT_{writable,shared}_page pages don't require any validation). In
+such a case when the page is being re-used with the same type again,
+validation is being skipped. As validation criteria differ between
+32- and 64-bit guests, pages to be transferred between guests need to
+have their validation indicator zapped (and with it we zap all other
+type information at once).
+
+This is XSA-214.
+
+Reported-by: Jann Horn <jannh@google.com>
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
+
+---
+
+--- xen-4.8.1.orig/xen/arch/x86/mm.c
++++ xen-4.8.1/xen/arch/x86/mm.c
+@@ -4422,6 +4422,17 @@ int steal_page(
+ y = cmpxchg(&page->count_info, x, x & ~PGC_count_mask);
+ } while ( y != x );
+
++ /*
++ * With the sole reference dropped temporarily, no-one can update type
++ * information. Type count also needs to be zero in this case, but e.g.
++ * PGT_seg_desc_page may still have PGT_validated set, which we need to
++ * clear before transferring ownership (as validation criteria vary
++ * depending on domain type).
++ */
++ BUG_ON(page->u.inuse.type_info & (PGT_count_mask | PGT_locked |
++ PGT_pinned));
++ page->u.inuse.type_info = 0;
++
+ /* Swizzle the owner then reinstate the PGC_allocated reference. */
+ page_set_owner(page, NULL);
+ y = page->count_info;
--- /dev/null
+From: Andrew Cooper <andrew.cooper3@citrix.com>
+Date: Tue, 20 Jun 2017 19:18:54 +0100
+X-Dgit-Generated: 4.8.1-1+deb9u3 e6773ea71538f92159ed24856e32d3a1dffb8408
+Subject: x86/grant: Disallow misaligned PTEs
+
+Pagetable entries must be aligned to function correctly. Disallow attempts
+from the guest to have a grant PTE created at a misaligned address, which
+would result in corruption of the L1 table with largely-guest-controlled
+values.
+
+This is XSA-227
+
+Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
+Reviewed-by: Jan Beulich <jbeulich@suse.com>
+
+---
+
+--- xen-4.8.1.orig/xen/arch/x86/mm.c
++++ xen-4.8.1/xen/arch/x86/mm.c
+@@ -3965,6 +3965,9 @@ static int create_grant_pte_mapping(
+ l1_pgentry_t ol1e;
+ struct domain *d = v->domain;
+
++ if ( !IS_ALIGNED(pte_addr, sizeof(nl1e)) )
++ return GNTST_general_error;
++
+ adjust_guest_l1e(nl1e, d);
+
+ gmfn = pte_addr >> PAGE_SHIFT;
+@@ -4022,6 +4025,16 @@ static int destroy_grant_pte_mapping(
+ struct page_info *page;
+ l1_pgentry_t ol1e;
+
++ /*
++ * addr comes from Xen's active_entry tracking so isn't guest controlled,
++ * but it had still better be PTE-aligned.
++ */
++ if ( !IS_ALIGNED(addr, sizeof(ol1e)) )
++ {
++ ASSERT_UNREACHABLE();
++ return GNTST_general_error;
++ }
++
+ gmfn = addr >> PAGE_SHIFT;
+ page = get_page_from_gfn(d, gmfn, NULL, P2M_ALLOC);
+
--- /dev/null
+From: Jan Beulich <jbeulich@suse.com>
+Date: Tue, 20 Jun 2017 13:15:54 +0100
+X-Dgit-Generated: 4.8.1-1+deb9u2 2def9142bbe2459adff422239ba2a3436936f442
+Subject: x86/mm: disallow page stealing from HVM domains
+
+The operation's success can't be controlled by the guest, as the device
+model may have an active mapping of the page. If we nevertheless
+permitted this operation, we'd have to add further TLB flushing to
+prevent scenarios like
+
+"Domains A (HVM), B (PV), C (PV); B->target==A
+ Steps:
+ 1. B maps page X from A as writable
+ 2. B unmaps page X without a TLB flush
+ 3. A sends page X to C via GNTTABOP_transfer
+ 4. C maps page X as pagetable (potentially causing a TLB flush in C,
+ but not in B)
+
+ At this point, X would be mapped as a pagetable in C while being
+ writable through a stale TLB entry in B."
+
+A similar scenario could be constructed for A using XENMEM_exchange and
+some arbitrary PV domain C then having this page allocated.
+
+This is XSA-217.
+
+Reported-by: Jann Horn <jannh@google.com>
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Acked-by: George Dunlap <george.dunlap@citrix.com>
+Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
+
+---
+
+--- xen-4.8.1.orig/xen/arch/x86/mm.c
++++ xen-4.8.1/xen/arch/x86/mm.c
+@@ -4405,6 +4405,9 @@ int steal_page(
+ bool_t drop_dom_ref = 0;
+ const struct domain *owner = dom_xen;
+
++ if ( paging_mode_external(d) )
++ return -1;
++
+ spin_lock(&d->page_alloc_lock);
+
+ if ( is_xen_heap_page(page) || ((owner = page_get_owner(page)) != d) )
--- /dev/null
+From: Andrew Cooper <andrew.cooper3@citrix.com>
+Date: Thu, 11 May 2017 14:47:00 +0100
+X-Dgit-Generated: 4.8.1-1+deb9u2 6aaae51f0315661c4d79fc57594a4cf6bec2b307
+Subject: x86/shadow: Hold references for the duration of emulated writes
+
+The (misnamed) emulate_gva_to_mfn() function translates a linear address to an
+mfn, but releases its page reference before returning the mfn to its caller.
+
+sh_emulate_map_dest() uses the results of one or two translations to construct
+a virtual mapping to the underlying frames, completes an emulated
+write/cmpxchg, then unmaps the virtual mappings.
+
+The page references need holding until the mappings are unmapped, or the
+frames can change ownership before the writes occurs.
+
+This is XSA-219
+
+Reported-by: Andrew Cooper <andrew.cooper3@citrix.com>
+Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
+Reviewed-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-by: Tim Deegan <tim@xen.org>
+
+---
+
+--- xen-4.8.1.orig/xen/arch/x86/mm/shadow/common.c
++++ xen-4.8.1/xen/arch/x86/mm/shadow/common.c
+@@ -1703,7 +1703,10 @@ static unsigned int shadow_get_allocatio
+ /**************************************************************************/
+ /* Handling guest writes to pagetables. */
+
+-/* Translate a VA to an MFN, injecting a page-fault if we fail. */
++/*
++ * Translate a VA to an MFN, injecting a page-fault if we fail. If the
++ * mapping succeeds, a reference will be held on the underlying page.
++ */
+ #define BAD_GVA_TO_GFN (~0UL)
+ #define BAD_GFN_TO_MFN (~1UL)
+ #define READONLY_GFN (~2UL)
+@@ -1751,16 +1754,15 @@ static mfn_t emulate_gva_to_mfn(struct v
+ ASSERT(mfn_valid(mfn));
+
+ v->arch.paging.last_write_was_pt = !!sh_mfn_is_a_page_table(mfn);
+- /*
+- * Note shadow cannot page out or unshare this mfn, so the map won't
+- * disappear. Otherwise, caller must hold onto page until done.
+- */
+- put_page(page);
+
+ return mfn;
+ }
+
+-/* Check that the user is allowed to perform this write. */
++/*
++ * Check that the user is allowed to perform this write. If a mapping is
++ * returned, page references will be held on sh_ctxt->mfn[0] and
++ * sh_ctxt->mfn[1] iff !INVALID_MFN.
++ */
+ void *sh_emulate_map_dest(struct vcpu *v, unsigned long vaddr,
+ unsigned int bytes,
+ struct sh_emulate_ctxt *sh_ctxt)
+@@ -1768,13 +1770,6 @@ void *sh_emulate_map_dest(struct vcpu *v
+ struct domain *d = v->domain;
+ void *map;
+
+- sh_ctxt->mfn[0] = emulate_gva_to_mfn(v, vaddr, sh_ctxt);
+- if ( !mfn_valid(sh_ctxt->mfn[0]) )
+- return ((mfn_x(sh_ctxt->mfn[0]) == BAD_GVA_TO_GFN) ?
+- MAPPING_EXCEPTION :
+- (mfn_x(sh_ctxt->mfn[0]) == READONLY_GFN) ?
+- MAPPING_SILENT_FAIL : MAPPING_UNHANDLEABLE);
+-
+ #ifndef NDEBUG
+ /* We don't emulate user-mode writes to page tables. */
+ if ( has_hvm_container_domain(d)
+@@ -1787,6 +1782,17 @@ void *sh_emulate_map_dest(struct vcpu *v
+ }
+ #endif
+
++ sh_ctxt->mfn[0] = emulate_gva_to_mfn(v, vaddr, sh_ctxt);
++ if ( !mfn_valid(sh_ctxt->mfn[0]) )
++ {
++ switch ( mfn_x(sh_ctxt->mfn[0]) )
++ {
++ case BAD_GVA_TO_GFN: return MAPPING_EXCEPTION;
++ case READONLY_GFN: return MAPPING_SILENT_FAIL;
++ default: return MAPPING_UNHANDLEABLE;
++ }
++ }
++
+ /* Unaligned writes mean probably this isn't a pagetable. */
+ if ( vaddr & (bytes - 1) )
+ sh_remove_shadows(d, sh_ctxt->mfn[0], 0, 0 /* Slow, can fail. */ );
+@@ -1803,6 +1809,7 @@ void *sh_emulate_map_dest(struct vcpu *v
+ * Cross-page emulated writes are only supported for HVM guests;
+ * PV guests ought to know better.
+ */
++ put_page(mfn_to_page(sh_ctxt->mfn[0]));
+ return MAPPING_UNHANDLEABLE;
+ }
+ else
+@@ -1810,17 +1817,26 @@ void *sh_emulate_map_dest(struct vcpu *v
+ /* This write crosses a page boundary. Translate the second page. */
+ sh_ctxt->mfn[1] = emulate_gva_to_mfn(v, vaddr + bytes - 1, sh_ctxt);
+ if ( !mfn_valid(sh_ctxt->mfn[1]) )
+- return ((mfn_x(sh_ctxt->mfn[1]) == BAD_GVA_TO_GFN) ?
+- MAPPING_EXCEPTION :
+- (mfn_x(sh_ctxt->mfn[1]) == READONLY_GFN) ?
+- MAPPING_SILENT_FAIL : MAPPING_UNHANDLEABLE);
++ {
++ put_page(mfn_to_page(sh_ctxt->mfn[0]));
++ switch ( mfn_x(sh_ctxt->mfn[1]) )
++ {
++ case BAD_GVA_TO_GFN: return MAPPING_EXCEPTION;
++ case READONLY_GFN: return MAPPING_SILENT_FAIL;
++ default: return MAPPING_UNHANDLEABLE;
++ }
++ }
+
+ /* Cross-page writes mean probably not a pagetable. */
+ sh_remove_shadows(d, sh_ctxt->mfn[1], 0, 0 /* Slow, can fail. */ );
+
+ map = vmap(sh_ctxt->mfn, 2);
+ if ( !map )
++ {
++ put_page(mfn_to_page(sh_ctxt->mfn[0]));
++ put_page(mfn_to_page(sh_ctxt->mfn[1]));
+ return MAPPING_UNHANDLEABLE;
++ }
+ map += (vaddr & ~PAGE_MASK);
+ }
+
+@@ -1890,10 +1906,12 @@ void sh_emulate_unmap_dest(struct vcpu *
+ }
+
+ paging_mark_dirty(v->domain, mfn_x(sh_ctxt->mfn[0]));
++ put_page(mfn_to_page(sh_ctxt->mfn[0]));
+
+ if ( unlikely(mfn_valid(sh_ctxt->mfn[1])) )
+ {
+ paging_mark_dirty(v->domain, mfn_x(sh_ctxt->mfn[1]));
++ put_page(mfn_to_page(sh_ctxt->mfn[1]));
+ vunmap((void *)((unsigned long)addr & PAGE_MASK));
+ }
+ else
--- /dev/null
+From: Julien Grall <julien.grall@arm.com>
+Date: Tue, 6 Jun 2017 15:35:42 +0100
+X-Dgit-Generated: 4.8.1-1+deb9u2 27fd4ccdf9c97f3943679f2bbb1dbd3f70d18d7e
+Subject: xen/arm: vgic: Sanitize target mask used to send SGI
+
+The current function vgic_to_sgi does not sanitize the target mask and
+may therefore get an invalid vCPU ID. This will result to an out of
+bound access of d->vcpu[...] as there is no check whether the vCPU ID is
+within the maximum supported by the guest.
+
+This was introduced by commit ea37fd2111 "xen/arm: split vgic driver
+into generic and vgic-v2 driver".
+
+Signed-off-by: Julien Grall <julien.grall@arm.com>
+Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
+
+---
+
+--- xen-4.8.1.orig/xen/arch/arm/vgic.c
++++ xen-4.8.1/xen/arch/arm/vgic.c
+@@ -396,7 +396,8 @@ int vgic_to_sgi(struct vcpu *v, register
+ for_each_set_bit( i, &bitmap, sizeof(target->list) * 8 )
+ {
+ vcpuid = base + i;
+- if ( d->vcpu[vcpuid] == NULL || !is_vcpu_online(d->vcpu[vcpuid]) )
++ if ( vcpuid >= d->max_vcpus || d->vcpu[vcpuid] == NULL ||
++ !is_vcpu_online(d->vcpu[vcpuid]) )
+ {
+ gprintk(XENLOG_WARNING, "VGIC: write r=%"PRIregister" \
+ target->list=%hx, wrong CPUTargetList \n",
--- /dev/null
+From: Andrew Cooper <andrew.cooper3@citrix.com>
+Date: Tue, 20 Jun 2017 13:24:35 +0100
+X-Dgit-Generated: 4.8.1-1+deb9u2 0c353bae1b6a62c7c432aa7fb8f261ff3f2bf4a8
+Subject: xen/memory: Fix return value handing of guest_remove_page()
+
+Despite the description in mm.h, guest_remove_page() previously returned 0 for
+paging errors.
+
+Switch guest_remove_page() to having regular 0/-error semantics, and propagate
+the return values from clear_mmio_p2m_entry() and mem_sharing_unshare_page()
+to the callers (although decrease_reservation() is the only caller which
+currently cares).
+
+This is part of XSA-222.
+
+Reported-by: Julien Grall <julien.grall@arm.com>
+Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
+
+---
+
+--- xen-4.8.1.orig/xen/common/memory.c
++++ xen-4.8.1/xen/common/memory.c
+@@ -264,6 +264,7 @@ int guest_remove_page(struct domain *d,
+ p2m_type_t p2mt;
+ #endif
+ mfn_t mfn;
++ int rc;
+
+ #ifdef CONFIG_X86
+ mfn = get_gfn_query(d, gmfn, &p2mt);
+@@ -281,13 +282,15 @@ int guest_remove_page(struct domain *d,
+ put_page(page);
+ }
+ p2m_mem_paging_drop_page(d, gmfn, p2mt);
+- return 1;
++
++ return 0;
+ }
+ if ( p2mt == p2m_mmio_direct )
+ {
+- clear_mmio_p2m_entry(d, gmfn, mfn, 0);
++ rc = clear_mmio_p2m_entry(d, gmfn, mfn, PAGE_ORDER_4K);
+ put_gfn(d, gmfn);
+- return 1;
++
++ return rc;
+ }
+ #else
+ mfn = gfn_to_mfn(d, _gfn(gmfn));
+@@ -297,21 +300,25 @@ int guest_remove_page(struct domain *d,
+ put_gfn(d, gmfn);
+ gdprintk(XENLOG_INFO, "Domain %u page number %lx invalid\n",
+ d->domain_id, gmfn);
+- return 0;
++
++ return -EINVAL;
+ }
+
+ #ifdef CONFIG_X86
+ if ( p2m_is_shared(p2mt) )
+ {
+- /* Unshare the page, bail out on error. We unshare because
+- * we might be the only one using this shared page, and we
+- * need to trigger proper cleanup. Once done, this is
+- * like any other page. */
+- if ( mem_sharing_unshare_page(d, gmfn, 0) )
++ /*
++ * Unshare the page, bail out on error. We unshare because we
++ * might be the only one using this shared page, and we need to
++ * trigger proper cleanup. Once done, this is like any other page.
++ */
++ rc = mem_sharing_unshare_page(d, gmfn, 0);
++ if ( rc )
+ {
+ put_gfn(d, gmfn);
+ (void)mem_sharing_notify_enomem(d, gmfn, 0);
+- return 0;
++
++ return rc;
+ }
+ /* Maybe the mfn changed */
+ mfn = get_gfn_query_unlocked(d, gmfn, &p2mt);
+@@ -324,7 +331,8 @@ int guest_remove_page(struct domain *d,
+ {
+ put_gfn(d, gmfn);
+ gdprintk(XENLOG_INFO, "Bad page free for domain %u\n", d->domain_id);
+- return 0;
++
++ return -ENXIO;
+ }
+
+ if ( test_and_clear_bit(_PGT_pinned, &page->u.inuse.type_info) )
+@@ -347,7 +355,7 @@ int guest_remove_page(struct domain *d,
+ put_page(page);
+ put_gfn(d, gmfn);
+
+- return 1;
++ return 0;
+ }
+
+ static void decrease_reservation(struct memop_args *a)
+@@ -391,7 +399,7 @@ static void decrease_reservation(struct
+ continue;
+
+ for ( j = 0; j < (1 << a->extent_order); j++ )
+- if ( !guest_remove_page(a->domain, gmfn + j) )
++ if ( guest_remove_page(a->domain, gmfn + j) )
+ goto out;
+ }
+
+--- xen-4.8.1.orig/xen/include/xen/mm.h
++++ xen-4.8.1/xen/include/xen/mm.h
+@@ -553,9 +553,8 @@ int xenmem_add_to_physmap_one(struct dom
+ union xen_add_to_physmap_batch_extra extra,
+ unsigned long idx, gfn_t gfn);
+
+-/* Returns 1 on success, 0 on error, negative if the ring
+- * for event propagation is full in the presence of paging */
+-int guest_remove_page(struct domain *d, unsigned long gfn);
++/* Returns 0 on success, or negative on error. */
++int guest_remove_page(struct domain *d, unsigned long gmfn);
+
+ #define RAM_TYPE_CONVENTIONAL 0x00000001
+ #define RAM_TYPE_RESERVED 0x00000002
--- /dev/null
+#!/usr/bin/make -f
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+
+include /usr/share/dpkg/default.mk
+
+SOURCE := $(shell dpkg-parsechangelog | sed -ne 's,^Source: *\(.*\)$$,\1,p')
+VERSION_BINNMU := $(shell echo "$(DEB_VERSION)" | sed -ne 's,.*\+b\(.*\)$$,\1,p')
+
+include debian/rules.defs
+
+setup: debian/control
+ dh_testdir
+ $(MAKE) -f debian/rules.gen setup_$(DEB_HOST_ARCH)
+
+build: build-arch build-indep
+
+build-arch: setup
+ dh_testdir
+ $(MAKE) -f debian/rules.gen build-arch_$(DEB_HOST_ARCH)
+
+build-indep: setup
+ dh_testdir
+ $(MAKE) -f debian/rules.gen build-indep
+
+maintainerclean:
+ rm -f debian/control* debian/rules.gen debian/xen-hypervisor-* debian/xen-utils-[0-9]*
+
+clean: debian/control
+ dh_testdir
+ rm -rf $(BUILD_DIR) $(STAMPS_DIR) debian/lib/python/debian_xen/__pycache__
+ dh_clean
+
+binary-indep:
+ dh_testdir
+ $(MAKE) -f debian/rules.gen binary-indep
+
+binary-arch:
+ dh_testdir
+ $(MAKE) -f debian/rules.gen binary-arch_$(DEB_HOST_ARCH)
+
+binary: binary-indep binary-arch
+
+CONTROL_FILES += debian/changelog debian/bin/gencontrol.py $(wildcard debian/templates/*.in)
+CONTROL_FILES += $(wildcard debian/arch/defines) $(wildcard debian/arch/*/defines)
+GENCONTROL = $(__MODULES_DIR)gencontrol.py
+debian/control debian/rules.gen: $(CONTROL_FILES)
+ifeq ($(wildcard debian/control.md5sum),)
+ $(MAKE) -f debian/rules debian/control-real
+else ifeq ($(VERSION_BINNMU),)
+ md5sum --check debian/control.md5sum --status || \
+ $(MAKE) -f debian/rules debian/control-real
+else
+ grep -v debian/changelog debian/control.md5sum | md5sum --check - --status || \
+ $(MAKE) -f debian/rules debian/control-real
+endif
+
+debian/control-real: $(CONTROL_FILES)
+ debian/bin/gencontrol.py
+ md5sum $^ > debian/control.md5sum
+ @echo
+ @echo This target is made to fail intentionally, to make sure
+ @echo that it is NEVER run during the automated build. Please
+ @echo ignore the following error, the debian/control file has
+ @echo been generated SUCCESSFULLY.
+ @echo
+ exit 1
+
+.PHONY: clean build binary-indep binary-arch binary
--- /dev/null
+KERNELVERSION := 4.7.0-1
+BUILD_DIR = debian/build
+STAMPS_DIR = debian/stamps
+TEMPLATES_DIR = debian/templates
--- /dev/null
+.NOTPARALLEL:
+binary-arch: binary-arch_amd64 binary-arch_arm64 binary-arch_armhf binary-arch_i386
+binary-arch_amd64: binary-arch_amd64_none binary-arch_amd64_real
+binary-arch_amd64_none: binary-arch_amd64_none_amd64 binary-arch_amd64_none_real
+binary-arch_amd64_none_amd64:: binary-arch_amd64_none_amd64_real
+binary-arch_amd64_none_amd64::
+ $(MAKE) -f debian/rules.real binary-arch-flavour ARCH='amd64' FEATURESET='none' FLAVOUR='amd64' IMAGE_SUFFIX='.gz' VERSION='4.8' XEN_ARCH='x86_64'
+ $(MAKE) -f debian/rules.real install-dummy DH_OPTIONS='-pxen-system-amd64' ARCH='amd64' FEATURESET='none' FLAVOUR='amd64' IMAGE_SUFFIX='.gz' VERSION='4.8' XEN_ARCH='x86_64'
+binary-arch_amd64_none_amd64_real:
+binary-arch_amd64_none_real:
+binary-arch_amd64_real::
+ $(MAKE) -f debian/rules.real binary-arch-arch ARCH='amd64' VERSION='4.8' XEN_ARCH='x86_64'
+binary-arch_arm64: binary-arch_arm64_none binary-arch_arm64_real
+binary-arch_arm64_none: binary-arch_arm64_none_arm64 binary-arch_arm64_none_real
+binary-arch_arm64_none_arm64:: binary-arch_arm64_none_arm64_real
+binary-arch_arm64_none_arm64::
+ $(MAKE) -f debian/rules.real binary-arch-flavour ARCH='arm64' FEATURESET='none' FLAVOUR='arm64' IMAGE_SUFFIX='' VERSION='4.8' XEN_ARCH='arm64'
+ $(MAKE) -f debian/rules.real install-dummy DH_OPTIONS='-pxen-system-arm64' ARCH='arm64' FEATURESET='none' FLAVOUR='arm64' IMAGE_SUFFIX='' VERSION='4.8' XEN_ARCH='arm64'
+binary-arch_arm64_none_arm64_real:
+binary-arch_arm64_none_real:
+binary-arch_arm64_real::
+ $(MAKE) -f debian/rules.real binary-arch-arch ARCH='arm64' VERSION='4.8' XEN_ARCH='arm64'
+binary-arch_armhf: binary-arch_armhf_none binary-arch_armhf_real
+binary-arch_armhf_none: binary-arch_armhf_none_armhf binary-arch_armhf_none_real
+binary-arch_armhf_none_armhf:: binary-arch_armhf_none_armhf_real
+binary-arch_armhf_none_armhf::
+ $(MAKE) -f debian/rules.real binary-arch-flavour ARCH='armhf' FEATURESET='none' FLAVOUR='armhf' IMAGE_SUFFIX='' VERSION='4.8' XEN_ARCH='arm32'
+ $(MAKE) -f debian/rules.real install-dummy DH_OPTIONS='-pxen-system-armhf' ARCH='armhf' FEATURESET='none' FLAVOUR='armhf' IMAGE_SUFFIX='' VERSION='4.8' XEN_ARCH='arm32'
+binary-arch_armhf_none_armhf_real:
+binary-arch_armhf_none_real:
+binary-arch_armhf_real::
+ $(MAKE) -f debian/rules.real binary-arch-arch ARCH='armhf' VERSION='4.8' XEN_ARCH='arm32'
+binary-arch_i386: binary-arch_i386_none binary-arch_i386_real
+binary-arch_i386_none: binary-arch_i386_none_amd64 binary-arch_i386_none_real
+binary-arch_i386_none_amd64:: binary-arch_i386_none_amd64_real
+binary-arch_i386_none_amd64::
+ $(MAKE) -f debian/rules.real binary-arch-flavour ARCH='i386' FEATURESET='none' FLAVOUR='amd64' VERSION='4.8' XEN_ARCH='x86_64'
+ $(MAKE) -f debian/rules.real install-dummy DH_OPTIONS='-pxen-system-amd64' ARCH='i386' FEATURESET='none' FLAVOUR='amd64' VERSION='4.8' XEN_ARCH='x86_64'
+binary-arch_i386_none_amd64_real:
+binary-arch_i386_none_real:
+binary-arch_i386_real::
+ $(MAKE) -f debian/rules.real binary-arch-arch ARCH='i386' VERSION='4.8' XEN_ARCH='x86_32'
+binary-indep::
+ $(MAKE) -f debian/rules.real binary-indep VERSION='4.8'
+build-arch: build-arch_amd64 build-arch_arm64 build-arch_armhf build-arch_i386
+build-arch_amd64: build-arch_amd64_none build-arch_amd64_real
+build-arch_amd64_none: build-arch_amd64_none_amd64 build-arch_amd64_none_real
+build-arch_amd64_none_amd64:: build-arch_amd64_none_amd64_real
+build-arch_amd64_none_amd64::
+ $(MAKE) -f debian/rules.real build-arch-flavour ARCH='amd64' FEATURESET='none' FLAVOUR='amd64' IMAGE_SUFFIX='.gz' VERSION='4.8' XEN_ARCH='x86_64'
+build-arch_amd64_none_amd64_real:
+build-arch_amd64_none_real:
+build-arch_amd64_real::
+ $(MAKE) -f debian/rules.real build-arch-arch ARCH='amd64' VERSION='4.8' XEN_ARCH='x86_64'
+build-arch_arm64: build-arch_arm64_none build-arch_arm64_real
+build-arch_arm64_none: build-arch_arm64_none_arm64 build-arch_arm64_none_real
+build-arch_arm64_none_arm64:: build-arch_arm64_none_arm64_real
+build-arch_arm64_none_arm64::
+ $(MAKE) -f debian/rules.real build-arch-flavour ARCH='arm64' FEATURESET='none' FLAVOUR='arm64' IMAGE_SUFFIX='' VERSION='4.8' XEN_ARCH='arm64'
+build-arch_arm64_none_arm64_real:
+build-arch_arm64_none_real:
+build-arch_arm64_real::
+ $(MAKE) -f debian/rules.real build-arch-arch ARCH='arm64' VERSION='4.8' XEN_ARCH='arm64'
+build-arch_armhf: build-arch_armhf_none build-arch_armhf_real
+build-arch_armhf_none: build-arch_armhf_none_armhf build-arch_armhf_none_real
+build-arch_armhf_none_armhf:: build-arch_armhf_none_armhf_real
+build-arch_armhf_none_armhf::
+ $(MAKE) -f debian/rules.real build-arch-flavour ARCH='armhf' FEATURESET='none' FLAVOUR='armhf' IMAGE_SUFFIX='' VERSION='4.8' XEN_ARCH='arm32'
+build-arch_armhf_none_armhf_real:
+build-arch_armhf_none_real:
+build-arch_armhf_real::
+ $(MAKE) -f debian/rules.real build-arch-arch ARCH='armhf' VERSION='4.8' XEN_ARCH='arm32'
+build-arch_i386: build-arch_i386_none build-arch_i386_real
+build-arch_i386_none: build-arch_i386_none_amd64 build-arch_i386_none_real
+build-arch_i386_none_amd64:: build-arch_i386_none_amd64_real
+build-arch_i386_none_amd64::
+ $(MAKE) -f debian/rules.real build-arch-flavour ARCH='i386' FEATURESET='none' FLAVOUR='amd64' VERSION='4.8' XEN_ARCH='x86_64'
+build-arch_i386_none_amd64_real:
+build-arch_i386_none_real:
+build-arch_i386_real::
+ $(MAKE) -f debian/rules.real build-arch-arch ARCH='i386' VERSION='4.8' XEN_ARCH='x86_32'
+build-indep::
+ $(MAKE) -f debian/rules.real build-indep VERSION='4.8'
+setup: setup_amd64 setup_arm64 setup_armhf setup_i386
+setup_amd64: setup_amd64_none setup_amd64_real
+setup_amd64_none: setup_amd64_none_amd64 setup_amd64_none_real
+setup_amd64_none_amd64:: setup_amd64_none_amd64_real
+setup_amd64_none_amd64::
+ $(MAKE) -f debian/rules.real setup-flavour ARCH='amd64' FEATURESET='none' FLAVOUR='amd64' IMAGE_SUFFIX='.gz' VERSION='4.8' XEN_ARCH='x86_64'
+setup_amd64_none_amd64_real:
+setup_amd64_none_real:
+setup_amd64_real::
+ $(MAKE) -f debian/rules.real setup-arch ARCH='amd64' VERSION='4.8' XEN_ARCH='x86_64'
+setup_arm64: setup_arm64_none setup_arm64_real
+setup_arm64_none: setup_arm64_none_arm64 setup_arm64_none_real
+setup_arm64_none_arm64:: setup_arm64_none_arm64_real
+setup_arm64_none_arm64::
+ $(MAKE) -f debian/rules.real setup-flavour ARCH='arm64' FEATURESET='none' FLAVOUR='arm64' IMAGE_SUFFIX='' VERSION='4.8' XEN_ARCH='arm64'
+setup_arm64_none_arm64_real:
+setup_arm64_none_real:
+setup_arm64_real::
+ $(MAKE) -f debian/rules.real setup-arch ARCH='arm64' VERSION='4.8' XEN_ARCH='arm64'
+setup_armhf: setup_armhf_none setup_armhf_real
+setup_armhf_none: setup_armhf_none_armhf setup_armhf_none_real
+setup_armhf_none_armhf:: setup_armhf_none_armhf_real
+setup_armhf_none_armhf::
+ $(MAKE) -f debian/rules.real setup-flavour ARCH='armhf' FEATURESET='none' FLAVOUR='armhf' IMAGE_SUFFIX='' VERSION='4.8' XEN_ARCH='arm32'
+setup_armhf_none_armhf_real:
+setup_armhf_none_real:
+setup_armhf_real::
+ $(MAKE) -f debian/rules.real setup-arch ARCH='armhf' VERSION='4.8' XEN_ARCH='arm32'
+setup_i386: setup_i386_none setup_i386_real
+setup_i386_none: setup_i386_none_amd64 setup_i386_none_real
+setup_i386_none_amd64:: setup_i386_none_amd64_real
+setup_i386_none_amd64::
+ $(MAKE) -f debian/rules.real setup-flavour ARCH='i386' FEATURESET='none' FLAVOUR='amd64' VERSION='4.8' XEN_ARCH='x86_64'
+setup_i386_none_amd64_real:
+setup_i386_none_real:
+setup_i386_real::
+ $(MAKE) -f debian/rules.real setup-arch ARCH='i386' VERSION='4.8' XEN_ARCH='x86_32'
--- /dev/null
+include /usr/share/dpkg/default.mk
+
+export DH_OPTIONS
+
+setup_env := env -u ARCH -u FLAVOUR -u VERSION -u MAKEFLAGS
+
+MAKE_CLEAN = $(setup_env) $(MAKE) V=1
+MAKE_SELF = $(MAKE) -f debian/rules.real
+
+include debian/rules.defs
+
+stamp = [ -d $(dir $@) ] || mkdir $(dir $@); touch $@
+
+binary-arch-arch: install-libxen_$(ARCH)
+binary-arch-arch: install-libxen-dev_$(ARCH)
+binary-arch-arch: install-libxenstore_$(ARCH)
+binary-arch-arch: install-utils_$(ARCH)
+binary-arch-arch: install-xenstore-utils_$(ARCH)
+binary-arch-flavour: install-hypervisor_$(ARCH)_$(FLAVOUR)
+
+binary-indep: install-utils-common
+
+build-arch-arch: $(STAMPS_DIR)/build-utils_$(ARCH)
+build-arch-flavour: $(STAMPS_DIR)/build-hypervisor_$(ARCH)_$(FLAVOUR)
+
+build-indep: $(STAMPS_DIR)/build-docs
+
+setup-arch: $(STAMPS_DIR)/setup-utils_$(ARCH)
+setup-flavour: $(STAMPS_DIR)/setup-hypervisor_$(ARCH)_$(FLAVOUR)
+
+$(STAMPS_DIR)/setup-docs: SOURCE_FILES = $(filter-out debian, $(wildcard *))
+$(STAMPS_DIR)/setup-docs: DIR=$(BUILD_DIR)/build-docs
+$(STAMPS_DIR)/setup-docs:
+ @rm -rf $(DIR)
+ mkdir -p $(DIR)
+ cp -al $(SOURCE_FILES) $(DIR)
+ cp --remove-destination /usr/share/misc/config.guess /usr/share/misc/config.sub $(DIR)
+ cd $(DIR); \
+ WGET=/bin/false \
+ ./configure --disable-stubdom --disable-xen --prefix=/usr
+ @$(stamp)
+
+$(STAMPS_DIR)/setup-hypervisor_$(ARCH)_$(FLAVOUR): SOURCE_FILES = $(filter-out debian, $(wildcard *))
+$(STAMPS_DIR)/setup-hypervisor_$(ARCH)_$(FLAVOUR): DIR=$(BUILD_DIR)/build-hypervisor_$(ARCH)_$(FLAVOUR)
+$(STAMPS_DIR)/setup-hypervisor_$(ARCH)_$(FLAVOUR):
+ @rm -rf $(DIR)
+ mkdir -p $(DIR)
+ cp -al $(SOURCE_FILES) $(DIR)
+ echo "XEN_VENDORVERSION := $(EXTRAVERSION)" > $(DIR)/xen/xen-version
+ @$(stamp)
+
+$(STAMPS_DIR)/setup-utils_$(ARCH): SOURCE_FILES = $(filter-out debian, $(wildcard *))
+$(STAMPS_DIR)/setup-utils_$(ARCH): DIR=$(BUILD_DIR)/build-utils_$(ARCH)
+$(STAMPS_DIR)/setup-utils_$(ARCH):
+ @rm -rf $(DIR)
+ mkdir -p $(DIR)
+ cp -al $(SOURCE_FILES) $(DIR)
+ cp --remove-destination /usr/share/misc/config.guess /usr/share/misc/config.sub $(DIR)
+ cd $(DIR); \
+ WGET=/bin/false \
+ ./configure \
+ --disable-docs --disable-stubdom --disable-xen \
+ --prefix=/usr \
+ --includedir=/usr/include \
+ --libdir=/usr/lib/$(DEB_HOST_MULTIARCH) \
+ --mandir=/usr/share/man \
+ --infodir=/usr/share/info \
+ --sysconfdir=/etc \
+ --localstatedir=/var \
+ --with-libexec-leaf-dir=xen-$(VERSION) \
+ --disable-blktap1 \
+ --disable-blktap2 \
+ --disable-ocamltools \
+ --disable-qemu-traditional --disable-rombios \
+ --with-system-qemu=/usr/bin/qemu-system-i386 \
+ --with-system-seabios=/usr/share/seabios/bios-256k.bin
+ @$(stamp)
+
+$(STAMPS_DIR)/build-docs: DIR=$(BUILD_DIR)/build-docs
+$(STAMPS_DIR)/build-docs: $(STAMPS_DIR)/setup-docs
+ +$(MAKE_CLEAN) -C $(DIR)/docs
+ touch $@
+
+# Adding LANG=C.UTF-8 to the build environment to work around a bug in grep
+# which causes it to switch into binary mode in the middle of a file.
+# (see http://bugs.launchpad.net/bugs/1547466)
+
+$(STAMPS_DIR)/build-hypervisor_$(ARCH)_$(FLAVOUR): DIR=$(BUILD_DIR)/build-hypervisor_$(ARCH)_$(FLAVOUR)
+$(STAMPS_DIR)/build-hypervisor_$(ARCH)_$(FLAVOUR): $(STAMPS_DIR)/setup-hypervisor_$(ARCH)_$(FLAVOUR)
+ +$(MAKE_CLEAN) -C $(DIR)/xen \
+ XEN_COMPILE_ARCH=$(XEN_ARCH) \
+ XEN_TARGET_ARCH=$(XEN_ARCH) \
+ LANG=C.UTF-8
+ touch $@
+
+$(STAMPS_DIR)/build-utils_$(ARCH) \
+$(STAMPS_DIR)/install-utils_$(ARCH): CONFIG = \
+ debug=n \
+ XEN_COMPILE_ARCH=$(XEN_ARCH) \
+ XEN_TARGET_ARCH=$(XEN_ARCH) \
+ EXTRA_CFLAGS_XEN_TOOLS="$(CFLAGS)" \
+ APPEND_CPPFLAGS="$(CPPFLAGS)" \
+ APPEND_LDFLAGS="$(LDFLAGS)" \
+ OCAMLDESTDIR=$(CURDIR)/$(BUILD_DIR)/install-utils_$(ARCH)/$(OCAML_STDLIB_DIR) \
+ PYTHON=$(shell pyversions -r) \
+ LANG=C.UTF-8
+
+$(STAMPS_DIR)/build-utils_$(ARCH): DIR=$(BUILD_DIR)/build-utils_$(ARCH)
+$(STAMPS_DIR)/build-utils_$(ARCH): $(STAMPS_DIR)/setup-utils_$(ARCH)
+ +$(MAKE_CLEAN) -C $(DIR)/tools $(CONFIG)
+ touch $@
+
+$(STAMPS_DIR)/install-utils_$(ARCH): DIR = $(BUILD_DIR)/build-utils_$(ARCH)
+$(STAMPS_DIR)/install-utils_$(ARCH): INSTALL_DIR = $(BUILD_DIR)/install-utils_$(ARCH)
+$(STAMPS_DIR)/install-utils_$(ARCH): $(STAMPS_DIR)/build-utils_$(ARCH)
+ @rm -rf $(INSTALL_DIR)
+ mkdir -p $(INSTALL_DIR)/$(OCAML_DLL_DIR)
+ +$(MAKE_CLEAN) -C $(DIR)/tools install DESTDIR=$(CURDIR)/$(INSTALL_DIR) $(CONFIG)
+ifneq ($(filter i386 amd64,$(ARCH)),)
+ # hvmloader
+ strip --remove-section=.comment --remove-section=.note $(INSTALL_DIR)/usr/lib/xen*/boot/*
+endif
+ touch $@
+
+$(STAMPS_DIR)/install-utils-common: DIR = $(BUILD_DIR)/build-docs
+$(STAMPS_DIR)/install-utils-common: INSTALL_DIR = $(BUILD_DIR)/install-utils-common
+$(STAMPS_DIR)/install-utils-common: export DESTDIR = $(CURDIR)/$(INSTALL_DIR)
+$(STAMPS_DIR)/install-utils-common: $(STAMPS_DIR)/build-docs
+ @rm -rf $(INSTALL_DIR)
+ +$(MAKE_CLEAN) -C $(SOURCE_DIR)/tools/examples install-configs
+ +$(MAKE_CLEAN) -C $(SOURCE_DIR)/tools/hotplug/common install-scripts
+ +$(MAKE_CLEAN) -C $(SOURCE_DIR)/tools/hotplug/Linux install-scripts
+ +$(MAKE_CLEAN) -C debian/scripts install
+ touch $@
+
+install-base:
+ dh_installchangelogs -XChangelog
+ dh_installdirs
+ dh_installdocs
+ dh_installexamples
+ dh_compress
+ dh_fixperms
+ dh_installdeb
+ dh_gencontrol -- $(GENCONTROL_ARGS)
+ dh_md5sums
+ dh_builddeb
+
+install-dummy:
+ dh_testdir
+ dh_testroot
+ dh_prep
+ +$(MAKE_SELF) install-base
+
+install-hypervisor_$(ARCH)_$(FLAVOUR): DIR=$(BUILD_DIR)/build-hypervisor_$(ARCH)_$(FLAVOUR)
+install-hypervisor_$(ARCH)_$(FLAVOUR): PACKAGE_NAME = xen-hypervisor-$(VERSION)-$(FLAVOUR)
+install-hypervisor_$(ARCH)_$(FLAVOUR): DH_OPTIONS = -p$(PACKAGE_NAME)
+install-hypervisor_$(ARCH)_$(FLAVOUR): $(STAMPS_DIR)/build-hypervisor_$(ARCH)_$(FLAVOUR)
+ dh_testdir
+ dh_testroot
+ dh_prep
+ dh_installdirs boot
+ # FIXME: Think of better solution (grub used for other arches?)
+ dh_installdirs etc/default/grub.d
+ install -D -m644 debian/xen-hypervisor-$(VERSION).xen.cfg \
+ debian/$(PACKAGE_NAME)/etc/default/grub.d/xen.cfg
+ dh_install debian/templates/xen-hypervisor.bug/* usr/share/bug/$(PACKAGE_NAME)
+ cp $(DIR)/xen/xen$(IMAGE_SUFFIX) debian/$(PACKAGE_NAME)/boot/xen-$(VERSION)-$(FLAVOUR)$(IMAGE_SUFFIX)
+ifeq ($(ARCH),amd64)
+ cp $(DIR)/xen/xen.efi debian/$(PACKAGE_NAME)/boot/xen-$(VERSION)-$(FLAVOUR).efi
+endif
+ +$(MAKE_SELF) install-base
+
+install-libxen_$(ARCH): DIR = $(BUILD_DIR)/install-utils_$(ARCH)
+install-libxen_$(ARCH): PACKAGE_NAME = libxen-$(VERSION)
+install-libxen_$(ARCH): DH_OPTIONS = -p$(PACKAGE_NAME)
+install-libxen_$(ARCH): $(STAMPS_DIR)/install-utils_$(ARCH) install-libxenstore_$(ARCH)
+ dh_testdir
+ dh_testroot
+ dh_prep
+ dh_install --sourcedir=$(DIR) usr/lib/*/lib*-$(VERSION).so*
+ dh_install debian/templates/libxen.bug/* usr/share/bug/$(PACKAGE_NAME)
+ dh_strip
+ dh_makeshlibs -V
+ dh_shlibdeps
+ +$(MAKE_SELF) install-base
+
+install-libxen-dev_$(ARCH): DIR = $(BUILD_DIR)/install-utils_$(ARCH)
+install-libxen-dev_$(ARCH): PACKAGE_NAME = libxen-dev
+install-libxen-dev_$(ARCH): DH_OPTIONS = -p$(PACKAGE_NAME)
+install-libxen-dev_$(ARCH): $(STAMPS_DIR)/install-utils_$(ARCH)
+ dh_testdir
+ dh_testroot
+ dh_prep
+ # Move pkgconfig into a multiarch compliant place
+ mv $(DIR)/usr/share/pkgconfig $(DIR)/usr/lib/$(DEB_HOST_MULTIARCH)/
+ dh_install --sourcedir=$(DIR)
+ dh_strip
+ dh_shlibdeps
+ +$(MAKE_SELF) install-base
+
+install-libxenstore_$(ARCH): DIR = $(BUILD_DIR)/install-utils_$(ARCH)
+install-libxenstore_$(ARCH): PACKAGE_NAME = libxenstore3.0
+install-libxenstore_$(ARCH): DH_OPTIONS = -p$(PACKAGE_NAME)
+install-libxenstore_$(ARCH): $(STAMPS_DIR)/install-utils_$(ARCH)
+ dh_testdir
+ dh_testroot
+ dh_prep
+ dh_install --sourcedir=$(DIR)
+ dh_strip
+ dh_makeshlibs -V
+ dh_shlibdeps
+ +$(MAKE_SELF) install-base
+
+install-utils_$(ARCH): SOURCE_DIR = $(BUILD_DIR)/build-utils_$(ARCH)
+install-utils_$(ARCH): DIR = $(BUILD_DIR)/install-utils_$(ARCH)
+install-utils_$(ARCH): PACKAGE_NAME = xen-utils-$(VERSION)
+install-utils_$(ARCH): PACKAGE_DIR = debian/$(PACKAGE_NAME)
+install-utils_$(ARCH): DH_OPTIONS = -p$(PACKAGE_NAME)
+install-utils_$(ARCH): $(STAMPS_DIR)/install-utils_$(ARCH) install-libxen_$(ARCH)
+ dh_testdir
+ dh_testroot
+ dh_prep
+ install -D -m644 debian/xen-utils.NEWS $(PACKAGE_DIR)/usr/share/doc/$(PACKAGE_NAME)/NEWS
+ install -D -m644 debian/xen-utils.README.Debian $(PACKAGE_DIR)/usr/share/doc/$(PACKAGE_NAME)/README.Debian
+ dh_install --sourcedir=$(DIR) usr/lib/xen-$(VERSION)
+ dh_install debian/templates/xen-utils.bug/* usr/share/bug/$(PACKAGE_NAME)
+ dh_lintian
+ ( echo -n "misc:Built-Using="; dpkg-query -f='$${source:Package} (= $${source:Version}), ' -W ipxe-qemu seabios; echo ) >> debian/$(PACKAGE_NAME).substvars
+ dh_python2 -V$(shell pyversions -rv) /usr/lib/xen-$(VERSION)
+ dh_strip
+ dh_makeshlibs -V
+ dh_shlibdeps
+ +$(MAKE_SELF) install-base
+
+install-utils-common: SOURCE_DIR = $(BUILD_DIR)/build-docs
+install-utils-common: DIR = $(BUILD_DIR)/install-utils-common
+install-utils-common: PACKAGE_NAME = xen-utils-common
+install-utils-common: DH_OPTIONS = -p$(PACKAGE_NAME)
+install-utils-common: $(STAMPS_DIR)/install-utils-common
+ dh_testdir
+ dh_testroot
+ dh_prep
+ dh_install -X .svn --sourcedir=$(DIR)
+ dh_installinit --name xen -- defaults 20 21
+ dh_installinit --name xend
+ dh_installinit --name xendomains --no-start -- defaults 21 20
+ dh_installman \
+ $(SOURCE_DIR)/docs/man1/* \
+ $(SOURCE_DIR)/docs/man5/* \
+ $(SOURCE_DIR)/docs/man8/*
+ dh_installdocs $(SOURCE_DIR)/docs/txt/misc
+ dh_link
+ dh_ucf
+ +$(MAKE_SELF) install-base
+
+install-xenstore-utils_$(ARCH): DIR = $(BUILD_DIR)/install-utils_$(ARCH)
+install-xenstore-utils_$(ARCH): PACKAGE_NAME = xenstore-utils
+install-xenstore-utils_$(ARCH): DH_OPTIONS = -p$(PACKAGE_NAME)
+install-xenstore-utils_$(ARCH): $(STAMPS_DIR)/install-utils_$(ARCH) install-libxenstore_$(ARCH)
+ dh_testdir
+ dh_testroot
+ dh_prep
+ dh_install --sourcedir=$(DIR)
+ dh_strip
+ dh_shlibdeps
+ +$(MAKE_SELF) install-base
+
+# vim: filetype=make
--- /dev/null
+ETC_SCRIPTS = \
+ qemu-ifup
+
+GLOBAL_SCRIPTS = \
+ xen
+
+GLOBAL_TOOLSTACK_LINKS = \
+ xl \
+ xm
+
+GLOBAL_TOOLSTACK_WRAPPER = xen-toolstack-wrapper
+
+GLOBAL_UTILS_LINKS = \
+ xenperf \
+ xenpm \
+ xentop \
+ xentrace \
+ xentrace_format \
+ xentrace_setmask \
+ xentrace_setsize
+
+GLOBAL_UTILS_WRAPPER = xen-utils-wrapper
+
+PRIVATE_SCRIPTS = \
+ xen-dir \
+ xen-init-list \
+ xen-init-name \
+ xen-toolstack \
+ xen-version \
+ $(GLOBAL_TOOLSTACK_WRAPPER) \
+ $(GLOBAL_UTILS_WRAPPER)
+
+ETC_SCRIPTS_DIR = /etc/xen/scripts
+GLOBAL_SCRIPTS_DIR = /usr/sbin
+PRIVATE_SCRIPTS_DIR = /usr/lib/xen-common/bin
+
+install:
+ install -d $(DESTDIR)$(ETC_SCRIPTS_DIR)
+ install $(ETC_SCRIPTS) $(DESTDIR)$(ETC_SCRIPTS_DIR)
+ install -d $(DESTDIR)$(GLOBAL_SCRIPTS_DIR)
+ install $(GLOBAL_SCRIPTS) $(DESTDIR)$(GLOBAL_SCRIPTS_DIR)
+ @for i in $(GLOBAL_TOOLSTACK_LINKS); do \
+ echo ln -s $(PRIVATE_SCRIPTS_DIR)/$(GLOBAL_TOOLSTACK_WRAPPER) $(DESTDIR)$(GLOBAL_SCRIPTS_DIR)/$$i; \
+ ln -s $(PRIVATE_SCRIPTS_DIR)/$(GLOBAL_TOOLSTACK_WRAPPER) $(DESTDIR)$(GLOBAL_SCRIPTS_DIR)/$$i || exit 1; \
+ done
+ @for i in $(GLOBAL_UTILS_LINKS); do \
+ echo ln -s $(PRIVATE_SCRIPTS_DIR)/$(GLOBAL_UTILS_WRAPPER) $(DESTDIR)$(GLOBAL_SCRIPTS_DIR)/$$i; \
+ ln -s $(PRIVATE_SCRIPTS_DIR)/$(GLOBAL_UTILS_WRAPPER) $(DESTDIR)$(GLOBAL_SCRIPTS_DIR)/$$i || exit 1; \
+ done
+ install -d $(DESTDIR)$(PRIVATE_SCRIPTS_DIR)
+ install $(PRIVATE_SCRIPTS) $(DESTDIR)$(PRIVATE_SCRIPTS_DIR)
+
--- /dev/null
+#!/bin/sh
+
+echo -c 'config qemu network with xen bridge for '
+echo $*
+
+# Initialise a dummy MAC address. We choose the numerically
+# largest non-broadcast address to prevent the address getting
+# stolen by an Ethernet bridge for STP purposes.
+# (FE:FF:FF:FF:FF:FF)
+ip link set $1 address fe:ff:ff:ff:ff:ff || true
+
+ifconfig $1 0.0.0.0 up
+brctl addif $2 $1
--- /dev/null
+#!/bin/sh -e
+
+COMMAND="$(basename $0)"
+TOOLSTACK=$(. /usr/lib/xen-common/bin/xen-toolstack); RET=$?; [ $RET -eq 0 ] || exit $RET
+
+exec "$TOOLSTACK" "$@"
--- /dev/null
+#!/bin/sh -e
+
+VERSION=$(. /usr/lib/xen-common/bin/xen-version); RET=$?; [ $RET -eq 0 ] || exit $RET
+
+if [ -d "/usr/lib/xen-$VERSION" ]; then
+ echo "/usr/lib/xen-$VERSION"
+else
+ echo "ERROR: Can't find version $VERSION of xen utils, bailing out!" >&2
+ exit 127
+fi
--- /dev/null
+#!/usr/bin/python
+
+import json
+import re
+import sys
+import subprocess
+
+
+class SXPParser(object):
+ tokenizer_rules = r""" (?P<open> \( ) | (?P<close> \) ) | (?P<whitespace> \s+ ) | [^()^\s]+ """
+ tokenizer_re = re.compile(tokenizer_rules, re.X)
+
+ @classmethod
+ def loads(cls, input):
+ data = []
+ stack = []
+ for match in cls.tokenizer_re.finditer(input):
+ if match.group('open'):
+ stack.append([])
+ elif match.group('close'):
+ top = stack.pop()
+ if stack:
+ stack[-1].append(top)
+ else:
+ data.append(top)
+ elif match.group('whitespace'):
+ pass
+ else:
+ if stack:
+ stack[-1].append(match.group())
+ return data
+
+
+class Data(object):
+ def __call__(self, out):
+ for domid, info in sorted(self.data.iteritems(), reverse=True):
+ if domid == 0:
+ continue
+ out.write('{!s} {}\n'.format(domid, *info))
+
+
+class DataJSON(Data):
+ def __init__(self, p):
+ s = json.loads(p)
+ self.data = d = {}
+ for i in s:
+ domid = i['domid']
+ name = i['config']['c_info']['name']
+ d[domid] = (name, )
+
+
+class DataSXP(Data):
+ def __init__(self, p):
+ s = SXPParser.loads(p)
+ self.data = d = {}
+ for i in s:
+ if i and i[0] == 'domain':
+ try:
+ data = dict(j for j in i if len(j) == 2)
+ domid = int(data['domid'])
+ name = data['name']
+ d[domid] = (name, )
+ except (KeyError, ValueError) as e:
+ pass
+
+
+if __name__ == '__main__':
+ p = subprocess.check_output(('xen', 'list', '-l'))
+ if p[0] == '(':
+ d = DataSXP(p)
+ else:
+ d = DataJSON(p)
+ d(sys.stdout)
--- /dev/null
+#!/usr/bin/python
+
+import json
+import re
+import sys
+import subprocess
+
+
+class SXPParser(object):
+ tokenizer_rules = r""" (?P<open> \( ) | (?P<close> \) ) | (?P<whitespace> \s+ ) | [^()^\s]+ """
+ tokenizer_re = re.compile(tokenizer_rules, re.X)
+
+ @classmethod
+ def loads(cls, input):
+ data = []
+ stack = []
+ for match in cls.tokenizer_re.finditer(input):
+ if match.group('open'):
+ stack.append([])
+ elif match.group('close'):
+ top = stack.pop()
+ if stack:
+ stack[-1].append(top)
+ else:
+ data.append(top)
+ elif match.group('whitespace'):
+ pass
+ else:
+ if stack:
+ stack[-1].append(match.group())
+ return data
+
+
+class Data(object):
+ def __call__(self, out):
+ out.write('{}\n'.format(self.name))
+
+
+class DataJSON(Data):
+ def __init__(self, p):
+ s = json.loads(p)
+ self.name = s['c_info']['name']
+
+
+class DataSXP(Data):
+ def __init__(self, p):
+ s = SXPParser.loads(p)
+ for i in s:
+ if i and i[0] == 'domain':
+ data = dict(j for j in i if len(j) == 2)
+ self.name = data['name']
+ break
+
+
+if __name__ == '__main__':
+ p = subprocess.check_output(('xen', 'create', '--quiet', '--dryrun', '--defconfig', sys.argv[1]))
+ if p[0] == '(':
+ d = DataSXP(p)
+ else:
+ d = DataJSON(p)
+ d(sys.stdout)
--- /dev/null
+#!/bin/sh -e
+
+configfile=/etc/default/xen
+
+dir=$(. /usr/lib/xen-common/bin/xen-dir); ret=$?; [ $ret -eq 0 ] || exit $ret
+
+check() {
+ local PATH
+ if [ "$1" = xm ] || [ "$1" = xl ]; then
+ PATH="$dir/bin"
+ else
+ PATH="$dir/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+ fi
+ command -v "$1" || :
+}
+
+if [ -e $configfile ]; then
+ . $configfile || true
+fi
+
+if [ "$TOOLSTACK" ]; then
+ cmd=$(check "$TOOLSTACK")
+ if [ "$cmd" ]; then
+ echo "$cmd"
+ else
+ echo "WARING: Can't find toolstack $TOOLSTACK, fallback to default!" >&2
+ TOOLSTACK=
+ fi
+fi
+
+if [ -z "$TOOLSTACK" ]; then
+ cmd_xm=$(check xm)
+ cmd_xl=$(check xl)
+ if [ "$cmd_xm" ]; then
+ echo "$cmd_xm"
+ elif [ "$cmd_xl" ]; then
+ echo "$cmd_xl"
+ else
+ echo "ERROR: Toolstack not specifed and nothing detected, bailing out!" >&2
+ exit 127
+ fi
+fi
--- /dev/null
+#!/bin/sh -e
+
+COMMAND="$(basename $0)"
+TOOLSTACK=$(. /usr/lib/xen-common/bin/xen-toolstack); RET=$?; [ $RET -eq 0 ] || exit $RET
+
+if [ "$(basename "$TOOLSTACK")" != "$COMMAND" ]; then
+ echo "ERROR: A different toolstack ($(basename "$TOOLSTACK")) have been selected!" >&2
+ exit 1
+fi
+
+exec "$TOOLSTACK" "$@"
--- /dev/null
+#!/bin/sh -e
+
+COMMAND="$(basename $0)"
+DIR=$(/usr/lib/xen-common/bin/xen-dir)
+
+exec "$DIR/bin/$COMMAND" "$@"
--- /dev/null
+#!/bin/sh -e
+
+error() {
+ echo "ERROR: " "$@" >&2
+ exit 1
+}
+
+if [ -e "/sys/hypervisor/type" ]; then
+ type="$(cat /sys/hypervisor/type)"
+ if [ "$type" = xen ]; then
+ DIR=/sys/hypervisor/version
+ VERSION="$(cat $DIR/major).$(cat $DIR/minor)"
+ elif [ -z "$type" ]; then
+ error "Can't read hypervisor type from sysfs!"
+ else
+ error "Hypervisor is not xen but '$type'!"
+ fi
+else
+ error "Can't find hypervisor information in sysfs!"
+fi
+
+echo "$VERSION"
--- /dev/null
+3.0 (quilt)
--- /dev/null
+Package: xen-hypervisor-@version@@localversion@
+Depends: ${misc:Depends}
+Provides: xen-hypervisor, xen-hypervisor-@version@, xen-hypervisor@localversion@
+Recommends: xen-utils-@version@
+Description: Xen Hypervisor on @class@
+ The hypervisor is the "core" for XEN itself. It gets booted by the boot loader
+ and controls cpu and memory, sharing them between your administrative domain
+ (Domain 0) and the virtual guest systems.
+ .
+ @desc@
+ .
+ In order to boot a XEN system along with this package you also need a kernel
+ specifically crafted to work as the Domain 0, mediating hardware access for
+ XEN itself.
+
--- /dev/null
+Package: libxen-@version@
+Section: libs
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Multi-Arch: same
+Description: Public libs for Xen
+ This package contains the shared toolstack libraries for Xen.
+
+Package: libxenstore3.0
+Section: libs
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Multi-Arch: same
+Description: Xenstore communications library for Xen
+ This package contains the client library interface to XenStore.
+ .
+
+Package: libxen-dev
+Section: libdevel
+Multi-Arch: same
+Depends: libxen-@version@ (= ${binary:Version}), libxenstore3.0 (= ${binary:Version}), ${misc:Depends}
+Description: Public headers and libs for Xen
+ This package contains the public headers and static libraries for Xen.
+ .
+ The libxenlight library is intended as a common base for all Xen toolstack
+ developers. The libxlutil library contains additional helpers which may be
+ useful to toolstack developers.
+ .
+ The libxenstore library allows userspace processes to interact with the
+ XenStore database. XenStore is a shared database used for interdomain
+ communication of configuration and status information. It is accessible to all
+ domains running on the same Xen host. See http://wiki.xen.org/wiki/XenStore
+ for more information.
+ .
+ The libxenctrl and libxenguest libraries are internal libraries intended for
+ use by the Xen toolstack and are not intended to be used directly. Toolstack
+ authors should use libxenlight.
+
+Package: xenstore-utils
+Section: admin
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Conflicts: xen-utils-common (<= 3.1.0-1)
+Replaces: xen-utils-common (<= 3.1.0-1)
+Description: Xenstore command line utilities for Xen
+ This package contains command line utilities for interacting with XenStore.
+ .
+ XenStore is a shared database used for interdomain communication of
+ configuration and status information. It is accessible to all domains running
+ on the same Xen host. See http://wiki.xen.org/wiki/XenStore for more information.
+ .
+ In the common case these tools are used by the Xen toolstack running in
+ domain0 (or a driver domain) however they may also be used in a guest domain
+ to support local scripting which wants to communicate via XenStore.
+
+Package: xen-utils-common
+Architecture: all
+Depends: lsb-base, python, udev, xenstore-utils, ${misc:Depends}
+Description: Xen administrative tools - common files
+ The userspace tools to manage a system virtualized through the Xen virtual
+ machine monitor.
+ .
+ This package is only required on the host system (Domain 0) and not on
+ the virtual guest systems (Domain U).
--- /dev/null
+Section: kernel
+Priority: optional
+Maintainer: Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org>
+Uploaders: Guido Trotter <ultrotter@debian.org>, Bastian Blank <waldi@debian.org>, Ian Jackson <ian.jackson@eu.citrix.com>
+Build-Depends:
+ autotools-dev,
+ debhelper (>> 9),
+ dpkg-dev (>= 1.16.0~),
+ lsb-release,
+ python-dev,
+ bcc [i386 amd64],
+ gcc-multilib [i386 amd64],
+ e2fslibs-dev,
+ iasl,
+ seabios (>= 1.7.4-2~) [i386 amd64],
+ libaio-dev,
+ libfdt-dev [armhf arm64],
+ libglib2.0-dev,
+ liblzma-dev,
+ libncurses5-dev,
+ libpixman-1-dev,
+ libyajl-dev,
+ pkg-config,
+ uuid-dev,
+ zlib1g-dev,
+Standards-Version: 3.9.4
+XS-Python-Version: current
+
--- /dev/null
+Package: xen-system@localversion@
+Depends: xen-hypervisor-@version@@localversion@, xen-utils-@version@, ${misc:Depends}
+Provides: xen-system
+Description: Xen System on @class@ (meta-package)
+ This package depends on the latest Xen hypervisor for use on @class@ and the Xen utils.
+ .
+ @desc@
+
--- /dev/null
+Package: xen-utils-@version@
+Depends: ${shlibs:Depends}, ${misc:Depends}, ${python:Depends}, xen-utils-common (>= ${source:Version})
+Recommends: bridge-utils, libc6-xen [i386], xen-hypervisor-@version@, qemu-system-x86, grub-xen-host [i386 amd64]
+Suggests: qemu-utils [i386 amd64], seabios [i386 amd64]
+Provides: xen-utils
+Built-Using: ${misc:Built-Using}
+Description: XEN administrative tools
+ The userspace tools to manage a system virtualized through the XEN virtual
+ machine monitor.
+ .
+ qemu-utils and seabios are neded for "Xen HVM" (amd64 and i386)
+
--- /dev/null
+Submit-As: src:xen
--- /dev/null
+Submit-As: src:xen
--- /dev/null
+#!/bin/bash
+
+set -e
+
+case "$1" in
+ configure)
+ if command -v update-grub > /dev/null && [ -d /boot/grub ]; then
+ update-grub || :
+ fi
+ ;;
+
+ abort-upgrade|abort-remove|abort-deconfigure)
+ ;;
+
+ *)
+ echo "postinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+#!/bin/bash
+
+set -e
+
+case "$1" in
+ remove)
+ if command -v update-grub > /dev/null && [ -d /boot/grub ]; then
+ update-grub || :
+ fi
+ ;;
+
+ purge|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
+ ;;
+
+ *)
+ echo "postrm called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+Submit-As: src:xen
--- /dev/null
+statically-linked-binary usr/lib/xen-@version@/boot/hvmloader
--- /dev/null
+#!/bin/sh
+
+set -e
+
+case "$1" in
+ configure)
+ update-alternatives --remove xen-default /usr/lib/xen-@version@
+ if [ -x "/etc/init.d/xen" ]; then
+ invoke-rc.d xen start || exit $?
+ fi
+ ;;
+
+ abort-upgrade|abort-remove|abort-deconfigure)
+ ;;
+
+ *)
+ echo "postinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+#!/bin/bash
+
+set -e
+
+case "$1" in
+ remove|upgrade)
+ update-alternatives --remove xen-default /usr/lib/xen-@version@
+ if [ -x "/etc/init.d/xen" ]; then
+ invoke-rc.d xen stop || exit $?
+ fi
+ ;;
+
+ deconfigure|failed-upgrade)
+ ;;
+
+ *)
+ echo "prerm called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+# -*- sh -*-
+
+#
+# Xend configuration file.
+#
+
+# This example configuration is appropriate for an installation that
+# utilizes a bridged network configuration. Access to xend via http
+# is disabled.
+
+# Commented out entries show the default for that entry, unless otherwise
+# specified.
+
+#(logfile /var/log/xen/xend.log)
+#(loglevel DEBUG)
+
+# Uncomment the line below. Set the value to flask, acm, or dummy to
+# select a security module.
+
+#(xsm_module_name dummy)
+
+# The Xen-API server configuration.
+#
+# This value configures the ports, interfaces, and access controls for the
+# Xen-API server. Each entry in the list starts with either unix, a port
+# number, or an address:port pair. If this is "unix", then a UDP socket is
+# opened, and this entry applies to that. If it is a port, then Xend will
+# listen on all interfaces on that TCP port, and if it is an address:port
+# pair, then Xend will listen on the specified port, using the interface with
+# the specified address.
+#
+# The subsequent string configures the user-based access control for the
+# listener in question. This can be one of "none" or "pam", indicating either
+# that users should be allowed access unconditionally, or that the local
+# Pluggable Authentication Modules configuration should be used. If this
+# string is missing or empty, then "pam" is used.
+#
+# The final string gives the host-based access control for that listener. If
+# this is missing or empty, then all connections are accepted. Otherwise,
+# this should be a space-separated sequence of regular expressions; any host
+# with a fully-qualified domain name or an IP address that matches one of
+# these regular expressions will be accepted.
+#
+# Example: listen on TCP port 9363 on all interfaces, accepting connections
+# only from machines in example.com or localhost, and allow access through
+# the unix domain socket unconditionally:
+#
+# (xen-api-server ((9363 pam '^localhost$ example\\.com$')
+# (unix none)))
+#
+# Optionally, the TCP Xen-API server can use SSL by specifying the private
+# key and certificate location:
+#
+# (9367 pam '' xen-api.key xen-api.crt)
+#
+# Default:
+# (xen-api-server ((unix)))
+
+
+#(xend-http-server no)
+#(xend-unix-server no)
+#(xend-tcp-xmlrpc-server no)
+#(xend-unix-xmlrpc-server yes)
+#(xend-relocation-server no)
+#(xend-relocation-ssl-server no)
+#(xend-udev-event-server no)
+
+#(xend-unix-path /var/lib/xend/xend-socket)
+
+
+# Address and port xend should use for the legacy TCP XMLRPC interface,
+# if xend-tcp-xmlrpc-server is set.
+#(xend-tcp-xmlrpc-server-address 'localhost')
+#(xend-tcp-xmlrpc-server-port 8006)
+
+# SSL key and certificate to use for the legacy TCP XMLRPC interface.
+# Setting these will mean that this port serves only SSL connections as
+# opposed to plaintext ones.
+#(xend-tcp-xmlrpc-server-ssl-key-file xmlrpc.key)
+#(xend-tcp-xmlrpc-server-ssl-cert-file xmlrpc.crt)
+
+
+# Port xend should use for the HTTP interface, if xend-http-server is set.
+#(xend-port 8000)
+
+# Port xend should use for the relocation interface, if xend-relocation-server
+# is set.
+#(xend-relocation-port 8002)
+
+# Port xend should use for the ssl relocation interface, if
+# xend-relocation-ssl-server is set.
+#(xend-relocation-ssl-port 8003)
+
+# SSL key and certificate to use for the ssl relocation interface, if
+# xend-relocation-ssl-server is set.
+#(xend-relocation-server-ssl-key-file xmlrpc.key)
+#(xend-relocation-server-ssl-cert-file xmlrpc.crt)
+
+# Whether to use ssl as default when relocating.
+#(xend-relocation-ssl no)
+
+# Address xend should listen on for HTTP connections, if xend-http-server is
+# set.
+# Specifying 'localhost' prevents remote connections.
+# Specifying the empty string '' (the default) allows all connections.
+#(xend-address '')
+#(xend-address localhost)
+
+# Address xend should listen on for relocation-socket connections, if
+# xend-relocation-server is set.
+# Meaning and default as for xend-address above.
+# Also, interface name is allowed (e.g. eth0) there to get the
+# relocation address to be bound on.
+#(xend-relocation-address '')
+
+# The hosts allowed to talk to the relocation port. If this is empty (the
+# default), then all connections are allowed (assuming that the connection
+# arrives on a port and interface on which we are listening; see
+# xend-relocation-port and xend-relocation-address above). Otherwise, this
+# should be a space-separated sequence of regular expressions. Any host with
+# a fully-qualified domain name or an IP address that matches one of these
+# regular expressions will be accepted.
+#
+# For example:
+# (xend-relocation-hosts-allow '^localhost$ ^.*\\.example\\.org$')
+#
+#(xend-relocation-hosts-allow '')
+
+# The limit (in kilobytes) on the size of the console buffer
+#(console-limit 1024)
+
+##
+# NOTE:
+# Please read /usr/share/doc/xen-utils-common/README.Debian for Debian specific
+# informations about the network setup.
+
+##
+# To bridge network traffic, like this:
+#
+# dom0: ----------------- bridge -> real eth0 -> the network
+# |
+# domU: fake eth0 -> vifN.0 -+
+#
+# use
+#
+# (network-script network-bridge)
+#
+# Your default ethernet device is used as the outgoing interface, by default.
+# To use a different one (e.g. eth1) use
+#
+# (network-script 'network-bridge netdev=eth1')
+#
+# The bridge is named eth0, by default (yes, really!)
+#
+
+# It is normally much better to create the bridge yourself in
+# /etc/network/interfaces. network-bridge start does nothing if you
+# already have a bridge, and network-bridge stop does nothing if the
+# default bridge name (normally eth0) is not a bridge. See
+# bridge-utils-interfaces(5) for full information on the syntax in
+# /etc/network/interfaces, but you probably want something like this:
+# iface xenbr0 inet static
+# address [etc]
+# netmask [etc]
+# [etc]
+# bridge_ports eth0
+#
+# To have network-bridge create a differently-named bridge, use:
+# (network-script 'network-bridge bridge=<name>')
+#
+# It is possible to use the network-bridge script in more complicated
+# scenarios, such as having two outgoing interfaces, with two bridges, and
+# two fake interfaces per guest domain. To do things like this, write
+# yourself a wrapper script, and call network-bridge from it, as appropriate.
+#
+
+# The script used to control virtual interfaces. This can be overridden on a
+# per-vif basis when creating a domain or a configuring a new vif. The
+# vif-bridge script is designed for use with the network-bridge script, or
+# similar configurations.
+#
+# If you have overridden the bridge name using
+# (network-script 'network-bridge bridge=<name>') then you may wish to do the
+# same here. The bridge name can also be set when creating a domain or
+# configuring a new vif, but a value specified here would act as a default.
+#
+# If you are using only one bridge, the vif-bridge script will discover that,
+# so there is no need to specify it explicitly. The default is to use
+# the bridge which is listed first in the output from brctl.
+#
+(vif-script vif-bridge)
+
+
+## Use the following if network traffic is routed, as an alternative to the
+# settings for bridged networking given above.
+#(network-script network-route)
+#(vif-script vif-route)
+
+
+## Use the following if network traffic is routed with NAT, as an alternative
+# to the settings for bridged networking given above.
+#(network-script network-nat)
+#(vif-script vif-nat)
+
+# dom0-min-mem is the lowest permissible memory level (in MB) for dom0.
+# This is a minimum both for auto-ballooning (as enabled by
+# enable-dom0-ballooning below) and for xm mem-set when applied to dom0.
+(dom0-min-mem 196)
+
+# Whether to enable auto-ballooning of dom0 to allow domUs to be created.
+# If enable-dom0-ballooning = no, dom0 will never balloon out.
+(enable-dom0-ballooning yes)
+
+# 32-bit paravirtual domains can only consume physical
+# memory below 168GB. On systems with memory beyond that address,
+# they'll be confined to memory below 128GB.
+# Using total_available_memory (in GB) to specify the amount of memory reserved
+# in the memory pool exclusively for 32-bit paravirtual domains.
+# Additionally you should use dom0_mem = <-Value> as a parameter in
+# xen kernel to reserve the memory for 32-bit paravirtual domains, default
+# is "0" (0GB).
+(total_available_memory 0)
+
+# In SMP system, dom0 will use dom0-cpus # of CPUS
+# If dom0-cpus = 0, dom0 will take all cpus available
+(dom0-cpus 0)
+
+# Whether to enable core-dumps when domains crash.
+#(enable-dump no)
+
+# The tool used for initiating virtual TPM migration
+#(external-migration-tool '')
+
+# The interface for VNC servers to listen on. Defaults
+# to 127.0.0.1 To restore old 'listen everywhere' behaviour
+# set this to 0.0.0.0
+#(vnc-listen '127.0.0.1')
+
+# The default password for VNC console on HVM domain.
+# Empty string is no authentication.
+(vncpasswd '')
+
+# The VNC server can be told to negotiate a TLS session
+# to encryption all traffic, and provide x509 cert to
+# clients enabling them to verify server identity. The
+# GTK-VNC widget, virt-viewer, virt-manager and VeNCrypt
+# all support the VNC extension for TLS used in QEMU. The
+# TightVNC/RealVNC/UltraVNC clients do not.
+#
+# To enable this create x509 certificates / keys in the
+# directory ${XEN_CONFIG_DIR} + vnc
+#
+# ca-cert.pem - The CA certificate
+# server-cert.pem - The Server certificate signed by the CA
+# server-key.pem - The server private key
+#
+# and then uncomment this next line
+# (vnc-tls 1)
+
+# The certificate dir can be pointed elsewhere..
+#
+# (vnc-x509-cert-dir vnc)
+
+# The server can be told to request & validate an x509
+# certificate from the client. Only clients with a cert
+# signed by the trusted CA will be able to connect. This
+# is more secure the password auth alone. Passwd auth can
+# used at the same time if desired. To enable client cert
+# checking uncomment this:
+#
+# (vnc-x509-verify 1)
+
+# The default keymap to use for the VM's virtual keyboard
+# when not specififed in VM's configuration
+#(keymap 'en-us')
+
+# Script to run when the label of a resource has changed.
+#(resource-label-change-script '')
+
+# Rotation count of qemu-dm log file.
+#(qemu-dm-logrotate-count 10)
+
+# Path where persistent domain configuration is stored.
+# Default is /var/lib/xend/domains/
+#(xend-domains-path /var/lib/xend/domains)
+
+# Number of seconds xend will wait for device creation and
+# destruction
+#(device-create-timeout 100)
+#(device-destroy-timeout 100)
+
+# When assigning device to HVM guest, we use the strict check for HVM guest by
+# default. (For PV guest, we use loose check automatically if necessary.)
+# When we assign device to HVM guest, if we meet with the co-assignment
+# issues or the ACS issue, we could try changing the option to 'no' -- however,
+# we have to realize this may incur security issue and we can't make sure the
+# device assignment could really work properly even after we do this.
+#(pci-passthrough-strict-check yes)
+
+# If we have a very big scsi device configuration, start of xend is slow,
+# because xend scans all the device paths to build its internal PSCSI device
+# list. If we need only a few devices for assigning to a guest, we can reduce
+# the scan to this device. Set list list of device paths in same syntax like in
+# command lsscsi, e.g. ('16:0:0:0' '15:0')
+# (pscsi-device-mask ('*'))
+
--- /dev/null
+###############################################################################
+# Configuration file for granting quiry PCI devices full write access to their
+# configuration space. This file should only be used when you are unable to
+# determine the exact registers required by your device. Even so, it should
+# be used only temporarily.
+#
+# SEND A MESSAGE TO xen-devel@lists.xensource.com IF YOU USE THIS FILE.
+#
+# Using this file should NOT be necessary. If you must use it to make some
+# device work, send a message to the above list with as much information about
+# your device as possible so the developers can make accomodations for it.
+# Once developers make the necessary updates you can remove the corresponding
+# entry for your device.
+###############################################################################
+# Entries are formated as follows: <vendor>:<device>[:<subvendor>:<subdevice>]
+#
+# Example: Appending to an existing list
+#
+# (unconstrained_dev_ids
+# ('XXXX:XXXX:XXXX:XXXX' # existing entry
+# 'YYYY:YYYY:YYYY:YYYY' # new entry 1
+# 'ZZZZ:ZZZZ') # new entry 2
+# )
+###############################################################################
+(unconstrained_dev_ids
+ #('0123:4567:89AB:CDEF')
+)
--- /dev/null
+###############################################################################
+# Configuration file for quirky PCI devices that require write-access to
+# parts of the configuration space. Use this file to specific PCI device
+# IDs and the configuration space fields to which those devices must be
+# able to write.
+#
+# Length is important, so be sure to match new entries with the
+# lengths of comparable existing entries.
+#
+# Additions to this file take effect as soon as a new domain with a
+# matching device is started. However, to remove a field that was
+# previously applied to a device you must unbind the device from
+# pciback.
+###############################################################################
+# This is a bogus entry to show how a new device would be added to the list
+#
+# (new_quirky_dev_name
+# (pci_ids
+# ('0123:4567:890A:BCEF')
+# )
+#
+# (pci_config_space_fields
+# ('12345678:1:00000000')
+# )
+# )
+###############################################################################
+
+(tg3
+ (pci_ids
+ # Entries are formated as follows:
+ # <vendor>:<device>[:<subvendor>:<subdevice>]
+ ('14e4:1644' # Broadcom Tigon3 5700
+ '14e4:1645' # Broadcom Tigon3 5701
+ '14e4:1646' # Broadcom Tigon3 5702
+ '14e4:1647' # Broadcom Tigon3 5703
+ '14e4:1648' # Broadcom Tigon3 5704
+ '14e4:164d' # Broadcom Tigon3 5702FE
+ '14e4:1653' # Broadcom Tigon3 5705
+ '14e4:1654' # Broadcom Tigon3 5705_2
+ '14e4:165d' # Broadcom Tigon3 5705M
+ '14e4:165e' # Broadcom Tigon3 5705M_2
+ '14e4:16a6' # Broadcom Tigon3 5702X
+ '14e4:16a7' # Broadcom Tigon3 5703X
+ '14e4:16a8' # Broadcom Tigon3 5704S
+ '14e4:16c6' # Broadcom Tigon3 5702A3
+ '14e4:16c7' # Broadcom Tigon3 5703A3
+ '14e4:1696' # Broadcom Tigon3 5782
+ '14e4:169c' # Broadcom Tigon3 5788
+ '14e4:169d' # Broadcom Tigon3 5789
+ '14e4:170d' # Broadcom Tigon3 5901
+ '14e4:1649' # Broadcom Tigon3 5704S_2
+ '14e4:166e' # Broadcom Tigon3 5705F
+ '14e4:1658' # Broadcom Tigon3 5720
+ '14e4:1659' # Broadcom Tigon3 5721
+ '14e4:1676' # Broadcom Tigon3 5750
+ '14e4:1677' # Broadcom Tigon3 5751
+ '14e4:167c' # Broadcom Tigon3 5750M
+ '14e4:167d' # Broadcom Tigon3 5751M
+ '14e4:167e' # Broadcom Tigon3 5751F
+ '14e4:1600' # Broadcom Tigon3 5752
+ '14e4:1601' # Broadcom Tigon3 5752M
+ '14e4:16f7' # Broadcom Tigon3 5753
+ '14e4:16fd' # Broadcom Tigon3 5753M
+ '14e4:16fe' # Broadcom Tigon3 5753F
+ '14e4:1668' # Broadcom Tigon3 5714
+ '14e4:1678' # Broadcom Tigon3 5715
+ '14e4:166a' # Broadcom Tigon3 5780
+ '14e4:166b' # Broadcom Tigon3 5780S
+ '14e4:16dd' # Broadcom Tigon3 5781
+ '1148:4400' # Syskonnect 9DXX
+ '1148:4500' # Syskonnect 9MXX
+ '173b:03e8' # Altima AC1000
+ '173b:03e9' # Altima AC1001
+ '173b:03eb' # Altima AC1003
+ '173b:03ea' # Altima AC9100
+ '106b:1645') # Apple Tigon3
+ )
+
+ (pci_config_space_fields
+ # Entries are formated as follows:
+ # <register>:<size>:<mask>
+ # size is measured in bytes (1,2,4 are valid sizes)
+ # mask is currently unused; use all zero's
+ ('00000078:4:00000000' # TG3PCI_REG_BASE_ADDR
+ '0000007c:4:00000000' # TG3PCI_MEM_WIN_BASE_ADDR
+ '00000080:4:00000000' # TG3PCI_REG_DATA
+ '00000084:4:00000000' # TG3PCI_MEM_WIN_DATA
+ '00000090:4:00000000' # TG3PCI_MISC_LOCAL_CTRL
+ '00000068:4:00000000' # TG3PCI_MISC_HOST_CTRL
+ '0000009C:4:00000000' # TG3PCI_STD_RING_PROD_IDX + TG3_64BIT_REG_LOW
+ '00000098:4:00000000' # TG3PCI_STD_RING_PROD_IDX + TG3_64BIT_REG_HIGH
+ '000000a4:4:00000000' # TG3PCI_RCV_RET_RING_CON_IDX + TG3_64BIT_REG_LOW
+ '000000a0:4:00000000' # TG3PCI_RCV_RET_RING_CON_IDX + TG3_64BIT_REG_HIGH
+ '00000070:4:00000000') # TG3PCI_PCISTATE
+ )
+)
--- /dev/null
+# Configuration for Xen system
+# ----------------------------
+
+# There exists several tool stacks to configure a Xen system.
+# xl: This is the new toolstack using libxenlight/libxl (default)
+# xm: Was the old toolstack (xend) which is no longer supported!
+#
+# Attention: You need to reboot after changing this!
+TOOLSTACK=
--- /dev/null
+#!/bin/bash
+
+set -e
+
+case "$1" in
+ configure)
+ if command -v update-grub > /dev/null && [ -d /boot/grub ]; then
+ update-grub || :
+ fi
+ ;;
+
+ abort-upgrade|abort-remove|abort-deconfigure)
+ ;;
+
+ *)
+ echo "postinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+#!/bin/bash
+
+set -e
+
+case "$1" in
+ remove)
+ if command -v update-grub > /dev/null && [ -d /boot/grub ]; then
+ update-grub || :
+ fi
+ ;;
+
+ purge|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
+ ;;
+
+ *)
+ echo "postrm called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+#!/bin/bash
+
+set -e
+
+case "$1" in
+ configure)
+ if command -v update-grub > /dev/null && [ -d /boot/grub ]; then
+ update-grub || :
+ fi
+ ;;
+
+ abort-upgrade|abort-remove|abort-deconfigure)
+ ;;
+
+ *)
+ echo "postinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+#!/bin/bash
+
+set -e
+
+case "$1" in
+ remove)
+ if command -v update-grub > /dev/null && [ -d /boot/grub ]; then
+ update-grub || :
+ fi
+ ;;
+
+ purge|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
+ ;;
+
+ *)
+ echo "postrm called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+#!/bin/bash
+
+set -e
+
+case "$1" in
+ configure)
+ if command -v update-grub > /dev/null && [ -d /boot/grub ]; then
+ update-grub || :
+ fi
+ ;;
+
+ abort-upgrade|abort-remove|abort-deconfigure)
+ ;;
+
+ *)
+ echo "postinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+#!/bin/bash
+
+set -e
+
+case "$1" in
+ remove)
+ if command -v update-grub > /dev/null && [ -d /boot/grub ]; then
+ update-grub || :
+ fi
+ ;;
+
+ purge|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
+ ;;
+
+ *)
+ echo "postrm called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+#
+# Uncomment the following variable and set to 0 or 1 to avoid warning.
+#
+#XEN_OVERRIDE_GRUB_DEFAULT=0
+
+echo "Including Xen overrides from /etc/default/grub.d/xen.cfg"
+
+#
+# When running update-grub with the Xen hypervisor installed, there are
+# some additional variables that can be used to pass options to the
+# hypervisor or the dom0 kernel.
+
+# The following two are used to generate arguments for the hypervisor:
+#
+#GRUB_CMDLINE_XEN_DEFAULT=""
+#GRUB_CMDLINE_XEN=""
+#
+# For example:
+#
+# dom0_mem=<size>[M]:max=<size>[M]
+# Sets the amount of memory dom0 uses (max prevents balloning for more)
+# com[12]=<speed>,<data bits><parity><stopbits>
+# Initialize a serial console from in the hypervisor (eg. 115200,8n1)
+# Note that com1 would be ttyS0 in Linux.
+# console=<dev>[,<dev> ...]
+# Redirects Xen hypervisor console (eg. com1,vga)
+
+#
+# The next two lines are used for creating kernel arguments for the dom0
+# kernel. This allows to have different options for the same kernel used
+# natively or as dom0 kernel.
+#
+#GRUB_CMDLINE_LINUX_XEN_REPLACE_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT"
+#GRUB_CMDLINE_LINUX_XEN_REPLACE="$GRUB_CMDLINE_LINUX"
+#
+# For example:
+#
+# earlyprintk=xenboot
+# Allows to send early printk messages to the Xen hypervisor console
+# console=hvc0
+# Redirects the Linux console to the hypervisor console
+
+#
+# Make booting into Xen the default if not changed above. Finding the
+# current string for it always has been a problem.
+#
+if [ "$XEN_OVERRIDE_GRUB_DEFAULT" = "" ]; then
+ echo "WARNING: GRUB_DEFAULT changed to boot into Xen by default!"
+ echo " Edit /etc/default/grub.d/xen.cfg to avoid this warning."
+ XEN_OVERRIDE_GRUB_DEFAULT=1
+fi
+if [ "$XEN_OVERRIDE_GRUB_DEFAULT" = "1" ]; then
+ GRUB_DEFAULT="Debian GNU/Linux, with Xen hypervisor"
+fi
--- /dev/null
+statically-linked-binary usr/lib/xen-4.8/boot/hvmloader
--- /dev/null
+#!/bin/sh
+
+set -e
+
+case "$1" in
+ configure)
+ update-alternatives --remove xen-default /usr/lib/xen-4.8
+ if [ -x "/etc/init.d/xen" ]; then
+ invoke-rc.d xen start || exit $?
+ fi
+ ;;
+
+ abort-upgrade|abort-remove|abort-deconfigure)
+ ;;
+
+ *)
+ echo "postinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+#!/bin/bash
+
+set -e
+
+case "$1" in
+ remove|upgrade)
+ update-alternatives --remove xen-default /usr/lib/xen-4.8
+ if [ -x "/etc/init.d/xen" ]; then
+ invoke-rc.d xen stop || exit $?
+ fi
+ ;;
+
+ deconfigure|failed-upgrade)
+ ;;
+
+ *)
+ echo "prerm called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+Xen for Debian
+==============
+
+Config behaviour
+----------------
+
+The Debian packages changes the behaviour of some config options.
+
+The options "kernel", "initrd" and "loader" searches in the Xen private boot
+directory (/usr/lib/xen-$version/boot) first. "bootloader" and "device_model"
+also searches the Xen private bin directory (/usr/lib/xen-$version/bin). This
+means that the following entries will properly find anything:
+ loader = 'hvmloader'
+ bootloader = 'pygrub'
+
+Network setup
+-------------
+
+The Debian package of Xen don't change the network setup in any way. This
+differs from the upstream version, which overwrites the main network card
+(eth0) with a bridge setup and may break the network at this point..
+
+To setup a bridge please follow the instructions in the manpage for
+bridge-utils-interfaces(5).
+
+You can also change the /etc/xen/xend-config.sxp file and re-enable the Xen
+included network setup by adding
+ (network-script network-bridge)
+to the file. But please note that this may or may not work.
--- /dev/null
+var/lib/xen
--- /dev/null
+debian/tmp/etc/xen/cpupool*
+debian/tmp/etc/xen/xm*
--- /dev/null
+etc/xen/scripts
+etc/xen/xl*
+usr/lib/xen-common
+usr/sbin
+../../tree/xen-utils-common/* /
--- /dev/null
+#!/bin/sh
+
+set -e
+
+case "$1" in
+configure)
+ install -d -m 2750 -g adm /var/log/xen
+ ;;
+
+abort-upgrade|abort-remove|abort-deconfigure)
+ ;;
+
+*)
+ echo "postinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+dpkg-maintscript-helper mv_conffile /etc/init.d/xend /etc/init.d/xen 4.1.2-4~ -- "$@"
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+#!/bin/sh
+
+set -e
+
+case "$1" in
+purge)
+ rmdir --ignore-fail-on-non-empty /var/log/xen
+ ;;
+
+remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
+ ;;
+
+*)
+ echo "postrm called with unknown argument \`$1'" >&2
+ exit
+ ;;
+esac
+
+dpkg-maintscript-helper mv_conffile /etc/init.d/xend /etc/init.d/xen 4.1.2-4~ -- "$@"
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+#!/bin/sh
+
+set -e
+
+case "$1" in
+install|upgrade)
+ ;;
+
+abort-upgrade)
+ ;;
+
+*)
+ echo "preinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+dpkg-maintscript-helper mv_conffile /etc/init.d/xend /etc/init.d/xen 4.1.2-4~ -- "$@"
+update-rc.d -f xend remove >/dev/null
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+/usr/share/xen-utils-common/default.xen /etc/default/xen
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: xen xend
+# Required-Start: $syslog $remote_fs
+# Required-Stop: $syslog $remote_fs
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Xen daemons
+# Description: Xen daemons
+### END INIT INFO
+
+. /lib/init/vars.sh
+. /lib/lsb/init-functions
+
+# Default variables
+XENSTORED_DIR="/var/run/xenstored"
+
+[ -r /etc/default/xen ] && . /etc/default/xen
+[ -r /etc/default/xend ] && . /etc/default/xend
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+DESC="Xen daemons"
+
+ROOT=$(/usr/lib/xen-common/bin/xen-dir 2>/dev/null)
+if [ $? -ne 0 ]; then
+ log_warning_msg "Not running within Xen or no compatible utils"
+ exit 0
+fi
+TOOLSTACK=$(/usr/lib/xen-common/bin/xen-toolstack 2>/dev/null)
+if [ $? -ne 0 ]; then
+ log_warning_msg "No usable Xen toolstack selected"
+ exit 0
+fi
+
+[ -e "$ROOT"/bin/xend ] && XEND="$ROOT"/bin/xend
+XENCONSOLED="$ROOT"/bin/xenconsoled
+XENCONSOLED_PIDFILE="/var/run/xenconsoled.pid"
+XENSTORED="$ROOT"/bin/xenstored
+XENSTORED_PIDFILE="/var/run/xenstore.pid"
+QEMU=/usr/bin/qemu-system-i386
+QEMU_PIDFILE="/var/run/qemu-dom0.pid"
+QEMU_ARGS="-xen-domid 0 -xen-attach -name dom0 -nographic -M xenpv -daemonize -monitor /dev/null -serial /dev/null -parallel /dev/null"
+
+modules_setup()
+{
+ modprobe xenfs 2>/dev/null
+ modprobe xen-evtchn 2>/dev/null
+ modprobe xen-gntdev 2>/dev/null
+}
+
+xenfs_setup()
+{
+ [ -e "/proc/xen/capabilities" ] && return 0
+ log_progress_msg "xenfs"
+ [ -d "/proc/xen" ] || return 1
+ mount -t xenfs xenfs /proc/xen || return 1
+ return 0
+}
+
+capability_check()
+{
+ [ -e "/proc/xen/capabilities" ] || return 1
+ grep -q "control_d" /proc/xen/capabilities || return 1
+ return 0
+}
+
+env_setup()
+{
+ [ -d /run/xen ] && return 0
+
+ mkdir -m 700 /run/xen
+ [ -x /sbin/restorecon ] && /sbin/restorecon /run/xen
+}
+
+xend_start()
+{
+ if [ -z "$XEND" ] || [ "$(basename "$TOOLSTACK")" != xm ]; then
+ return 0
+ fi
+
+ log_progress_msg "xend"
+ xend_start_real
+ return $?
+}
+
+xend_stop()
+{
+ if [ -z "$XEND" ] || [ "$(basename "$TOOLSTACK")" != xm ]; then
+ return 0
+ fi
+
+ log_progress_msg "xend"
+ xend_stop_real
+ return $?
+}
+
+xend_restart()
+{
+ if [ -z "$XEND" ] || [ "$(basename "$TOOLSTACK")" != xm ]; then
+ return 0
+ fi
+
+ log_progress_msg "xend"
+ xend_stop_real
+ case "$?" in
+ 0|1)
+ xend_start_real
+ case "$?" in
+ 0) ;;
+ *) return 2 ;;
+ esac
+ ;;
+ *) return 2 ;;
+ esac
+ return 0
+}
+
+xend_start_real()
+{
+ $XEND status && return 1
+ $XEND start || return 2
+
+ i=0
+ while [ $i -lt 10 ]; do
+ $XEND status && return 0 || true
+ i=$(($i + 1))
+ sleep 1
+ done
+ return 2
+}
+
+xend_stop_real()
+{
+ log_progress_msg "xend"
+ $XEND status || return 0
+ $XEND stop || return 1
+}
+
+xenconsoled_start()
+{
+ log_progress_msg "xenconsoled"
+ xenconsoled_start_real
+ return $?
+}
+
+xenconsoled_stop()
+{
+ log_progress_msg "xenconsoled"
+ xenconsoled_stop_real
+ return $?
+}
+
+xenconsoled_restart()
+{
+ log_progress_msg "xenconsoled"
+ xenconsoled_stop_real
+ case "$?" in
+ 0|1)
+ xenconsoled_start_real
+ case "$?" in
+ 0) ;;
+ *) return 2 ;;
+ esac
+ ;;
+ *) return 2 ;;
+ esac
+ return 0
+}
+
+xenconsoled_start_real()
+{
+ start-stop-daemon --start --quiet --pidfile "$XENCONSOLED_PIDFILE" --exec "$XENCONSOLED" --test > /dev/null \
+ || return 1
+ start-stop-daemon --start --quiet --pidfile "$XENCONSOLED_PIDFILE" --exec "$XENCONSOLED" -- \
+ $XENCONSOLED_ARGS --pid-file="$XENCONSOLED_PIDFILE" \
+ || return 2
+}
+
+xenconsoled_stop_real()
+{
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile "$XENCONSOLED_PIDFILE" --name xenconsoled
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec "$XENCONSOLED"
+ [ "$?" = 2 ] && return 2
+ rm -f $XENCONSOLED_PIDFILE
+ return "$RETVAL"
+}
+
+qemu_start()
+{
+ [ -x $QEMU ] || return 0
+ log_progress_msg "qemu"
+ qemu_start_real
+ return $?
+}
+
+qemu_stop()
+{
+ [ -x $QEMU ] || return 0
+ log_progress_msg "qemu"
+ qemu_stop_real
+ return $?
+}
+
+qemu_restart()
+{
+ [ -x $QEMU ] || return 0
+ log_progress_msg "qemu"
+ qemu_stop_real
+ case "$?" in
+ 0|1)
+ qemu_start_real
+ case "$?" in
+ 0) ;;
+ *) return 2 ;;
+ esac
+ ;;
+ *) return 2 ;;
+ esac
+ return 0
+}
+
+qemu_start_real()
+{
+ start-stop-daemon --start --quiet --pidfile "$QEMU_PIDFILE" --exec "$QEMU" --test > /dev/null \
+ || return 1
+ start-stop-daemon --start --quiet --pidfile "$QEMU_PIDFILE" --exec "$QEMU" -- \
+ $QEMU_ARGS -pidfile "$QEMU_PIDFILE" \
+ || return 2
+}
+
+qemu_stop_real()
+{
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile "$QEMU_PIDFILE" --exec "$QEMU"
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec "$QEMU"
+ [ "$?" = 2 ] && return 2
+ rm -f $QEMU_PIDFILE
+ return "$RETVAL"
+}
+
+
+xenstored_start()
+{
+ log_progress_msg "xenstored"
+ start-stop-daemon --start --quiet --pidfile "$XENSTORED_PIDFILE" --exec "$XENSTORED" --test > /dev/null \
+ || return 1
+ [ -d "$XENSTORED_DIR" ] || mkdir -p "$XENSTORED_DIR"
+ [ -x /sbin/restorecon ] && /sbin/restorecon "$XENSTORED_DIR"
+ export XENSTORED_ROOTDIR="$XENSTORED_DIR"
+ start-stop-daemon --start --quiet --pidfile "$XENSTORED_PIDFILE" --exec "$XENSTORED" -- \
+ $XENSTORED_ARGS --pid-file="$XENSTORED_PIDFILE" \
+ || return 2
+
+ # Wait for xenstored to actually come up, timing out after 30 seconds
+ local time=0
+ local timeout=30
+ while [ $time -lt $timeout ] && ! `xenstore-read -s / >/dev/null 2>&1` ; do
+ time=$(( $time+1 ))
+ sleep 1
+ done
+
+ # Exit if we timed out
+ if ! [ $time -lt $timeout ] ; then
+ return 2
+ fi
+}
+
+init_dom0()
+{
+ log_progress_msg "init-dom0"
+ if [ -e $ROOT/bin/xen-init-dom0 ] ; then
+ $ROOT/bin/xen-init-dom0 > /dev/null
+ else
+ xenstore-write "/local/domain/0/name" "Domain-0"
+ xenstore-write "/local/domain/0/domid" "0"
+ fi
+}
+
+case "$1" in
+ start)
+ log_daemon_msg "Starting $DESC"
+ modules_setup
+ xenfs_setup
+ case "$?" in
+ 0) ;;
+ *) log_end_msg 1; exit ;;
+ esac
+ capability_check
+ case "$?" in
+ 0) ;;
+ *) log_end_msg 255; exit ;;
+ esac
+ env_setup
+ xenstored_start
+ case "$?" in
+ 0|1) ;;
+ *) log_end_msg 1; exit ;;
+ esac
+ xenconsoled_start
+ case "$?" in
+ 0|1) ;;
+ *) log_end_msg 1; exit ;;
+ esac
+ xend_start
+ case "$?" in
+ 0|1) ;;
+ *) log_end_msg 1; exit ;;
+ esac
+ init_dom0
+ case "$?" in
+ 0|1) ;;
+ *) log_end_msg 1; exit ;;
+ esac
+ qemu_start
+ case "$?" in
+ 0|1) ;;
+ *) log_end_msg 1; exit ;;
+ esac
+ log_end_msg 0
+ ;;
+ stop)
+ capability_check
+ case "$?" in
+ 0) ;;
+ *) exit ;;
+ esac
+ log_daemon_msg "Stopping $DESC"
+ ret=0
+ qemu_stop
+ case "$?" in
+ 0|1) ;;
+ *) ret=1 ;;
+ esac
+ xend_stop
+ case "$?" in
+ 0|1) ;;
+ *) ret=1 ;;
+ esac
+ xenconsoled_stop
+ case "$?" in
+ 0|1) ;;
+ *) ret=1 ;;
+ esac
+ log_end_msg $ret
+ ;;
+ restart|force-reload)
+ capability_check
+ case "$?" in
+ 0) ;;
+ *) exit ;;
+ esac
+ log_daemon_msg "Restarting $DESC"
+ ret=0
+ qemu_restart
+ case "$?" in
+ 0|1) ;;
+ *) ret=1 ;;
+ esac
+ xend_restart
+ case "$?" in
+ 0|1) ;;
+ *) ret=1 ;;
+ esac
+ xenconsoled_restart
+ case "$?" in
+ 0|1) ;;
+ *) ret=1 ;;
+ esac
+ log_end_msg $ret
+ ;;
+ *)
+ echo "Usage: $0 {start|stop|restart|force-reload}" >&2
+ exit 3
+ ;;
+esac
+
+exit 0
--- /dev/null
+XENCONSOLED_ARGS=
+XENSTORED_ARGS=
--- /dev/null
+# The xendomains script can send SysRq requests to domains on shutdown.
+# If you don't want to MIGRATE, SAVE, or SHUTDOWN, this may be a possibility
+# to do a quick and dirty shutdown ("s e i u o") or at least sync the disks
+# of the domains ("s").
+#
+# XENDOMAINS_SYSRQ=
+
+# Set this to a non-empty string if you want to migrate virtual machines
+# on shutdown. The string will be passed to the xm migrate DOMID command
+# as is: It should contain the target IP address of the physical machine
+# to migrate to and optionally parameters like --live. Leave empty if
+# you don't want to try virtual machine relocation on shutdown.
+# If migration succeeds, neither SAVE nor SHUTDOWN will be executed for
+# that domain.
+#
+# XENDOMAINS_MIGRATE=
+
+# Directory to save running domains to when the system (dom0) is
+# shut down. Will also be used to restore domains from if # XENDOMAINS_RESTORE
+# is set (see below). Leave empty to disable domain saving on shutdown
+# (e.g. because you rather shut domains down).
+# If domain saving does succeed, SHUTDOWN will not be executed.
+#
+XENDOMAINS_SAVE=/var/lib/xen/save
+
+# This variable determines whether saved domains from XENDOMAINS_SAVE
+# will be restored on system startup.
+#
+XENDOMAINS_RESTORE=true
+
+# This variable sets the directory where domains configurations
+# are stored that should be started on system startup automatically.
+# Leave empty if you don't want to start domains automatically
+# (or just don't place any xen domain config files in that dir).
+# Note that the script tries to be clever if both RESTORE and AUTO are
+# set: It will first restore saved domains and then only start domains
+# in AUTO which are not running yet.
+# Note that the name matching is somewhat fuzzy.
+#
+XENDOMAINS_AUTO=/etc/xen/auto
+
+# On xendomains stop, a number of xm commands (xm migrate, save, shutdown,
+# shutdown --all) may be executed. In the worst case, these commands may
+# stall forever, which will prevent a successful shutdown of the machine.
+# If this variable is non-zero, the script will set up a watchdog timer
+# for every of these xm commands and time it out after the number of seconds
+# specified by this variable.
+# Note that SHUTDOWN_ALL will not be called if no virtual machines or only
+# zombies are still running, so you don't need to enable this timeout just
+# for the zombie case.
+# The setting should be large enough to make sure that migrate/save/shutdown
+# can succeed. If you do live migrations, keep in mind that live migration
+# of a 1GB machine over Gigabit ethernet may actually take something like
+# 100s (assuming that live migration uses 10% of the network # bandwidth).
+# Depending on the virtual machine, a shutdown may also require a significant
+# amount of time. So better setup this variable to a huge number and hope the
+# watchdog never fires.
+#
+XENDOMAINS_STOP_MAXWAIT=300
+
--- /dev/null
+#!/bin/bash
+### BEGIN INIT INFO
+# Provides: xendomains
+# Required-Start: $syslog $remote_fs xen
+# Required-Stop: $syslog $remote_fs xen
+# Should-Start: drbd iscsi openvswitch-switch
+# Should-Stop: drbd iscsi openvswitch-switch
+# X-Start-Before: corosync heartbeat libvirtd
+# X-Stop-After: corosync heartbeat libvirtd
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Start/stop secondary xen domains
+# Description: Start / stop domains automatically when domain 0
+# boots / shuts down.
+### END INIT INFO
+
+. /lib/init/vars.sh
+. /lib/lsb/init-functions
+
+xen list &> /dev/null
+if test $? -ne 0
+then
+ exit 0;
+fi
+
+TOOLSTACK=$(/usr/lib/xen-common/bin/xen-toolstack 2>/dev/null)
+if [ $? -ne 0 ]; then
+ log_warning_msg "No usable Xen toolstack selected"
+ exit 0
+fi
+if [ "$(basename "$TOOLSTACK")" != xm ] && [ "$(basename "$TOOLSTACK")" != xl ]; then
+ exit 0
+fi
+
+if ! [ -e /proc/xen/privcmd ]; then
+ exit 0
+fi
+
+[ -r /etc/default/xendomains ] && . /etc/default/xendomains
+
+shopt -s nullglob
+
+check_config_name()
+{
+ /usr/lib/xen-common/bin/xen-init-name "$1" 2>/dev/null
+}
+
+check_running()
+{
+ xen domid "$1" > /dev/null 2>&1
+ return $?
+}
+
+timeout_coproc()
+{
+ local TIMEOUT=$1
+ shift
+
+ coproc "$@" 2>&1 1>/dev/null
+
+ local COPROC_OUT
+ exec {COPROC_OUT}<&"${COPROC[0]}"
+ local PID="$COPROC_PID"
+
+ for no in $(seq 0 $TIMEOUT); do
+ if [ -z "$COPROC_PID" ]; then break; fi
+ sleep 1
+ log_action_cont_msg
+ done
+
+ kill -INT "$COPROC_PID" >/dev/null 2>&1
+ wait $PID
+ local rc=$?
+ log_action_end_msg $rc
+
+ [ $rc -gt 0 ] && cat <&$COPROC_OUT
+ exec <&$COPROC_OUT-
+}
+
+timeout_domain()
+{
+ name="$1"
+ TIMEOUT="$2"
+ for no in $(seq 0 $TIMEOUT); do
+ if ! check_running "$name"; then return 0; fi
+ sleep 1
+ log_action_cont_msg
+ done
+ return 1
+}
+
+do_start_restore()
+{
+ [ -n "$XENDOMAINS_SAVE" ] || return
+ [ -d "$XENDOMAINS_SAVE" ] || return
+ [ -n "$XENDOMAINS_RESTORE" ] || return
+
+ for file in $XENDOMAINS_SAVE/*; do
+ if [ -f $file ] ; then
+ name="${file##*/}"
+ log_action_begin_msg "Restoring Xen domain $name (from $file)"
+
+ out=$(xen restore "$file" 2>&1 1>/dev/null)
+ case "$?" in
+ 0)
+ rm "$file"
+ domains[$name]='started'
+ log_action_end_msg 0
+ ;;
+ *)
+ domains[$name]='failed'
+ log_action_end_msg 1
+ echo "$out"
+ ;;
+ esac
+ fi
+ done
+}
+
+do_start_auto()
+{
+ [ -n "$XENDOMAINS_AUTO" ] || return
+ [ -d "$XENDOMAINS_AUTO" ] || return
+
+ for file in $XENDOMAINS_AUTO/*; do
+ name="$(check_config_name $file)"
+
+ if [ "${domains[$name]}" = started ]; then
+ :
+ elif check_running "$name"; then
+ log_action_msg "Xen domain $name already running"
+ else
+ log_action_begin_msg "Starting Xen domain $name (from $file)"
+
+ if [ "${domains[$name]}" = failed ]; then
+ log_action_end_msg 1 "restore failed"
+ else
+ out=$(xen create --quiet --defconfig "$file" 2>&1 1>/dev/null)
+ case "$?" in
+ 0)
+ log_action_end_msg 0
+ ;;
+ *)
+ log_action_end_msg 1
+ echo "$out"
+ ;;
+ esac
+ fi
+ fi
+ done
+}
+
+do_start()
+{
+ declare -A domains
+
+ do_start_restore
+ do_start_auto
+}
+
+do_stop_migrate()
+{
+ [ -n "$XENDOMAINS_MIGRATE" ] || return
+
+ while read id name rest; do
+ log_action_begin_msg "Migrating Xen domain $name ($id)"
+ (timeout_coproc "$XENDOMAINS_STOP_MAXWAIT" xen migrate $id $XENDOMAINS_MIGRATE)
+ done < <(/usr/lib/xen-common/bin/xen-init-list)
+}
+
+do_stop_save()
+{
+ [ -n "$XENDOMAINS_SAVE" ] || return
+ [ -d "$XENDOMAINS_SAVE" ] || mkdir -m 0700 -p "$XENDOMAINS_SAVE"
+
+ while read id name rest; do
+ log_action_begin_msg "Saving Xen domain $name ($id)"
+ (timeout_coproc "$XENDOMAINS_STOP_MAXWAIT" xen save $id $XENDOMAINS_SAVE/$name)
+ done < <(/usr/lib/xen-common/bin/xen-init-list)
+}
+
+do_stop_shutdown()
+{
+ while read id name rest; do
+ log_action_begin_msg "Shutting down Xen domain $name ($id)"
+ xen shutdown $id 2>&1 1>/dev/null
+ log_action_end_msg $?
+ done < <(/usr/lib/xen-common/bin/xen-init-list)
+ while read id name rest; do
+ log_action_begin_msg "Waiting for Xen domain $name ($id) to shut down"
+ timeout_domain "$name" "$XENDOMAINS_STOP_MAXWAIT"
+ log_action_end_msg $?
+ done < <(/usr/lib/xen-common/bin/xen-init-list)
+}
+
+do_stop()
+{
+ do_stop_migrate
+ do_stop_save
+ do_stop_shutdown
+}
+
+case "$1" in
+ start)
+ do_start
+ ;;
+
+ stop)
+ do_stop
+ ;;
+
+ restart)
+ do_stop
+ do_start
+ ;;
+
+ reload|force-reload)
+ do_stop
+ do_start
+ ;;
+
+ *)
+ echo "Usage: $0 {start|stop|restart|reload|force-reload}"
+ exit 3
+ ;;
+esac
+
+exit 0
--- /dev/null
+xen-3.0 (3.4.0-1) UNRELEASED; urgency=low
+
+ This version does not longer ship the ioemu part, aka the patched qemu.
+ So it does not support
+ * full virtualized domains and
+ * virtual console support for paravirtualized domains.
+
+ -- Bastian Blank <waldi@debian.org> Sat, 18 Jul 2009 15:05:31 +0200
--- /dev/null
+Xen for Debian
+==============
+
+Config behaviour
+----------------
+
+The Debian packages changes the behaviour of some config options.
+
+The options "kernel", "initrd" and "loader" searches in the Xen private boot
+directory (/usr/lib/xen-$version/boot) first. "bootloader" and "device_model"
+also searches the Xen private bin directory (/usr/lib/xen-$version/bin). This
+means that the following entries will properly find anything:
+ loader = 'hvmloader'
+ bootloader = 'pygrub'
+
+Network setup
+-------------
+
+The Debian package of Xen don't change the network setup in any way. This
+differs from the upstream version, which overwrites the main network card
+(eth0) with a bridge setup and may break the network at this point..
+
+To setup a bridge please follow the instructions in the manpage for
+bridge-utils-interfaces(5).
+
+You can also change the /etc/xen/xend-config.sxp file and re-enable the Xen
+included network setup by adding
+ (network-script network-bridge)
+to the file. But please note that this may or may not work.
+
+Loop devices
+------------
+
+If you plan hosting virtual domains with file backed block devices (ie. the
+ones xen-tools creates by default) be careful about two issues:
+
+1. Maximum number of loop devices
+ By default the loop driver supports a maximum of 8 loop devices. Of
+ course since every Xen domain uses at least two (one for the data and one
+ for the swap) this number is absolutely insufficient. You should increase
+ it by adding a file named local-loop in /etc/modprobe.d containing the
+ string "options loop max_loop=128", if the loop driver is compiled as a
+ module, or by appending the string max_loop=128 to your kernel parameters
+ if the driver is in-kernel. Of course you can increase or decrease the
+ number 128 as you see fit.
+
+2. Driver loading (only if loop is compiled as a module)
+ Normally the loop driver gets loaded when the first loop device is
+ accessed. When using udev, though, the loop devices get created only
+ after the driver gets loaded. This means that Xen will fail if the loop
+ driver is not already loaded when it tries to start a file-backed virtual
+ domain. To fix this just add "loop" in your /etc/modules file, thus
+ forcing it to be loaded at boot time.
--- /dev/null
+usr/bin/xenstore-*
projects / xen.git / commitdiff