Hello community,
here is the log from the commit of package xen for openSUSE:Factory checked in at 2014-05-02 19:21:27
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/xen (Old)
and /work/SRC/openSUSE:Factory/.xen.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "xen"
Changes:
--------
--- /work/SRC/openSUSE:Factory/xen/xen.changes 2014-04-16 07:44:25.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2014-05-02 19:21:29.000000000 +0200
@@ -1,0 +2,26 @@
+Sat Apr 26 09:56:36 MDT 2014 - carnold@suse.com
+
+- When the xl command is used, check to see if the domain being
+ modified is managed by libvirt and print warning if it is.
+ xl-check-for-libvirt-managed-domain.patch
+
+-------------------------------------------------------------------
+Thu Apr 24 08:17:36 MDT 2014 - carnold@suse.com
+
+- Upstream patches from Jan
+ 53455585-x86-AMD-feature-masking-is-unavailable-on-Fam11.patch
+ 5346a7a0-x86-AMD-support-further-feature-masking-MSRs.patch
+ 534bbd90-x86-nested-HAP-don-t-BUG-on-legitimate-error.patch
+ 534bdf47-x86-HAP-also-flush-TLB-when-altering-a-present-1G-or-intermediate-entry.patch
+ 53563ea4-x86-MSI-drop-workaround-for-insecure-Dom0-kernels.patch
+ 5357baff-x86-add-missing-break-in-dom0_pit_access.patch
+- XSA-92
+ xsa92.patch
+
+-------------------------------------------------------------------
+Sat Apr 12 20:48:21 UTC 2014 - mmarek@suse.cz
+
+- Add # needssslcertforbuild to use the project's certificate when
+ building in a home project. (bnc#872354)
+
+-------------------------------------------------------------------
New:
----
53455585-x86-AMD-feature-masking-is-unavailable-on-Fam11.patch
5346a7a0-x86-AMD-support-further-feature-masking-MSRs.patch
534bbd90-x86-nested-HAP-don-t-BUG-on-legitimate-error.patch
534bdf47-x86-HAP-also-flush-TLB-when-altering-a-present-1G-or-intermediate-entry.patch
53563ea4-x86-MSI-drop-workaround-for-insecure-Dom0-kernels.patch
5357baff-x86-add-missing-break-in-dom0_pit_access.patch
xl-check-for-libvirt-managed-domain.patch
xsa92.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ xen.spec ++++++
--- /var/tmp/diff_new_pack.FnTEMX/_old 2014-05-02 19:21:32.000000000 +0200
+++ /var/tmp/diff_new_pack.FnTEMX/_new 2014-05-02 19:21:32.000000000 +0200
@@ -16,6 +16,8 @@
#
+# needssslcertforbuild
+
Name: xen
ExclusiveArch: %ix86 x86_64 %arm aarch64
%define xvers 4.4
@@ -152,7 +154,7 @@
%endif
%endif
-Version: 4.4.0_14
+Version: 4.4.0_16
Release: 0
PreReq: %insserv_prereq %fillup_prereq
Summary: Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
@@ -235,6 +237,13 @@
Patch22: 53356c1e-x86-HVM-correct-CPUID-leaf-80000008-handling.patch
Patch23: 533ad1ee-VMX-fix-PAT-value-seen-by-guest.patch
Patch24: 533d413b-x86-mm-fix-checks-against-max_mapped_pfn.patch
+Patch25: 53455585-x86-AMD-feature-masking-is-unavailable-on-Fam11.patch
+Patch26: 5346a7a0-x86-AMD-support-further-feature-masking-MSRs.patch
+Patch27: 534bbd90-x86-nested-HAP-don-t-BUG-on-legitimate-error.patch
+Patch28: 534bdf47-x86-HAP-also-flush-TLB-when-altering-a-present-1G-or-intermediate-entry.patch
+Patch29: 53563ea4-x86-MSI-drop-workaround-for-insecure-Dom0-kernels.patch
+Patch30: 5357baff-x86-add-missing-break-in-dom0_pit_access.patch
+Patch92: xsa92.patch
# Upstream qemu
Patch250: VNC-Support-for-ExtendedKeyEvent-client-message.patch
Patch251: 0001-net-move-the-tap-buffer-into-TAPState.patch
@@ -356,6 +365,7 @@
Patch464: set-mtu-from-bridge-for-tap-interface.patch
Patch465: libxl.add-option-for-discard-support-to-xl-disk-conf.patch
Patch466: aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch
+Patch467: xl-check-for-libvirt-managed-domain.patch
# Hypervisor and PV driver Patches
Patch501: x86-ioapic-ack-default.patch
Patch502: x86-cpufreq-report.patch
@@ -617,6 +627,13 @@
%patch22 -p1
%patch23 -p1
%patch24 -p1
+%patch25 -p1
+%patch26 -p1
+%patch27 -p1
+%patch28 -p1
+%patch29 -p1
+%patch30 -p1
+%patch92 -p1
# Upstream qemu patches
%patch250 -p1
%patch251 -p1
@@ -737,6 +754,7 @@
%patch464 -p1
%patch465 -p1
%patch466 -p1
+%patch467 -p1
# Hypervisor and PV driver Patches
%patch501 -p1
%patch502 -p1
++++++ 53455585-x86-AMD-feature-masking-is-unavailable-on-Fam11.patch ++++++
# Commit 70e79fad6dc6f533ff83ee23b8d13de5a696d896
# Date 2014-04-09 16:13:25 +0200
# Author Jan Beulich
`= fam_0f_rev_c | fam_0f_rev_d | fam_0f_rev_e | fam_0f_rev_f | fam_0f_rev_g | fam_10_rev_b | fam_10_rev_c | fam_11_rev_b`
-If the other **cpuid\_mask\_{,ext\_}e{c,d}x** options are fully set -(unspecified on the command line), specify a pre-canned cpuid mask to -mask the current processor down to appear as the specified processor. -It is important to ensure that all hosts in a pool appear the same to -guests to allow successful live migration. +If the other **cpuid\_mask\_{,ext\_,thermal\_,l7s0\_}e{a,b,c,d}x** +options are fully set (unspecified on the command line), specify a +pre-canned cpuid mask to mask the current processor down to appear as +the specified processor. It is important to ensure that all hosts in a +pool appear the same to guests to allow successful live migration. -### cpuid\_mask\_ ecx,edx,ext\_ecx,ext\_edx,xsave_eax +### cpuid\_mask\_{{,ext\_}ecx,edx}
`= <integer>`
Default: `~0` (all bits set)
-These five command line parameters are used to specify cpuid masks to +These four command line parameters are used to specify cpuid masks to help with cpuid levelling across a pool of hosts. Setting a bit in the mask indicates that the feature should be enabled, while clearing a bit in the mask indicates that the feature should be disabled. It is important to ensure that all hosts in a pool appear the same to guests to allow successful live migration. +### cpuid\_mask\_xsave\_eax (Intel only) +> `= <integer>` + +> Default: `~0` (all bits set) + +This command line parameter is also used to specify a cpuid mask to +help with cpuid levelling across a pool of hosts. See the description +of the other respective options above. + +### cpuid\_mask\_{l7s0\_{eax,ebx},thermal\_ecx} (AMD only) +> `= <integer>` + +> Default: `~0` (all bits set) + +These three command line parameters are also used to specify cpuid +masks to help with cpuid levelling across a pool of hosts. See the +description of the other respective options above. + ### cpuidle
`= <boolean>`
--- a/xen/arch/x86/cpu/amd.c
+++ b/xen/arch/x86/cpu/amd.c
@@ -30,9 +30,17 @@
* "fam_10_rev_c"
* "fam_11_rev_b"
*/
-static char opt_famrev[14];
+static char __initdata opt_famrev[14];
string_param("cpuid_mask_cpu", opt_famrev);
+static unsigned int __initdata opt_cpuid_mask_l7s0_eax = ~0u;
+integer_param("cpuid_mask_l7s0_eax", opt_cpuid_mask_l7s0_eax);
+static unsigned int __initdata opt_cpuid_mask_l7s0_ebx = ~0u;
+integer_param("cpuid_mask_l7s0_ebx", opt_cpuid_mask_l7s0_ebx);
+
+static unsigned int __initdata opt_cpuid_mask_thermal_ecx = ~0u;
+integer_param("cpuid_mask_thermal_ecx", opt_cpuid_mask_thermal_ecx);
+
/* 1 = allow, 0 = don't allow guest creation, -1 = don't allow boot */
s8 __read_mostly opt_allow_unsafe;
boolean_param("allow_unsafe", opt_allow_unsafe);
@@ -96,7 +104,11 @@ static void __devinit set_cpuidmask(cons
{
static unsigned int feat_ecx, feat_edx;
static unsigned int extfeat_ecx, extfeat_edx;
+ static unsigned int l7s0_eax, l7s0_ebx;
+ static unsigned int thermal_ecx;
+ static bool_t skip_l7s0_eax_ebx, skip_thermal_ecx;
static enum { not_parsed, no_mask, set_mask } status;
+ unsigned int eax, ebx, ecx, edx;
if (status == no_mask)
return;
@@ -104,7 +116,7 @@ static void __devinit set_cpuidmask(cons
if (status == set_mask)
goto setmask;
- ASSERT((status == not_parsed) && (smp_processor_id() == 0));
+ ASSERT((status == not_parsed) && (c == &boot_cpu_data));
status = no_mask;
/* Fam11 doesn't support masking at all. */
@@ -112,11 +124,16 @@ static void __devinit set_cpuidmask(cons
return;
if (~(opt_cpuid_mask_ecx & opt_cpuid_mask_edx &
- opt_cpuid_mask_ext_ecx & opt_cpuid_mask_ext_edx)) {
+ opt_cpuid_mask_ext_ecx & opt_cpuid_mask_ext_edx &
+ opt_cpuid_mask_l7s0_eax & opt_cpuid_mask_l7s0_ebx &
+ opt_cpuid_mask_thermal_ecx)) {
feat_ecx = opt_cpuid_mask_ecx;
feat_edx = opt_cpuid_mask_edx;
extfeat_ecx = opt_cpuid_mask_ext_ecx;
extfeat_edx = opt_cpuid_mask_ext_edx;
+ l7s0_eax = opt_cpuid_mask_l7s0_eax;
+ l7s0_ebx = opt_cpuid_mask_l7s0_ebx;
+ thermal_ecx = opt_cpuid_mask_thermal_ecx;
} else if (*opt_famrev == '\0') {
return;
} else if (!strcmp(opt_famrev, "fam_0f_rev_c")) {
@@ -179,11 +196,39 @@ static void __devinit set_cpuidmask(cons
printk("Writing CPUID extended feature mask ECX:EDX -> %08Xh:%08Xh\n",
extfeat_ecx, extfeat_edx);
+ if (c->cpuid_level >= 7)
+ cpuid_count(7, 0, &eax, &ebx, &ecx, &edx);
+ else
+ ebx = eax = 0;
+ if ((eax | ebx) && ~(l7s0_eax & l7s0_ebx)) {
+ if (l7s0_eax > eax)
+ l7s0_eax = eax;
+ l7s0_ebx &= ebx;
+ printk("Writing CPUID leaf 7 subleaf 0 feature mask EAX:EBX -> %08Xh:%08Xh\n",
+ l7s0_eax, l7s0_ebx);
+ } else
+ skip_l7s0_eax_ebx = 1;
+
+ /* Only Fam15 has the respective MSR. */
+ ecx = c->x86 == 0x15 && c->cpuid_level >= 6 ? cpuid_ecx(6) : 0;
+ if (ecx && ~thermal_ecx) {
+ thermal_ecx &= ecx;
+ printk("Writing CPUID thermal/power feature mask ECX -> %08Xh\n",
+ thermal_ecx);
+ } else
+ skip_thermal_ecx = 1;
+
setmask:
/* AMD processors prior to family 10h required a 32-bit password */
if (c->x86 >= 0x10) {
wrmsr(MSR_K8_FEATURE_MASK, feat_edx, feat_ecx);
wrmsr(MSR_K8_EXT_FEATURE_MASK, extfeat_edx, extfeat_ecx);
+ if (!skip_l7s0_eax_ebx)
+ wrmsr(MSR_AMD_L7S0_FEATURE_MASK, l7s0_ebx, l7s0_eax);
+ if (!skip_thermal_ecx) {
+ rdmsr(MSR_AMD_THRM_FEATURE_MASK, eax, edx);
+ wrmsr(MSR_AMD_THRM_FEATURE_MASK, thermal_ecx, edx);
+ }
} else {
wrmsr_amd(MSR_K8_FEATURE_MASK, feat_edx, feat_ecx);
wrmsr_amd(MSR_K8_EXT_FEATURE_MASK, extfeat_edx, extfeat_ecx);
--- a/xen/include/asm-x86/msr-index.h
+++ b/xen/include/asm-x86/msr-index.h
@@ -204,6 +204,8 @@
#define MSR_AMD_FAM15H_EVNTSEL5 0xc001020a
#define MSR_AMD_FAM15H_PERFCTR5 0xc001020b
+#define MSR_AMD_L7S0_FEATURE_MASK 0xc0011002
+#define MSR_AMD_THRM_FEATURE_MASK 0xc0011003
#define MSR_K8_FEATURE_MASK 0xc0011004
#define MSR_K8_EXT_FEATURE_MASK 0xc0011005
++++++ 534bbd90-x86-nested-HAP-don-t-BUG-on-legitimate-error.patch ++++++
# Commit 1ca73aaf51eba14256794bf045c2eb01e88e1324
# Date 2014-04-14 12:50:56 +0200
# Author Jan Beulich