Port to 4.3.x Notes
Patches breaking Open-Source Xen
xc-parse-video-from-mbi seems to be the only patch breaking an open-source setup of Xen (tested with a Linux wheezy testing distribution and a custom Linux kernel 3.8.13.7).
Backports
bp-intel-opregion
Support Intel opregion in hvmloader (the actual mapping is done in ioemu) (rev hg:3c864e04c2ad)
- acpi-nvs-opregion
- hvmloader-intel-opregion
bp-seabios-support
Support for SeaBIOS instead of rombios in hvmloader. Will be upstreamed with 4.2, there's a tone of patches for that ... /!\ Our backport (actually the initial thing) included xengfx specific modifications.
- seabios-support.
bp-xenstore-path-is-subpath
This utility function compares two paths, textually and reports whether one is a subpath (a child path) of the other. (xenbits.xen.org/xen.git: 3607a75236b37abe350bf52f4700355be963a60d)
- xenstore-add-xs-path-is-subpath
bp-xenstore-unwatch-fix
Filter watch events in libxenstore when we unwatch (xenbits.xen.org/xen.git: b6372f16d3f1cf48cd2ff21ab4bdc25cc05d69fd)
- xenstore-fix-unwatch
bp-track-dirty-vram-xsm-check
xsm/flask: Fix XSM support for HVMOP_track_dirty_vram
XSA
bp-legacy-bridges-int-remap-validation
VT-d: Fix interrupt remapping source validation for devices behind legacy bridges. Using SVT_VERIFY_BUS here doesn't make sense; native Linux also uses SVT_VERIFY_SID_SQ. This is XSA-33.
bp-fix-sysenter-vulnerability
x86: clear EFLAGS.NT in SYSENTER entry path. This is XSA-44
bp-fix-irq-access-permission
x86: fix various issues with handling guest IRQs. This is XSA-46
bp-defer-evtchn-pointer-store
defer event channel bucket pointer store until after XSM checks. This is XSA-47
bp-*-preemptible
Make several long latency operations preemptible. This is XSA-45
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=7a93b9a11c99a88f293c3e1e3a79914b6d13b3aa
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=06a68a09df243b175d1737a95df2e6f153cbae42
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=210e61b80c29ef824f5fdc5946d6d876b8875fe3
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=c6fad967aabeb98da8307e59f73474b23b42f0d1
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=02615aaefd5c6c5856b4f81799bb6ec1ca0d89d0
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=09f9f72fa3dc2e239359741596fa349d8461cb50
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=8eb2e89bfad8d55d0ca770e2a0988c945b318e03
bp-dont-permit-svt-no-verify
Fix VT-d interrupt remapping source validation issue. This is XSA-49
bp-fix-rcu-domain-locking
Fix rcu domain locking for transitive grants. This is XSA-50.
bp-fix-information-leak-on-amd-cpus
Fix information leak on AMD CPUs. This is XSA-52.
bp-recover-from-faults-on-xrstor
Recover from faults on XRSTOR. This is XSA-53.
bp-properly-check-guest-input-to-xsetbv
Properly check guest input to XSETBV. This is XSA-54.
bp-libelf-* and bp-libxc-*
Fix multiple vulnerabilities in libelf PV kernel handling. This is XSA-55.
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=64a0206c451920b72a9c5721a6f2427baf99e3dd
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=bbf40e6b6d47809f4289a866d7d167c25104ecc0
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=f7fb94409c562beec06094141ef262dc85f28dac
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=e719b136b750e5eee87c4647d1846e4e1e70eac0
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=4d3339de1fe3cbf7b05487fdb6cadd7267950948
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=de49d6e83c3a8c753646b007972140ddbb746ba8
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=4e46085972d2367dff2345a73361c1c17b47ce73
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=8ce60b35beaac91a97b79c004ca6bf5d58e7390b
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=39923542bb43e67776c4e8292d4a5a1adef2bd3b
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=9962d7ffcce97ec2d69a15ef861996b1ead33694
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=44c74b1ed31c75ed9026abf62ab7427a46d8027a
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=bd3dba9f435fa59f305407f7d9b34e1e164ddd98
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=86e39ce58e91fe55d4fdbc914cb1955c45acc20e
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=282188ea84b9e0f9c4865f0609e7740f2f28e7b0
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=968c0399159c65e24bb8b9969259e18791e1f4d8
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=4a3a60d8caee49af6951a672c55b08436a8d1f86
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=40b76f1fb04af421c1415f7bcb168dfaa6960d0d
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=117a538dbef62f8d39159dea652e633e01b50a9a
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=a2986a7959919bc748784bb75970bfbd42697d3b
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=6eca85d5c144ee8c899ee3cf8791f9087b15f2e8
- http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=ac63ddd70a5ccf5ebf790f06ea4cd4ed794c3978
bp-x86-fix-refcount-handling
Page reference counting error due to XSA-45/CVE-2013-1918 fixes. This is XSA-58.
Bug fixes
bf-libxenstore-static-race
When built statically, libxenstore does not use libpthread and therefor changes its mechanics to communicate with xenstored. Currently, xs_talkv expects any request made to xenstored to be processed and answered synchronously, while watch events could be queued in the fd for some time, putting xenstored's answer after them. read_reply would then fail with EINVAL, propagating the false error.
- Not upstream yet
HVM support
vgabios-edid-support
(int10, ax=0x15) get capabilities (bx=0), get EDID modes (bx=1).
- vga-edid
vgabios-vbe-extension
Addition of VBE modes. Also align the stride for BytesPerScanLine.
- vbe-new-res
- vbe-add-odd-video-modes
- vbe-stride-alignement-from-qemu
- vbe-only-32bpp-and-16bpp
vgabios-spinlock-and-shadow
SpinlockWindows does not serialize the access to int 0x10 which forces us to use a spinlock to serialize it. To do that the 0x3800 IO Port is register in Qemu to serve as an atomic counter, in the spirit of what comes next.ShadowVGA BIOS uses the BDA to store values, but this area gets overwritten (IVT getting called and, after the kernel loads and switches to protected-mode, the memory there get re-used). This used to be shadowed by being put in the EBDA, which basically moved the problem (SMM still access EBDA when in protected mode and memory can get re-used). To still have those values accessible in the guest, there's a patch in qemu to register the IO Ports 0x3800->0x383f (EISA slot 3) to shadow them. So this patch adds the logic to actually shadow those value from the VGA BIOS. Rhe patch in Qemu is vbestate.
- vga-spinlock-and-shadow.
vgabios-mod3-table
Initialize shadow port values for mode3 reset. The switch to vga text mode 3 is now done in the new xengfx driver without using int10 calls but rather configuring vga directly.
- vga-mode3-table.
vgabios-vbe-xenvesa
Initialize shadow port values for XenVESA and EDID/mode list segments. Depends on vgabios-spinlock-and-shadow for the shadowing.
- vbe-xenvesa-table (seems to be discuted around XC-3779)
vgabios-restrict-32b-modes
Check for 32bpp mode only flag in DISPI API before returning VBE information table.
- vga-restrict-modes
hvmloader-smbios
Add SMBIOS headers and hvm_sminfo_table declaration, also deals with battery pass-through.
- smbios
- xen-smbios-table
- smbios-battery-pt.
hvmloader-slic
Pass the SLIC to guests (Windows authentication?).
- acpi-slic.
hvmloader-mtrr-changes
Change cache policy for 0xa000-0xbfff (remove WC flag).
- mtrr-changes.
hvmloader-pxerom-optimize
Patch hvmloader to load the PXE ROM only when network boot flags is read from the CMOS.
- hvmloader-only-load-pxerom-if-selected-in-bootorder.
hvmloader-overwrite-bios-copyrights
Read a value 'oem-installation-manufacturer' in xenstore and modify Seabios to overwrite the copyright string in the BIOS (support for WinXP OEM installations).
- oem-install-bios-string.
(General/Graphic) pass-through
gpt-iommu-mapping
Add hypercalls for iommu mapping (iommu_map_batch, iommu_x_mapping).
- iommu-extra-mappings.
gpt-vgabios-native
Load and pass to the guest the toolstack domain's VGA bios (read at 0xC000).
- pt-load-vga-bios
- init-vgabios-and-set-size
- dummy-platform-vbios
- video-memory-workaround
- video-memory-workaround.
gpt-nvidia
Loads the standard vgabios if a nVidia is passed-through.
- hvmload-nvidia-gpu
gpt-filter-igd-io
Convert IOs that setup the GTT to MMIOs for performances.
- filter-igfx-io
gpt-igd-hp-resume-workaround
Save/restore BARs content during suspend/resume (Intel/HP broken firmware specific workaround, also we do that for every Intel Graphic Device)
- hp-host-resume-workaround.
gpt-superblanker
Add the 0xfd000000 "secret framebuffer", from hvmloader in the e820, used to relocate the HDX guest framebuffer while switched away.
- superblanker-fb.
gpt-cantiga-b3-errata
Implements Cantiga B3 VT-d Errata.
- cantiga-b3-errata.
gpt-gpu-reset
Implement FLR, with specific quirks and SBR for external PCI(e) cards.
- reset-gpu-when-reassigning-device-ownership
- sandybridge-flr
- gpu-reset-cleanup
- nvidia-secondary-bus-reset
- vtd-iotlb-domain-flush-on-reassign
ACPI emulation/pass-through
Tools for ACPI
acpi-acpica
Add acpica to the build system. Later ACPI patches require it to generate ACPI tables (dsdt, ssdt, ...)
- power-management-enhancement (partial)
acpi-hvmloader-pm
Lid, power/sleep button, second battery definitions and Methods in DSDT.
- power-management-enhancement (partial), hvmloader-set-acpi-shutdown-codes, acpi-reset-reg.
acpi-hvmloader-bcl-hack
Modify the DSDT in hvmloader to change information about brigthness control we're giving to the guest so it actually traps in qemu that THEN does the real brightness setting.
- update-dsdt-bcl-count.
acpi-hvmloader-bcl
Expose backlight control methods in guest's DSDT.
- inject-brightness-control-sci, guest-os-controlled-brightness-support.
acpi-hvmloader-tm
Expose thermal zones in guest's DSDT.
- thermal-management (partial).
OEM specific features
acpi-hvmloader-oem
OEM ACPI features.
- oem-features, oem-features-version2.
acpi-xenpmd-oem
Add macro for /oem/event in xenstore.
- oem-features, oem-features-version2.
acpi-applesmc
Add SMC ACPI in the ACPI DSDT for hvmloader.
- applesmc-acpi
acpi-waet
Implement Windows ACPI Emulated Devices Table (WAET), with some info in it.
- acpi-waet
Misc
acpi-no-pci-hotplug
Remove pci hotplug from ACPI DSDT tables (_EJ0).
- no-pci-hotplug.
acpi-power-button-and-s3
Set WAK_STS bit in acpi pm1a_sts register when resuming a domain (XC-5153).
- set-acpi-status-regs-on-domain-resume.
XenClient specific
xc-v4v
V4V, domain to domain communication protocol, through __HYPERVISOR_v4v_op hypercall (V4V, V4V_Hypervisor_API).
- v4v-*.
xc-v4v-viptables
V4V implementation of viptables to filter traffic.
- v4v_viptables
xc-ioreq-multiple
Ioreq server implementation. Trap hvm accesses to IO ports/MMIOs and send an event to a backend for processing.
- hvm-ioreq-multiple.
xc-interrupt-debug-info
Dumps LAPICs and IOAPICs status of HVM domains in key-handle 'i' ("dump interrupt bindings").
- fix-irq-debug-key, dump-lapic
xc-serial-card
Auto-configuration of PCI/PCMCIA serial card.
- serial-card.
xc-cpuid
Make cpuid ours: Hide core/HT topology, make vcpu appear as multicores, leave FEATURE_MWAIT, put our signature.
- revert-xen-3.4-18560
- hvm-cpuid-multicore
- addback-mwait-cstate
- xci-cpuid-signature
xc-hvm-info
Primitive tool for our toolstack to report VTd/VTx handling.
- tools-hvm-info.
xc-xenconsoled-syslog
An ugly way to make xenconsoled log into syslog.
- xenconsoled-syslog
- fix-xenconsoled-syslog.
xc-txt-shutdown-acpi-access-width
Fixes incorrect ACPI tables on some Dell platforms (980) that corrupt power operations with TXT enabled.
- txt-shutdown-acpi-access-width.
xc-parse-video-from-mbi
Read the VBE from Multiboot information table given by the bootloader.
- parse-video-from-mbi.
xc-isa-irq-guest-binding
Add ISA IRQ binding capability for guests.
- isa-irq-guest-binding.
xc-elf64-header
Fix ELF64 headers in Xen and in the toolstack.
- xen-elf64_header.
xc-disable-x2apic
Disable x2apic ...
- disable-x2apic.
xc-shared-info
Add a way for XENMAPSPACE_shared_info hypercall to unmap the shared info page (used before going S4).
- xenmapspace-unmap-shared-info
xc-ept-respect-cacheattr-pin
Ignore PAT memory type for cache-pinned pages.
- ept-respect-cacheattr-pin
xc-get-time
Add HVMOP_get_time handler to xenctrl library.
- add_hvmop_get_time_to_xc_tools.
xc-vtpm
VTPM support, hacks into the build system to build.
- vtpm-support
- vtpm-manager-patch
- xen-hotplug-patch.
xc-tboot-shutdown-disable-irqs
tboot_shutdown is disabling interrupts a bit early.
- tboot-shutdown-disable-irqs.
Hypercalls
xc-set-servicevm
Add set_xcisrv hypercall for dom0 to declare a VM as service VM (restricted priviledges).
- xci-domctl-set-servicevm.
xc-xen-translate
Implement translation of a list of gpfn to a list of mfn in new hypercalls: XENMEM_translate_gpfn_list & XENMEM_release_mfn_list. Typically used to get framebuffer's mfns of the gpfns we receive from the graphic emulation (ioemu/xengfx).
- xen_translate.
xc-foreign-batch-cacheattr
Implement xc_map_foreign_batch_cacheattr to map other guest's memory with given cache attribute. We use it to map guest vram with specific cache attributes.
- uncached-foreign-mapping.
xc-memory-mapping-batch
Add an hypercall to map a list of gfns to a list of mfns, with IO permission (XEN_DOMCTL_memory_mapping, with specified list of mfns to map to and no assumption they are contiguous). Remove command use the gfns with the p2m to find the proper mfns.
- XEN_DOMCTL_memory_mapping_batch.
xc-unpin-cacheattr
Add hypercall XEN_DOMCTL_unpin_cacheattr that removes a range with given attribute from the range list.
- hvm-unset-mem-pinned-cachetattr, xc_domain_unpin_memory_cacheattr.
xc-aperture-map
Add an hypercall to map guest pages within an aperture in its own address space (modifying the p2m).
- aperture-map-domctl.
That might be done otherwise or avoided
relax-pv-l1e-cache-check
Relax l1e cache checking for pv guests.
- hvm_get_mem_pinned_cacheattr_always.
xc-vcpu-get-time
Add VCPUOP_get_time to make NOW() macro available in PV guests.
- vcpu_op_hcall_get_time.
Could be calculated from inside the guest using pv timers
xc-iommu-flush-on-unmap
Add an IOMMU global context flush at the end of the device assignation to a domain.
- iommu-add-flush-on-unmap
Not sure why this is necessary
xc-evtchn-no-pending-when-s3
Avoid setting the flag for pending event-channel if the guest is in s3.
- evtchn-do-not-set-pending-if-s3.
xc-shadow-op-blow-tables
Add an hypercall to blow shadow tables of a domain (unpining them before if necessary).
- shadow-op-blow-tables
- xc_shadow_blow_tables.
xc-keep-bus-mastering-after-iommu-fault
Do not disable Bus Mastering after an IOMMU fault, which is the case upstream (we have some when switching out of a PVM).
- keep-bus-mastering-after-iommu-fault
Would be better not to fault in the first place.