- 13 Jul, 2022 40 commits
-
-
Hans van Kranenburg authored
[git-debrebase pseudomerge: quick]
-
We can be more tolerant as long as the data collected from FACS is only needed to enter S3. A prior change already added suitable checking to acpi_enter_sleep(). Signed-off-by:
Jan Beulich <jbeulich@suse.com> Acked-by:
Roger Pau Monné <roger.pau@citrix.com> (cherry picked from commit 16ca5b3f)
-
Use of __acpi_map_table() here was at least close to an abuse already before, but it will now consistently return NULL here. Drop the layering violation and use set_fixmap() directly. Re-use of the ACPI fixmap area is hopefully going to remain "fine" for the time being. Add checks to acpi_enter_sleep(): The vector now needs to be contained within a single page, but the ACPI spec requires 64-byte alignment of FACS anyway. Also bail if no wakeup vector was determined in the first place, in part as preparation for a subsequent relaxation change. Fixes: 1c4aa69c ("xen/acpi: Rework acpi_os_map_memory() and acpi_os_unmap_memory()") Signed-off-by:
-
Use of __acpi_map_table() is kind of an abuse here, and doesn't work anymore for the majority of cases if any of the tables lives outside the low first Mb. Keep this (ab)use only prior to reaching SYS_STATE_boot, primarily to avoid needing to audit whether any of the calls here can happen this early in the first place; quite likely this isn't necessary at all - at least dmi_scan_machine() gets called late enough. For the "normal" case, call __vmap() directly, despite effectively duplicating acpi_os_map_memory(). There's one difference though: We shouldn't need to establish UC- mappings, WP or r/o WB mappings ought to be fine, as the tables are going to live in either RAM or ROM. Short of having PAGE_HYPERVISOR_WP and wanting to map the tables r/o anyway, use the latter of the two options. The r/o mapping implies some constification of code elsewhere in the file. For code touched anyway also switch to void (where possible) or uint8_t. Fixes: 1c4aa69c ("xen/acpi: Rework acpi_os_map_memory() and acpi_os_unmap_memory()") Signed-off-by:
-
acpi_fadt_parse_sleep_info() runs when the system is already in SYS_STATE_boot. Hence its direct call to __acpi_map_table() won't work anymore. This call should probably have been replaced long ago already, as the layering violation hasn't been necessary for quite some time. Fixes: 1c4aa69c ("xen/acpi: Rework acpi_os_map_memory() and acpi_os_unmap_memory()") Signed-off-by:
-
Use the solution described in [1] to replace the call to the 'date' command with a version that uses SOURCE_DATE_EPOCH if available. This is needed for reproducible builds. [1] https://reproducible-builds.org/docs/source-date-epoch/ Signed-off-by:
Maximilian Engelhardt <maxi@daemonizer.de>
[Hans van Kranenburg]
Note: this patch is submitted upstream but not committed yet. We
expect that it gets in. Otherwise, we don't wait and already have it
here because I want to have the reproducible build work completed. -
When the seq number is equal, sort by the title to get predictable output ordering. This is useful for reproducible builds. Signed-off-by:
Maximilian Engelhardt <maxi@daemonizer.de>
Acked-by: Andrew Cooper <andrew.cooper3@citrix.com> (cherry picked from commit e18dadc5)
-
By default a timestamp gets added to the xen efi binary. Unfortunately ld doesn't seem to provide a way to set a custom date, like from SOURCE_DATE_EPOCH, so set a zero value for the timestamp (option --no-insert-timestamp) if SOURCE_DATE_EPOCH is defined. This makes reproducible builds possible. This is an alternative to the patch suggested in [1]. This patch only omits the timestamp when SOURCE_DATE_EPOCH is defined. [1] https://lists.xenproject.org/archives/html/xen-devel/2020-10/msg02161.html Signed-off-by:
Maximilian Engelhardt <maxi@daemonizer.de>
Acked-by: -
This is for improving reproducible builds. Signed-off-by:
Frédéric Pierret (fepitre) <frederic.pierret@qubes-os.org>
Acked-by: -
Only spelling errors; no functional changes. In docs/misc/dump-core-format.txt there are a few more instances of 'informations'. I'll leave that up to someone who can properly determine how those sentences should be constructed. Signed-off-by:
Diederik de Haas <didi.debian@cknow.org> Reviewed-by:
Stefano Stabellini <sstabellini@kernel.org> Acked-by:
-
Even if debug trap are only meant for debugging purpose, it is quite harsh to crash Xen if one of the trap sent by the guest is not handled. So switch from a panic() to a printk(). Signed-off-by:
Julien Grall <jgrall@amazon.com> Reviewed-by:
-
Imported from Linux commit b6cfb277378ef831c0fa84bcff5049307294adc6: The BAD_MADT_ENTRY() macro is designed to work for all of the subtables of the MADT. In the ACPI 5.1 version of the spec, the struct for the GICC subtable (struct acpi_madt_generic_interrupt) is 76 bytes long; in ACPI 6.0, the struct is 80 bytes long. But, there is only one definition in ACPICA for this struct -- and that is the 6.0 version. Hence, when BAD_MADT_ENTRY() compares the struct size to the length in the GICC subtable, it fails if 5.1 structs are in use, and there are systems in the wild that have them. This patch adds the BAD_MADT_GICC_ENTRY() that checks the GICC subtable only, accounting for the difference in specification versions that are possible. The BAD_MADT_ENTRY() will continue to work as is for all other MADT subtables. This code is being added to an arm64 header file since that is currently the only architecture using the GICC subtable of the MADT. As a GIC is specific to ARM, it is also unlikely the subtable will be used elsewhere. Fixes: aeb823bbacc2 ("ACPICA: ACPI 6.0: Add changes for FADT table.") Signed-off-by:Al Stone <al.stone@linaro.org> Acked-by:
Will Deacon <will.deacon@arm.com> Acked-by:
"Rafael J. Wysocki" <rjw@rjwysocki.net> [catalin.marinas@arm.com: extra brackets around macro arguments] Signed-off-by:
Catalin Marinas <catalin.marinas@arm.com> Signed-off-by:
Julien Grall <julien.grall@arm.com> Signed-off-by:
Andre Przywara <andre.przywara@arm.com> Signed-off-by:
Elliott Mitchell <ehem+xen@m5p.com> (cherry picked from commit 7056f2f8)
-
Since commit 6e3e7712 "xen/arm: setup: Relocate the Device-Tree later on in the boot", the device-tree will not be kept mapped when using ACPI. However, a few places are calling dt_unreserved_regions() which expects a valid DT. This will lead to a crash. As the DT should not be used for ACPI (other than for detecting the modules), a new function fw_unreserved_regions() is introduced. It will behave the same way on DT system. On ACPI system, it will unreserve the whole region. Take the opportunity to clarify that bootinfo.reserved_mem is only used when booting using Device-Tree. Signed-off-by:
-
Dom0less requires a device-tree. However, since commit 6e3e7712 "xen/arm: setup: Relocate the Device-Tree later on in the boot", the device-tree will not get unflatten when using ACPI. This will lead to a crash during boot. Given the complexity to setup dom0less with ACPI (for instance how to assign device?), we should skip any code related to Dom0less when using ACPI. Signed-off-by:
Rahul Singh <rahul.singh@arm.com> Reviewed-by:
-
Commit 022387ee "xen/arm: mm: Don't open-code Xen PT update in {set, clear}_fixmap()" enforced that each set_fixmap() should be paired with a clear_fixmap(). Any failure to follow the model would result to a platform crash. Unfortunately, the use of fixmap in the ACPI code was overlooked as it is calling set_fixmap() but not clear_fixmap(). The function __acpi_os_map_table() is reworked so: - We know before the mapping whether the fixmap region is big enough for the mapping. - It will fail if the fixmap is already in use. This is not a change of behavior but clarifying the current expectation to avoid hitting a BUG(). The function __acpi_os_unmap_table() will now call clear_fixmap(). Reported-by:
Wei Xu <xuwei5@hisilicon.com> Signed-off-by:
-
The functions acpi_os_{un,}map_memory() are meant to be arch-agnostic while the __acpi_os_{un,}map_memory() are meant to be arch-specific. Currently, the former are still containing x86 specific code. To avoid this rather strange split, the generic helpers are reworked so they are arch-agnostic. This requires the introduction of a new helper __acpi_os_unmap_memory() that will undo any mapping done by __acpi_os_map_memory(). Currently, the arch-helper for unmap is basically a no-op so it only returns whether the mapping was arch specific. But this will change in the future. Note that the x86 version of acpi_os_map_memory() was already able to able the 1MB region. Hence why there is no addition of new code. Signed-off-by: -
Absence of a SPCR table likely means the console is a framebuffer. In such case acpi_iomem_deny_access() should NOT fail. Signed-off-by:
-
Unexpectedly the environment variable which needs to be passed is $LDSHARED and not $LD. Otherwise Python may find the build `ld` instead of the host `ld`. Replace $(LDFLAGS) with $(SHLIB_LDFLAGS) as Python needs shared objects it can load at runtime, not executables. This uses $(CC) instead of $(LD) since Python distutils appends $CFLAGS to $LDFLAGS which breaks many linkers. Signed-off-by:
Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> (cherry picked from commit 17d192e0) [ Hans van Kranenburg ] Fixed cherry-pick conflict because we have LIBEXEC_LIB=$(LIBEXEC_LIB) in between in the same lines. The line wrap mess makes it a bit hard to follow.
-
The preferred method to reboot RPi4 is PSCI. If it is not available, touching the watchdog is required to be able to reboot the board. The implementation is based on drivers/watchdog/bcm2835_wdt.c:__bcm2835_restart in Linux v5.9-rc7. Signed-off-by:
Stefano Stabellini <stefano.stabellini@xilinx.com> Acked-by:
Bertrand Marquis <bertrand.marquis@arm.com> Tested-by:
Roman Shaposhnik <roman@zededa.com> CC: roman@zededa.com (cherry picked from commit 25849c8b)
-
Hans van Kranenburg authored
A return statement without explicit value will return the value of the last command executed before this line with return was encountered. This is not what we want. return 0. Closes: #955994 Fixes: 2e0814f9 ("vif-common: disable handle_iptable") Reported-by:
Samuel Thibault <sthibault@debian.org> Signed-off-by:
Hans van Kranenburg <hans@knorrie.org>
-
This partially reverts commit 16504669. Doesn't look like much of 16504669 actually remains due to passage of time. Of the 3, both Python and pygrub appear to mostly be building just fine cross-compiling. The OCAML portion is being troublesome, this is going to cause bug reports elsewhere soon. The OCAML portion though can already be disabled by setting OCAML_TOOLS=n and shouldn't have this extra form of disabling. Signed-off-by:
Christian Lindig <christian.lindig@citrix.com> Acked-by:
Wei Liu <wl@xen.org> (cherry picked from commit 69953e28)
-
Hans van Kranenburg authored
It can't run with Python 3, and I'm not going to fix it. Signed-off-by: -
Hans van Kranenburg authored
We have the `xen` alias for xl in Debian, since in the past it was a command that could execute either xl or xm. Now, it always does xl, so, complete the same stuff for it as we have for xl. Signed-off-by: -
If LIBEXEC_LIB is not on the default linker search path, the python fsimage.so module fails to find libfsimage.so. Add the relevant directory to the rpath explicitly. (This situation occurs in the Debian package, where --with-libexec-libdir is used to put each Xen version's libraries and utilities in their own directory, to allow them to be coinstalled.) Signed-off-by:
Ian Jackson <ian.jackson@citrix.com> -
We install libfsimage in a non-standard path for Reasons. (See debian/rules.) This patch was originally part of `tools-pygrub-prefix.diff' (eg commit 51657319 ) and included changes to the Makefile to change the installation arrangements (we do that part in the rules now since that is a lot less prone to conflicts when we update) and to shared library rpath (which is now done in a separate patch). (Commit message rewritten by Ian Jackson.) Signed-off-by:
Ian Jackson <ian.jackson@citrix.com>
squash! pygrub: Set sys.path and rpath -
This is in the upstream script because on non-Debian systems, the default install locations in /usr/local/lib might not be on the linker path, and as a result the hotplug scripts would break. A reason we might need it in Debian is our multiple version coinstallation scheme. However, the hotplug scripts all call the utilities via the wrappers, and the binaries are configured to load from the right place anyway. This setting is an annoyance because it requires libdir, which is an arch-specific path but comes from a file we want to put in xen-utils-common, an arch:all package. So drop this setting. Signed-off-by:Ian Jackson <ian.jackson@citrix.com> -
Hans van Kranenburg authored
Strip all options that are for stuff we don't ship, which is 1) xenstored as stubdom and 2) xenbackendd, which seems to be dead code anyway. [1] It seems useful to give the user the option to revert to xenstored instead of the default oxenstored if they really want. [1] https://lists.xen.org/archives/html/xen-devel/2015-07/msg04427.html Signed-off-by:
Ian Jackson <ijackson@chiark.greenend.org.uk> -
Hans van Kranenburg authored
Also see Debian bug #894013. The current attempt at providing anti-spoofing rules results in a situation that does not have any effect. Also note that forwarding bridged traffic to iptables is not enabled by default, and that for openvswitch users it does not make any sense. So, stop cluttering the live iptables ruleset. This functionality seems to be introduced before 2004 and since then it has never got some additional love. It would be nice to have a proper discussion upstream about how Xen could provide some anti mac/ip spoofing in the dom0. It does not seem to be a trivial thing to do, since it requires having quite some knowledge about what the domU is allowed to do or not (e.g. a domU can be a router...).
-
Hans van Kranenburg authored
Instead of: (XEN) Xen version 4.11.1 (Debian ) (@) (gcc (Debian 8.2.0-13) 8.2.0) debug=n Thu Jan 3 19:08:37 UTC 2019 I'd like to see: (XEN) Xen version 4.11.1 (Debian 4.11.1-1~) (pkg-xen-devel@lists.alioth.debian.org) (gcc (Debian 8.2.0-13) 8.2.0) debug=n Thu Jan 3 22:44:00 CET 2019 The substitution was broken since the great packaging refactoring, because the directory in which the build is done changed. Also, use the Maintainer address from debian/control instead of the most recent changelog entry. If someone wants to use the address to ask a question, they will end up at the team mailing list, which is better than an individual person. -
This manpage was omitted from docs/man: Provide properly-formatted NAME sections because I was previously building with markdown not installed. Signed-off-by:Ian Jackson <ian.jackson@citrix.com> -
When building on a 32-bit userland, the user wants to build 32-bit tools and a 64-bit hypervisor. This involves setting XEN_TARGET_ARCH to different values for the tools build and the hypervisor build. So the user must invoke the tools build and the hypervisor build separately. However, although the shim is done by the tools/firmware Makefile, its bitness needs to be the same as the hypervisor, not the same as the tools. When run with XEN_TARGET_ARCH=x86_32, it it skipped, which is wrong. So the user must invoke the shim build separately. This can be done with make -C tools/firmware/xen-dir XEN_TARGET_ARCH=x86_64 However, tools/firmware/xen-dir has no `install' target. The installation of all `firmware' is done in tools/firmware/Makefile. It might be possible to fix this, but it is not trivial. For example, the definitions of INST_DIR and DEBG_DIR would need to be copied, as would an appropriate $(INSTALL_DIR) call. For now, provide an `install-shim' target in tools/firmware/Makefile. This has to be called from `install' of course. We can't make it a dependency of `install' because it might be run before `all' has completed. We could make it depend on a `shim' target but such a target is nearly impossible to write because everything is done by the inflexible subdir-$@ machinery. The overally result of this patch is that existing make invocations work as before. But additionally, the user can say make -C tools/firmware install-shim XEN_TARGET_ARCH=x86_64 to install the shim. The user must have built it already. Unlike the build rune, this install-rune is properly conditional so it is OK to call on ARM. What a mess. Signed-off-by:Ian Jackson <ijackson@chiark.greenend.org.uk> -
Previously this was *dis*abled for x86_*32*. But if someone should run some of this Makefile on ARM, say, it ought not to be built either. Signed-off-by:Ian Jackson <ijackson@chiark.greenend.org.uk> -
This makes it easier to disable the shim build. (In Debian we need to build the shim separately because it needs different compiler flags and a different XEN_COMPILE_ARCH. Signed-off-by:Ian Jackson <ijackson@chiark.greenend.org.uk> -
Hans van Kranenburg authored
This reverts commit 8845155c. This upstream change changes stuff that breaks our very fragile mess that builds the shim when it needs to, and doesn't when it should not. The result is that it's missing in the end for the i386 build... :| dh_install: warning: Cannot find (any matches for) "usr/lib/debug/usr/lib/xen-*/boot/*" (tried in ., debian/tmp) dh_install: warning: xen-utils-4.14 missing files: usr/lib/debug/usr/lib/xen-*/boot/* dh_install: error: missing files, aborting
-
Signed-off-by:Ian Jackson <ian.jackson@citrix.com> -
This is going to be used to put libfsimage.so into a path containing the multiarch triplet. Signed-off-by:Ian Jackson <ian.jackson@citrix.com> -
Hans van Kranenburg authored
\o/
-
Signed-off-by:Ian Jackson <ian.jackson@citrix.com> -
The current build fails with GCC6 on Debian sid i386 (unstable): /tmp/ccqjaueF.s: Assembler messages: /tmp/ccqjaueF.s:3713: Error: missing or invalid displacement expression `vmovd_to_reg_len@GOT' This is due to the combination of GCC6, and Debian's decision to enable some hardening flags by default (to try to make runtime addresses less predictable): https://wiki.debian.org/Hardening/PIEByDefaultTransition This is of no benefit for the x86 instruction emulator test, which is a rebuild of the emulator code for testing purposes only. So pass options to disable this. These options will be no-ops if they are the same as the compiler default. On amd64, the -fno-pic breaks the build in a different way. So do this only on i386. Signed-off-by:
Ian Jackson <ian.jackson@citrix.com>
CC: Jan Beulich <jbeulich@suse.com>
CC: Andrew Cooper <andrew.cooper3@citrix.com>
Gbp-Pq: Topic misc
Gbp-Pq: Name toolstestsx86_emulator-pass--no-pie--fno.patch -
Patch-Name: tools-pygrub-remove-static-solaris-support Gbp-Pq: Topic misc Gbp-Pq: Name tools-pygrub-remove-static-solaris-support
-
