From: George Dunlap Date: Thu, 12 Mar 2015 16:35:00 +0000 (+0000) Subject: Import XSA-119 X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=b34330af98a79f836ca52f06191f747ce261087b;p=people%2Faperard%2Fcentos-package-xen.git Import XSA-119 Signed-off-by: George Dunlap --- diff --git a/SOURCES/xen-queue.am b/SOURCES/xen-queue.am index 9519284..78db6db 100644 --- a/SOURCES/xen-queue.am +++ b/SOURCES/xen-queue.am @@ -2128,7 +2128,108 @@ index 3289604..eb7e498 100644 1.9.1 -From 791bbcd729d51ca87da917eb21033a5122046bec Mon Sep 17 00:00:00 2001 +From e731744d0a118a28c9667440a2b841f1a43a5e69 Mon Sep 17 00:00:00 2001 +From: Ian Campbell +Date: Fri, 20 Feb 2015 14:41:09 +0000 +Subject: [PATCH] From f433bfafbaf7d8a41c4c27aa3e8e78b1ab900b69 Mon Sep 17 + 00:00:00 2001 Subject: [PATCH] tools: libxl: Explicitly disable graphics + backends on qemu cmdline + +By default qemu will try to create some sort of backend for the +emulated VGA device, either SDL or VNC. + +However when the user specifies sdl=0 and vnc=0 in their configuration +libxl was not explicitly disabling either backend, which could lead to +one unexpectedly running. + +If either sdl=1 or vnc=1 is configured then both before and after this +change only the backends which are explicitly enabled are configured, +i.e. this issue only occurs when all backends are supposed to have +been disabled. + +This affects qemu-xen and qemu-xen-traditional differently. + +If qemu-xen was compiled with SDL support then this would result in an +SDL window being opened if $DISPLAY is valid, or a failure to start +the guest if not. Passing "-display none" to qemu before any further +-sdl options disables this default behaviour and ensures that SDL is +only started if the libxl configuration demands it. + +If qemu-xen was compiled without SDL support then qemu would instead +start a VNC server listening on ::1 (IPv6 localhost) or 127.0.0.1 +(IPv4 localhost) with IPv6 preferred if available. Explicitly pass +"-vnc none" when vnc is not enabled in the libxl configuration to +remove this possibility. + +qemu-xen-traditional would never start a vnc backend unless asked. +However by default it will start an SDL backend, the way to disable +this is to pass a -vnc option. In other words passing "-vnc none" will +disable both vnc and sdl by default. sdl can then be reenabled if +configured by subsequent use of the -sdl option. + +Tested with both qemu-xen and qemu-xen-traditional built with SDL +support and: + xl cr # defaults + xl cr sdl=0 vnc=0 + xl cr sdl=1 vnc=0 + xl cr sdl=0 vnc=1 + xl cr sdl=0 vnc=0 vga=\"none\" + xl cr sdl=0 vnc=0 nographic=1 +with both valid and invalid $DISPLAY. + +This is XSA-119. + +Reported-by: Sander Eikelenboom +Signed-off-by: Ian Campbell +Acked-by: Ian Jackson +--- + tools/libxl/libxl_dm.c | 21 +++++++++++++++++++-- + 1 file changed, 19 insertions(+), 2 deletions(-) + +diff --git a/tools/libxl/libxl_dm.c b/tools/libxl/libxl_dm.c +index f6f7bbd..4dbfddc 100644 +--- a/tools/libxl/libxl_dm.c ++++ b/tools/libxl/libxl_dm.c +@@ -179,7 +179,14 @@ static char ** libxl__build_device_model_args_old(libxl__gc *gc, + if (libxl_defbool_val(vnc->findunused)) { + flexarray_append(dm_args, "-vncunused"); + } +- } ++ } else ++ /* ++ * VNC is not enabled by default by qemu-xen-traditional, ++ * however passing -vnc none causes SDL to not be ++ * (unexpectedly) enabled by default. This is overridden by ++ * explicitly passing -sdl below as required. ++ */ ++ flexarray_append_pair(dm_args, "-vnc", "none"); + + if (sdl) { + flexarray_append(dm_args, "-sdl"); +@@ -463,7 +470,17 @@ static char ** libxl__build_device_model_args_new(libxl__gc *gc, + } + + flexarray_append(dm_args, vncarg); +- } ++ } else ++ /* ++ * Ensure that by default no vnc server is created. ++ */ ++ flexarray_append_pair(dm_args, "-vnc", "none"); ++ ++ /* ++ * Ensure that by default no display backend is created. Further ++ * options given below might then enable more. ++ */ ++ flexarray_append_pair(dm_args, "-display", "none"); + + if (sdl) { + flexarray_append(dm_args, "-sdl"); +-- +1.9.1 + + +From 26423ef27e8ed3f40f8e1c51981938a78f31f89b Mon Sep 17 00:00:00 2001 From: George Dunlap Date: Thu, 5 Mar 2015 12:01:29 +0000 Subject: [PATCH] x86/HVM: return all ones on wrong-sized reads of system @@ -2201,7 +2302,7 @@ index fea3f68..6e4d422 100644 1.9.1 -From 14ed25021173d3b65527113d279151da342c3ed8 Mon Sep 17 00:00:00 2001 +From 21c4b1ca2a388905c97de8f925d39b7c3fd1809f Mon Sep 17 00:00:00 2001 From: George Dunlap Date: Thu, 5 Mar 2015 12:01:34 +0000 Subject: [PATCH] pre-fill structures for certain HYPERVISOR_xen_version @@ -2252,7 +2353,7 @@ index b371f8f..0e34e59 100644 1.9.1 -From 4bbb680cabff423faacd4350a0793fff31217a2d Mon Sep 17 00:00:00 2001 +From c135a21c69a3cbd00b8936cb64dffd477438c3d2 Mon Sep 17 00:00:00 2001 From: George Dunlap Date: Thu, 5 Mar 2015 12:20:26 +0000 Subject: [PATCH] x86emul: fully ignore segment override for register-only @@ -2288,7 +2389,7 @@ index 25571c6..9ebff22 100644 1.9.1 -From f04a6efb7170e790d55e78fff996bae820f9b8b0 Mon Sep 17 00:00:00 2001 +From 2a675c69e657bfa4cac07390ffb953a662aacb35 Mon Sep 17 00:00:00 2001 From: Wen Congyang Date: Thu, 11 Dec 2014 16:21:21 +0000 Subject: [PATCH] tools: libxl: pass correct file to qemu if we use blktap2 @@ -2304,10 +2405,10 @@ Acked-by: Ian Campbell 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/tools/libxl/libxl_dm.c b/tools/libxl/libxl_dm.c -index f6f7bbd..65104d5 100644 +index 4dbfddc..d855fc6 100644 --- a/tools/libxl/libxl_dm.c +++ b/tools/libxl/libxl_dm.c -@@ -679,6 +679,7 @@ static char ** libxl__build_device_model_args_new(libxl__gc *gc, +@@ -696,6 +696,7 @@ static char ** libxl__build_device_model_args_new(libxl__gc *gc, libxl__device_disk_dev_number(disks[i].vdev, &disk, &part); const char *format = qemu_disk_format_string(disks[i].format); char *drive; @@ -2315,7 +2416,7 @@ index f6f7bbd..65104d5 100644 if (dev_number == -1) { LIBXL__LOG(ctx, LIBXL__LOG_WARNING, "unable to determine" -@@ -708,6 +709,12 @@ static char ** libxl__build_device_model_args_new(libxl__gc *gc, +@@ -725,6 +726,12 @@ static char ** libxl__build_device_model_args_new(libxl__gc *gc, continue; } @@ -2328,7 +2429,7 @@ index f6f7bbd..65104d5 100644 /* * Explicit sd disks are passed through as is. * -@@ -717,11 +724,11 @@ static char ** libxl__build_device_model_args_new(libxl__gc *gc, +@@ -734,11 +741,11 @@ static char ** libxl__build_device_model_args_new(libxl__gc *gc, if (strncmp(disks[i].vdev, "sd", 2) == 0) drive = libxl__sprintf (gc, "file=%s,if=scsi,bus=0,unit=%d,format=%s,cache=writeback", @@ -2346,7 +2447,7 @@ index f6f7bbd..65104d5 100644 1.9.1 -From e480dc24ba35ef1d79024c03f2e5b72f81662b06 Mon Sep 17 00:00:00 2001 +From 1f5dc43f8b7bb1b24b5b95b0bac00051cc6b8d2d Mon Sep 17 00:00:00 2001 From: George Dunlap Date: Thu, 11 Dec 2014 16:23:09 +0000 Subject: [PATCH] it: George Dunlap @@ -2393,10 +2494,10 @@ release cycle. 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/tools/libxl/libxl_dm.c b/tools/libxl/libxl_dm.c -index 65104d5..aef7fb8 100644 +index d855fc6..44c3db0 100644 --- a/tools/libxl/libxl_dm.c +++ b/tools/libxl/libxl_dm.c -@@ -709,11 +709,14 @@ static char ** libxl__build_device_model_args_new(libxl__gc *gc, +@@ -726,11 +726,14 @@ static char ** libxl__build_device_model_args_new(libxl__gc *gc, continue; } @@ -2417,7 +2518,7 @@ index 65104d5..aef7fb8 100644 1.9.1 -From d7baea39e46b3314d5075326ba426974b3c80959 Mon Sep 17 00:00:00 2001 +From da32c47a7418e338938fc985e0462eaef69550a7 Mon Sep 17 00:00:00 2001 From: Don Koch Date: Thu, 11 Dec 2014 17:02:21 +0000 Subject: [PATCH] x86/HVM: sanity check xsave area when migrating or restoring @@ -2512,7 +2613,7 @@ index eb7e498..18c1c26 100644 1.9.1 -From becd1476a7e60e669a396edce3ae762c20c68b30 Mon Sep 17 00:00:00 2001 +From 20f859d711b8e18a96d7b386c006a3f0317ab606 Mon Sep 17 00:00:00 2001 From: Juergen Gross Date: Thu, 11 Dec 2014 17:02:33 +0000 Subject: [PATCH] adjust number of domains in cpupools when destroying domain @@ -2643,7 +2744,7 @@ index 4418883..996a08a 100644 1.9.1 -From 9211dfc9d64bfcbe6da5c7dd6a064372a594f142 Mon Sep 17 00:00:00 2001 +From cb97f6ae474c71a7b6d912ded12125fd7a714250 Mon Sep 17 00:00:00 2001 From: George Dunlap Date: Mon, 15 Dec 2014 15:56:14 +0000 Subject: [PATCH] Revert "libxl: prefer qdisk over blktap when choosing disk @@ -2680,7 +2781,7 @@ index 29ed547..0f9fe2d 100644 1.9.1 -From e55d103063374dfa6913d96bb57d921899b89d61 Mon Sep 17 00:00:00 2001 +From 951cc979ba60c64e378e950e5eb9e97b49e578a5 Mon Sep 17 00:00:00 2001 From: George Dunlap Date: Wed, 15 Oct 2014 15:36:23 +0100 Subject: [PATCH] xen-centos-disable-CFLAGS-for-qemu.patch @@ -2705,7 +2806,7 @@ index 6610a8d..86d8a58 100644 1.9.1 -From 98624525fb8a8ab19c92258fea21f05375f0daba Mon Sep 17 00:00:00 2001 +From 485cb391a1b93980274d57a219ab19ae630f11a4 Mon Sep 17 00:00:00 2001 From: George Dunlap Date: Wed, 15 Oct 2014 15:36:23 +0100 Subject: [PATCH] Adapt libxl to use blktap 2.5 v0.9.2 diff --git a/SPECS/xen.spec b/SPECS/xen.spec index 541672e..c9427b2 100644 --- a/SPECS/xen.spec +++ b/SPECS/xen.spec @@ -19,7 +19,7 @@ Summary: Xen is a virtual machine monitor Name: xen Version: 4.4.1 -Release: 7%{?dist} +Release: 8%{?dist} Group: Development/Libraries License: GPLv2+ and LGPLv2+ and BSD URL: http://xen.org/ @@ -739,6 +739,9 @@ rm -rf %{buildroot} %endif %changelog +* Thu Mar 12 2015 George Dunlap - 4.4.1-8.el6.centos + - Import xsa-119 + * Thu Mar 5 2015 George Dunlap - 4.4.1-7.el6.centos - Import xsa-123