aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--system/xen/dom0/README.dom02
-rw-r--r--system/xen/dom0/config-5.14.12-xen.x86_64 (renamed from system/xen/dom0/config-5.13.8-xen.x86_64)174
-rw-r--r--system/xen/dom0/kernel-xen.sh4
-rw-r--r--system/xen/domU/domU.sh2
-rw-r--r--system/xen/patches/ac9d413015d3bcf1e8f31cda764590b3ee949bc1.patch72
-rw-r--r--system/xen/patches/edk2-ovmf-202105-werror.patch38
-rw-r--r--system/xen/patches/tools-ipxe-update-for-fixing-build-with-GCC11.diff13
-rw-r--r--system/xen/xen.SlackBuild11
-rw-r--r--system/xen/xen.info10
-rw-r--r--system/xen/xsa/xsa372-4.15-0001-xen-arm-Create-dom0less-domUs-earlier.patch85
-rw-r--r--system/xen/xsa/xsa372-4.15-0002-xen-arm-Boot-modules-should-always-be-scrubbed-if-bo.patch59
-rw-r--r--system/xen/xsa/xsa373-4.15-1.patch120
-rw-r--r--system/xen/xsa/xsa373-4.15-2.patch102
-rw-r--r--system/xen/xsa/xsa373-4.15-3.patch163
-rw-r--r--system/xen/xsa/xsa373-4.15-4.patch79
-rw-r--r--system/xen/xsa/xsa373-4.15-5.patch141
-rw-r--r--system/xen/xsa/xsa375.patch50
-rw-r--r--system/xen/xsa/xsa377.patch27
-rw-r--r--system/xen/xsa/xsa386.patch29
19 files changed, 229 insertions, 952 deletions
diff --git a/system/xen/dom0/README.dom0 b/system/xen/dom0/README.dom0
index dfed12dfcba07..cadf44ab81253 100644
--- a/system/xen/dom0/README.dom0
+++ b/system/xen/dom0/README.dom0
@@ -57,7 +57,7 @@ kernel-xen.sh: This script builds the Linux Kernel for a Xen Hypervisor.
* To make things a bit easier, a copy of Xen EFI binary can be found here:
- http://slackware.hr/~mario/xen/xen-4.15.0.efi.gz
+ http://slackware.hr/~mario/xen/xen-4.15.1.efi.gz
!!! Make sure to understand what are you doing at this point, you could
easily lose your data. Always create backups !!!
diff --git a/system/xen/dom0/config-5.13.8-xen.x86_64 b/system/xen/dom0/config-5.14.12-xen.x86_64
index 94d893f068f4d..ac1e996207592 100644
--- a/system/xen/dom0/config-5.13.8-xen.x86_64
+++ b/system/xen/dom0/config-5.14.12-xen.x86_64
@@ -1,20 +1,22 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/x86 5.13.8 Kernel Configuration
+# Linux/x86 5.14.12 Kernel Configuration
#
-CONFIG_CC_VERSION_TEXT="gcc (GCC) 10.3.0"
+CONFIG_CC_VERSION_TEXT="gcc (GCC) 11.2.0"
CONFIG_CC_IS_GCC=y
-CONFIG_GCC_VERSION=100300
+CONFIG_GCC_VERSION=110200
CONFIG_CLANG_VERSION=0
CONFIG_AS_IS_GNU=y
-CONFIG_AS_VERSION=23601
+CONFIG_AS_VERSION=23700
CONFIG_LD_IS_BFD=y
-CONFIG_LD_VERSION=23601
+CONFIG_LD_VERSION=23700
CONFIG_LLD_VERSION=0
CONFIG_CC_CAN_LINK=y
CONFIG_CC_CAN_LINK_STATIC=y
CONFIG_CC_HAS_ASM_GOTO=y
+CONFIG_CC_HAS_ASM_GOTO_OUTPUT=y
CONFIG_CC_HAS_ASM_INLINE=y
+CONFIG_CC_HAS_NO_PROFILE_FN_ATTR=y
CONFIG_IRQ_WORK=y
CONFIG_BUILDTIME_TABLE_SORT=y
CONFIG_THREAD_INFO_IN_TASK=y
@@ -122,6 +124,7 @@ CONFIG_BPF_LSM=y
CONFIG_PREEMPT_NONE=y
# CONFIG_PREEMPT_VOLUNTARY is not set
# CONFIG_PREEMPT is not set
+CONFIG_SCHED_CORE=y
#
# CPU/Task time and stats accounting
@@ -320,7 +323,6 @@ CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y
CONFIG_ARCH_HIBERNATION_POSSIBLE=y
CONFIG_ARCH_SUSPEND_POSSIBLE=y
CONFIG_ARCH_WANT_GENERAL_HUGETLB=y
-CONFIG_ZONE_DMA32=y
CONFIG_AUDIT_ARCH=y
CONFIG_HAVE_INTEL_TXT=y
CONFIG_X86_64_SMP=y
@@ -333,7 +335,6 @@ CONFIG_CC_HAS_SANE_STACKPROTECTOR=y
#
# Processor type and features
#
-CONFIG_ZONE_DMA=y
CONFIG_SMP=y
CONFIG_X86_FEATURE_NAMES=y
CONFIG_X86_X2APIC=y
@@ -454,7 +455,6 @@ CONFIG_X86_PMEM_LEGACY_DEVICE=y
CONFIG_X86_PMEM_LEGACY=y
CONFIG_X86_CHECK_BIOS_CORRUPTION=y
# CONFIG_X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK is not set
-CONFIG_X86_RESERVE_LOW=64
CONFIG_MTRR=y
CONFIG_MTRR_SANITIZER=y
CONFIG_MTRR_SANITIZER_ENABLE_DEFAULT=0
@@ -599,7 +599,10 @@ CONFIG_ACPI_CONFIGFS=m
CONFIG_PMIC_OPREGION=y
CONFIG_BXT_WC_PMIC_OPREGION=y
CONFIG_CHT_DC_TI_PMIC_OPREGION=y
+# CONFIG_TPS68470_PMIC_OPREGION is not set
+CONFIG_ACPI_VIOT=y
CONFIG_X86_PM_TIMER=y
+CONFIG_ACPI_PRMT=y
#
# CPU Frequency scaling
@@ -739,6 +742,7 @@ CONFIG_KVM_COMPAT=y
CONFIG_HAVE_KVM_IRQ_BYPASS=y
CONFIG_HAVE_KVM_NO_POLL=y
CONFIG_KVM_XFER_TO_GUEST_WORK=y
+CONFIG_HAVE_KVM_PM_NOTIFIER=y
CONFIG_VIRTUALIZATION=y
CONFIG_KVM=m
# CONFIG_KVM_WERROR is not set
@@ -783,6 +787,7 @@ CONFIG_ARCH_HAS_SET_MEMORY=y
CONFIG_ARCH_HAS_SET_DIRECT_MAP=y
CONFIG_HAVE_ARCH_THREAD_STRUCT_WHITELIST=y
CONFIG_ARCH_WANTS_DYNAMIC_TASK_STRUCT=y
+CONFIG_ARCH_WANTS_NO_INSTR=y
CONFIG_HAVE_ASM_MODVERSIONS=y
CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y
CONFIG_HAVE_RSEQ=y
@@ -908,9 +913,11 @@ CONFIG_BLK_DEV_THROTTLING=y
# CONFIG_BLK_DEV_THROTTLING_LOW is not set
# CONFIG_BLK_CMDLINE_PARSER is not set
CONFIG_BLK_WBT=y
+CONFIG_BLK_WBT_MQ=y
CONFIG_BLK_CGROUP_IOLATENCY=y
+# CONFIG_BLK_CGROUP_FC_APPID is not set
CONFIG_BLK_CGROUP_IOCOST=y
-CONFIG_BLK_WBT_MQ=y
+# CONFIG_BLK_CGROUP_IOPRIO is not set
CONFIG_BLK_DEBUG_FS=y
CONFIG_BLK_DEBUG_FS_ZONED=y
CONFIG_BLK_SED_OPAL=y
@@ -997,7 +1004,6 @@ CONFIG_COREDUMP=y
CONFIG_SELECT_MEMORY_MODEL=y
CONFIG_SPARSEMEM_MANUAL=y
CONFIG_SPARSEMEM=y
-CONFIG_NEED_MULTIPLE_NODES=y
CONFIG_SPARSEMEM_EXTREME=y
CONFIG_SPARSEMEM_VMEMMAP_ENABLE=y
CONFIG_SPARSEMEM_VMEMMAP=y
@@ -1066,6 +1072,9 @@ CONFIG_GENERIC_EARLY_IOREMAP=y
# CONFIG_IDLE_PAGE_TRACKING is not set
CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y
CONFIG_ARCH_HAS_PTE_DEVMAP=y
+CONFIG_ARCH_HAS_ZONE_DMA_SET=y
+CONFIG_ZONE_DMA=y
+CONFIG_ZONE_DMA32=y
CONFIG_ZONE_DEVICE=y
CONFIG_DEV_PAGEMAP_OPS=y
CONFIG_HMM_MIRROR=y
@@ -1078,6 +1087,7 @@ CONFIG_ARCH_HAS_PKEYS=y
# CONFIG_READ_ONLY_THP_FOR_FS is not set
CONFIG_ARCH_HAS_PTE_SPECIAL=y
CONFIG_MAPPING_DIRTY_HELPERS=y
+CONFIG_SECRETMEM=y
# end of Memory Management options
CONFIG_NET=y
@@ -1216,6 +1226,7 @@ CONFIG_NETFILTER_INGRESS=y
CONFIG_NETFILTER_NETLINK=m
CONFIG_NETFILTER_FAMILY_BRIDGE=y
CONFIG_NETFILTER_FAMILY_ARP=y
+CONFIG_NETFILTER_NETLINK_HOOK=m
CONFIG_NETFILTER_NETLINK_ACCT=m
CONFIG_NETFILTER_NETLINK_QUEUE=m
CONFIG_NETFILTER_NETLINK_LOG=m
@@ -1616,7 +1627,6 @@ CONFIG_BRIDGE_VLAN_FILTERING=y
CONFIG_BRIDGE_MRP=y
CONFIG_BRIDGE_CFM=y
CONFIG_NET_DSA=m
-CONFIG_NET_DSA_TAG_8021Q=m
CONFIG_NET_DSA_TAG_AR9331=m
CONFIG_NET_DSA_TAG_BRCM_COMMON=m
CONFIG_NET_DSA_TAG_BRCM=m
@@ -2160,6 +2170,8 @@ CONFIG_PCI_SW_SWITCHTEC=m
CONFIG_CXL_BUS=y
CONFIG_CXL_MEM=m
# CONFIG_CXL_MEM_RAW_COMMANDS is not set
+CONFIG_CXL_ACPI=y
+CONFIG_CXL_PMEM=m
CONFIG_PCCARD=m
CONFIG_PCMCIA=m
CONFIG_PCMCIA_LOAD_CIS=y
@@ -2329,6 +2341,7 @@ CONFIG_MTD_PMC551_BUGFIX=y
# CONFIG_MTD_PMC551_DEBUG is not set
# CONFIG_MTD_DATAFLASH is not set
# CONFIG_MTD_MCHP23K256 is not set
+CONFIG_MTD_MCHP48L640=m
# CONFIG_MTD_SST25L is not set
CONFIG_MTD_SLRAM=m
CONFIG_MTD_PHRAM=m
@@ -2591,9 +2604,6 @@ CONFIG_PVPANIC_MMIO=m
CONFIG_PVPANIC_PCI=m
# end of Misc devices
-CONFIG_HAVE_IDE=y
-# CONFIG_IDE is not set
-
#
# SCSI device support
#
@@ -2675,6 +2685,7 @@ CONFIG_SCSI_MPT3SAS=m
CONFIG_SCSI_MPT2SAS_MAX_SGE=128
CONFIG_SCSI_MPT3SAS_MAX_SGE=128
CONFIG_SCSI_MPT2SAS=m
+CONFIG_SCSI_MPI3MR=m
CONFIG_SCSI_SMARTPQI=m
CONFIG_SCSI_UFSHCD=m
CONFIG_SCSI_UFSHCD_PCI=m
@@ -2727,6 +2738,7 @@ CONFIG_QEDI=m
CONFIG_QEDF=m
CONFIG_SCSI_LPFC=m
# CONFIG_SCSI_LPFC_DEBUG_FS is not set
+CONFIG_SCSI_EFCT=m
CONFIG_SCSI_DC395x=m
CONFIG_SCSI_AM53C974=m
CONFIG_SCSI_WD719X=m
@@ -3208,6 +3220,7 @@ CONFIG_MLX5_EN_ARFS=y
CONFIG_MLX5_EN_RXNFC=y
CONFIG_MLX5_MPFS=y
CONFIG_MLX5_ESWITCH=y
+CONFIG_MLX5_BRIDGE=y
CONFIG_MLX5_CLS_ACT=y
CONFIG_MLX5_TC_CT=y
CONFIG_MLX5_TC_SAMPLE=y
@@ -3222,8 +3235,6 @@ CONFIG_MLXSW_CORE_HWMON=y
CONFIG_MLXSW_CORE_THERMAL=y
CONFIG_MLXSW_PCI=m
CONFIG_MLXSW_I2C=m
-CONFIG_MLXSW_SWITCHIB=m
-CONFIG_MLXSW_SWITCHX2=m
CONFIG_MLXSW_SPECTRUM=m
CONFIG_MLXSW_MINIMAL=m
CONFIG_MLXFW=m
@@ -3323,6 +3334,7 @@ CONFIG_STMMAC_ETH=m
CONFIG_STMMAC_PLATFORM=m
CONFIG_DWMAC_GENERIC=m
CONFIG_DWMAC_INTEL=m
+# CONFIG_DWMAC_LOONGSON is not set
# CONFIG_STMMAC_PCI is not set
CONFIG_NET_VENDOR_SUN=y
CONFIG_HAPPYMEAL=m
@@ -3391,10 +3403,12 @@ CONFIG_LSI_ET1011C_PHY=m
CONFIG_MARVELL_PHY=m
CONFIG_MARVELL_10G_PHY=m
CONFIG_MARVELL_88X2222_PHY=m
+CONFIG_MEDIATEK_GE_PHY=m
CONFIG_MICREL_PHY=m
CONFIG_MICROCHIP_PHY=m
# CONFIG_MICROCHIP_T1_PHY is not set
CONFIG_MICROSEMI_PHY=m
+CONFIG_MOTORCOMM_PHY=m
CONFIG_NATIONAL_PHY=m
CONFIG_NXP_C45_TJA11XX_PHY=m
# CONFIG_NXP_TJA11XX_PHY is not set
@@ -3416,6 +3430,8 @@ CONFIG_XILINX_GMII2RGMII=m
# CONFIG_MICREL_KS8995MA is not set
CONFIG_MDIO_DEVICE=m
CONFIG_MDIO_BUS=m
+CONFIG_FWNODE_MDIO=m
+CONFIG_ACPI_MDIO=m
CONFIG_MDIO_DEVRES=m
CONFIG_MDIO_BITBANG=m
CONFIG_MDIO_BCM_UNIMAC=m
@@ -3832,7 +3848,10 @@ CONFIG_IEEE802154_ATUSB=m
# Wireless WAN
#
CONFIG_WWAN=y
+# CONFIG_WWAN_HWSIM is not set
CONFIG_MHI_WWAN_CTRL=m
+# CONFIG_RPMSG_WWAN_CTRL is not set
+CONFIG_IOSM=m
# end of Wireless WAN
CONFIG_XEN_NETDEV_FRONTEND=y
@@ -3983,6 +4002,7 @@ CONFIG_JOYSTICK_XPAD_LEDS=y
CONFIG_JOYSTICK_WALKERA0701=m
# CONFIG_JOYSTICK_PSXPAD_SPI is not set
CONFIG_JOYSTICK_PXRC=m
+CONFIG_JOYSTICK_QWIIC=m
CONFIG_JOYSTICK_FSIA6B=m
CONFIG_INPUT_TABLET=y
CONFIG_TABLET_USB_ACECAD=m
@@ -4118,6 +4138,8 @@ CONFIG_INPUT_RETU_PWRBUTTON=m
CONFIG_INPUT_UINPUT=m
CONFIG_INPUT_PCF50633_PMU=m
CONFIG_INPUT_PCF8574=m
+CONFIG_INPUT_PWM_BEEPER=m
+# CONFIG_INPUT_PWM_VIBRA is not set
CONFIG_INPUT_GPIO_ROTARY_ENCODER=m
CONFIG_INPUT_DA7280_HAPTICS=m
CONFIG_INPUT_ADXL34X=m
@@ -4299,8 +4321,6 @@ CONFIG_IPWIRELESS=m
CONFIG_MWAVE=m
CONFIG_DEVMEM=y
CONFIG_NVRAM=m
-CONFIG_RAW_DRIVER=m
-CONFIG_MAX_RAW_DEVS=256
CONFIG_DEVPORT=y
CONFIG_HPET=y
CONFIG_HPET_MMAP=y
@@ -4325,7 +4345,9 @@ CONFIG_TCG_TIS_ST33ZP24=m
CONFIG_TCG_TIS_ST33ZP24_I2C=m
# CONFIG_TCG_TIS_ST33ZP24_SPI is not set
CONFIG_TELCLOCK=m
+CONFIG_XILLYBUS_CLASS=m
# CONFIG_XILLYBUS is not set
+CONFIG_XILLYUSB=m
# end of Character devices
CONFIG_RANDOM_TRUST_CPU=y
@@ -4531,7 +4553,7 @@ CONFIG_PINCTRL_LYNXPOINT=m
CONFIG_PINCTRL_INTEL=y
CONFIG_PINCTRL_ALDERLAKE=m
CONFIG_PINCTRL_BROXTON=m
-# CONFIG_PINCTRL_CANNONLAKE is not set
+CONFIG_PINCTRL_CANNONLAKE=m
CONFIG_PINCTRL_CEDARFORK=m
CONFIG_PINCTRL_DENVERTON=m
CONFIG_PINCTRL_ELKHARTLAKE=m
@@ -4605,6 +4627,7 @@ CONFIG_GPIO_BD9571MWV=m
CONFIG_GPIO_DLN2=m
CONFIG_GPIO_JANZ_TTL=m
CONFIG_GPIO_LP3943=m
+# CONFIG_GPIO_TPS68470 is not set
# CONFIG_GPIO_UCB1400 is not set
CONFIG_GPIO_WHISKEY_COVE=m
CONFIG_GPIO_WM8994=m
@@ -4864,6 +4887,7 @@ CONFIG_SENSORS_BEL_PFE=m
CONFIG_SENSORS_BPA_RS600=m
CONFIG_SENSORS_FSP_3Y=m
CONFIG_SENSORS_IBM_CFFPS=m
+CONFIG_SENSORS_DPS920AB=m
# CONFIG_SENSORS_INSPUR_IPSPS is not set
CONFIG_SENSORS_IR35221=m
CONFIG_SENSORS_IR36021=m
@@ -4882,7 +4906,9 @@ CONFIG_SENSORS_MAX20751=m
CONFIG_SENSORS_MAX31785=m
CONFIG_SENSORS_MAX34440=m
CONFIG_SENSORS_MAX8688=m
+CONFIG_SENSORS_MP2888=m
CONFIG_SENSORS_MP2975=m
+CONFIG_SENSORS_PIM4328=m
CONFIG_SENSORS_PM6764TR=m
# CONFIG_SENSORS_PXE1610 is not set
CONFIG_SENSORS_Q54SJ108A2=m
@@ -4897,6 +4923,7 @@ CONFIG_SENSORS_SBTSI=m
CONFIG_SENSORS_SHT15=m
CONFIG_SENSORS_SHT21=m
CONFIG_SENSORS_SHT3x=m
+CONFIG_SENSORS_SHT4x=m
CONFIG_SENSORS_SHTC1=m
CONFIG_SENSORS_SIS5595=m
CONFIG_SENSORS_DME1737=m
@@ -4995,6 +5022,7 @@ CONFIG_WATCHDOG_CORE=y
CONFIG_WATCHDOG_HANDLE_BOOT_ENABLED=y
CONFIG_WATCHDOG_OPEN_TIMEOUT=0
CONFIG_WATCHDOG_SYSFS=y
+# CONFIG_WATCHDOG_HRTIMER_PRETIMEOUT is not set
#
# Watchdog Pretimeout Governors
@@ -5092,7 +5120,7 @@ CONFIG_BCMA_DRIVER_PCI=y
#
# Multifunction device drivers
#
-CONFIG_MFD_CORE=y
+CONFIG_MFD_CORE=m
CONFIG_MFD_BCM590XX=m
CONFIG_MFD_BD9571MWV=m
# CONFIG_MFD_AXP20X_I2C is not set
@@ -5138,6 +5166,7 @@ CONFIG_PCF50633_ADC=m
CONFIG_PCF50633_GPIO=m
CONFIG_UCB1400_CORE=m
CONFIG_MFD_RDC321X=m
+CONFIG_MFD_RT4831=m
# CONFIG_MFD_RT5033 is not set
CONFIG_MFD_SI476X_CORE=m
CONFIG_MFD_SM501=m
@@ -5158,7 +5187,7 @@ CONFIG_MFD_WL1273_CORE=m
CONFIG_MFD_LM3533=m
# CONFIG_MFD_TQMX86 is not set
CONFIG_MFD_VX855=m
-CONFIG_MFD_ARIZONA=y
+CONFIG_MFD_ARIZONA=m
CONFIG_MFD_ARIZONA_I2C=m
# CONFIG_MFD_ARIZONA_SPI is not set
# CONFIG_MFD_CS47L24 is not set
@@ -5203,6 +5232,7 @@ CONFIG_REGULATOR_LTC3676=m
CONFIG_REGULATOR_MAX1586=m
CONFIG_REGULATOR_MAX8649=m
CONFIG_REGULATOR_MAX8660=m
+CONFIG_REGULATOR_MAX8893=m
CONFIG_REGULATOR_MAX8952=m
# CONFIG_REGULATOR_MAX77826 is not set
CONFIG_REGULATOR_MC13XXX_CORE=m
@@ -5212,14 +5242,19 @@ CONFIG_REGULATOR_MC13892=m
CONFIG_REGULATOR_MT6311=m
CONFIG_REGULATOR_MT6323=m
# CONFIG_REGULATOR_MT6358 is not set
+CONFIG_REGULATOR_MT6359=m
CONFIG_REGULATOR_MT6397=m
# CONFIG_REGULATOR_PCA9450 is not set
CONFIG_REGULATOR_PCF50633=m
CONFIG_REGULATOR_PV88060=m
CONFIG_REGULATOR_PV88080=m
CONFIG_REGULATOR_PV88090=m
+# CONFIG_REGULATOR_PWM is not set
# CONFIG_REGULATOR_RASPBERRYPI_TOUCHSCREEN_ATTINY is not set
CONFIG_REGULATOR_RT4801=m
+CONFIG_REGULATOR_RT4831=m
+CONFIG_REGULATOR_RT6160=m
+CONFIG_REGULATOR_RT6245=m
CONFIG_REGULATOR_RTMV20=m
CONFIG_REGULATOR_SKY81452=m
CONFIG_REGULATOR_SLG51000=m
@@ -5309,6 +5344,7 @@ CONFIG_VIDEO_TUNER=m
CONFIG_V4L2_MEM2MEM_DEV=m
CONFIG_V4L2_FLASH_LED_CLASS=m
CONFIG_V4L2_FWNODE=m
+CONFIG_V4L2_ASYNC=m
CONFIG_VIDEOBUF_GEN=m
CONFIG_VIDEOBUF_DMA_SG=m
CONFIG_VIDEOBUF_VMALLOC=m
@@ -5338,7 +5374,6 @@ CONFIG_DVB_MAX_ADAPTERS=8
#
# Drivers filtered as selected at 'Filter media drivers'
#
-CONFIG_TTPCI_EEPROM=m
CONFIG_MEDIA_USB_SUPPORT=y
#
@@ -5506,7 +5541,6 @@ CONFIG_VIDEO_TW686X=m
# Media capture/analog TV support
#
CONFIG_VIDEO_IVTV=m
-# CONFIG_VIDEO_IVTV_DEPRECATED_IOCTLS is not set
CONFIG_VIDEO_IVTV_ALSA=m
CONFIG_VIDEO_FB_IVTV=m
# CONFIG_VIDEO_FB_IVTV_FORCE_PAT is not set
@@ -5543,14 +5577,10 @@ CONFIG_VIDEO_SAA7164=m
#
# Media digital TV PCI Adapters
#
-CONFIG_DVB_AV7110_IR=y
-CONFIG_DVB_AV7110=m
-CONFIG_DVB_AV7110_OSD=y
CONFIG_DVB_BUDGET_CORE=m
CONFIG_DVB_BUDGET=m
CONFIG_DVB_BUDGET_CI=m
CONFIG_DVB_BUDGET_AV=m
-CONFIG_DVB_BUDGET_PATCH=m
CONFIG_DVB_B2C2_FLEXCOP_PCI=m
# CONFIG_DVB_B2C2_FLEXCOP_PCI_DEBUG is not set
CONFIG_DVB_PLUTO2=m
@@ -5595,6 +5625,7 @@ CONFIG_MEDIA_COMMON_OPTIONS=y
#
CONFIG_VIDEO_CX2341X=m
CONFIG_VIDEO_TVEEPROM=m
+CONFIG_TTPCI_EEPROM=m
CONFIG_CYPRESS_FIRMWARE=m
CONFIG_VIDEOBUF2_CORE=m
CONFIG_VIDEOBUF2_V4L2=m
@@ -5751,6 +5782,7 @@ CONFIG_VIDEO_M52790=m
CONFIG_VIDEO_APTINA_PLL=m
CONFIG_VIDEO_CCS_PLL=m
CONFIG_VIDEO_HI556=m
+CONFIG_VIDEO_IMX208=m
CONFIG_VIDEO_IMX214=m
CONFIG_VIDEO_IMX219=m
CONFIG_VIDEO_IMX258=m
@@ -5940,7 +5972,6 @@ CONFIG_DVB_TDA10071=m
#
# DVB-T (terrestrial) frontends
#
-CONFIG_DVB_SP8870=m
CONFIG_DVB_SP887X=m
CONFIG_DVB_CX22700=m
CONFIG_DVB_CX22702=m
@@ -6065,7 +6096,6 @@ CONFIG_DRM_MIPI_DSI=y
CONFIG_DRM_DP_AUX_CHARDEV=y
# CONFIG_DRM_DEBUG_SELFTEST is not set
CONFIG_DRM_KMS_HELPER=m
-CONFIG_DRM_KMS_FB_HELPER=y
# CONFIG_DRM_DEBUG_DP_MST_TOPOLOGY_REFS is not set
CONFIG_DRM_FBDEV_EMULATION=y
CONFIG_DRM_FBDEV_OVERALLOC=100
@@ -6118,6 +6148,7 @@ CONFIG_DRM_AMD_SECURE_DISPLAY=y
# end of Display Engine Configuration
CONFIG_HSA_AMD=y
+CONFIG_HSA_AMD_SVM=y
CONFIG_DRM_NOUVEAU=m
CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT=y
CONFIG_NOUVEAU_DEBUG=5
@@ -6194,6 +6225,7 @@ CONFIG_DRM_ANALOGIX_DP=m
# CONFIG_DRM_ETNAVIV is not set
CONFIG_DRM_CIRRUS_QEMU=m
CONFIG_DRM_GM12U320=m
+# CONFIG_DRM_SIMPLEDRM is not set
CONFIG_TINYDRM_HX8357D=m
CONFIG_TINYDRM_ILI9225=m
CONFIG_TINYDRM_ILI9341=m
@@ -6205,6 +6237,7 @@ CONFIG_TINYDRM_ST7735R=m
# CONFIG_DRM_XEN_FRONTEND is not set
CONFIG_DRM_VBOXVIDEO=m
CONFIG_DRM_GUD=m
+CONFIG_DRM_HYPERV=m
CONFIG_DRM_LEGACY=y
# CONFIG_DRM_TDFX is not set
# CONFIG_DRM_R128 is not set
@@ -6322,6 +6355,7 @@ CONFIG_FB_MB862XX_PCI_GDC=y
CONFIG_FB_MB862XX_I2C=y
CONFIG_FB_HYPERV=m
# CONFIG_FB_SIMPLE is not set
+CONFIG_FB_SSD1307=m
CONFIG_FB_SM712=m
# end of Frame buffer Devices
@@ -6345,13 +6379,17 @@ CONFIG_BACKLIGHT_CLASS_DEVICE=y
CONFIG_BACKLIGHT_KTD253=m
CONFIG_BACKLIGHT_LM3533=m
CONFIG_BACKLIGHT_CARILLO_RANCH=m
+CONFIG_BACKLIGHT_PWM=m
CONFIG_BACKLIGHT_APPLE=m
CONFIG_BACKLIGHT_QCOM_WLED=m
+CONFIG_BACKLIGHT_RT4831=m
CONFIG_BACKLIGHT_SAHARA=m
CONFIG_BACKLIGHT_ADP8860=m
CONFIG_BACKLIGHT_ADP8870=m
CONFIG_BACKLIGHT_PCF50633=m
+CONFIG_BACKLIGHT_LM3630A=m
CONFIG_BACKLIGHT_LM3639=m
+CONFIG_BACKLIGHT_LP855X=m
CONFIG_BACKLIGHT_SKY81452=m
CONFIG_BACKLIGHT_GPIO=m
CONFIG_BACKLIGHT_LV5207LP=m
@@ -6645,6 +6683,8 @@ CONFIG_SND_SOC_INTEL_SKYLAKE_COMMON=m
CONFIG_SND_SOC_ACPI_INTEL_MATCH=m
CONFIG_SND_SOC_INTEL_MACH=y
CONFIG_SND_SOC_INTEL_USER_FRIENDLY_LONG_NAMES=y
+CONFIG_SND_SOC_INTEL_HDA_DSP_COMMON=m
+CONFIG_SND_SOC_INTEL_SOF_MAXIM_COMMON=m
CONFIG_SND_SOC_INTEL_HASWELL_MACH=m
CONFIG_SND_SOC_INTEL_BDW_RT5650_MACH=m
CONFIG_SND_SOC_INTEL_BDW_RT5677_MACH=m
@@ -6677,6 +6717,7 @@ CONFIG_SND_SOC_INTEL_GLK_DA7219_MAX98357A_MACH=m
CONFIG_SND_SOC_INTEL_GLK_RT5682_MAX98357A_MACH=m
CONFIG_SND_SOC_INTEL_SKL_HDA_DSP_GENERIC_MACH=m
CONFIG_SND_SOC_INTEL_SOF_RT5682_MACH=m
+CONFIG_SND_SOC_INTEL_SOF_CS42L42_MACH=m
CONFIG_SND_SOC_INTEL_SOF_PCM512x_MACH=m
CONFIG_SND_SOC_INTEL_CML_LP_DA7219_MAX98357A_MACH=m
CONFIG_SND_SOC_INTEL_SOF_CML_RT1011_RT5682_MACH=m
@@ -6872,6 +6913,7 @@ CONFIG_SND_SOC_SIMPLE_AMPLIFIER=m
CONFIG_SND_SOC_SIMPLE_MUX=m
CONFIG_SND_SOC_SPDIF=m
# CONFIG_SND_SOC_SSM2305 is not set
+CONFIG_SND_SOC_SSM2518=m
# CONFIG_SND_SOC_SSM2602_SPI is not set
# CONFIG_SND_SOC_SSM2602_I2C is not set
CONFIG_SND_SOC_SSM4567=m
@@ -6888,6 +6930,7 @@ CONFIG_SND_SOC_TAS2770=m
CONFIG_SND_SOC_TAS6424=m
CONFIG_SND_SOC_TDA7419=m
# CONFIG_SND_SOC_TFA9879 is not set
+CONFIG_SND_SOC_TFA989X=m
# CONFIG_SND_SOC_TLV320AIC23_I2C is not set
# CONFIG_SND_SOC_TLV320AIC23_SPI is not set
# CONFIG_SND_SOC_TLV320AIC31XX is not set
@@ -6902,6 +6945,7 @@ CONFIG_SND_SOC_TS3A227E=m
CONFIG_SND_SOC_TSCS42XX=m
# CONFIG_SND_SOC_TSCS454 is not set
# CONFIG_SND_SOC_UDA1334 is not set
+# CONFIG_SND_SOC_WCD938X_SDW is not set
CONFIG_SND_SOC_WM5102=m
# CONFIG_SND_SOC_WM8510 is not set
# CONFIG_SND_SOC_WM8523 is not set
@@ -6929,7 +6973,6 @@ CONFIG_SND_SOC_WM8804_I2C=m
# CONFIG_SND_SOC_WM8985 is not set
# CONFIG_SND_SOC_WSA881X is not set
CONFIG_SND_SOC_ZL38060=m
-# CONFIG_SND_SOC_ZX_AUD96P22 is not set
CONFIG_SND_SOC_MAX9759=m
# CONFIG_SND_SOC_MT6351 is not set
# CONFIG_SND_SOC_MT6358 is not set
@@ -7484,9 +7527,11 @@ CONFIG_LEDS_PCA955X=m
# CONFIG_LEDS_PCA955X_GPIO is not set
CONFIG_LEDS_PCA963X=m
# CONFIG_LEDS_DAC124S085 is not set
+# CONFIG_LEDS_PWM is not set
CONFIG_LEDS_REGULATOR=m
CONFIG_LEDS_BD2802=m
CONFIG_LEDS_INTEL_SS4200=m
+CONFIG_LEDS_LT3593=m
CONFIG_LEDS_MC13783=m
CONFIG_LEDS_TCA6507=m
CONFIG_LEDS_TLC591XX=m
@@ -7570,7 +7615,7 @@ CONFIG_INFINIBAND_QIB=m
CONFIG_INFINIBAND_QIB_DCA=y
CONFIG_INFINIBAND_CXGB4=m
CONFIG_INFINIBAND_EFA=m
-CONFIG_INFINIBAND_I40IW=m
+CONFIG_INFINIBAND_IRDMA=m
CONFIG_MLX4_INFINIBAND=m
CONFIG_MLX5_INFINIBAND=m
CONFIG_INFINIBAND_OCRDMA=m
@@ -7820,7 +7865,6 @@ CONFIG_VFIO_PCI_MMAP=y
CONFIG_VFIO_PCI_INTX=y
CONFIG_VFIO_PCI_IGD=y
CONFIG_VFIO_MDEV=m
-CONFIG_VFIO_MDEV_DEVICE=m
CONFIG_IRQ_BYPASS_MANAGER=m
CONFIG_VIRT_DRIVERS=y
CONFIG_VBOXGUEST=m
@@ -8000,6 +8044,11 @@ CONFIG_VIDEO_ZORAN_LML33=m
CONFIG_VIDEO_ZORAN_LML33R10=m
CONFIG_VIDEO_ZORAN_AVS6EYES=m
# CONFIG_VIDEO_IPU3_IMGU is not set
+CONFIG_DVB_AV7110_IR=y
+CONFIG_DVB_AV7110=m
+CONFIG_DVB_AV7110_OSD=y
+CONFIG_DVB_BUDGET_PATCH=m
+CONFIG_DVB_SP8870=m
#
# Android
@@ -8016,7 +8065,6 @@ CONFIG_FWTTY_MAX_CARD_PORTS=32
# CONFIG_KS7010 is not set
# CONFIG_PI433 is not set
# CONFIG_FIELDBUS_DEV is not set
-# CONFIG_KPC2000 is not set
CONFIG_QLGE=m
# CONFIG_WFX is not set
CONFIG_X86_PLATFORM_DEVICES=y
@@ -8052,6 +8100,7 @@ CONFIG_DELL_SMBIOS_WMI=y
CONFIG_DELL_SMBIOS_SMM=y
CONFIG_DELL_SMO8800=m
CONFIG_DELL_WMI=m
+CONFIG_DELL_WMI_PRIVACY=y
CONFIG_DELL_WMI_AIO=m
CONFIG_DELL_WMI_DESCRIPTOR=m
CONFIG_DELL_WMI_LED=m
@@ -8061,7 +8110,7 @@ CONFIG_FUJITSU_LAPTOP=m
CONFIG_FUJITSU_TABLET=m
CONFIG_GPD_POCKET_FAN=m
CONFIG_HP_ACCEL=m
-CONFIG_HP_WIRELESS=m
+CONFIG_WIRELESS_HOTKEY=m
CONFIG_HP_WMI=m
CONFIG_IBM_RTL=m
CONFIG_IDEAPAD_LAPTOP=m
@@ -8073,8 +8122,11 @@ CONFIG_THINKPAD_ACPI_ALSA_SUPPORT=y
# CONFIG_THINKPAD_ACPI_UNSAFE_LEDS is not set
CONFIG_THINKPAD_ACPI_VIDEO=y
CONFIG_THINKPAD_ACPI_HOTKEY_POLL=y
-CONFIG_INTEL_ATOMISP2_LED=m
+CONFIG_THINKPAD_LMI=m
+CONFIG_X86_PLATFORM_DRIVERS_INTEL=y
CONFIG_INTEL_CHT_INT33FE=m
+CONFIG_INTEL_SKL_INT3472=m
+CONFIG_INTEL_ATOMISP2_LED=m
CONFIG_INTEL_HID_EVENT=m
CONFIG_INTEL_INT0002_VGPIO=m
CONFIG_INTEL_MENLOW=m
@@ -8099,6 +8151,7 @@ CONFIG_SYSTEM76_ACPI=m
CONFIG_TOPSTAR_LAPTOP=m
CONFIG_I2C_MULTI_INSTANTIATE=m
CONFIG_MLX_PLATFORM=m
+CONFIG_FW_ATTR_CLASS=m
CONFIG_INTEL_IPS=m
CONFIG_INTEL_RST=m
CONFIG_INTEL_SMARTCONNECT=m
@@ -8167,15 +8220,24 @@ CONFIG_SURFACE_PRO3_BUTTON=m
CONFIG_SURFACE_AGGREGATOR=m
CONFIG_SURFACE_AGGREGATOR_BUS=y
CONFIG_HAVE_CLK=y
-CONFIG_CLKDEV_LOOKUP=y
CONFIG_HAVE_CLK_PREPARE=y
CONFIG_COMMON_CLK=y
+
+#
+# Clock driver for ARM Reference designs
+#
+# CONFIG_ICST is not set
+# CONFIG_CLK_SP810 is not set
+# end of Clock driver for ARM Reference designs
+
+# CONFIG_LMK04832 is not set
# CONFIG_COMMON_CLK_MAX9485 is not set
# CONFIG_COMMON_CLK_SI5341 is not set
CONFIG_COMMON_CLK_SI5351=m
CONFIG_COMMON_CLK_SI544=m
CONFIG_COMMON_CLK_CDCE706=m
CONFIG_COMMON_CLK_CS2000_CP=m
+# CONFIG_COMMON_CLK_PWM is not set
CONFIG_XILINX_VCU=m
CONFIG_HWSPINLOCK=y
@@ -8204,6 +8266,7 @@ CONFIG_IOMMU_IO_PGTABLE=y
# CONFIG_IOMMU_DEBUGFS is not set
# CONFIG_IOMMU_DEFAULT_PASSTHROUGH is not set
CONFIG_IOMMU_DMA=y
+CONFIG_IOMMU_SVA_LIB=y
CONFIG_AMD_IOMMU=y
CONFIG_AMD_IOMMU_V2=m
CONFIG_DMAR_TABLE=y
@@ -8214,6 +8277,7 @@ CONFIG_INTEL_IOMMU_FLOPPY_WA=y
CONFIG_INTEL_IOMMU_SCALABLE_MODE_DEFAULT_ON=y
CONFIG_IRQ_REMAP=y
CONFIG_HYPERV_IOMMU=y
+CONFIG_VIRTIO_IOMMU=m
#
# Remoteproc drivers
@@ -8351,6 +8415,8 @@ CONFIG_DA280=m
CONFIG_DA311=m
CONFIG_DMARD09=m
CONFIG_DMARD10=m
+# CONFIG_FXLS8962AF_I2C is not set
+# CONFIG_FXLS8962AF_SPI is not set
CONFIG_HID_SENSOR_ACCEL_3D=m
CONFIG_IIO_ST_ACCEL_3AXIS=m
CONFIG_IIO_ST_ACCEL_I2C_3AXIS=m
@@ -8371,6 +8437,7 @@ CONFIG_MMA9553=m
CONFIG_MXC4005=m
CONFIG_MXC6255=m
# CONFIG_SCA3000 is not set
+CONFIG_SCA3300=m
CONFIG_STK8312=m
CONFIG_STK8BA50=m
# end of Accelerometers
@@ -8430,6 +8497,7 @@ CONFIG_TI_ADS1015=m
# CONFIG_TI_ADS131E08 is not set
CONFIG_TI_AM335X_ADC=m
# CONFIG_TI_TLC4541 is not set
+CONFIG_TI_TSC2046=m
CONFIG_VIPERBOARD_ADC=m
CONFIG_XILINX_XADC=m
# end of Analog to digital converters
@@ -8465,7 +8533,8 @@ CONFIG_SCD30_CORE=m
CONFIG_SCD30_I2C=m
CONFIG_SCD30_SERIAL=m
# CONFIG_SENSIRION_SGP30 is not set
-# CONFIG_SPS30 is not set
+# CONFIG_SPS30_I2C is not set
+# CONFIG_SPS30_SERIAL is not set
# CONFIG_VZ89X is not set
# end of Chemical Sensors
@@ -8631,6 +8700,7 @@ CONFIG_INV_ICM42600_SPI=m
# CONFIG_INV_MPU6050_I2C is not set
# CONFIG_INV_MPU6050_SPI is not set
# CONFIG_IIO_ST_LSM6DSX is not set
+# CONFIG_IIO_ST_LSM9DS0 is not set
# end of Inertial measurement units
CONFIG_IIO_ADIS_LIB=m
@@ -8680,6 +8750,7 @@ CONFIG_TCS3414=m
CONFIG_TCS3472=m
CONFIG_SENSORS_TSL2563=m
CONFIG_TSL2583=m
+# CONFIG_TSL2591 is not set
CONFIG_TSL2772=m
CONFIG_TSL4531=m
CONFIG_US5182D=m
@@ -8828,6 +8899,7 @@ CONFIG_MLX90614=m
CONFIG_MLX90632=m
CONFIG_TMP006=m
CONFIG_TMP007=m
+CONFIG_TMP117=m
CONFIG_TSYS01=m
CONFIG_TSYS02D=m
# CONFIG_MAX31856 is not set
@@ -8845,7 +8917,16 @@ CONFIG_NTB_TOOL=m
CONFIG_NTB_PERF=m
CONFIG_NTB_TRANSPORT=m
# CONFIG_VME_BUS is not set
-# CONFIG_PWM is not set
+CONFIG_PWM=y
+CONFIG_PWM_SYSFS=y
+# CONFIG_PWM_DEBUG is not set
+CONFIG_PWM_CROS_EC=m
+CONFIG_PWM_DWC=m
+# CONFIG_PWM_LP3943 is not set
+CONFIG_PWM_LPSS=m
+CONFIG_PWM_LPSS_PCI=m
+CONFIG_PWM_LPSS_PLATFORM=m
+# CONFIG_PWM_PCA9685 is not set
#
# IRQ chip support
@@ -8861,6 +8942,7 @@ CONFIG_RESET_CONTROLLER=y
#
CONFIG_GENERIC_PHY=y
CONFIG_USB_LGM_PHY=m
+# CONFIG_PHY_CAN_TRANSCEIVER is not set
# CONFIG_BCM_KONA_USB2_PHY is not set
# CONFIG_PHY_PXA_28NM_HSIC is not set
# CONFIG_PHY_PXA_28NM_USB2 is not set
@@ -9126,6 +9208,8 @@ CONFIG_TMPFS_XATTR=y
CONFIG_TMPFS_INODE64=y
CONFIG_HUGETLBFS=y
CONFIG_HUGETLB_PAGE=y
+CONFIG_HUGETLB_PAGE_FREE_VMEMMAP=y
+# CONFIG_HUGETLB_PAGE_FREE_VMEMMAP_DEFAULT_ON is not set
CONFIG_MEMFD_CREATE=y
CONFIG_ARCH_HAS_GIGANTIC_PAGE=y
CONFIG_CONFIGFS_FS=y
@@ -9808,7 +9892,6 @@ CONFIG_ARCH_STACKWALK=y
CONFIG_SBITMAP=y
CONFIG_PARMAN=m
CONFIG_OBJAGG=m
-# CONFIG_STRING_SELFTEST is not set
# end of Library routines
CONFIG_PLDMFW=y
@@ -9823,6 +9906,7 @@ CONFIG_ASN1_ENCODER=y
#
CONFIG_PRINTK_TIME=y
# CONFIG_PRINTK_CALLER is not set
+# CONFIG_STACKTRACE_BUILD_ID is not set
CONFIG_CONSOLE_LOGLEVEL_DEFAULT=7
CONFIG_CONSOLE_LOGLEVEL_QUIET=4
CONFIG_MESSAGE_LOGLEVEL_DEFAULT=4
@@ -9843,7 +9927,7 @@ CONFIG_STRIP_ASM_SYMS=y
# CONFIG_HEADERS_INSTALL is not set
# CONFIG_DEBUG_SECTION_MISMATCH is not set
CONFIG_SECTION_MISMATCH_WARN_ONLY=y
-# CONFIG_DEBUG_FORCE_FUNCTION_ALIGN_32B is not set
+# CONFIG_DEBUG_FORCE_FUNCTION_ALIGN_64B is not set
CONFIG_STACK_VALIDATION=y
# CONFIG_VMLINUX_MAP is not set
# CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set
@@ -9865,6 +9949,8 @@ CONFIG_HAVE_ARCH_KGDB=y
CONFIG_ARCH_HAS_UBSAN_SANITIZE_ALL=y
# CONFIG_UBSAN is not set
CONFIG_HAVE_ARCH_KCSAN=y
+CONFIG_HAVE_KCSAN_COMPILER=y
+# CONFIG_KCSAN is not set
# end of Generic Kernel Debugging Instruments
CONFIG_DEBUG_KERNEL=y
@@ -9980,7 +10066,6 @@ CONFIG_STACKTRACE=y
CONFIG_RCU_CPU_STALL_TIMEOUT=60
# CONFIG_RCU_TRACE is not set
# CONFIG_RCU_EQS_DEBUG is not set
-# CONFIG_RCU_STRICT_GRACE_PERIOD is not set
# end of RCU Debugging
# CONFIG_DEBUG_WQ_FORCE_RR_CPU is not set
@@ -10014,11 +10099,14 @@ CONFIG_FUNCTION_GRAPH_TRACER=y
CONFIG_DYNAMIC_FTRACE=y
CONFIG_DYNAMIC_FTRACE_WITH_REGS=y
CONFIG_DYNAMIC_FTRACE_WITH_DIRECT_CALLS=y
+CONFIG_DYNAMIC_FTRACE_WITH_ARGS=y
# CONFIG_FUNCTION_PROFILER is not set
# CONFIG_STACK_TRACER is not set
# CONFIG_IRQSOFF_TRACER is not set
# CONFIG_SCHED_TRACER is not set
# CONFIG_HWLAT_TRACER is not set
+# CONFIG_OSNOISE_TRACER is not set
+# CONFIG_TIMERLAT_TRACER is not set
# CONFIG_MMIOTRACE is not set
# CONFIG_FTRACE_SYSCALLS is not set
# CONFIG_TRACER_SNAPSHOT is not set
@@ -10090,7 +10178,6 @@ CONFIG_CC_HAS_SANCOV_TRACE_PC=y
# CONFIG_KCOV is not set
CONFIG_RUNTIME_TESTING_MENU=y
# CONFIG_LKDTM is not set
-# CONFIG_TEST_LIST_SORT is not set
# CONFIG_TEST_MIN_HEAP is not set
# CONFIG_TEST_SORT is not set
# CONFIG_TEST_DIV64 is not set
@@ -10102,10 +10189,12 @@ CONFIG_RUNTIME_TESTING_MENU=y
CONFIG_ATOMIC64_SELFTEST=y
CONFIG_ASYNC_RAID6_TEST=m
CONFIG_TEST_HEXDUMP=m
+# CONFIG_STRING_SELFTEST is not set
# CONFIG_TEST_STRING_HELPERS is not set
# CONFIG_TEST_STRSCPY is not set
# CONFIG_TEST_KSTRTOX is not set
# CONFIG_TEST_PRINTF is not set
+# CONFIG_TEST_SCANF is not set
# CONFIG_TEST_BITMAP is not set
# CONFIG_TEST_UUID is not set
# CONFIG_TEST_XARRAY is not set
@@ -10133,6 +10222,7 @@ CONFIG_TEST_UDELAY=m
# CONFIG_TEST_HMM is not set
# CONFIG_TEST_FREE_PAGES is not set
# CONFIG_TEST_FPU is not set
+# CONFIG_TEST_CLOCKSOURCE_WATCHDOG is not set
CONFIG_ARCH_USE_MEMTEST=y
CONFIG_MEMTEST=y
# CONFIG_HYPERV_TESTING is not set
diff --git a/system/xen/dom0/kernel-xen.sh b/system/xen/dom0/kernel-xen.sh
index e36770798bf61..b72d2e74b5514 100644
--- a/system/xen/dom0/kernel-xen.sh
+++ b/system/xen/dom0/kernel-xen.sh
@@ -5,8 +5,8 @@
# Written by Chris Abela <chris.abela@maltats.com>, 20100515
# Modified by Mario Preksavec <mario@slackware.hr>
-KERNEL=${KERNEL:-5.13.8}
-XEN=${XEN:-4.15.0}
+KERNEL=${KERNEL:-5.14.12}
+XEN=${XEN:-4.15.1}
ROOTMOD=${ROOTMOD:-ext4}
ROOTFS=${ROOTFS:-ext4}
diff --git a/system/xen/domU/domU.sh b/system/xen/domU/domU.sh
index f1878f30ebbe3..2abcf652f7017 100644
--- a/system/xen/domU/domU.sh
+++ b/system/xen/domU/domU.sh
@@ -7,7 +7,7 @@
set -e
-KERNEL=${KERNEL:-5.13.8}
+KERNEL=${KERNEL:-5.14.12}
# Build an image for the root file system and another for the swap
# Default values : 8GB and 500MB resepectively.
diff --git a/system/xen/patches/ac9d413015d3bcf1e8f31cda764590b3ee949bc1.patch b/system/xen/patches/ac9d413015d3bcf1e8f31cda764590b3ee949bc1.patch
deleted file mode 100644
index 32dcd6771362e..0000000000000
--- a/system/xen/patches/ac9d413015d3bcf1e8f31cda764590b3ee949bc1.patch
+++ /dev/null
@@ -1,72 +0,0 @@
-From ac9d413015d3bcf1e8f31cda764590b3ee949bc1 Mon Sep 17 00:00:00 2001
-From: Olaf Hering <olaf@aepfle.de>
-Date: Wed, 17 Jun 2020 08:13:49 +0200
-Subject: [PATCH] stubdom/vtpmmgr: simplify handling of hardware_version
-
-Remove complicated code which deals with a simple boolean, to make gcc10 happy.
-
-ld: /home/abuild/rpmbuild/BUILD/xen-4.14.20200616T103126.3625b04991/non-dbg/stubdom/vtpmmgr/vtpmmgr.a(vtpm_cmd_handler.o):(.bss+0x0): multiple definition of `tpm_version'; /home/abuild/rpmbuild/BUILD/xen-4.14.20200616T103126.3625b04991/non-dbg/stubdom/vtpmmgr/vtpmmgr.a(vtpmmgr.o):(.bss+0x0): first defined here
-
-Signed-off-by: Olaf Hering <olaf@aepfle.de>
-Message-Id: <20200617061349.7623-1-olaf@aepfle.de>
-Acked-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
-Reviewed-by: Jason Andryuk <jandryuk@gmail.com>
----
- stubdom/vtpmmgr/vtpmmgr.c | 8 +++-----
- stubdom/vtpmmgr/vtpmmgr.h | 9 ---------
- 2 files changed, 3 insertions(+), 14 deletions(-)
-
-diff --git a/stubdom/vtpmmgr/vtpmmgr.c b/stubdom/vtpmmgr/vtpmmgr.c
-index 9fddaa24f818..94578adbffdd 100644
---- a/stubdom/vtpmmgr/vtpmmgr.c
-+++ b/stubdom/vtpmmgr/vtpmmgr.c
-@@ -45,9 +45,7 @@
- #include "vtpmmgr.h"
- #include "tcg.h"
-
--struct tpm_hardware_version hardware_version = {
-- .hw_version = TPM1_HARDWARE,
--};
-+static int hardware_version;
-
- int parse_cmdline_hw(int argc, char** argv)
- {
-@@ -55,7 +53,7 @@ int parse_cmdline_hw(int argc, char** argv)
-
- for (i = 1; i < argc; ++i) {
- if (!strcmp(argv[i], TPM2_EXTRA_OPT)) {
-- hardware_version.hw_version = TPM2_HARDWARE;
-+ hardware_version = 2;
- break;
- }
- }
-@@ -64,7 +62,7 @@ int parse_cmdline_hw(int argc, char** argv)
-
- int hw_is_tpm2(void)
- {
-- return (hardware_version.hw_version == TPM2_HARDWARE) ? 1 : 0;
-+ return hardware_version == 2 ? 1 : 0;
- }
-
- void main_loop(void) {
-diff --git a/stubdom/vtpmmgr/vtpmmgr.h b/stubdom/vtpmmgr/vtpmmgr.h
-index 2e6f8de9e435..6523604bdcf2 100644
---- a/stubdom/vtpmmgr/vtpmmgr.h
-+++ b/stubdom/vtpmmgr/vtpmmgr.h
-@@ -50,16 +50,7 @@
- #define RSA_KEY_SIZE 0x0800
- #define RSA_CIPHER_SIZE (RSA_KEY_SIZE / 8)
-
--enum {
-- TPM1_HARDWARE = 1,
-- TPM2_HARDWARE,
--} tpm_version;
-
--struct tpm_hardware_version {
-- int hw_version;
--};
--
--extern struct tpm_hardware_version hardware_version;
-
- struct vtpm_globals {
- int tpm_fd;
diff --git a/system/xen/patches/edk2-ovmf-202105-werror.patch b/system/xen/patches/edk2-ovmf-202105-werror.patch
new file mode 100644
index 0000000000000..db71faed77286
--- /dev/null
+++ b/system/xen/patches/edk2-ovmf-202105-werror.patch
@@ -0,0 +1,38 @@
+diff --git a/BaseTools/Conf/tools_def.template b/BaseTools/Conf/tools_def.template
+index 498696e..8a360f4 100755
+--- a/BaseTools/Conf/tools_def.template
++++ b/BaseTools/Conf/tools_def.template
+@@ -1863,7 +1863,7 @@ NOOPT_*_*_OBJCOPY_ADDDEBUGFLAG = --add-gnu-debuglink=$(DEBUG_DIR)/$(MODULE_N
+ *_*_*_DTCPP_PATH = DEF(DTCPP_BIN)
+ *_*_*_DTC_PATH = DEF(DTC_BIN)
+
+-DEFINE GCC_ALL_CC_FLAGS = -g -Os -fshort-wchar -fno-builtin -fno-strict-aliasing -Wall -Werror -Wno-array-bounds -include AutoGen.h -fno-common
++DEFINE GCC_ALL_CC_FLAGS = -g -Os -fshort-wchar -fno-builtin -fno-strict-aliasing -Wall -Wno-array-bounds -include AutoGen.h -fno-common
+ DEFINE GCC_IA32_CC_FLAGS = DEF(GCC_ALL_CC_FLAGS) -m32 -malign-double -freorder-blocks -freorder-blocks-and-partition -O2 -mno-stack-arg-probe
+ DEFINE GCC_X64_CC_FLAGS = DEF(GCC_ALL_CC_FLAGS) -mno-red-zone -Wno-address -mno-stack-arg-probe
+ DEFINE GCC_ARM_CC_FLAGS = DEF(GCC_ALL_CC_FLAGS) -mlittle-endian -mabi=aapcs -fno-short-enums -funsigned-char -ffunction-sections -fdata-sections -fomit-frame-pointer -Wno-address -mthumb -mfloat-abi=soft -fno-pic -fno-pie
+diff --git a/BaseTools/Source/C/Makefiles/header.makefile b/BaseTools/Source/C/Makefiles/header.makefile
+index 0df728f..49f9706 100644
+--- a/BaseTools/Source/C/Makefiles/header.makefile
++++ b/BaseTools/Source/C/Makefiles/header.makefile
+@@ -82,17 +82,17 @@ BUILD_OPTFLAGS = -O2 $(EXTRA_OPTFLAGS)
+
+ ifeq ($(DARWIN),Darwin)
+ # assume clang or clang compatible flags on OS X
+-BUILD_CFLAGS = -MD -fshort-wchar -fno-strict-aliasing -Wall -Werror \
++BUILD_CFLAGS = -MD -fshort-wchar -fno-strict-aliasing -Wall \
+ -Wno-deprecated-declarations -Wno-self-assign -Wno-unused-result -nostdlib -g
+ else
+ ifeq ($(CXX), llvm)
+ BUILD_CFLAGS = -MD -fshort-wchar -fno-strict-aliasing -fwrapv \
+--fno-delete-null-pointer-checks -Wall -Werror \
++-fno-delete-null-pointer-checks -Wall \
+ -Wno-deprecated-declarations -Wno-self-assign \
+ -Wno-unused-result -nostdlib -g
+ else
+ BUILD_CFLAGS = -MD -fshort-wchar -fno-strict-aliasing -fwrapv \
+--fno-delete-null-pointer-checks -Wall -Werror \
++-fno-delete-null-pointer-checks -Wall \
+ -Wno-deprecated-declarations -Wno-stringop-truncation -Wno-restrict \
+ -Wno-unused-result -nostdlib -g
+ endif
diff --git a/system/xen/patches/tools-ipxe-update-for-fixing-build-with-GCC11.diff b/system/xen/patches/tools-ipxe-update-for-fixing-build-with-GCC11.diff
new file mode 100644
index 0000000000000..b7fab4dd6eaa4
--- /dev/null
+++ b/system/xen/patches/tools-ipxe-update-for-fixing-build-with-GCC11.diff
@@ -0,0 +1,13 @@
+diff --git a/tools/firmware/etherboot/Makefile b/tools/firmware/etherboot/Makefile
+index ed9e11305f..4bc3633ba3 100644
+--- a/tools/firmware/etherboot/Makefile
++++ b/tools/firmware/etherboot/Makefile
+@@ -10,7 +10,8 @@ else
+ IPXE_GIT_URL ?= git://git.ipxe.org/ipxe.git
+ endif
+
+-IPXE_GIT_TAG := 988d2c13cdf0f0b4140685af35ced70ac5b3283c
++# put an updated tar.gz on xenbits after changes to this variable
++IPXE_GIT_TAG := 3c040ad387099483102708bb1839110bc788cefb
+
+ IPXE_TARBALL_URL ?= $(XEN_EXTFILES_URL)/ipxe-git-$(IPXE_GIT_TAG).tar.gz
diff --git a/system/xen/xen.SlackBuild b/system/xen/xen.SlackBuild
index ad33633ef05a1..79b5560783f2e 100644
--- a/system/xen/xen.SlackBuild
+++ b/system/xen/xen.SlackBuild
@@ -25,14 +25,14 @@
cd $(dirname $0) ; CWD=$(pwd)
PRGNAM=xen
-VERSION=${VERSION:-4.15.0}
+VERSION=${VERSION:-4.15.1}
BUILD=${BUILD:-1}
TAG=${TAG:-_SBo}
PKGTYPE=${PKGTYPE:-tgz}
SEABIOS=${SEABIOS:-1.14.0}
OVMF=${OVMF:-20200807_a3741780fe}
-IPXE=${IPXE:-988d2c13cdf0f0b4140685af35ced70ac5b3283c}
+IPXE=${IPXE:-3c040ad387099483102708bb1839110bc788cefb}
if [ -z "$ARCH" ]; then
case "$( uname -m )" in
@@ -180,10 +180,15 @@ fi
patch -p1 <$CWD/patches/0001-BaseTools-fix-ucs-2-lookup-on-python-3.9.patch
patch -p1 <$CWD/patches/0002-BaseTools-Work-around-array.array.tostring-removal-i.patch
patch -p1 <$CWD/patches/0003-BaseTools-replace-deprecated-fromstring-and-tostring.diff
+ patch -p1 <$CWD/patches/edk2-ovmf-202105-werror.patch
)
# Fix binutils-2.36 build
-patch -p1 <$CWD/patches/qemu-xen-no-pie.diff
+if [ "$(objcopy --version | awk '{print $NF; exit}' | cut -d- -f1)" = "2.36" ]; then
+ patch -p1 <$CWD/patches/qemu-xen-no-pie.diff
+fi
+
+patch -p1 <$CWD/patches/tools-ipxe-update-for-fixing-build-with-GCC11.diff
CFLAGS="$SLKCFLAGS" \
CXXFLAGS="$SLKCFLAGS" \
diff --git a/system/xen/xen.info b/system/xen/xen.info
index a947091453ce7..155f26c33b60e 100644
--- a/system/xen/xen.info
+++ b/system/xen/xen.info
@@ -1,8 +1,8 @@
PRGNAM="xen"
-VERSION="4.15.0"
+VERSION="4.15.1"
HOMEPAGE="http://www.xenproject.org/"
-DOWNLOAD="http://mirror.slackware.hr/sources/xen/xen-4.15.0.tar.gz \
- http://mirror.slackware.hr/sources/xen-extfiles/ipxe-git-988d2c13cdf0f0b4140685af35ced70ac5b3283c.tar.gz \
+DOWNLOAD="http://mirror.slackware.hr/sources/xen/xen-4.15.1.tar.gz \
+ http://mirror.slackware.hr/sources/xen-extfiles/ipxe-git-3c040ad387099483102708bb1839110bc788cefb.tar.gz \
http://mirror.slackware.hr/sources/xen-extfiles/lwip-1.3.0.tar.gz \
http://mirror.slackware.hr/sources/xen-extfiles/zlib-1.2.3.tar.gz \
http://mirror.slackware.hr/sources/xen-extfiles/newlib-1.16.0.tar.gz \
@@ -13,8 +13,8 @@ DOWNLOAD="http://mirror.slackware.hr/sources/xen/xen-4.15.0.tar.gz \
http://mirror.slackware.hr/sources/xen-extfiles/tpm_emulator-0.7.4.tar.gz \
http://mirror.slackware.hr/sources/xen-seabios/seabios-1.14.0.tar.gz \
http://mirror.slackware.hr/sources/xen-ovmf/xen-ovmf-20200807_a3741780fe.tar.bz2"
-MD5SUM="899d5b9dd6725543cf3b224de9a5d27a \
- 1c3f5c0d6d824697361481aa7004fc5b \
+MD5SUM="c5682bf508481421cf4a852a6c9efc4f \
+ 23ba00d5e2c5b4343d12665af73e1cb5 \
36cc57650cffda9a0269493be2a169bb \
debc62758716a169df9f62e6ab2bc634 \
bf8f1f9e3ca83d732c00a79a6ef29bc4 \
diff --git a/system/xen/xsa/xsa372-4.15-0001-xen-arm-Create-dom0less-domUs-earlier.patch b/system/xen/xsa/xsa372-4.15-0001-xen-arm-Create-dom0less-domUs-earlier.patch
deleted file mode 100644
index a21dba440c57b..0000000000000
--- a/system/xen/xsa/xsa372-4.15-0001-xen-arm-Create-dom0less-domUs-earlier.patch
+++ /dev/null
@@ -1,85 +0,0 @@
-From b1e5a89f19d9919c3eae17ab9c6a663b0801ad9c Mon Sep 17 00:00:00 2001
-From: Julien Grall <jgrall@amazon.com>
-Date: Mon, 17 May 2021 17:47:13 +0100
-Subject: [PATCH 1/2] xen/arm: Create dom0less domUs earlier
-
-In a follow-up patch we will need to unallocate the boot modules
-before heap_init_late() is called.
-
-The modules will contain the domUs kernel and initramfs. Therefore Xen
-will need to create extra domUs (used by dom0less) before heap_init_late().
-
-This has two consequences on dom0less:
- 1) Domains will not be unpaused as soon as they are created but
- once all have been created. However, Xen doesn't guarantee an order
- to unpause, so this is not something one could rely on.
-
- 2) The memory allocated for a domU will not be scrubbed anymore when an
- admin select bootscrub=on. This is not something we advertised, but if
- this is a concern we can introduce either force scrub for all domUs or
- a per-domain flag in the DT. The behavior for bootscrub=off and
- bootscrub=idle (default) has not changed.
-
-This is part of XSA-372 / CVE-2021-28693.
-
-Signed-off-by: Julien Grall <jgrall@amazon.com>
-Reviewed-by: Jan Beulich <jbeulich@suse.com>
-Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
-Tested-by: Stefano Stabellini <sstabellini@kernel.org>
----
- xen/arch/arm/domain_build.c | 2 --
- xen/arch/arm/setup.c | 11 ++++++-----
- 2 files changed, 6 insertions(+), 7 deletions(-)
-
-diff --git a/xen/arch/arm/domain_build.c b/xen/arch/arm/domain_build.c
-index 374bf655ee34..4203ddcca0e3 100644
---- a/xen/arch/arm/domain_build.c
-+++ b/xen/arch/arm/domain_build.c
-@@ -2515,8 +2515,6 @@ void __init create_domUs(void)
-
- if ( construct_domU(d, node) != 0 )
- panic("Could not set up domain %s\n", dt_node_name(node));
--
-- domain_unpause_by_systemcontroller(d);
- }
- }
-
-diff --git a/xen/arch/arm/setup.c b/xen/arch/arm/setup.c
-index 2532ec973913..441e0e16e9f0 100644
---- a/xen/arch/arm/setup.c
-+++ b/xen/arch/arm/setup.c
-@@ -804,7 +804,7 @@ void __init start_xen(unsigned long boot_phys_offset,
- int cpus, i;
- const char *cmdline;
- struct bootmodule *xen_bootmodule;
-- struct domain *dom0;
-+ struct domain *dom0, *d;
- struct xen_domctl_createdomain dom0_cfg = {
- .flags = XEN_DOMCTL_CDF_hvm | XEN_DOMCTL_CDF_hap,
- .max_evtchn_port = -1,
-@@ -987,6 +987,9 @@ void __init start_xen(unsigned long boot_phys_offset,
- if ( construct_dom0(dom0) != 0)
- panic("Could not set up DOM0 guest OS\n");
-
-+ if ( acpi_disabled )
-+ create_domUs();
-+
- heap_init_late();
-
- init_trace_bufs();
-@@ -1000,10 +1003,8 @@ void __init start_xen(unsigned long boot_phys_offset,
-
- system_state = SYS_STATE_active;
-
-- if ( acpi_disabled )
-- create_domUs();
--
-- domain_unpause_by_systemcontroller(dom0);
-+ for_each_domain( d )
-+ domain_unpause_by_systemcontroller(d);
-
- /* Switch on to the dynamically allocated stack for the idle vcpu
- * since the static one we're running on is about to be freed. */
---
-2.17.1
-
diff --git a/system/xen/xsa/xsa372-4.15-0002-xen-arm-Boot-modules-should-always-be-scrubbed-if-bo.patch b/system/xen/xsa/xsa372-4.15-0002-xen-arm-Boot-modules-should-always-be-scrubbed-if-bo.patch
deleted file mode 100644
index 9c322b18a5048..0000000000000
--- a/system/xen/xsa/xsa372-4.15-0002-xen-arm-Boot-modules-should-always-be-scrubbed-if-bo.patch
+++ /dev/null
@@ -1,59 +0,0 @@
-From 09bb28bdef3fb5e7d08bdd641601ca0c0d4d82b4 Mon Sep 17 00:00:00 2001
-From: Julien Grall <jgrall@amazon.com>
-Date: Sat, 17 Apr 2021 17:38:28 +0100
-Subject: [PATCH 2/2] xen/arm: Boot modules should always be scrubbed if
- bootscrub={on, idle}
-
-The function to initialize the pages (see init_heap_pages()) will request
-scrub when the admin request idle bootscrub (default) and state ==
-SYS_STATE_active. When bootscrub=on, Xen will scrub any free pages in
-heap_init_late().
-
-Currently, the boot modules (e.g. kernels, initramfs) will be discarded/
-freed after heap_init_late() is called and system_state switched to
-SYS_STATE_active. This means the pages associated with the boot modules
-will not get scrubbed before getting re-purposed.
-
-If the memory is assigned to an untrusted domU, it may be able to
-retrieve secrets from the modules.
-
-This is part of XSA-372 / CVE-2021-28693.
-
-Fixes: 1774e9b1df27 ("xen/arm: introduce create_domUs")
-Signed-off-by: Julien Grall <jgrall@amazon.com>
-Reviewed-by: Jan Beulich <jbeulich@suse.com>
-Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
-Tested-by: Stefano Stabellini <sstabellini@kernel.org>
----
- xen/arch/arm/setup.c | 8 ++++++--
- 1 file changed, 6 insertions(+), 2 deletions(-)
-
-diff --git a/xen/arch/arm/setup.c b/xen/arch/arm/setup.c
-index 441e0e16e9f0..8afb78f2c985 100644
---- a/xen/arch/arm/setup.c
-+++ b/xen/arch/arm/setup.c
-@@ -72,8 +72,6 @@ domid_t __read_mostly max_init_domid;
-
- static __used void init_done(void)
- {
-- discard_initial_modules();
--
- /* Must be done past setting system_state. */
- unregister_init_virtual_region();
-
-@@ -990,6 +988,12 @@ void __init start_xen(unsigned long boot_phys_offset,
- if ( acpi_disabled )
- create_domUs();
-
-+ /*
-+ * This needs to be called **before** heap_init_late() so modules
-+ * will be scrubbed (unless suppressed).
-+ */
-+ discard_initial_modules();
-+
- heap_init_late();
-
- init_trace_bufs();
---
-2.17.1
-
diff --git a/system/xen/xsa/xsa373-4.15-1.patch b/system/xen/xsa/xsa373-4.15-1.patch
deleted file mode 100644
index ee5229a11c426..0000000000000
--- a/system/xen/xsa/xsa373-4.15-1.patch
+++ /dev/null
@@ -1,120 +0,0 @@
-From: Jan Beulich <jbeulich@suse.com>
-Subject: VT-d: size qinval queue dynamically
-
-With the present synchronous model, we need two slots for every
-operation (the operation itself and a wait descriptor). There can be
-one such pair of requests pending per CPU. To ensure that under all
-normal circumstances a slot is always available when one is requested,
-size the queue ring according to the number of present CPUs.
-
-This is part of XSA-373 / CVE-2021-28692.
-
-Signed-off-by: Jan Beulich <jbeulich@suse.com>
-Reviewed-by: Paul Durrant <paul@xen.org>
-
---- a/xen/drivers/passthrough/vtd/iommu.h
-+++ b/xen/drivers/passthrough/vtd/iommu.h
-@@ -450,17 +450,9 @@ struct qinval_entry {
- }q;
- };
-
--/* Order of queue invalidation pages(max is 8) */
--#define QINVAL_PAGE_ORDER 2
--
--#define QINVAL_ARCH_PAGE_ORDER (QINVAL_PAGE_ORDER + PAGE_SHIFT_4K - PAGE_SHIFT)
--#define QINVAL_ARCH_PAGE_NR ( QINVAL_ARCH_PAGE_ORDER < 0 ? \
-- 1 : \
-- 1 << QINVAL_ARCH_PAGE_ORDER )
--
- /* Each entry is 16 bytes, so 2^8 entries per page */
- #define QINVAL_ENTRY_ORDER ( PAGE_SHIFT - 4 )
--#define QINVAL_ENTRY_NR (1 << (QINVAL_PAGE_ORDER + 8))
-+#define QINVAL_MAX_ENTRY_NR (1u << (7 + QINVAL_ENTRY_ORDER))
-
- /* Status data flag */
- #define QINVAL_STAT_INIT 0
---- a/xen/drivers/passthrough/vtd/qinval.c
-+++ b/xen/drivers/passthrough/vtd/qinval.c
-@@ -31,6 +31,9 @@
-
- #define VTD_QI_TIMEOUT 1
-
-+static unsigned int __read_mostly qi_pg_order;
-+static unsigned int __read_mostly qi_entry_nr;
-+
- static int __must_check invalidate_sync(struct vtd_iommu *iommu);
-
- static void print_qi_regs(struct vtd_iommu *iommu)
-@@ -55,7 +58,7 @@ static unsigned int qinval_next_index(st
- tail >>= QINVAL_INDEX_SHIFT;
-
- /* (tail+1 == head) indicates a full queue, wait for HW */
-- while ( ( tail + 1 ) % QINVAL_ENTRY_NR ==
-+ while ( ((tail + 1) & (qi_entry_nr - 1)) ==
- ( dmar_readq(iommu->reg, DMAR_IQH_REG) >> QINVAL_INDEX_SHIFT ) )
- cpu_relax();
-
-@@ -68,7 +71,7 @@ static void qinval_update_qtail(struct v
-
- /* Need hold register lock when update tail */
- ASSERT( spin_is_locked(&iommu->register_lock) );
-- val = (index + 1) % QINVAL_ENTRY_NR;
-+ val = (index + 1) & (qi_entry_nr - 1);
- dmar_writeq(iommu->reg, DMAR_IQT_REG, (val << QINVAL_INDEX_SHIFT));
- }
-
-@@ -403,8 +406,28 @@ int enable_qinval(struct vtd_iommu *iomm
-
- if ( iommu->qinval_maddr == 0 )
- {
-- iommu->qinval_maddr = alloc_pgtable_maddr(QINVAL_ARCH_PAGE_NR,
-- iommu->node);
-+ if ( !qi_entry_nr )
-+ {
-+ /*
-+ * With the present synchronous model, we need two slots for every
-+ * operation (the operation itself and a wait descriptor). There
-+ * can be one such pair of requests pending per CPU. One extra
-+ * entry is needed as the ring is considered full when there's
-+ * only one entry left.
-+ */
-+ BUILD_BUG_ON(CONFIG_NR_CPUS * 2 >= QINVAL_MAX_ENTRY_NR);
-+ qi_pg_order = get_order_from_bytes((num_present_cpus() * 2 + 1) <<
-+ (PAGE_SHIFT -
-+ QINVAL_ENTRY_ORDER));
-+ qi_entry_nr = 1u << (qi_pg_order + QINVAL_ENTRY_ORDER);
-+
-+ dprintk(XENLOG_INFO VTDPREFIX,
-+ "QI: using %u-entry ring(s)\n", qi_entry_nr);
-+ }
-+
-+ iommu->qinval_maddr =
-+ alloc_pgtable_maddr(qi_entry_nr >> QINVAL_ENTRY_ORDER,
-+ iommu->node);
- if ( iommu->qinval_maddr == 0 )
- {
- dprintk(XENLOG_WARNING VTDPREFIX,
-@@ -418,15 +441,16 @@ int enable_qinval(struct vtd_iommu *iomm
-
- spin_lock_irqsave(&iommu->register_lock, flags);
-
-- /* Setup Invalidation Queue Address(IQA) register with the
-- * address of the page we just allocated. QS field at
-- * bits[2:0] to indicate size of queue is one 4KB page.
-- * That's 256 entries. Queued Head (IQH) and Queue Tail (IQT)
-- * registers are automatically reset to 0 with write
-- * to IQA register.
-+ /*
-+ * Setup Invalidation Queue Address (IQA) register with the address of the
-+ * pages we just allocated. The QS field at bits[2:0] indicates the size
-+ * (page order) of the queue.
-+ *
-+ * Queued Head (IQH) and Queue Tail (IQT) registers are automatically
-+ * reset to 0 with write to IQA register.
- */
- dmar_writeq(iommu->reg, DMAR_IQA_REG,
-- iommu->qinval_maddr | QINVAL_PAGE_ORDER);
-+ iommu->qinval_maddr | qi_pg_order);
-
- dmar_writeq(iommu->reg, DMAR_IQT_REG, 0);
-
diff --git a/system/xen/xsa/xsa373-4.15-2.patch b/system/xen/xsa/xsa373-4.15-2.patch
deleted file mode 100644
index d61a3b42bf387..0000000000000
--- a/system/xen/xsa/xsa373-4.15-2.patch
+++ /dev/null
@@ -1,102 +0,0 @@
-From: Jan Beulich <jbeulich@suse.com>
-Subject: AMD/IOMMU: size command buffer dynamically
-
-With the present synchronous model, we need two slots for every
-operation (the operation itself and a wait command). There can be one
-such pair of commands pending per CPU. To ensure that under all normal
-circumstances a slot is always available when one is requested, size the
-command ring according to the number of present CPUs.
-
-This is part of XSA-373 / CVE-2021-28692.
-
-Signed-off-by: Jan Beulich <jbeulich@suse.com>
-Reviewed-by: Paul Durrant <paul@xen.org>
-
---- a/xen/drivers/passthrough/amd/iommu-defs.h
-+++ b/xen/drivers/passthrough/amd/iommu-defs.h
-@@ -20,9 +20,6 @@
- #ifndef AMD_IOMMU_DEFS_H
- #define AMD_IOMMU_DEFS_H
-
--/* IOMMU Command Buffer entries: in power of 2 increments, minimum of 256 */
--#define IOMMU_CMD_BUFFER_DEFAULT_ENTRIES 512
--
- /* IOMMU Event Log entries: in power of 2 increments, minimum of 256 */
- #define IOMMU_EVENT_LOG_DEFAULT_ENTRIES 512
-
-@@ -164,8 +161,8 @@ struct amd_iommu_dte {
- #define IOMMU_CMD_BUFFER_LENGTH_MASK 0x0F000000
- #define IOMMU_CMD_BUFFER_LENGTH_SHIFT 24
-
--#define IOMMU_CMD_BUFFER_ENTRY_SIZE 16
--#define IOMMU_CMD_BUFFER_POWER_OF2_ENTRIES_PER_PAGE 8
-+#define IOMMU_CMD_BUFFER_ENTRY_ORDER 4
-+#define IOMMU_CMD_BUFFER_MAX_ENTRIES (1u << 15)
-
- #define IOMMU_CMD_OPCODE_MASK 0xF0000000
- #define IOMMU_CMD_OPCODE_SHIFT 28
---- a/xen/drivers/passthrough/amd/iommu_cmd.c
-+++ b/xen/drivers/passthrough/amd/iommu_cmd.c
-@@ -24,7 +24,7 @@ static int queue_iommu_command(struct am
- {
- uint32_t tail, head;
-
-- tail = iommu->cmd_buffer.tail + IOMMU_CMD_BUFFER_ENTRY_SIZE;
-+ tail = iommu->cmd_buffer.tail + sizeof(cmd_entry_t);
- if ( tail == iommu->cmd_buffer.size )
- tail = 0;
-
-@@ -33,7 +33,7 @@ static int queue_iommu_command(struct am
- if ( head != tail )
- {
- memcpy(iommu->cmd_buffer.buffer + iommu->cmd_buffer.tail,
-- cmd, IOMMU_CMD_BUFFER_ENTRY_SIZE);
-+ cmd, sizeof(cmd_entry_t));
-
- iommu->cmd_buffer.tail = tail;
- return 1;
---- a/xen/drivers/passthrough/amd/iommu_init.c
-+++ b/xen/drivers/passthrough/amd/iommu_init.c
-@@ -118,7 +118,7 @@ static void register_iommu_cmd_buffer_in
- writel(entry, iommu->mmio_base + IOMMU_CMD_BUFFER_BASE_LOW_OFFSET);
-
- power_of2_entries = get_order_from_bytes(iommu->cmd_buffer.size) +
-- IOMMU_CMD_BUFFER_POWER_OF2_ENTRIES_PER_PAGE;
-+ PAGE_SHIFT - IOMMU_CMD_BUFFER_ENTRY_ORDER;
-
- entry = 0;
- iommu_set_addr_hi_to_reg(&entry, addr_hi);
-@@ -1018,9 +1018,31 @@ static void *__init allocate_ring_buffer
- static void * __init allocate_cmd_buffer(struct amd_iommu *iommu)
- {
- /* allocate 'command buffer' in power of 2 increments of 4K */
-+ static unsigned int __read_mostly nr_ents;
-+
-+ if ( !nr_ents )
-+ {
-+ unsigned int order;
-+
-+ /*
-+ * With the present synchronous model, we need two slots for every
-+ * operation (the operation itself and a wait command). There can be
-+ * one such pair of requests pending per CPU. One extra entry is
-+ * needed as the ring is considered full when there's only one entry
-+ * left.
-+ */
-+ BUILD_BUG_ON(CONFIG_NR_CPUS * 2 >= IOMMU_CMD_BUFFER_MAX_ENTRIES);
-+ order = get_order_from_bytes((num_present_cpus() * 2 + 1) <<
-+ IOMMU_CMD_BUFFER_ENTRY_ORDER);
-+ nr_ents = 1u << (order + PAGE_SHIFT - IOMMU_CMD_BUFFER_ENTRY_ORDER);
-+
-+ AMD_IOMMU_DEBUG("using %u-entry cmd ring(s)\n", nr_ents);
-+ }
-+
-+ BUILD_BUG_ON(sizeof(cmd_entry_t) != (1u << IOMMU_CMD_BUFFER_ENTRY_ORDER));
-+
- return allocate_ring_buffer(&iommu->cmd_buffer, sizeof(cmd_entry_t),
-- IOMMU_CMD_BUFFER_DEFAULT_ENTRIES,
-- "Command Buffer", false);
-+ nr_ents, "Command Buffer", false);
- }
-
- static void * __init allocate_event_log(struct amd_iommu *iommu)
diff --git a/system/xen/xsa/xsa373-4.15-3.patch b/system/xen/xsa/xsa373-4.15-3.patch
deleted file mode 100644
index c7ddf5d6441ce..0000000000000
--- a/system/xen/xsa/xsa373-4.15-3.patch
+++ /dev/null
@@ -1,163 +0,0 @@
-From: Jan Beulich <jbeulich@suse.com>
-Subject: VT-d: eliminate flush related timeouts
-
-Leaving an in-progress operation pending when it appears to take too
-long is problematic: If e.g. a QI command completed later, the write to
-the "poll slot" may instead be understood to signal a subsequently
-started command's completion. Also our accounting of the timeout period
-was actually wrong: We included the time it took for the command to
-actually make it to the front of the queue, which could be heavily
-affected by guests other than the one for which the flush is being
-performed.
-
-Do away with all timeout detection on all flush related code paths.
-Log excessively long processing times (with a progressive threshold) to
-have some indication of problems in this area.
-
-Additionally log (once) if qinval_next_index() didn't immediately find
-an available slot. Together with the earlier change sizing the queue(s)
-dynamically, we should now have a guarantee that with our fully
-synchronous model any demand for slots can actually be satisfied.
-
-This is part of XSA-373 / CVE-2021-28692.
-
-Signed-off-by: Jan Beulich <jbeulich@suse.com>
-Reviewed-by: Paul Durrant <paul@xen.org>
-
---- a/xen/drivers/passthrough/vtd/dmar.h
-+++ b/xen/drivers/passthrough/vtd/dmar.h
-@@ -127,6 +127,34 @@ do {
- } \
- } while (0)
-
-+#define IOMMU_FLUSH_WAIT(what, iommu, offset, op, cond, sts) \
-+do { \
-+ static unsigned int __read_mostly threshold = 1; \
-+ s_time_t start = NOW(); \
-+ s_time_t timeout = start + DMAR_OPERATION_TIMEOUT * threshold; \
-+ \
-+ for ( ; ; ) \
-+ { \
-+ sts = op(iommu->reg, offset); \
-+ if ( cond ) \
-+ break; \
-+ if ( timeout && NOW() > timeout ) \
-+ { \
-+ threshold |= threshold << 1; \
-+ printk(XENLOG_WARNING VTDPREFIX \
-+ " IOMMU#%u: %s flush taking too long\n", \
-+ iommu->index, what); \
-+ timeout = 0; \
-+ } \
-+ cpu_relax(); \
-+ } \
-+ \
-+ if ( !timeout ) \
-+ printk(XENLOG_WARNING VTDPREFIX \
-+ " IOMMU#%u: %s flush took %lums\n", \
-+ iommu->index, what, (NOW() - start) / 10000000); \
-+} while ( false )
-+
- int vtd_hw_check(void);
- void disable_pmr(struct vtd_iommu *iommu);
- int is_igd_drhd(struct acpi_drhd_unit *drhd);
---- a/xen/drivers/passthrough/vtd/iommu.c
-+++ b/xen/drivers/passthrough/vtd/iommu.c
-@@ -373,8 +373,8 @@ static void iommu_flush_write_buffer(str
- dmar_writel(iommu->reg, DMAR_GCMD_REG, val | DMA_GCMD_WBF);
-
- /* Make sure hardware complete it */
-- IOMMU_WAIT_OP(iommu, DMAR_GSTS_REG, dmar_readl,
-- !(val & DMA_GSTS_WBFS), val);
-+ IOMMU_FLUSH_WAIT("write buffer", iommu, DMAR_GSTS_REG, dmar_readl,
-+ !(val & DMA_GSTS_WBFS), val);
-
- spin_unlock_irqrestore(&iommu->register_lock, flags);
- }
-@@ -423,8 +423,8 @@ int vtd_flush_context_reg(struct vtd_iom
- dmar_writeq(iommu->reg, DMAR_CCMD_REG, val);
-
- /* Make sure hardware complete it */
-- IOMMU_WAIT_OP(iommu, DMAR_CCMD_REG, dmar_readq,
-- !(val & DMA_CCMD_ICC), val);
-+ IOMMU_FLUSH_WAIT("context", iommu, DMAR_CCMD_REG, dmar_readq,
-+ !(val & DMA_CCMD_ICC), val);
-
- spin_unlock_irqrestore(&iommu->register_lock, flags);
- /* flush context entry will implicitly flush write buffer */
-@@ -501,8 +501,8 @@ int vtd_flush_iotlb_reg(struct vtd_iommu
- dmar_writeq(iommu->reg, tlb_offset + 8, val);
-
- /* Make sure hardware complete it */
-- IOMMU_WAIT_OP(iommu, (tlb_offset + 8), dmar_readq,
-- !(val & DMA_TLB_IVT), val);
-+ IOMMU_FLUSH_WAIT("iotlb", iommu, (tlb_offset + 8), dmar_readq,
-+ !(val & DMA_TLB_IVT), val);
- spin_unlock_irqrestore(&iommu->register_lock, flags);
-
- /* check IOTLB invalidation granularity */
---- a/xen/drivers/passthrough/vtd/qinval.c
-+++ b/xen/drivers/passthrough/vtd/qinval.c
-@@ -29,8 +29,6 @@
- #include "extern.h"
- #include "../ats.h"
-
--#define VTD_QI_TIMEOUT 1
--
- static unsigned int __read_mostly qi_pg_order;
- static unsigned int __read_mostly qi_entry_nr;
-
-@@ -60,7 +58,11 @@ static unsigned int qinval_next_index(st
- /* (tail+1 == head) indicates a full queue, wait for HW */
- while ( ((tail + 1) & (qi_entry_nr - 1)) ==
- ( dmar_readq(iommu->reg, DMAR_IQH_REG) >> QINVAL_INDEX_SHIFT ) )
-+ {
-+ printk_once(XENLOG_ERR VTDPREFIX " IOMMU#%u: no QI slot available\n",
-+ iommu->index);
- cpu_relax();
-+ }
-
- return tail;
- }
-@@ -180,23 +182,32 @@ static int __must_check queue_invalidate
- /* Now we don't support interrupt method */
- if ( sw )
- {
-- s_time_t timeout;
--
-- /* In case all wait descriptor writes to same addr with same data */
-- timeout = NOW() + MILLISECS(flush_dev_iotlb ?
-- iommu_dev_iotlb_timeout : VTD_QI_TIMEOUT);
-+ static unsigned int __read_mostly threshold = 1;
-+ s_time_t start = NOW();
-+ s_time_t timeout = start + (flush_dev_iotlb
-+ ? iommu_dev_iotlb_timeout
-+ : 100) * MILLISECS(threshold);
-
- while ( ACCESS_ONCE(*this_poll_slot) != QINVAL_STAT_DONE )
- {
-- if ( NOW() > timeout )
-+ if ( timeout && NOW() > timeout )
- {
-- print_qi_regs(iommu);
-+ threshold |= threshold << 1;
- printk(XENLOG_WARNING VTDPREFIX
-- " Queue invalidate wait descriptor timed out\n");
-- return -ETIMEDOUT;
-+ " IOMMU#%u: QI%s wait descriptor taking too long\n",
-+ iommu->index, flush_dev_iotlb ? " dev" : "");
-+ print_qi_regs(iommu);
-+ timeout = 0;
- }
- cpu_relax();
- }
-+
-+ if ( !timeout )
-+ printk(XENLOG_WARNING VTDPREFIX
-+ " IOMMU#%u: QI%s wait descriptor took %lums\n",
-+ iommu->index, flush_dev_iotlb ? " dev" : "",
-+ (NOW() - start) / 10000000);
-+
- return 0;
- }
-
diff --git a/system/xen/xsa/xsa373-4.15-4.patch b/system/xen/xsa/xsa373-4.15-4.patch
deleted file mode 100644
index 17592cbf2d049..0000000000000
--- a/system/xen/xsa/xsa373-4.15-4.patch
+++ /dev/null
@@ -1,79 +0,0 @@
-From: Jan Beulich <jbeulich@suse.com>
-Subject: AMD/IOMMU: wait for command slot to be available
-
-No caller cared about send_iommu_command() indicating unavailability of
-a slot. Hence if a sufficient number prior commands timed out, we did
-blindly assume that the requested command was submitted to the IOMMU
-when really it wasn't. This could mean both a hanging system (waiting
-for a command to complete that was never seen by the IOMMU) or blindly
-propagating success back to callers, making them believe they're fine
-to e.g. free previously unmapped pages.
-
-Fold the three involved functions into one, add spin waiting for an
-available slot along the lines of VT-d's qinval_next_index(), and as a
-consequence drop all error indicator return types/values.
-
-This is part of XSA-373 / CVE-2021-28692.
-
-Signed-off-by: Jan Beulich <jbeulich@suse.com>
-Reviewed-by: Paul Durrant <paul@xen.org>
-
---- a/xen/drivers/passthrough/amd/iommu_cmd.c
-+++ b/xen/drivers/passthrough/amd/iommu_cmd.c
-@@ -20,43 +20,30 @@
- #include "iommu.h"
- #include "../ats.h"
-
--static int queue_iommu_command(struct amd_iommu *iommu, u32 cmd[])
-+static void send_iommu_command(struct amd_iommu *iommu,
-+ const uint32_t cmd[4])
- {
-- uint32_t tail, head;
-+ uint32_t tail;
-
- tail = iommu->cmd_buffer.tail + sizeof(cmd_entry_t);
- if ( tail == iommu->cmd_buffer.size )
- tail = 0;
-
-- head = readl(iommu->mmio_base +
-- IOMMU_CMD_BUFFER_HEAD_OFFSET) & IOMMU_RING_BUFFER_PTR_MASK;
-- if ( head != tail )
-+ while ( tail == (readl(iommu->mmio_base +
-+ IOMMU_CMD_BUFFER_HEAD_OFFSET) &
-+ IOMMU_RING_BUFFER_PTR_MASK) )
- {
-- memcpy(iommu->cmd_buffer.buffer + iommu->cmd_buffer.tail,
-- cmd, sizeof(cmd_entry_t));
--
-- iommu->cmd_buffer.tail = tail;
-- return 1;
-+ printk_once(XENLOG_ERR "AMD IOMMU %pp: no cmd slot available\n",
-+ &PCI_SBDF2(iommu->seg, iommu->bdf));
-+ cpu_relax();
- }
-
-- return 0;
--}
--
--static void commit_iommu_command_buffer(struct amd_iommu *iommu)
--{
-- writel(iommu->cmd_buffer.tail,
-- iommu->mmio_base + IOMMU_CMD_BUFFER_TAIL_OFFSET);
--}
-+ memcpy(iommu->cmd_buffer.buffer + iommu->cmd_buffer.tail,
-+ cmd, sizeof(cmd_entry_t));
-
--static int send_iommu_command(struct amd_iommu *iommu, u32 cmd[])
--{
-- if ( queue_iommu_command(iommu, cmd) )
-- {
-- commit_iommu_command_buffer(iommu);
-- return 1;
-- }
-+ iommu->cmd_buffer.tail = tail;
-
-- return 0;
-+ writel(tail, iommu->mmio_base + IOMMU_CMD_BUFFER_TAIL_OFFSET);
- }
-
- static void flush_command_buffer(struct amd_iommu *iommu)
diff --git a/system/xen/xsa/xsa373-4.15-5.patch b/system/xen/xsa/xsa373-4.15-5.patch
deleted file mode 100644
index 0c6b1ea7c5e93..0000000000000
--- a/system/xen/xsa/xsa373-4.15-5.patch
+++ /dev/null
@@ -1,141 +0,0 @@
-From: Jan Beulich <jbeulich@suse.com>
-Subject: AMD/IOMMU: drop command completion timeout
-
-First and foremost - such timeouts were not signaled to callers, making
-them believe they're fine to e.g. free previously unmapped pages.
-
-Mirror VT-d's behavior: A fixed number of loop iterations is not a
-suitable way to detect timeouts in an environment (CPU and bus speeds)
-independent manner anyway. Furthermore, leaving an in-progress operation
-pending when it appears to take too long is problematic: If a command
-completed later, the signaling of its completion may instead be
-understood to signal a subsequently started command's completion.
-
-Log excessively long processing times (with a progressive threshold) to
-have some indication of problems in this area. Allow callers to specify
-a non-default timeout bias for this logging, using the same values as
-VT-d does, which in particular means a (by default) much larger value
-for device IO TLB invalidation.
-
-This is part of XSA-373 / CVE-2021-28692.
-
-Signed-off-by: Jan Beulich <jbeulich@suse.com>
-Reviewed-by: Paul Durrant <paul@xen.org>
-
---- a/xen/drivers/passthrough/amd/iommu_cmd.c
-+++ b/xen/drivers/passthrough/amd/iommu_cmd.c
-@@ -46,10 +46,12 @@ static void send_iommu_command(struct am
- writel(tail, iommu->mmio_base + IOMMU_CMD_BUFFER_TAIL_OFFSET);
- }
-
--static void flush_command_buffer(struct amd_iommu *iommu)
-+static void flush_command_buffer(struct amd_iommu *iommu,
-+ unsigned int timeout_base)
- {
-- unsigned int cmd[4], status, loop_count;
-- bool comp_wait;
-+ uint32_t cmd[4];
-+ s_time_t start, timeout;
-+ static unsigned int __read_mostly threshold = 1;
-
- /* RW1C 'ComWaitInt' in status register */
- writel(IOMMU_STATUS_COMP_WAIT_INT,
-@@ -65,22 +67,29 @@ static void flush_command_buffer(struct
- IOMMU_COMP_WAIT_I_FLAG_SHIFT, &cmd[0]);
- send_iommu_command(iommu, cmd);
-
-- /* Make loop_count long enough for polling completion wait bit */
-- loop_count = 1000;
-- do {
-- status = readl(iommu->mmio_base + IOMMU_STATUS_MMIO_OFFSET);
-- comp_wait = status & IOMMU_STATUS_COMP_WAIT_INT;
-- --loop_count;
-- } while ( !comp_wait && loop_count );
--
-- if ( comp_wait )
-+ start = NOW();
-+ timeout = start + (timeout_base ?: 100) * MILLISECS(threshold);
-+ while ( !(readl(iommu->mmio_base + IOMMU_STATUS_MMIO_OFFSET) &
-+ IOMMU_STATUS_COMP_WAIT_INT) )
- {
-- /* RW1C 'ComWaitInt' in status register */
-- writel(IOMMU_STATUS_COMP_WAIT_INT,
-- iommu->mmio_base + IOMMU_STATUS_MMIO_OFFSET);
-- return;
-+ if ( timeout && NOW() > timeout )
-+ {
-+ threshold |= threshold << 1;
-+ printk(XENLOG_WARNING
-+ "AMD IOMMU %pp: %scompletion wait taking too long\n",
-+ &PCI_SBDF2(iommu->seg, iommu->bdf),
-+ timeout_base ? "iotlb " : "");
-+ timeout = 0;
-+ }
-+ cpu_relax();
- }
-- AMD_IOMMU_DEBUG("Warning: ComWaitInt bit did not assert!\n");
-+
-+ if ( !timeout )
-+ printk(XENLOG_WARNING
-+ "AMD IOMMU %pp: %scompletion wait took %lums\n",
-+ &PCI_SBDF2(iommu->seg, iommu->bdf),
-+ timeout_base ? "iotlb " : "",
-+ (NOW() - start) / 10000000);
- }
-
- /* Build low level iommu command messages */
-@@ -291,7 +300,7 @@ void amd_iommu_flush_iotlb(u8 devfn, con
- /* send INVALIDATE_IOTLB_PAGES command */
- spin_lock_irqsave(&iommu->lock, flags);
- invalidate_iotlb_pages(iommu, maxpend, 0, queueid, daddr, req_id, order);
-- flush_command_buffer(iommu);
-+ flush_command_buffer(iommu, iommu_dev_iotlb_timeout);
- spin_unlock_irqrestore(&iommu->lock, flags);
- }
-
-@@ -328,7 +337,7 @@ static void _amd_iommu_flush_pages(struc
- {
- spin_lock_irqsave(&iommu->lock, flags);
- invalidate_iommu_pages(iommu, daddr, dom_id, order);
-- flush_command_buffer(iommu);
-+ flush_command_buffer(iommu, 0);
- spin_unlock_irqrestore(&iommu->lock, flags);
- }
-
-@@ -352,7 +361,7 @@ void amd_iommu_flush_device(struct amd_i
- ASSERT( spin_is_locked(&iommu->lock) );
-
- invalidate_dev_table_entry(iommu, bdf);
-- flush_command_buffer(iommu);
-+ flush_command_buffer(iommu, 0);
- }
-
- void amd_iommu_flush_intremap(struct amd_iommu *iommu, uint16_t bdf)
-@@ -360,7 +369,7 @@ void amd_iommu_flush_intremap(struct amd
- ASSERT( spin_is_locked(&iommu->lock) );
-
- invalidate_interrupt_table(iommu, bdf);
-- flush_command_buffer(iommu);
-+ flush_command_buffer(iommu, 0);
- }
-
- void amd_iommu_flush_all_caches(struct amd_iommu *iommu)
-@@ -368,7 +377,7 @@ void amd_iommu_flush_all_caches(struct a
- ASSERT( spin_is_locked(&iommu->lock) );
-
- invalidate_iommu_all(iommu);
-- flush_command_buffer(iommu);
-+ flush_command_buffer(iommu, 0);
- }
-
- void amd_iommu_send_guest_cmd(struct amd_iommu *iommu, u32 cmd[])
-@@ -378,7 +387,8 @@ void amd_iommu_send_guest_cmd(struct amd
- spin_lock_irqsave(&iommu->lock, flags);
-
- send_iommu_command(iommu, cmd);
-- flush_command_buffer(iommu);
-+ /* TBD: Timeout selection may require peeking into cmd[]. */
-+ flush_command_buffer(iommu, 0);
-
- spin_unlock_irqrestore(&iommu->lock, flags);
- }
diff --git a/system/xen/xsa/xsa375.patch b/system/xen/xsa/xsa375.patch
deleted file mode 100644
index aa2e5ad4674f9..0000000000000
--- a/system/xen/xsa/xsa375.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-From: Andrew Cooper <andrew.cooper3@citrix.com>
-Subject: x86/spec-ctrl: Protect against Speculative Code Store Bypass
-
-Modern x86 processors have far-better-than-architecturally-guaranteed self
-modifying code detection. Typically, when a write hits an instruction in
-flight, a Machine Clear occurs to flush stale content in the frontend and
-backend.
-
-For self modifying code, before a write which hits an instruction in flight
-retires, the frontend can speculatively decode and execute the old instruction
-stream. Speculation of this form can suffer from type confusion in registers,
-and potentially leak data.
-
-Furthermore, updates are typically byte-wise, rather than atomic. Depending
-on timing, speculation can race ahead multiple times between individual
-writes, and execute the transiently-malformed instruction stream.
-
-Xen has stubs which are used in certain cases for emulation purposes. Inhibit
-speculation between updating the stub and executing it.
-
-This is XSA-375 / CVE-2021-0089.
-
-Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
-Reviewed-by: Jan Beulich <jbeulich@suse.com>
-
-diff --git a/xen/arch/x86/pv/emul-priv-op.c b/xen/arch/x86/pv/emul-priv-op.c
-index 8889509d2a..11467a1e3a 100644
---- a/xen/arch/x86/pv/emul-priv-op.c
-+++ b/xen/arch/x86/pv/emul-priv-op.c
-@@ -138,6 +138,8 @@ static io_emul_stub_t *io_emul_stub_setup(struct priv_op_ctxt *ctxt, u8 opcode,
- /* Runtime confirmation that we haven't clobbered an adjacent stub. */
- BUG_ON(STUB_BUF_SIZE / 2 < (p - ctxt->io_emul_stub));
-
-+ block_speculation(); /* SCSB */
-+
- /* Handy function-typed pointer to the stub. */
- return (void *)stub_va;
-
-diff --git a/xen/arch/x86/x86_emulate/x86_emulate.c b/xen/arch/x86/x86_emulate/x86_emulate.c
-index c25d88d0d8..f42ff2a837 100644
---- a/xen/arch/x86/x86_emulate/x86_emulate.c
-+++ b/xen/arch/x86/x86_emulate/x86_emulate.c
-@@ -1257,6 +1257,7 @@ static inline int mkec(uint8_t e, int32_t ec, ...)
- # define invoke_stub(pre, post, constraints...) do { \
- stub_exn.info = (union stub_exception_token) { .raw = ~0 }; \
- stub_exn.line = __LINE__; /* Utility outweighs livepatching cost */ \
-+ block_speculation(); /* SCSB */ \
- asm volatile ( pre "\n\tINDIRECT_CALL %[stub]\n\t" post "\n" \
- ".Lret%=:\n\t" \
- ".pushsection .fixup,\"ax\"\n" \
diff --git a/system/xen/xsa/xsa377.patch b/system/xen/xsa/xsa377.patch
deleted file mode 100644
index 1a1887b60e09c..0000000000000
--- a/system/xen/xsa/xsa377.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From: Andrew Cooper <andrew.cooper3@citrix.com>
-Subject: x86/spec-ctrl: Mitigate TAA after S3 resume
-
-The user chosen setting for MSR_TSX_CTRL needs restoring after S3.
-
-All APs get the correct setting via start_secondary(), but the BSP was missed
-out.
-
-This is XSA-377 / CVE-2021-28690.
-
-Fixes: 8c4330818f6 ("x86/spec-ctrl: Mitigate the TSX Asynchronous Abort sidechannel")
-Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
-Reviewed-by: Jan Beulich <jbeulich@suse.com>
-
-diff --git a/xen/arch/x86/acpi/power.c b/xen/arch/x86/acpi/power.c
-index 91a8c4d0bd..31a56f02d0 100644
---- a/xen/arch/x86/acpi/power.c
-+++ b/xen/arch/x86/acpi/power.c
-@@ -288,6 +288,8 @@ static int enter_state(u32 state)
-
- microcode_update_one();
-
-+ tsx_init(); /* Needs microcode. May change HLE/RTM feature bits. */
-+
- if ( !recheck_cpu_features(0) )
- panic("Missing previously available feature(s)\n");
-
diff --git a/system/xen/xsa/xsa386.patch b/system/xen/xsa/xsa386.patch
new file mode 100644
index 0000000000000..83f24d30d53f5
--- /dev/null
+++ b/system/xen/xsa/xsa386.patch
@@ -0,0 +1,29 @@
+From: Jan Beulich <jbeulich@suse.com>
+Subject: VT-d: fix deassign of device with RMRR
+Date: Fri, 1 Oct 2021 15:05:42 +0200
+
+Ignoring a specific error code here was not meant to short circuit
+deassign to _just_ the unmapping of RMRRs. This bug was previously
+hidden by the bogus (potentially indefinite) looping in
+pci_release_devices(), until f591755823a7 ("IOMMU/PCI: don't let domain
+cleanup continue when device de-assignment failed") fixed that loop.
+
+This is CVE-2021-28702 / XSA-386.
+
+Fixes: 8b99f4400b69 ("VT-d: fix RMRR related error handling")
+Reported-by: Ivan Kardykov <kardykov@tabit.pro>
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Tested-by: Ivan Kardykov <kardykov@tabit.pro>
+
+--- a/xen/drivers/passthrough/vtd/iommu.c
++++ b/xen/drivers/passthrough/vtd/iommu.c
+@@ -2409,7 +2409,7 @@ static int reassign_device_ownership(
+ ret = iommu_identity_mapping(source, p2m_access_x,
+ rmrr->base_address,
+ rmrr->end_address, 0);
+- if ( ret != -ENOENT )
++ if ( ret && ret != -ENOENT )
+ return ret;
+ }
+ }
+