a0a41ec5ed
Bumping xen to version RELEASE-4.18.0-71-g4da8ca9cb9, which comprises the following commits:
4da8ca9cb9 x86: protect conditional lock taking from speculative execution
e107a8ece7 x86/mm: add speculation barriers to open coded locks
9de8a52b0e locking: attempt to ensure lock wrappers are always inline
5a13c81542 percpu-rwlock: introduce support for blocking speculation into critical regions
e7f0f11c88 rwlock: introduce support for blocking speculation into critical regions
1932973ac9 x86/spinlock: introduce support for blocking speculation into critical regions
bdda600406 xen: Swap order of actions in the FREE*() macros
908cbd1893 x86/spec-ctrl: Mitigation Register File Data Sampling
fb85a8fc91 x86/spec-ctrl: VERW-handling adjustments
b7205fc1cb x86/spec-ctrl: Rename VERW related options
95dd34fdbe x86/spec-ctrl: Perform VERW flushing later in exit paths
9f89ec65fb x86/vmx: Perform VERW flushing later in the VMExit path
b91c253e81 x86: Resync intel-family.h from Linux
fe1869a569 x86/entry: Introduce EFRAME_* constants
a96d2d4355 x86/mm: fix detection of last L1 entry in modify_xen_mappings_lite()
4c84fa6cb6 hvmloader/PCI: skip huge BARs in certain calculations
fd7cb7a1d0 x86/cpu-policy: Allow for levelling of VERW side effects
75221fb0f8 x86/altcall: always use a temporary parameter stashing variable
267845a838 libxl: Fix segfault in device_model_spawn_outcome
e9516b73e7 xen/livepatch: properly build the noapply and norevert tests
d81bfc7ff8 xen/livepatch: fix norevert test attempt to open-code revert
50a8f74df7 xen/livepatch: search for symbols in all loaded payloads
5382a6a79c xen/livepatch: register livepatch regions when loaded
7404c25efd x86/spec: do not print thunk option selection if not built-in
09b9db0413 x86/spec: fix INDIRECT_THUNK option to only be set when build-enabled
b7f9168878 x86/spec: print the built-in SPECULATIVE_HARDEN_* options
57f1370536 xen/sched: Fix UB shift in compat_set_timer_op()
3e383bb413 x86/HVM: hide SVM/VMX when their enabling is prohibited by firmware
498b3624d0 xen/arm: Fix UBSAN failure in start_xen()
58bb811510 x86: account for shadow stack in exception-from-stub recovery
4d47dca20d x86/spec: fix BRANCH_HARDEN option to only be set when build-enabled
19fd9ff998 x86/altcall: use a union as register type for function parameters on clang
f6e5ab5fa7 xen/cmdline: fix printf format specifier in no_config_param()
33a0368d3b xen/livepatch: fix norevert test hook setup typo
a751d1321f x86emul: add missing EVEX.R' checks
5fda826414 build: make sure build fails when running kconfig fails
489c2b9ba1 libxl: Disable relocating memory for qemu-xen in stubdomain too
006764b871 build: Replace `which` with `command -v`
59e6ad6597 x86/HVM: tidy state on hvmemul_map_linear_addr()'s error path
b51fd78aed x86/hvm: Fix fast singlestep state persistence
16475909ba block-common: Fix same_vm for no targets
fa9950a527 amd-vi: fix IVMD memory type checks
184d723e7a tools/xentop: fix sorting bug for some columns
b1fdd7d0e4 x86/ucode: Fix stability of the raw CPU Policy rescan
295ab8060d x86/p2m-pt: fix off by one in entry check assert
579a622eb4 lib{fdt,elf}: move lib{fdt,elf}-temp.o and their deps to $(targets)
00550e808c x86/vmx: Disallow the use of inactivity states
4cc0f88c42 x86/vmx: Fix IRQ handling for EXIT_REASON_INIT
6ccf064b0c x86/intel: ensure Global Performance Counter Control is setup correctly
b26c30a408 CirrusCI: drop FreeBSD 12
62b3d7f8e4 x86/amd: Extend CPU erratum #1474 fix to more affected models
c7ac596a57 VT-d: Fix "else" vs "#endif" misplacement
637da04812 pci: fail device assignment if phantom functions cannot be assigned
1792d1723b x86/x2apic: introduce a mixed physical/cluster mode
a4f3f5a62c xen/arm: page: Avoid pointer overflow on cache clean & invalidate
48eb9e9199 xen/sched: fix sched_move_domain()
a56d598e13 Only compile the hypervisor with -Wdeclaration-after-statement
25b7f9ed0f xen/domain: fix error path in domain_create()
5ac87c8afd xen/sched: fix adding offline cpu to cpupool
18f900b77b x86emul: avoid triggering event related assertions
3af9d1cbb6 tools/xg: Fix potential memory leak in cpu policy getters/setters
61d032e322 xen/x86: In x2APIC mode, derive LDR from APIC ID
480168fcb3 livepatch: do not use .livepatch.funcs section to store internal state
90a6d82175 x86/mem_sharing: Release domain if we are not able to enable memory sharing
3f9390fea5 xen/sched: fix sched_move_domain()
40bfa9dd57 x86/spec-ctrl: Add SRSO whitepaper URL
fcb1016bbd x86/i8259: do not assume interrupts always target CPU0
9e8edd4c75 x86/x2apic: remove usage of ACPI_FADT_APIC_CLUSTER
880e06fdea x86/pv-shim: fix grant table operations for 32-bit guests
52be29df79 x86/mem_sharing: add missing m2p entry when mapping shared_info page
02f8d0adfb update Xen version to 4.18.1-pre
d75f1e9b74 SUPPORT.md: Update release notes URL
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|---|---|---|
| classes | ||
| conf | ||
| docs | ||
| dynamic-layers | ||
| files | ||
| lib/oeqa/runtime/cases | ||
| recipes-containers | ||
| recipes-core | ||
| recipes-demo | ||
| recipes-devtools | ||
| recipes-extended | ||
| recipes-graphics/xorg-xserver | ||
| recipes-kernel | ||
| recipes-networking | ||
| scripts | ||
| wic | ||
| .gitignore | ||
| COPYING.MIT | ||
| MAINTAINERS | ||
| meta-virt-roadmap.txt | ||
| README.md | ||
| SECURITY.md | ||
meta-virtualization
This layer provides support for building Xen, KVM, Libvirt, and associated packages necessary for constructing OE-based virtualized solutions.
The bbappend files for some recipes (e.g. linux-yocto) in this layer need to have 'virtualization' in DISTRO_FEATURES to have effect. To enable them, add in configuration file the following line.
DISTRO_FEATURES:append = " virtualization"
If meta-virtualization is included, but virtualization is not enabled as a distro feature a warning is printed at parse time:
You have included the meta-virtualization layer, but
'virtualization' has not been enabled in your DISTRO_FEATURES. Some bbappend files
may not take effect. See the meta-virtualization README for details on enabling
virtualization support.
If you know what you are doing, this warning can be disabled by setting the following variable in your configuration:
SKIP_META_VIRT_SANITY_CHECK = 1
Depending on your use case, there are other distro features in meta-virtualization that may also be enabled:
- xen: enables xen functionality in various packages (kernel, libvirt, etc)
- kvm: enables KVM configurations in the kernel and autoloads modules
- k8s: enables kubernets configurations in the kernel, tools and configuration
- aufs: enables aufs support in docker and linux-yocto
- x11: enable xen and libvirt functionality related to x11
- selinux: enables functionality in libvirt and lxc
- systemd: enable systemd services and unit files (for recipes for support)
- sysvinit: enable sysvinit scripts (for recipes with support)
- seccomp: enable seccomp support for packages that have the capability.
Dependencies
This layer depends on:
URI: git://github.com/openembedded/openembedded-core.git branch: master revision: HEAD prio: default
URI: git://github.com/openembedded/meta-openembedded.git branch: master revision: HEAD layers: meta-oe meta-networking meta-filesystems meta-python
BBFILE_PRIORITY_openembedded-layer = "4"
Required for Xen XSM policy: URI: git://git.yoctoproject.org/meta-selinux branch: master revision: HEAD prio: default
Required for Ceph: URI: git://git.yoctoproject.org/meta-cloud-services branch: master revision: HEAD prio: default
Required for cri-o: URI: git://git.yoctoproject.org/meta-selinux branch: master revision: HEAD prio: default
Community / Colaboration
Repository: https://git.yoctoproject.org/cgit/cgit.cgi/meta-virtualization/ Mailing list: https://lists.yoctoproject.org/g/meta-virtualization IRC: libera.chat #meta-virt channel
Maintenance
Send pull requests, patches, comments or questions to meta-virtualization@lists.yoctoproject.org
Maintainer: Bruce Ashfield bruce.ashfield@gmail.com see MAINTAINERS for more specific information
When sending single patches, please using something like: $ git send-email -1 -M --to meta-virtualization@lists.yoctoproject.org --subject-prefix='meta-virtualization][PATCH'
License
All metadata is MIT licensed unless otherwise stated. Source code included in tree for individual recipes is under the LICENSE stated in each recipe (.bb file) unless otherwise stated.