similar to: Re: XSA-36 / howto fix broken IVRS ACPI table

Hello, since applying the patches related to XSA-36 Xen recognizes a broken IVRS ACPI table and disables I/O virtualisation. I contacted the manufacturer of the mainboard/BIOS and they want to help me by providing a patched BIOS - so far so good. However, they need details about what to fix, which I don''t know either. Could you pls. give me some hints which I can forward to the

Dear mailinglist, I own a Gigabyte motherboard GA 970A UD3 with IOMMU support. Since the update XSA-36 (also part of the latest debian wheezy pkg), the IO-Virtualisation does not work any more as discussed on this mailinglist [0] and [1]. I like to ask, if there is an "official" solution in sight. I''m not sure about my alternatives. How "dangerous" is the

From: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com> This patch add an additional logic to check for the often case when the special->handle is not initialized due to firmware bugs. but the special->usedid is correct. If users overide this using the command line option ivrs_ioapic, then it should use the value instead. --- This patch is supposed to follow the patches:

From: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com> This patch handle additional cases for IVRS bugs where special->handle is not correctly initialized for IOAPIC and HPETS due to firmware bugs. Signed-off-by: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com> Provide logic in "is_ioapic_overidden()" Signed-off-by: Jan Beulich <JBeulich@suse.com> ---

Today is my day! This is with Xen 4.4 (pulled today) when I build a kernel in dom0 and have two guests launching at the same time. This is what I get: (XEN) Assertion ''l1e_get_pfn(MAPCACHE_L1ENT(hashent->idx)) == hashent->mfn'' failed at domain_page.c:203 and it blows up. Here is the full log: \ \/ /___ _ __ | || | | || | _ _ _ __ ___| |_ __ _| |__ | | ___

Hi! From other people posting to this list, I know that there has been a bug related to the issue described in Xen Security Advisory 36 that disables iommu for some AMD users like me. However, even when passing "iommu=no-amd-iommu-perdev-intremap" it still disables i/o virtualisatoin. Related Xen dmesg output: (XEN) IVHD Error: Invalid IO-APIC 0 (XEN) AMD-Vi: Error initialization

Hey I wanted to try my hand at doing some GPU passthrough so on my ASUS M5A97 which in the pass worked with an older BIOS (but said BIOS had issues after S3 suspend) - but with a BIOS the PCI passthrough does not work. That is due to:: (XEN) IVHD Error: Invalid IO-APIC 0xff (XEN) AMD-Vi: Error initialization

For one we shouldn''t accept IVHD tables specifying IO-APIC IDs beyond the limit we support (MAX_IO_APICS, currently 128). And then we shouldn''t memset() a pointer allocation of which failed. Signed-off-by: Jan Beulich <jbeulich@suse.com> --- a/xen/drivers/passthrough/amd/iommu_acpi.c +++ b/xen/drivers/passthrough/amd/iommu_acpi.c @@ -674,6 +674,13 @@ static u16 __init

On Fri, 2018-02-09 at 12:54 +0000, David Woodhouse wrote: > On Fri, 2018-02-09 at 10:36 +0000, David Woodhouse wrote: > >  > > Did you get anywhere with the function attribute? Having isolated the > > next boot failure to "it goes away if I compile io_apic.c without > > retpoline", bisecting it per-function would help to further delay the > > bit where I

Hi Group, I have a problem with my FXO interface. It seems that asterisk cannot see any configured channels, only pseudo. Pls see the error and my config below. Rgrds Markus ----- May 2 15:09:00 NOTICE[17327]: app_dial.c:1010 dial_exec_full: Unable to create channel of type 'Zap' (cause 0 - Unknown) == Everyone is busy/congested at this time (1:0/0/1) == Auto fallthrough, channel

I haven't read the all the emails in full detail, but it seems pretty clear that __x86_indirect_thunk and __llvm_retpoline_push do not do the same things. It sounds like __llvm_retpoline_push is equivalent to __x86_indirect_thunk except first it swaps the two words on the top of the stack. I arranged it this way because the x86 call instruction puts the intended return address on the top of

Hi, I''m not able to activate VT-d on my PC due to a buggy BIOS. Xen fails to parse ACPI DMAR table. There is a problem with RMRR address range. My configuration is : - Debian Weezy - Xen version 4.1.2 (Debian 4.1.2-2) - Sabertooth X58 with last bios (1304) - i7 - 960 I have the following message : (XEN) [VT-D]dmar.c:704: Host address width 39 (XEN) [VT-D]dmar.c:719: found

Use their proper counterparts in include/acpi/actbl*.h instead. Signed-off-by: Jan Beulich <jbeulich@suse.com> --- a/xen/arch/ia64/xen/dom_fw_common.c +++ b/xen/arch/ia64/xen/dom_fw_common.c @@ -347,7 +347,7 @@ struct fake_acpi_tables { struct acpi_table_header dsdt; uint8_t aml[8 + 11 * MAX_VIRT_CPUS]; struct acpi_table_madt madt; - struct acpi_table_lsapic lsapic[MAX_VIRT_CPUS]; +

On Sun, Oct 29, 2017 at 11:51:55PM +0100, Fengguang Wu wrote: >Hi Linus, > >Up to now we see the below boot error/warnings when testing v4.14-rc6. > >They hit the RC release mainly due to various imperfections in 0day's >auto bisection. So I manually list them here and CC the likely easy to >debug ones to the corresponding maintainers in the followup emails. >

On Sun, Oct 29, 2017 at 11:51:55PM +0100, Fengguang Wu wrote: >Hi Linus, > >Up to now we see the below boot error/warnings when testing v4.14-rc6. > >They hit the RC release mainly due to various imperfections in 0day's >auto bisection. So I manually list them here and CC the likely easy to >debug ones to the corresponding maintainers in the followup emails. >

Hello, Are XSA-289 and XSA-274/CVE-2018-14678 fixed with Xen recent 4.8, 4.10 and kernel 4.9.177 packages ? Thank you

We just sent the message below to the security advisory predisclosure list, relating to the release of XSA-26 to XSA-32. As you will see, these have now been publicly released. We''ll have a proper conversation about this in a week or two. Thanks for your attention, Ian. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 We regret to announce that a member of the predisclosure list

Ian Jackson writes ("64bit PV guest breakout [XSA-213]"): > Source: xen > Version: 4.4.1-9 > Severity: important > Tags: security upstream fixed-upstream > > See > https://xenbits.xen.org/xsa/advisory-213.html Ian Jackson writes ("grant transfer allows PV guest to elevate privileges [XSA-214]"): > Source: xen > Version: 4.4.1-9 > Severity:

Moritz Muehlenhoff writes ("Re: Xen package security updates for jessie 4.4, XSA-213, XSA-214"): > On Thu, May 04, 2017 at 05:59:18PM +0100, Ian Jackson wrote: > > Should I put jessie-security in the debian/changelog and dgit push it > > (ie, from many people's pov, dput it) ? > > Yes, the distribution line should be jessie-security, but please send > a

Looks like this never got a response from anyone. On 6/25/19 10:15 AM, Yuriy Kohut wrote: > Hello, > > Are XSA-289 and XSA-274/CVE-2018-14678 fixed with Xen recent 4.8, 4.10 and kernel 4.9.177 packages ? XSA-289 is a tricky subject. In the end, it was effectively decided that these patches were not recommended until they were reviewed again and XSA-289 has no official list of flaws