From bf40b8fe93b4865670f817e0640d934845744335 Mon Sep 17 00:00:00 2001
From: Michael Young <m.a.young@durham.ac.uk>
Date: Feb 27 2019 00:06:55 +0000
Subject: update to xen-4.10.3


---

diff --git a/.gitignore b/.gitignore
index 078e8eb..3ebc00b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,4 +6,4 @@ lwip-1.3.0.tar.gz
 pciutils-2.2.9.tar.bz2
 zlib-1.2.3.tar.gz
 polarssl-1.1.4-gpl.tgz
-/xen-4.10.2.tar.gz
+/xen-4.10.3.tar.gz
diff --git a/sources b/sources
index 532fa04..865ad13 100644
--- a/sources
+++ b/sources
@@ -4,4 +4,4 @@ SHA512 (newlib-1.16.0.tar.gz) = 40eb96bbc6736a16b6399e0cdb73e853d0d90b685c967e77
 SHA512 (zlib-1.2.3.tar.gz) = 021b958fcd0d346c4ba761bcf0cc40f3522de6186cf5a0a6ea34a70504ce9622b1c2626fce40675bc8282cf5f5ade18473656abc38050f72f5d6480507a2106e
 SHA512 (polarssl-1.1.4-gpl.tgz) = 88da614e4d3f4409c4fd3bb3e44c7587ba051e3fed4e33d526069a67e8180212e1ea22da984656f50e290049f60ddca65383e5983c0f8884f648d71f698303ad
 SHA512 (pciutils-2.2.9.tar.bz2) = 2b3d98d027e46d8c08037366dde6f0781ca03c610ef2b380984639e4ef39899ed8d8b8e4cd9c9dc54df101279b95879bd66bfd4d04ad07fef41e847ea7ae32b5
-SHA512 (xen-4.10.2.tar.gz) = 2e301b4d6eb106fcb52203bc1208c8fd1fc7bb5d795166c0f86e4085227050301f7daa6f21db440c47bc2ca2c7f87d9b96753cfdf3fa724e0416b5679b84c163
+SHA512 (xen-4.10.3.tar.gz) = 030d23109ce4c0ebf50ade6841d5525a39032bcf8fd0599ccaa9502ff301c1f61f9c5f49233b41a5934a71228958febc1e529a9fc6822ba401a0c18c490ad412
diff --git a/xen.fedora.efi.build.patch b/xen.fedora.efi.build.patch
index a531445..36f9608 100644
--- a/xen.fedora.efi.build.patch
+++ b/xen.fedora.efi.build.patch
@@ -1,50 +1,3 @@
---- xen-4.8.0/xen/arch/x86/Makefile.orig	2016-12-05 12:03:27.000000000 +0000
-+++ xen-4.8.0/xen/arch/x86/Makefile	2017-02-28 00:02:27.989589825 +0000
-@@ -73,6 +73,7 @@
- efi-y := $(shell if [ ! -r $(BASEDIR)/include/xen/compile.h -o \
-                       -O $(BASEDIR)/include/xen/compile.h ]; then \
-                          echo '$(TARGET).efi'; fi)
-+LD_EFI ?= $(LD)
- 
- ifneq ($(build_id_linker),)
- notes_phdrs = --notes
-@@ -173,20 +174,20 @@
- 
- $(TARGET).efi: prelink-efi.o $(note_file) efi.lds efi/relocs-dummy.o $(BASEDIR)/common/symbols-dummy.o efi/mkreloc
- 	$(foreach base, $(VIRT_BASE) $(ALT_BASE), \
--	          $(guard) $(LD) $(call EFI_LDFLAGS,$(base)) -T efi.lds -N $< efi/relocs-dummy.o \
-+	          $(guard) $(LD_EFI) $(call EFI_LDFLAGS,$(base)) -T efi.lds -N $< efi/relocs-dummy.o \
- 	                $(BASEDIR)/common/symbols-dummy.o $(note_file) -o $(@D)/.$(@F).$(base).0 &&) :
- 	$(guard) efi/mkreloc $(foreach base,$(VIRT_BASE) $(ALT_BASE),$(@D)/.$(@F).$(base).0) >$(@D)/.$(@F).0r.S
- 	$(guard) $(NM) -pa --format=sysv $(@D)/.$(@F).$(VIRT_BASE).0 \
- 		| $(guard) $(BASEDIR)/tools/symbols $(all_symbols) --sysv --sort >$(@D)/.$(@F).0s.S
- 	$(guard) $(MAKE) -f $(BASEDIR)/Rules.mk $(@D)/.$(@F).0r.o $(@D)/.$(@F).0s.o
- 	$(foreach base, $(VIRT_BASE) $(ALT_BASE), \
--	          $(guard) $(LD) $(call EFI_LDFLAGS,$(base)) -T efi.lds -N $< \
-+	          $(guard) $(LD_EFI) $(call EFI_LDFLAGS,$(base)) -T efi.lds -N $< \
- 	                $(@D)/.$(@F).0r.o $(@D)/.$(@F).0s.o $(note_file) -o $(@D)/.$(@F).$(base).1 &&) :
- 	$(guard) efi/mkreloc $(foreach base,$(VIRT_BASE) $(ALT_BASE),$(@D)/.$(@F).$(base).1) >$(@D)/.$(@F).1r.S
- 	$(guard) $(NM) -pa --format=sysv $(@D)/.$(@F).$(VIRT_BASE).1 \
- 		| $(guard) $(BASEDIR)/tools/symbols $(all_symbols) --sysv --sort >$(@D)/.$(@F).1s.S
- 	$(guard) $(MAKE) -f $(BASEDIR)/Rules.mk $(@D)/.$(@F).1r.o $(@D)/.$(@F).1s.o
--	$(guard) $(LD) $(call EFI_LDFLAGS,$(VIRT_BASE)) -T efi.lds -N $< \
-+	$(guard) $(LD_EFI) $(call EFI_LDFLAGS,$(VIRT_BASE)) -T efi.lds -N $< \
- 	                $(@D)/.$(@F).1r.o $(@D)/.$(@F).1s.o $(note_file) -o $@
- 	if $(guard) false; then rm -f $@; echo 'EFI support disabled'; \
- 	else $(NM) -pa --format=sysv $(@D)/$(@F) \
---- xen-4.9.0-rc1.2/xen/arch/x86/efi/Makefile.orig	2017-04-12 16:18:57.000000000 +0100
-+++ xen-4.9.0-rc1.2/xen/arch/x86/efi/Makefile	2017-04-13 21:05:54.170387130 +0100
-@@ -1,8 +1,9 @@
- CFLAGS += -fshort-wchar
-+LD_EFI ?= $(LD)
- 
- efi := y$(shell rm -f disabled)
- efi := $(if $(efi),$(shell $(CC) $(filter-out $(CFLAGS-y) .%.d,$(CFLAGS)) -c check.c 2>disabled && echo y))
--efi := $(if $(efi),$(shell $(LD) -mi386pep --subsystem=10 -o check.efi check.o 2>disabled && echo y))
-+efi := $(if $(efi),$(shell $(LD_EFI) -mi386pep --subsystem=10 -o check.efi check.o 2>disabled && echo y))
- efi := $(if $(efi),$(shell rm disabled)y)
- 
- %.o: %.ihex
 --- xen-4.8.0/xen/Makefile.orig	2016-12-05 12:03:27.000000000 +0000
 +++ xen-4.8.0/xen/Makefile	2017-02-28 00:02:54.080529810 +0000
 @@ -20,6 +20,7 @@
diff --git a/xen.spec b/xen.spec
index 45954c2..8580dab 100644
--- a/xen.spec
+++ b/xen.spec
@@ -36,7 +36,8 @@
 # --without efi
 %define build_efi %{?_without_efi: 0} %{?!_without_efi: 1}
 # xen only supports efi boot images on x86_64 or aarch64
-%ifnarch x86_64 aarch64
+# i686 builds a x86_64 hypervisor so add that as well
+%ifnarch x86_64 aarch64 %{ix86}
 %define build_efi 0
 %endif
 %if %build_efi && "%dist" < ".fc26"
@@ -59,8 +60,8 @@
 
 Summary: Xen is a virtual machine monitor
 Name:    xen
-Version: 4.10.2
-Release: 4%{?dist}
+Version: 4.10.3
+Release: 1%{?dist}
 Group:   Development/Libraries
 License: GPLv2+ and LGPLv2+ and BSD
 URL:     http://xen.org/
@@ -118,14 +119,6 @@ Patch39: qemu.trad.CVE-2017-9330.patch
 Patch40: xen.ocaml.safe-strings.patch
 Patch45: xen.gcc8.fix.patch
 Patch51: xen.gcc8.temp.fix.patch
-Patch52: xsa278-4.11.patch
-Patch53: xsa282-4.11-1.patch
-Patch54: xsa282-2.patch
-Patch55: xsa275-4.11-1.patch
-Patch56: xsa275-4.11-2.patch
-Patch57: xsa279.patch
-Patch58: xsa280-1.patch
-Patch59: xsa280-4.10-2.patch
 
 
 %if %build_qemutrad
@@ -335,14 +328,6 @@ manage Xen virtual machines.
 %patch3 -p1
 %patch45 -p1
 %patch51 -p1
-%patch52 -p1
-%patch53 -p1
-%patch54 -p1
-%patch55 -p1
-%patch56 -p1
-%patch57 -p1
-%patch58 -p1
-%patch59 -p1
 
 # qemu-xen-traditional patches
 pushd tools/qemu-xen-traditional
@@ -498,6 +483,9 @@ rm -rf %{buildroot}/%{_libdir}/*.a
 %if %build_efi
 # clean up extra efi files
 rm -rf %{buildroot}/%{_libdir}/efi
+%ifarch %{ix86}
+rm -rf %{buildroot}/usr/lib64/efi
+%endif
 %endif
 
 %if ! %build_ocaml
@@ -880,6 +868,12 @@ fi
 %endif
 
 %changelog
+* Tue Feb 26 2019 Michael Young <m.a.young@durham.ac.uk> - 4.10.3-1
+- update to xen-4.10.3
+  adjust xen.use.fedora.ipxe.patch
+  drop most of xen.fedora.efi.build.patch and let efi build on i686
+  remove patches for issues now fixed upstream
+
 * Tue Nov 20 2018 Michael Young <m.a.young@durham.ac.uk> - 4.10.2-4
 - insufficient TLB flushing / improper large page mappings with AMD IOMMUs
         [XSA-275, CVE-2018-19961, CVE-2018-19962] (#1651665)
diff --git a/xen.use.fedora.ipxe.patch b/xen.use.fedora.ipxe.patch
index 11a7173..3537ec3 100644
--- a/xen.use.fedora.ipxe.patch
+++ b/xen.use.fedora.ipxe.patch
@@ -19,7 +19,7 @@
 +ETHERBOOT_NICS ?= 10ec8139 8086100e
  
  
- QEMU_TRADITIONAL_REVISION ?= xen-4.10.2
+ QEMU_TRADITIONAL_REVISION ?= xen-4.10.3
 --- xen-4.2.0/tools/firmware/Makefile.orig	2012-05-27 21:57:04.480812871 +0100
 +++ xen-4.2.0/tools/firmware/Makefile	2012-06-02 19:03:52.254691484 +0100
 @@ -10,7 +10,7 @@