diff --git a/xen.gcc12.fixes.patch b/xen.gcc12.fixes.patch new file mode 100644 index 0000000..66d13b1 --- /dev/null +++ b/xen.gcc12.fixes.patch @@ -0,0 +1,10 @@ +--- xen-4.16.0/Config.mk.orig 2021-11-30 11:42:42.000000000 +0000 ++++ xen-4.16.0/Config.mk 2022-01-24 20:25:16.687125822 +0000 +@@ -186,6 +186,7 @@ + $(call cc-option-add,CFLAGS,CC,-Wdeclaration-after-statement) + $(call cc-option-add,CFLAGS,CC,-Wno-unused-but-set-variable) + $(call cc-option-add,CFLAGS,CC,-Wno-unused-local-typedefs) ++$(call cc-option-add,CFLAGS,CC,-Wno-error=array-bounds) + + LDFLAGS += $(foreach i, $(EXTRA_LIB), -L$(i)) + CFLAGS += $(foreach i, $(EXTRA_INCLUDES), -I$(i)) diff --git a/xen.spec b/xen.spec index ca4b349..087c3e9 100644 --- a/xen.spec +++ b/xen.spec @@ -55,7 +55,7 @@ Summary: Xen is a virtual machine monitor Name: xen Version: 4.16.0 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv2+ and LGPLv2+ and BSD URL: http://xen.org/ Source0: https://downloads.xenproject.org/release/xen/%{version}/xen-%{version}.tar.gz @@ -112,6 +112,7 @@ Patch44: xsa376.patch Patch45: xsa393.patch Patch46: xsa394.patch Patch47: xsa395.patch +Patch48: xen.gcc12.fixes.patch %if %build_qemutrad @@ -325,6 +326,7 @@ manage Xen virtual machines. %patch45 -p1 %patch46 -p1 %patch47 -p1 +%patch48 -p1 # qemu-xen-traditional patches pushd tools/qemu-xen-traditional @@ -364,25 +366,12 @@ mkdir -p dist/install/boot/efi/efi/fedora %if %build_ocaml mkdir -p dist/install%{_libdir}/ocaml/stublibs %endif -export EXTRA_CFLAGS_XEN_TOOLS="$RPM_OPT_FLAGS -Wno-error=declaration-after-statement" +export EXTRA_CFLAGS_XEN_TOOLS="$RPM_OPT_FLAGS -Wno-error=use-after-free $LDFLAGS" export EXTRA_CFLAGS_QEMU_TRADITIONAL="$RPM_OPT_FLAGS" export EXTRA_CFLAGS_QEMU_XEN="$RPM_OPT_FLAGS" export PYTHON="/usr/bin/python3" -%if %build_hyp -%if %build_crosshyp -XEN_TARGET_ARCH=x86_64 %make_build prefix=/usr xen CC="/usr/bin/x86_64-linux-gnu-gcc `echo $RPM_OPT_FLAGS | sed -e 's/-m32//g' -e 's/-march=i686//g' -e 's/-mtune=atom//g' -e 's/-specs=\/usr\/lib\/rpm\/redhat\/redhat-annobin-cc1//g' -e 's/-fstack-clash-protection//g' -e 's/-mcet//g' -e 's/-fcf-protection//g'`" -%else -%ifarch armv7hl -%make_build prefix=/usr xen CC="gcc `echo $RPM_OPT_FLAGS | sed -e 's/-mfloat-abi=hard//g' -e 's/-march=armv7-a//g'`" -%else -%ifarch aarch64 -%make_build prefix=/usr xen CC="gcc $RPM_OPT_FLAGS -mno-outline-atomics" -%else -%make_build prefix=/usr xen CC="gcc `echo $RPM_OPT_FLAGS | sed -e 's/-specs=\/usr\/lib\/rpm\/redhat\/redhat-annobin-cc1//g' -e 's/-fcf-protection//g'`" -%endif -%endif -%endif -%endif +export LDFLAGS_SAVE=`echo $LDFLAGS | sed -e 's/-Wl,//g' -e 's/,/ /g' -e 's? -specs=[-a-z/0-9]*??g'` +export CFLAGS_SAVE="$CFLAGS" %if %build_qemutrad CONFIG_EXTRA="--enable-qemu-traditional" %else @@ -400,6 +389,24 @@ CONFIG_EXTRA="$CONFIG_EXTRA --with-system-seabios=/usr/share/seabios/bios-256k.b CONFIG_EXTRA="$CONFIG_EXTRA --disable-seabios" %endif ./configure --prefix=%{_prefix} --libdir=%{_libdir} --libexecdir=%{_libexecdir} --with-system-qemu=/usr/bin/qemu-system-i386 --with-linux-backend-modules="xen-evtchn xen-gntdev xen-gntalloc xen-blkback xen-netback xen-pciback xen-scsiback xen-acpi-processor" $CONFIG_EXTRA +unset CFLAGS CXXFLAGS FFLAGS LDFLAGS +export LDFLAGS="$LDFLAGS_SAVE" +export CFLAGS="$CFLAGS_SAVE -Wno-error=address" + +%if %build_hyp +%if %build_crosshyp +export CFLAGS=`echo $CFLAGS | sed -e 's/-m32//g' -e 's/-march=i686//g' 's/-specs=\/usr\/lib\/rpm\/redhat\/redhat-annobin-cc1//g'` +XEN_TARGET_ARCH=x86_64 %make_build prefix=/usr xen CC="/usr/bin/x86_64-linux-gnu-gcc" +%else +%ifarch armv7hl +export CFLAGS=`echo $CFLAGS | sed -e 's/-mfloat-abi=hard//g' -e 's/-march=armv7-a//g'` +%endif +# armv7hl aarch64 or x86_64 +%make_build prefix=/usr xen +%endif +%endif +unset CFLAGS CXXFLAGS FFLAGS LDFLAGS + %make_build %{?ocaml_flags} prefix=/usr tools %if %build_docs make prefix=/usr docs @@ -919,6 +926,9 @@ fi %endif %changelog +* Sat Jan 29 2022 Michael Young - 4.16.0-3 +- adjust build script and patches for gcc12 and package note support + * Sat Jan 29 2022 Michael Young - arm: guest_physmap_remove_page not removing the p2m mappings [XSA-393, CVE-2022-23033] (#2045044)