Add xenkernel418 version 20231116

Unlike previous Xen packages, the xentools418 and xenkernel418 will point
to a specific commit of the stable branch (instead of release tags),
the package version being the date of the commit. Hopefully this will make
tracking security fixes easier.

From DESCR:
Xen is a hypervisor which supports running multiple guest operating
systems on a single machine. Guest OSes (also called "domains")
can be either paravirtualised (i.e. make hypercalls in order to
access hardware), run in HVM (Hardware Virtualisation Mode) where
they will be presented with virtual devices, or a combination where
they use hypercalls to access hardware but manage memory themselves.
At boot, the xen kernel is loaded along with the guest kernel for
the first domain (called domain0). domain0 has privileges to access
the physical hardware (PCI and ISA devices), administrate other
domains and provide virtual devices (disks and network) to other
domains.

This package contains the 4.18 Xen kernel itself.  PCI passthrough is
not supported.  PAE is mandatory; on i386 one must use XEN3PAE_DOM[0U].

sysutils/xenkernel418/DESCR

@@ -0,0 +1,14 @@
+Xen is a hypervisor which supports running multiple guest operating
+systems on a single machine. Guest OSes (also called "domains")
+can be either paravirtualised (i.e. make hypercalls in order to
+access hardware), run in HVM (Hardware Virtualisation Mode) where
+they will be presented with virtual devices, or a combination where
+they use hypercalls to access hardware but manage memory themselves.
+At boot, the xen kernel is loaded along with the guest kernel for
+the first domain (called domain0). domain0 has privileges to access
+the physical hardware (PCI and ISA devices), administrate other
+domains and provide virtual devices (disks and network) to other
+domains.
+
+This package contains the 4.18 Xen kernel itself.  PCI passthrough is
+not supported.  PAE is mandatory; on i386 one must use XEN3PAE_DOM[0U].

sysutils/xenkernel418/MESSAGE

@@ -0,0 +1,14 @@
+===========================================================================
+$NetBSD: MESSAGE,v 1.1 2023/11/21 11:38:26 bouyer Exp $
+
+The Xen hypervisor is installed under the following locations:
+	${XENKERNELDIR}/xen.gz		(standard hypervisor)
+	${XENKERNELDIR}/xen-debug.gz	(debug hypervisor)
+
+Note that unlike upstream Xen, pv-linear-pt defaults to true.
+You can disable it using pv-linear-pt=false on the Xen command line,
+but then you can't boot NetBSD in PV mode.
+
+32bits PV guests are not officially supported any more.
+Switch to pvshim (for netbsd-9 or older) or pvh (for netbsd-10 or newer).
+===========================================================================

sysutils/xenkernel418/Makefile

@@ -0,0 +1,84 @@
+# $NetBSD: Makefile,v 1.1 2023/11/21 11:38:26 bouyer Exp $
+# VERSION is set in version.mk as it is shared with other packages
+#PKGREVISION=        1
+
+XENKERNEL:=
+.include        "../../sysutils/xentools418/version.mk"
+PKGNAME=	xenkernel418-${VERSION:S/-//g}
+CATEGORIES=	sysutils
+
+MAINTAINER=	bouyer@NetBSD.org
+HOMEPAGE=	https://xenproject.org/
+COMMENT=	Xen 4.18.x Kernel
+
+LICENSE=	gnu-gpl-v2
+
+ONLY_FOR_PLATFORM=	NetBSD-*.*-x86_64
+
+SSP_SUPPORTED=	no
+
+NO_CONFIGURE=	yes
+USE_TOOLS+=	gmake bison ggrep
+#force use of pkgsrc's ggrep, NetBSD one is not enough
+TOOLS_PLATFORM.ggrep=
+
+PYTHON_FOR_BUILD_ONLY=		YES
+
+MAKE_ENV+=	OCAML_TOOLS=no
+.if defined(PKGREVISION) && !empty(PKGREVISION) && (${PKGREVISION} != "0")
+MAKE_ENV+=	XEN_VENDORVERSION=_${VERSION}nb${PKGREVISION}
+.else
+MAKE_ENV+=	XEN_VENDORVERSION=_${VERSION}nb0
+.endif
+
+INSTALLATION_DIRS=	xen418-kernel
+XENKERNELDIR=		${PREFIX}/${INSTALLATION_DIRS}
+
+MESSAGE_SUBST+=		XENKERNELDIR=${XENKERNELDIR}
+
+.include "../../mk/compiler.mk"
+EXTRA_CFLAGS+=	-Wno-error=char-subscripts
+.if !empty(PKGSRC_COMPILER:Mclang)
+EXTRA_CFLAGS+=	-Qunused-arguments -no-integrated-as -Wno-error=format \
+		-Wno-error=parentheses-equality -Wno-error=enum-conversion \
+		-Wno-error=unused-function -Wno-error=unused-const-variable \
+		-Wno-error=ignored-attributes -Wno-error=constant-conversion \
+		-Wno-error=address-of-packed-member \
+		-Wno-error=initializer-overrides \
+		-Wno-error=tautological-compare -Wno-error=pragma-pack
+.elif !empty(PKGSRC_COMPILER:Mgcc)
+EXTRA_CFLAGS+=	 -falign-functions=16
+.endif
+
+MAKE_ENV+=	EXTRA_CFLAGS=${EXTRA_CFLAGS:Q}
+
+do-build:
+	cd ${WRKSRC} && ${BUILD_MAKE_CMD} build-xen
+	${CP} ${WRKSRC}/xen/xen.gz ${WRKDIR}/xen.gz
+	cd ${WRKSRC} && ${MAKE_PROGRAM} clean
+	echo "CONFIG_DEBUG=y" >> ${WRKSRC}/xen/.config
+	echo "CONFIG_DEBUG_INFO=y" >> ${WRKSRC}/xen/.config
+	echo "# CONFIG_DEBUG_LOCK_PROFILE is not set" >> ${WRKSRC}/xen/.config
+	echo "# CONFIG_DEBUG_LOCKS is not set" >> ${WRKSRC}/xen/.config
+	echo "# CONFIG_DEBUG_TRACE is not set" >> ${WRKSRC}/xen/.config
+	echo "# CONFIG_XMEM_POOL_POISON is not set" >> ${WRKSRC}/xen/.config
+	echo "# CONFIG_CRASH_DEBUG is not set" >> ${WRKSRC}/xen/.config
+	echo "# CONFIG_GDBSX is not set" >> ${WRKSRC}/xen/.config
+	echo "# CONFIG_FRAME_POINTER is not set" >> ${WRKSRC}/xen/.config
+	echo "# CONFIG_GCOV is not set" >> ${WRKSRC}/xen/.config
+	echo "# CONFIG_LOCK_PROFILE is not set" >> ${WRKSRC}/xen/.config
+	echo "# CONFIG_PERF_COUNTERS is not set" >> ${WRKSRC}/xen/.config
+	echo "CONFIG_VERBOSE_DEBUG=y" >> ${WRKSRC}/xen/.config
+	echo "CONFIG_SCRUB_DEBUG=y" >> ${WRKSRC}/xen/.config
+	echo "# CONFIG_UBSAN is not set" >> ${WRKSRC}/xen/.config
+	cd ${WRKSRC} && ${BUILD_MAKE_CMD} build-xen
+	${CP} ${WRKSRC}/xen/xen.gz ${WRKDIR}/xen-debug.gz
+
+do-install:
+	${INSTALL_DATA} ${WRKDIR}/xen.gz \
+	    ${DESTDIR}${XENKERNELDIR}/xen.gz
+	${INSTALL_DATA} ${WRKDIR}/xen-debug.gz \
+	    ${DESTDIR}${XENKERNELDIR}/xen-debug.gz
+
+.include "../../lang/python/application.mk"
+.include "../../mk/bsd.pkg.mk"

sysutils/xenkernel418/PLIST

@@ -0,0 +1,3 @@
+@comment $NetBSD: PLIST,v 1.1 2023/11/21 11:38:26 bouyer Exp $
+xen418-kernel/xen-debug.gz
+xen418-kernel/xen.gz

sysutils/xenkernel418/distinfo

@@ -0,0 +1,12 @@
+$NetBSD: distinfo,v 1.1 2023/11/21 11:38:26 bouyer Exp $
+
+BLAKE2s (xen418/xen-d75f1e9.tar.gz) = 378782f6af3fb609a0fce4c7e76a3fc22d3ad691b89aa2d328be3310431dfbcf
+SHA512 (xen418/xen-d75f1e9.tar.gz) = e928b980f6bff13b9754f705d6b01ed0d4c4083187d74105dc4fad5af5c6bae0dd97b36ebc21482750ddbc038538e38a1296d4a3cf782fdcd2dc2b8b97d6dbd5
+Size (xen418/xen-d75f1e9.tar.gz) = 6820424 bytes
+SHA1 (patch-Config.mk) = 9372a09efd05c9fbdbc06f8121e411fcb7c7ba65
+SHA1 (patch-xen_Makefile) = 0c400e8054e907ce44faf2be955e0c2d63b768ed
+SHA1 (patch-xen_arch_x86_Rules.mk) = b0bc391f2ca3e96ce2bcaec5e1fcd66139ff16f9
+SHA1 (patch-xen_arch_x86_boot_build32.lds) = 9157f22876085254844f720853761a2cd0f4876e
+SHA1 (patch-xen_arch_x86_extable.c) = f64b956be1167901a60bf9be1abd98dbfaffb100
+SHA1 (patch-xen_arch_x86_mm_p2m.c) = 6e9b84dc8448eca9677f184e720bbfcb3c6d314e
+SHA1 (patch-xen_tools_check-endbr.sh) = a7268ee5ff11f21fdc5b0bc213498a1923b693be

sysutils/xenkernel418/patches/patch-Config.mk

@@ -0,0 +1,14 @@
+$NetBSD: patch-Config.mk,v 1.1 2023/11/21 11:38:26 bouyer Exp $
+
+--- Config.mk.orig	2018-04-17 19:21:31.000000000 +0200
++++ Config.mk	2018-04-23 13:29:47.000000000 +0200
+@@ -32,6 +32,9 @@
+ # Tools to run on system hosting the build
+ HOSTCFLAGS  = -Wall -Werror -Wstrict-prototypes -O2 -fomit-frame-pointer
+ HOSTCFLAGS += -fno-strict-aliasing
++HOSTCFLAGS += ${EXTRA_CFLAGS}
++CFLAGS     += ${EXTRA_CFLAGS}
++
+ 
+ DISTDIR     ?= $(XEN_ROOT)/dist
+ DESTDIR     ?= /

sysutils/xenkernel418/patches/patch-xen_Makefile

@@ -0,0 +1,13 @@
+$NetBSD: patch-xen_Makefile,v 1.1 2023/11/21 11:38:26 bouyer Exp $
+
+--- xen/Makefile.orig	2023-10-06 19:17:42.000000000 +0200
++++ xen/Makefile	2023-10-10 16:04:53.552602218 +0200
+@@ -260,7 +260,7 @@
+ 
+ # Copy CFLAGS generated by "Config.mk" so they can be reused later without
+ # reparsing Config.mk by e.g. arch/x86/boot/.
+-export XEN_TREEWIDE_CFLAGS := $(CFLAGS)
++export XEN_TREEWIDE_CFLAGS :=  $(EXTRA_CFLAGS) $(CFLAGS)
+ 
+ # CLANG_FLAGS needs to be calculated before calling Kconfig
+ ifneq ($(shell $(CC) --version 2>&1 | head -n 1 | grep clang),)

sysutils/xenkernel418/patches/patch-xen_arch_x86_Rules.mk

@@ -0,0 +1,10 @@
+$NetBSD: patch-xen_arch_x86_Rules.mk,v 1.1 2023/11/21 11:38:26 bouyer Exp $
+
+--- xen/arch/x86/Rules.mk.orig	2022-11-15 09:03:34.000000000 +0100
++++ xen/arch/x86/Rules.mk	2022-12-14 21:22:01.302860156 +0100
+@@ -8,3 +8,5 @@
+ endif
+ c_flags += $(object_label_flags) $(CFLAGS_stack_boundary)
+ a_flags += $(object_label_flags) $(CFLAGS_stack_boundary)
++
++c_flags += $(EXTRA_CFLAGS)

sysutils/xenkernel418/patches/patch-xen_arch_x86_boot_build32.lds

@@ -0,0 +1,18 @@
+$NetBSD: patch-xen_arch_x86_boot_build32.lds,v 1.1 2023/11/21 11:38:26 bouyer Exp $
+linux's toolchain doesn't generate a .eh_frame section but NetBSD does.
+remove it.
+
+--- xen/arch/x86/boot/build32.lds.orig	2023-10-10 16:16:15.693245700 +0200
++++ xen/arch/x86/boot/build32.lds	2023-10-10 16:18:43.427188663 +0200
+@@ -31,6 +31,11 @@
+         *(.bss.*)
+   }
+ 
++  /* discard .eh_frame section generated by NetBSD toolchain */
++  /DISCARD/ : {
++	*(.eh_frame)
++  }
++
+   /* Dynamic linkage sections.  Collected simply so we can check they're empty. */
+   .got : {
+         *(.got)

sysutils/xenkernel418/patches/patch-xen_arch_x86_extable.c

@@ -0,0 +1,15 @@
+$NetBSD: patch-xen_arch_x86_extable.c,v 1.1 2023/11/21 11:38:26 bouyer Exp $
+
+silent nosy debug output
+
+--- xen/arch/x86/extable.c.orig	2023-10-06 19:17:42.000000000 +0200
++++ xen/arch/x86/extable.c	2023-10-10 16:20:56.285091628 +0200
+@@ -202,7 +202,7 @@
+         __start___pre_ex_table, __stop___pre_ex_table, addr);
+     if ( fixup )
+     {
+-        dprintk(XENLOG_INFO, "Pre-exception: %p -> %p\n", _p(addr), _p(fixup));
++        // dprintk(XENLOG_INFO, "Pre-exception: %p -> %p\n", _p(addr), _p(fixup));
+         perfc_incr(exception_fixed);
+     }
+     return fixup;

sysutils/xenkernel418/patches/patch-xen_arch_x86_mm_p2m.c

@@ -0,0 +1,21 @@
+$NetBSD: patch-xen_arch_x86_mm_p2m.c,v 1.1 2023/11/21 11:38:26 bouyer Exp $
+
+silent a noisy warning
+
+--- xen/arch/x86/mm/p2m.c.orig	2020-05-03 21:13:56.173269058 +0200
++++ xen/arch/x86/mm/p2m.c	2020-05-03 21:15:38.477174874 +0200
+@@ -1367,10 +1367,13 @@
+             ret = 0;
+         else
+             ret = -EBUSY;
+-        printk(XENLOG_G_WARNING
++
++	if (gfn_l != mfn_x(mfn)) {
++            printk(XENLOG_G_WARNING
+                "Cannot setup identity map d%d:%lx,"
+                " gfn already mapped to %lx.\n",
+                d->domain_id, gfn_l, mfn_x(mfn));
++	}
+     }
+ 
+     gfn_unlock(p2m, gfn, 0);

sysutils/xenkernel418/patches/patch-xen_tools_check-endbr.sh

@@ -0,0 +1,26 @@
+$NetBSD: patch-xen_tools_check-endbr.sh,v 1.1 2023/11/21 11:38:26 bouyer Exp $
+
+For for NetBSD's stat(1)
+
+--- ./xen/tools/check-endbr.sh.orig	2023-10-10 16:35:16.089399100 +0200
++++ ./xen/tools/check-endbr.sh	2023-10-10 16:41:12.764124684 +0200
+@@ -96,7 +96,7 @@
+ 
+ ${OBJCOPY} -j .text $1 -O binary $TEXT_BIN
+ 
+-bin_sz=$(stat -c '%s' $TEXT_BIN)
++bin_sz=$(stat -f '%z' $TEXT_BIN)
+ [ "$bin_sz" -ge $(((1 << 28) - $vma_lo)) ] &&
+     { echo "$MSG_PFX Error: .text offsets must not exceed 256M" >&2; exit 1; }
+ 
+@@ -116,8 +116,8 @@
+ wait
+ 
+ # Sanity check $VALID and $ALL, in case the string parsing bitrots
+-val_sz=$(stat -c '%s' $VALID)
+-all_sz=$(stat -c '%s' $ALL)
++val_sz=$(stat -f '%z' $VALID)
++all_sz=$(stat -f '%z' $ALL)
+ [ "$val_sz" -eq 0 ]         && { echo "$MSG_PFX Error: Empty valid-addrs" >&2; exit 1; }
+ [ "$all_sz" -eq 0 ]         && { echo "$MSG_PFX Error: Empty all-addrs" >&2; exit 1; }
+ [ "$all_sz" -lt "$val_sz" ] && { echo "$MSG_PFX Error: More valid-addrs than all-addrs" >&2; exit 1; }