diff options
author | Roger Pau Monne <roger.pau@citrix.com> | 2013-01-11 18:06:24 +0100 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2013-01-14 16:42:01 +0000 |
commit | 5b4cf2b15d5a62c8ce00284410a099239d6935d2 (patch) | |
tree | 72d3979aa3ed5bae9b387b71f830cf23c50c421d | |
parent | 3fe73e04397a3ed9c88e92deef2e0c09ed2a5f28 (diff) | |
download | alpine_aports-5b4cf2b15d5a62c8ce00284410a099239d6935d2.tar.bz2 alpine_aports-5b4cf2b15d5a62c8ce00284410a099239d6935d2.tar.xz alpine_aports-5b4cf2b15d5a62c8ce00284410a099239d6935d2.zip |
for-2.4-xen: add XSA-33 patch
-rw-r--r-- | main/xen/APKBUILD | 4 | ||||
-rw-r--r-- | main/xen/xsa33-4.1.patch | 21 |
2 files changed, 24 insertions, 1 deletions
diff --git a/main/xen/APKBUILD b/main/xen/APKBUILD index e5eba0809b..39033477e9 100644 --- a/main/xen/APKBUILD +++ b/main/xen/APKBUILD | |||
@@ -3,7 +3,7 @@ | |||
3 | # Maintainer: William Pitcock <nenolod@dereferenced.org> | 3 | # Maintainer: William Pitcock <nenolod@dereferenced.org> |
4 | pkgname=xen | 4 | pkgname=xen |
5 | pkgver=4.1.4 | 5 | pkgver=4.1.4 |
6 | pkgrel=0 | 6 | pkgrel=1 |
7 | pkgdesc="Xen hypervisor" | 7 | pkgdesc="Xen hypervisor" |
8 | url="http://www.xen.org/" | 8 | url="http://www.xen.org/" |
9 | arch="x86 x86_64" | 9 | arch="x86 x86_64" |
@@ -22,6 +22,7 @@ source="http://bits.xensource.com/oss-xen/release/$pkgver/$pkgname-$pkgver.tar.g | |||
22 | define_fsimage_dir.patch | 22 | define_fsimage_dir.patch |
23 | librt.patch | 23 | librt.patch |
24 | busybox-sed.patch | 24 | busybox-sed.patch |
25 | xsa33-4.1.patch | ||
25 | 26 | ||
26 | xenstored.initd | 27 | xenstored.initd |
27 | xenstored.confd | 28 | xenstored.confd |
@@ -121,6 +122,7 @@ b973dc1ffcc6872e222b36f3b7b4836b fix_bswap_blktap2.patch | |||
121 | 0bb8a435020a5a49b38b1a447fb69977 define_fsimage_dir.patch | 122 | 0bb8a435020a5a49b38b1a447fb69977 define_fsimage_dir.patch |
122 | fa06495a175571f4aa3b6cb88937953e librt.patch | 123 | fa06495a175571f4aa3b6cb88937953e librt.patch |
123 | 1bea3543ddc712330527b62fd9ff6520 busybox-sed.patch | 124 | 1bea3543ddc712330527b62fd9ff6520 busybox-sed.patch |
125 | 25ba4efc5eee29daa12855fbadce84f8 xsa33-4.1.patch | ||
124 | 6e5739dad7e2bd1b625e55ddc6c782b7 xenstored.initd | 126 | 6e5739dad7e2bd1b625e55ddc6c782b7 xenstored.initd |
125 | b017ccdd5e1c27bbf1513e3569d4ff07 xenstored.confd | 127 | b017ccdd5e1c27bbf1513e3569d4ff07 xenstored.confd |
126 | ed262f15fb880badb53575539468646c xenconsoled.initd | 128 | ed262f15fb880badb53575539468646c xenconsoled.initd |
diff --git a/main/xen/xsa33-4.1.patch b/main/xen/xsa33-4.1.patch new file mode 100644 index 0000000000..d0bdeb44ac --- /dev/null +++ b/main/xen/xsa33-4.1.patch | |||
@@ -0,0 +1,21 @@ | |||
1 | VT-d: fix interrupt remapping source validation for devices behind | ||
2 | legacy bridges | ||
3 | |||
4 | Using SVT_VERIFY_BUS here doesn't make sense; native Linux also | ||
5 | uses SVT_VERIFY_SID_SQ here instead. | ||
6 | |||
7 | This is XSA-33 / CVE-2012-5634. | ||
8 | |||
9 | Signed-off-by: Jan Beulich <jbeulich@suse.com> | ||
10 | |||
11 | --- a/xen/drivers/passthrough/vtd/intremap.c | ||
12 | +++ b/xen/drivers/passthrough/vtd/intremap.c | ||
13 | @@ -499,7 +499,7 @@ static void set_msi_source_id(struct pci_dev *pdev, struct iremap_entry *ire) | ||
14 | set_ire_sid(ire, SVT_VERIFY_BUS, SQ_ALL_16, | ||
15 | (bus << 8) | pdev->bus); | ||
16 | else if ( pdev_type(bus, devfn) == DEV_TYPE_LEGACY_PCI_BRIDGE ) | ||
17 | - set_ire_sid(ire, SVT_VERIFY_BUS, SQ_ALL_16, | ||
18 | + set_ire_sid(ire, SVT_VERIFY_SID_SQ, SQ_ALL_16, | ||
19 | PCI_BDF2(bus, devfn)); | ||
20 | } | ||
21 | break; | ||