main/linux-grsec: xen security fix xsa-43 (CVE-2013-0231)

http://lists.xen.org/archives/html/xen-devel/2013-02/msg00295.html fixes #1601 Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
author: Natanael Copa <ncopa@alpinelinux.org> 2013-02-06 11:30:56 +0000
committer: Natanael Copa <ncopa@alpinelinux.org> 2013-02-07 11:35:08 +0000
commit: 35a7c3361e7f7814a7a5afb97a1d5fad74a16c8d (patch)
tree: 1a8ae9904c3ea9d515974df869fb3812317059d8
parent: 6f310f53bcdccbc9be004e1c3194bf2a7c0fb64d (diff)
download: alpine_aports-35a7c3361e7f7814a7a5afb97a1d5fad74a16c8d.tar.bz2
alpine_aports-35a7c3361e7f7814a7a5afb97a1d5fad74a16c8d.tar.xz
alpine_aports-35a7c3361e7f7814a7a5afb97a1d5fad74a16c8d.zip
2 files changed, 57 insertions, 2 deletions
diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD
index cb719e4f8a..cc73138bcd 100644
--- a/main/linux-grsec/APKBUILD
+++ b/main/linux-grsec/APKBUILD
@@ -4,7 +4,7 @@ _flavor=grsec
 pkgname=linux-${_flavor}
 pkgver=3.6.11
 _kernver=3.6
-pkgrel=10
+pkgrel=11
 pkgdesc="Linux kernel with grsecurity"
 url=http://grsecurity.net
 depends="mkinitfs linux-firmware"
@@ -27,7 +27,7 @@ source="http://ftp.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz
        xsa39-pvops-0002-xen-netback-don-t-leak-pages-on-failure-in-xen_netbk.patch
        xsa39-pvops-0003-xen-netback-free-already-allocated-memory-on-failure.patch
        xsa39-pvops-0004-netback-correct-netbk_tx_err-to-handle-wrap-around.patch
+        xsa43-pvops.patch
        kernelconfig.x86
        kernelconfig.x86_64
@@ -162,5 +162,6 @@ d9b4a528e722d10ba53034ebd440c31b  ipv4-remove-output-route-check-in-ipv4_mtu.pat
 286101482a2e4b7d8c0dff16af36b3e9  xsa39-pvops-0002-xen-netback-don-t-leak-pages-on-failure-in-xen_netbk.patch
 89dbb0886c9d17c3c4a5ff4f1443e936  xsa39-pvops-0003-xen-netback-free-already-allocated-memory-on-failure.patch
 bce9f08c86570a0a86ef36f1d2e7a2dd  xsa39-pvops-0004-netback-correct-netbk_tx_err-to-handle-wrap-around.patch
+2399192c10ba600a086a4c946f1b72f2  xsa43-pvops.patch
 373db5888708938c6b1baed6da781fcb  kernelconfig.x86
 190788fb10e79abce9d570d5e87ec3b4  kernelconfig.x86_64"
diff --git a/main/linux-grsec/xsa43-pvops.patch b/main/linux-grsec/xsa43-pvops.patch
new file mode 100644
index 0000000000..f1440315dd
--- /dev/null
+++ b/main/linux-grsec/xsa43-pvops.patch
@@ -0,0 +1,54 @@
+xen-pciback: rate limit error messages from xen_pcibk_enable_msi{,x}()
+... as being guest triggerable (e.g. by invoking
+XEN_PCI_OP_enable_msi{,x} on a device not being MSI/MSI-X capable).
+This is CVE-2013-0231 / XSA-43.
+Also make the two messages uniform in both their wording and severity.
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Acked-by: Ian Campbell <ian.campbell@citrix.com>
+Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
+---
+ drivers/xen/xen-pciback/pciback_ops.c |   14 +++++++-------
+ 1 file changed, 7 insertions(+), 7 deletions(-)
+--- 3.8-rc5/drivers/xen/xen-pciback/pciback_ops.c
+++ 3.8-rc5-xen-pciback-ratelimit/drivers/xen/xen-pciback/pciback_ops.c
+@@ -135,7 +135,6 @@ int xen_pcibk_enable_msi(struct xen_pcib
+                         struct pci_dev *dev, struct xen_pci_op *op)
+ {
+        struct xen_pcibk_dev_data *dev_data;
+-       int otherend = pdev->xdev->otherend_id;
+        int status;
+ 
+        if (unlikely(verbose_request))
+@@ -144,8 +143,9 @@ int xen_pcibk_enable_msi(struct xen_pcib
+        status = pci_enable_msi(dev);
+ 
+        if (status) {
+-               printk(KERN_ERR "error enable msi for guest %x status %x\n",
+-                       otherend, status);
+               pr_warn_ratelimited(DRV_NAME ": %s: error enabling MSI for guest %u: err %d\n",
+                                   pci_name(dev), pdev->xdev->otherend_id,
+                                   status);
+                op->value = 0;
+                return XEN_PCI_ERR_op_failed;
+        }
+@@ -223,10 +223,10 @@ int xen_pcibk_enable_msix(struct xen_pci
+                                                pci_name(dev), i,
+                                                op->msix_entries[i].vector);
+                }
+-       } else {
+-               printk(KERN_WARNING DRV_NAME ": %s: failed to enable MSI-X: err %d!\n",
+-                       pci_name(dev), result);
+-       }
+       } else
+               pr_warn_ratelimited(DRV_NAME ": %s: error enabling MSI-X for guest %u: err %d!\n",
+                                   pci_name(dev), pdev->xdev->otherend_id,
+                                   result);
+        kfree(entries);
+ 
+        op->value = result;
author	Natanael Copa <ncopa@alpinelinux.org>	2013-02-06 11:30:56 +0000
committer	Natanael Copa <ncopa@alpinelinux.org>	2013-02-07 11:35:08 +0000
commit	35a7c3361e7f7814a7a5afb97a1d5fad74a16c8d (patch)
tree	1a8ae9904c3ea9d515974df869fb3812317059d8
parent	6f310f53bcdccbc9be004e1c3194bf2a7c0fb64d (diff)
download	alpine_aports-35a7c3361e7f7814a7a5afb97a1d5fad74a16c8d.tar.bz2 alpine_aports-35a7c3361e7f7814a7a5afb97a1d5fad74a16c8d.tar.xz alpine_aports-35a7c3361e7f7814a7a5afb97a1d5fad74a16c8d.zip

diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD index cb719e4f8a..cc73138bcd 100644 --- a/main/linux-grsec/APKBUILD +++ b/main/linux-grsec/APKBUILD
@@ -4,7 +4,7 @@ _flavor=grsec
4	pkgname=linux-${_flavor}	4	pkgname=linux-${_flavor}
5	pkgver=3.6.11	5	pkgver=3.6.11
6	_kernver=3.6	6	_kernver=3.6
7	pkgrel=10	7	pkgrel=11
8	pkgdesc="Linux kernel with grsecurity"	8	pkgdesc="Linux kernel with grsecurity"
9	url=http://grsecurity.net	9	url=http://grsecurity.net
10	depends="mkinitfs linux-firmware"	10	depends="mkinitfs linux-firmware"
@@ -27,7 +27,7 @@ source="http://ftp.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz
27	xsa39-pvops-0002-xen-netback-don-t-leak-pages-on-failure-in-xen_netbk.patch	27	xsa39-pvops-0002-xen-netback-don-t-leak-pages-on-failure-in-xen_netbk.patch
28	xsa39-pvops-0003-xen-netback-free-already-allocated-memory-on-failure.patch	28	xsa39-pvops-0003-xen-netback-free-already-allocated-memory-on-failure.patch
29	xsa39-pvops-0004-netback-correct-netbk_tx_err-to-handle-wrap-around.patch	29	xsa39-pvops-0004-netback-correct-netbk_tx_err-to-handle-wrap-around.patch
30		30	xsa43-pvops.patch
31		31
32	kernelconfig.x86	32	kernelconfig.x86
33	kernelconfig.x86_64	33	kernelconfig.x86_64
@@ -162,5 +162,6 @@ d9b4a528e722d10ba53034ebd440c31b ipv4-remove-output-route-check-in-ipv4_mtu.pat
162	286101482a2e4b7d8c0dff16af36b3e9 xsa39-pvops-0002-xen-netback-don-t-leak-pages-on-failure-in-xen_netbk.patch	162	286101482a2e4b7d8c0dff16af36b3e9 xsa39-pvops-0002-xen-netback-don-t-leak-pages-on-failure-in-xen_netbk.patch
163	89dbb0886c9d17c3c4a5ff4f1443e936 xsa39-pvops-0003-xen-netback-free-already-allocated-memory-on-failure.patch	163	89dbb0886c9d17c3c4a5ff4f1443e936 xsa39-pvops-0003-xen-netback-free-already-allocated-memory-on-failure.patch
164	bce9f08c86570a0a86ef36f1d2e7a2dd xsa39-pvops-0004-netback-correct-netbk_tx_err-to-handle-wrap-around.patch	164	bce9f08c86570a0a86ef36f1d2e7a2dd xsa39-pvops-0004-netback-correct-netbk_tx_err-to-handle-wrap-around.patch
		165	2399192c10ba600a086a4c946f1b72f2 xsa43-pvops.patch
165	373db5888708938c6b1baed6da781fcb kernelconfig.x86	166	373db5888708938c6b1baed6da781fcb kernelconfig.x86
166	190788fb10e79abce9d570d5e87ec3b4 kernelconfig.x86_64"	167	190788fb10e79abce9d570d5e87ec3b4 kernelconfig.x86_64"


diff --git a/main/linux-grsec/xsa43-pvops.patch b/main/linux-grsec/xsa43-pvops.patch new file mode 100644 index 0000000000..f1440315dd --- /dev/null +++ b/main/linux-grsec/xsa43-pvops.patch
@@ -0,0 +1,54 @@
		1	xen-pciback: rate limit error messages from xen_pcibk_enable_msi{,x}()
		2
		3	... as being guest triggerable (e.g. by invoking
		4	XEN_PCI_OP_enable_msi{,x} on a device not being MSI/MSI-X capable).
		5
		6	This is CVE-2013-0231 / XSA-43.
		7
		8	Also make the two messages uniform in both their wording and severity.
		9
		10	Signed-off-by: Jan Beulich <jbeulich@suse.com>
		11	Acked-by: Ian Campbell <ian.campbell@citrix.com>
		12	Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
		13
		14	---
		15	drivers/xen/xen-pciback/pciback_ops.c \| 14 +++++++-------
		16	1 file changed, 7 insertions(+), 7 deletions(-)
		17
		18	--- 3.8-rc5/drivers/xen/xen-pciback/pciback_ops.c
		19	+++ 3.8-rc5-xen-pciback-ratelimit/drivers/xen/xen-pciback/pciback_ops.c
		20	@@ -135,7 +135,6 @@ int xen_pcibk_enable_msi(struct xen_pcib
		21	struct pci_dev dev, struct xen_pci_op op)
		22	{
		23	struct xen_pcibk_dev_data *dev_data;
		24	- int otherend = pdev->xdev->otherend_id;
		25	int status;
		26
		27	if (unlikely(verbose_request))
		28	@@ -144,8 +143,9 @@ int xen_pcibk_enable_msi(struct xen_pcib
		29	status = pci_enable_msi(dev);
		30
		31	if (status) {
		32	- printk(KERN_ERR "error enable msi for guest %x status %x\n",
		33	- otherend, status);
		34	+ pr_warn_ratelimited(DRV_NAME ": %s: error enabling MSI for guest %u: err %d\n",
		35	+ pci_name(dev), pdev->xdev->otherend_id,
		36	+ status);
		37	op->value = 0;
		38	return XEN_PCI_ERR_op_failed;
		39	}
		40	@@ -223,10 +223,10 @@ int xen_pcibk_enable_msix(struct xen_pci
		41	pci_name(dev), i,
		42	op->msix_entries[i].vector);
		43	}
		44	- } else {
		45	- printk(KERN_WARNING DRV_NAME ": %s: failed to enable MSI-X: err %d!\n",
		46	- pci_name(dev), result);
		47	- }
		48	+ } else
		49	+ pr_warn_ratelimited(DRV_NAME ": %s: error enabling MSI-X for guest %u: err %d!\n",
		50	+ pci_name(dev), pdev->xdev->otherend_id,
		51	+ result);
		52	kfree(entries);
		53
		54	op->value = result;