main/xen: apply relevant XSA patches (XSA-62 through XSA-71)

1 files changed, 55 insertions, 0 deletions

diff --git a/main/xen/xsa64.patch b/main/xen/xsa64.patch
new file mode 100644
index 0000000000..f2c1117fdd
--- /dev/null
+++ b/main/xen/xsa64.patch
@@ -0,0 +1,55 @@
+commit 95a0770282ea2a03f7bc48c6656d5fc79bae0599
+Author: Tim Deegan <tim@xen.org>
+Date:   Thu Sep 12 14:16:28 2013 +0100
+
+    x86/mm/shadow: Fix initialization of PV shadow L4 tables.
+    
+    Shadowed PV L4 tables must have the same Xen mappings as their
+    unshadowed equivalent.  This is done by copying the Xen entries
+    verbatim from the idle pagetable, and then using guest_l4_slot()
+    in the SHADOW_FOREACH_L4E() iterator to avoid touching those entries.
+    
+    adc5afbf1c70ef55c260fb93e4b8ce5ccb918706 (x86: support up to 16Tb)
+    changed the definition of ROOT_PAGETABLE_XEN_SLOTS to extend right to
+    the top of the address space, which causes the shadow code to
+    copy Xen mappings into guest-kernel-address slots too.
+    
+    In the common case, all those slots are zero in the idle pagetable,
+    and no harm is done.  But if any slot above #271 is non-zero, Xen will
+    crash when that slot is later cleared (it attempts to drop
+    shadow-pagetable refcounts on its own L4 pagetables).
+    
+    Fix by using the new ROOT_PAGETABLE_PV_XEN_SLOTS when appropriate.
+    Monitor pagetables need the full Xen mappings, so they keep using the
+    old name (with its new semantics).
+    
+    This is XSA-64.
+    
+    Signed-off-by: Tim Deegan <tim@xen.org>
+    Reviewed-by: Jan Beulich <jbeulich@suse.com>
+
+diff --git a/xen/arch/x86/mm/shadow/multi.c b/xen/arch/x86/mm/shadow/multi.c
+index 4c4c2ba..3fed0b6 100644
+--- a/xen/arch/x86/mm/shadow/multi.c
++++ b/xen/arch/x86/mm/shadow/multi.c
+@@ -1433,15 +1433,19 @@ void sh_install_xen_entries_in_l4(struct vcpu *v, mfn_t gl4mfn, mfn_t sl4mfn)
+ {
+     struct domain *d = v->domain;
+     shadow_l4e_t *sl4e;
++    unsigned int slots;
+ 
+     sl4e = sh_map_domain_page(sl4mfn);
+     ASSERT(sl4e != NULL);
+     ASSERT(sizeof (l4_pgentry_t) == sizeof (shadow_l4e_t));
+     
+     /* Copy the common Xen mappings from the idle domain */
++    slots = (shadow_mode_external(d)
++             ? ROOT_PAGETABLE_XEN_SLOTS
++             : ROOT_PAGETABLE_PV_XEN_SLOTS);
+     memcpy(&sl4e[ROOT_PAGETABLE_FIRST_XEN_SLOT],
+            &idle_pg_table[ROOT_PAGETABLE_FIRST_XEN_SLOT],
+-           ROOT_PAGETABLE_XEN_SLOTS * sizeof(l4_pgentry_t));
++           slots * sizeof(l4_pgentry_t));
+ 
+     /* Install the per-domain mappings for this domain */
+     sl4e[shadow_l4_table_offset(PERDOMAIN_VIRT_START)] =