aboutsummaryrefslogtreecommitdiffstats
path: root/main/xen
diff options
context:
space:
mode:
authorRoger Pau Monne <roger.pau@citrix.com>2013-01-11 18:48:35 +0100
committerNatanael Copa <ncopa@alpinelinux.org>2013-01-14 07:34:56 +0000
commit583c334e3ee4a9ba5ea44250beee10a936780158 (patch)
tree6f53e1c79cf596d8a21872f8fa2caa955da20264 /main/xen
parent473492472809f977559378ca4c61ca572e6034e6 (diff)
downloadaports-583c334e3ee4a9ba5ea44250beee10a936780158.tar.bz2
aports-583c334e3ee4a9ba5ea44250beee10a936780158.tar.xz
xen: add XSA-33 patch
Diffstat (limited to 'main/xen')
-rw-r--r--main/xen/APKBUILD4
-rw-r--r--main/xen/xsa33-4.2-unstable.patch21
2 files changed, 24 insertions, 1 deletions
diff --git a/main/xen/APKBUILD b/main/xen/APKBUILD
index c57933ea70..681a9d40b6 100644
--- a/main/xen/APKBUILD
+++ b/main/xen/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer: William Pitcock <nenolod@dereferenced.org>
pkgname=xen
pkgver=4.2.1
-pkgrel=1
+pkgrel=2
pkgdesc="Xen hypervisor"
url="http://www.xen.org/"
arch="x86 x86_64"
@@ -18,6 +18,7 @@ source="http://bits.xensource.com/oss-xen/release/$pkgver/$pkgname-$pkgver.tar.g
qemu_uclibc_configure.patch
librt.patch
qemu-xen_paths.patch
+ xsa33-4.2-unstable.patch
xenstored.initd
xenstored.confd
@@ -133,6 +134,7 @@ md5sums="0d48cbe1767b82aba12517898d4e0408 xen-4.2.1.tar.gz
506e7ab6f9482dc95f230978d340bcd9 qemu_uclibc_configure.patch
2dc5ddf47c53ea168729975046c3c1f9 librt.patch
1ccde6b36a6f9542a16d998204dc9a22 qemu-xen_paths.patch
+8aa341b27fac3f93a99113c72671c864 xsa33-4.2-unstable.patch
95d8af17bf844d41a015ff32aae51ba1 xenstored.initd
b017ccdd5e1c27bbf1513e3569d4ff07 xenstored.confd
ed262f15fb880badb53575539468646c xenconsoled.initd
diff --git a/main/xen/xsa33-4.2-unstable.patch b/main/xen/xsa33-4.2-unstable.patch
new file mode 100644
index 0000000000..369d65bba9
--- /dev/null
+++ b/main/xen/xsa33-4.2-unstable.patch
@@ -0,0 +1,21 @@
+VT-d: fix interrupt remapping source validation for devices behind
+legacy bridges
+
+Using SVT_VERIFY_BUS here doesn't make sense; native Linux also
+uses SVT_VERIFY_SID_SQ here instead.
+
+This is XSA-33 / CVE-2012-5634.
+
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+
+--- a/xen/drivers/passthrough/vtd/intremap.c
++++ b/xen/drivers/passthrough/vtd/intremap.c
+@@ -466,7 +466,7 @@ static void set_msi_source_id(struct pci_dev *pdev, struct iremap_entry *ire)
+ set_ire_sid(ire, SVT_VERIFY_BUS, SQ_ALL_16,
+ (bus << 8) | pdev->bus);
+ else if ( pdev_type(seg, bus, devfn) == DEV_TYPE_LEGACY_PCI_BRIDGE )
+- set_ire_sid(ire, SVT_VERIFY_BUS, SQ_ALL_16,
++ set_ire_sid(ire, SVT_VERIFY_SID_SQ, SQ_ALL_16,
+ PCI_BDF2(bus, devfn));
+ }
+ break;
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-03 16:31:30 +0000