aboutsummaryrefslogtreecommitdiffstats
path: root/main/linux-grsec/xsa43-pvops.patch
diff options
context:
space:
mode:
Diffstat (limited to 'main/linux-grsec/xsa43-pvops.patch')
-rw-r--r--main/linux-grsec/xsa43-pvops.patch54
1 files changed, 54 insertions, 0 deletions
diff --git a/main/linux-grsec/xsa43-pvops.patch b/main/linux-grsec/xsa43-pvops.patch
new file mode 100644
index 0000000000..f1440315dd
--- /dev/null
+++ b/main/linux-grsec/xsa43-pvops.patch
@@ -0,0 +1,54 @@
+xen-pciback: rate limit error messages from xen_pcibk_enable_msi{,x}()
+
+... as being guest triggerable (e.g. by invoking
+XEN_PCI_OP_enable_msi{,x} on a device not being MSI/MSI-X capable).
+
+This is CVE-2013-0231 / XSA-43.
+
+Also make the two messages uniform in both their wording and severity.
+
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Acked-by: Ian Campbell <ian.campbell@citrix.com>
+Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
+
+---
+ drivers/xen/xen-pciback/pciback_ops.c | 14 +++++++-------
+ 1 file changed, 7 insertions(+), 7 deletions(-)
+
+--- 3.8-rc5/drivers/xen/xen-pciback/pciback_ops.c
++++ 3.8-rc5-xen-pciback-ratelimit/drivers/xen/xen-pciback/pciback_ops.c
+@@ -135,7 +135,6 @@ int xen_pcibk_enable_msi(struct xen_pcib
+ struct pci_dev *dev, struct xen_pci_op *op)
+ {
+ struct xen_pcibk_dev_data *dev_data;
+- int otherend = pdev->xdev->otherend_id;
+ int status;
+
+ if (unlikely(verbose_request))
+@@ -144,8 +143,9 @@ int xen_pcibk_enable_msi(struct xen_pcib
+ status = pci_enable_msi(dev);
+
+ if (status) {
+- printk(KERN_ERR "error enable msi for guest %x status %x\n",
+- otherend, status);
++ pr_warn_ratelimited(DRV_NAME ": %s: error enabling MSI for guest %u: err %d\n",
++ pci_name(dev), pdev->xdev->otherend_id,
++ status);
+ op->value = 0;
+ return XEN_PCI_ERR_op_failed;
+ }
+@@ -223,10 +223,10 @@ int xen_pcibk_enable_msix(struct xen_pci
+ pci_name(dev), i,
+ op->msix_entries[i].vector);
+ }
+- } else {
+- printk(KERN_WARNING DRV_NAME ": %s: failed to enable MSI-X: err %d!\n",
+- pci_name(dev), result);
+- }
++ } else
++ pr_warn_ratelimited(DRV_NAME ": %s: error enabling MSI-X for guest %u: err %d!\n",
++ pci_name(dev), pdev->xdev->otherend_id,
++ result);
+ kfree(entries);
+
+ op->value = result;
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-09 03:09:21 +0000