diff options
author | Roger Pau Monne <roger.pau@citrix.com> | 2013-01-18 18:07:00 +0100 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2013-01-18 17:30:58 +0000 |
commit | 72b0ec467593775da3253251cecdb84f4bb10b13 (patch) | |
tree | a89257a64623365a072af5928bd8bcbb2ee514af | |
parent | da422d63cf72f05137326de21e931e64108f9636 (diff) | |
download | aports-72b0ec467593775da3253251cecdb84f4bb10b13.tar.bz2 aports-72b0ec467593775da3253251cecdb84f4bb10b13.tar.xz |
xen: XSA-41 remaining patches
Some patches where not included in the original XSA, this are the
remaining ones (so far).
To be applied to edge and 2.5
-rw-r--r-- | main/xen/APKBUILD | 6 | ||||
-rw-r--r-- | main/xen/xsa41b.patch | 67 | ||||
-rw-r--r-- | main/xen/xsa41c.patch | 39 |
3 files changed, 111 insertions, 1 deletions
diff --git a/main/xen/APKBUILD b/main/xen/APKBUILD index 1aa0d1ec2..3c3a8a781 100644 --- a/main/xen/APKBUILD +++ b/main/xen/APKBUILD @@ -3,7 +3,7 @@ # Maintainer: William Pitcock <nenolod@dereferenced.org> pkgname=xen pkgver=4.2.1 -pkgrel=3 +pkgrel=4 pkgdesc="Xen hypervisor" url="http://www.xen.org/" arch="x86 x86_64" @@ -20,6 +20,8 @@ source="http://bits.xensource.com/oss-xen/release/$pkgver/$pkgname-$pkgver.tar.g qemu-xen_paths.patch xsa33-4.2-unstable.patch xsa41.patch + xsa41b.patch + xsa41c.patch xenstored.initd xenstored.confd @@ -137,6 +139,8 @@ md5sums="0d48cbe1767b82aba12517898d4e0408 xen-4.2.1.tar.gz 1ccde6b36a6f9542a16d998204dc9a22 qemu-xen_paths.patch 8aa341b27fac3f93a99113c72671c864 xsa33-4.2-unstable.patch 8ad8942000b8a4be4917599cad9209cf xsa41.patch +ed7d0399c6ca6aeee479da5d8f807fe0 xsa41b.patch +2f3dd7bdc59d104370066d6582725575 xsa41c.patch 95d8af17bf844d41a015ff32aae51ba1 xenstored.initd b017ccdd5e1c27bbf1513e3569d4ff07 xenstored.confd ed262f15fb880badb53575539468646c xenconsoled.initd diff --git a/main/xen/xsa41b.patch b/main/xen/xsa41b.patch new file mode 100644 index 000000000..b599c2a5d --- /dev/null +++ b/main/xen/xsa41b.patch @@ -0,0 +1,67 @@ +From 70454385eeee6f0b3f7a9eddca9f7340b5060824 Mon Sep 17 00:00:00 2001 +From: Michael Contreras <michael@inetric.com> +Date: Thu, 17 Jan 2013 11:49:37 +0000 +Subject: [PATCH] e1000: Discard oversized packets based on SBP|LPE + +Discard packets longer than 16384 when !SBP to match the hardware behavior. + +upstream-commit-id: 2c0331f4f7d241995452b99afaf0aab00493334a +security-tags: XSA-41, CVE-2012-6075 +This is the second of two security fixes for XSA-41. + +Signed-off-by: Michael Contreras <michael@inetric.com> +Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> +--- +diff --git a/tools/qemu-xen/hw/e1000.c b/tools/qemu-xen/hw/e1000.c +index 37d207e..a5e67a8 100644 +--- a/tools/qemu-xen/hw/e1000.c ++++ b/tools/qemu-xen/hw/e1000.c +@@ -61,6 +61,8 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL); + + /* this is the size past which hardware will drop packets when setting LPE=0 */ + #define MAXIMUM_ETHERNET_VLAN_SIZE 1522 ++/* this is the size past which hardware will drop packets when setting LPE=1 */ ++#define MAXIMUM_ETHERNET_LPE_SIZE 16384 + + /* + * HW models: +@@ -697,8 +699,9 @@ e1000_receive(VLANClientState *nc, const uint8_t *buf, size_t size) + } + + /* Discard oversized packets if !LPE and !SBP. */ +- if (size > MAXIMUM_ETHERNET_VLAN_SIZE +- && !(s->mac_reg[RCTL] & E1000_RCTL_LPE) ++ if ((size > MAXIMUM_ETHERNET_LPE_SIZE || ++ (size > MAXIMUM_ETHERNET_VLAN_SIZE ++ && !(s->mac_reg[RCTL] & E1000_RCTL_LPE))) + && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { + return size; + } +diff --git a/tools/qemu-xen-traditional/hw/e1000.c b/tools/qemu-xen-traditional/hw/e1000.c +index 37d207e..a5e67a8 100644 +--- a/tools/qemu-xen-traditional/hw/e1000.c ++++ b/tools/qemu-xen-traditional/hw/e1000.c +@@ -61,6 +61,8 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL); + + /* this is the size past which hardware will drop packets when setting LPE=0 */ + #define MAXIMUM_ETHERNET_VLAN_SIZE 1522 ++/* this is the size past which hardware will drop packets when setting LPE=1 */ ++#define MAXIMUM_ETHERNET_LPE_SIZE 16384 + + /* + * HW models: +@@ -697,8 +699,9 @@ e1000_receive(VLANClientState *nc, const uint8_t *buf, size_t size) + } + + /* Discard oversized packets if !LPE and !SBP. */ +- if (size > MAXIMUM_ETHERNET_VLAN_SIZE +- && !(s->mac_reg[RCTL] & E1000_RCTL_LPE) ++ if ((size > MAXIMUM_ETHERNET_LPE_SIZE || ++ (size > MAXIMUM_ETHERNET_VLAN_SIZE ++ && !(s->mac_reg[RCTL] & E1000_RCTL_LPE))) + && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { + return size; + } +-- +1.7.2.5 + diff --git a/main/xen/xsa41c.patch b/main/xen/xsa41c.patch new file mode 100644 index 000000000..d34693781 --- /dev/null +++ b/main/xen/xsa41c.patch @@ -0,0 +1,39 @@ +From 2a1354d655d816feaad7dbdb8364f40a208439c1 Mon Sep 17 00:00:00 2001 +From: Ian Jackson <ian.jackson@eu.citrix.com> +Date: Thu, 17 Jan 2013 15:52:16 +0000 +Subject: [PATCH] e1000: fix compile warning introduced by security fix, and debugging + +e33f918c19e393900b95a2bb6b10668dfe96a8f2, the fix for XSA-41, +and its cherry picks in 4.2 and 4.1 introduced this compiler warning: + hw/e1000.c:641: warning: 'return' with a value, in function returning void + +In upstream qemu (where this change came from), e1000_receive returns +a value used by queueing machinery to decide whether to try +resubmitting the packet later. Returning "size" means that the packet +has been dealt with and should not be retried. + +In this old branch (aka qemu-xen-traditional), this machinery is +absent and e1000_receive returns void. Fix the return statement. + +Also add a debugging statement along the lines of the others in this +function. + +Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com> +--- +diff --git a/tools/qemu-xen-traditional/hw/e1000.c b/tools/qemu-xen-traditional/hw/e1000.c +index 67d2651..c75bc5e 100644 +--- a/tools/qemu-xen-traditional/hw/e1000.c ++++ b/tools/qemu-xen-traditional/hw/e1000.c +@@ -638,7 +638,8 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) + (size > MAXIMUM_ETHERNET_VLAN_SIZE + && !(s->mac_reg[RCTL] & E1000_RCTL_LPE))) + && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { +- return size; ++ DBGOUT(RX, "packet too large for applicable LPE/VLAN size\n"); ++ return; + } + + if (!receive_filter(s, buf, size)) +-- +1.7.2.5 + |