diff options
Diffstat (limited to 'main/linux-grsec/xsa43-pvops.patch')
| -rw-r--r-- | main/linux-grsec/xsa43-pvops.patch | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/main/linux-grsec/xsa43-pvops.patch b/main/linux-grsec/xsa43-pvops.patch new file mode 100644 index 000000000..f1440315d --- /dev/null +++ b/main/linux-grsec/xsa43-pvops.patch @@ -0,0 +1,54 @@ +xen-pciback: rate limit error messages from xen_pcibk_enable_msi{,x}() + +... as being guest triggerable (e.g. by invoking +XEN_PCI_OP_enable_msi{,x} on a device not being MSI/MSI-X capable). + +This is CVE-2013-0231 / XSA-43. + +Also make the two messages uniform in both their wording and severity. + +Signed-off-by: Jan Beulich <jbeulich@suse.com> +Acked-by: Ian Campbell <ian.campbell@citrix.com> +Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> + +--- + drivers/xen/xen-pciback/pciback_ops.c | 14 +++++++------- + 1 file changed, 7 insertions(+), 7 deletions(-) + +--- 3.8-rc5/drivers/xen/xen-pciback/pciback_ops.c ++++ 3.8-rc5-xen-pciback-ratelimit/drivers/xen/xen-pciback/pciback_ops.c +@@ -135,7 +135,6 @@ int xen_pcibk_enable_msi(struct xen_pcib + struct pci_dev *dev, struct xen_pci_op *op) + { + struct xen_pcibk_dev_data *dev_data; +- int otherend = pdev->xdev->otherend_id; + int status; + + if (unlikely(verbose_request)) +@@ -144,8 +143,9 @@ int xen_pcibk_enable_msi(struct xen_pcib + status = pci_enable_msi(dev); + + if (status) { +- printk(KERN_ERR "error enable msi for guest %x status %x\n", +- otherend, status); ++ pr_warn_ratelimited(DRV_NAME ": %s: error enabling MSI for guest %u: err %d\n", ++ pci_name(dev), pdev->xdev->otherend_id, ++ status); + op->value = 0; + return XEN_PCI_ERR_op_failed; + } +@@ -223,10 +223,10 @@ int xen_pcibk_enable_msix(struct xen_pci + pci_name(dev), i, + op->msix_entries[i].vector); + } +- } else { +- printk(KERN_WARNING DRV_NAME ": %s: failed to enable MSI-X: err %d!\n", +- pci_name(dev), result); +- } ++ } else ++ pr_warn_ratelimited(DRV_NAME ": %s: error enabling MSI-X for guest %u: err %d!\n", ++ pci_name(dev), pdev->xdev->otherend_id, ++ result); + kfree(entries); + + op->value = result; |