pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/sysutils/xenkernel45 adding upstream's patch for



details:   https://anonhg.NetBSD.org/pkgsrc/rev/f2ca31421217
branches:  trunk
changeset: 650179:f2ca31421217
user:      spz <spz%pkgsrc.org@localhost>
date:      Sun Apr 19 15:02:12 2015 +0000

description:
adding upstream's patch for
XSA-127 Certain domctl operations may be abused to lock up the host

diffstat:

 sysutils/xenkernel45/Makefile                    |   4 +-
 sysutils/xenkernel45/distinfo                    |   3 +-
 sysutils/xenkernel45/patches/patch-CVE-2015-2751 |  42 ++++++++++++++++++++++++
 3 files changed, 46 insertions(+), 3 deletions(-)

diffs (78 lines):

diff -r 7042159b2fb1 -r f2ca31421217 sysutils/xenkernel45/Makefile
--- a/sysutils/xenkernel45/Makefile     Sun Apr 19 14:50:11 2015 +0000
+++ b/sysutils/xenkernel45/Makefile     Sun Apr 19 15:02:12 2015 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.6 2015/04/19 13:13:21 spz Exp $
+# $NetBSD: Makefile,v 1.7 2015/04/19 15:02:12 spz Exp $
 
 VERSION=       4.5.0
 DISTNAME=      xen-${VERSION}
 PKGNAME=       xenkernel45-${VERSION}
-PKGREVISION=   3
+PKGREVISION=   4
 CATEGORIES=    sysutils
 MASTER_SITES=  http://bits.xensource.com/oss-xen/release/${VERSION}/
 
diff -r 7042159b2fb1 -r f2ca31421217 sysutils/xenkernel45/distinfo
--- a/sysutils/xenkernel45/distinfo     Sun Apr 19 14:50:11 2015 +0000
+++ b/sysutils/xenkernel45/distinfo     Sun Apr 19 15:02:12 2015 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.5 2015/04/19 13:13:21 spz Exp $
+$NetBSD: distinfo,v 1.6 2015/04/19 15:02:12 spz Exp $
 
 SHA1 (xen-4.5.0.tar.gz) = c4aab5fb366496ad1edc7fe0a935a0d604335637
 RMD160 (xen-4.5.0.tar.gz) = e35ba0cb484492c1a289218eb9bf53b57dbd3a45
@@ -6,6 +6,7 @@
 SHA1 (patch-CVE-2015-2044) = 354fe44df0c3b464137f50e2b9de3930f3910c0d
 SHA1 (patch-CVE-2015-2045) = 98e3f8064b7c190b2ae69c7d4c8f71febf8fbf52
 SHA1 (patch-CVE-2015-2151) = 30344d233eade872fa7062493d754f8bccaf9d2a
+SHA1 (patch-CVE-2015-2751) = b0ab727ae01291a0e4ea2efe3931b6cd00df1a39
 SHA1 (patch-CVE-2015-2752) = 390edab296a91c83197205dce7030cbdd60e0d78
 SHA1 (patch-CVE-2015-2756) = e76490b858e213d09d326b413004d29a7e177b20
 SHA1 (patch-Config.mk) = a2a104d023cea4e551a3ad40927d4884d6c610bf
diff -r 7042159b2fb1 -r f2ca31421217 sysutils/xenkernel45/patches/patch-CVE-2015-2751
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/sysutils/xenkernel45/patches/patch-CVE-2015-2751  Sun Apr 19 15:02:12 2015 +0000
@@ -0,0 +1,42 @@
+$NetBSD: patch-CVE-2015-2751,v 1.1 2015/04/19 15:02:12 spz Exp $
+
+--- xen/arch/x86/domctl.c.orig 2015-01-12 16:53:24.000000000 +0000
++++ xen/arch/x86/domctl.c
+@@ -888,6 +888,10 @@ long arch_do_domctl(
+     {
+         xen_guest_tsc_info_t info;
+ 
++        ret = -EINVAL;
++        if ( d == current->domain ) /* no domain_pause() */
++            break;
++
+         domain_pause(d);
+         tsc_get_info(d, &info.tsc_mode,
+                         &info.elapsed_nsec,
+@@ -903,6 +907,10 @@ long arch_do_domctl(
+ 
+     case XEN_DOMCTL_settscinfo:
+     {
++        ret = -EINVAL;
++        if ( d == current->domain ) /* no domain_pause() */
++            break;
++
+         domain_pause(d);
+         tsc_set_info(d, domctl->u.tsc_info.info.tsc_mode,
+                      domctl->u.tsc_info.info.elapsed_nsec,
+
+--- xen/common/domctl.c.orig   2015-04-19 14:40:24.000000000 +0000
++++ xen/common/domctl.c
+@@ -522,8 +522,10 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe
+ 
+     case XEN_DOMCTL_resumedomain:
+     {
+-        domain_resume(d);
+-        ret = 0;
++        if ( d == current->domain ) /* no domain_pause() */
++            ret = -EINVAL;
++        else
++            domain_resume(d);
+     }
+     break;
+ 



Home | Main Index | Thread Index | Old Index