pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2008Q3]: pkgsrc/sysutils/xentools33 Pullup ticket #2548 - requ...
details: https://anonhg.NetBSD.org/pkgsrc/rev/6a326c9f736c
branches: pkgsrc-2008Q3
changeset: 547827:6a326c9f736c
user: tron <tron%pkgsrc.org@localhost>
date: Sat Oct 11 18:27:49 2008 +0000
description:
Pullup ticket #2548 - requested by cegger
xentools33: security patch
Revisions pulled up:
- sysutils/xentools33/Makefile 1.10
- sysutils/xentools33/distinfo 1.13
- sysutils/xentools33/patches/patch-ga 1.1
- sysutils/xentools33/patches/patch-gc 1.1
- sysutils/xentools33/patches/patch-gd 1.1
---
Module Name: pkgsrc
Committed By: cegger
Date: Wed Oct 8 19:13:41 UTC 2008
Modified Files:
pkgsrc/sysutils/xentools33: Makefile distinfo
Added Files:
pkgsrc/sysutils/xentools33/patches: patch-ga patch-gb patch-gc patch-gd
Log Message:
Apply changeset 18434 from upstream xen-3.3-testing tree.
This fixes security issue http://secunia.com/advisories/32064/
diffstat:
sysutils/xentools33/Makefile | 4 +-
sysutils/xentools33/distinfo | 5 +-
sysutils/xentools33/patches/patch-ga | 111 +++++++++++++++++++++++++
sysutils/xentools33/patches/patch-gc | 152 +++++++++++++++++++++++++++++++++++
sysutils/xentools33/patches/patch-gd | 60 +++++++++++++
5 files changed, 329 insertions(+), 3 deletions(-)
diffs (truncated from 367 to 300 lines):
diff -r 67976d416fe4 -r 6a326c9f736c sysutils/xentools33/Makefile
--- a/sysutils/xentools33/Makefile Thu Oct 09 11:53:48 2008 +0000
+++ b/sysutils/xentools33/Makefile Sat Oct 11 18:27:49 2008 +0000
@@ -1,10 +1,10 @@
-# $NetBSD: Makefile,v 1.9 2008/09/30 15:08:34 joerg Exp $
+# $NetBSD: Makefile,v 1.9.2.1 2008/10/11 18:27:49 tron Exp $
#
VERSION= 3.3.0
DISTNAME= xen-${VERSION}
PKGNAME= xentools33-${VERSION}
-PKGREVISION= 1
+PKGREVISION= 2
CATEGORIES= sysutils
MASTER_SITES= http://bits.xensource.com/oss-xen/release/${VERSION}/
EXTRACT_SUFX= .tar.gz
diff -r 67976d416fe4 -r 6a326c9f736c sysutils/xentools33/distinfo
--- a/sysutils/xentools33/distinfo Thu Oct 09 11:53:48 2008 +0000
+++ b/sysutils/xentools33/distinfo Sat Oct 11 18:27:49 2008 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.12 2008/09/30 15:08:34 joerg Exp $
+$NetBSD: distinfo,v 1.12.2.1 2008/10/11 18:27:49 tron Exp $
SHA1 (xen-3.3.0.tar.gz) = b6365864eeb5125e0f66a056c4c72816e1789358
RMD160 (xen-3.3.0.tar.gz) = c98c08617e302ef4004d17cb0ba161d0ed7af59c
@@ -49,3 +49,6 @@
SHA1 (patch-fc) = 37c9b0897182de93a01f9620ef6346ef68157770
SHA1 (patch-fd) = cb4741bf33050d72cfbcd2eff4a8632d976de643
SHA1 (patch-fe) = 85d42672766fe8ce2dc7f745938722710c6ee5a3
+SHA1 (patch-ga) = c7a32f0feefd9b00993e64e406ad2914e6737fb6
+SHA1 (patch-gc) = 26a750ca14bcaa33b3f63c16104d2acfae764c96
+SHA1 (patch-gd) = 78e9bcba7dbd2dbd520c015947240b7e514abf8c
diff -r 67976d416fe4 -r 6a326c9f736c sysutils/xentools33/patches/patch-ga
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/sysutils/xentools33/patches/patch-ga Sat Oct 11 18:27:49 2008 +0000
@@ -0,0 +1,111 @@
+$NetBSD: patch-ga,v 1.1.2.2 2008/10/11 18:27:49 tron Exp $
+
+--- python/xen/xend/XendDomainInfo.py.orig 2008-08-22 09:49:08.000000000 +0000
++++ python/xen/xend/XendDomainInfo.py
+@@ -455,8 +455,8 @@ class XendDomainInfo:
+ try:
+ self._constructDomain()
+ self._storeVmDetails()
+- self._createDevices()
+ self._createChannels()
++ self._createDevices()
+ self._storeDomDetails()
+ self._endRestore()
+ except:
+@@ -1232,31 +1232,6 @@ class XendDomainInfo:
+ def permissionsVm(self, *args):
+ return xstransact.SetPermissions(self.vmpath, *args)
+
+-
+- def _readVmTxn(self, transaction, *args):
+- paths = map(lambda x: self.vmpath + "/" + x, args)
+- return transaction.read(*paths)
+-
+- def _writeVmTxn(self, transaction, *args):
+- paths = map(lambda x: self.vmpath + "/" + x, args)
+- return transaction.write(*paths)
+-
+- def _removeVmTxn(self, transaction, *args):
+- paths = map(lambda x: self.vmpath + "/" + x, args)
+- return transaction.remove(*paths)
+-
+- def _gatherVmTxn(self, transaction, *args):
+- paths = map(lambda x: self.vmpath + "/" + x, args)
+- return transaction.gather(paths)
+-
+- def storeVmTxn(self, transaction, *args):
+- paths = map(lambda x: self.vmpath + "/" + x, args)
+- return transaction.store(*paths)
+-
+- def permissionsVmTxn(self, transaction, *args):
+- paths = map(lambda x: self.vmpath + "/" + x, args)
+- return transaction.set_permissions(*paths)
+-
+ #
+ # Function to update xenstore /dom/*
+ #
+@@ -1304,8 +1279,11 @@ class XendDomainInfo:
+ def _recreateDomFunc(self, t):
+ t.remove()
+ t.mkdir()
+- t.set_permissions({'dom' : self.domid})
++ t.set_permissions({'dom' : self.domid, 'read' : True})
+ t.write('vm', self.vmpath)
++ for i in [ 'device', 'control', 'error' ]:
++ t.mkdir(i)
++ t.set_permissions(i, {'dom' : self.domid})
+
+ def _storeDomDetails(self):
+ to_store = {
+@@ -2390,11 +2368,11 @@ class XendDomainInfo:
+
+ paths = self._prepare_phantom_paths()
+
+- self._cleanupVm()
+ if self.dompath is not None:
+ self.destroyDomain()
+
+ self._cleanup_phantom_devs(paths)
++ self._cleanupVm()
+
+ if "transient" in self.info["other_config"] \
+ and bool(self.info["other_config"]["transient"]):
+@@ -2731,7 +2709,6 @@ class XendDomainInfo:
+ self._writeVm(to_store)
+ self._setVmPermissions()
+
+-
+ def _setVmPermissions(self):
+ """Allow the guest domain to read its UUID. We don't allow it to
+ access any other entry, for security."""
+@@ -2750,7 +2727,7 @@ class XendDomainInfo:
+ log.warn("".join(traceback.format_stack()))
+ return self._stateGet()
+ else:
+- raise AttributeError()
++ raise AttributeError(name)
+
+ def __setattr__(self, name, value):
+ if name == "state":
+@@ -2864,12 +2841,6 @@ class XendDomainInfo:
+ ignore_devices = ignore_store,
+ legacy_only = legacy_only)
+
+- #if not ignore_store and self.dompath:
+- # vnc_port = self.readDom('console/vnc-port')
+- # if vnc_port is not None:
+- # result.append(['device',
+- # ['console', ['vnc-port', str(vnc_port)]]])
+-
+ return result
+
+ # Xen API
+@@ -3135,7 +3106,7 @@ class XendDomainInfo:
+ if not config.has_key('device'):
+ devid = config.get('id')
+ if devid != None:
+- config['device'] = 'eth%d' % devid
++ config['device'] = 'eth%s' % devid
+ else:
+ config['device'] = ''
+
diff -r 67976d416fe4 -r 6a326c9f736c sysutils/xentools33/patches/patch-gc
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/sysutils/xentools33/patches/patch-gc Sat Oct 11 18:27:49 2008 +0000
@@ -0,0 +1,152 @@
+$NetBSD: patch-gc,v 1.1.2.2 2008/10/11 18:27:49 tron Exp $
+
+--- python/xen/xend/server/DevController.py.orig 2008-08-22 09:49:08.000000000 +0000
++++ python/xen/xend/server/DevController.py
+@@ -126,8 +126,11 @@ class DevController:
+ log.debug(
+ 'DevController: still waiting to write device entries.')
+
++ devpath = self.devicePath(devid)
++
+ t.remove(frontpath)
+ t.remove(backpath)
++ t.remove(devpath)
+
+ t.mkdir(backpath)
+ t.set_permissions(backpath,
+@@ -142,6 +145,14 @@ class DevController:
+ t.write2(frontpath, front)
+ t.write2(backpath, back)
+
++ t.mkdir(devpath)
++ t.write2(devpath, {
++ 'backend' : backpath,
++ 'backend-id' : "%i" % backdom,
++ 'frontend' : frontpath,
++ 'frontend-id' : "%i" % self.vm.getDomid()
++ })
++
+ if t.commit():
+ return devid
+
+@@ -254,11 +265,12 @@ class DevController:
+
+ if force:
+ frontpath = self.frontendPath(dev)
+- backpath = xstransact.Read(frontpath, "backend")
++ backpath = self.readVm(devid, "backend")
+ if backpath:
+ xstransact.Remove(backpath)
+ xstransact.Remove(frontpath)
+
++ # xstransact.Remove(self.devicePath()) ?? Below is the same ?
+ self.vm._removeVm("device/%s/%d" % (self.deviceClass, dev))
+
+ def configurations(self, transaction = None):
+@@ -302,9 +314,10 @@ class DevController:
+ @return: dict
+ """
+ if transaction is None:
+- backdomid = xstransact.Read(self.frontendPath(devid), "backend-id")
++ backdomid = xstransact.Read(self.devicePath(devid), "backend-id")
+ else:
+- backdomid = transaction.read(self.frontendPath(devid) + "/backend-id")
++ backdomid = transaction.read(self.devicePath(devid) + "/backend-id")
++
+ if backdomid is None:
+ raise VmError("Device %s not connected" % devid)
+
+@@ -446,17 +459,22 @@ class DevController:
+ else:
+ raise VmError("Device %s not connected" % devid)
+
++ def readVm(self, devid, *args):
++ devpath = self.devicePath(devid)
++ if devpath:
++ return xstransact.Read(devpath, *args)
++ else:
++ raise VmError("Device config %s not found" % devid)
++
+ def readBackend(self, devid, *args):
+- frontpath = self.frontendPath(devid)
+- backpath = xstransact.Read(frontpath, "backend")
++ backpath = self.readVm(devid, "backend")
+ if backpath:
+ return xstransact.Read(backpath, *args)
+ else:
+ raise VmError("Device %s not connected" % devid)
+
+ def readBackendTxn(self, transaction, devid, *args):
+- frontpath = self.frontendPath(devid)
+- backpath = transaction.read(frontpath + "/backend")
++ backpath = self.readVm(devid, "backend")
+ if backpath:
+ paths = map(lambda x: backpath + "/" + x, args)
+ return transaction.read(*paths)
+@@ -474,7 +492,7 @@ class DevController:
+ """@return The IDs of each of the devices currently configured for
+ this instance's deviceClass.
+ """
+- fe = self.backendRoot()
++ fe = self.deviceRoot()
+
+ if transaction:
+ return map(lambda x: int(x.split('/')[-1]), transaction.list(fe))
+@@ -483,8 +501,7 @@ class DevController:
+
+
+ def writeBackend(self, devid, *args):
+- frontpath = self.frontendPath(devid)
+- backpath = xstransact.Read(frontpath, "backend")
++ backpath = self.readVm(devid, "backend")
+
+ if backpath:
+ xstransact.Write(backpath, *args)
+@@ -549,9 +566,8 @@ class DevController:
+
+
+ def waitForBackend(self, devid):
+-
+ frontpath = self.frontendPath(devid)
+- # lookup a phantom
++ # lookup a phantom
+ phantomPath = xstransact.Read(frontpath, 'phantom_vbd')
+ if phantomPath is not None:
+ log.debug("Waiting for %s's phantom %s.", devid, phantomPath)
+@@ -564,7 +580,7 @@ class DevController:
+ if result['status'] != 'Connected':
+ return (result['status'], err)
+
+- backpath = xstransact.Read(frontpath, "backend")
++ backpath = self.readVm(devid, "backend")
+
+
+ if backpath:
+@@ -629,17 +645,20 @@ class DevController:
+ def frontendRoot(self):
+ return "%s/device/%s" % (self.vm.getDomainPath(), self.deviceClass)
+
+- def backendRoot(self):
+- """Construct backend root path assuming backend is domain 0."""
+- from xen.xend.XendDomain import DOM0_ID
+- from xen.xend.xenstore.xsutil import GetDomainPath
+- return "%s/backend/%s/%s" % (GetDomainPath(DOM0_ID),
+- self.deviceClass, self.vm.getDomid())
+-
+ def frontendMiscPath(self):
+ return "%s/device-misc/%s" % (self.vm.getDomainPath(),
+ self.deviceClass)
+
++ def deviceRoot(self):
++ """Return the /vm/device. Because backendRoot assumes the
++ backend domain is 0"""
++ return "%s/device/%s" % (self.vm.vmpath, self.deviceClass)
++
++ def devicePath(self, devid):
++ """Return the /device entry of the given VM. We use it to store
++ backend/frontend locations"""
++ return "%s/device/%s/%s" % (self.vm.vmpath,
++ self.deviceClass, devid)
Home |
Main Index |
Thread Index |
Old Index