From 61f585cdc1479420fe89709f076fe723823b6aaa1339ba86492af30a0f0445a6 Mon Sep 17 00:00:00 2001 From: Charles Arnold Date: Wed, 30 Sep 2009 16:44:28 +0000 Subject: [PATCH 1/5] - Add patch ioemu-bdrv-open-CACHE_WB.patch for install guest on tapdisk very very slow. - bnc#542525 - VUL-1: xen pygrub vulnerability 20099-pygrub-security.patch 20107-pygrub-security.patch 20146-pygrub-security.patch 20174-pygrub-security.patch 20201-pygrub-security.patch OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=22 --- 20099-pygrub-security.patch | 142 +++++++++++++++++++++++++++++++++ 20107-pygrub-security.patch | 39 +++++++++ 20125-xc-parse-tuple-fix.patch | 13 +-- 20146-pygrub-security.patch | 95 ++++++++++++++++++++++ 20174-pygrub-security.patch | 95 ++++++++++++++++++++++ 20201-pygrub-security.patch | 42 ++++++++++ hv_tools.patch | 20 +++-- hv_win7_eoi_bug.patch | 8 +- hv_xen_base.patch | 39 +++++---- hv_xen_extension.patch | 46 +++++++---- ioemu-bdrv-open-CACHE_WB.patch | 16 ++++ xen.changes | 15 ++++ xen.spec | 22 +++-- 13 files changed, 532 insertions(+), 60 deletions(-) create mode 100644 20099-pygrub-security.patch create mode 100644 20107-pygrub-security.patch create mode 100644 20146-pygrub-security.patch create mode 100644 20174-pygrub-security.patch create mode 100644 20201-pygrub-security.patch create mode 100644 ioemu-bdrv-open-CACHE_WB.patch diff --git a/20099-pygrub-security.patch b/20099-pygrub-security.patch new file mode 100644 index 0000000..6ec02f3 --- /dev/null +++ b/20099-pygrub-security.patch @@ -0,0 +1,142 @@ +# HG changeset patch +# User Keir Fraser +# Date 1250781436 -3600 +# Node ID 8f783adc0ee34808cdd296cccd92f99018f76017 +# Parent 4b30cfb855299922244938fde4f88f4e5bb5df34 +pygrub: Add password support + +It basically checks for the presence of password line in grub.conf +of the guest image and if this line is present, it supports both clear +text and md5 versions of the password. Editing the grub entries and +command-line are disabled when some password is set in domain's +grub.conf file but the password was not entered yet. Also, new option +to press 'p' in interactive pygrub has been added to allow entering +the grub password. It's been tested on x86_64 with PV guests and was +working fine. Also, the countdown has been stopped after key was +pressed, ie. the user is probably editing the boot configuration. + +Signed-off-by: Michal Novotny + +Index: xen-3.4.1-testing/tools/pygrub/src/GrubConf.py +=================================================================== +--- xen-3.4.1-testing.orig/tools/pygrub/src/GrubConf.py ++++ xen-3.4.1-testing/tools/pygrub/src/GrubConf.py +@@ -157,6 +157,7 @@ class GrubConfigFile(object): + self.images = [] + self.timeout = -1 + self._default = 0 ++ self.passwordAccess = True + + if fn is not None: + self.parse() +@@ -196,6 +197,7 @@ class GrubConfigFile(object): + if self.commands.has_key(com): + if self.commands[com] is not None: + setattr(self, self.commands[com], arg.strip()) ++ #print "%s = %s => %s" % (com, self.commands[com], arg.strip() ) + else: + logging.info("Ignored directive %s" %(com,)) + else: +@@ -204,6 +206,37 @@ class GrubConfigFile(object): + if len(img) > 0: + self.add_image(GrubImage(img)) + ++ if self.hasPassword(): ++ self.setPasswordAccess(False) ++ ++ def hasPasswordAccess(self): ++ return self.passwordAccess ++ ++ def setPasswordAccess(self, val): ++ self.passwordAccess = val ++ ++ def hasPassword(self): ++ try: ++ getattr(self, self.commands['password']) ++ return True ++ except KeyError, e: ++ return False ++ ++ def checkPassword(self, password): ++ try: ++ pwd = getattr(self, self.commands['password']).split() ++ if pwd[0] == '--md5': ++ import crypt ++ if crypt.crypt(password, pwd[1]) == pwd[1]: ++ return True ++ ++ if pwd[0] == password: ++ return True ++ ++ return False ++ except: ++ return True ++ + def set(self, line): + (com, arg) = grub_exact_split(line, 2) + if self.commands.has_key(com): +Index: xen-3.4.1-testing/tools/pygrub/src/pygrub +=================================================================== +--- xen-3.4.1-testing.orig/tools/pygrub/src/pygrub ++++ xen-3.4.1-testing/tools/pygrub/src/pygrub +@@ -418,7 +418,14 @@ class Grub: + self.text_win.addstr(0, 0, "Use the U and D keys to select which entry is highlighted.") + self.text_win.addstr(1, 0, "Press enter to boot the selected OS. 'e' to edit the") + self.text_win.addstr(2, 0, "commands before booting, 'a' to modify the kernel arguments ") +- self.text_win.addstr(3, 0, "before booting, or 'c' for a command line.") ++ ++ # if grub has password defined we allow option to enter password ++ if not self.cf.hasPassword(): ++ self.text_win.addstr(3, 0, "before booting, or 'c' for a command line.") ++ else: ++ self.text_win.addstr(3, 0, "before booting, or 'c' for a command line. You can also") ++ self.text_win.addstr(4, 0, "press 'p' to enter password for modifications...") ++ + self.text_win.addch(0, 8, curses.ACS_UARROW) + self.text_win.addch(0, 14, curses.ACS_DARROW) + (y, x) = self.text_win.getmaxyx() +@@ -457,9 +464,19 @@ class Grub: + + # handle keypresses + if c == ord('c'): ++ # we disallow access without password specified ++ if not self.cf.hasPasswordAccess(): ++ self.text_win.addstr(6, 8, "You have to enter GRUB password first") ++ break ++ + self.command_line_mode() + break + elif c == ord('a'): ++ # we disallow access without password specified ++ if not self.cf.hasPasswordAccess(): ++ self.text_win.addstr(6, 8, "You have to enter GRUB password first") ++ break ++ + # find the kernel line, edit it and then boot + img = self.cf.images[self.selected_image] + for line in img.lines: +@@ -471,9 +488,24 @@ class Grub: + break + break + elif c == ord('e'): ++ # we disallow access without password specified ++ if not self.cf.hasPasswordAccess(): ++ self.text_win.addstr(6, 8, "You have to enter GRUB password first") ++ break ++ + img = self.cf.images[self.selected_image] + self.edit_entry(img) + break ++ elif c == ord('p') and self.cf.hasPassword(): ++ self.text_win.addstr(6, 8, "Enter password: ") ++ pwd = self.text_win.getstr(6, 8) ++ if not self.cf.checkPassword(pwd): ++ self.text_win.addstr(6, 8, "Incorrect password!") ++ self.cf.setPasswordAccess( False ) ++ else: ++ self.text_win.addstr(6, 8, "Access granted ") ++ self.cf.setPasswordAccess( True ) ++ break + elif c in (curses.KEY_ENTER, ord('\n'), ord('\r')): + self.isdone = True + break diff --git a/20107-pygrub-security.patch b/20107-pygrub-security.patch new file mode 100644 index 0000000..2607acb --- /dev/null +++ b/20107-pygrub-security.patch @@ -0,0 +1,39 @@ +# HG changeset patch +# User Keir Fraser +# Date 1250871100 -3600 +# Node ID 168f0cfeded0ad64e03d821efe5dcbe2eb5806a3 +# Parent 4207d83fc78ef63016a4163b09f30aa471e4bdb8 +pygrub: Fix elilo handling after password patch. + +Signed-off-by: Michal Novotny + +Index: xen-3.4.1-testing/tools/pygrub/src/GrubConf.py +=================================================================== +--- xen-3.4.1-testing.orig/tools/pygrub/src/GrubConf.py ++++ xen-3.4.1-testing/tools/pygrub/src/GrubConf.py +@@ -219,7 +219,7 @@ class GrubConfigFile(object): + try: + getattr(self, self.commands['password']) + return True +- except KeyError, e: ++ except: + return False + + def checkPassword(self, password): +Index: xen-3.4.1-testing/tools/pygrub/src/LiloConf.py +=================================================================== +--- xen-3.4.1-testing.orig/tools/pygrub/src/LiloConf.py ++++ xen-3.4.1-testing/tools/pygrub/src/LiloConf.py +@@ -138,6 +138,12 @@ class LiloConfigFile(object): + if len(img) > 0: + self.add_image(LiloImage(img, path)) + ++ def hasPassword(self): ++ return False ++ ++ def hasPasswordAccess(self): ++ return True ++ + def add_image(self, image): + self.images.append(image) + diff --git a/20125-xc-parse-tuple-fix.patch b/20125-xc-parse-tuple-fix.patch index 45e18bc..4cdc418 100644 --- a/20125-xc-parse-tuple-fix.patch +++ b/20125-xc-parse-tuple-fix.patch @@ -8,10 +8,11 @@ when it expects a full integer. Signed-off-by: Keir Fraser -diff -r 71389988f5d4 -r ed672a604cc7 tools/python/xen/lowlevel/xc/xc.c ---- a/tools/python/xen/lowlevel/xc/xc.c Wed Aug 26 15:35:14 2009 +0100 -+++ b/tools/python/xen/lowlevel/xc/xc.c Wed Aug 26 15:41:59 2009 +0100 -@@ -654,10 +654,9 @@ +Index: xen-3.4.1-testing/tools/python/xen/lowlevel/xc/xc.c +=================================================================== +--- xen-3.4.1-testing.orig/tools/python/xen/lowlevel/xc/xc.c ++++ xen-3.4.1-testing/tools/python/xen/lowlevel/xc/xc.c +@@ -650,10 +650,9 @@ static PyObject *pyxc_deassign_device(Xc static PyObject *pyxc_get_device_group(XcObject *self, PyObject *args) { @@ -23,7 +24,7 @@ diff -r 71389988f5d4 -r ed672a604cc7 tools/python/xen/lowlevel/xc/xc.c PyObject *Pystr; char *group_str; char dev_str[9]; -@@ -812,7 +811,7 @@ +@@ -808,7 +807,7 @@ static PyObject *pyxc_dom_check_cpuid(Xc static PyObject *pyxc_dom_set_policy_cpuid(XcObject *self, PyObject *args) { @@ -32,7 +33,7 @@ diff -r 71389988f5d4 -r ed672a604cc7 tools/python/xen/lowlevel/xc/xc.c if ( !PyArg_ParseTuple(args, "i", &domid) ) return NULL; -@@ -828,9 +827,8 @@ +@@ -824,9 +823,8 @@ static PyObject *pyxc_dom_set_policy_cpu static PyObject *pyxc_dom_set_cpuid(XcObject *self, PyObject *args) { diff --git a/20146-pygrub-security.patch b/20146-pygrub-security.patch new file mode 100644 index 0000000..95eef9c --- /dev/null +++ b/20146-pygrub-security.patch @@ -0,0 +1,95 @@ +# HG changeset patch +# User Keir Fraser +# Date 1251887904 -3600 +# Node ID e513d565c8f1298d26bc614eabd1b7111693a940 +# Parent 8fc92779847680fe40a1ee9c2a01b3effc7cd056 +pygrub: Match bare-metal GRUB behavior for passwords + +The password support patch already merged didn't match the bare-metal +GRUB behavior so I created a patch to match it. If password is entered +in grub.conf file, pressing `p` is required exactly like when using +"real" (bare-metal) GRUB. New options are available after the correct +password is entered. + +Signed-off-by: Michal Novotny + +Index: xen-3.4.1-testing/tools/pygrub/src/pygrub +=================================================================== +--- xen-3.4.1-testing.orig/tools/pygrub/src/pygrub ++++ xen-3.4.1-testing/tools/pygrub/src/pygrub +@@ -415,16 +415,17 @@ class Grub: + def draw(): + # set up the screen + self.draw_main_windows() +- self.text_win.addstr(0, 0, "Use the U and D keys to select which entry is highlighted.") +- self.text_win.addstr(1, 0, "Press enter to boot the selected OS. 'e' to edit the") +- self.text_win.addstr(2, 0, "commands before booting, 'a' to modify the kernel arguments ") + +- # if grub has password defined we allow option to enter password +- if not self.cf.hasPassword(): ++ if not self.cf.hasPassword() or self.cf.hasPasswordAccess(): ++ self.text_win.addstr(0, 0, "Use the U and D keys to select which entry is highlighted.") ++ self.text_win.addstr(1, 0, "Press enter to boot the selected OS, 'e' to edit the") ++ self.text_win.addstr(2, 0, "commands before booting, 'a' to modify the kernel arguments ") + self.text_win.addstr(3, 0, "before booting, or 'c' for a command line.") ++ + else: +- self.text_win.addstr(3, 0, "before booting, or 'c' for a command line. You can also") +- self.text_win.addstr(4, 0, "press 'p' to enter password for modifications...") ++ self.text_win.addstr(0, 0, "Use the U and D keys to select which entry is highlighted.") ++ self.text_win.addstr(1, 0, "Press enter to boot the selected OS or `p` to enter a") ++ self.text_win.addstr(2, 0, "password to unlock the next set of features.") + + self.text_win.addch(0, 8, curses.ACS_UARROW) + self.text_win.addch(0, 14, curses.ACS_DARROW) +@@ -463,20 +464,10 @@ class Grub: + self.screen.timeout(-1) + + # handle keypresses +- if c == ord('c'): +- # we disallow access without password specified +- if not self.cf.hasPasswordAccess(): +- self.text_win.addstr(6, 8, "You have to enter GRUB password first") +- break +- ++ if c == ord('c') and self.cf.hasPasswordAccess(): + self.command_line_mode() + break +- elif c == ord('a'): +- # we disallow access without password specified +- if not self.cf.hasPasswordAccess(): +- self.text_win.addstr(6, 8, "You have to enter GRUB password first") +- break +- ++ elif c == ord('a') and self.cf.hasPasswordAccess(): + # find the kernel line, edit it and then boot + img = self.cf.images[self.selected_image] + for line in img.lines: +@@ -487,23 +478,18 @@ class Grub: + self.isdone = True + break + break +- elif c == ord('e'): +- # we disallow access without password specified +- if not self.cf.hasPasswordAccess(): +- self.text_win.addstr(6, 8, "You have to enter GRUB password first") +- break +- ++ elif c == ord('e') and self.cf.hasPasswordAccess(): + img = self.cf.images[self.selected_image] + self.edit_entry(img) + break + elif c == ord('p') and self.cf.hasPassword(): +- self.text_win.addstr(6, 8, "Enter password: ") ++ self.text_win.addstr(6, 1, "Password: ") + pwd = self.text_win.getstr(6, 8) + if not self.cf.checkPassword(pwd): +- self.text_win.addstr(6, 8, "Incorrect password!") ++ self.text_win.addstr(6, 1, "Password: ") ++ self.text_win.addstr(7, 0, "Failed!") + self.cf.setPasswordAccess( False ) + else: +- self.text_win.addstr(6, 8, "Access granted ") + self.cf.setPasswordAccess( True ) + break + elif c in (curses.KEY_ENTER, ord('\n'), ord('\r')): diff --git a/20174-pygrub-security.patch b/20174-pygrub-security.patch new file mode 100644 index 0000000..bd9beeb --- /dev/null +++ b/20174-pygrub-security.patch @@ -0,0 +1,95 @@ +# HG changeset patch +# User Keir Fraser +# Date 1252327855 -3600 +# Node ID a28c9c2fa8de05ebd0284f578289e96d2d15d574 +# Parent b81e375e03922cd72d6e1404bc62a05059a4fe61 +pygrub: trap exception when python module import fails + +Fix the issue when importing 'crypt' module or crypt.crypt fails in +pygrub. The exception is written on the same line like "Failed!" +message but only if there is an exception. If there is no exception, +we don't bother users with details (probably the password they entered +was wrong) so we just display "Failed!" message. Also, the code for +hasPassword() was rewritten not to have try/except block here. + +Signed-off-by: Michal Novotny + +Index: xen-3.4.1-testing/tools/pygrub/src/GrubConf.py +=================================================================== +--- xen-3.4.1-testing.orig/tools/pygrub/src/GrubConf.py ++++ xen-3.4.1-testing/tools/pygrub/src/GrubConf.py +@@ -158,6 +158,7 @@ class GrubConfigFile(object): + self.timeout = -1 + self._default = 0 + self.passwordAccess = True ++ self.passExc = None + + if fn is not None: + self.parse() +@@ -197,7 +198,6 @@ class GrubConfigFile(object): + if self.commands.has_key(com): + if self.commands[com] is not None: + setattr(self, self.commands[com], arg.strip()) +- #print "%s = %s => %s" % (com, self.commands[com], arg.strip() ) + else: + logging.info("Ignored directive %s" %(com,)) + else: +@@ -216,25 +216,28 @@ class GrubConfigFile(object): + self.passwordAccess = val + + def hasPassword(self): +- try: +- getattr(self, self.commands['password']) +- return True +- except: +- return False ++ return hasattr(self, 'password') + + def checkPassword(self, password): +- try: +- pwd = getattr(self, self.commands['password']).split() +- if pwd[0] == '--md5': ++ # Always allow if no password defined in grub.conf ++ if not self.hasPassword: ++ return True ++ ++ # If we're here, we're having 'password' attribute set ++ pwd = getattr(self, 'password').split() ++ ++ # We check whether password is in MD5 hash for comparison ++ if pwd[0] == '--md5': ++ try: + import crypt + if crypt.crypt(password, pwd[1]) == pwd[1]: + return True ++ except Exception, e: ++ self.passExc = "Can't verify password: %s" % str(e) ++ return False + +- if pwd[0] == password: +- return True +- +- return False +- except: ++ # ... and if not, we compare it as a plain text ++ if pwd[0] == password: + return True + + def set(self, line): +Index: xen-3.4.1-testing/tools/pygrub/src/pygrub +=================================================================== +--- xen-3.4.1-testing.orig/tools/pygrub/src/pygrub ++++ xen-3.4.1-testing/tools/pygrub/src/pygrub +@@ -487,7 +487,11 @@ class Grub: + pwd = self.text_win.getstr(6, 8) + if not self.cf.checkPassword(pwd): + self.text_win.addstr(6, 1, "Password: ") +- self.text_win.addstr(7, 0, "Failed!") ++ if self.cf.passExc is not None: ++ self.text_win.addstr(7, 0, "Exception: %s" ++ % self.cf.passExc) ++ else: ++ self.text_win.addstr(7, 0, "Failed!") + self.cf.setPasswordAccess( False ) + else: + self.cf.setPasswordAccess( True ) diff --git a/20201-pygrub-security.patch b/20201-pygrub-security.patch new file mode 100644 index 0000000..7218664 --- /dev/null +++ b/20201-pygrub-security.patch @@ -0,0 +1,42 @@ +# HG changeset patch +# User Keir Fraser +# Date 1253002894 -3600 +# Node ID 67f1b8b3258591b979c441c6013af3c442063cc1 +# Parent 045b2b8b522708093b91f883f1b7e7c1805f71e3 +pygrub: Correct pygrub return value + +This is the patch to correct pygrub return value for checkPassword() +function. It didn't return False at the end of the function. It +returned None so it was working fine and it's most likely just a +cosmetic issue. + +Also, the missing () were added to checkPassword() function when +calling hasPassword and the unnecessary comment was removed. + +Signed-off-by: Michal Novotny + +Index: xen-3.4.1-testing/tools/pygrub/src/GrubConf.py +=================================================================== +--- xen-3.4.1-testing.orig/tools/pygrub/src/GrubConf.py ++++ xen-3.4.1-testing/tools/pygrub/src/GrubConf.py +@@ -220,10 +220,9 @@ class GrubConfigFile(object): + + def checkPassword(self, password): + # Always allow if no password defined in grub.conf +- if not self.hasPassword: ++ if not self.hasPassword(): + return True + +- # If we're here, we're having 'password' attribute set + pwd = getattr(self, 'password').split() + + # We check whether password is in MD5 hash for comparison +@@ -240,6 +239,8 @@ class GrubConfigFile(object): + if pwd[0] == password: + return True + ++ return False ++ + def set(self, line): + (com, arg) = grub_exact_split(line, 2) + if self.commands.has_key(com): diff --git a/hv_tools.patch b/hv_tools.patch index 78e7cca..7656ff6 100644 --- a/hv_tools.patch +++ b/hv_tools.patch @@ -2,28 +2,26 @@ Index: xen-3.4.1-testing/tools/python/xen/lowlevel/xc/xc.c =================================================================== --- xen-3.4.1-testing.orig/tools/python/xen/lowlevel/xc/xc.c +++ xen-3.4.1-testing/tools/python/xen/lowlevel/xc/xc.c -@@ -890,14 +890,14 @@ static PyObject *pyxc_hvm_build(XcObject +@@ -888,14 +888,14 @@ static PyObject *pyxc_hvm_build(XcObject int i; #endif char *image; - int memsize, target=-1, vcpus = 1, acpi = 0, apic = 1; -+ int memsize, target=-1, vcpus = 1, acpi = 0, apic = 1, extid=0; ++ int memsize, target=-1, vcpus = 1, acpi = 0, apic = 1, extid = 0; static char *kwd_list[] = { "domid", - "memsize", "image", "target", "vcpus", "acpi", -- "apic", NULL }; ++ "memsize", "image", "target", "vcpus", "extid", "acpi", + "apic", NULL }; - if ( !PyArg_ParseTupleAndKeywords(args, kwds, "iis|iiii", kwd_list, -- &dom, &memsize, &image, &target, &vcpus, -- &acpi, &apic) ) -+ "memsize", "image", "target", "vcpus", "extid", -+ "acpi", "apic", NULL }; + if ( !PyArg_ParseTupleAndKeywords(args, kwds, "iis|iiiii", kwd_list, -+ &dom, &memsize, &image, &target, &extid, -+ &vcpus, &acpi, &apic) ) + &dom, &memsize, &image, &target, &vcpus, +- &acpi, &apic) ) ++ &extid, &acpi, &apic) ) return NULL; if ( target == -1 ) -@@ -923,6 +923,7 @@ static PyObject *pyxc_hvm_build(XcObject +@@ -921,6 +921,7 @@ static PyObject *pyxc_hvm_build(XcObject va_hvm->checksum -= sum; munmap(va_map, XC_PAGE_SIZE); #endif @@ -39,7 +37,7 @@ Index: xen-3.4.1-testing/tools/python/xen/xend/XendConfig.py 'monitor': int, 'nographic': int, 'pae' : int, -+ 'extid': int, ++ 'extid': int, 'rtc_timeoffset': int, 'serial': str, 'sdl': int, diff --git a/hv_win7_eoi_bug.patch b/hv_win7_eoi_bug.patch index cbf151f..2986acc 100644 --- a/hv_win7_eoi_bug.patch +++ b/hv_win7_eoi_bug.patch @@ -1,7 +1,7 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_intercept.c =================================================================== ---- xen-3.4.1-testing.orig/xen/arch/x86/hvm/hyperv/hv_intercept.c 2009-08-10 14:01:45.000000000 -0600 -+++ xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_intercept.c 2009-08-10 14:07:15.000000000 -0600 +--- xen-3.4.1-testing.orig/xen/arch/x86/hvm/hyperv/hv_intercept.c ++++ xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_intercept.c @@ -33,6 +33,7 @@ #include @@ -10,7 +10,7 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_intercept.c #include #include #include -@@ -987,8 +988,15 @@ +@@ -987,8 +988,15 @@ hyperv_do_wr_msr(uint32_t idx, struct cp break; case HV_MSR_APIC_ASSIST_PAGE: /* @@ -22,7 +22,7 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_intercept.c + uint32_t data = 0; + paddr_t assist_page = msr_content & ~1UL; + (void)hvm_copy_to_guest_phys(assist_page, &data, sizeof(data)); -+ } ++ } + break; diff --git a/hv_xen_base.patch b/hv_xen_base.patch index 8818e48..181f722 100644 --- a/hv_xen_base.patch +++ b/hv_xen_base.patch @@ -1,4 +1,3 @@ -%patch Index: xen-3.4.1-testing/xen/include/asm-x86/hvm/domain.h =================================================================== --- xen-3.4.1-testing.orig/xen/include/asm-x86/hvm/domain.h @@ -18,7 +17,7 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/Makefile @@ -1,5 +1,6 @@ subdir-y += svm subdir-y += vmx -+subdir-y += hyperv ++subdir-$(x86_64) += hyperv obj-y += emulate.o obj-y += hvm.o @@ -57,7 +56,7 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hvm.c if ( (rc = hvm_funcs.vcpu_initialise(v)) != 0 ) goto fail2; -@@ -732,6 +740,7 @@ int hvm_vcpu_initialise(struct vcpu *v) +@@ -732,12 +740,14 @@ int hvm_vcpu_initialise(struct vcpu *v) hvm_funcs.vcpu_destroy(v); fail2: vlapic_destroy(v); @@ -65,14 +64,13 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hvm.c fail1: return rc; } -@@ -739,6 +748,7 @@ int hvm_vcpu_initialise(struct vcpu *v) + void hvm_vcpu_destroy(struct vcpu *v) { - tasklet_kill(&v->arch.hvm_vcpu.assert_evtchn_irq_tasklet); + hyperx_intercept_vcpu_destroy(v); + tasklet_kill(&v->arch.hvm_vcpu.assert_evtchn_irq_tasklet); hvm_vcpu_cacheattr_destroy(v); vlapic_destroy(v); - hvm_funcs.vcpu_destroy(v); @@ -1690,7 +1700,7 @@ void hvm_cpuid(unsigned int input, unsig return; @@ -120,19 +118,22 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hvm.c if ( (eax & 0x80000000) && is_viridian_domain(curr->domain) ) return viridian_hypercall(regs); -@@ -2572,6 +2592,15 @@ long do_hvm_op(unsigned long op, XEN_GUE +@@ -2572,6 +2592,18 @@ long do_hvm_op(unsigned long op, XEN_GUE rc = -EINVAL; break; + case HVM_PARAM_EXTEND_HYPERVISOR: -+ if ((a.value == 1) && hyperv_initialize(d)) -+ { -+ if (a.value != 1) -+ rc = -EINVAL; -+ else -+ rc = -ENOMEM; -+ goto param_fail; -+ } ++#ifdef __x86_64__ ++ if (a.value != 1) ++ rc = -EINVAL; ++ else if (hyperv_initialize(d)) ++ rc = -ENOMEM; ++ else ++ break; ++#else ++ rc = -EINVAL; ++#endif ++ goto param_fail; } if ( rc == 0 ) @@ -140,7 +141,7 @@ Index: xen-3.4.1-testing/xen/include/public/arch-x86/hvm/save.h =================================================================== --- xen-3.4.1-testing.orig/xen/include/public/arch-x86/hvm/save.h +++ xen-3.4.1-testing/xen/include/public/arch-x86/hvm/save.h -@@ -432,9 +432,26 @@ struct hvm_viridian_context { +@@ -432,9 +432,24 @@ struct hvm_viridian_context { DECLARE_HVM_SAVE_TYPE(VIRIDIAN, 15, struct hvm_viridian_context); @@ -150,16 +151,14 @@ Index: xen-3.4.1-testing/xen/include/public/arch-x86/hvm/save.h + uint32_t long_mode; + uint32_t ext_id; +}; -+ -+DECLARE_HVM_SAVE_TYPE(HYPERV_DOM, 16, struct hvm_hyperv_dom); ++DECLARE_HVM_SAVE_TYPE(HYPERV_DOM, 15, struct hvm_hyperv_dom); + +struct hvm_hyperv_cpu { + uint64_t control_msr; + uint64_t version_msr; + uint64_t pad[27]; //KYS: sles10 sp2 compatibility +}; -+ -+DECLARE_HVM_SAVE_TYPE(HYPERV_CPU, 17, struct hvm_hyperv_cpu); ++DECLARE_HVM_SAVE_TYPE(HYPERV_CPU, 16, struct hvm_hyperv_cpu); + /* * Largest type-code in use diff --git a/hv_xen_extension.patch b/hv_xen_extension.patch index e24db36..567a802 100644 --- a/hv_xen_extension.patch +++ b/hv_xen_extension.patch @@ -3,7 +3,7 @@ Index: xen-3.4.1-testing/xen/include/asm-x86/hvm/hvm_extensions.h =================================================================== --- /dev/null +++ xen-3.4.1-testing/xen/include/asm-x86/hvm/hvm_extensions.h -@@ -0,0 +1,165 @@ +@@ -0,0 +1,183 @@ +/**************************************************************************** + | + | Copyright (c) [2007, 2008] Novell, Inc. @@ -74,29 +74,35 @@ Index: xen-3.4.1-testing/xen/include/asm-x86/hvm/hvm_extensions.h +static inline int +hyperx_intercept_domain_create(struct domain *d) +{ -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) { ++#ifdef __x86_64__ ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) { + return(hyperv_dom_create(d)); + } ++#endif + return (0); +} + +static inline void +hyperx_intercept_domain_destroy(struct domain *d) +{ -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) ++#ifdef __x86_64__ ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) + { + hyperv_dom_destroy(d); + } ++#endif +} + +static inline int +hyperx_intercept_vcpu_initialize(struct vcpu *v) +{ ++#ifdef __x86_64__ + struct domain *d = v->domain; -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) + { + return(hyperv_vcpu_initialize(v)); + } ++#endif + return (0); +} + @@ -104,65 +110,77 @@ Index: xen-3.4.1-testing/xen/include/asm-x86/hvm/hvm_extensions.h +static inline void +hyperx_intercept_vcpu_up(struct vcpu *v) +{ ++#ifdef __x86_64__ + struct domain *d = current->domain; -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) + { + hyperv_vcpu_up(v); + } ++#endif +} + +static inline void +hyperx_intercept_vcpu_destroy(struct vcpu *v) +{ ++#ifdef __x86_64__ + struct domain *d = v->domain; -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) + { + hyperv_vcpu_destroy(v); + } ++#endif +} + +static inline int +hyperx_intercept_do_cpuid(uint32_t idx, unsigned int *eax, unsigned int *ebx, + unsigned int *ecx, unsigned int *edx) +{ ++#ifdef __x86_64__ + struct domain *d = current->domain; -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) + { + return(hyperv_do_cpu_id(idx, eax, ebx, ecx, edx)); + } ++#endif + return (0); +} + +static inline int +hyperx_intercept_do_msr_read(uint32_t idx, struct cpu_user_regs *regs) +{ ++#ifdef __x86_64__ + struct domain *d = current->domain; -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) + { + return(hyperv_do_rd_msr(idx, regs)); + } ++#endif + return (0); +} + +static inline int +hyperx_intercept_do_msr_write(uint32_t idx, struct cpu_user_regs *regs) +{ ++#ifdef __x86_64__ + struct domain *d = current->domain; -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) + { + return(hyperv_do_wr_msr(idx, regs)); + } ++#endif + return (0); +} + +static inline int +hyperx_intercept_do_hypercall(struct cpu_user_regs *regs) +{ ++#ifdef __x86_64__ + struct domain *d = current->domain; -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) + { + return(hyperv_do_hypercall(regs)); + } ++#endif + return (0); +} + @@ -327,7 +345,8 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_hypercall.c + if (fast) + { + hvm_set_cr3(input); -+ } else ++ } ++ else + { + /* + * Slow path; copy the new value. @@ -356,7 +375,6 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_hypercall.c + hv_vcpu_t *vcpup = &curp->vcpu_state[hv_get_current_vcpu_index()]; + u64 partition_id; + -+ + fast = (int)((opcode >>16) & 0x1); + verb = (short)(opcode & 0xffff); + rep_count = (short)((opcode >>32) & 0xfff); @@ -1601,7 +1619,7 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_shim.h + * Supported Synthetic MSRs. 0.83 HyperV spec, section 3.4 + * Supported features. + */ -+#define _MSR_VP_RUNTIME 0 ++#define _MSR_VP_RUNTIME 0 +#define MSR_VP_RUNTIME (1U<<_MSR_VP_RUNTIME) +#define _MSR_TIME_REF_CNT 1 +#define MSR_TIME_REF_CNT (1U<<_MSR_TIME_REF_CNT) @@ -1615,7 +1633,7 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_shim.h +#define HYPERCALL_MSRS (1U<<_HYPERCALL_MSRS) +#define _MSR_VP_INDEX 6 +#define MSR_VP_INDEX (1U<<_MSR_VP_INDEX) -+#define _RESET_MSR 7 ++#define _RESET_MSR 7 +#define RESET_MSR (1U<<_RESET_MSR) + +#define HV_SHIM_SUPPORTED_MSRS \ diff --git a/ioemu-bdrv-open-CACHE_WB.patch b/ioemu-bdrv-open-CACHE_WB.patch new file mode 100644 index 0000000..e59ad1c --- /dev/null +++ b/ioemu-bdrv-open-CACHE_WB.patch @@ -0,0 +1,16 @@ +--- xen-3.4.1-testing/tools/ioemu-remote/hw/xen_blktap.c 2009-09-21 13:26:03.000000000 +0800 ++++ xen-3.4.1-testing/tools/ioemu-remote/hw/xen_blktap.c 2009-09-28 16:30:13.000000000 +0800 +@@ -249,8 +249,11 @@ static int open_disk(struct td_state *s, + drv = blktap_drivers[i].drv; + DPRINTF("%s driver specified\n", drv ? drv->format_name : "No"); + +- /* Open the image */ +- if (bdrv_open2(bs, path, flags, drv) != 0) { ++ /* Open the image ++ * Use BDRV_O_CACHE_WB for write-through caching, ++ * no flags for write-back caching ++ */ ++ if (bdrv_open2(bs, path, flags|BDRV_O_CACHE_WB, drv) != 0) { + fprintf(stderr, "Could not open image file %s\n", path); + return -ENOMEM; + } diff --git a/xen.changes b/xen.changes index 2594ec3..05f2e6f 100644 --- a/xen.changes +++ b/xen.changes @@ -1,3 +1,18 @@ +------------------------------------------------------------------- +Mon Sep 28 16:34:19 CST 2009 - wkong@novell.com +- Add patch ioemu-bdrv-open-CACHE_WB.patch + for install guest on tapdisk very very slow. + +------------------------------------------------------------------- +Mon Sep 28 08:28:24 MDT 2009 - carnold@novell.com + +- bnc#542525 - VUL-1: xen pygrub vulnerability + 20099-pygrub-security.patch + 20107-pygrub-security.patch + 20146-pygrub-security.patch + 20174-pygrub-security.patch + 20201-pygrub-security.patch + ------------------------------------------------------------------- Fri Sep 25 15:08:12 MDT 2009 - jfehlig@novell.com diff --git a/xen.spec b/xen.spec index c3419b2..0db748b 100644 --- a/xen.spec +++ b/xen.spec @@ -1,5 +1,5 @@ # -# spec file for package xen (Version 3.4.1_19718_03) +# spec file for package xen (Version 3.4.1_19718_04) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -37,7 +37,7 @@ BuildRequires: glibc-32bit glibc-devel-32bit %if %{?with_kmp}0 BuildRequires: kernel-source kernel-syms module-init-tools xorg-x11 %endif -Version: 3.4.1_19718_03 +Version: 3.4.1_19718_04 Release: 1 License: GPL v2 only Group: System/Kernel @@ -79,9 +79,14 @@ Patch3: 20035-x86-load-sreg-adjust.patch Patch4: 20059-vmx-nmi-handling.patch Patch5: 20077-x86-runstate-cswitch-out.patch Patch6: 20078-x86_64-branch-emulation.patch -Patch7: 20101-hvm-no-compat-virt-start.patch -Patch8: 20112-x86-dom0-boot-run-timers.patch -Patch9: 20125-xc-parse-tuple-fix.patch +Patch7: 20099-pygrub-security.patch +Patch8: 20101-hvm-no-compat-virt-start.patch +Patch9: 20107-pygrub-security.patch +Patch10: 20112-x86-dom0-boot-run-timers.patch +Patch11: 20125-xc-parse-tuple-fix.patch +Patch12: 20146-pygrub-security.patch +Patch13: 20174-pygrub-security.patch +Patch14: 20201-pygrub-security.patch # Our patches Patch100: xen-config.diff Patch101: xend-config.diff @@ -173,6 +178,7 @@ Patch405: blktap-pv-cdrom.patch Patch406: network-nat-open-SuSEfirewall2-FORWARD.patch Patch407: ioemu-7615-qcow2-fix-alloc_cluster_link_l2.patch Patch408: qemu-retry-be-status.patch +Patch409: ioemu-bdrv-open-CACHE_WB.patch %if %{?with_kmp}0 Patch450: disable_emulated_device.diff %endif @@ -524,6 +530,11 @@ Authors: %patch7 -p1 %patch8 -p1 %patch9 -p1 +%patch10 -p1 +%patch11 -p1 +%patch12 -p1 +%patch13 -p1 +%patch14 -p1 %patch100 -p1 %patch101 -p1 %patch102 -p1 @@ -606,6 +617,7 @@ Authors: %patch406 -p1 %patch407 -p1 %patch408 -p1 +%patch409 -p1 %if %{?with_kmp}0 %patch450 -p1 %endif From b3dd26fbdf935fe2f4996f37df8104e7a0cdb9033a36273a42955916127c0502 Mon Sep 17 00:00:00 2001 From: Charles Arnold Date: Fri, 9 Oct 2009 17:10:14 +0000 Subject: [PATCH 2/5] - bnc#541945 - xm create -x command does not work in SLES 10 SP2 or SLES 11 xm-create-xflag.patch - Minor enhancement to xen-updown.sh sysconfig hook OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=23 --- mkbuildtree.patch | 15 ++++++++++++++- xen-updown.sh | 1 + xen.changes | 12 ++++++++++++ xm-create-xflag.patch | 31 +++++++++++++++++++++++++++++++ 4 files changed, 58 insertions(+), 1 deletion(-) create mode 100644 xm-create-xflag.patch diff --git a/mkbuildtree.patch b/mkbuildtree.patch index d8e479c..f346359 100644 --- a/mkbuildtree.patch +++ b/mkbuildtree.patch @@ -2,7 +2,20 @@ Index: xen-3.4.1-testing/unmodified_drivers/linux-2.6/mkbuildtree =================================================================== --- xen-3.4.1-testing.orig/unmodified_drivers/linux-2.6/mkbuildtree +++ xen-3.4.1-testing/unmodified_drivers/linux-2.6/mkbuildtree -@@ -47,7 +47,14 @@ ln -nsf ${XEN}/include/public include/xe +@@ -33,7 +33,11 @@ for d in $(find ${XL}/drivers/xen/ -mind + done + + ln -sf ${XL}/drivers/xen/core/gnttab.c platform-pci +-ln -sf ${XL}/drivers/xen/core/features.c platform-pci ++if [ -f ${XL}/drivers/xen/core/features.c ]; then ++ ln -sf ${XL}/drivers/xen/core/features.c platform-pci ++else ++ ln -sf ${XL}/drivers/xen/features.c platform-pci ++fi + ln -sf ${XL}/drivers/xen/core/xen_proc.c xenbus + ln -sf ${XL}/drivers/xen/core/reboot.c platform-pci + +@@ -47,7 +51,14 @@ ln -nsf ${XEN}/include/public include/xe # be native and not xenolinux). case "$uname" in i[34567]86|x86_64) diff --git a/xen-updown.sh b/xen-updown.sh index 6d19359..7bdb197 100644 --- a/xen-updown.sh +++ b/xen-updown.sh @@ -151,6 +151,7 @@ case $SCRIPTNAME in ;; *if-down.d*) exit_if_xend_not_running + test -d "/sys/class/net/$INTERFACE/brif/" || exit 0 # Remember vifs attached to $INTERFACE vifs=() diff --git a/xen.changes b/xen.changes index 05f2e6f..c7a206e 100644 --- a/xen.changes +++ b/xen.changes @@ -1,3 +1,15 @@ +------------------------------------------------------------------- +Fri Oct 9 09:24:29 MDT 2009 - carnold@novell.com + +- bnc#541945 - xm create -x command does not work in SLES 10 SP2 or + SLES 11 + xm-create-xflag.patch + +------------------------------------------------------------------- +Thu Oct 8 22:44:04 MDT 2009 - jfehlig@novell.com + +- Minor enhancement to xen-updown.sh sysconfig hook + ------------------------------------------------------------------- Mon Sep 28 16:34:19 CST 2009 - wkong@novell.com - Add patch ioemu-bdrv-open-CACHE_WB.patch diff --git a/xm-create-xflag.patch b/xm-create-xflag.patch new file mode 100644 index 0000000..51971a7 --- /dev/null +++ b/xm-create-xflag.patch @@ -0,0 +1,31 @@ +Index: xen-3.4.1-testing/tools/python/xen/xm/create.py +=================================================================== +--- xen-3.4.1-testing.orig/tools/python/xen/xm/create.py ++++ xen-3.4.1-testing/tools/python/xen/xm/create.py +@@ -37,7 +37,7 @@ from xen.xend.server.DevConstants import + from xen.util import blkif + from xen.util import vscsi_util + import xen.util.xsm.xsm as security +-from xen.xm.main import serverType, SERVER_XEN_API, get_single_vm ++from xen.xm.main import serverType, SERVER_XEN_API, SERVER_LEGACY_XMLRPC, get_single_vm + from xen.util import utils + + from xen.xm.opts import * +@@ -1351,7 +1351,7 @@ def main(argv): + except IOError, exn: + raise OptionError("Cannot read file %s: %s" % (config, exn[1])) + +- if serverType == SERVER_XEN_API: ++ if serverType == SERVER_XEN_API or serverType == SERVER_LEGACY_XMLRPC: + from xen.xm.xenapi_create import sxp2xml + sxp2xml_inst = sxp2xml() + doc = sxp2xml_inst.convert_sxp_to_xml(config, transient=True) +@@ -1359,7 +1359,7 @@ def main(argv): + if opts.vals.dryrun and not opts.is_xml: + SXPPrettyPrint.prettyprint(config) + +- if opts.vals.xmldryrun and serverType == SERVER_XEN_API: ++ if opts.vals.xmldryrun: + from xml.dom.ext import PrettyPrint as XMLPrettyPrint + XMLPrettyPrint(doc) + From acda484cb089b0d8f8435ee649b9c6fdb6d29f4e60714147f9a42de3ff87b6b1 Mon Sep 17 00:00:00 2001 From: Charles Arnold Date: Fri, 9 Oct 2009 17:46:44 +0000 Subject: [PATCH 3/5] Update xen.spec to include xm-create-xflag.patch OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=24 --- xen.spec | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/xen.spec b/xen.spec index 0db748b..9555b78 100644 --- a/xen.spec +++ b/xen.spec @@ -137,7 +137,8 @@ Patch163: checkpoint-rename.patch Patch164: network-nat.patch Patch165: ioemu-debuginfo.patch Patch166: xm-save-check-file.patch -Patch167: mkbuildtree.patch +Patch167: xm-create-xflag.patch +Patch168: mkbuildtree.patch # Patches for snapshot support Patch200: snapshot-ioemu-save.patch Patch201: snapshot-ioemu-restore.patch @@ -583,6 +584,7 @@ Authors: %patch165 -p1 %patch166 -p1 %patch167 -p1 +%patch168 -p1 %patch200 -p1 %patch201 -p1 %patch202 -p1 From 0df7e563d6c9e4b3d436a71f1febc1e826d2c6b13f95c984ffa26f4e157c3252 Mon Sep 17 00:00:00 2001 From: OBS User autobuild Date: Mon, 12 Oct 2009 14:04:54 +0000 Subject: [PATCH 4/5] checked in OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=25 --- 20099-pygrub-security.patch | 142 --------------------------------- 20107-pygrub-security.patch | 39 --------- 20125-xc-parse-tuple-fix.patch | 13 ++- 20146-pygrub-security.patch | 95 ---------------------- 20174-pygrub-security.patch | 95 ---------------------- 20201-pygrub-security.patch | 42 ---------- hv_tools.patch | 20 ++--- hv_win7_eoi_bug.patch | 8 +- hv_xen_base.patch | 39 ++++----- hv_xen_extension.patch | 46 ++++------- ioemu-bdrv-open-CACHE_WB.patch | 16 ---- mkbuildtree.patch | 15 +--- xen-updown.sh | 1 - xen.changes | 27 ------- xen.spec | 26 ++---- xm-create-xflag.patch | 31 ------- 16 files changed, 62 insertions(+), 593 deletions(-) delete mode 100644 20099-pygrub-security.patch delete mode 100644 20107-pygrub-security.patch delete mode 100644 20146-pygrub-security.patch delete mode 100644 20174-pygrub-security.patch delete mode 100644 20201-pygrub-security.patch delete mode 100644 ioemu-bdrv-open-CACHE_WB.patch delete mode 100644 xm-create-xflag.patch diff --git a/20099-pygrub-security.patch b/20099-pygrub-security.patch deleted file mode 100644 index 6ec02f3..0000000 --- a/20099-pygrub-security.patch +++ /dev/null @@ -1,142 +0,0 @@ -# HG changeset patch -# User Keir Fraser -# Date 1250781436 -3600 -# Node ID 8f783adc0ee34808cdd296cccd92f99018f76017 -# Parent 4b30cfb855299922244938fde4f88f4e5bb5df34 -pygrub: Add password support - -It basically checks for the presence of password line in grub.conf -of the guest image and if this line is present, it supports both clear -text and md5 versions of the password. Editing the grub entries and -command-line are disabled when some password is set in domain's -grub.conf file but the password was not entered yet. Also, new option -to press 'p' in interactive pygrub has been added to allow entering -the grub password. It's been tested on x86_64 with PV guests and was -working fine. Also, the countdown has been stopped after key was -pressed, ie. the user is probably editing the boot configuration. - -Signed-off-by: Michal Novotny - -Index: xen-3.4.1-testing/tools/pygrub/src/GrubConf.py -=================================================================== ---- xen-3.4.1-testing.orig/tools/pygrub/src/GrubConf.py -+++ xen-3.4.1-testing/tools/pygrub/src/GrubConf.py -@@ -157,6 +157,7 @@ class GrubConfigFile(object): - self.images = [] - self.timeout = -1 - self._default = 0 -+ self.passwordAccess = True - - if fn is not None: - self.parse() -@@ -196,6 +197,7 @@ class GrubConfigFile(object): - if self.commands.has_key(com): - if self.commands[com] is not None: - setattr(self, self.commands[com], arg.strip()) -+ #print "%s = %s => %s" % (com, self.commands[com], arg.strip() ) - else: - logging.info("Ignored directive %s" %(com,)) - else: -@@ -204,6 +206,37 @@ class GrubConfigFile(object): - if len(img) > 0: - self.add_image(GrubImage(img)) - -+ if self.hasPassword(): -+ self.setPasswordAccess(False) -+ -+ def hasPasswordAccess(self): -+ return self.passwordAccess -+ -+ def setPasswordAccess(self, val): -+ self.passwordAccess = val -+ -+ def hasPassword(self): -+ try: -+ getattr(self, self.commands['password']) -+ return True -+ except KeyError, e: -+ return False -+ -+ def checkPassword(self, password): -+ try: -+ pwd = getattr(self, self.commands['password']).split() -+ if pwd[0] == '--md5': -+ import crypt -+ if crypt.crypt(password, pwd[1]) == pwd[1]: -+ return True -+ -+ if pwd[0] == password: -+ return True -+ -+ return False -+ except: -+ return True -+ - def set(self, line): - (com, arg) = grub_exact_split(line, 2) - if self.commands.has_key(com): -Index: xen-3.4.1-testing/tools/pygrub/src/pygrub -=================================================================== ---- xen-3.4.1-testing.orig/tools/pygrub/src/pygrub -+++ xen-3.4.1-testing/tools/pygrub/src/pygrub -@@ -418,7 +418,14 @@ class Grub: - self.text_win.addstr(0, 0, "Use the U and D keys to select which entry is highlighted.") - self.text_win.addstr(1, 0, "Press enter to boot the selected OS. 'e' to edit the") - self.text_win.addstr(2, 0, "commands before booting, 'a' to modify the kernel arguments ") -- self.text_win.addstr(3, 0, "before booting, or 'c' for a command line.") -+ -+ # if grub has password defined we allow option to enter password -+ if not self.cf.hasPassword(): -+ self.text_win.addstr(3, 0, "before booting, or 'c' for a command line.") -+ else: -+ self.text_win.addstr(3, 0, "before booting, or 'c' for a command line. You can also") -+ self.text_win.addstr(4, 0, "press 'p' to enter password for modifications...") -+ - self.text_win.addch(0, 8, curses.ACS_UARROW) - self.text_win.addch(0, 14, curses.ACS_DARROW) - (y, x) = self.text_win.getmaxyx() -@@ -457,9 +464,19 @@ class Grub: - - # handle keypresses - if c == ord('c'): -+ # we disallow access without password specified -+ if not self.cf.hasPasswordAccess(): -+ self.text_win.addstr(6, 8, "You have to enter GRUB password first") -+ break -+ - self.command_line_mode() - break - elif c == ord('a'): -+ # we disallow access without password specified -+ if not self.cf.hasPasswordAccess(): -+ self.text_win.addstr(6, 8, "You have to enter GRUB password first") -+ break -+ - # find the kernel line, edit it and then boot - img = self.cf.images[self.selected_image] - for line in img.lines: -@@ -471,9 +488,24 @@ class Grub: - break - break - elif c == ord('e'): -+ # we disallow access without password specified -+ if not self.cf.hasPasswordAccess(): -+ self.text_win.addstr(6, 8, "You have to enter GRUB password first") -+ break -+ - img = self.cf.images[self.selected_image] - self.edit_entry(img) - break -+ elif c == ord('p') and self.cf.hasPassword(): -+ self.text_win.addstr(6, 8, "Enter password: ") -+ pwd = self.text_win.getstr(6, 8) -+ if not self.cf.checkPassword(pwd): -+ self.text_win.addstr(6, 8, "Incorrect password!") -+ self.cf.setPasswordAccess( False ) -+ else: -+ self.text_win.addstr(6, 8, "Access granted ") -+ self.cf.setPasswordAccess( True ) -+ break - elif c in (curses.KEY_ENTER, ord('\n'), ord('\r')): - self.isdone = True - break diff --git a/20107-pygrub-security.patch b/20107-pygrub-security.patch deleted file mode 100644 index 2607acb..0000000 --- a/20107-pygrub-security.patch +++ /dev/null @@ -1,39 +0,0 @@ -# HG changeset patch -# User Keir Fraser -# Date 1250871100 -3600 -# Node ID 168f0cfeded0ad64e03d821efe5dcbe2eb5806a3 -# Parent 4207d83fc78ef63016a4163b09f30aa471e4bdb8 -pygrub: Fix elilo handling after password patch. - -Signed-off-by: Michal Novotny - -Index: xen-3.4.1-testing/tools/pygrub/src/GrubConf.py -=================================================================== ---- xen-3.4.1-testing.orig/tools/pygrub/src/GrubConf.py -+++ xen-3.4.1-testing/tools/pygrub/src/GrubConf.py -@@ -219,7 +219,7 @@ class GrubConfigFile(object): - try: - getattr(self, self.commands['password']) - return True -- except KeyError, e: -+ except: - return False - - def checkPassword(self, password): -Index: xen-3.4.1-testing/tools/pygrub/src/LiloConf.py -=================================================================== ---- xen-3.4.1-testing.orig/tools/pygrub/src/LiloConf.py -+++ xen-3.4.1-testing/tools/pygrub/src/LiloConf.py -@@ -138,6 +138,12 @@ class LiloConfigFile(object): - if len(img) > 0: - self.add_image(LiloImage(img, path)) - -+ def hasPassword(self): -+ return False -+ -+ def hasPasswordAccess(self): -+ return True -+ - def add_image(self, image): - self.images.append(image) - diff --git a/20125-xc-parse-tuple-fix.patch b/20125-xc-parse-tuple-fix.patch index 4cdc418..45e18bc 100644 --- a/20125-xc-parse-tuple-fix.patch +++ b/20125-xc-parse-tuple-fix.patch @@ -8,11 +8,10 @@ when it expects a full integer. Signed-off-by: Keir Fraser -Index: xen-3.4.1-testing/tools/python/xen/lowlevel/xc/xc.c -=================================================================== ---- xen-3.4.1-testing.orig/tools/python/xen/lowlevel/xc/xc.c -+++ xen-3.4.1-testing/tools/python/xen/lowlevel/xc/xc.c -@@ -650,10 +650,9 @@ static PyObject *pyxc_deassign_device(Xc +diff -r 71389988f5d4 -r ed672a604cc7 tools/python/xen/lowlevel/xc/xc.c +--- a/tools/python/xen/lowlevel/xc/xc.c Wed Aug 26 15:35:14 2009 +0100 ++++ b/tools/python/xen/lowlevel/xc/xc.c Wed Aug 26 15:41:59 2009 +0100 +@@ -654,10 +654,9 @@ static PyObject *pyxc_get_device_group(XcObject *self, PyObject *args) { @@ -24,7 +23,7 @@ Index: xen-3.4.1-testing/tools/python/xen/lowlevel/xc/xc.c PyObject *Pystr; char *group_str; char dev_str[9]; -@@ -808,7 +807,7 @@ static PyObject *pyxc_dom_check_cpuid(Xc +@@ -812,7 +811,7 @@ static PyObject *pyxc_dom_set_policy_cpuid(XcObject *self, PyObject *args) { @@ -33,7 +32,7 @@ Index: xen-3.4.1-testing/tools/python/xen/lowlevel/xc/xc.c if ( !PyArg_ParseTuple(args, "i", &domid) ) return NULL; -@@ -824,9 +823,8 @@ static PyObject *pyxc_dom_set_policy_cpu +@@ -828,9 +827,8 @@ static PyObject *pyxc_dom_set_cpuid(XcObject *self, PyObject *args) { diff --git a/20146-pygrub-security.patch b/20146-pygrub-security.patch deleted file mode 100644 index 95eef9c..0000000 --- a/20146-pygrub-security.patch +++ /dev/null @@ -1,95 +0,0 @@ -# HG changeset patch -# User Keir Fraser -# Date 1251887904 -3600 -# Node ID e513d565c8f1298d26bc614eabd1b7111693a940 -# Parent 8fc92779847680fe40a1ee9c2a01b3effc7cd056 -pygrub: Match bare-metal GRUB behavior for passwords - -The password support patch already merged didn't match the bare-metal -GRUB behavior so I created a patch to match it. If password is entered -in grub.conf file, pressing `p` is required exactly like when using -"real" (bare-metal) GRUB. New options are available after the correct -password is entered. - -Signed-off-by: Michal Novotny - -Index: xen-3.4.1-testing/tools/pygrub/src/pygrub -=================================================================== ---- xen-3.4.1-testing.orig/tools/pygrub/src/pygrub -+++ xen-3.4.1-testing/tools/pygrub/src/pygrub -@@ -415,16 +415,17 @@ class Grub: - def draw(): - # set up the screen - self.draw_main_windows() -- self.text_win.addstr(0, 0, "Use the U and D keys to select which entry is highlighted.") -- self.text_win.addstr(1, 0, "Press enter to boot the selected OS. 'e' to edit the") -- self.text_win.addstr(2, 0, "commands before booting, 'a' to modify the kernel arguments ") - -- # if grub has password defined we allow option to enter password -- if not self.cf.hasPassword(): -+ if not self.cf.hasPassword() or self.cf.hasPasswordAccess(): -+ self.text_win.addstr(0, 0, "Use the U and D keys to select which entry is highlighted.") -+ self.text_win.addstr(1, 0, "Press enter to boot the selected OS, 'e' to edit the") -+ self.text_win.addstr(2, 0, "commands before booting, 'a' to modify the kernel arguments ") - self.text_win.addstr(3, 0, "before booting, or 'c' for a command line.") -+ - else: -- self.text_win.addstr(3, 0, "before booting, or 'c' for a command line. You can also") -- self.text_win.addstr(4, 0, "press 'p' to enter password for modifications...") -+ self.text_win.addstr(0, 0, "Use the U and D keys to select which entry is highlighted.") -+ self.text_win.addstr(1, 0, "Press enter to boot the selected OS or `p` to enter a") -+ self.text_win.addstr(2, 0, "password to unlock the next set of features.") - - self.text_win.addch(0, 8, curses.ACS_UARROW) - self.text_win.addch(0, 14, curses.ACS_DARROW) -@@ -463,20 +464,10 @@ class Grub: - self.screen.timeout(-1) - - # handle keypresses -- if c == ord('c'): -- # we disallow access without password specified -- if not self.cf.hasPasswordAccess(): -- self.text_win.addstr(6, 8, "You have to enter GRUB password first") -- break -- -+ if c == ord('c') and self.cf.hasPasswordAccess(): - self.command_line_mode() - break -- elif c == ord('a'): -- # we disallow access without password specified -- if not self.cf.hasPasswordAccess(): -- self.text_win.addstr(6, 8, "You have to enter GRUB password first") -- break -- -+ elif c == ord('a') and self.cf.hasPasswordAccess(): - # find the kernel line, edit it and then boot - img = self.cf.images[self.selected_image] - for line in img.lines: -@@ -487,23 +478,18 @@ class Grub: - self.isdone = True - break - break -- elif c == ord('e'): -- # we disallow access without password specified -- if not self.cf.hasPasswordAccess(): -- self.text_win.addstr(6, 8, "You have to enter GRUB password first") -- break -- -+ elif c == ord('e') and self.cf.hasPasswordAccess(): - img = self.cf.images[self.selected_image] - self.edit_entry(img) - break - elif c == ord('p') and self.cf.hasPassword(): -- self.text_win.addstr(6, 8, "Enter password: ") -+ self.text_win.addstr(6, 1, "Password: ") - pwd = self.text_win.getstr(6, 8) - if not self.cf.checkPassword(pwd): -- self.text_win.addstr(6, 8, "Incorrect password!") -+ self.text_win.addstr(6, 1, "Password: ") -+ self.text_win.addstr(7, 0, "Failed!") - self.cf.setPasswordAccess( False ) - else: -- self.text_win.addstr(6, 8, "Access granted ") - self.cf.setPasswordAccess( True ) - break - elif c in (curses.KEY_ENTER, ord('\n'), ord('\r')): diff --git a/20174-pygrub-security.patch b/20174-pygrub-security.patch deleted file mode 100644 index bd9beeb..0000000 --- a/20174-pygrub-security.patch +++ /dev/null @@ -1,95 +0,0 @@ -# HG changeset patch -# User Keir Fraser -# Date 1252327855 -3600 -# Node ID a28c9c2fa8de05ebd0284f578289e96d2d15d574 -# Parent b81e375e03922cd72d6e1404bc62a05059a4fe61 -pygrub: trap exception when python module import fails - -Fix the issue when importing 'crypt' module or crypt.crypt fails in -pygrub. The exception is written on the same line like "Failed!" -message but only if there is an exception. If there is no exception, -we don't bother users with details (probably the password they entered -was wrong) so we just display "Failed!" message. Also, the code for -hasPassword() was rewritten not to have try/except block here. - -Signed-off-by: Michal Novotny - -Index: xen-3.4.1-testing/tools/pygrub/src/GrubConf.py -=================================================================== ---- xen-3.4.1-testing.orig/tools/pygrub/src/GrubConf.py -+++ xen-3.4.1-testing/tools/pygrub/src/GrubConf.py -@@ -158,6 +158,7 @@ class GrubConfigFile(object): - self.timeout = -1 - self._default = 0 - self.passwordAccess = True -+ self.passExc = None - - if fn is not None: - self.parse() -@@ -197,7 +198,6 @@ class GrubConfigFile(object): - if self.commands.has_key(com): - if self.commands[com] is not None: - setattr(self, self.commands[com], arg.strip()) -- #print "%s = %s => %s" % (com, self.commands[com], arg.strip() ) - else: - logging.info("Ignored directive %s" %(com,)) - else: -@@ -216,25 +216,28 @@ class GrubConfigFile(object): - self.passwordAccess = val - - def hasPassword(self): -- try: -- getattr(self, self.commands['password']) -- return True -- except: -- return False -+ return hasattr(self, 'password') - - def checkPassword(self, password): -- try: -- pwd = getattr(self, self.commands['password']).split() -- if pwd[0] == '--md5': -+ # Always allow if no password defined in grub.conf -+ if not self.hasPassword: -+ return True -+ -+ # If we're here, we're having 'password' attribute set -+ pwd = getattr(self, 'password').split() -+ -+ # We check whether password is in MD5 hash for comparison -+ if pwd[0] == '--md5': -+ try: - import crypt - if crypt.crypt(password, pwd[1]) == pwd[1]: - return True -+ except Exception, e: -+ self.passExc = "Can't verify password: %s" % str(e) -+ return False - -- if pwd[0] == password: -- return True -- -- return False -- except: -+ # ... and if not, we compare it as a plain text -+ if pwd[0] == password: - return True - - def set(self, line): -Index: xen-3.4.1-testing/tools/pygrub/src/pygrub -=================================================================== ---- xen-3.4.1-testing.orig/tools/pygrub/src/pygrub -+++ xen-3.4.1-testing/tools/pygrub/src/pygrub -@@ -487,7 +487,11 @@ class Grub: - pwd = self.text_win.getstr(6, 8) - if not self.cf.checkPassword(pwd): - self.text_win.addstr(6, 1, "Password: ") -- self.text_win.addstr(7, 0, "Failed!") -+ if self.cf.passExc is not None: -+ self.text_win.addstr(7, 0, "Exception: %s" -+ % self.cf.passExc) -+ else: -+ self.text_win.addstr(7, 0, "Failed!") - self.cf.setPasswordAccess( False ) - else: - self.cf.setPasswordAccess( True ) diff --git a/20201-pygrub-security.patch b/20201-pygrub-security.patch deleted file mode 100644 index 7218664..0000000 --- a/20201-pygrub-security.patch +++ /dev/null @@ -1,42 +0,0 @@ -# HG changeset patch -# User Keir Fraser -# Date 1253002894 -3600 -# Node ID 67f1b8b3258591b979c441c6013af3c442063cc1 -# Parent 045b2b8b522708093b91f883f1b7e7c1805f71e3 -pygrub: Correct pygrub return value - -This is the patch to correct pygrub return value for checkPassword() -function. It didn't return False at the end of the function. It -returned None so it was working fine and it's most likely just a -cosmetic issue. - -Also, the missing () were added to checkPassword() function when -calling hasPassword and the unnecessary comment was removed. - -Signed-off-by: Michal Novotny - -Index: xen-3.4.1-testing/tools/pygrub/src/GrubConf.py -=================================================================== ---- xen-3.4.1-testing.orig/tools/pygrub/src/GrubConf.py -+++ xen-3.4.1-testing/tools/pygrub/src/GrubConf.py -@@ -220,10 +220,9 @@ class GrubConfigFile(object): - - def checkPassword(self, password): - # Always allow if no password defined in grub.conf -- if not self.hasPassword: -+ if not self.hasPassword(): - return True - -- # If we're here, we're having 'password' attribute set - pwd = getattr(self, 'password').split() - - # We check whether password is in MD5 hash for comparison -@@ -240,6 +239,8 @@ class GrubConfigFile(object): - if pwd[0] == password: - return True - -+ return False -+ - def set(self, line): - (com, arg) = grub_exact_split(line, 2) - if self.commands.has_key(com): diff --git a/hv_tools.patch b/hv_tools.patch index 7656ff6..78e7cca 100644 --- a/hv_tools.patch +++ b/hv_tools.patch @@ -2,26 +2,28 @@ Index: xen-3.4.1-testing/tools/python/xen/lowlevel/xc/xc.c =================================================================== --- xen-3.4.1-testing.orig/tools/python/xen/lowlevel/xc/xc.c +++ xen-3.4.1-testing/tools/python/xen/lowlevel/xc/xc.c -@@ -888,14 +888,14 @@ static PyObject *pyxc_hvm_build(XcObject +@@ -890,14 +890,14 @@ static PyObject *pyxc_hvm_build(XcObject int i; #endif char *image; - int memsize, target=-1, vcpus = 1, acpi = 0, apic = 1; -+ int memsize, target=-1, vcpus = 1, acpi = 0, apic = 1, extid = 0; ++ int memsize, target=-1, vcpus = 1, acpi = 0, apic = 1, extid=0; static char *kwd_list[] = { "domid", - "memsize", "image", "target", "vcpus", "acpi", -+ "memsize", "image", "target", "vcpus", "extid", "acpi", - "apic", NULL }; +- "apic", NULL }; - if ( !PyArg_ParseTupleAndKeywords(args, kwds, "iis|iiii", kwd_list, -+ if ( !PyArg_ParseTupleAndKeywords(args, kwds, "iis|iiiii", kwd_list, - &dom, &memsize, &image, &target, &vcpus, +- &dom, &memsize, &image, &target, &vcpus, - &acpi, &apic) ) -+ &extid, &acpi, &apic) ) ++ "memsize", "image", "target", "vcpus", "extid", ++ "acpi", "apic", NULL }; ++ if ( !PyArg_ParseTupleAndKeywords(args, kwds, "iis|iiiii", kwd_list, ++ &dom, &memsize, &image, &target, &extid, ++ &vcpus, &acpi, &apic) ) return NULL; if ( target == -1 ) -@@ -921,6 +921,7 @@ static PyObject *pyxc_hvm_build(XcObject +@@ -923,6 +923,7 @@ static PyObject *pyxc_hvm_build(XcObject va_hvm->checksum -= sum; munmap(va_map, XC_PAGE_SIZE); #endif @@ -37,7 +39,7 @@ Index: xen-3.4.1-testing/tools/python/xen/xend/XendConfig.py 'monitor': int, 'nographic': int, 'pae' : int, -+ 'extid': int, ++ 'extid': int, 'rtc_timeoffset': int, 'serial': str, 'sdl': int, diff --git a/hv_win7_eoi_bug.patch b/hv_win7_eoi_bug.patch index 2986acc..cbf151f 100644 --- a/hv_win7_eoi_bug.patch +++ b/hv_win7_eoi_bug.patch @@ -1,7 +1,7 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_intercept.c =================================================================== ---- xen-3.4.1-testing.orig/xen/arch/x86/hvm/hyperv/hv_intercept.c -+++ xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_intercept.c +--- xen-3.4.1-testing.orig/xen/arch/x86/hvm/hyperv/hv_intercept.c 2009-08-10 14:01:45.000000000 -0600 ++++ xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_intercept.c 2009-08-10 14:07:15.000000000 -0600 @@ -33,6 +33,7 @@ #include @@ -10,7 +10,7 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_intercept.c #include #include #include -@@ -987,8 +988,15 @@ hyperv_do_wr_msr(uint32_t idx, struct cp +@@ -987,8 +988,15 @@ break; case HV_MSR_APIC_ASSIST_PAGE: /* @@ -22,7 +22,7 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_intercept.c + uint32_t data = 0; + paddr_t assist_page = msr_content & ~1UL; + (void)hvm_copy_to_guest_phys(assist_page, &data, sizeof(data)); -+ } ++ } + break; diff --git a/hv_xen_base.patch b/hv_xen_base.patch index 181f722..8818e48 100644 --- a/hv_xen_base.patch +++ b/hv_xen_base.patch @@ -1,3 +1,4 @@ +%patch Index: xen-3.4.1-testing/xen/include/asm-x86/hvm/domain.h =================================================================== --- xen-3.4.1-testing.orig/xen/include/asm-x86/hvm/domain.h @@ -17,7 +18,7 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/Makefile @@ -1,5 +1,6 @@ subdir-y += svm subdir-y += vmx -+subdir-$(x86_64) += hyperv ++subdir-y += hyperv obj-y += emulate.o obj-y += hvm.o @@ -56,7 +57,7 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hvm.c if ( (rc = hvm_funcs.vcpu_initialise(v)) != 0 ) goto fail2; -@@ -732,12 +740,14 @@ int hvm_vcpu_initialise(struct vcpu *v) +@@ -732,6 +740,7 @@ int hvm_vcpu_initialise(struct vcpu *v) hvm_funcs.vcpu_destroy(v); fail2: vlapic_destroy(v); @@ -64,13 +65,14 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hvm.c fail1: return rc; } - +@@ -739,6 +748,7 @@ int hvm_vcpu_initialise(struct vcpu *v) void hvm_vcpu_destroy(struct vcpu *v) { -+ hyperx_intercept_vcpu_destroy(v); tasklet_kill(&v->arch.hvm_vcpu.assert_evtchn_irq_tasklet); ++ hyperx_intercept_vcpu_destroy(v); hvm_vcpu_cacheattr_destroy(v); vlapic_destroy(v); + hvm_funcs.vcpu_destroy(v); @@ -1690,7 +1700,7 @@ void hvm_cpuid(unsigned int input, unsig return; @@ -118,22 +120,19 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hvm.c if ( (eax & 0x80000000) && is_viridian_domain(curr->domain) ) return viridian_hypercall(regs); -@@ -2572,6 +2592,18 @@ long do_hvm_op(unsigned long op, XEN_GUE +@@ -2572,6 +2592,15 @@ long do_hvm_op(unsigned long op, XEN_GUE rc = -EINVAL; break; + case HVM_PARAM_EXTEND_HYPERVISOR: -+#ifdef __x86_64__ -+ if (a.value != 1) -+ rc = -EINVAL; -+ else if (hyperv_initialize(d)) -+ rc = -ENOMEM; -+ else -+ break; -+#else -+ rc = -EINVAL; -+#endif -+ goto param_fail; ++ if ((a.value == 1) && hyperv_initialize(d)) ++ { ++ if (a.value != 1) ++ rc = -EINVAL; ++ else ++ rc = -ENOMEM; ++ goto param_fail; ++ } } if ( rc == 0 ) @@ -141,7 +140,7 @@ Index: xen-3.4.1-testing/xen/include/public/arch-x86/hvm/save.h =================================================================== --- xen-3.4.1-testing.orig/xen/include/public/arch-x86/hvm/save.h +++ xen-3.4.1-testing/xen/include/public/arch-x86/hvm/save.h -@@ -432,9 +432,24 @@ struct hvm_viridian_context { +@@ -432,9 +432,26 @@ struct hvm_viridian_context { DECLARE_HVM_SAVE_TYPE(VIRIDIAN, 15, struct hvm_viridian_context); @@ -151,14 +150,16 @@ Index: xen-3.4.1-testing/xen/include/public/arch-x86/hvm/save.h + uint32_t long_mode; + uint32_t ext_id; +}; -+DECLARE_HVM_SAVE_TYPE(HYPERV_DOM, 15, struct hvm_hyperv_dom); ++ ++DECLARE_HVM_SAVE_TYPE(HYPERV_DOM, 16, struct hvm_hyperv_dom); + +struct hvm_hyperv_cpu { + uint64_t control_msr; + uint64_t version_msr; + uint64_t pad[27]; //KYS: sles10 sp2 compatibility +}; -+DECLARE_HVM_SAVE_TYPE(HYPERV_CPU, 16, struct hvm_hyperv_cpu); ++ ++DECLARE_HVM_SAVE_TYPE(HYPERV_CPU, 17, struct hvm_hyperv_cpu); + /* * Largest type-code in use diff --git a/hv_xen_extension.patch b/hv_xen_extension.patch index 567a802..e24db36 100644 --- a/hv_xen_extension.patch +++ b/hv_xen_extension.patch @@ -3,7 +3,7 @@ Index: xen-3.4.1-testing/xen/include/asm-x86/hvm/hvm_extensions.h =================================================================== --- /dev/null +++ xen-3.4.1-testing/xen/include/asm-x86/hvm/hvm_extensions.h -@@ -0,0 +1,183 @@ +@@ -0,0 +1,165 @@ +/**************************************************************************** + | + | Copyright (c) [2007, 2008] Novell, Inc. @@ -74,35 +74,29 @@ Index: xen-3.4.1-testing/xen/include/asm-x86/hvm/hvm_extensions.h +static inline int +hyperx_intercept_domain_create(struct domain *d) +{ -+#ifdef __x86_64__ -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) { ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) { + return(hyperv_dom_create(d)); + } -+#endif + return (0); +} + +static inline void +hyperx_intercept_domain_destroy(struct domain *d) +{ -+#ifdef __x86_64__ -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) + { + hyperv_dom_destroy(d); + } -+#endif +} + +static inline int +hyperx_intercept_vcpu_initialize(struct vcpu *v) +{ -+#ifdef __x86_64__ + struct domain *d = v->domain; -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) + { + return(hyperv_vcpu_initialize(v)); + } -+#endif + return (0); +} + @@ -110,77 +104,65 @@ Index: xen-3.4.1-testing/xen/include/asm-x86/hvm/hvm_extensions.h +static inline void +hyperx_intercept_vcpu_up(struct vcpu *v) +{ -+#ifdef __x86_64__ + struct domain *d = current->domain; -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) + { + hyperv_vcpu_up(v); + } -+#endif +} + +static inline void +hyperx_intercept_vcpu_destroy(struct vcpu *v) +{ -+#ifdef __x86_64__ + struct domain *d = v->domain; -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) + { + hyperv_vcpu_destroy(v); + } -+#endif +} + +static inline int +hyperx_intercept_do_cpuid(uint32_t idx, unsigned int *eax, unsigned int *ebx, + unsigned int *ecx, unsigned int *edx) +{ -+#ifdef __x86_64__ + struct domain *d = current->domain; -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) + { + return(hyperv_do_cpu_id(idx, eax, ebx, ecx, edx)); + } -+#endif + return (0); +} + +static inline int +hyperx_intercept_do_msr_read(uint32_t idx, struct cpu_user_regs *regs) +{ -+#ifdef __x86_64__ + struct domain *d = current->domain; -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) + { + return(hyperv_do_rd_msr(idx, regs)); + } -+#endif + return (0); +} + +static inline int +hyperx_intercept_do_msr_write(uint32_t idx, struct cpu_user_regs *regs) +{ -+#ifdef __x86_64__ + struct domain *d = current->domain; -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) + { + return(hyperv_do_wr_msr(idx, regs)); + } -+#endif + return (0); +} + +static inline int +hyperx_intercept_do_hypercall(struct cpu_user_regs *regs) +{ -+#ifdef __x86_64__ + struct domain *d = current->domain; -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) + { + return(hyperv_do_hypercall(regs)); + } -+#endif + return (0); +} + @@ -345,8 +327,7 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_hypercall.c + if (fast) + { + hvm_set_cr3(input); -+ } -+ else ++ } else + { + /* + * Slow path; copy the new value. @@ -375,6 +356,7 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_hypercall.c + hv_vcpu_t *vcpup = &curp->vcpu_state[hv_get_current_vcpu_index()]; + u64 partition_id; + ++ + fast = (int)((opcode >>16) & 0x1); + verb = (short)(opcode & 0xffff); + rep_count = (short)((opcode >>32) & 0xfff); @@ -1619,7 +1601,7 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_shim.h + * Supported Synthetic MSRs. 0.83 HyperV spec, section 3.4 + * Supported features. + */ -+#define _MSR_VP_RUNTIME 0 ++#define _MSR_VP_RUNTIME 0 +#define MSR_VP_RUNTIME (1U<<_MSR_VP_RUNTIME) +#define _MSR_TIME_REF_CNT 1 +#define MSR_TIME_REF_CNT (1U<<_MSR_TIME_REF_CNT) @@ -1633,7 +1615,7 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_shim.h +#define HYPERCALL_MSRS (1U<<_HYPERCALL_MSRS) +#define _MSR_VP_INDEX 6 +#define MSR_VP_INDEX (1U<<_MSR_VP_INDEX) -+#define _RESET_MSR 7 ++#define _RESET_MSR 7 +#define RESET_MSR (1U<<_RESET_MSR) + +#define HV_SHIM_SUPPORTED_MSRS \ diff --git a/ioemu-bdrv-open-CACHE_WB.patch b/ioemu-bdrv-open-CACHE_WB.patch deleted file mode 100644 index e59ad1c..0000000 --- a/ioemu-bdrv-open-CACHE_WB.patch +++ /dev/null @@ -1,16 +0,0 @@ ---- xen-3.4.1-testing/tools/ioemu-remote/hw/xen_blktap.c 2009-09-21 13:26:03.000000000 +0800 -+++ xen-3.4.1-testing/tools/ioemu-remote/hw/xen_blktap.c 2009-09-28 16:30:13.000000000 +0800 -@@ -249,8 +249,11 @@ static int open_disk(struct td_state *s, - drv = blktap_drivers[i].drv; - DPRINTF("%s driver specified\n", drv ? drv->format_name : "No"); - -- /* Open the image */ -- if (bdrv_open2(bs, path, flags, drv) != 0) { -+ /* Open the image -+ * Use BDRV_O_CACHE_WB for write-through caching, -+ * no flags for write-back caching -+ */ -+ if (bdrv_open2(bs, path, flags|BDRV_O_CACHE_WB, drv) != 0) { - fprintf(stderr, "Could not open image file %s\n", path); - return -ENOMEM; - } diff --git a/mkbuildtree.patch b/mkbuildtree.patch index f346359..d8e479c 100644 --- a/mkbuildtree.patch +++ b/mkbuildtree.patch @@ -2,20 +2,7 @@ Index: xen-3.4.1-testing/unmodified_drivers/linux-2.6/mkbuildtree =================================================================== --- xen-3.4.1-testing.orig/unmodified_drivers/linux-2.6/mkbuildtree +++ xen-3.4.1-testing/unmodified_drivers/linux-2.6/mkbuildtree -@@ -33,7 +33,11 @@ for d in $(find ${XL}/drivers/xen/ -mind - done - - ln -sf ${XL}/drivers/xen/core/gnttab.c platform-pci --ln -sf ${XL}/drivers/xen/core/features.c platform-pci -+if [ -f ${XL}/drivers/xen/core/features.c ]; then -+ ln -sf ${XL}/drivers/xen/core/features.c platform-pci -+else -+ ln -sf ${XL}/drivers/xen/features.c platform-pci -+fi - ln -sf ${XL}/drivers/xen/core/xen_proc.c xenbus - ln -sf ${XL}/drivers/xen/core/reboot.c platform-pci - -@@ -47,7 +51,14 @@ ln -nsf ${XEN}/include/public include/xe +@@ -47,7 +47,14 @@ ln -nsf ${XEN}/include/public include/xe # be native and not xenolinux). case "$uname" in i[34567]86|x86_64) diff --git a/xen-updown.sh b/xen-updown.sh index 7bdb197..6d19359 100644 --- a/xen-updown.sh +++ b/xen-updown.sh @@ -151,7 +151,6 @@ case $SCRIPTNAME in ;; *if-down.d*) exit_if_xend_not_running - test -d "/sys/class/net/$INTERFACE/brif/" || exit 0 # Remember vifs attached to $INTERFACE vifs=() diff --git a/xen.changes b/xen.changes index c7a206e..2594ec3 100644 --- a/xen.changes +++ b/xen.changes @@ -1,30 +1,3 @@ -------------------------------------------------------------------- -Fri Oct 9 09:24:29 MDT 2009 - carnold@novell.com - -- bnc#541945 - xm create -x command does not work in SLES 10 SP2 or - SLES 11 - xm-create-xflag.patch - -------------------------------------------------------------------- -Thu Oct 8 22:44:04 MDT 2009 - jfehlig@novell.com - -- Minor enhancement to xen-updown.sh sysconfig hook - -------------------------------------------------------------------- -Mon Sep 28 16:34:19 CST 2009 - wkong@novell.com -- Add patch ioemu-bdrv-open-CACHE_WB.patch - for install guest on tapdisk very very slow. - -------------------------------------------------------------------- -Mon Sep 28 08:28:24 MDT 2009 - carnold@novell.com - -- bnc#542525 - VUL-1: xen pygrub vulnerability - 20099-pygrub-security.patch - 20107-pygrub-security.patch - 20146-pygrub-security.patch - 20174-pygrub-security.patch - 20201-pygrub-security.patch - ------------------------------------------------------------------- Fri Sep 25 15:08:12 MDT 2009 - jfehlig@novell.com diff --git a/xen.spec b/xen.spec index 9555b78..c3419b2 100644 --- a/xen.spec +++ b/xen.spec @@ -1,5 +1,5 @@ # -# spec file for package xen (Version 3.4.1_19718_04) +# spec file for package xen (Version 3.4.1_19718_03) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -37,7 +37,7 @@ BuildRequires: glibc-32bit glibc-devel-32bit %if %{?with_kmp}0 BuildRequires: kernel-source kernel-syms module-init-tools xorg-x11 %endif -Version: 3.4.1_19718_04 +Version: 3.4.1_19718_03 Release: 1 License: GPL v2 only Group: System/Kernel @@ -79,14 +79,9 @@ Patch3: 20035-x86-load-sreg-adjust.patch Patch4: 20059-vmx-nmi-handling.patch Patch5: 20077-x86-runstate-cswitch-out.patch Patch6: 20078-x86_64-branch-emulation.patch -Patch7: 20099-pygrub-security.patch -Patch8: 20101-hvm-no-compat-virt-start.patch -Patch9: 20107-pygrub-security.patch -Patch10: 20112-x86-dom0-boot-run-timers.patch -Patch11: 20125-xc-parse-tuple-fix.patch -Patch12: 20146-pygrub-security.patch -Patch13: 20174-pygrub-security.patch -Patch14: 20201-pygrub-security.patch +Patch7: 20101-hvm-no-compat-virt-start.patch +Patch8: 20112-x86-dom0-boot-run-timers.patch +Patch9: 20125-xc-parse-tuple-fix.patch # Our patches Patch100: xen-config.diff Patch101: xend-config.diff @@ -137,8 +132,7 @@ Patch163: checkpoint-rename.patch Patch164: network-nat.patch Patch165: ioemu-debuginfo.patch Patch166: xm-save-check-file.patch -Patch167: xm-create-xflag.patch -Patch168: mkbuildtree.patch +Patch167: mkbuildtree.patch # Patches for snapshot support Patch200: snapshot-ioemu-save.patch Patch201: snapshot-ioemu-restore.patch @@ -179,7 +173,6 @@ Patch405: blktap-pv-cdrom.patch Patch406: network-nat-open-SuSEfirewall2-FORWARD.patch Patch407: ioemu-7615-qcow2-fix-alloc_cluster_link_l2.patch Patch408: qemu-retry-be-status.patch -Patch409: ioemu-bdrv-open-CACHE_WB.patch %if %{?with_kmp}0 Patch450: disable_emulated_device.diff %endif @@ -531,11 +524,6 @@ Authors: %patch7 -p1 %patch8 -p1 %patch9 -p1 -%patch10 -p1 -%patch11 -p1 -%patch12 -p1 -%patch13 -p1 -%patch14 -p1 %patch100 -p1 %patch101 -p1 %patch102 -p1 @@ -584,7 +572,6 @@ Authors: %patch165 -p1 %patch166 -p1 %patch167 -p1 -%patch168 -p1 %patch200 -p1 %patch201 -p1 %patch202 -p1 @@ -619,7 +606,6 @@ Authors: %patch406 -p1 %patch407 -p1 %patch408 -p1 -%patch409 -p1 %if %{?with_kmp}0 %patch450 -p1 %endif diff --git a/xm-create-xflag.patch b/xm-create-xflag.patch deleted file mode 100644 index 51971a7..0000000 --- a/xm-create-xflag.patch +++ /dev/null @@ -1,31 +0,0 @@ -Index: xen-3.4.1-testing/tools/python/xen/xm/create.py -=================================================================== ---- xen-3.4.1-testing.orig/tools/python/xen/xm/create.py -+++ xen-3.4.1-testing/tools/python/xen/xm/create.py -@@ -37,7 +37,7 @@ from xen.xend.server.DevConstants import - from xen.util import blkif - from xen.util import vscsi_util - import xen.util.xsm.xsm as security --from xen.xm.main import serverType, SERVER_XEN_API, get_single_vm -+from xen.xm.main import serverType, SERVER_XEN_API, SERVER_LEGACY_XMLRPC, get_single_vm - from xen.util import utils - - from xen.xm.opts import * -@@ -1351,7 +1351,7 @@ def main(argv): - except IOError, exn: - raise OptionError("Cannot read file %s: %s" % (config, exn[1])) - -- if serverType == SERVER_XEN_API: -+ if serverType == SERVER_XEN_API or serverType == SERVER_LEGACY_XMLRPC: - from xen.xm.xenapi_create import sxp2xml - sxp2xml_inst = sxp2xml() - doc = sxp2xml_inst.convert_sxp_to_xml(config, transient=True) -@@ -1359,7 +1359,7 @@ def main(argv): - if opts.vals.dryrun and not opts.is_xml: - SXPPrettyPrint.prettyprint(config) - -- if opts.vals.xmldryrun and serverType == SERVER_XEN_API: -+ if opts.vals.xmldryrun: - from xml.dom.ext import PrettyPrint as XMLPrettyPrint - XMLPrettyPrint(doc) - From e6b6844bcf8f7d9f8e2a591c29bd2f0551c30b90d38831d71b9d5fc8a2262a1c Mon Sep 17 00:00:00 2001 From: OBS User buildservice-autocommit Date: Mon, 12 Oct 2009 14:04:55 +0000 Subject: [PATCH 5/5] Updating link to change in openSUSE:Factory/xen revision 81.0 OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=b23fc510061b567c77eab271f90860d2 --- 20099-pygrub-security.patch | 142 +++++++++++++++++++++++++++++++++ 20107-pygrub-security.patch | 39 +++++++++ 20125-xc-parse-tuple-fix.patch | 13 +-- 20146-pygrub-security.patch | 95 ++++++++++++++++++++++ 20174-pygrub-security.patch | 95 ++++++++++++++++++++++ 20201-pygrub-security.patch | 42 ++++++++++ hv_tools.patch | 20 +++-- hv_win7_eoi_bug.patch | 8 +- hv_xen_base.patch | 39 +++++---- hv_xen_extension.patch | 46 +++++++---- ioemu-bdrv-open-CACHE_WB.patch | 16 ++++ mkbuildtree.patch | 15 +++- xen-updown.sh | 1 + xen.changes | 27 +++++++ xen.spec | 26 ++++-- xm-create-xflag.patch | 31 +++++++ 16 files changed, 593 insertions(+), 62 deletions(-) create mode 100644 20099-pygrub-security.patch create mode 100644 20107-pygrub-security.patch create mode 100644 20146-pygrub-security.patch create mode 100644 20174-pygrub-security.patch create mode 100644 20201-pygrub-security.patch create mode 100644 ioemu-bdrv-open-CACHE_WB.patch create mode 100644 xm-create-xflag.patch diff --git a/20099-pygrub-security.patch b/20099-pygrub-security.patch new file mode 100644 index 0000000..6ec02f3 --- /dev/null +++ b/20099-pygrub-security.patch @@ -0,0 +1,142 @@ +# HG changeset patch +# User Keir Fraser +# Date 1250781436 -3600 +# Node ID 8f783adc0ee34808cdd296cccd92f99018f76017 +# Parent 4b30cfb855299922244938fde4f88f4e5bb5df34 +pygrub: Add password support + +It basically checks for the presence of password line in grub.conf +of the guest image and if this line is present, it supports both clear +text and md5 versions of the password. Editing the grub entries and +command-line are disabled when some password is set in domain's +grub.conf file but the password was not entered yet. Also, new option +to press 'p' in interactive pygrub has been added to allow entering +the grub password. It's been tested on x86_64 with PV guests and was +working fine. Also, the countdown has been stopped after key was +pressed, ie. the user is probably editing the boot configuration. + +Signed-off-by: Michal Novotny + +Index: xen-3.4.1-testing/tools/pygrub/src/GrubConf.py +=================================================================== +--- xen-3.4.1-testing.orig/tools/pygrub/src/GrubConf.py ++++ xen-3.4.1-testing/tools/pygrub/src/GrubConf.py +@@ -157,6 +157,7 @@ class GrubConfigFile(object): + self.images = [] + self.timeout = -1 + self._default = 0 ++ self.passwordAccess = True + + if fn is not None: + self.parse() +@@ -196,6 +197,7 @@ class GrubConfigFile(object): + if self.commands.has_key(com): + if self.commands[com] is not None: + setattr(self, self.commands[com], arg.strip()) ++ #print "%s = %s => %s" % (com, self.commands[com], arg.strip() ) + else: + logging.info("Ignored directive %s" %(com,)) + else: +@@ -204,6 +206,37 @@ class GrubConfigFile(object): + if len(img) > 0: + self.add_image(GrubImage(img)) + ++ if self.hasPassword(): ++ self.setPasswordAccess(False) ++ ++ def hasPasswordAccess(self): ++ return self.passwordAccess ++ ++ def setPasswordAccess(self, val): ++ self.passwordAccess = val ++ ++ def hasPassword(self): ++ try: ++ getattr(self, self.commands['password']) ++ return True ++ except KeyError, e: ++ return False ++ ++ def checkPassword(self, password): ++ try: ++ pwd = getattr(self, self.commands['password']).split() ++ if pwd[0] == '--md5': ++ import crypt ++ if crypt.crypt(password, pwd[1]) == pwd[1]: ++ return True ++ ++ if pwd[0] == password: ++ return True ++ ++ return False ++ except: ++ return True ++ + def set(self, line): + (com, arg) = grub_exact_split(line, 2) + if self.commands.has_key(com): +Index: xen-3.4.1-testing/tools/pygrub/src/pygrub +=================================================================== +--- xen-3.4.1-testing.orig/tools/pygrub/src/pygrub ++++ xen-3.4.1-testing/tools/pygrub/src/pygrub +@@ -418,7 +418,14 @@ class Grub: + self.text_win.addstr(0, 0, "Use the U and D keys to select which entry is highlighted.") + self.text_win.addstr(1, 0, "Press enter to boot the selected OS. 'e' to edit the") + self.text_win.addstr(2, 0, "commands before booting, 'a' to modify the kernel arguments ") +- self.text_win.addstr(3, 0, "before booting, or 'c' for a command line.") ++ ++ # if grub has password defined we allow option to enter password ++ if not self.cf.hasPassword(): ++ self.text_win.addstr(3, 0, "before booting, or 'c' for a command line.") ++ else: ++ self.text_win.addstr(3, 0, "before booting, or 'c' for a command line. You can also") ++ self.text_win.addstr(4, 0, "press 'p' to enter password for modifications...") ++ + self.text_win.addch(0, 8, curses.ACS_UARROW) + self.text_win.addch(0, 14, curses.ACS_DARROW) + (y, x) = self.text_win.getmaxyx() +@@ -457,9 +464,19 @@ class Grub: + + # handle keypresses + if c == ord('c'): ++ # we disallow access without password specified ++ if not self.cf.hasPasswordAccess(): ++ self.text_win.addstr(6, 8, "You have to enter GRUB password first") ++ break ++ + self.command_line_mode() + break + elif c == ord('a'): ++ # we disallow access without password specified ++ if not self.cf.hasPasswordAccess(): ++ self.text_win.addstr(6, 8, "You have to enter GRUB password first") ++ break ++ + # find the kernel line, edit it and then boot + img = self.cf.images[self.selected_image] + for line in img.lines: +@@ -471,9 +488,24 @@ class Grub: + break + break + elif c == ord('e'): ++ # we disallow access without password specified ++ if not self.cf.hasPasswordAccess(): ++ self.text_win.addstr(6, 8, "You have to enter GRUB password first") ++ break ++ + img = self.cf.images[self.selected_image] + self.edit_entry(img) + break ++ elif c == ord('p') and self.cf.hasPassword(): ++ self.text_win.addstr(6, 8, "Enter password: ") ++ pwd = self.text_win.getstr(6, 8) ++ if not self.cf.checkPassword(pwd): ++ self.text_win.addstr(6, 8, "Incorrect password!") ++ self.cf.setPasswordAccess( False ) ++ else: ++ self.text_win.addstr(6, 8, "Access granted ") ++ self.cf.setPasswordAccess( True ) ++ break + elif c in (curses.KEY_ENTER, ord('\n'), ord('\r')): + self.isdone = True + break diff --git a/20107-pygrub-security.patch b/20107-pygrub-security.patch new file mode 100644 index 0000000..2607acb --- /dev/null +++ b/20107-pygrub-security.patch @@ -0,0 +1,39 @@ +# HG changeset patch +# User Keir Fraser +# Date 1250871100 -3600 +# Node ID 168f0cfeded0ad64e03d821efe5dcbe2eb5806a3 +# Parent 4207d83fc78ef63016a4163b09f30aa471e4bdb8 +pygrub: Fix elilo handling after password patch. + +Signed-off-by: Michal Novotny + +Index: xen-3.4.1-testing/tools/pygrub/src/GrubConf.py +=================================================================== +--- xen-3.4.1-testing.orig/tools/pygrub/src/GrubConf.py ++++ xen-3.4.1-testing/tools/pygrub/src/GrubConf.py +@@ -219,7 +219,7 @@ class GrubConfigFile(object): + try: + getattr(self, self.commands['password']) + return True +- except KeyError, e: ++ except: + return False + + def checkPassword(self, password): +Index: xen-3.4.1-testing/tools/pygrub/src/LiloConf.py +=================================================================== +--- xen-3.4.1-testing.orig/tools/pygrub/src/LiloConf.py ++++ xen-3.4.1-testing/tools/pygrub/src/LiloConf.py +@@ -138,6 +138,12 @@ class LiloConfigFile(object): + if len(img) > 0: + self.add_image(LiloImage(img, path)) + ++ def hasPassword(self): ++ return False ++ ++ def hasPasswordAccess(self): ++ return True ++ + def add_image(self, image): + self.images.append(image) + diff --git a/20125-xc-parse-tuple-fix.patch b/20125-xc-parse-tuple-fix.patch index 45e18bc..4cdc418 100644 --- a/20125-xc-parse-tuple-fix.patch +++ b/20125-xc-parse-tuple-fix.patch @@ -8,10 +8,11 @@ when it expects a full integer. Signed-off-by: Keir Fraser -diff -r 71389988f5d4 -r ed672a604cc7 tools/python/xen/lowlevel/xc/xc.c ---- a/tools/python/xen/lowlevel/xc/xc.c Wed Aug 26 15:35:14 2009 +0100 -+++ b/tools/python/xen/lowlevel/xc/xc.c Wed Aug 26 15:41:59 2009 +0100 -@@ -654,10 +654,9 @@ +Index: xen-3.4.1-testing/tools/python/xen/lowlevel/xc/xc.c +=================================================================== +--- xen-3.4.1-testing.orig/tools/python/xen/lowlevel/xc/xc.c ++++ xen-3.4.1-testing/tools/python/xen/lowlevel/xc/xc.c +@@ -650,10 +650,9 @@ static PyObject *pyxc_deassign_device(Xc static PyObject *pyxc_get_device_group(XcObject *self, PyObject *args) { @@ -23,7 +24,7 @@ diff -r 71389988f5d4 -r ed672a604cc7 tools/python/xen/lowlevel/xc/xc.c PyObject *Pystr; char *group_str; char dev_str[9]; -@@ -812,7 +811,7 @@ +@@ -808,7 +807,7 @@ static PyObject *pyxc_dom_check_cpuid(Xc static PyObject *pyxc_dom_set_policy_cpuid(XcObject *self, PyObject *args) { @@ -32,7 +33,7 @@ diff -r 71389988f5d4 -r ed672a604cc7 tools/python/xen/lowlevel/xc/xc.c if ( !PyArg_ParseTuple(args, "i", &domid) ) return NULL; -@@ -828,9 +827,8 @@ +@@ -824,9 +823,8 @@ static PyObject *pyxc_dom_set_policy_cpu static PyObject *pyxc_dom_set_cpuid(XcObject *self, PyObject *args) { diff --git a/20146-pygrub-security.patch b/20146-pygrub-security.patch new file mode 100644 index 0000000..95eef9c --- /dev/null +++ b/20146-pygrub-security.patch @@ -0,0 +1,95 @@ +# HG changeset patch +# User Keir Fraser +# Date 1251887904 -3600 +# Node ID e513d565c8f1298d26bc614eabd1b7111693a940 +# Parent 8fc92779847680fe40a1ee9c2a01b3effc7cd056 +pygrub: Match bare-metal GRUB behavior for passwords + +The password support patch already merged didn't match the bare-metal +GRUB behavior so I created a patch to match it. If password is entered +in grub.conf file, pressing `p` is required exactly like when using +"real" (bare-metal) GRUB. New options are available after the correct +password is entered. + +Signed-off-by: Michal Novotny + +Index: xen-3.4.1-testing/tools/pygrub/src/pygrub +=================================================================== +--- xen-3.4.1-testing.orig/tools/pygrub/src/pygrub ++++ xen-3.4.1-testing/tools/pygrub/src/pygrub +@@ -415,16 +415,17 @@ class Grub: + def draw(): + # set up the screen + self.draw_main_windows() +- self.text_win.addstr(0, 0, "Use the U and D keys to select which entry is highlighted.") +- self.text_win.addstr(1, 0, "Press enter to boot the selected OS. 'e' to edit the") +- self.text_win.addstr(2, 0, "commands before booting, 'a' to modify the kernel arguments ") + +- # if grub has password defined we allow option to enter password +- if not self.cf.hasPassword(): ++ if not self.cf.hasPassword() or self.cf.hasPasswordAccess(): ++ self.text_win.addstr(0, 0, "Use the U and D keys to select which entry is highlighted.") ++ self.text_win.addstr(1, 0, "Press enter to boot the selected OS, 'e' to edit the") ++ self.text_win.addstr(2, 0, "commands before booting, 'a' to modify the kernel arguments ") + self.text_win.addstr(3, 0, "before booting, or 'c' for a command line.") ++ + else: +- self.text_win.addstr(3, 0, "before booting, or 'c' for a command line. You can also") +- self.text_win.addstr(4, 0, "press 'p' to enter password for modifications...") ++ self.text_win.addstr(0, 0, "Use the U and D keys to select which entry is highlighted.") ++ self.text_win.addstr(1, 0, "Press enter to boot the selected OS or `p` to enter a") ++ self.text_win.addstr(2, 0, "password to unlock the next set of features.") + + self.text_win.addch(0, 8, curses.ACS_UARROW) + self.text_win.addch(0, 14, curses.ACS_DARROW) +@@ -463,20 +464,10 @@ class Grub: + self.screen.timeout(-1) + + # handle keypresses +- if c == ord('c'): +- # we disallow access without password specified +- if not self.cf.hasPasswordAccess(): +- self.text_win.addstr(6, 8, "You have to enter GRUB password first") +- break +- ++ if c == ord('c') and self.cf.hasPasswordAccess(): + self.command_line_mode() + break +- elif c == ord('a'): +- # we disallow access without password specified +- if not self.cf.hasPasswordAccess(): +- self.text_win.addstr(6, 8, "You have to enter GRUB password first") +- break +- ++ elif c == ord('a') and self.cf.hasPasswordAccess(): + # find the kernel line, edit it and then boot + img = self.cf.images[self.selected_image] + for line in img.lines: +@@ -487,23 +478,18 @@ class Grub: + self.isdone = True + break + break +- elif c == ord('e'): +- # we disallow access without password specified +- if not self.cf.hasPasswordAccess(): +- self.text_win.addstr(6, 8, "You have to enter GRUB password first") +- break +- ++ elif c == ord('e') and self.cf.hasPasswordAccess(): + img = self.cf.images[self.selected_image] + self.edit_entry(img) + break + elif c == ord('p') and self.cf.hasPassword(): +- self.text_win.addstr(6, 8, "Enter password: ") ++ self.text_win.addstr(6, 1, "Password: ") + pwd = self.text_win.getstr(6, 8) + if not self.cf.checkPassword(pwd): +- self.text_win.addstr(6, 8, "Incorrect password!") ++ self.text_win.addstr(6, 1, "Password: ") ++ self.text_win.addstr(7, 0, "Failed!") + self.cf.setPasswordAccess( False ) + else: +- self.text_win.addstr(6, 8, "Access granted ") + self.cf.setPasswordAccess( True ) + break + elif c in (curses.KEY_ENTER, ord('\n'), ord('\r')): diff --git a/20174-pygrub-security.patch b/20174-pygrub-security.patch new file mode 100644 index 0000000..bd9beeb --- /dev/null +++ b/20174-pygrub-security.patch @@ -0,0 +1,95 @@ +# HG changeset patch +# User Keir Fraser +# Date 1252327855 -3600 +# Node ID a28c9c2fa8de05ebd0284f578289e96d2d15d574 +# Parent b81e375e03922cd72d6e1404bc62a05059a4fe61 +pygrub: trap exception when python module import fails + +Fix the issue when importing 'crypt' module or crypt.crypt fails in +pygrub. The exception is written on the same line like "Failed!" +message but only if there is an exception. If there is no exception, +we don't bother users with details (probably the password they entered +was wrong) so we just display "Failed!" message. Also, the code for +hasPassword() was rewritten not to have try/except block here. + +Signed-off-by: Michal Novotny + +Index: xen-3.4.1-testing/tools/pygrub/src/GrubConf.py +=================================================================== +--- xen-3.4.1-testing.orig/tools/pygrub/src/GrubConf.py ++++ xen-3.4.1-testing/tools/pygrub/src/GrubConf.py +@@ -158,6 +158,7 @@ class GrubConfigFile(object): + self.timeout = -1 + self._default = 0 + self.passwordAccess = True ++ self.passExc = None + + if fn is not None: + self.parse() +@@ -197,7 +198,6 @@ class GrubConfigFile(object): + if self.commands.has_key(com): + if self.commands[com] is not None: + setattr(self, self.commands[com], arg.strip()) +- #print "%s = %s => %s" % (com, self.commands[com], arg.strip() ) + else: + logging.info("Ignored directive %s" %(com,)) + else: +@@ -216,25 +216,28 @@ class GrubConfigFile(object): + self.passwordAccess = val + + def hasPassword(self): +- try: +- getattr(self, self.commands['password']) +- return True +- except: +- return False ++ return hasattr(self, 'password') + + def checkPassword(self, password): +- try: +- pwd = getattr(self, self.commands['password']).split() +- if pwd[0] == '--md5': ++ # Always allow if no password defined in grub.conf ++ if not self.hasPassword: ++ return True ++ ++ # If we're here, we're having 'password' attribute set ++ pwd = getattr(self, 'password').split() ++ ++ # We check whether password is in MD5 hash for comparison ++ if pwd[0] == '--md5': ++ try: + import crypt + if crypt.crypt(password, pwd[1]) == pwd[1]: + return True ++ except Exception, e: ++ self.passExc = "Can't verify password: %s" % str(e) ++ return False + +- if pwd[0] == password: +- return True +- +- return False +- except: ++ # ... and if not, we compare it as a plain text ++ if pwd[0] == password: + return True + + def set(self, line): +Index: xen-3.4.1-testing/tools/pygrub/src/pygrub +=================================================================== +--- xen-3.4.1-testing.orig/tools/pygrub/src/pygrub ++++ xen-3.4.1-testing/tools/pygrub/src/pygrub +@@ -487,7 +487,11 @@ class Grub: + pwd = self.text_win.getstr(6, 8) + if not self.cf.checkPassword(pwd): + self.text_win.addstr(6, 1, "Password: ") +- self.text_win.addstr(7, 0, "Failed!") ++ if self.cf.passExc is not None: ++ self.text_win.addstr(7, 0, "Exception: %s" ++ % self.cf.passExc) ++ else: ++ self.text_win.addstr(7, 0, "Failed!") + self.cf.setPasswordAccess( False ) + else: + self.cf.setPasswordAccess( True ) diff --git a/20201-pygrub-security.patch b/20201-pygrub-security.patch new file mode 100644 index 0000000..7218664 --- /dev/null +++ b/20201-pygrub-security.patch @@ -0,0 +1,42 @@ +# HG changeset patch +# User Keir Fraser +# Date 1253002894 -3600 +# Node ID 67f1b8b3258591b979c441c6013af3c442063cc1 +# Parent 045b2b8b522708093b91f883f1b7e7c1805f71e3 +pygrub: Correct pygrub return value + +This is the patch to correct pygrub return value for checkPassword() +function. It didn't return False at the end of the function. It +returned None so it was working fine and it's most likely just a +cosmetic issue. + +Also, the missing () were added to checkPassword() function when +calling hasPassword and the unnecessary comment was removed. + +Signed-off-by: Michal Novotny + +Index: xen-3.4.1-testing/tools/pygrub/src/GrubConf.py +=================================================================== +--- xen-3.4.1-testing.orig/tools/pygrub/src/GrubConf.py ++++ xen-3.4.1-testing/tools/pygrub/src/GrubConf.py +@@ -220,10 +220,9 @@ class GrubConfigFile(object): + + def checkPassword(self, password): + # Always allow if no password defined in grub.conf +- if not self.hasPassword: ++ if not self.hasPassword(): + return True + +- # If we're here, we're having 'password' attribute set + pwd = getattr(self, 'password').split() + + # We check whether password is in MD5 hash for comparison +@@ -240,6 +239,8 @@ class GrubConfigFile(object): + if pwd[0] == password: + return True + ++ return False ++ + def set(self, line): + (com, arg) = grub_exact_split(line, 2) + if self.commands.has_key(com): diff --git a/hv_tools.patch b/hv_tools.patch index 78e7cca..7656ff6 100644 --- a/hv_tools.patch +++ b/hv_tools.patch @@ -2,28 +2,26 @@ Index: xen-3.4.1-testing/tools/python/xen/lowlevel/xc/xc.c =================================================================== --- xen-3.4.1-testing.orig/tools/python/xen/lowlevel/xc/xc.c +++ xen-3.4.1-testing/tools/python/xen/lowlevel/xc/xc.c -@@ -890,14 +890,14 @@ static PyObject *pyxc_hvm_build(XcObject +@@ -888,14 +888,14 @@ static PyObject *pyxc_hvm_build(XcObject int i; #endif char *image; - int memsize, target=-1, vcpus = 1, acpi = 0, apic = 1; -+ int memsize, target=-1, vcpus = 1, acpi = 0, apic = 1, extid=0; ++ int memsize, target=-1, vcpus = 1, acpi = 0, apic = 1, extid = 0; static char *kwd_list[] = { "domid", - "memsize", "image", "target", "vcpus", "acpi", -- "apic", NULL }; ++ "memsize", "image", "target", "vcpus", "extid", "acpi", + "apic", NULL }; - if ( !PyArg_ParseTupleAndKeywords(args, kwds, "iis|iiii", kwd_list, -- &dom, &memsize, &image, &target, &vcpus, -- &acpi, &apic) ) -+ "memsize", "image", "target", "vcpus", "extid", -+ "acpi", "apic", NULL }; + if ( !PyArg_ParseTupleAndKeywords(args, kwds, "iis|iiiii", kwd_list, -+ &dom, &memsize, &image, &target, &extid, -+ &vcpus, &acpi, &apic) ) + &dom, &memsize, &image, &target, &vcpus, +- &acpi, &apic) ) ++ &extid, &acpi, &apic) ) return NULL; if ( target == -1 ) -@@ -923,6 +923,7 @@ static PyObject *pyxc_hvm_build(XcObject +@@ -921,6 +921,7 @@ static PyObject *pyxc_hvm_build(XcObject va_hvm->checksum -= sum; munmap(va_map, XC_PAGE_SIZE); #endif @@ -39,7 +37,7 @@ Index: xen-3.4.1-testing/tools/python/xen/xend/XendConfig.py 'monitor': int, 'nographic': int, 'pae' : int, -+ 'extid': int, ++ 'extid': int, 'rtc_timeoffset': int, 'serial': str, 'sdl': int, diff --git a/hv_win7_eoi_bug.patch b/hv_win7_eoi_bug.patch index cbf151f..2986acc 100644 --- a/hv_win7_eoi_bug.patch +++ b/hv_win7_eoi_bug.patch @@ -1,7 +1,7 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_intercept.c =================================================================== ---- xen-3.4.1-testing.orig/xen/arch/x86/hvm/hyperv/hv_intercept.c 2009-08-10 14:01:45.000000000 -0600 -+++ xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_intercept.c 2009-08-10 14:07:15.000000000 -0600 +--- xen-3.4.1-testing.orig/xen/arch/x86/hvm/hyperv/hv_intercept.c ++++ xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_intercept.c @@ -33,6 +33,7 @@ #include @@ -10,7 +10,7 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_intercept.c #include #include #include -@@ -987,8 +988,15 @@ +@@ -987,8 +988,15 @@ hyperv_do_wr_msr(uint32_t idx, struct cp break; case HV_MSR_APIC_ASSIST_PAGE: /* @@ -22,7 +22,7 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_intercept.c + uint32_t data = 0; + paddr_t assist_page = msr_content & ~1UL; + (void)hvm_copy_to_guest_phys(assist_page, &data, sizeof(data)); -+ } ++ } + break; diff --git a/hv_xen_base.patch b/hv_xen_base.patch index 8818e48..181f722 100644 --- a/hv_xen_base.patch +++ b/hv_xen_base.patch @@ -1,4 +1,3 @@ -%patch Index: xen-3.4.1-testing/xen/include/asm-x86/hvm/domain.h =================================================================== --- xen-3.4.1-testing.orig/xen/include/asm-x86/hvm/domain.h @@ -18,7 +17,7 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/Makefile @@ -1,5 +1,6 @@ subdir-y += svm subdir-y += vmx -+subdir-y += hyperv ++subdir-$(x86_64) += hyperv obj-y += emulate.o obj-y += hvm.o @@ -57,7 +56,7 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hvm.c if ( (rc = hvm_funcs.vcpu_initialise(v)) != 0 ) goto fail2; -@@ -732,6 +740,7 @@ int hvm_vcpu_initialise(struct vcpu *v) +@@ -732,12 +740,14 @@ int hvm_vcpu_initialise(struct vcpu *v) hvm_funcs.vcpu_destroy(v); fail2: vlapic_destroy(v); @@ -65,14 +64,13 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hvm.c fail1: return rc; } -@@ -739,6 +748,7 @@ int hvm_vcpu_initialise(struct vcpu *v) + void hvm_vcpu_destroy(struct vcpu *v) { - tasklet_kill(&v->arch.hvm_vcpu.assert_evtchn_irq_tasklet); + hyperx_intercept_vcpu_destroy(v); + tasklet_kill(&v->arch.hvm_vcpu.assert_evtchn_irq_tasklet); hvm_vcpu_cacheattr_destroy(v); vlapic_destroy(v); - hvm_funcs.vcpu_destroy(v); @@ -1690,7 +1700,7 @@ void hvm_cpuid(unsigned int input, unsig return; @@ -120,19 +118,22 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hvm.c if ( (eax & 0x80000000) && is_viridian_domain(curr->domain) ) return viridian_hypercall(regs); -@@ -2572,6 +2592,15 @@ long do_hvm_op(unsigned long op, XEN_GUE +@@ -2572,6 +2592,18 @@ long do_hvm_op(unsigned long op, XEN_GUE rc = -EINVAL; break; + case HVM_PARAM_EXTEND_HYPERVISOR: -+ if ((a.value == 1) && hyperv_initialize(d)) -+ { -+ if (a.value != 1) -+ rc = -EINVAL; -+ else -+ rc = -ENOMEM; -+ goto param_fail; -+ } ++#ifdef __x86_64__ ++ if (a.value != 1) ++ rc = -EINVAL; ++ else if (hyperv_initialize(d)) ++ rc = -ENOMEM; ++ else ++ break; ++#else ++ rc = -EINVAL; ++#endif ++ goto param_fail; } if ( rc == 0 ) @@ -140,7 +141,7 @@ Index: xen-3.4.1-testing/xen/include/public/arch-x86/hvm/save.h =================================================================== --- xen-3.4.1-testing.orig/xen/include/public/arch-x86/hvm/save.h +++ xen-3.4.1-testing/xen/include/public/arch-x86/hvm/save.h -@@ -432,9 +432,26 @@ struct hvm_viridian_context { +@@ -432,9 +432,24 @@ struct hvm_viridian_context { DECLARE_HVM_SAVE_TYPE(VIRIDIAN, 15, struct hvm_viridian_context); @@ -150,16 +151,14 @@ Index: xen-3.4.1-testing/xen/include/public/arch-x86/hvm/save.h + uint32_t long_mode; + uint32_t ext_id; +}; -+ -+DECLARE_HVM_SAVE_TYPE(HYPERV_DOM, 16, struct hvm_hyperv_dom); ++DECLARE_HVM_SAVE_TYPE(HYPERV_DOM, 15, struct hvm_hyperv_dom); + +struct hvm_hyperv_cpu { + uint64_t control_msr; + uint64_t version_msr; + uint64_t pad[27]; //KYS: sles10 sp2 compatibility +}; -+ -+DECLARE_HVM_SAVE_TYPE(HYPERV_CPU, 17, struct hvm_hyperv_cpu); ++DECLARE_HVM_SAVE_TYPE(HYPERV_CPU, 16, struct hvm_hyperv_cpu); + /* * Largest type-code in use diff --git a/hv_xen_extension.patch b/hv_xen_extension.patch index e24db36..567a802 100644 --- a/hv_xen_extension.patch +++ b/hv_xen_extension.patch @@ -3,7 +3,7 @@ Index: xen-3.4.1-testing/xen/include/asm-x86/hvm/hvm_extensions.h =================================================================== --- /dev/null +++ xen-3.4.1-testing/xen/include/asm-x86/hvm/hvm_extensions.h -@@ -0,0 +1,165 @@ +@@ -0,0 +1,183 @@ +/**************************************************************************** + | + | Copyright (c) [2007, 2008] Novell, Inc. @@ -74,29 +74,35 @@ Index: xen-3.4.1-testing/xen/include/asm-x86/hvm/hvm_extensions.h +static inline int +hyperx_intercept_domain_create(struct domain *d) +{ -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) { ++#ifdef __x86_64__ ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) { + return(hyperv_dom_create(d)); + } ++#endif + return (0); +} + +static inline void +hyperx_intercept_domain_destroy(struct domain *d) +{ -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) ++#ifdef __x86_64__ ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) + { + hyperv_dom_destroy(d); + } ++#endif +} + +static inline int +hyperx_intercept_vcpu_initialize(struct vcpu *v) +{ ++#ifdef __x86_64__ + struct domain *d = v->domain; -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) + { + return(hyperv_vcpu_initialize(v)); + } ++#endif + return (0); +} + @@ -104,65 +110,77 @@ Index: xen-3.4.1-testing/xen/include/asm-x86/hvm/hvm_extensions.h +static inline void +hyperx_intercept_vcpu_up(struct vcpu *v) +{ ++#ifdef __x86_64__ + struct domain *d = current->domain; -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) + { + hyperv_vcpu_up(v); + } ++#endif +} + +static inline void +hyperx_intercept_vcpu_destroy(struct vcpu *v) +{ ++#ifdef __x86_64__ + struct domain *d = v->domain; -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) + { + hyperv_vcpu_destroy(v); + } ++#endif +} + +static inline int +hyperx_intercept_do_cpuid(uint32_t idx, unsigned int *eax, unsigned int *ebx, + unsigned int *ecx, unsigned int *edx) +{ ++#ifdef __x86_64__ + struct domain *d = current->domain; -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) + { + return(hyperv_do_cpu_id(idx, eax, ebx, ecx, edx)); + } ++#endif + return (0); +} + +static inline int +hyperx_intercept_do_msr_read(uint32_t idx, struct cpu_user_regs *regs) +{ ++#ifdef __x86_64__ + struct domain *d = current->domain; -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) + { + return(hyperv_do_rd_msr(idx, regs)); + } ++#endif + return (0); +} + +static inline int +hyperx_intercept_do_msr_write(uint32_t idx, struct cpu_user_regs *regs) +{ ++#ifdef __x86_64__ + struct domain *d = current->domain; -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) + { + return(hyperv_do_wr_msr(idx, regs)); + } ++#endif + return (0); +} + +static inline int +hyperx_intercept_do_hypercall(struct cpu_user_regs *regs) +{ ++#ifdef __x86_64__ + struct domain *d = current->domain; -+ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] ==1) ++ if (d->arch.hvm_domain.params[HVM_PARAM_EXTEND_HYPERVISOR] == 1) + { + return(hyperv_do_hypercall(regs)); + } ++#endif + return (0); +} + @@ -327,7 +345,8 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_hypercall.c + if (fast) + { + hvm_set_cr3(input); -+ } else ++ } ++ else + { + /* + * Slow path; copy the new value. @@ -356,7 +375,6 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_hypercall.c + hv_vcpu_t *vcpup = &curp->vcpu_state[hv_get_current_vcpu_index()]; + u64 partition_id; + -+ + fast = (int)((opcode >>16) & 0x1); + verb = (short)(opcode & 0xffff); + rep_count = (short)((opcode >>32) & 0xfff); @@ -1601,7 +1619,7 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_shim.h + * Supported Synthetic MSRs. 0.83 HyperV spec, section 3.4 + * Supported features. + */ -+#define _MSR_VP_RUNTIME 0 ++#define _MSR_VP_RUNTIME 0 +#define MSR_VP_RUNTIME (1U<<_MSR_VP_RUNTIME) +#define _MSR_TIME_REF_CNT 1 +#define MSR_TIME_REF_CNT (1U<<_MSR_TIME_REF_CNT) @@ -1615,7 +1633,7 @@ Index: xen-3.4.1-testing/xen/arch/x86/hvm/hyperv/hv_shim.h +#define HYPERCALL_MSRS (1U<<_HYPERCALL_MSRS) +#define _MSR_VP_INDEX 6 +#define MSR_VP_INDEX (1U<<_MSR_VP_INDEX) -+#define _RESET_MSR 7 ++#define _RESET_MSR 7 +#define RESET_MSR (1U<<_RESET_MSR) + +#define HV_SHIM_SUPPORTED_MSRS \ diff --git a/ioemu-bdrv-open-CACHE_WB.patch b/ioemu-bdrv-open-CACHE_WB.patch new file mode 100644 index 0000000..e59ad1c --- /dev/null +++ b/ioemu-bdrv-open-CACHE_WB.patch @@ -0,0 +1,16 @@ +--- xen-3.4.1-testing/tools/ioemu-remote/hw/xen_blktap.c 2009-09-21 13:26:03.000000000 +0800 ++++ xen-3.4.1-testing/tools/ioemu-remote/hw/xen_blktap.c 2009-09-28 16:30:13.000000000 +0800 +@@ -249,8 +249,11 @@ static int open_disk(struct td_state *s, + drv = blktap_drivers[i].drv; + DPRINTF("%s driver specified\n", drv ? drv->format_name : "No"); + +- /* Open the image */ +- if (bdrv_open2(bs, path, flags, drv) != 0) { ++ /* Open the image ++ * Use BDRV_O_CACHE_WB for write-through caching, ++ * no flags for write-back caching ++ */ ++ if (bdrv_open2(bs, path, flags|BDRV_O_CACHE_WB, drv) != 0) { + fprintf(stderr, "Could not open image file %s\n", path); + return -ENOMEM; + } diff --git a/mkbuildtree.patch b/mkbuildtree.patch index d8e479c..f346359 100644 --- a/mkbuildtree.patch +++ b/mkbuildtree.patch @@ -2,7 +2,20 @@ Index: xen-3.4.1-testing/unmodified_drivers/linux-2.6/mkbuildtree =================================================================== --- xen-3.4.1-testing.orig/unmodified_drivers/linux-2.6/mkbuildtree +++ xen-3.4.1-testing/unmodified_drivers/linux-2.6/mkbuildtree -@@ -47,7 +47,14 @@ ln -nsf ${XEN}/include/public include/xe +@@ -33,7 +33,11 @@ for d in $(find ${XL}/drivers/xen/ -mind + done + + ln -sf ${XL}/drivers/xen/core/gnttab.c platform-pci +-ln -sf ${XL}/drivers/xen/core/features.c platform-pci ++if [ -f ${XL}/drivers/xen/core/features.c ]; then ++ ln -sf ${XL}/drivers/xen/core/features.c platform-pci ++else ++ ln -sf ${XL}/drivers/xen/features.c platform-pci ++fi + ln -sf ${XL}/drivers/xen/core/xen_proc.c xenbus + ln -sf ${XL}/drivers/xen/core/reboot.c platform-pci + +@@ -47,7 +51,14 @@ ln -nsf ${XEN}/include/public include/xe # be native and not xenolinux). case "$uname" in i[34567]86|x86_64) diff --git a/xen-updown.sh b/xen-updown.sh index 6d19359..7bdb197 100644 --- a/xen-updown.sh +++ b/xen-updown.sh @@ -151,6 +151,7 @@ case $SCRIPTNAME in ;; *if-down.d*) exit_if_xend_not_running + test -d "/sys/class/net/$INTERFACE/brif/" || exit 0 # Remember vifs attached to $INTERFACE vifs=() diff --git a/xen.changes b/xen.changes index 2594ec3..c7a206e 100644 --- a/xen.changes +++ b/xen.changes @@ -1,3 +1,30 @@ +------------------------------------------------------------------- +Fri Oct 9 09:24:29 MDT 2009 - carnold@novell.com + +- bnc#541945 - xm create -x command does not work in SLES 10 SP2 or + SLES 11 + xm-create-xflag.patch + +------------------------------------------------------------------- +Thu Oct 8 22:44:04 MDT 2009 - jfehlig@novell.com + +- Minor enhancement to xen-updown.sh sysconfig hook + +------------------------------------------------------------------- +Mon Sep 28 16:34:19 CST 2009 - wkong@novell.com +- Add patch ioemu-bdrv-open-CACHE_WB.patch + for install guest on tapdisk very very slow. + +------------------------------------------------------------------- +Mon Sep 28 08:28:24 MDT 2009 - carnold@novell.com + +- bnc#542525 - VUL-1: xen pygrub vulnerability + 20099-pygrub-security.patch + 20107-pygrub-security.patch + 20146-pygrub-security.patch + 20174-pygrub-security.patch + 20201-pygrub-security.patch + ------------------------------------------------------------------- Fri Sep 25 15:08:12 MDT 2009 - jfehlig@novell.com diff --git a/xen.spec b/xen.spec index c3419b2..9555b78 100644 --- a/xen.spec +++ b/xen.spec @@ -1,5 +1,5 @@ # -# spec file for package xen (Version 3.4.1_19718_03) +# spec file for package xen (Version 3.4.1_19718_04) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -37,7 +37,7 @@ BuildRequires: glibc-32bit glibc-devel-32bit %if %{?with_kmp}0 BuildRequires: kernel-source kernel-syms module-init-tools xorg-x11 %endif -Version: 3.4.1_19718_03 +Version: 3.4.1_19718_04 Release: 1 License: GPL v2 only Group: System/Kernel @@ -79,9 +79,14 @@ Patch3: 20035-x86-load-sreg-adjust.patch Patch4: 20059-vmx-nmi-handling.patch Patch5: 20077-x86-runstate-cswitch-out.patch Patch6: 20078-x86_64-branch-emulation.patch -Patch7: 20101-hvm-no-compat-virt-start.patch -Patch8: 20112-x86-dom0-boot-run-timers.patch -Patch9: 20125-xc-parse-tuple-fix.patch +Patch7: 20099-pygrub-security.patch +Patch8: 20101-hvm-no-compat-virt-start.patch +Patch9: 20107-pygrub-security.patch +Patch10: 20112-x86-dom0-boot-run-timers.patch +Patch11: 20125-xc-parse-tuple-fix.patch +Patch12: 20146-pygrub-security.patch +Patch13: 20174-pygrub-security.patch +Patch14: 20201-pygrub-security.patch # Our patches Patch100: xen-config.diff Patch101: xend-config.diff @@ -132,7 +137,8 @@ Patch163: checkpoint-rename.patch Patch164: network-nat.patch Patch165: ioemu-debuginfo.patch Patch166: xm-save-check-file.patch -Patch167: mkbuildtree.patch +Patch167: xm-create-xflag.patch +Patch168: mkbuildtree.patch # Patches for snapshot support Patch200: snapshot-ioemu-save.patch Patch201: snapshot-ioemu-restore.patch @@ -173,6 +179,7 @@ Patch405: blktap-pv-cdrom.patch Patch406: network-nat-open-SuSEfirewall2-FORWARD.patch Patch407: ioemu-7615-qcow2-fix-alloc_cluster_link_l2.patch Patch408: qemu-retry-be-status.patch +Patch409: ioemu-bdrv-open-CACHE_WB.patch %if %{?with_kmp}0 Patch450: disable_emulated_device.diff %endif @@ -524,6 +531,11 @@ Authors: %patch7 -p1 %patch8 -p1 %patch9 -p1 +%patch10 -p1 +%patch11 -p1 +%patch12 -p1 +%patch13 -p1 +%patch14 -p1 %patch100 -p1 %patch101 -p1 %patch102 -p1 @@ -572,6 +584,7 @@ Authors: %patch165 -p1 %patch166 -p1 %patch167 -p1 +%patch168 -p1 %patch200 -p1 %patch201 -p1 %patch202 -p1 @@ -606,6 +619,7 @@ Authors: %patch406 -p1 %patch407 -p1 %patch408 -p1 +%patch409 -p1 %if %{?with_kmp}0 %patch450 -p1 %endif diff --git a/xm-create-xflag.patch b/xm-create-xflag.patch new file mode 100644 index 0000000..51971a7 --- /dev/null +++ b/xm-create-xflag.patch @@ -0,0 +1,31 @@ +Index: xen-3.4.1-testing/tools/python/xen/xm/create.py +=================================================================== +--- xen-3.4.1-testing.orig/tools/python/xen/xm/create.py ++++ xen-3.4.1-testing/tools/python/xen/xm/create.py +@@ -37,7 +37,7 @@ from xen.xend.server.DevConstants import + from xen.util import blkif + from xen.util import vscsi_util + import xen.util.xsm.xsm as security +-from xen.xm.main import serverType, SERVER_XEN_API, get_single_vm ++from xen.xm.main import serverType, SERVER_XEN_API, SERVER_LEGACY_XMLRPC, get_single_vm + from xen.util import utils + + from xen.xm.opts import * +@@ -1351,7 +1351,7 @@ def main(argv): + except IOError, exn: + raise OptionError("Cannot read file %s: %s" % (config, exn[1])) + +- if serverType == SERVER_XEN_API: ++ if serverType == SERVER_XEN_API or serverType == SERVER_LEGACY_XMLRPC: + from xen.xm.xenapi_create import sxp2xml + sxp2xml_inst = sxp2xml() + doc = sxp2xml_inst.convert_sxp_to_xml(config, transient=True) +@@ -1359,7 +1359,7 @@ def main(argv): + if opts.vals.dryrun and not opts.is_xml: + SXPPrettyPrint.prettyprint(config) + +- if opts.vals.xmldryrun and serverType == SERVER_XEN_API: ++ if opts.vals.xmldryrun: + from xml.dom.ext import PrettyPrint as XMLPrettyPrint + XMLPrettyPrint(doc) +