pool/xen
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
321d8bf36d
xen/libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch
Charles Arnold b87fe0a367 - bsc#969351 - VUL-0: CVE-2016-2841: xen: net: ne2000: infinite 
loop in ne2000_receive
  CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch

- Use system qemu instead of building/installing yet another qemu
  FATE#320638
- Dropped files
  qemu-xen-dir-remote.tar.bz2
  CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch
  CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch
  CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch
  CVE-2015-4037-qemuu-smb-config-dir-name.patch
  CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
  CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch
  CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
  CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch
  CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch
  CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch
  CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch
  CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch
  CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch
  CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch
  CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch
  CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch
  CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch
  qemu-xen-enable-spice-support.patch
  qemu-xen-upstream-qdisk-cache-unsafe.patch
  tigervnc-long-press.patch
- bsc#964452 - VUL-0: CVE-2013-4534: xen: openpic: buffer overrun
  on incoming migration

OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=408
2016-03-03 22:36:20 +00:00

84 lines
3.8 KiB
Diff
Raw Blame History

https://bugzilla.novell.com/show_bug.cgi?id=879425
---
tools/libxl/libxl.c | 2 ++
tools/libxl/libxl.h | 12 ++++++++++++
tools/libxl/libxlu_disk.c | 2 ++
tools/libxl/libxlu_disk_i.h | 2 +-
tools/libxl/libxlu_disk_l.l | 1 +
5 files changed, 18 insertions(+), 1 deletion(-)
Index: xen-4.6.1-testing/tools/libxl/libxl.c
===================================================================
--- xen-4.6.1-testing.orig/tools/libxl/libxl.c
+++ xen-4.6.1-testing/tools/libxl/libxl.c
@@ -2833,6 +2833,8 @@ static void device_disk_add(libxl__egc *
flexarray_append_pair(back, "discard-enable",
libxl_defbool_val(disk->discard_enable) ?
"1" : "0");
+ if ((disk->readwrite & ~LIBXL_HAVE_LIBXL_DEVICE_DISK_DISABLE_FLUSH_MASK) == LIBXL_HAVE_LIBXL_DEVICE_DISK_DISABLE_FLUSH_MAGIC)
+ flexarray_append_pair(back, "suse-diskcache-disable-flush", "1");
flexarray_append(front, "backend-id");
flexarray_append(front, libxl__sprintf(gc, "%d", disk->backend_domid));
Index: xen-4.6.1-testing/tools/libxl/libxl.h
===================================================================
--- xen-4.6.1-testing.orig/tools/libxl/libxl.h
+++ xen-4.6.1-testing/tools/libxl/libxl.h
@@ -205,6 +205,18 @@
#define LIBXL_HAVE_BUILDINFO_ARM_GIC_VERSION 1
/*
+ * The libxl_device_disk has no way to indicate that cache=unsafe is
+ * supposed to be used. Provide this knob without breaking the ABI.
+ * This is done by overloading struct libxl_device_disk->readwrite:
+ * readwrite == 0: disk is readonly, no discard
+ * readwrite == 1: disk is readwrite, backend driver may enable discard
+ * readwrite == MAGIC: disk is readwrite, backend driver should ignore
+ * flush requests from the frontend driver.
+ */
+#define LIBXL_HAVE_LIBXL_DEVICE_DISK_DISABLE_FLUSH_MAGIC 0x00006000U
+#define LIBXL_HAVE_LIBXL_DEVICE_DISK_DISABLE_FLUSH_MASK 0xffff0fffU
+
+/*
* libxl ABI compatibility
*
* The only guarantee which libxl makes regarding ABI compatibility
Index: xen-4.6.1-testing/tools/libxl/libxlu_disk.c
===================================================================
--- xen-4.6.1-testing.orig/tools/libxl/libxlu_disk.c
+++ xen-4.6.1-testing/tools/libxl/libxlu_disk.c
@@ -79,6 +79,8 @@ int xlu_disk_parse(XLU_Config *cfg,
if (!disk->pdev_path || !strcmp(disk->pdev_path, ""))
disk->format = LIBXL_DISK_FORMAT_EMPTY;
}
+ if (disk->readwrite && dpc.suse_diskcache_disable_flush)
+ disk->readwrite = (disk->readwrite & LIBXL_HAVE_LIBXL_DEVICE_DISK_DISABLE_FLUSH_MASK) | LIBXL_HAVE_LIBXL_DEVICE_DISK_DISABLE_FLUSH_MAGIC;
if (!disk->vdev) {
xlu__disk_err(&dpc,0, "no vdev specified");
Index: xen-4.6.1-testing/tools/libxl/libxlu_disk_i.h
===================================================================
--- xen-4.6.1-testing.orig/tools/libxl/libxlu_disk_i.h
+++ xen-4.6.1-testing/tools/libxl/libxlu_disk_i.h
@@ -10,7 +10,7 @@ typedef struct {
void *scanner;
YY_BUFFER_STATE buf;
libxl_device_disk *disk;
- int access_set, had_depr_prefix;
+ int access_set, suse_diskcache_disable_flush, had_depr_prefix;
const char *spec;
} DiskParseContext;
Index: xen-4.6.1-testing/tools/libxl/libxlu_disk_l.l
===================================================================
--- xen-4.6.1-testing.orig/tools/libxl/libxlu_disk_l.l
+++ xen-4.6.1-testing/tools/libxl/libxlu_disk_l.l
@@ -176,6 +176,7 @@ script=[^,]*,? { STRIP(','); SAVESTRING(
direct-io-safe,? { DPC->disk->direct_io_safe = 1; }
discard,? { libxl_defbool_set(&DPC->disk->discard_enable, true); }
no-discard,? { libxl_defbool_set(&DPC->disk->discard_enable, false); }
+suse-diskcache-disable-flush,? { DPC->suse_diskcache_disable_flush = 1; }
/* the target magic parameter, eats the rest of the string */
Reference in New Issue View Git Blame Copy Permalink