80e28a00ec
- unmodified_drivers: handle IRQF_SAMPLE_RANDOM, it was removed in 3.6-rc1 - bnc#778105 - first XEN-PV VM fails to spawn xend: Increase wait time for disk to appear in host bootloader Modified existing xen-domUloader.diff - Disable the snapshot patches. Snapshot only supported the qcow2 image format which was poorly implemented qemu 0.10.2. Snapshot support may be restored in the future when the newer upstream qemu is used by Xen. - bnc#776995 - attaching scsi control luns with pvscsi - xend/pvscsi: fix passing of SCSI control LUNs xen-bug776995-pvscsi-no-devname.patch - xend/pvscsi: fix usage of persistant device names for SCSI devices xen-bug776995-pvscsi-persistent-names.patch - xend/pvscsi: update sysfs parser for Linux 3.0 xen-bug776995-pvscsi-sysfs-parser.patch - Update to Xen 4.2.0 RC3+ c/s 25779 - Update to Xen 4.2.0 RC2+ c/s 25765 OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=199
71 lines
3.0 KiB
Diff
71 lines
3.0 KiB
Diff
CVE-2007-0998 - remote compromise of dom0
|
|
|
|
Rather than completely disabling QEMU's console (which would remove
|
|
the "sendkey" command, among other useful things), remove all console
|
|
commands that can read/write dom0's state.
|
|
|
|
|
|
Index: xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/monitor.c
|
|
===================================================================
|
|
--- xen-4.2.0-testing.orig/tools/qemu-xen-traditional-dir-remote/monitor.c
|
|
+++ xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/monitor.c
|
|
@@ -1497,6 +1497,7 @@ static const term_cmd_t term_cmds[] = {
|
|
"device|all", "commit changes to the disk images (if -snapshot is used) or backing files" },
|
|
{ "info", "s?", do_info,
|
|
"subcommand", "show various information about the system state" },
|
|
+#ifdef CONFIG_TRUSTED_CLIENT
|
|
{ "q|quit", "", do_quit,
|
|
"", "quit the emulator" },
|
|
{ "eject", "-fB", do_eject,
|
|
@@ -1509,6 +1510,7 @@ static const term_cmd_t term_cmds[] = {
|
|
"filename", "output logs to 'filename'" },
|
|
{ "log", "s", do_log,
|
|
"item1[,...]", "activate logging of the specified items to '/tmp/qemu.log'" },
|
|
+#endif
|
|
{ "savevm", "s?", do_savevm,
|
|
"tag|id", "save a VM snapshot. If no tag or id are provided, a new snapshot is created" },
|
|
{ "loadvm", "s", do_loadvm,
|
|
@@ -1538,8 +1540,10 @@ static const term_cmd_t term_cmds[] = {
|
|
"", "reset the system" },
|
|
{ "system_powerdown", "", do_system_powerdown,
|
|
"", "send system power down event" },
|
|
+#ifdef CONFIG_TRUSTED_CLIENT
|
|
{ "sum", "ii", do_sum,
|
|
"addr size", "compute the checksum of a memory region" },
|
|
+#endif
|
|
{ "usb_add", "s", do_usb_add,
|
|
"device", "add USB device (e.g. 'host:bus.addr' or 'host:vendor_id:product_id')" },
|
|
{ "usb_del", "s", do_usb_del,
|
|
@@ -1558,6 +1562,7 @@ static const term_cmd_t term_cmds[] = {
|
|
"state", "change mouse button state (1=L, 2=M, 4=R)" },
|
|
{ "mouse_set", "i", do_mouse_set,
|
|
"index", "set which mouse device receives events" },
|
|
+#ifdef CONFIG_TRUSTED_CLIENT
|
|
#ifdef HAS_AUDIO
|
|
{ "wavcapture", "si?i?i?", do_wav_capture,
|
|
"path [frequency bits channels]",
|
|
@@ -1565,6 +1570,7 @@ static const term_cmd_t term_cmds[] = {
|
|
#endif
|
|
{ "stopcapture", "i", do_stop_capture,
|
|
"capture index", "stop capture" },
|
|
+#endif
|
|
{ "memsave", "lis", do_memory_save,
|
|
"addr size file", "save to disk virtual memory dump starting at 'addr' of size 'size'", },
|
|
{ "pmemsave", "lis", do_physical_memory_save,
|
|
@@ -1646,6 +1652,7 @@ static const term_cmd_t info_cmds[] = {
|
|
"", "show KVM information", },
|
|
{ "usb", "", usb_info,
|
|
"", "show guest USB devices", },
|
|
+#ifdef CONFIG_TRUSTED_CLIENT
|
|
{ "usbhost", "", usb_host_info,
|
|
"", "show host USB devices", },
|
|
{ "profile", "", do_info_profile,
|
|
@@ -1677,6 +1684,7 @@ static const term_cmd_t info_cmds[] = {
|
|
{ "migrate", "", do_info_migrate, "", "show migration status" },
|
|
{ "balloon", "", do_info_balloon,
|
|
"", "show balloon information" },
|
|
+#endif
|
|
{ NULL, NULL, },
|
|
};
|
|
|