5c0f7d38a6
reverse-24757-use-grant-references.patch - fate#313222 - xenstore-chmod should support 256 permissions 26189-xenstore-chmod.patch - bnc#789945 - VUL-0: CVE-2012-5510: xen: Grant table version switch list corruption vulnerability (XSA-26) CVE-2012-5510-xsa26.patch - bnc#789944 - VUL-0: CVE-2012-5511: xen: Several HVM operations do not validate the range of their inputs (XSA-27) CVE-2012-5511-xsa27.patch - bnc#789951 - VUL-0: CVE-2012-5513: xen: XENMEM_exchange may overwrite hypervisor memory (XSA-29) CVE-2012-5513-xsa29.patch - bnc#789948 - VUL-0: CVE-2012-5514: xen: Missing unlock in guest_physmap_mark_populate_on_demand() (XSA-30) CVE-2012-5514-xsa30.patch - bnc#789950 - VUL-0: CVE-2012-5515: xen: Several memory hypercall operations allow invalid extent order values (XSA-31) CVE-2012-5515-xsa31.patch - bnc#789952 - VUL-0: CVE-2012-5525: xen: Several hypercalls do not validate input GFNs (XSA-32) CVE-2012-5525-xsa32.patch - Upstream patches from Jan 26129-ACPI-BGRT-invalidate.patch 26132-tmem-save-NULL-check.patch 26134-x86-shadow-invlpg-check.patch 26139-cpumap-masking.patch 26148-vcpu-timer-overflow.patch (Replaces CVE-2012-4535-xsa20.patch) OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=219
60 lines
2.0 KiB
Diff
60 lines
2.0 KiB
Diff
# HG changeset patch
|
|
# User Jan Beulich <jbeulich@suse.com>
|
|
# Date 1353398311 -3600
|
|
# Node ID ae6fb202b233af815466055d9f1a635802a50855
|
|
# Parent 02b9d9a25feecd76d56143afa9bbb853fd01f602
|
|
passthrough/PCI: replace improper uses of pci_find_next_cap()
|
|
|
|
Using pci_find_next_cap() without prior pci_find_cap_offset() is bogus
|
|
(and possibly wrong, given that the latter doesn't check the
|
|
PCI_STATUS_CAP_LIST flag, which so far was checked in an open-coded way
|
|
only for the non-bridge case).
|
|
|
|
Once at it, fold the two calls into one, as we need its result in any
|
|
case.
|
|
|
|
Question is whether, without any caller left, pci_find_next_cap()
|
|
should be purged as well.
|
|
|
|
Signed-off-by: Jan Beulich <jbeulich@suse.com>
|
|
Acked-by: Xiantao Zhang <xiantao.zhang@intel.com>
|
|
|
|
--- a/xen/drivers/passthrough/pci.c
|
|
+++ b/xen/drivers/passthrough/pci.c
|
|
@@ -565,16 +565,13 @@ void pci_release_devices(struct domain *
|
|
|
|
int pdev_type(u16 seg, u8 bus, u8 devfn)
|
|
{
|
|
- u16 class_device;
|
|
- u16 status, creg;
|
|
- int pos;
|
|
+ u16 class_device, creg;
|
|
u8 d = PCI_SLOT(devfn), f = PCI_FUNC(devfn);
|
|
+ int pos = pci_find_cap_offset(seg, bus, d, f, PCI_CAP_ID_EXP);
|
|
|
|
class_device = pci_conf_read16(seg, bus, d, f, PCI_CLASS_DEVICE);
|
|
if ( class_device == PCI_CLASS_BRIDGE_PCI )
|
|
{
|
|
- pos = pci_find_next_cap(seg, bus, devfn,
|
|
- PCI_CAPABILITY_LIST, PCI_CAP_ID_EXP);
|
|
if ( !pos )
|
|
return DEV_TYPE_LEGACY_PCI_BRIDGE;
|
|
creg = pci_conf_read16(seg, bus, d, f, pos + PCI_EXP_FLAGS);
|
|
@@ -582,15 +579,7 @@ int pdev_type(u16 seg, u8 bus, u8 devfn)
|
|
DEV_TYPE_PCIe2PCI_BRIDGE : DEV_TYPE_PCIe_BRIDGE;
|
|
}
|
|
|
|
- status = pci_conf_read16(seg, bus, d, f, PCI_STATUS);
|
|
- if ( !(status & PCI_STATUS_CAP_LIST) )
|
|
- return DEV_TYPE_PCI;
|
|
-
|
|
- if ( pci_find_next_cap(seg, bus, devfn, PCI_CAPABILITY_LIST,
|
|
- PCI_CAP_ID_EXP) )
|
|
- return DEV_TYPE_PCIe_ENDPOINT;
|
|
-
|
|
- return DEV_TYPE_PCI;
|
|
+ return pos ? DEV_TYPE_PCIe_ENDPOINT : DEV_TYPE_PCI;
|
|
}
|
|
|
|
/*
|