pool/xen
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
898ade9d0e
xen/reverse-24757-use-grant-references.patch
Charles Arnold 5c0f7d38a6 - NetWare will not boot or install on Xen 4.2 
reverse-24757-use-grant-references.patch 

- fate#313222 - xenstore-chmod should support 256 permissions
  26189-xenstore-chmod.patch

- bnc#789945 - VUL-0: CVE-2012-5510: xen: Grant table version
  switch list corruption vulnerability (XSA-26)
  CVE-2012-5510-xsa26.patch
- bnc#789944 - VUL-0: CVE-2012-5511: xen: Several HVM operations do
  not validate the range of their inputs (XSA-27)
  CVE-2012-5511-xsa27.patch
- bnc#789951 - VUL-0: CVE-2012-5513: xen: XENMEM_exchange may
  overwrite hypervisor memory (XSA-29)
  CVE-2012-5513-xsa29.patch
- bnc#789948 - VUL-0: CVE-2012-5514: xen: Missing unlock in
  guest_physmap_mark_populate_on_demand() (XSA-30)
  CVE-2012-5514-xsa30.patch
- bnc#789950 - VUL-0: CVE-2012-5515: xen: Several memory hypercall
  operations allow invalid extent order values (XSA-31)
  CVE-2012-5515-xsa31.patch
- bnc#789952 - VUL-0: CVE-2012-5525: xen: Several hypercalls do not
  validate input GFNs (XSA-32)
  CVE-2012-5525-xsa32.patch
- Upstream patches from Jan
  26129-ACPI-BGRT-invalidate.patch
  26132-tmem-save-NULL-check.patch
  26134-x86-shadow-invlpg-check.patch
  26139-cpumap-masking.patch
  26148-vcpu-timer-overflow.patch (Replaces CVE-2012-4535-xsa20.patch)

OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=219
2012-12-07 18:04:08 +00:00

146 lines
4.3 KiB
Diff
Raw Blame History

Reverse c/s 24757. Breaks booting NetWare.
# HG changeset patch
# User Alex Zeffertt <alex.zeffertt@eu.citrix.com>
# Date 1328812412 0
# Node ID aae516b78fce679f9c367231b7a3891814fcfdbb
# Parent 585caf50a9260d3fc6a4ece0450d10d34e73489f
xenstored: use grant references instead of map_foreign_range
make xenstored use grantref rather than map_foreign_range (which can
only be used by privileged domains)
This patch modifies the xenstore daemon to use xc_gnttab_map_grant_ref
instead of xc_map_foreign_range where available.
Previous versions of this patch have been sent to xen-devel. See
http://lists.xensource.com/archives/html/xen-devel/2008-07/msg00610.html
http://lists.xensource.com/archives/html/xen-devel/2009-03/msg01492.html
Signed-off-by: Diego Ongaro <diego.ongaro@citrix.com>
Signed-off-by: Alex Zeffertt <alex.zeffertt@eu.citrix.com>
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Cc: Ian Jackson <ian.jackson@eu.citrix.com>
Cc: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Committed-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Index: xen-4.2.0-testing/tools/xenstore/xenstored_domain.c
===================================================================
--- xen-4.2.0-testing.orig/tools/xenstore/xenstored_domain.c
+++ xen-4.2.0-testing/tools/xenstore/xenstored_domain.c
@@ -32,10 +32,8 @@
#include "xenstored_watch.h"
#include <xenctrl.h>
-#include <xen/grant_table.h>
static xc_interface **xc_handle;
-xc_gnttab **xcg_handle;
static evtchn_port_t virq_port;
xc_evtchn *xce_handle = NULL;
@@ -165,26 +163,6 @@ static int readchn(struct connection *co
return len;
}
-static void *map_interface(domid_t domid, unsigned long mfn)
-{
- if (*xcg_handle != NULL) {
- /* this is the preferred method */
- return xc_gnttab_map_grant_ref(*xcg_handle, domid,
- GNTTAB_RESERVED_XENSTORE, PROT_READ|PROT_WRITE);
- } else {
- return xc_map_foreign_range(*xc_handle, domid,
- getpagesize(), PROT_READ|PROT_WRITE, mfn);
- }
-}
-
-static void unmap_interface(void *interface)
-{
- if (*xcg_handle != NULL)
- xc_gnttab_munmap(*xcg_handle, interface, 1);
- else
- munmap(interface, getpagesize());
-}
-
static int destroy_domain(void *_domain)
{
struct domain *domain = _domain;
@@ -196,14 +174,8 @@ static int destroy_domain(void *_domain)
eprintf("> Unbinding port %i failed!\n", domain->port);
}
- if (domain->interface) {
- /* Domain 0 was mapped by dom0_init, so it must be unmapped
- using munmap() and not the grant unmap call. */
- if (domain->domid == 0)
- unmap_xenbus(domain->interface);
- else
- unmap_interface(domain->interface);
- }
+ if (domain->interface)
+ munmap(domain->interface, getpagesize());
fire_watches(NULL, "@releaseDomain", false);
@@ -372,7 +344,9 @@ void do_introduce(struct connection *con
domain = find_domain_by_domid(domid);
if (domain == NULL) {
- interface = map_interface(domid, mfn);
+ interface = xc_map_foreign_range(
+ *xc_handle, domid,
+ getpagesize(), PROT_READ|PROT_WRITE, mfn);
if (!interface) {
send_error(conn, errno);
return;
@@ -380,7 +354,7 @@ void do_introduce(struct connection *con
/* Hang domain off "in" until we're finished. */
domain = new_domain(in, domid, port);
if (!domain) {
- unmap_interface(interface);
+ munmap(interface, getpagesize());
send_error(conn, errno);
return;
}
@@ -572,18 +546,6 @@ void do_reset_watches(struct connection
send_ack(conn, XS_RESET_WATCHES);
}
-static int close_xc_handle(void *_handle)
-{
- xc_interface_close(*(xc_interface**)_handle);
- return 0;
-}
-
-static int close_xcg_handle(void *_handle)
-{
- xc_gnttab_close(*(xc_gnttab **)_handle);
- return 0;
-}
-
/* Returns the implicit path of a connection (only domains have this) */
const char *get_implicit_path(const struct connection *conn)
{
@@ -633,18 +595,6 @@ void domain_init(void)
if (!*xc_handle)
barf_perror("Failed to open connection to hypervisor");
- talloc_set_destructor(xc_handle, close_xc_handle);
-
- xcg_handle = talloc(talloc_autofree_context(), xc_gnttab*);
- if (!xcg_handle)
- barf_perror("Failed to allocate domain gnttab handle");
-
- *xcg_handle = xc_gnttab_open(NULL, 0);
- if (*xcg_handle < 0)
- xprintf("WARNING: Failed to open connection to gnttab\n");
- else
- talloc_set_destructor(xcg_handle, close_xcg_handle);
-
xce_handle = xc_evtchn_open(NULL, 0);
if (xce_handle == NULL)
Reference in New Issue View Git Blame Copy Permalink