rpm/xen
SHA256
1
0
Fork 0
forked from pool/xen
Code Pull Requests Activity
xen/524e9dc0-xsm-forbid-PV-guest-console-reads.patch
Charles Arnold b244ce9e91 - domUloader can no longer be used with the xl toolstack to boot 
sles10. Patch pygrub to get the kernel and initrd from the image.
  pygrub-boot-legacy-sles.patch

- bnc#842515 - VUL-0: CVE-2013-4375: XSA-71: xen: qemu disk backend
  (qdisk) resource leak
  CVE-2013-4375-xsa71.patch
- Upstream patches from Jan
  52496bea-x86-properly-handle-hvm_copy_from_guest_-phys-virt-errors.patch (Replaces CVE-2013-4355-xsa63.patch)
  52496c11-x86-mm-shadow-Fix-initialization-of-PV-shadow-L4-tables.patch (Replaces CVE-2013-4356-xsa64.patch)
  52496c32-x86-properly-set-up-fbld-emulation-operand-address.patch (Replaces CVE-2013-4361-xsa66.patch)
  52497c6c-x86-don-t-blindly-create-L3-tables-for-the-direct-map.patch
  524e971b-x86-idle-Fix-get_cpu_idle_time-s-interaction-with-offline-pcpus.patch
  524e9762-x86-percpu-Force-INVALID_PERCPU_AREA-to-non-canonical.patch
  524e983e-Nested-VMX-check-VMX-capability-before-read-VMX-related-MSRs.patch
  524e98b1-Nested-VMX-fix-IA32_VMX_CR4_FIXED1-msr-emulation.patch
  524e9dc0-xsm-forbid-PV-guest-console-reads.patch
  5256a979-x86-check-segment-descriptor-read-result-in-64-bit-OUTS-emulation.patch
  5256be57-libxl-fix-vif-rate-parsing.patch
  5256be84-tools-ocaml-fix-erroneous-free-of-cpumap-in-stub_xc_vcpu_getaffinity.patch
  5256be92-libxl-fix-out-of-memory-error-handling-in-libxl_list_cpupool.patch
  5257a89a-x86-correct-LDT-checks.patch
  5257a8e7-x86-add-address-validity-check-to-guest_map_l1e.patch
  5257a944-x86-check-for-canonical-address-before-doing-page-walks.patch
  525b95f4-scheduler-adjust-internal-locking-interface.patch
  525b9617-sched-fix-race-between-sched_move_domain-and-vcpu_wake.patch
  525e69e8-credit-unpause-parked-vcpu-before-destroying-it.patch
  525faf5e-x86-print-relevant-tail-part-of-filename-for-warnings-and-crashes.patch

- bnc#840196 - L3: MTU size on Dom0 gets reset when booting DomU

OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=276
2013-10-24 21:00:35 +00:00

29 lines
994 B
Diff
Raw Blame History

# Commit 65ba631bcb62c79eb33ebfde8a0471fd012c37a8
# Date 2013-10-04 12:51:44 +0200
# Author Daniel De Graaf <dgdegra@tycho.nsa.gov>
# Committer Jan Beulich <jbeulich@suse.com>
xsm: forbid PV guest console reads
The CONSOLEIO_read operation was incorrectly allowed to PV guests if the
hypervisor was compiled in debug mode (with VERBOSE defined).
Reported-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -222,10 +222,10 @@ static XSM_INLINE int xsm_console_io(XSM
{
XSM_ASSERT_ACTION(XSM_OTHER);
#ifdef VERBOSE
- return xsm_default_action(XSM_HOOK, current->domain, NULL);
-#else
- return xsm_default_action(XSM_PRIV, current->domain, NULL);
+ if ( cmd == CONSOLEIO_write )
+ return xsm_default_action(XSM_HOOK, d, NULL);
#endif
+ return xsm_default_action(XSM_PRIV, d, NULL);
}
static XSM_INLINE int xsm_profile(XSM_DEFAULT_ARG struct domain *d, int op)
View Git Blame Copy Permalink