diff options
Diffstat (limited to 'kernels/xen')
-rw-r--r-- | kernels/xen/ChangeLog | 7 | ||||
-rw-r--r-- | kernels/xen/PKGBUILD | 75 | ||||
-rw-r--r-- | kernels/xen/xsa73-4.3-unstable.patch | 105 | ||||
-rw-r--r-- | kernels/xen/xsa75-4.3-unstable.patch | 55 | ||||
-rw-r--r-- | kernels/xen/xsa78.patch | 23 |
5 files changed, 60 insertions, 205 deletions
diff --git a/kernels/xen/ChangeLog b/kernels/xen/ChangeLog index 63c33c223..8f9ef80fe 100644 --- a/kernels/xen/ChangeLog +++ b/kernels/xen/ChangeLog @@ -1,3 +1,10 @@ +2014-02-19 David Sutton <kantras - gmail.com> + * 4.3.2-1: + New upstream release + Removed unnecessary security patches (since now integrated into source) + Attempts to pull down additional required source file to ensure not corrupted + Added missing dependancy libseccomp + 2013-11-25 David Sutton <kantras - gmail.com> * 4.3.1-2: Changed bluez dependancy from bluez4 to bluez diff --git a/kernels/xen/PKGBUILD b/kernels/xen/PKGBUILD index 6ff16c8cd..e19b5c06f 100644 --- a/kernels/xen/PKGBUILD +++ b/kernels/xen/PKGBUILD @@ -5,8 +5,8 @@ # Maintainer (Parabola): André Silva <emulatorman@parabola.nu> pkgname=xen -pkgver=4.3.1 -pkgrel=2 +pkgver=4.3.2 +pkgrel=1 pkgdesc="Virtual Machine Hypervisor & Tools (Parabola rebranded)" arch=(i686 x86_64) url="http://www.xenproject.org/" @@ -21,6 +21,15 @@ options=(!buildflags !strip) install=$pkgname.install changelog=ChangeLog source=(http://bits.xensource.com/oss-xen/release/$pkgver/$pkgname-$pkgver.tar.gz + http://xenbits.xen.org/xen-extfiles/ipxe-git-9a93db3f0947484e30e753bbd61a10b17336e20e.tar.gz + http://xenbits.xen.org/xen-extfiles/lwip-1.3.0.tar.gz + http://xenbits.xen.org/xen-extfiles/zlib-1.2.3.tar.gz + http://xenbits.xen.org/xen-extfiles/newlib-1.16.0.tar.gz + http://xenbits.xen.org/xen-extfiles/pciutils-2.2.9.tar.bz2 + http://xenbits.xen.org/xen-extfiles/polarssl-1.1.4-gpl.tgz + http://xenbits.xen.org/xen-extfiles/grub-0.97.tar.gz + http://xenbits.xen.org/xen-extfiles/tpm_emulator-0.7.4.tar.gz + http://xenbits.xen.org/xen-extfiles/gmp-4.3.2.tar.bz2 xen.install 09_xen bios_workaround.patch @@ -38,11 +47,27 @@ source=(http://bits.xensource.com/oss-xen/release/$pkgver/$pkgname-$pkgver.tar.g conf.d-xenstored tmpfiles.d-$pkgname.conf grub.conf - xsa73-4.3-unstable.patch - xsa75-4.3-unstable.patch - xsa78.patch $pkgname.conf) -sha256sums=('3b5b7cc508b1739753585b5c25635471cdcef680e8770a78bf6ef9333d26a9fd' +noextract=(lwip-1.3.0.tar.gz + zlib-1.2.3.tar.gz + newlib-1.16.0.tar.gz + pciutils-2.2.9.tar.bz2 + polarssl-1.1.4-gpl.tgz + grub-0.97.tar.gz + tpm_emulator-0.7.4.tar.gz + gmp-4.3.2.tar.bz2 + ipxe-git-9a93db3f0947484e30e753bbd61a10b17336e20e.tar.gz) + +sha256sums=('17611d95f955302560ff72d97c08933b4e62bc2e8ffb71400fc54e388746ff69' + '632ce8c193ccacc3012bd354bdb733a4be126f7c098e111930aa41dad537405c' + '772e4d550e07826665ed0528c071dd5404ef7dbe1825a38c8adbc2a00bca948f' + '1795c7d067a43174113fdf03447532f373e1c6c57c08d61d9e4e9be5e244b05e' + 'db426394965c48c1d29023e1cc6d965ea6b9a9035d8a849be2750ca4659a3d07' + 'f60ae61cfbd5da1d849d0beaa21f593c38dac9359f0b3ddc612f447408265b24' + '2d29fd04a0d0ba29dae6bd29fb418944c08d3916665dcca74afb297ef37584b6' + '4e1d15d12dbd3e9208111d6b806ad5a9857ca8850c47877d36575b904559260b' + '4e48ea0d83dd9441cc1af04ab18cd6c961b9fa54d5cbf2c2feee038988dea459' + '936162c0312886c21581002b79932829aa048cfaf9937c6265aeaa14f1cd1775' '0f6ebf3437974d1708c9e74005b976479ab8ff28adec394208153bf404b411f8' '74a957d783458b7481c7a09c3ed94ec2e07ee7943e4b7fa33d3684b8d585139e' '914cc983da1fe89ff125d751c979b4968f8952da21b19b900fcd4e6b33e14552' @@ -60,11 +85,17 @@ sha256sums=('3b5b7cc508b1739753585b5c25635471cdcef680e8770a78bf6ef9333d26a9fd' '0e1ad0a6a72b0c22025a556c23235a8f663427f1e769c45fe39d1c525bf82eff' '40e0760810a49f925f2ae9f986940b40eba477dc6d3e83a78baaae096513b3cf' '78398fb27edfedb432b5f4e4bf87b5dbee41f180c623d29f758234a49d8bf4b4' - '18f62049d714c3460df1f698663e42d0f8a16b9b4f62e66b40fdea635a348be5' - '4bac312d49a4a88633af652c09128ba1bba2ca97e2e56e5fe7da6e4671c56ccb' - 'bb13b280bb456c1d7c8f468e23e336e6b2d06eb364c6823f1b426fcfe09f6ed3' '50a9b7fd19e8beb1dea09755f07318f36be0b7ec53d3c9e74f3266a63e682c0c') -sha512sums=('f5250ad5ad3defc5dc1207eb6208a3928128ef57ac4162018bd92b750dc1df1eaaf37835528aca33a0f9e04c82d5f8c4ba79c03a1780d2b72cbb90cc26f77275' +sha512sums=('ec94d849b56ec590b89022075ce43768d8ef44b7be9580ce032509b44c085f0f66495845607a18cd3dea6b89c69bc2a18012705556f59288cd8653c3e5eca302' + 'c5cb1cdff40d2d71fd3e692a9d0efadf2aa17290daf5195391a1c81ddd9dfc913a8e44d5be2b12be85b2a5565ea31631c99c7053564f2fb2225c80ea0bb0e4a4' + '1465b58279af1647f909450e394fe002ca165f0ff4a0254bfa9fe0e64316f50facdde2729d79a4e632565b4500cf4d6c74192ac0dd3bc9fe09129bbd67ba089d' + '021b958fcd0d346c4ba761bcf0cc40f3522de6186cf5a0a6ea34a70504ce9622b1c2626fce40675bc8282cf5f5ade18473656abc38050f72f5d6480507a2106e' + '40eb96bbc6736a16b6399e0cdb73e853d0d90b685c967e77899183446664d64570277a633fdafdefc351b46ce210a99115769a1d9f47ac749d7e82837d4d1ac3' + '2b3d98d027e46d8c08037366dde6f0781ca03c610ef2b380984639e4ef39899ed8d8b8e4cd9c9dc54df101279b95879bd66bfd4d04ad07fef41e847ea7ae32b5' + '88da614e4d3f4409c4fd3bb3e44c7587ba051e3fed4e33d526069a67e8180212e1ea22da984656f50e290049f60ddca65383e5983c0f8884f648d71f698303ad' + 'c2bc9ffc8583aeae71cee9ddcc4418969768d4e3764d47307da54f93981c0109fb07d84b061b3a3628bd00ba4d14a54742bc04848110eb3ae8ca25dbfbaabadb' + '4928b5b82f57645be9408362706ff2c4d9baa635b21b0d41b1c82930e8c60a759b1ea4fa74d7e6c7cae1b7692d006aa5cb72df0c3b88bf049779aa2b566f9d35' + '2e0b0fd23e6f10742a5517981e5171c6e88b0a93c83da701b296f5c0861d72c19782daab589a7eac3f9032152a0fc7eff7f5362db8fccc4859564a9aa82329cf' '78bfb62166ffcf136e12985809b3f412e0145a7f17388a559071f644970ccdfd2a02fe9aa4a180069b923c2e4354b061a4057096de856497f10d9cac57eae4b3' '8667a97e10f09c5ce5ba604e38a073b7d7944f4d24c5c78a7235443b65a8cc7b6e7de90e40aa335bb17fda0858d6b517ba1e8b5a0bd6bba4ad75ad44b73f6c9c' '7118bf02ff5338e70b3f27f8ea390cd05ea37a4ceabb4adc9d32fc57329e35e98330f0e865261dd4e670436e1a725832598888d44b1e2b17b351f59318860878' @@ -82,9 +113,6 @@ sha512sums=('f5250ad5ad3defc5dc1207eb6208a3928128ef57ac4162018bd92b750dc1df1eaaf 'c996d48737ad31528b0b2b1379e3ebae948d290de9ddc71f33c7c56f0634466bc7afb2eab847e851c19e3c13bb99468a0778d908606486959a40ff3272189bd3' '53ba61587cc2e84044e935531ed161e22c36d9e90b43cab7b8e63bcc531deeefacca301b5dff39ce89210f06f1d1e4f4f5cf49d658ed5d9038c707e3c95c66ef' '04000a802e96c11929cb94c9a2bcafbb4307620192388441d979ea85836c3395954dea53d449c1cc25c3a0a30c49d318b8de59a053c6254f5a81e87864648a9c' - '78c94d3e473abaf857213754c7f0ef1a0dd06354cd137d1567a48d92b4106cbefd112f1dcecc90bc1f8c75d76a0e8a3425408f777044de8ec754bcda32bb7f97' - '4fb6f678dccc9f23f2c3b27617718bc6c0a87505f7483f4d07563b7b2cc37d57d3b5ef658ee5867258916c5c2695a5086cc7790196aed85357c6d3168c06749b' - 'b55cb25f88acc348e6777063f241269730f06482fe430706ac500cbd7127bc7c70188f84a282dc8a0369cc838999d47a09afc33fc9f24b5c214bdf59352c414c' 'ccaa2ff82e4203b11e5dec9aeccac2e165721d8067e0094603ecaa7a70b78c9eb9e2287a32687883d26b6ceae6f8d2ad7636ddf949eb658637b3ceaa6999711b') prepare() { @@ -101,14 +129,19 @@ prepare() { # Uncomment line below if you want to enable ATI Passthrough support (some reported successes) #patch -Np1 -i ../ati-passthrough.patch - # Add Security Patches - patch -Np1 -i ../xsa73-4.3-unstable.patch - patch -Np1 -i ../xsa75-4.3-unstable.patch - patch -Np1 -i ../xsa78.patch - # Fix Install Paths sed -i 's:/sbin:/bin:' config/StdGNU.mk + # Copy supporting tarballs into place + cp ../lwip-1.3.0.tar.gz stubdom/ + cp ../zlib-1.2.3.tar.gz stubdom/ + cp ../newlib-1.16.0.tar.gz stubdom/ + cp ../pciutils-2.2.9.tar.bz2 stubdom/ + cp ../polarssl-1.1.4-gpl.tgz stubdom/ + cp ../grub-0.97.tar.gz stubdom/ + cp ../tpm_emulator-0.7.4.tar.gz stubdom/ + cp ../gmp-4.3.2.tar.bz2 stubdom/ + } build() { @@ -157,10 +190,8 @@ package() { fi # Compress and move syms file to a different directory - if [ "$CARCH" == "x86_64" ]; then - gzip boot/$pkgname-syms-$pkgver - mv boot/$pkgname-syms-$pkgver.gz usr/share/xen - fi + gzip boot/$pkgname-syms-$pkgver + mv boot/$pkgname-syms-$pkgver.gz usr/share/xen ##### Kill unwanted stuff ##### # hypervisor symlinks diff --git a/kernels/xen/xsa73-4.3-unstable.patch b/kernels/xen/xsa73-4.3-unstable.patch deleted file mode 100644 index aa36b40a1..000000000 --- a/kernels/xen/xsa73-4.3-unstable.patch +++ /dev/null @@ -1,105 +0,0 @@ -From 068bfa76bbd52430e65853375e1d5db99d193e2f Mon Sep 17 00:00:00 2001 -From: Andrew Cooper <andrew.cooper3@citrix.com> -Date: Thu, 31 Oct 2013 20:49:00 +0000 -Subject: [PATCH] gnttab: correct locking order reversal - -Coverity ID 1087189 - -Correct a lock order reversal between a domains page allocation and grant -table locks. - -This is CVE-2013-4494 / XSA-73. - -Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> - -Consolidate error handling. - -Signed-off-by: Jan Beulich <jbeulich@suse.com> -Reviewed-by: Keir Fraser <keir@xen.org> -Tested-by: Matthew Daley <mattjd@gmail.com> ---- - xen/common/grant_table.c | 52 +++++++++++++++++++++++++++++++++++++++------- - 1 file changed, 44 insertions(+), 8 deletions(-) - -diff --git a/xen/common/grant_table.c b/xen/common/grant_table.c -index f42bc7a..48df928 100644 ---- a/xen/common/grant_table.c -+++ b/xen/common/grant_table.c -@@ -1518,6 +1518,8 @@ gnttab_transfer( - - for ( i = 0; i < count; i++ ) - { -+ bool_t okay; -+ - if (i && hypercall_preempt_check()) - return i; - -@@ -1626,16 +1628,18 @@ gnttab_transfer( - * pages when it is dying. - */ - if ( unlikely(e->is_dying) || -- unlikely(e->tot_pages >= e->max_pages) || -- unlikely(!gnttab_prepare_for_transfer(e, d, gop.ref)) ) -+ unlikely(e->tot_pages >= e->max_pages) ) - { -- if ( !e->is_dying ) -- gdprintk(XENLOG_INFO, "gnttab_transfer: " -- "Transferee has no reservation " -- "headroom (%d,%d) or provided a bad grant ref (%08x) " -- "or is dying (%d)\n", -- e->tot_pages, e->max_pages, gop.ref, e->is_dying); - spin_unlock(&e->page_alloc_lock); -+ -+ if ( e->is_dying ) -+ gdprintk(XENLOG_INFO, "gnttab_transfer: " -+ "Transferee (d%d) is dying\n", e->domain_id); -+ else -+ gdprintk(XENLOG_INFO, "gnttab_transfer: " -+ "Transferee (d%d) has no headroom (tot %u, max %u)\n", -+ e->domain_id, e->tot_pages, e->max_pages); -+ - rcu_unlock_domain(e); - put_gfn(d, gop.mfn); - page->count_info &= ~(PGC_count_mask|PGC_allocated); -@@ -1647,6 +1651,38 @@ gnttab_transfer( - /* Okay, add the page to 'e'. */ - if ( unlikely(domain_adjust_tot_pages(e, 1) == 1) ) - get_knownalive_domain(e); -+ -+ /* -+ * We must drop the lock to avoid a possible deadlock in -+ * gnttab_prepare_for_transfer. We have reserved a page in e so can -+ * safely drop the lock and re-aquire it later to add page to the -+ * pagelist. -+ */ -+ spin_unlock(&e->page_alloc_lock); -+ okay = gnttab_prepare_for_transfer(e, d, gop.ref); -+ spin_lock(&e->page_alloc_lock); -+ -+ if ( unlikely(!okay) || unlikely(e->is_dying) ) -+ { -+ bool_t drop_dom_ref = (domain_adjust_tot_pages(e, -1) == 0); -+ -+ spin_unlock(&e->page_alloc_lock); -+ -+ if ( okay /* i.e. e->is_dying due to the surrounding if() */ ) -+ gdprintk(XENLOG_INFO, "gnttab_transfer: " -+ "Transferee (d%d) is now dying\n", e->domain_id); -+ -+ if ( drop_dom_ref ) -+ put_domain(e); -+ rcu_unlock_domain(e); -+ -+ put_gfn(d, gop.mfn); -+ page->count_info &= ~(PGC_count_mask|PGC_allocated); -+ free_domheap_page(page); -+ gop.status = GNTST_general_error; -+ goto copyback; -+ } -+ - page_list_add_tail(page, &e->page_list); - page_set_owner(page, e); - --- -1.7.10.4 - diff --git a/kernels/xen/xsa75-4.3-unstable.patch b/kernels/xen/xsa75-4.3-unstable.patch deleted file mode 100644 index 6c0c5bca1..000000000 --- a/kernels/xen/xsa75-4.3-unstable.patch +++ /dev/null @@ -1,55 +0,0 @@ -nested VMX: VMLANUCH/VMRESUME emulation must check permission first thing - -Otherwise uninitialized data may be used, leading to crashes. - -This is XSA-75. - -Reported-and-tested-by: Jeff Zimmerman <Jeff_Zimmerman@McAfee.com> -Signed-off-by: Jan Beulich <jbeulich@suse.com> -Reviewed-and-tested-by: Andrew Cooper <andrew.cooper3@citrix.com> - ---- a/xen/arch/x86/hvm/vmx/vvmx.c -+++ b/xen/arch/x86/hvm/vmx/vvmx.c -@@ -1508,15 +1508,10 @@ static void clear_vvmcs_launched(struct - } - } - --int nvmx_vmresume(struct vcpu *v, struct cpu_user_regs *regs) -+static int nvmx_vmresume(struct vcpu *v, struct cpu_user_regs *regs) - { - struct nestedvmx *nvmx = &vcpu_2_nvmx(v); - struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); -- int rc; -- -- rc = vmx_inst_check_privilege(regs, 0); -- if ( rc != X86EMUL_OKAY ) -- return rc; - - /* check VMCS is valid and IO BITMAP is set */ - if ( (nvcpu->nv_vvmcxaddr != VMCX_EADDR) && -@@ -1535,6 +1530,10 @@ int nvmx_handle_vmresume(struct cpu_user - struct vcpu *v = current; - struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); - struct nestedvmx *nvmx = &vcpu_2_nvmx(v); -+ int rc = vmx_inst_check_privilege(regs, 0); -+ -+ if ( rc != X86EMUL_OKAY ) -+ return rc; - - if ( vcpu_nestedhvm(v).nv_vvmcxaddr == VMCX_EADDR ) - { -@@ -1554,10 +1553,13 @@ int nvmx_handle_vmresume(struct cpu_user - int nvmx_handle_vmlaunch(struct cpu_user_regs *regs) - { - bool_t launched; -- int rc; - struct vcpu *v = current; - struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); - struct nestedvmx *nvmx = &vcpu_2_nvmx(v); -+ int rc = vmx_inst_check_privilege(regs, 0); -+ -+ if ( rc != X86EMUL_OKAY ) -+ return rc; - - if ( vcpu_nestedhvm(v).nv_vvmcxaddr == VMCX_EADDR ) - { diff --git a/kernels/xen/xsa78.patch b/kernels/xen/xsa78.patch deleted file mode 100644 index 180506cdd..000000000 --- a/kernels/xen/xsa78.patch +++ /dev/null @@ -1,23 +0,0 @@ -VT-d: fix TLB flushing in dma_pte_clear_one() - -The third parameter of __intel_iommu_iotlb_flush() is to indicate -whether the to be flushed entry was a present one. A few lines before, -we bailed if !dma_pte_present(*pte), so there's no need to check the -flag here again - we can simply always pass TRUE here. - -This is CVE-2013-6375 / XSA-78. - -Suggested-by: Cheng Yueqiang <yqcheng.2008@phdis.smu.edu.sg> -Signed-off-by: Jan Beulich <jbeulich@suse.com> - ---- a/xen/drivers/passthrough/vtd/iommu.c -+++ b/xen/drivers/passthrough/vtd/iommu.c -@@ -646,7 +646,7 @@ static void dma_pte_clear_one(struct dom - iommu_flush_cache_entry(pte, sizeof(struct dma_pte)); - - if ( !this_cpu(iommu_dont_flush_iotlb) ) -- __intel_iommu_iotlb_flush(domain, addr >> PAGE_SHIFT_4K , 0, 1); -+ __intel_iommu_iotlb_flush(domain, addr >> PAGE_SHIFT_4K, 1, 1); - - unmap_vtd_domain_page(page); - |