xen: upgrade 4.9.x recipe to 4.9.1 and apply XSA/CVE fix patches

Upgrade the Xen 4.9.x series recipe to latest 4.9.1 and apply patches for: XSA-245 / CVE-2017-17046 XSA-246 / CVE-2017-17044 XSA-247 / CVE-2017-17045 XSA-248 / CVE-2017-17566 XSA-249 / CVE-2017-17563 XSA-250 / CVE-2017-17564 XSA-251 / CVE-2017-17565 Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
author: Christopher Clark <christopher.w.clark@gmail.com> 2018-01-08 23:12:44 -0800
committer: Bruce Ashfield <bruce.ashfield@windriver.com> 2018-01-12 10:37:46 -0500
commit: 3f5221471424c3da63821c60ad720d793844e89e (patch)
tree: cffd5309d84c096daf8714af460922adf4011160 /recipes-extended/xen/files/xsa251.patch
parent: d1969606e3540d3771a5ba4626d4e5ea42bd683a (diff)
download: meta-virtualization-3f5221471424c3da63821c60ad720d793844e89e.tar.gz
1 files changed, 21 insertions, 0 deletions
diff --git a/recipes-extended/xen/files/xsa251.patch b/recipes-extended/xen/files/xsa251.patch
new file mode 100644
index 00000000..582ef622
--- /dev/null
+++ b/recipes-extended/xen/files/xsa251.patch
@@ -0,0 +1,21 @@
+From: Jan Beulich <jbeulich@suse.com>
+Subject: x86/paging: don't unconditionally BUG() on finding SHARED_M2P_ENTRY
+PV guests can fully control the values written into the P2M.
+This is XSA-251.
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
+--- a/xen/arch/x86/mm/paging.c
+++ b/xen/arch/x86/mm/paging.c
+@@ -274,7 +274,7 @@ void paging_mark_pfn_dirty(struct domain
+         return;
+ 
+     /* Shared MFNs should NEVER be marked dirty */
+-    BUG_ON(SHARED_M2P(pfn_x(pfn)));
+    BUG_ON(paging_mode_translate(d) && SHARED_M2P(pfn_x(pfn)));
+ 
+     /*
+      * Values with the MSB set denote MFNs that aren't really part of the
author	Christopher Clark <christopher.w.clark@gmail.com>	2018-01-08 23:12:44 -0800
committer	Bruce Ashfield <bruce.ashfield@windriver.com>	2018-01-12 10:37:46 -0500
commit	3f5221471424c3da63821c60ad720d793844e89e (patch)
tree	cffd5309d84c096daf8714af460922adf4011160 /recipes-extended/xen/files/xsa251.patch
parent	d1969606e3540d3771a5ba4626d4e5ea42bd683a (diff)
download	meta-virtualization-3f5221471424c3da63821c60ad720d793844e89e.tar.gz

diff --git a/recipes-extended/xen/files/xsa251.patch b/recipes-extended/xen/files/xsa251.patch new file mode 100644 index 00000000..582ef622 --- /dev/null +++ b/recipes-extended/xen/files/xsa251.patch
@@ -0,0 +1,21 @@
	1	From: Jan Beulich <jbeulich@suse.com>
	2	Subject: x86/paging: don't unconditionally BUG() on finding SHARED_M2P_ENTRY
	3
	4	PV guests can fully control the values written into the P2M.
	5
	6	This is XSA-251.
	7
	8	Signed-off-by: Jan Beulich <jbeulich@suse.com>
	9	Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
	10
	11	--- a/xen/arch/x86/mm/paging.c
	12	+++ b/xen/arch/x86/mm/paging.c
	13	@@ -274,7 +274,7 @@ void paging_mark_pfn_dirty(struct domain
	14	return;
	15
	16	/* Shared MFNs should NEVER be marked dirty */
	17	- BUG_ON(SHARED_M2P(pfn_x(pfn)));
	18	+ BUG_ON(paging_mode_translate(d) && SHARED_M2P(pfn_x(pfn)));
	19
	20	/*
	21	* Values with the MSB set denote MFNs that aren't really part of the