diff options
author | bsiegert <bsiegert@pkgsrc.org> | 2021-02-16 08:15:40 +0000 |
---|---|---|
committer | bsiegert <bsiegert@pkgsrc.org> | 2021-02-16 08:15:40 +0000 |
commit | a26c30ae026e5d85e6491c4a57d7d9ea02ff220c (patch) | |
tree | d7a76ae1e81e25a588c21e0a2e2584410cbef014 | |
parent | fbfa2594fad9e4323fa61652a01974671e2ebe9e (diff) | |
download | pkgsrc-a26c30ae026e5d85e6491c4a57d7d9ea02ff220c.tar.gz |
Pullup ticket #6424 - requested by bouyer
sysutils/xenkernel411: security fix
Revisions pulled up:
- sysutils/xenkernel411/Makefile 1.20
- sysutils/xenkernel411/distinfo 1.18
- sysutils/xenkernel411/patches/patch-XSA355 1.1
---
Module Name: pkgsrc
Committed By: bouyer
Date: Thu Feb 4 11:41:38 UTC 2021
Modified Files:
pkgsrc/sysutils/xenkernel411: Makefile distinfo
Added Files:
pkgsrc/sysutils/xenkernel411/patches: patch-XSA355
Log Message:
Add upstream patch for XSA355. Bump PKGREVISION
-rw-r--r-- | sysutils/xenkernel411/Makefile | 4 | ||||
-rw-r--r-- | sysutils/xenkernel411/distinfo | 3 | ||||
-rw-r--r-- | sysutils/xenkernel411/patches/patch-XSA355 | 25 |
3 files changed, 29 insertions, 3 deletions
diff --git a/sysutils/xenkernel411/Makefile b/sysutils/xenkernel411/Makefile index 2ba799ce1c9..88a39269481 100644 --- a/sysutils/xenkernel411/Makefile +++ b/sysutils/xenkernel411/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.19 2020/12/17 16:47:30 bouyer Exp $ +# $NetBSD: Makefile,v 1.19.2.1 2021/02/16 08:15:40 bsiegert Exp $ VERSION= 4.11.4 #keep >= 1 if we have security patches -PKGREVISION= 5 +PKGREVISION= 6 DISTNAME= xen-${VERSION} PKGNAME= xenkernel411-${VERSION} CATEGORIES= sysutils diff --git a/sysutils/xenkernel411/distinfo b/sysutils/xenkernel411/distinfo index 48b136bc4f3..9d98a9d4d6e 100644 --- a/sysutils/xenkernel411/distinfo +++ b/sysutils/xenkernel411/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.17 2020/12/17 16:47:30 bouyer Exp $ +$NetBSD: distinfo,v 1.17.2.1 2021/02/16 08:15:40 bsiegert Exp $ SHA1 (xen411/xen-4.11.4.tar.gz) = 6c8cdf441621c14dc5345196b48df6982c060c4f RMD160 (xen411/xen-4.11.4.tar.gz) = 49819fcd1de3985d4dea370be962548c862f2933 @@ -25,6 +25,7 @@ SHA1 (patch-XSA346) = c1962c037c5ab62c2f7e9a558c4565331c981be0 SHA1 (patch-XSA347) = f3f98a794584d5d4321b95c2b1b9c88821fa567e SHA1 (patch-XSA348) = 2a1128e86e31eff4596958324cbaab82830b51a8 SHA1 (patch-XSA351) = fca8d8c5c77ba8d6007d7643330be7f8835bbc5a +SHA1 (patch-XSA355) = 73ca5dff042a4a54b06af36e6ace7d09673c05f0 SHA1 (patch-XSA358) = 3831faa429ac35fa993a60c426fca877bea35bbd SHA1 (patch-XSA359) = 4b778a86fffbe0e2a364e1589d573bbc7c27ff99 SHA1 (patch-xen_Makefile) = 465388d80de414ca3bb84faefa0f52d817e423a6 diff --git a/sysutils/xenkernel411/patches/patch-XSA355 b/sysutils/xenkernel411/patches/patch-XSA355 new file mode 100644 index 00000000000..a4e1762ea0e --- /dev/null +++ b/sysutils/xenkernel411/patches/patch-XSA355 @@ -0,0 +1,25 @@ +$NetBSD: patch-XSA355,v 1.1.2.2 2021/02/16 08:15:41 bsiegert Exp $ + +From: Jan Beulich <jbeulich@suse.com> +Subject: memory: fix off-by-one in XSA-346 change + +The comparison against ARRAY_SIZE() needs to be >= in order to avoid +overrunning the pages[] array. + +This is XSA-355. + +Fixes: 5777a3742d88 ("IOMMU: hold page ref until after deferred TLB flush") +Signed-off-by: Jan Beulich <jbeulich@suse.com> +Reviewed-by: Julien Grall <jgrall@amazon.com> + +--- xen/common/memory.c.orig ++++ xen/common/memory.c +@@ -854,7 +854,7 @@ int xenmem_add_to_physmap(struct domain + ++extra.ppage; + + /* Check for continuation if it's not the last iteration. */ +- if ( (++done > ARRAY_SIZE(pages) && extra.ppage) || ++ if ( (++done >= ARRAY_SIZE(pages) && extra.ppage) || + (xatp->size > done && hypercall_preempt_check()) ) + { + rc = start + done; |