Apply patch backported from upstream, fixing XSA-202

Bump PKGREVISION

7 files changed, 150 insertions, 20 deletions

diff --git a/sysutils/xenkernel41/Makefile b/sysutils/xenkernel41/Makefile
index 41f492e8e4d..3428da24c71 100644
--- a/sysutils/xenkernel41/Makefile
+++ b/sysutils/xenkernel41/Makefile
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.53 2016/12/20 10:22:28 bouyer Exp $
+# $NetBSD: Makefile,v 1.54 2016/12/21 15:35:44 bouyer Exp $
 
 VERSION=	4.1.6.1
 DISTNAME=	xen-${VERSION}
 PKGNAME=	xenkernel41-${VERSION}
-PKGREVISION=	22
+PKGREVISION=	23
 CATEGORIES=	sysutils
 MASTER_SITES=	http://bits.xensource.com/oss-xen/release/${VERSION}/
 
diff --git a/sysutils/xenkernel41/distinfo b/sysutils/xenkernel41/distinfo
index fadc348ba56..86eecde8161 100644
--- a/sysutils/xenkernel41/distinfo
+++ b/sysutils/xenkernel41/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.46 2016/12/20 10:22:28 bouyer Exp $
+$NetBSD: distinfo,v 1.47 2016/12/21 15:35:44 bouyer Exp $
 
 SHA1 (xen-4.1.6.1.tar.gz) = e5f15feb0821578817a65ede16110c6eac01abd0
 RMD160 (xen-4.1.6.1.tar.gz) = bff11421fc44a26f2cc3156713267abcb36d7a19
@@ -45,12 +45,12 @@ SHA1 (patch-XSA-191) = 5da559e104543b8d22ea60378d9160d2ad83b8d0
 SHA1 (patch-XSA-192) = b0f2801fe6db91c2a98b82897cdee057062c6c2b
 SHA1 (patch-XSA-195) = a04295b397126e1cc1f129bb3cb9fb872fcbb373
 SHA1 (patch-XSA-200) = 2e5f6e3596fa754030af29a1dc8fafb738ad1da4
+SHA1 (patch-XSA-202) = ceb6f02eb7f1a41243c6e47c4f1bbbc9626a8da5
 SHA1 (patch-XSA-204) = 99e2b88b551d80724fcc27f925fbf65d3fc468de
 SHA1 (patch-xen_Makefile) = d1c7e4860221f93d90818f45a77748882486f92b
 SHA1 (patch-xen_arch_x86_Rules.mk) = 6b9b4bfa28924f7d3f6c793a389f1a7ac9d228e2
 SHA1 (patch-xen_arch_x86_cpu_mcheck_vmce.c) = 5afd01780a13654f1d21bf1562f6431c8370be0b
 SHA1 (patch-xen_arch_x86_time.c) = 2c69ac1cb5e0ca06c4f70acb91d2723a32ce98a9
-SHA1 (patch-xen_arch_x86_x86__64_entry.S) = 92bea7885c418e643bd9697abb9655bee9d1750b
 SHA1 (patch-xen_drivers_char_console_c) = 0fe186369602ccffaeec6f4bfbee8bb4298d3ff0
 SHA1 (patch-xen_drivers_passthrough_vtd_x86_ats.c) = 012ccbb27069c4f2e0361bd127397fdd22027f29
 SHA1 (patch-xen_include_xen_stdarg.h) = e9df974a9b783ed442ab17497198432cb9844b70
diff --git a/sysutils/xenkernel41/patches/patch-XSA-202 b/sysutils/xenkernel41/patches/patch-XSA-202
new file mode 100644
index 00000000000..d95bcc9b8e9
--- /dev/null
+++ b/sysutils/xenkernel41/patches/patch-XSA-202
@@ -0,0 +1,73 @@
+$NetBSD: patch-XSA-202,v 1.1 2016/12/21 15:35:44 bouyer Exp $
+
+From: Jan Beulich <jbeulich@suse.com>
+Subject: x86: force EFLAGS.IF on when exiting to PV guests
+
+Guest kernels modifying instructions in the process of being emulated
+for another of their vCPU-s may effect EFLAGS.IF to be cleared upon
+next exiting to guest context, by converting the being emulated
+instruction to CLI (at the right point in time). Prevent any such bad
+effects by always forcing EFLAGS.IF on. And to cover hypothetical other
+similar issues, also force EFLAGS.{IOPL,NT,VM} to zero.
+
+This is XSA-202.
+
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+
+ 
+--- xen/arch/x86/x86_64/compat/entry.S.orig	2014-09-02 08:22:57.000000000 +0200
++++ xen/arch/x86/x86_64/compat/entry.S	2016-12-21 13:23:21.000000000 +0100
+@@ -173,6 +173,10 @@
+ /* %rbx: struct vcpu, interrupts disabled */
+ ENTRY(compat_restore_all_guest)
+         ASSERT_INTERRUPTS_DISABLED
++	mov   $~(X86_EFLAGS_IOPL|X86_EFLAGS_NT|X86_EFLAGS_VM),%r11d
++	and   UREGS_eflags(%rsp),%r11d
++	or    $X86_EFLAGS_IF,%r11
++	mov   %r11d,UREGS_eflags(%rsp)
+         RESTORE_ALL
+         addq  $8,%rsp
+ .Lft0:  iretq
+--- xen/arch/x86/x86_64/entry.S.orig	2016-12-21 13:25:26.000000000 +0100
++++ xen/arch/x86/x86_64/entry.S	2016-12-21 13:32:36.000000000 +0100
+@@ -41,30 +41,29 @@
+         testw $TRAP_syscall,4(%rsp)
+         jz    iret_exit_to_guest
+ 
++	movq  24(%rsp),%r11           # RFLAGS
++	andq  $~(X86_EFLAGS_IOPL|X86_EFLAGS_NT|X86_EFLAGS_VM),%r11
++	orq   $X86_EFLAGS_IF,%r11
++
+         /* Don't use SYSRET path if the return address is not canonical. */
+         movq  8(%rsp),%rcx
+         sarq  $47,%rcx
+         incl  %ecx
+         cmpl  $1,%ecx
+-        ja    .Lforce_iret
++        movq  8(%rsp),%rcx            # RIP
++	ja    iret_exit_to_guest
+ 
+-        addq  $8,%rsp
+-        popq  %rcx                    # RIP
+-        popq  %r11                    # CS
+-        cmpw  $FLAT_USER_CS32,%r11
+-        popq  %r11                    # RFLAGS
+-        popq  %rsp                    # RSP
++        cmpw  $FLAT_USER_CS32,%r11w
++	movq  32(%rsp),%rsp           # RSP
+         je    1f
+         sysretq
+ 1:      sysretl
+ 
+-.Lforce_iret:
+-        /* Mimic SYSRET behavior. */
+-        movq  8(%rsp),%rcx            # RIP
+-        movq  24(%rsp),%r11           # RFLAGS
+         ALIGN
+ /* No special register assumptions. */
+ iret_exit_to_guest:
++	andl  $~(X86_EFLAGS_IOPL|X86_EFLAGS_NT|X86_EFLAGS_VM),24(%rsp)
++	orl   $X86_EFLAGS_IF,24(%rsp)
+         addq  $8,%rsp
+ .Lft0:  iretq
+ 
diff --git a/sysutils/xenkernel41/patches/patch-xen_arch_x86_x86__64_entry.S b/sysutils/xenkernel41/patches/patch-xen_arch_x86_x86__64_entry.S
deleted file mode 100644
index 625a19ec2ab..00000000000
--- a/sysutils/xenkernel41/patches/patch-xen_arch_x86_x86__64_entry.S
+++ /dev/null
@@ -1,13 +0,0 @@
-$NetBSD: patch-xen_arch_x86_x86__64_entry.S,v 1.1 2016/03/01 20:09:04 joerg Exp $
-
---- xen/arch/x86/x86_64/entry.S.orig	2016-02-29 20:42:10.767055585 +0000
-+++ xen/arch/x86/x86_64/entry.S
-@@ -51,7 +51,7 @@ restore_all_guest:
-         addq  $8,%rsp
-         popq  %rcx                    # RIP
-         popq  %r11                    # CS
--        cmpw  $FLAT_USER_CS32,%r11
-+        cmpw  $FLAT_USER_CS32,%r11w
-         popq  %r11                    # RFLAGS
-         popq  %rsp                    # RSP
-         je    1f
diff --git a/sysutils/xenkernel42/Makefile b/sysutils/xenkernel42/Makefile
index e4f065a0812..f77aaab99c4 100644
--- a/sysutils/xenkernel42/Makefile
+++ b/sysutils/xenkernel42/Makefile
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.25 2016/12/20 10:22:28 bouyer Exp $
+# $NetBSD: Makefile,v 1.26 2016/12/21 15:35:44 bouyer Exp $
 
 VERSION=	4.2.5
 DISTNAME=	xen-${VERSION}
 PKGNAME=	xenkernel42-${VERSION}
-PKGREVISION=	14
+PKGREVISION=	15
 CATEGORIES=	sysutils
 MASTER_SITES=	http://bits.xensource.com/oss-xen/release/${VERSION}/
 
diff --git a/sysutils/xenkernel42/distinfo b/sysutils/xenkernel42/distinfo
index 8471467ea4c..67f8ec3c58b 100644
--- a/sysutils/xenkernel42/distinfo
+++ b/sysutils/xenkernel42/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.24 2016/12/20 10:22:28 bouyer Exp $
+$NetBSD: distinfo,v 1.25 2016/12/21 15:35:44 bouyer Exp $
 
 SHA1 (xen-4.2.5.tar.gz) = f42741e4ec174495ace70c4b17a6b9b0e60e798a
 RMD160 (xen-4.2.5.tar.gz) = 7d4f7f1b32ee541d341a756b1f8da02816438d19
@@ -34,6 +34,7 @@ SHA1 (patch-XSA-191) = 7a5e2e78c457c5922e2ccd711f2a39afba238e40
 SHA1 (patch-XSA-192) = f95757227ece59a2f320308edefcf01f1a96212c
 SHA1 (patch-XSA-195) = bb20234c4db0dc098ea47564732e87710bfcb9d8
 SHA1 (patch-XSA-200) = 2f615fa9c4ac43fc98f6c897acb5ee7e4651a668
+SHA1 (patch-XSA-202) = 0effaf281f31d7dadbd9c02cb51b1d29dd0014f9
 SHA1 (patch-XSA-204) = f6a59adf3cbd0aab59ccf233240a6b4e9ee2913b
 SHA1 (patch-xen_Makefile) = e0d1b74518b9675ddc64295d1523ded9a8757c0a
 SHA1 (patch-xen_arch_x86_Rules.mk) = 6b9b4bfa28924f7d3f6c793a389f1a7ac9d228e2
diff --git a/sysutils/xenkernel42/patches/patch-XSA-202 b/sysutils/xenkernel42/patches/patch-XSA-202
new file mode 100644
index 00000000000..c3d8ff36a84
--- /dev/null
+++ b/sysutils/xenkernel42/patches/patch-XSA-202
@@ -0,0 +1,69 @@
+$NetBSD: patch-XSA-202,v 1.1 2016/12/21 15:35:44 bouyer Exp $
+
+From: Jan Beulich <jbeulich@suse.com>
+Subject: x86: force EFLAGS.IF on when exiting to PV guests
+
+Guest kernels modifying instructions in the process of being emulated
+for another of their vCPU-s may effect EFLAGS.IF to be cleared upon
+next exiting to guest context, by converting the being emulated
+instruction to CLI (at the right point in time). Prevent any such bad
+effects by always forcing EFLAGS.IF on. And to cover hypothetical other
+similar issues, also force EFLAGS.{IOPL,NT,VM} to zero.
+
+This is XSA-202.
+
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+
+ 
+--- xen/arch/x86/x86_64/entry.S.orig
++++ xen/arch/x86/x86_64/entry.S
+@@ -41,28 +41,29 @@ restore_all_guest:
+         testw $TRAP_syscall,4(%rsp)
+         jz    iret_exit_to_guest
+ 
++        movq  24(%rsp),%r11           # RFLAGS
++        andq  $~(X86_EFLAGS_IOPL|X86_EFLAGS_NT|X86_EFLAGS_VM),%r11
++        orq   $X86_EFLAGS_IF,%r11
++
+         /* Don't use SYSRET path if the return address is not canonical. */
+         movq  8(%rsp),%rcx
+         sarq  $47,%rcx
+         incl  %ecx
+         cmpl  $1,%ecx
+-        ja    .Lforce_iret
++        movq  8(%rsp),%rcx            # RIP
++        ja    iret_exit_to_guest
+ 
+         cmpw  $FLAT_USER_CS32,16(%rsp)# CS
+-        movq  8(%rsp),%rcx            # RIP
+-        movq  24(%rsp),%r11           # RFLAGS
+         movq  32(%rsp),%rsp           # RSP
+         je    1f
+         sysretq
+ 1:      sysretl
+ 
+-.Lforce_iret:
+-        /* Mimic SYSRET behavior. */
+-        movq  8(%rsp),%rcx            # RIP
+-        movq  24(%rsp),%r11           # RFLAGS
+         ALIGN
+ /* No special register assumptions. */
+ iret_exit_to_guest:
++        andl  $~(X86_EFLAGS_IOPL|X86_EFLAGS_NT|X86_EFLAGS_VM),24(%rsp)
++        orl   $X86_EFLAGS_IF,24(%rsp)
+         addq  $8,%rsp
+ .Lft0:  iretq
+ 
+--- xen/arch/x86/x86_64/compat/entry.S.orig	2014-09-02 08:22:57.000000000 +0200
++++ xen/arch/x86/x86_64/compat/entry.S	2016-12-21 13:23:21.000000000 +0100
+@@ -173,6 +173,10 @@
+ /* %rbx: struct vcpu, interrupts disabled */
+ ENTRY(compat_restore_all_guest)
+         ASSERT_INTERRUPTS_DISABLED
++	mov   $~(X86_EFLAGS_IOPL|X86_EFLAGS_NT|X86_EFLAGS_VM),%r11d
++	and   UREGS_eflags(%rsp),%r11d
++	or    $X86_EFLAGS_IF,%r11
++	mov   %r11d,UREGS_eflags(%rsp)
+         RESTORE_ALL
+         addq  $8,%rsp
+ .Lft0:  iretq