diff options
author | bouyer <bouyer@pkgsrc.org> | 2019-12-06 17:30:28 +0000 |
---|---|---|
committer | bouyer <bouyer@pkgsrc.org> | 2019-12-06 17:30:28 +0000 |
commit | 14378524c54b583a9004720146da74dcbb222a1a (patch) | |
tree | c0a5c6bdffde35fdcd59d8bb13e3dc80ce912cf0 /sysutils | |
parent | 5d24969269c12a177f94a37070c7c67ab0cf8a1e (diff) | |
download | pkgsrc-14378524c54b583a9004720146da74dcbb222a1a.tar.gz |
Apply upstream patch for XSA306 security issue.
Bump PKGREVISION
Diffstat (limited to 'sysutils')
-rw-r--r-- | sysutils/xenkernel411/Makefile | 4 | ||||
-rw-r--r-- | sysutils/xenkernel411/distinfo | 3 | ||||
-rw-r--r-- | sysutils/xenkernel411/patches/patch-XSA306 | 69 |
3 files changed, 73 insertions, 3 deletions
diff --git a/sysutils/xenkernel411/Makefile b/sysutils/xenkernel411/Makefile index b2ac15fd670..7c2a22e547d 100644 --- a/sysutils/xenkernel411/Makefile +++ b/sysutils/xenkernel411/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.10 2019/11/13 15:00:06 bouyer Exp $ +# $NetBSD: Makefile,v 1.11 2019/12/06 17:30:28 bouyer Exp $ VERSION= 4.11.2 -PKGREVISION= 2 +PKGREVISION= 3 DISTNAME= xen-${VERSION} PKGNAME= xenkernel411-${VERSION} CATEGORIES= sysutils diff --git a/sysutils/xenkernel411/distinfo b/sysutils/xenkernel411/distinfo index 4c277211611..439a143f8c4 100644 --- a/sysutils/xenkernel411/distinfo +++ b/sysutils/xenkernel411/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.7 2019/11/13 15:00:06 bouyer Exp $ +$NetBSD: distinfo,v 1.8 2019/12/06 17:30:28 bouyer Exp $ SHA1 (xen411/xen-4.11.2.tar.gz) = 82766db0eca7ce65962732af8a31bb5cce1eb7ce RMD160 (xen411/xen-4.11.2.tar.gz) = 6dcb1ac3e72381474912607b30b59fa55d87d38b @@ -10,6 +10,7 @@ SHA1 (patch-XSA299) = beb7ba1a8f9e0adda161c0da725ff053e674067e SHA1 (patch-XSA302) = 12fbb7dfea27f53c70c8115487a2e30595549c2b SHA1 (patch-XSA304) = f2c22732227e11a3e77c630f0264a689eed53399 SHA1 (patch-XSA305) = eb5e0096cbf501fcbd7a5c5f9d1f932b557636b6 +SHA1 (patch-XSA306) = f57201b2ae5f6435ce6ba3c6aac3e9e10cdba3fb SHA1 (patch-xen_Makefile) = 465388d80de414ca3bb84faefa0f52d817e423a6 SHA1 (patch-xen_Rules.mk) = c743dc63f51fc280d529a7d9e08650292c171dac SHA1 (patch-xen_arch_x86_Rules.mk) = 0bedfc53a128a87b6a249ae04fbdf6a053bfb70b diff --git a/sysutils/xenkernel411/patches/patch-XSA306 b/sysutils/xenkernel411/patches/patch-XSA306 new file mode 100644 index 00000000000..3f02f852df2 --- /dev/null +++ b/sysutils/xenkernel411/patches/patch-XSA306 @@ -0,0 +1,69 @@ +$NetBSD: patch-XSA306,v 1.1 2019/12/06 17:30:28 bouyer Exp $ + +From: Jan Beulich <jbeulich@suse.com> +Subject: IOMMU: default to always quarantining PCI devices + +XSA-302 relies on the use of libxl's "assignable-add" feature to prepare +devices to be assigned to untrusted guests. + +Unfortunately, this is not considered a strictly required step for +device assignment. The PCI passthrough documentation on the wiki +describes alternate ways of preparing devices for assignment, and +libvirt uses its own ways as well. Hosts where these alternate methods +are used will still leave the system in a vulnerable state after the +device comes back from a guest. + +Default to always quarantining PCI devices, but provide a command line +option to revert back to prior behavior (such that people who both +sufficiently trust their guests and want to be able to use devices in +Dom0 again after they had been in use by a guest wouldn't need to +"manually" move such devices back from DomIO to Dom0). + +This is XSA-306. + +Reported-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> +Signed-off-by: Jan Beulich <jbeulich@suse.com> +Reviewed-by: Wei Liu <wl@xen.org> + +--- xen/drivers/passthrough/iommu.c.orig ++++ xen/drivers/passthrough/iommu.c +@@ -52,6 +52,7 @@ custom_param("iommu", parse_iommu_param) + bool_t __initdata iommu_enable = 1; + bool_t __read_mostly iommu_enabled; + bool_t __read_mostly force_iommu; ++bool __read_mostly iommu_quarantine = true; + bool_t __hwdom_initdata iommu_dom0_strict; + bool_t __read_mostly iommu_verbose; + bool_t __read_mostly iommu_workaround_bios_bug; +@@ -99,6 +100,8 @@ static int __init parse_iommu_param(cons + else if ( !cmdline_strcmp(s, "force") || + !cmdline_strcmp(s, "required") ) + force_iommu = val; ++ else if ( !cmdline_strcmp(s, "quarantine") ) ++ iommu_quarantine = val; + else if ( !cmdline_strcmp(s, "workaround_bios_bug") ) + iommu_workaround_bios_bug = val; + else if ( !cmdline_strcmp(s, "igfx") ) +--- xen/drivers/passthrough/pci.c.orig ++++ xen/drivers/passthrough/pci.c +@@ -1511,7 +1511,8 @@ int deassign_device(struct domain *d, u1 + return -ENODEV; + + /* De-assignment from dom_io should de-quarantine the device */ +- target = (pdev->quarantine && pdev->domain != dom_io) ? ++ target = ((pdev->quarantine || iommu_quarantine) && ++ pdev->domain != dom_io) ? + dom_io : hardware_domain; + + while ( pdev->phantom_stride ) +--- xen/include/xen/iommu.h.orig ++++ xen/include/xen/iommu.h +@@ -29,7 +29,7 @@ + #include <asm/iommu.h> + + extern bool_t iommu_enable, iommu_enabled; +-extern bool_t force_iommu, iommu_verbose; ++extern bool force_iommu, iommu_quarantine, iommu_verbose; + extern bool_t iommu_workaround_bios_bug, iommu_igfx, iommu_passthrough; + extern bool_t iommu_snoop, iommu_qinval, iommu_intremap, iommu_intpost; + extern bool_t iommu_hap_pt_share; |