From a074e753bb976501c384991f1cb8fb97d66f7723 Mon Sep 17 00:00:00 2001
From: drochner <drochner@pkgsrc.org>
Date: Wed, 18 Jun 2014 13:47:08 +0000
Subject: add patch from upstream to fix possible data leak (CVE-2014-4021)
 bump PKGREV

---
 sysutils/xenkernel41/Makefile                    |  4 ++--
 sysutils/xenkernel41/distinfo                    |  3 ++-
 sysutils/xenkernel41/patches/patch-CVE-2014-4021 | 26 ++++++++++++++++++++++++
 3 files changed, 30 insertions(+), 3 deletions(-)
 create mode 100644 sysutils/xenkernel41/patches/patch-CVE-2014-4021

(limited to 'sysutils/xenkernel41')

diff --git a/sysutils/xenkernel41/Makefile b/sysutils/xenkernel41/Makefile
index b34c844b5b0..26ef1ad99ba 100644
--- a/sysutils/xenkernel41/Makefile
+++ b/sysutils/xenkernel41/Makefile
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.37 2014/05/09 07:37:20 wiz Exp $
+# $NetBSD: Makefile,v 1.38 2014/06/18 13:47:08 drochner Exp $
 
 VERSION=	4.1.6.1
 DISTNAME=	xen-${VERSION}
 PKGNAME=	xenkernel41-${VERSION}
-PKGREVISION=	9
+PKGREVISION=	10
 CATEGORIES=	sysutils
 MASTER_SITES=	http://bits.xensource.com/oss-xen/release/${VERSION}/
 
diff --git a/sysutils/xenkernel41/distinfo b/sysutils/xenkernel41/distinfo
index 2bcf750e0ee..c5b4cf1fe80 100644
--- a/sysutils/xenkernel41/distinfo
+++ b/sysutils/xenkernel41/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.28 2014/05/05 13:39:10 drochner Exp $
+$NetBSD: distinfo,v 1.29 2014/06/18 13:47:08 drochner Exp $
 
 SHA1 (xen-4.1.6.1.tar.gz) = e5f15feb0821578817a65ede16110c6eac01abd0
 RMD160 (xen-4.1.6.1.tar.gz) = bff11421fc44a26f2cc3156713267abcb36d7a19
@@ -16,6 +16,7 @@ SHA1 (patch-CVE-2013-6885_1) = 18d155b2c76119988be32cfd43e3c4aa6a507b9d
 SHA1 (patch-CVE-2013-6885_2) = be3c99ba3e349492d45cd4f2fce0acc26ac1a96d
 SHA1 (patch-CVE-2014-1666) = acf27080799d4aae6a03b556caadb01081d5314e
 SHA1 (patch-CVE-2014-3124) = 59a48eed88abcda5de2fc7e398451a492e5d2145
+SHA1 (patch-CVE-2014-4021) = ee8ee800b35f7eaa242b06536c1ffa6568305b36
 SHA1 (patch-Config.mk) = a43ed1b3304d6383dc093acd128a7f373d0ca266
 SHA1 (patch-xen_Makefile) = d1c7e4860221f93d90818f45a77748882486f92b
 SHA1 (patch-xen_arch_x86_Rules.mk) = 6b9b4bfa28924f7d3f6c793a389f1a7ac9d228e2
diff --git a/sysutils/xenkernel41/patches/patch-CVE-2014-4021 b/sysutils/xenkernel41/patches/patch-CVE-2014-4021
new file mode 100644
index 00000000000..e5c196eaf94
--- /dev/null
+++ b/sysutils/xenkernel41/patches/patch-CVE-2014-4021
@@ -0,0 +1,26 @@
+$NetBSD: patch-CVE-2014-4021,v 1.1 2014/06/18 13:47:08 drochner Exp $
+
+http://lists.xenproject.org/archives/html/xen-devel/2014-06/msg02095.html
+
+--- xen/common/page_alloc.c.orig	2013-09-10 06:42:18.000000000 +0000
++++ xen/common/page_alloc.c	2014-06-18 10:36:33.000000000 +0000
+@@ -1123,7 +1123,10 @@ void free_xenheap_pages(void *v, unsigne
+     pg = virt_to_page(v);
+ 
+     for ( i = 0; i < (1u << order); i++ )
++    {
++        scrub_one_page(&pg[i]);
+         pg[i].count_info &= ~PGC_xen_heap;
++    }
+ 
+     free_heap_pages(pg, order);
+ }
+@@ -1290,6 +1293,8 @@ void free_domheap_pages(struct page_info
+     else
+     {
+         /* Freeing anonymous domain-heap pages. */
++        for ( i = 0; i < (1 << order); i++ )
++            scrub_one_page(&pg[i]);
+         free_heap_pages(pg, order);
+         drop_dom_ref = 0;
+     }
-- 
cgit v1.2.3