diff options
author | Mark H Weaver <mhw@netris.org> | 2015-06-15 23:57:14 -0400 |
---|---|---|
committer | Mark H Weaver <mhw@netris.org> | 2015-06-16 00:29:28 -0400 |
commit | fef3cfaaab972b1f514724f90050aeb38516519b (patch) | |
tree | 89d58b467be5e59263c1f41d06dfa4e08187eaf3 /gnu/packages/patches/qemu-CVE-2015-4106-pt5.patch | |
parent | 77ff9e9a994a3a23d973d87456a0085ac53b23bc (diff) | |
download | guix-fef3cfaaab972b1f514724f90050aeb38516519b.tar guix-fef3cfaaab972b1f514724f90050aeb38516519b.tar.gz |
gnu: qemu: Add fixes for CVE-2015-{4037,4103,4104,4105,4106}.
* gnu/packages/patches/qemu-CVE-2015-4037.patch,
gnu/packages/patches/qemu-CVE-2015-4103.patch,
gnu/packages/patches/qemu-CVE-2015-4104.patch,
gnu/packages/patches/qemu-CVE-2015-4105.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt1.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt2.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt3.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt4.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt5.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt6.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt7.patch,
gnu/packages/patches/qemu-CVE-2015-4106-pt8.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/qemu.scm (qemu-headless)[source]: Add patches.
Diffstat (limited to 'gnu/packages/patches/qemu-CVE-2015-4106-pt5.patch')
-rw-r--r-- | gnu/packages/patches/qemu-CVE-2015-4106-pt5.patch | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/gnu/packages/patches/qemu-CVE-2015-4106-pt5.patch b/gnu/packages/patches/qemu-CVE-2015-4106-pt5.patch new file mode 100644 index 0000000000..e28a491689 --- /dev/null +++ b/gnu/packages/patches/qemu-CVE-2015-4106-pt5.patch @@ -0,0 +1,33 @@ +From 45ebe3916ab16f859ed930e92fbd52d84d5dcdaf Mon Sep 17 00:00:00 2001 +From: Jan Beulich <jbeulich@suse.com> +Date: Tue, 2 Jun 2015 15:07:01 +0000 +Subject: [PATCH] xen/pt: mark all PCIe capability bits read-only + +xen_pt_emu_reg_pcie[]'s PCI_EXP_DEVCAP needs to cover all bits as read- +only to avoid unintended write-back (just a precaution, the field ought +to be read-only in hardware). + +This is a preparatory patch for XSA-131. + +Signed-off-by: Jan Beulich <jbeulich@suse.com> +Reviewed-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> +--- + hw/xen/xen_pt_config_init.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/xen/xen_pt_config_init.c b/hw/xen/xen_pt_config_init.c +index 3833b9e..9f6c00e 100644 +--- a/hw/xen/xen_pt_config_init.c ++++ b/hw/xen/xen_pt_config_init.c +@@ -871,7 +871,7 @@ static XenPTRegInfo xen_pt_emu_reg_pcie[] = { + .offset = PCI_EXP_DEVCAP, + .size = 4, + .init_val = 0x00000000, +- .ro_mask = 0x1FFCFFFF, ++ .ro_mask = 0xFFFFFFFF, + .emu_mask = 0x10000000, + .init = xen_pt_common_reg_init, + .u.dw.read = xen_pt_long_reg_read, +-- +2.2.1 + |