[Pkg-xen-changes] r1146 - trunk/xen/debian/patches
Bastian Blank
waldi at alioth.debian.org
Thu Feb 14 20:07:05 UTC 2013
Author: waldi
Date: Thu Feb 14 20:07:04 2013
New Revision: 1146
Log:
debian/patches: Replace some patches.
Modified:
trunk/xen/debian/patches/CVE-2012-5634
trunk/xen/debian/patches/CVE-2013-0153-1
trunk/xen/debian/patches/CVE-2013-0153-2
trunk/xen/debian/patches/CVE-2013-0153-3
trunk/xen/debian/patches/CVE-2013-0153-4
Modified: trunk/xen/debian/patches/CVE-2012-5634
==============================================================================
--- trunk/xen/debian/patches/CVE-2012-5634 Thu Feb 14 20:01:00 2013 (r1145)
+++ trunk/xen/debian/patches/CVE-2012-5634 Thu Feb 14 20:07:04 2013 (r1146)
@@ -5,12 +5,12 @@
Origin: upstream
Id: CVE-2012-5634
---
---- a/xen/drivers/passthrough/vtd/intremap.c Tue Jan 08 10:23:37 2013 +0100
-+++ b/xen/drivers/passthrough/vtd/intremap.c Wed Jan 09 17:19:01 2013 +0100
-@@ -499,7 +499,7 @@
+--- a/xen/drivers/passthrough/vtd/intremap.c Wed Jan 09 10:53:16 2013 +0100
++++ b/xen/drivers/passthrough/vtd/intremap.c Wed Jan 09 17:16:00 2013 +0100
+@@ -462,7 +462,7 @@
set_ire_sid(ire, SVT_VERIFY_BUS, SQ_ALL_16,
(bus << 8) | pdev->bus);
- else if ( pdev_type(bus, devfn) == DEV_TYPE_LEGACY_PCI_BRIDGE )
+ else if ( pdev_type(seg, bus, devfn) == DEV_TYPE_LEGACY_PCI_BRIDGE )
- set_ire_sid(ire, SVT_VERIFY_BUS, SQ_ALL_16,
+ set_ire_sid(ire, SVT_VERIFY_SID_SQ, SQ_ALL_16,
PCI_BDF2(bus, devfn));
Modified: trunk/xen/debian/patches/CVE-2013-0153-1
==============================================================================
--- trunk/xen/debian/patches/CVE-2013-0153-1 Thu Feb 14 20:01:00 2013 (r1145)
+++ trunk/xen/debian/patches/CVE-2013-0153-1 Thu Feb 14 20:07:04 2013 (r1146)
@@ -6,8 +6,8 @@
Origin: upstream, commit:23448:dd6694df1a31
Id: CVE-2013-0153
---
---- a/xen/drivers/acpi/tables.c Thu Jan 17 16:11:02 2013 +0000
-+++ b/xen/drivers/acpi/tables.c Tue Feb 05 15:34:55 2013 +0100
+--- a/xen/drivers/acpi/tables.c Wed Jan 23 11:52:44 2013 +0100
++++ b/xen/drivers/acpi/tables.c Tue Feb 05 15:29:03 2013 +0100
@@ -267,7 +267,7 @@
* @handler: handler to run
*
@@ -15,7 +15,7 @@
- * run @handler on it. Return 0 if table found, return on if not.
+ * run @handler on it.
*/
- int acpi_table_parse(char *id, acpi_table_handler handler)
+ int __init acpi_table_parse(char *id, acpi_table_handler handler)
{
@@ -282,8 +282,7 @@
acpi_get_table(id, 0, &table);
Modified: trunk/xen/debian/patches/CVE-2013-0153-2
==============================================================================
--- trunk/xen/debian/patches/CVE-2013-0153-2 Thu Feb 14 20:01:00 2013 (r1145)
+++ trunk/xen/debian/patches/CVE-2013-0153-2 Thu Feb 14 20:07:04 2013 (r1146)
@@ -12,45 +12,38 @@
Origin: upstream, commit:23449:cac6ae5e5dc6
Id: CVE-2013-0153
---
---- a/xen/drivers/passthrough/amd/iommu_acpi.c Tue Feb 05 15:34:55 2013 +0100
-+++ b/xen/drivers/passthrough/amd/iommu_acpi.c Tue Feb 05 15:35:44 2013 +0100
-@@ -21,6 +21,7 @@
- #include <xen/config.h>
+--- a/xen/drivers/passthrough/amd/iommu_acpi.c Tue Feb 05 15:29:03 2013 +0100
++++ b/xen/drivers/passthrough/amd/iommu_acpi.c Tue Feb 05 15:29:51 2013 +0100
+@@ -22,6 +22,7 @@
#include <xen/errno.h>
+ #include <xen/acpi.h>
#include <asm/apicdef.h>
+#include <asm/io_apic.h>
#include <asm/amd-iommu.h>
#include <asm/hvm/svm/amd-iommu-proto.h>
- #include <asm/hvm/svm/amd-iommu-acpi.h>
-@@ -29,7 +30,6 @@
- extern unsigned short ivrs_bdf_entries;
- extern struct ivrs_mappings *ivrs_mappings;
- extern unsigned short last_bdf;
--extern int ioapic_bdf[MAX_IO_APICS];
- extern void *shared_intremap_table;
- static void add_ivrs_mapping_entry(
-@@ -636,6 +636,7 @@
+@@ -635,6 +636,7 @@
u16 header_length, u16 block_length, struct amd_iommu *iommu)
{
u16 dev_length, bdf;
+ int apic;
- dev_length = sizeof(struct acpi_ivhd_device_special);
+ dev_length = sizeof(*special);
if ( header_length < (block_length + dev_length) )
-@@ -652,9 +653,58 @@
+@@ -651,10 +653,59 @@
}
- add_ivrs_mapping_entry(bdf, bdf, ivhd_device->header.flags, iommu);
+ add_ivrs_mapping_entry(bdf, bdf, special->header.data_setting, iommu);
- /* set device id of ioapic */
-- ioapic_bdf[ivhd_device->special.handle] = bdf;
+- ioapic_sbdf[special->handle].bdf = bdf;
+- ioapic_sbdf[special->handle].seg = seg;
- return dev_length;
+
-+ if ( ivhd_device->special.variety != 1 /* ACPI_IVHD_IOAPIC */ )
++ if ( special->variety != ACPI_IVHD_IOAPIC )
+ {
-+ if ( ivhd_device->special.variety != 2 /* ACPI_IVHD_HPET */ )
++ if ( special->variety != ACPI_IVHD_HPET )
+ printk(XENLOG_ERR "Unrecognized IVHD special variety %#x\n",
-+ ivhd_device->special.variety);
++ special->variety);
+ return dev_length;
+ }
+
@@ -61,18 +54,19 @@
+ */
+ for ( apic = 0; apic < nr_ioapics; apic++ )
+ {
-+ if ( IO_APIC_ID(apic) != ivhd_device->special.handle )
++ if ( IO_APIC_ID(apic) != special->handle )
+ continue;
+
-+ if ( ioapic_bdf[ivhd_device->special.handle].pin_setup )
++ if ( ioapic_sbdf[special->handle].pin_setup )
+ {
-+ if ( ioapic_bdf[ivhd_device->special.handle].bdf == bdf )
++ if ( ioapic_sbdf[special->handle].bdf == bdf &&
++ ioapic_sbdf[special->handle].seg == seg )
+ AMD_IOMMU_DEBUG("IVHD Warning: Duplicate IO-APIC %#x entries\n",
-+ ivhd_device->special.handle);
++ special->handle);
+ else
+ {
+ printk(XENLOG_ERR "IVHD Error: Conflicting IO-APIC %#x entries\n",
-+ ivhd_device->special.handle);
++ special->handle);
+ if ( amd_iommu_perdev_intremap )
+ return 0;
+ }
@@ -80,12 +74,13 @@
+ else
+ {
+ /* set device id of ioapic */
-+ ioapic_bdf[ivhd_device->special.handle].bdf = bdf;
++ ioapic_sbdf[special->handle].bdf = bdf;
++ ioapic_sbdf[special->handle].seg = seg;
+
-+ ioapic_bdf[ivhd_device->special.handle].pin_setup = xzalloc_array(
-+ unsigned long, BITS_TO_LONGS(nr_ioapic_registers[apic]));
-+ if ( nr_ioapic_registers[apic] &&
-+ !ioapic_bdf[IO_APIC_ID(apic)].pin_setup )
++ ioapic_sbdf[special->handle].pin_setup = xzalloc_array(
++ unsigned long, BITS_TO_LONGS(nr_ioapic_entries[apic]));
++ if ( nr_ioapic_entries[apic] &&
++ !ioapic_sbdf[IO_APIC_ID(apic)].pin_setup )
+ {
+ printk(XENLOG_ERR "IVHD Error: Out of memory\n");
+ return 0;
@@ -94,25 +89,14 @@
+ return dev_length;
+ }
+
-+ printk(XENLOG_ERR "IVHD Error: Invalid IO-APIC %#x\n",
-+ ivhd_device->special.handle);
++ printk(XENLOG_ERR "IVHD Error: Invalid IO-APIC %#x\n", special->handle);
+ return 0;
}
- static int __init parse_ivhd_block(struct acpi_ivhd_block_header *ivhd_block)
-diff -r dd6694df1a31 -r cac6ae5e5dc6 xen/drivers/passthrough/amd/iommu_intr.c
---- a/xen/drivers/passthrough/amd/iommu_intr.c Tue Feb 05 15:34:55 2013 +0100
-+++ b/xen/drivers/passthrough/amd/iommu_intr.c Tue Feb 05 15:35:44 2013 +0100
-@@ -27,7 +27,7 @@
- #define INTREMAP_LENGTH 0xB
- #define INTREMAP_ENTRIES (1 << INTREMAP_LENGTH)
-
--int ioapic_bdf[MAX_IO_APICS];
-+struct ioapic_bdf ioapic_bdf[MAX_IO_APICS];
- extern struct ivrs_mappings *ivrs_mappings;
- extern unsigned short ivrs_bdf_entries;
- void *shared_intremap_table;
-@@ -117,12 +117,12 @@
+ static int __init parse_ivhd_block(const struct acpi_ivrs_hardware *ivhd_block)
+--- a/xen/drivers/passthrough/amd/iommu_intr.c Tue Feb 05 15:29:03 2013 +0100
++++ b/xen/drivers/passthrough/amd/iommu_intr.c Tue Feb 05 15:29:51 2013 +0100
+@@ -99,12 +99,12 @@
static void update_intremap_entry_from_ioapic(
int bdf,
struct amd_iommu *iommu,
@@ -127,7 +111,7 @@
int req_id;
spinlock_t *lock;
int offset;
-@@ -138,6 +138,14 @@
+@@ -120,6 +120,14 @@
spin_lock_irqsave(lock, flags);
offset = get_intremap_offset(vector, delivery_mode);
@@ -137,51 +121,33 @@
+ old_rte->delivery_mode);
+
+ if ( offset != old_offset )
-+ free_intremap_entry(bdf, old_offset);
++ free_intremap_entry(iommu->seg, bdf, old_offset);
+ }
- entry = (u32*)get_intremap_entry(req_id, offset);
+ entry = (u32*)get_intremap_entry(iommu->seg, req_id, offset);
update_intremap_entry(entry, vector, delivery_mode, dest_mode, dest);
-@@ -176,7 +184,7 @@
- continue;
-
- /* get device id of ioapic devices */
-- bdf = ioapic_bdf[IO_APIC_ID(apic)];
-+ bdf = ioapic_bdf[IO_APIC_ID(apic)].bdf;
- iommu = find_iommu_for_device(bdf);
- if ( !iommu )
- {
-@@ -207,6 +215,7 @@
- flush_command_buffer(iommu);
+@@ -188,6 +196,7 @@
+ amd_iommu_flush_intremap(iommu, req_id);
spin_unlock_irqrestore(&iommu->lock, flags);
}
-+ set_bit(pin, ioapic_bdf[IO_APIC_ID(apic)].pin_setup);
++ set_bit(pin, ioapic_sbdf[IO_APIC_ID(apic)].pin_setup);
}
}
return 0;
-@@ -218,6 +227,7 @@
+@@ -199,6 +208,7 @@
struct IO_APIC_route_entry old_rte = { 0 };
struct IO_APIC_route_entry new_rte = { 0 };
unsigned int rte_lo = (reg & 1) ? reg - 1 : reg;
+ unsigned int pin = (reg - 0x10) / 2;
- int saved_mask, bdf;
+ int saved_mask, seg, bdf;
struct amd_iommu *iommu;
-@@ -228,7 +238,7 @@
- }
-
- /* get device id of ioapic devices */
-- bdf = ioapic_bdf[IO_APIC_ID(apic)];
-+ bdf = ioapic_bdf[IO_APIC_ID(apic)].bdf;
- iommu = find_iommu_for_device(bdf);
- if ( !iommu )
- {
-@@ -254,6 +264,14 @@
+@@ -236,6 +246,14 @@
*(((u32 *)&new_rte) + 1) = value;
}
+ if ( new_rte.mask &&
-+ !test_bit(pin, ioapic_bdf[IO_APIC_ID(apic)].pin_setup) )
++ !test_bit(pin, ioapic_sbdf[IO_APIC_ID(apic)].pin_setup) )
+ {
+ ASSERT(saved_mask);
+ __io_apic_write(apic, reg, value);
@@ -191,7 +157,7 @@
/* mask the interrupt while we change the intremap table */
if ( !saved_mask )
{
-@@ -262,7 +280,11 @@
+@@ -244,7 +262,11 @@
}
/* Update interrupt remapping entry */
@@ -199,12 +165,12 @@
+ update_intremap_entry_from_ioapic(
+ bdf, iommu, &new_rte,
+ test_and_set_bit(pin,
-+ ioapic_bdf[IO_APIC_ID(apic)].pin_setup) ? &old_rte
-+ : NULL);
++ ioapic_sbdf[IO_APIC_ID(apic)].pin_setup) ? &old_rte
++ : NULL);
/* Forward write access to IO-APIC RTE */
__io_apic_write(apic, reg, value);
-@@ -373,6 +395,12 @@
+@@ -354,6 +376,12 @@
return;
}
@@ -217,18 +183,13 @@
update_intremap_entry_from_msi_msg(iommu, pdev, msi_desc, msg);
}
-diff -r dd6694df1a31 -r cac6ae5e5dc6 xen/include/asm-x86/hvm/svm/amd-iommu-proto.h
---- a/xen/include/asm-x86/hvm/svm/amd-iommu-proto.h Tue Feb 05 15:34:55 2013 +0100
-+++ b/xen/include/asm-x86/hvm/svm/amd-iommu-proto.h Tue Feb 05 15:35:44 2013 +0100
-@@ -88,6 +88,11 @@
- unsigned int amd_iommu_read_ioapic_from_ire(
- unsigned int apic, unsigned int reg);
+--- a/xen/include/asm-x86/hvm/svm/amd-iommu-proto.h Tue Feb 05 15:29:03 2013 +0100
++++ b/xen/include/asm-x86/hvm/svm/amd-iommu-proto.h Tue Feb 05 15:29:51 2013 +0100
+@@ -100,6 +100,7 @@
-+extern struct ioapic_bdf {
-+ u16 bdf;
+ extern struct ioapic_sbdf {
+ u16 bdf, seg;
+ unsigned long *pin_setup;
-+} ioapic_bdf[];
-+
- /* power management support */
- void amd_iommu_resume(void);
- void amd_iommu_suspend(void);
+ } ioapic_sbdf[MAX_IO_APICS];
+ extern void *shared_intremap_table;
+
Modified: trunk/xen/debian/patches/CVE-2013-0153-3
==============================================================================
--- trunk/xen/debian/patches/CVE-2013-0153-3 Thu Feb 14 20:01:00 2013 (r1145)
+++ trunk/xen/debian/patches/CVE-2013-0153-3 Thu Feb 14 20:07:04 2013 (r1146)
@@ -12,9 +12,9 @@
Origin: upstream, commit:23450:5c0fe82d6060
Id: CVE-2013-0153
---
---- a/xen/drivers/passthrough/amd/iommu_init.c Tue Feb 05 15:35:44 2013 +0100
-+++ b/xen/drivers/passthrough/amd/iommu_init.c Tue Feb 05 15:36:11 2013 +0100
-@@ -897,12 +897,45 @@
+--- a/xen/drivers/passthrough/amd/iommu_init.c Tue Feb 05 15:29:51 2013 +0100
++++ b/xen/drivers/passthrough/amd/iommu_init.c Tue Feb 05 15:30:31 2013 +0100
+@@ -1126,12 +1126,45 @@
return 0;
}
@@ -27,7 +27,7 @@
+
+ for (bus = 0; bus < 256; bus++)
+ {
-+ id = pci_conf_read32(bus, 0x14, 0, PCI_VENDOR_ID);
++ id = pci_conf_read32(0, bus, 0x14, 0, PCI_VENDOR_ID);
+
+ vendor_id = id & 0xffff;
+ dev_id = (id >> 16) & 0xffff;
@@ -36,7 +36,7 @@
+ if (vendor_id != 0x1002 || dev_id != 0x4385)
+ continue;
+
-+ byte = pci_conf_read8(bus, 0x14, 0, 0xad);
++ byte = pci_conf_read8(0, bus, 0x14, 0, 0xad);
+ if ( (byte >> 3) & 1 )
+ {
+ printk(XENLOG_WARNING "AMD-Vi: SP5100 erratum 28 detected, disabling IOMMU.\n"
@@ -57,6 +57,6 @@
+ if ( amd_iommu_perdev_intremap && amd_sp5100_erratum28() )
+ goto error_out;
+
- irq_to_iommu = xmalloc_array(struct amd_iommu *, nr_irqs);
- if ( irq_to_iommu == NULL )
- goto error_out;
+ ivrs_bdf_entries = amd_iommu_get_ivrs_dev_entries();
+
+ if ( !ivrs_bdf_entries )
Modified: trunk/xen/debian/patches/CVE-2013-0153-4
==============================================================================
--- trunk/xen/debian/patches/CVE-2013-0153-4 Thu Feb 14 20:01:00 2013 (r1145)
+++ trunk/xen/debian/patches/CVE-2013-0153-4 Thu Feb 14 20:07:04 2013 (r1146)
@@ -6,11 +6,11 @@
Origin: upstream, commit:23451:e5ed73d172eb
Id: CVE-2013-0153
---
---- a/xen/arch/x86/irq.c Tue Feb 05 15:36:11 2013 +0100
-+++ b/xen/arch/x86/irq.c Tue Feb 05 15:36:34 2013 +0100
-@@ -1677,9 +1677,6 @@
- d->arch.pirq_irq[pirq] = irq;
- d->arch.irq_pirq[irq] = pirq;
+--- a/xen/arch/x86/irq.c Tue Feb 05 15:30:31 2013 +0100
++++ b/xen/arch/x86/irq.c Tue Feb 05 15:30:59 2013 +0100
+@@ -1942,9 +1942,6 @@
+ spin_lock_irqsave(&desc->lock, flags);
+ set_domain_irq_pirq(d, irq, info);
spin_unlock_irqrestore(&desc->lock, flags);
-
- if ( opt_irq_vector_map == OPT_IRQ_VECTOR_MAP_PERDEV )
@@ -18,9 +18,9 @@
}
done:
---- a/xen/drivers/passthrough/amd/pci_amd_iommu.c Tue Feb 05 15:36:11 2013 +0100
-+++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c Tue Feb 05 15:36:34 2013 +0100
-@@ -195,6 +195,8 @@
+--- a/xen/drivers/passthrough/amd/pci_amd_iommu.c Tue Feb 05 15:30:31 2013 +0100
++++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c Tue Feb 05 15:30:59 2013 +0100
+@@ -205,6 +205,8 @@
{
printk("AMD-Vi: Not overriding irq_vector_map setting\n");
}
@@ -29,23 +29,14 @@
return scan_pci_devices();
}
---- a/xen/drivers/passthrough/iommu.c Tue Feb 05 15:36:11 2013 +0100
-+++ b/xen/drivers/passthrough/iommu.c Tue Feb 05 15:36:34 2013 +0100
-@@ -49,7 +49,7 @@
+--- a/xen/drivers/passthrough/iommu.c Tue Feb 05 15:30:31 2013 +0100
++++ b/xen/drivers/passthrough/iommu.c Tue Feb 05 15:30:59 2013 +0100
+@@ -52,7 +52,7 @@
bool_t __read_mostly iommu_intremap = 1;
- bool_t __read_mostly iommu_hap_pt_share;
- bool_t __read_mostly amd_iommu_debug;
+ bool_t __read_mostly iommu_hap_pt_share = 1;
+ bool_t __read_mostly iommu_debug;
-bool_t __read_mostly amd_iommu_perdev_intremap;
+bool_t __read_mostly amd_iommu_perdev_intremap = 1;
- static void __init parse_iommu_param(char *s)
- {
-@@ -78,6 +78,8 @@
- amd_iommu_debug = 1;
- else if ( !strcmp(s, "amd-iommu-perdev-intremap") )
- amd_iommu_perdev_intremap = 1;
-+ else if ( !strcmp(s, "amd-iommu-global-intremap") )
-+ amd_iommu_perdev_intremap = 0;
- else if ( !strcmp(s, "dom0-passthrough") )
- iommu_passthrough = 1;
- else if ( !strcmp(s, "dom0-strict") )
+ DEFINE_PER_CPU(bool_t, iommu_dont_flush_iotlb);
+
More information about the Pkg-xen-changes
mailing list