Minix/pkgsrc-ng
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Import of pkgsrc-2016Q3

Browse Source
This commit is contained in:
Lionel Sambuc
2016-10-14 07:49:11 +02:00
committed by Lionel Sambuc
parent 9d819b6d54
commit 1242aa1e36
35952 changed files with 949749 additions and 377083 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
sysutils/xentools41/Makefile
View File

@@ -1,11 +1,11 @@
# $NetBSD: Makefile,v 1.56 2015/08/18 07:31:18 wiz Exp $
# $NetBSD: Makefile,v 1.63 2016/07/09 13:04:08 wiz Exp $
#
# VERSION is set in version.mk as it is shared with other packages
.include "version.mk"
DISTNAME= xen-${VERSION}
PKGNAME= xentools41-${VERSION}
PKGREVISION= 13
PKGREVISION= 16
CATEGORIES= sysutils
MASTER_SITES= http://bits.xensource.com/oss-xen/release/${VERSION}/
@@ -13,7 +13,7 @@ DISTFILES= ${DISTNAME}.tar.gz
DISTFILES+= ipxe-git-v${VERSION_IPXE}.tar.gz
SITES.ipxe-git-v${VERSION_IPXE}.tar.gz += http://xenbits.xensource.com/xen-extfiles/
MAINTAINER= cegger@NetBSD.org
MAINTAINER= pkgsrc-users@NetBSD.org
HOMEPAGE= http://xen.org/
COMMENT= Userland Tools for Xen 4.1.x
@@ -28,7 +28,7 @@ BUILD_DEPENDS+= dev86-[0-9]*:../../devel/dev86 # needed to build firmware
BUILD_DEPENDS+= acpica-utils-[0-9]*:../../sysutils/acpica-utils
.endif
PYTHON_VERSIONS_INCOMPATIBLE= 33 34 # py-xml
PYTHON_VERSIONS_INCOMPATIBLE= 34 35 # py-xml
PKG_SYSCONFSUBDIR= xen
@@ -107,20 +107,19 @@ SUBST_FILES.conf+= python/xen/xm/create.py
SUBST_FILES.conf+= ocaml/xenstored/define.ml
SUBST_SED.conf= -e "s,@XENDCONFDIR@,${PKG_SYSCONFDIR},g"
.include "../../mk/bsd.prefs.mk"
XEND_SCRIPTS= block vif-bridge vif-ip qemu-ifup hotplugpath.sh
.if ${OPSYS} == "NetBSD"
SUBST_CLASSES+= proc
SUBST_CLASSES.NetBSD+= proc
SUBST_STAGE.proc= pre-configure
SUBST_FILES.proc= python/xen/xend/XendVnet.py
SUBST_FILES.proc+= ocaml/xenstored/define.ml
SUBST_SED.proc= -e "s|/proc|/kern|g"
PROCPATH= /kern
.else
PROCPATH= /proc
.endif
OPSYSVARS+= PROCPATH
PROCPATH.NetBSD= /kern
PROCPATH.*= /proc
.include "../../mk/bsd.prefs.mk"
SUBST_CLASSES+= procdev
SUBST_STAGE.procdev= pre-configure
@@ -175,7 +174,8 @@ post-install:
${INSTALL_DATA} ${WRKDIR}/xmdomain.cfg.5 ${DESTDIR}${PREFIX}/${PKGMANDIR}/man5
${INSTALL_DATA} ${WRKDIR}/xm.1 ${DESTDIR}${PREFIX}/${PKGMANDIR}/man1
.if ${OPSYS} == "NetBSD" && !exists(/var/shm)
.if (${OPSYS} == "NetBSD" && \
(empty(OS_VERSION:M6.99.[3-9]?) && empty(OS_VERSION:M[7-9].*)))
CPPFLAGS+= -Dshm_open=open -Dshm_unlink=unlink
.endif

6
sysutils/xentools41/distinfo
View File

@@ -1,10 +1,12 @@
$NetBSD: distinfo,v 1.39 2015/06/11 17:42:43 bouyer Exp $
$NetBSD: distinfo,v 1.41 2016/01/07 17:55:55 bouyer Exp $
SHA1 (ipxe-git-v1.0.0.tar.gz) = da052c8de5f3485fe0253c19cf52ed6d72528485
RMD160 (ipxe-git-v1.0.0.tar.gz) = dcd9b6eaafa1ce05c1ebf2a15f2f73ad7a8c5547
SHA512 (ipxe-git-v1.0.0.tar.gz) = 6921fb857ca615899a5912d5590ca36b6f46daf828b85edc75461c08a189d9fed71ee74a82e42724da7a1355e45070d28a0a61694b3a4872c3554390e4bb4147
Size (ipxe-git-v1.0.0.tar.gz) = 1996881 bytes
SHA1 (xen-4.1.6.1.tar.gz) = e5f15feb0821578817a65ede16110c6eac01abd0
RMD160 (xen-4.1.6.1.tar.gz) = bff11421fc44a26f2cc3156713267abcb36d7a19
SHA512 (xen-4.1.6.1.tar.gz) = 5f6106514ffb57708009e3d6763824b13d9038699048d1a91fa09ad223e0391b92b6ea0f25714a0bbf8ac8373c58fc7871ca0bce9c3ff7873d41fb2eeae13ed8
Size (xen-4.1.6.1.tar.gz) = 10428485 bytes
SHA1 (patch-.._.._ipxe_src_arch_i386_include_librm.h) = 4549ac641b112321b4731a918d85219c3fce6808
SHA1 (patch-.._.._ipxe_src_core_settings.c) = 240ff973757403b983f12b2cbed826584c4a8aba
@@ -13,6 +15,8 @@ SHA1 (patch-.._Config.mk) = 9b971a41f67bb3974d3a4459bb9d96fbbd636c96
SHA1 (patch-CVE-2014-1950) = b0d900722fd0f59a50f1e1eda1471105d5b557e5
SHA1 (patch-CVE-2015-2752) = f9bca0b8744233e20ff97c3e8e2e404522e87f49
SHA1 (patch-CVE-2015-2756) = 07aaac4bcd0dfc6d708c1823288b9fc789ebd125
SHA1 (patch-CVE-2015-8550) = dfd72a54d27211c1059579819b9b4c702399a0fc
SHA1 (patch-CVE-2015-8554) = 7f444009519399038c657fa3e59fd2170f99bb70
SHA1 (patch-aa) = 9b53ba4a809dad7a1de34c8fa0dbe493d7256ada
SHA1 (patch-ab) = 0906a5ec3a7450fc987b01289e2560e60966d00d
SHA1 (patch-ac) = c3cc5335a1d6b066307c5f03fe72f513a9eb2bdb

134
sysutils/xentools41/patches/patch-CVE-2015-8550 Normal file
View File

@@ -0,0 +1,134 @@
$NetBSD: patch-CVE-2015-8550,v 1.1 2016/01/07 17:55:55 bouyer Exp $
patch for CVE-2015-8550 aka XSA-155 from
http://xenbits.xenproject.org/xsa/xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch
http://xenbits.xenproject.org/xsa/xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch
http://xenbits.xenproject.org/xsa/xsa155-qemut-qdisk-double-access.patch
http://xenbits.xenproject.org/xsa/xsa155-qemut-xenfb.patch
--- ../xen/include/public/io/ring.h.orig
+++ ../xen/include/public/io/ring.h
@@ -212,6 +212,20 @@ typedef struct __name##_back_ring __name##_back_ring_t
#define RING_GET_REQUEST(_r, _idx) \
(&((_r)->sring->ring[((_idx) & (RING_SIZE(_r) - 1))].req))
+/*
+ * Get a local copy of a request.
+ *
+ * Use this in preference to RING_GET_REQUEST() so all processing is
+ * done on a local copy that cannot be modified by the other end.
+ *
+ * Note that https://gcc.gnu.org/bugzilla/show_bug.cgi?id=58145 may cause this
+ * to be ineffective where _req is a struct which consists of only bitfields.
+ */
+#define RING_COPY_REQUEST(_r, _idx, _req) do { \
+ /* Use volatile to force the copy into _req. */ \
+ *(_req) = *(volatile typeof(_req))RING_GET_REQUEST(_r, _idx); \
+} while (0)
+
#define RING_GET_RESPONSE(_r, _idx) \
(&((_r)->sring->ring[((_idx) & (RING_SIZE(_r) - 1))].rsp))
--- blktap2/drivers/block-log.c.orig
+++ blktap2/drivers/block-log.c
@@ -494,11 +494,12 @@ static int ctl_kick(struct tdlog_state* s, int fd)
reqstart = s->bring.req_cons;
reqend = s->sring->req_prod;
+ xen_mb();
BDPRINTF("ctl: ring kicked (start = %u, end = %u)", reqstart, reqend);
while (reqstart != reqend) {
/* XXX actually submit these! */
- memcpy(&req, RING_GET_REQUEST(&s->bring, reqstart), sizeof(req));
+ RING_COPY_REQUEST(&s->bring, reqstart, &req);
BDPRINTF("ctl: read request %"PRIu64":%u", req.sector, req.count);
s->bring.req_cons = ++reqstart;
--- blktap2/drivers/tapdisk-vbd.c.orig
+++ blktap2/drivers/tapdisk-vbd.c
@@ -1555,7 +1555,7 @@ tapdisk_vbd_pull_ring_requests(td_vbd_t *vbd)
int idx;
RING_IDX rp, rc;
td_ring_t *ring;
- blkif_request_t *req;
+ blkif_request_t req;
td_vbd_request_t *vreq;
ring = &vbd->ring;
@@ -1566,16 +1566,16 @@ tapdisk_vbd_pull_ring_requests(td_vbd_t *vbd)
xen_rmb();
for (rc = ring->fe_ring.req_cons; rc != rp; rc++) {
- req = RING_GET_REQUEST(&ring->fe_ring, rc);
+ RING_COPY_REQUEST(&ring->fe_ring, rc, &req);
++ring->fe_ring.req_cons;
- idx = req->id;
+ idx = req.id;
vreq = &vbd->request_list[idx];
ASSERT(list_empty(&vreq->next));
ASSERT(vreq->secs_pending == 0);
- memcpy(&vreq->req, req, sizeof(blkif_request_t));
+ memcpy(&vreq->req, &req, sizeof(blkif_request_t));
vbd->received++;
vreq->vbd = vbd;
--- ioemu-qemu-xen/hw/xen_blkif.h.orig
+++ ioemu-qemu-xen/hw/xen_blkif.h
@@ -79,8 +79,10 @@ static inline void blkif_get_x86_32_req(blkif_request_t *dst, blkif_x86_32_reque
dst->handle = src->handle;
dst->id = src->id;
dst->sector_number = src->sector_number;
- if (n > src->nr_segments)
- n = src->nr_segments;
+ /* prevent the compiler from optimizing the code and using src->nr_segments instead */
+ xen_mb();
+ if (n > dst->nr_segments)
+ n = dst->nr_segments;
for (i = 0; i < n; i++)
dst->seg[i] = src->seg[i];
}
@@ -94,8 +96,10 @@ static inline void blkif_get_x86_64_req(blkif_request_t *dst, blkif_x86_64_reque
dst->handle = src->handle;
dst->id = src->id;
dst->sector_number = src->sector_number;
- if (n > src->nr_segments)
- n = src->nr_segments;
+ /* prevent the compiler from optimizing the code and using src->nr_segments instead */
+ xen_mb();
+ if (n > dst->nr_segments)
+ n = dst->nr_segments;
for (i = 0; i < n; i++)
dst->seg[i] = src->seg[i];
}
--- ioemu-qemu-xen/hw/xenfb.c
+++ ioemu-qemu-xen/hw/xenfb.c
@@ -827,18 +827,20 @@ static void xenfb_invalidate(void *opaque)
static void xenfb_handle_events(struct XenFB *xenfb)
{
- uint32_t prod, cons;
+ uint32_t prod, cons, out_cons;
struct xenfb_page *page = xenfb->c.page;
prod = page->out_prod;
- if (prod == page->out_cons)
+ out_cons = page->out_cons;
+ if (prod == out_cons)
return;
xen_rmb(); /* ensure we see ring contents up to prod */
- for (cons = page->out_cons; cons != prod; cons++) {
+ for (cons = out_cons; cons != prod; cons++) {
union xenfb_out_event *event = &XENFB_OUT_RING_REF(page, cons);
+ uint8_t type = event->type;
int x, y, w, h;
- switch (event->type) {
+ switch (type) {
case XENFB_TYPE_UPDATE:
if (xenfb->up_count == UP_QUEUE)
xenfb->up_fullscreen = 1;

21
sysutils/xentools41/patches/patch-CVE-2015-8554 Normal file
View File

@@ -0,0 +1,21 @@
$NetBSD: patch-CVE-2015-8554,v 1.1 2016/01/07 17:55:55 bouyer Exp $
patch for CVE-2015-8554 aka XSA-164 from
http://xenbits.xenproject.org/xsa/xsa164.patch
--- ioemu-qemu-xen/hw/pt-msi.c.orig
+++ ioemu-qemu-xen/hw/pt-msi.c
@@ -440,6 +440,13 @@ static void pci_msix_writel(void *opaque
return;
}
+ if ( addr - msix->mmio_base_addr >= msix->total_entries * 16 )
+ {
+ PT_LOG("Error: Out of bounds write to MSI-X table,"
+ " addr %016"PRIx64"\n", addr);
+ return;
+ }
+
entry_nr = (addr - msix->mmio_base_addr) / 16;
entry = &msix->msix_entry[entry_nr];
offset = ((addr - msix->mmio_base_addr) % 16) / 4;