diff options
author | Christopher Clark <christopher.w.clark@gmail.com> | 2018-01-08 23:12:48 -0800 |
---|---|---|
committer | Bruce Ashfield <bruce.ashfield@windriver.com> | 2018-01-12 10:37:47 -0500 |
commit | dc3e72a8f487f917aaec853228f42dcd2b0a4e5b (patch) | |
tree | 1da4488b9e1d41b9a6ddfe2f6259bae2f2d8c3e3 | |
parent | 4ff3c5474f50c9e12fc0c32e0d4d5e99db933032 (diff) | |
download | meta-virtualization-dc3e72a8f487f917aaec853228f42dcd2b0a4e5b.tar.gz |
xen: for 4.10.0: XSA-253 / CVE-2018-5244 patch
Fix a memory leak with MSR emulation on x86.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
-rw-r--r-- | recipes-extended/xen/files/xsa253.patch | 26 | ||||
-rw-r--r-- | recipes-extended/xen/xen_4.10.0.bb | 2 |
2 files changed, 28 insertions, 0 deletions
diff --git a/recipes-extended/xen/files/xsa253.patch b/recipes-extended/xen/files/xsa253.patch new file mode 100644 index 00000000..19e42693 --- /dev/null +++ b/recipes-extended/xen/files/xsa253.patch | |||
@@ -0,0 +1,26 @@ | |||
1 | From: Andrew Cooper <andrew.cooper3@citrix.com> | ||
2 | Subject: x86/msr: Free msr_vcpu_policy during vcpu destruction | ||
3 | |||
4 | c/s 4187f79dc7 "x86/msr: introduce struct msr_vcpu_policy" introduced a | ||
5 | per-vcpu memory allocation, but failed to free it in the clean vcpu | ||
6 | destruction case. | ||
7 | |||
8 | This is XSA-253 | ||
9 | |||
10 | Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> | ||
11 | Reviewed-by: Jan Beulich <jbeulich@suse.com> | ||
12 | |||
13 | diff --git a/xen/arch/x86/domain.c b/xen/arch/x86/domain.c | ||
14 | index b17468c..0ae715d 100644 | ||
15 | --- a/xen/arch/x86/domain.c | ||
16 | +++ b/xen/arch/x86/domain.c | ||
17 | @@ -382,6 +382,9 @@ void vcpu_destroy(struct vcpu *v) | ||
18 | |||
19 | vcpu_destroy_fpu(v); | ||
20 | |||
21 | + xfree(v->arch.msr); | ||
22 | + v->arch.msr = NULL; | ||
23 | + | ||
24 | if ( !is_idle_domain(v->domain) ) | ||
25 | vpmu_destroy(v); | ||
26 | |||
diff --git a/recipes-extended/xen/xen_4.10.0.bb b/recipes-extended/xen/xen_4.10.0.bb index 1e14c865..d314b9b6 100644 --- a/recipes-extended/xen/xen_4.10.0.bb +++ b/recipes-extended/xen/xen_4.10.0.bb | |||
@@ -1,7 +1,9 @@ | |||
1 | FILESEXTRAPATHS_prepend := "${THISDIR}/files:" | ||
1 | require xen.inc | 2 | require xen.inc |
2 | 3 | ||
3 | SRC_URI = " \ | 4 | SRC_URI = " \ |
4 | https://downloads.xenproject.org/release/xen/${PV}/xen-${PV}.tar.gz \ | 5 | https://downloads.xenproject.org/release/xen/${PV}/xen-${PV}.tar.gz \ |
6 | file://xsa253.patch \ | ||
5 | " | 7 | " |
6 | 8 | ||
7 | SRC_URI[md5sum] = "ab9d320d02cb40f6b40506aed1a38d58" | 9 | SRC_URI[md5sum] = "ab9d320d02cb40f6b40506aed1a38d58" |