head	1.2;
access;
symbols
	pkgsrc-2013Q2:1.1.0.2
	pkgsrc-2013Q2-base:1.1;
locks; strict;
comment	@# @;


1.2
date	2013.09.11.18.00.33;	author drochner;	state dead;
branches;
next	1.1;
commitid	76aqq1Rgu8ITY25x;

1.1
date	2013.05.03.16.48.38;	author drochner;	state Exp;
branches;
next	;


desc
@@


1.2
log
@update to 4.1.6.1
This release fixes the following critical vulnerabilities:
CVE-2013-1918 / XSA-45: Several long latency operations are not
 preemptible
CVE-2013-1952 / XSA-49: VT-d interrupt remapping source validation flaw
 for bridges
CVE-2013-2076 / XSA-52: Information leak on XSAVE/XRSTOR capable AMD CPUs
CVE-2013-2077 / XSA-53: Hypervisor crash due to missing exception
 recovery on XRSTOR
CVE-2013-2078 / XSA-54: Hypervisor crash due to missing exception
 recovery on XSETBV
CVE-2013-2194, CVE-2013-2195, CVE-2013-2196 / XSA-55: Multiple
 vulnerabilities in libelf PV kernel handling
CVE-2013-2072 / XSA-56: Buffer overflow in xencontrol Python bindings
 affecting xend
CVE-2013-2211 / XSA-57: libxl allows guest write access to sensitive
 console related xenstore keys
CVE-2013-1432 / XSA-58: Page reference counting error due to
 XSA-45/CVE-2013-1918 fixes
XSA-61: libxl partially sets up HVM passthrough even with disabled iommu
This release contains many bug fixes and improvements. The highlights are:
addressing a regression from the fix for XSA-21
addressing a regression from the fix for XSA-46
bug fixes to low level system state handling, including certain
 hardware errata workarounds

(CVE-2013-1918 and CVE-2013-1952 were patched in pkgsrc before)
@
text
@$NetBSD: patch-CVE-2013-1918_6,v 1.1 2013/05/03 16:48:38 drochner Exp $

--- xen/common/domctl.c.orig	2013-05-03 13:37:03.000000000 +0000
+++ xen/common/domctl.c
@@@@ -286,8 +286,10 @@@@ long do_domctl(XEN_GUEST_HANDLE(xen_domc
 
         if ( guest_handle_is_null(op->u.vcpucontext.ctxt) )
         {
-            vcpu_reset(v);
-            ret = 0;
+            ret = vcpu_reset(v);
+            if ( ret == -EAGAIN )
+                ret = hypercall_create_continuation(
+                          __HYPERVISOR_domctl, "h", u_domctl);
             goto svc_out;
         }
 
@@@@ -316,6 +318,10 @@@@ long do_domctl(XEN_GUEST_HANDLE(xen_domc
             domain_pause(d);
             ret = arch_set_info_guest(v, c);
             domain_unpause(d);
+
+            if ( ret == -EAGAIN )
+                ret = hypercall_create_continuation(
+                          __HYPERVISOR_domctl, "h", u_domctl);
         }
 
     svc_out:
@


1.1
log
@update to 4.1.5
This integrates fixes for all vulnerabilities which were patched
in pkgsrc before.
Among many bug fixes and improvements (around 50 since Xen 4.1.4):
 * ACPI APEI/ERST finally working on production systems
 * Bug fixes for other low level system state handling
 * Support for xz compressed Dom0 and DomU kernels
@
text
@d1 1
a1 1
$NetBSD$
@