head	1.2;
access;
symbols
	pkgsrc-2013Q2:1.2.0.4
	pkgsrc-2013Q2-base:1.2
	pkgsrc-2012Q4:1.2.0.2
	pkgsrc-2012Q4-base:1.2
	pkgsrc-2012Q2:1.1.0.2;
locks; strict;
comment	@# @;


1.2
date	2012.09.12.11.04.17;	author drochner;	state dead;
branches;
next	1.1;

1.1
date	2012.07.27.18.50.34;	author drochner;	state Exp;
branches
	1.1.2.1;
next	;

1.1.2.1
date	2012.07.27.18.50.34;	author tron;	state dead;
branches;
next	1.1.2.2;

1.1.2.2
date	2012.07.31.18.29.37;	author tron;	state Exp;
branches;
next	;


desc
@@


1.2
log
@update to 4.1.3
also add security patches from upstream (for CVE-2012-3497, no patches
are available yet)

changes:
-fixes for vulnerabilities were integrated
-many bug fixes and improvements, Highlights are:
 -Updates for the latest Intel/AMD CPU revisions
 -Bug fixes for IOMMU handling (device passthrough to HVM guests)

approved by maintainer
@
text
@$NetBSD: patch-CVE-2012-3432,v 1.1 2012/07/27 18:50:34 drochner Exp $

see http://lists.xen.org/archives/html/xen-devel/2012-07/msg01649.html

--- xen/arch/x86/hvm/io.c.orig	2012-07-27 18:34:15.000000000 +0000
+++ xen/arch/x86/hvm/io.c
@@@@ -176,6 +176,8 @@@@ int handle_mmio(void)
 
     rc = hvm_emulate_one(&ctxt);
 
+    if ( rc != X86EMUL_RETRY )
+        curr->arch.hvm_vcpu.io_state = HVMIO_none;
     if ( curr->arch.hvm_vcpu.io_state == HVMIO_awaiting_completion )
         curr->arch.hvm_vcpu.io_state = HVMIO_handle_mmio_awaiting_completion;
     else
@


1.1
log
@add patch from upstream to fix bug in MMIO emulation which can cause
guest crashes by unprivileged users, only for HVM guests, and if
MMIO is granted to the user process (CVE-2012-3432)
bump PKGREV
@
text
@d1 1
a1 1
$NetBSD$
@


1.1.2.1
log
@file patch-CVE-2012-3432 was added on branch pkgsrc-2012Q2 on 2012-07-31 18:29:37 +0000
@
text
@d1 15
@


1.1.2.2
log
@Pullup ticket #3885 - requested by drochner
sysutils/xenkernel33: security patch
sysutils/xenkernel41: security patch

Revisions pulled up:
- sysutils/xenkernel33/Makefile                                 1.18
- sysutils/xenkernel33/distinfo                                 1.16
- sysutils/xenkernel33/patches/patch-CVE-2012-3432              1.1
- sysutils/xenkernel41/Makefile                                 1.8
- sysutils/xenkernel41/distinfo                                 1.8
- sysutils/xenkernel41/patches/patch-CVE-2012-3432              1.1

---
   Module Name:    pkgsrc
   Committed By:   drochner
   Date:           Fri Jul 27 18:50:34 UTC 2012

   Modified Files:
           pkgsrc/sysutils/xenkernel41: Makefile distinfo
   Added Files:
           pkgsrc/sysutils/xenkernel41/patches: patch-CVE-2012-3432

   Log Message:
   add patch from upstream to fix bug in MMIO emulation which can cause
   guest crashes by unprivileged users, only for HVM guests, and if
   MMIO is granted to the user process (CVE-2012-3432)
   bump PKGREV

---
   Module Name:    pkgsrc
   Committed By:   drochner
   Date:           Sat Jul 28 12:02:16 UTC 2012

   Modified Files:
           pkgsrc/sysutils/xenkernel33: Makefile distinfo
   Added Files:
           pkgsrc/sysutils/xenkernel33/patches: patch-CVE-2012-3432

   Log Message:
   copy security patch from xenkernel41 - it also applies to 3.3
   (noticed by Daniel Horecki)
   bump PKGREV
@
text
@a0 15
$NetBSD$

see http://lists.xen.org/archives/html/xen-devel/2012-07/msg01649.html

--- xen/arch/x86/hvm/io.c.orig	2012-07-27 18:34:15.000000000 +0000
+++ xen/arch/x86/hvm/io.c
@@@@ -176,6 +176,8 @@@@ int handle_mmio(void)
 
     rc = hvm_emulate_one(&ctxt);
 
+    if ( rc != X86EMUL_RETRY )
+        curr->arch.hvm_vcpu.io_state = HVMIO_none;
     if ( curr->arch.hvm_vcpu.io_state == HVMIO_awaiting_completion )
         curr->arch.hvm_vcpu.io_state = HVMIO_handle_mmio_awaiting_completion;
     else
@