summary refs log tree commit diff
path: root/gnu/packages/patches/qemu-CVE-2015-4106-pt2.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches/qemu-CVE-2015-4106-pt2.patch')
-rw-r--r--gnu/packages/patches/qemu-CVE-2015-4106-pt2.patch81
1 files changed, 81 insertions, 0 deletions
diff --git a/gnu/packages/patches/qemu-CVE-2015-4106-pt2.patch b/gnu/packages/patches/qemu-CVE-2015-4106-pt2.patch
new file mode 100644
index 0000000000..2eeb7ef0af
--- /dev/null
+++ b/gnu/packages/patches/qemu-CVE-2015-4106-pt2.patch
@@ -0,0 +1,81 @@
+From d61bb2482dc0c7426f451f23ba7e2748ae2cc06d Mon Sep 17 00:00:00 2001
+From: Jan Beulich <jbeulich@suse.com>
+Date: Tue, 2 Jun 2015 15:07:01 +0000
+Subject: [PATCH] xen/pt: consolidate PM capability emu_mask
+
+There's no point in xen_pt_pmcsr_reg_{read,write}() each ORing
+PCI_PM_CTRL_STATE_MASK and PCI_PM_CTRL_NO_SOFT_RESET into a local
+emu_mask variable - we can have the same effect by setting the field
+descriptor's emu_mask member suitably right away. Note that
+xen_pt_pmcsr_reg_write() is being retained in order to allow later
+patches to be less intrusive.
+
+This is a preparatory patch for XSA-131.
+
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
+Acked-by: Ian Campbell <ian.campbell@citrix.com>
+---
+ hw/xen/xen_pt_config_init.c | 25 ++++---------------------
+ 1 file changed, 4 insertions(+), 21 deletions(-)
+
+diff --git a/hw/xen/xen_pt_config_init.c b/hw/xen/xen_pt_config_init.c
+index 436d0fd..516236a 100644
+--- a/hw/xen/xen_pt_config_init.c
++++ b/hw/xen/xen_pt_config_init.c
+@@ -933,38 +933,21 @@ static XenPTRegInfo xen_pt_emu_reg_pcie[] = {
+  * Power Management Capability
+  */
+ 
+-/* read Power Management Control/Status register */
+-static int xen_pt_pmcsr_reg_read(XenPCIPassthroughState *s, XenPTReg *cfg_entry,
+-                                 uint16_t *value, uint16_t valid_mask)
+-{
+-    XenPTRegInfo *reg = cfg_entry->reg;
+-    uint16_t valid_emu_mask = reg->emu_mask;
+-
+-    valid_emu_mask |= PCI_PM_CTRL_STATE_MASK | PCI_PM_CTRL_NO_SOFT_RESET;
+-
+-    valid_emu_mask = valid_emu_mask & valid_mask;
+-    *value = XEN_PT_MERGE_VALUE(*value, cfg_entry->data, ~valid_emu_mask);
+-
+-    return 0;
+-}
+ /* write Power Management Control/Status register */
+ static int xen_pt_pmcsr_reg_write(XenPCIPassthroughState *s,
+                                   XenPTReg *cfg_entry, uint16_t *val,
+                                   uint16_t dev_value, uint16_t valid_mask)
+ {
+     XenPTRegInfo *reg = cfg_entry->reg;
+-    uint16_t emu_mask = reg->emu_mask;
+     uint16_t writable_mask = 0;
+     uint16_t throughable_mask = 0;
+ 
+-    emu_mask |= PCI_PM_CTRL_STATE_MASK | PCI_PM_CTRL_NO_SOFT_RESET;
+-
+     /* modify emulate register */
+-    writable_mask = emu_mask & ~reg->ro_mask & valid_mask;
++    writable_mask = reg->emu_mask & ~reg->ro_mask & valid_mask;
+     cfg_entry->data = XEN_PT_MERGE_VALUE(*val, cfg_entry->data, writable_mask);
+ 
+     /* create value for writing to I/O device register */
+-    throughable_mask = ~emu_mask & valid_mask;
++    throughable_mask = ~reg->emu_mask & valid_mask;
+     *val = XEN_PT_MERGE_VALUE(*val, dev_value, throughable_mask);
+ 
+     return 0;
+@@ -1000,9 +983,9 @@ static XenPTRegInfo xen_pt_emu_reg_pm[] = {
+         .size       = 2,
+         .init_val   = 0x0008,
+         .ro_mask    = 0xE1FC,
+-        .emu_mask   = 0x8100,
++        .emu_mask   = 0x810B,
+         .init       = xen_pt_common_reg_init,
+-        .u.w.read   = xen_pt_pmcsr_reg_read,
++        .u.w.read   = xen_pt_word_reg_read,
+         .u.w.write  = xen_pt_pmcsr_reg_write,
+     },
+     {
+-- 
+2.2.1
+
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-29 08:45:46 +0000