Hello community, here is the log from the commit of package xen for openSUSE:Factory checked in at 2018-04-27 16:00:36 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/xen (Old) and /work/SRC/openSUSE:Factory/.xen.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "xen" Fri Apr 27 16:00:36 2018 rev:246 rq:601072 version:4.10.0_18 Changes: -------- --- /work/SRC/openSUSE:Factory/xen/xen.changes 2018-03-30 12:00:43.480265750 +0200 +++ /work/SRC/openSUSE:Factory/.xen.new/xen.changes 2018-04-27 16:00:39.633358022 +0200 @@ -1,0 +2,16 @@ +Mon Apr 16 14:03:24 MDT 2018 - carnold@suse.com + +- bsc#1089152 - VUL-0: xen: Information leak via crafted + user-supplied CDROM (XSA-258) + xsa258.patch +- bsc#1089635 - VUL-0: xen: x86: PV guest may crash Xen with XPTI + (XSA-259) + xsa259.patch + +------------------------------------------------------------------- +Wed Mar 28 08:28:59 UTC 2018 - ohering@suse.de + +- Preserve xen-syms from xen-dbg.gz to allow processing vmcores + with crash(1) (bsc#1087251) + +------------------------------------------------------------------- New: ---- xsa258.patch xsa259.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ xen.spec ++++++ --- /var/tmp/diff_new_pack.bxKPP6/_old 2018-04-27 16:00:46.281114042 +0200 +++ /var/tmp/diff_new_pack.bxKPP6/_new 2018-04-27 16:00:46.289113748 +0200 @@ -126,7 +126,7 @@ BuildRequires: pesign-obs-integration %endif -Version: 4.10.0_16 +Version: 4.10.0_18 Release: 0 Summary: Xen Virtualization: Hypervisor (aka VMM aka Microkernel) License: GPL-2.0 @@ -224,6 +224,8 @@ Patch61: 5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch Patch62: 5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch Patch63: 5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch +Patch258: xsa258.patch +Patch259: xsa259.patch # Our platform specific patches Patch400: xen-destdir.patch Patch401: vif-bridge-no-iptables.patch @@ -477,6 +479,8 @@ %patch61 -p1 %patch62 -p1 %patch63 -p1 +%patch258 -p1 +%patch259 -p1 # Our platform specific patches %patch400 -p1 %patch401 -p1 @@ -815,6 +819,8 @@ find $RPM_BUILD_ROOT/boot -ls if [ -n "$1" ]; then ext="-$1" + mv $RPM_BUILD_ROOT/boot/xen-syms-${XEN_FULLVERSION} \ + $RPM_BUILD_ROOT/boot/xen-syms${ext}-${XEN_FULLVERSION} mv $RPM_BUILD_ROOT/boot/xen-${XEN_FULLVERSION}%{xen_install_suffix} \ $RPM_BUILD_ROOT/boot/xen${ext}-${XEN_FULLVERSION}%{xen_install_suffix} if test -d $RPM_BUILD_ROOT%{_libdir}/efi; then ++++++ libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch ++++++ --- /var/tmp/diff_new_pack.bxKPP6/_old 2018-04-27 16:00:47.845056643 +0200 +++ /var/tmp/diff_new_pack.bxKPP6/_new 2018-04-27 16:00:47.849056497 +0200 @@ -87,7 +87,7 @@ =================================================================== --- xen-4.10.0-testing.orig/tools/libxl/libxl_dm.c +++ xen-4.10.0-testing/tools/libxl/libxl_dm.c -@@ -805,6 +805,19 @@ enum { +@@ -792,6 +792,19 @@ enum { LIBXL__COLO_SECONDARY, }; @@ -107,7 +107,7 @@ static char *qemu_disk_scsi_drive_string(libxl__gc *gc, const char *target_path, int unit, const char *format, const libxl_device_disk *disk, -@@ -818,8 +831,8 @@ static char *qemu_disk_scsi_drive_string +@@ -805,8 +818,8 @@ static char *qemu_disk_scsi_drive_string switch (colo_mode) { case LIBXL__COLO_NONE: drive = libxl__sprintf @@ -118,7 +118,7 @@ break; case LIBXL__COLO_PRIMARY: /* -@@ -832,13 +845,15 @@ static char *qemu_disk_scsi_drive_string +@@ -819,13 +832,15 @@ static char *qemu_disk_scsi_drive_string * vote-threshold=1 */ drive = GCSPRINTF( @@ -136,7 +136,7 @@ break; case LIBXL__COLO_SECONDARY: /* -@@ -852,7 +867,7 @@ static char *qemu_disk_scsi_drive_string +@@ -839,7 +854,7 @@ static char *qemu_disk_scsi_drive_string * file.backing.backing=exportname, */ drive = GCSPRINTF( @@ -145,7 +145,7 @@ "driver=replication," "mode=secondary," "top-id=top-colo," -@@ -861,7 +876,9 @@ static char *qemu_disk_scsi_drive_string +@@ -848,7 +863,9 @@ static char *qemu_disk_scsi_drive_string "file.backing.driver=qcow2," "file.backing.file.filename=%s," "file.backing.backing=%s", @@ -156,7 +156,7 @@ break; default: abort(); -@@ -883,8 +900,8 @@ static char *qemu_disk_ide_drive_string( +@@ -870,8 +887,8 @@ static char *qemu_disk_ide_drive_string( switch (colo_mode) { case LIBXL__COLO_NONE: drive = GCSPRINTF @@ -167,7 +167,7 @@ break; case LIBXL__COLO_PRIMARY: /* -@@ -897,13 +914,15 @@ static char *qemu_disk_ide_drive_string( +@@ -884,13 +901,15 @@ static char *qemu_disk_ide_drive_string( * vote-threshold=1 */ drive = GCSPRINTF( @@ -185,7 +185,7 @@ break; case LIBXL__COLO_SECONDARY: /* -@@ -917,7 +936,7 @@ static char *qemu_disk_ide_drive_string( +@@ -904,7 +923,7 @@ static char *qemu_disk_ide_drive_string( * file.backing.backing=exportname, */ drive = GCSPRINTF( @@ -194,7 +194,7 @@ "driver=replication," "mode=secondary," "top-id=top-colo," -@@ -926,7 +945,9 @@ static char *qemu_disk_ide_drive_string( +@@ -913,7 +932,9 @@ static char *qemu_disk_ide_drive_string( "file.backing.driver=qcow2," "file.backing.file.filename=%s," "file.backing.backing=%s", @@ -205,7 +205,7 @@ break; default: abort(); -@@ -1605,8 +1626,8 @@ static int libxl__build_device_model_arg +@@ -1592,8 +1613,8 @@ static int libxl__build_device_model_arg return ERROR_INVAL; } flexarray_vappend(dm_args, "-drive", ++++++ libxl.pvscsi.patch ++++++ --- /var/tmp/diff_new_pack.bxKPP6/_old 2018-04-27 16:00:47.865055910 +0200 +++ /var/tmp/diff_new_pack.bxKPP6/_new 2018-04-27 16:00:47.869055763 +0200 @@ -226,7 +226,7 @@ =================================================================== --- xen-4.10.0-testing.orig/tools/libxl/libxl_internal.h +++ xen-4.10.0-testing/tools/libxl/libxl_internal.h -@@ -3579,6 +3579,7 @@ extern const struct libxl_device_type li +@@ -3580,6 +3580,7 @@ extern const struct libxl_device_type li extern const struct libxl_device_type libxl__disk_devtype; extern const struct libxl_device_type libxl__nic_devtype; extern const struct libxl_device_type libxl__vtpm_devtype; ++++++ libxl.set-migration-constraints-from-cmdline.patch ++++++ --- /var/tmp/diff_new_pack.bxKPP6/_old 2018-04-27 16:00:47.889055029 +0200 +++ /var/tmp/diff_new_pack.bxKPP6/_new 2018-04-27 16:00:47.889055029 +0200 @@ -395,7 +395,7 @@ =================================================================== --- xen-4.10.0-testing.orig/tools/libxl/libxl_internal.h +++ xen-4.10.0-testing/tools/libxl/libxl_internal.h -@@ -3293,6 +3293,10 @@ struct libxl__domain_save_state { +@@ -3294,6 +3294,10 @@ struct libxl__domain_save_state { /* private */ int rc; int hvm; ++++++ xen.libxl.dmmd.patch ++++++ --- /var/tmp/diff_new_pack.bxKPP6/_old 2018-04-27 16:00:48.097047395 +0200 +++ /var/tmp/diff_new_pack.bxKPP6/_new 2018-04-27 16:00:48.097047395 +0200 @@ -49,7 +49,7 @@ =================================================================== --- xen-4.10.0-testing.orig/tools/libxl/libxl_dm.c +++ xen-4.10.0-testing/tools/libxl/libxl_dm.c -@@ -956,6 +956,30 @@ static char *qemu_disk_ide_drive_string( +@@ -943,6 +943,30 @@ static char *qemu_disk_ide_drive_string( return drive; } @@ -80,7 +80,7 @@ static int libxl__build_device_model_args_new(libxl__gc *gc, const char *dm, int guest_domid, const libxl_domain_config *guest_config, -@@ -1523,9 +1547,11 @@ static int libxl__build_device_model_arg +@@ -1510,9 +1534,11 @@ static int libxl__build_device_model_arg libxl__device_disk_dev_number(disks[i].vdev, &disk, &part); const char *format; char *drive; @@ -93,7 +93,7 @@ if (dev_number == -1) { LOGD(WARN, guest_domid, "unable to determine"" disk number for %s", disks[i].vdev); -@@ -1566,7 +1592,7 @@ static int libxl__build_device_model_arg +@@ -1553,7 +1579,7 @@ static int libxl__build_device_model_arg * the bootloader path. */ if (disks[i].backend == LIBXL_DISK_BACKEND_TAP) @@ -119,7 +119,7 @@ =================================================================== --- xen-4.10.0-testing.orig/tools/libxl/libxl_internal.h +++ xen-4.10.0-testing/tools/libxl/libxl_internal.h -@@ -1758,6 +1758,10 @@ _hidden char *libxl__blktap_devpath(libx +@@ -1759,6 +1759,10 @@ _hidden char *libxl__blktap_devpath(libx */ _hidden int libxl__device_destroy_tapdisk(libxl__gc *gc, const char *params); ++++++ xen2libvirt.py ++++++ --- /var/tmp/diff_new_pack.bxKPP6/_old 2018-04-27 16:00:48.125046367 +0200 +++ /var/tmp/diff_new_pack.bxKPP6/_new 2018-04-27 16:00:48.125046367 +0200 @@ -52,7 +52,7 @@ isbinary = os.system('file -b ' + path + ' | grep text > /dev/null') if isbinary: - print(('Skipping %s (not a valid Xen configuration file)' % path)) + print('Skipping %s (not a valid Xen configuration file)' % path) return 'unknown' for line in config.splitlines(): @@ -62,14 +62,14 @@ # XML is not a supported conversion format break if line.startswith('(domain'): - print(('Found sexpr formatted file %s' % path)) + print('Found sexpr formatted file %s' % path) return 'sexpr' if '=' in line: - print(('Found xm formatted file %s' % path)) + print('Found xm formatted file %s' % path) return 'xm' break - print(('Skipping %s (not a valid Xen configuration file)' % path)) + print('Skipping %s (not a valid Xen configuration file)' % path) return 'unknown' @@ -131,7 +131,7 @@ print_verbose('Processing file %s' % abs_name) import_domain(conn, abs_name, args.format, args.convert_only) except IOError: - print(('Failed to open/read path %s' % path)) + print('Failed to open/read path %s' % path) sys.exit(1) else: import_domain(conn, args.path, args.format, args.convert_only) ++++++ xsa258.patch ++++++
From bf9ab0ec0b632739fe6366391e89a7d4dcf9993b Mon Sep 17 00:00:00 2001 From: Anthony PERARD
Date: Thu, 8 Mar 2018 18:16:41 +0000 Subject: [PATCH] libxl: Specify format of inserted cdrom
Without this extra parameter on the QMP command, QEMU will guess the
format of the new file.
This is XSA-258.
Signed-off-by: Anthony PERARD