Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

glorious funtoo updates

merged:

  funtoo-overlay: 87c23ba774f1deef17b4102cd78c3958adb53a54
  foo-overlay: 4ee427c6573d50d9ce03f6671dce87274c57ee9f
  bar-overlay: f1e9085ee695ff5b6ce57d430d6b224aaf4fa0a6
  flora: cc31343a95ac9fd63bfc06fb6f27c86407f367fe
  for-gentoo: 9f12174c45b9fbd3e8b341c79ddfe98f7913fb39
  • Loading branch information...
commit 2805ecc5e6ba108c15183357951a210e72de8a5e 1 parent fcd2191
@danielrobbins danielrobbins authored
Showing with 4,591 additions and 1,205 deletions.
  1. +2 −2 app-accessibility/at-spi2-atk/at-spi2-atk-2.6.2.ebuild
  2. +0 −2  app-benchmarks/bootchart2/Manifest
  3. +0 −83 app-benchmarks/bootchart2/bootchart2-0.14.4.ebuild
  4. +23 −30 app-benchmarks/bootchart2/{bootchart2-0.14.2-r3.ebuild → bootchart2-0.14.5-r1.ebuild}
  5. +3 −3 app-benchmarks/bootchart2/metadata.xml
  6. +369 −0 app-emulation/xen-pvgrub/files/xen-4-CVE-2012-4544-XSA-25.patch
  7. +39 −0 app-emulation/xen-pvgrub/files/xen-4-CVE-2012-6075-XSA-41.patch
  8. +211 −3 app-emulation/xen-pvgrub/files/xen-4-fix_dotconfig-gcc.patch
  9. +41 −0 app-emulation/xen-pvgrub/files/xen-4.2.0-externals.patch
  10. +20 −0 app-emulation/xen-pvgrub/files/xen-4.2.0-jserver.patch
  11. +118 −0 app-emulation/xen-pvgrub/xen-pvgrub-4.2.0-r1.ebuild
  12. +4 −4 app-emulation/xen-pvgrub/xen-pvgrub-4.2.0.ebuild
  13. +120 −0 app-emulation/xen-pvgrub/xen-pvgrub-4.2.1-r1.ebuild
  14. +8 −5 app-emulation/xen-pvgrub/xen-pvgrub-4.2.1.ebuild
  15. +50 −0 app-emulation/xen/files/xen-4-CVE-2012-4535-XSA-20.patch
  16. +50 −0 app-emulation/xen/files/xen-4-CVE-2012-4537-XSA-22.patch
  17. +43 −0 app-emulation/xen/files/xen-4-CVE-2012-4538-XSA-23.patch
  18. +36 −0 app-emulation/xen/files/xen-4-CVE-2012-4539-XSA-24.patch
  19. +113 −0 app-emulation/xen/files/xen-4-CVE-2012-5510-XSA-26.patch
  20. +56 −0 app-emulation/xen/files/xen-4-CVE-2012-5513-XSA-29.patch
  21. +56 −0 app-emulation/xen/files/xen-4-CVE-2012-5514-XSA-30.patch
  22. +58 −0 app-emulation/xen/files/xen-4-CVE-2012-5515-XSA-31.patch
  23. +23 −0 app-emulation/xen/files/xen-4-CVE-2012-5525-XSA-32.patch
  24. +18 −0 app-emulation/xen/files/xen-4-CVE-2012-5634-XSA-33.patch
  25. +211 −0 app-emulation/xen/files/xen-4-CVE-2013-0151-XSA-27_34_35.patch
  26. +70 −0 app-emulation/xen/files/xen-4-CVE-2013-0151-XSA-34_35.patch
  27. +23 −0 app-emulation/xen/files/xen-4-CVE-2013-0154-XSA-37.patch
  28. +2 −2 app-emulation/xen/files/xen-4-fix_dotconfig-gcc.patch
  29. +23 −12 app-emulation/xen/{xen-4.2.0.ebuild → xen-4.2.0-r1.ebuild}
  30. +13 −6 app-emulation/xen/{xen-4.2.1.ebuild → xen-4.2.1-r1.ebuild}
  31. +1 −0  app-i18n/ibus-sunpinyin/Manifest
  32. +8 −9 app-i18n/ibus-sunpinyin/{ibus-sunpinyin-2.0.3-r1.ebuild → ibus-sunpinyin-2.0.3-r2.ebuild}
  33. +56 −0 app-i18n/ibus-sunpinyin/ibus-sunpinyin-2.0.4_pre20130108.ebuild
  34. +1 −0  app-i18n/librime/Manifest
  35. +34 −0 app-i18n/librime/librime-0.9.7.ebuild
  36. +9 −10 app-i18n/scim-sunpinyin/{scim-sunpinyin-2.0.3-r1.ebuild → scim-sunpinyin-2.0.3-r2.ebuild}
  37. +2 −0  app-i18n/sunpinyin-data/Manifest
  38. +62 −0 app-i18n/sunpinyin-data/files/SLM-inst.mk
  39. +8 −0 app-i18n/sunpinyin-data/metadata.xml
  40. +38 −0 app-i18n/sunpinyin-data/sunpinyin-data-20121025.ebuild
  41. +1 −0  app-i18n/sunpinyin/Manifest
  42. +4 −8 app-i18n/sunpinyin/metadata.xml
  43. +44 −0 app-i18n/sunpinyin/sunpinyin-2.0.4_pre20130108.ebuild
  44. +1 −0  app-i18n/xsunpinyin/Manifest
  45. +5 −0 app-i18n/xsunpinyin/files/README.gentoo
  46. +4 −8 app-i18n/xsunpinyin/metadata.xml
  47. +10 −11 app-i18n/xsunpinyin/{xsunpinyin-2.0.3-r2.ebuild → xsunpinyin-2.0.3-r3.ebuild}
  48. +43 −0 app-i18n/xsunpinyin/xsunpinyin-2.0.4_pre20130108.ebuild
  49. +1 −0  app-misc/nut/Manifest
  50. +30 −0 app-misc/nut/nut-18.5.ebuild
  51. +166 −168 app-office/libreoffice-l10n/Manifest
  52. +5 −5 app-office/libreoffice-l10n/{libreoffice-l10n-4.0.0.1.ebuild → libreoffice-l10n-4.0.0.2.ebuild}
  53. +2 −2 app-portage/emerge-delta-webrsync/emerge-delta-webrsync-3.6.2.ebuild
  54. +0 −7 app-text/tesseract/Manifest
  55. +11 −0 app-text/tesseract/files/tesseract-3.02-automake-compat.patch
  56. +0 −105 app-text/tesseract/tesseract-3.01.ebuild
  57. +3 −2 app-text/tesseract/tesseract-3.02.ebuild
  58. +2 −2 dev-db/mysql-workbench/mysql-workbench-5.2.45.ebuild
  59. +2 −0  dev-db/postgis/Manifest
  60. +28 −0 dev-db/postgis/files/postgis-1.5-ldflags.patch
  61. +26 −0 dev-db/postgis/files/postgis-2.0-ldflags.patch
  62. +206 −0 dev-db/postgis/postgis-1.3.6-r2.ebuild
  63. +255 −0 dev-db/postgis/postgis-1.4.2-r2.ebuild
  64. +252 −0 dev-db/postgis/postgis-1.5.8.ebuild
  65. +250 −0 dev-db/postgis/postgis-2.0.2.ebuild
  66. +2 −2 dev-java/guava/guava-07.ebuild
  67. +2 −2 dev-java/jython/jython-2.5.3-r2.ebuild
  68. +1 −0  dev-lang/bas/Manifest
  69. +41 −0 dev-lang/bas/bas-2.3.ebuild
  70. +21 −0 dev-lang/bas/files/bas-2.3-configure.patch
  71. +1 −0  dev-lang/ferite/Manifest
  72. +77 −0 dev-lang/ferite/ferite-1.1.17.ebuild
  73. +2 −2 dev-libs/libatomic_ops/libatomic_ops-7.2d.ebuild
  74. +3 −3 dev-libs/libmail/libmail-0.3-r1.ebuild
  75. +3 −3 dev-libs/openssl/openssl-1.0.1c.ebuild
  76. +1 −0  dev-ruby/aws-sdk/Manifest
  77. +3 −3 dev-ruby/aws-sdk/aws-sdk-1.7.1.ebuild
  78. +47 −0 dev-ruby/aws-sdk/aws-sdk-1.8.1.1.ebuild
  79. +1 −0  dev-ruby/rack-ssl/Manifest
  80. +24 −0 dev-ruby/rack-ssl/rack-ssl-1.3.3.ebuild
  81. +2 −2 dev-util/cppunit/cppunit-1.13.1.ebuild
  82. +4 −4 dev-util/gource/{gource-0.38.ebuild → gource-0.38-r1.ebuild}
  83. +0 −1  dev-util/patchelf/Manifest
  84. +3 −3 dev-util/patchelf/metadata.xml
  85. +0 −21 dev-util/patchelf/patchelf-0.5.ebuild
  86. +3 −3 dev-util/patchelf/patchelf-0.6.ebuild
  87. +2 −1  eclass/fcaps.eclass
  88. +4 −4 eclass/python-r1.eclass
  89. +3 −3 eclass/python-single-r1.eclass
  90. +3 −0  games-arcade/berusky/Manifest
  91. +58 −0 games-arcade/berusky/berusky-1.6.ebuild
  92. +71 −0 games-arcade/berusky/files/berusky-1.6-gentoo.patch
  93. +2 −2 games-sports/torcs/torcs-1.3.4.ebuild
  94. +2 −2 java-virtuals/script-api/script-api-1.0.ebuild
  95. +1 −1  mail-filter/bmf/Manifest
  96. +0 −50 mail-filter/bmf/bmf-0.9.4-r1.ebuild
  97. +0 −41 mail-filter/bmf/bmf-0.9.4.ebuild
  98. +2 −2 media-gfx/graphite2/graphite2-1.2.0.ebuild
  99. +3 −3 media-plugins/vdr-proxy/Manifest
  100. +3 −3 media-plugins/vdr-proxy/vdr-proxy-0.1.4-r1.ebuild
  101. +64 −0 media-sound/abcde/abcde-2.5.4-r1.ebuild
  102. +22 −0 media-sound/abcde/files/abcde-2.5.4-eyeD3-0.7-api.patch
  103. +1 −1  metadata/dtd/timestamp.chk
  104. +1 −1  metadata/glsa/timestamp.chk
  105. +3 −3 metadata/md5-cache/app-accessibility/accerciser-3.6.2-r1
  106. +2 −2 metadata/md5-cache/app-accessibility/at-spi2-atk-2.6.2
  107. +3 −3 metadata/md5-cache/app-accessibility/caribou-0.4.6
  108. +3 −3 metadata/md5-cache/app-accessibility/caribou-0.4.7
  109. +3 −3 metadata/md5-cache/app-accessibility/orca-3.6.3-r1
  110. +3 −3 metadata/md5-cache/app-admin/ansible-0.7.2
  111. +3 −3 metadata/md5-cache/app-admin/ansible-0.8
  112. +3 −3 metadata/md5-cache/app-admin/ansible-0.9-r1
  113. +3 −3 metadata/md5-cache/app-admin/ansible-9999
  114. +3 −3 metadata/md5-cache/app-admin/eclean-kernel-0.3.1
  115. +3 −3 metadata/md5-cache/app-admin/eclean-kernel-0.3.2
  116. +3 −3 metadata/md5-cache/app-admin/eclean-kernel-9999
  117. +3 −3 metadata/md5-cache/app-admin/glance-2012.2.1
  118. +3 −3 metadata/md5-cache/app-admin/glance-9999
  119. +3 −3 metadata/md5-cache/app-backup/duplicity-0.6.21
  120. +0 −13 metadata/md5-cache/app-benchmarks/bootchart2-0.14.2-r3
  121. +0 −13 metadata/md5-cache/app-benchmarks/bootchart2-0.14.4
  122. +14 −0 metadata/md5-cache/app-benchmarks/bootchart2-0.14.5-r1
  123. +3 −3 metadata/md5-cache/app-cdr/cdemu-2.0.0
  124. +2 −2 metadata/md5-cache/app-cdr/gcdemu-2.0.0
  125. +3 −3 metadata/md5-cache/app-editors/gedit-3.6.2-r1
  126. +3 −3 metadata/md5-cache/app-editors/gedit-plugins-3.6.1-r1
  127. +3 −3 metadata/md5-cache/app-emulation/libvirt-glib-0.1.4
  128. +3 −3 metadata/md5-cache/app-emulation/libvirt-glib-0.1.5
  129. +3 −3 metadata/md5-cache/app-emulation/vboxgtk-0.8.2-r1
  130. +0 −15 metadata/md5-cache/app-emulation/xen-4.2.0
  131. +15 −0 metadata/md5-cache/app-emulation/xen-4.2.0-r1
  132. +4 −4 metadata/md5-cache/app-emulation/{xen-4.2.1 → xen-4.2.1-r1}
  133. +2 −2 metadata/md5-cache/app-emulation/xen-pvgrub-4.2.0
  134. +13 −0 metadata/md5-cache/app-emulation/xen-pvgrub-4.2.0-r1
  135. +2 −2 metadata/md5-cache/app-emulation/xen-pvgrub-4.2.1
  136. +13 −0 metadata/md5-cache/app-emulation/xen-pvgrub-4.2.1-r1
  137. +5 −5 metadata/md5-cache/app-i18n/{ibus-sunpinyin-2.0.3-r1 → ibus-sunpinyin-2.0.3-r2}
  138. +13 −0 metadata/md5-cache/app-i18n/ibus-sunpinyin-2.0.4_pre20130108
  139. +13 −0 metadata/md5-cache/app-i18n/librime-0.9.7
  140. +5 −5 metadata/md5-cache/app-i18n/{scim-sunpinyin-2.0.3-r1 → scim-sunpinyin-2.0.3-r2}
  141. +13 −0 metadata/md5-cache/app-i18n/sunpinyin-2.0.4_pre20130108
  142. +11 −0 metadata/md5-cache/app-i18n/sunpinyin-data-20121025
  143. +5 −5 metadata/md5-cache/app-i18n/{xsunpinyin-2.0.3-r2 → xsunpinyin-2.0.3-r3}
  144. +12 −0 metadata/md5-cache/app-i18n/xsunpinyin-2.0.4_pre20130108
  145. +1 −1  metadata/md5-cache/app-misc/byobu-5.27
  146. +1 −1  metadata/md5-cache/app-misc/byobu-5.29
  147. +2 −2 metadata/md5-cache/app-misc/grc-1.4-r1
  148. +10 −0 metadata/md5-cache/app-misc/nut-18.5
  149. +3 −3 metadata/md5-cache/app-misc/ranger-1.5.5-r1
  150. +3 −3 metadata/md5-cache/app-misc/ranger-9999
  151. +3 −3 metadata/md5-cache/app-misc/trash-cli-0.12.9.14-r2
  152. +3 −3 metadata/md5-cache/app-office/gnumeric-1.12.0
  153. +3 −3 metadata/md5-cache/app-office/gnumeric-1.12.0-r1
  154. +3 −3 metadata/md5-cache/app-office/libreoffice-3.6.9999
  155. +3 −3 metadata/md5-cache/app-office/libreoffice-4.0.0.2
  156. +3 −3 metadata/md5-cache/app-office/libreoffice-4.0.9999
  157. +3 −3 metadata/md5-cache/app-office/libreoffice-9999-r2
  158. +0 −14 metadata/md5-cache/app-office/libreoffice-l10n-4.0.0.1
  159. +14 −0 metadata/md5-cache/app-office/libreoffice-l10n-4.0.0.2
  160. +3 −3 metadata/md5-cache/app-office/scribus-1.4.2-r2
  161. +1 −1  metadata/md5-cache/app-office/scribus-1.4.9999
  162. +3 −3 metadata/md5-cache/app-portage/diffmask-0.3.3-r2
  163. +3 −3 metadata/md5-cache/app-portage/diffmask-9999
  164. +2 −2 metadata/md5-cache/app-portage/emerge-delta-webrsync-3.6.2
  165. +3 −3 metadata/md5-cache/app-portage/flaggie-0.2-r2
  166. +3 −3 metadata/md5-cache/app-portage/flaggie-0.2-r3
  167. +3 −3 metadata/md5-cache/app-portage/flaggie-9999
  168. +3 −3 metadata/md5-cache/app-portage/gentoopm-0.2.6
  169. +3 −3 metadata/md5-cache/app-portage/gentoopm-0.2.7
  170. +3 −3 metadata/md5-cache/app-portage/gentoopm-9999
  171. +3 −3 metadata/md5-cache/app-portage/install-mask-0.0.2-r2
  172. +3 −3 metadata/md5-cache/app-portage/install-mask-9999
  173. +3 −3 metadata/md5-cache/app-portage/smart-live-rebuild-1.2.5
  174. +3 −3 metadata/md5-cache/app-portage/smart-live-rebuild-1.3
  175. +3 −3 metadata/md5-cache/app-portage/smart-live-rebuild-9999
  176. +3 −3 metadata/md5-cache/app-text/gtranslator-2.91.6
  177. +3 −3 metadata/md5-cache/app-text/keepnote-0.7.9-r2
  178. +0 −13 metadata/md5-cache/app-text/tesseract-3.01
  179. +1 −1  metadata/md5-cache/app-text/tesseract-3.02
  180. +2 −2 metadata/md5-cache/dev-db/mysql-workbench-5.2.45
  181. +14 −0 metadata/md5-cache/dev-db/postgis-1.3.6-r2
  182. +14 −0 metadata/md5-cache/dev-db/postgis-1.4.2-r2
  183. +14 −0 metadata/md5-cache/dev-db/postgis-1.5.8
  184. +14 −0 metadata/md5-cache/dev-db/postgis-2.0.2
  185. +3 −3 metadata/md5-cache/dev-embedded/bitbake-1.17.0
  186. +3 −3 metadata/md5-cache/dev-embedded/bitbake-9999
  187. +2 −2 metadata/md5-cache/dev-java/guava-07
  188. +2 −2 metadata/md5-cache/dev-java/jython-2.5.3-r2
  189. +13 −0 metadata/md5-cache/dev-lang/bas-2.3
  190. +12 −0 metadata/md5-cache/dev-lang/ferite-1.1.17
  191. +1 −1  metadata/md5-cache/dev-libs/btparser-0.24
  192. +3 −3 metadata/md5-cache/dev-libs/gobject-introspection-1.34.2-r1
  193. +3 −3 metadata/md5-cache/dev-libs/libRocket-1.2.1
  194. +3 −3 metadata/md5-cache/dev-libs/libRocket-1.2.1_p20130110
  195. +3 −3 metadata/md5-cache/dev-libs/libRocket-9999
  196. +2 −2 metadata/md5-cache/dev-libs/libatomic_ops-7.2d
  197. +2 −2 metadata/md5-cache/dev-libs/libmail-0.3-r1
  198. +3 −3 metadata/md5-cache/dev-libs/libpeas-1.6.2-r1
  199. +3 −3 metadata/md5-cache/dev-libs/libpwquality-1.2.0-r2
  200. +2 −2 metadata/md5-cache/dev-libs/openssl-1.0.1c
  201. +3 −3 metadata/md5-cache/dev-python/3to2-1.0
  202. +3 −3 metadata/md5-cache/dev-python/PyGithub-1.10.0
  203. +3 −3 metadata/md5-cache/dev-python/adns-python-1.2.1-r1
  204. +3 −3 metadata/md5-cache/dev-python/adodb-py-2.20-r1
  205. +3 −3 metadata/md5-cache/dev-python/amara-2.0.0_alpha6-r1
  206. +3 −3 metadata/md5-cache/dev-python/ansi2html-0.9.3-r1
  207. +3 −3 metadata/md5-cache/dev-python/appdirs-1.2.0-r1
  208. +3 −3 metadata/md5-cache/dev-python/apse-0.2-r2
  209. +3 −3 metadata/md5-cache/dev-python/cliff-1.3
  210. +3 −3 metadata/md5-cache/dev-python/cmd2-0.6.4
  211. +3 −3 metadata/md5-cache/dev-python/colorama-0.2.4
  212. +3 −3 metadata/md5-cache/dev-python/cov-core-1.7
  213. +3 −3 metadata/md5-cache/dev-python/django-evolution-0.6.7-r1
  214. +3 −3 metadata/md5-cache/dev-python/django-international-0.0.3
  215. +3 −3 metadata/md5-cache/dev-python/django-picklefield-0.3.0
  216. +2 −2 metadata/md5-cache/dev-python/docutils-glep-0.4-r1
  217. +3 −3 metadata/md5-cache/dev-python/feedgenerator-1.5
  218. +3 −3 metadata/md5-cache/dev-python/fixtures-0.3.12
  219. +3 −3 metadata/md5-cache/dev-python/flask-script-0.5.3
  220. +1 −1  metadata/md5-cache/dev-python/graph-tool-2.2.19
  221. +1 −1  metadata/md5-cache/dev-python/graph-tool-2.2.21
  222. +1 −1  metadata/md5-cache/dev-python/graph-tool-9999
  223. +3 −3 metadata/md5-cache/dev-python/gst-python-0.10.22-r1
  224. +3 −3 metadata/md5-cache/dev-python/hcs-utils-1.3
  225. +3 −3 metadata/md5-cache/dev-python/hgtools-2.0.2
  226. +3 −3 metadata/md5-cache/dev-python/icalendar-3.2-r1
  227. +3 −3 metadata/md5-cache/dev-python/ijson-1.0-r1
  228. +3 −3 metadata/md5-cache/dev-python/jsonpatch-0.10
  229. +3 −3 metadata/md5-cache/dev-python/jsonpatch-0.12
  230. +3 −3 metadata/md5-cache/dev-python/jsonpointer-0.7
  231. +3 −3 metadata/md5-cache/dev-python/jsonschema-0.7
  232. +3 −3 metadata/md5-cache/dev-python/jsonschema-0.8.0
  233. +3 −3 metadata/md5-cache/dev-python/keyring-1.0
  234. +3 −3 metadata/md5-cache/dev-python/llfuse-0.38
  235. +3 −3 metadata/md5-cache/dev-python/miniupnpc-1.7-r1
  236. +3 −3 metadata/md5-cache/dev-python/msgpack-0.2.4
  237. +3 −3 metadata/md5-cache/dev-python/nosehtmloutput-0.0.4
  238. +3 −3 metadata/md5-cache/dev-python/openstack-nose-plugin-0.11
  239. +3 −3 metadata/md5-cache/dev-python/pmw-1.3.3
  240. +3 −3 metadata/md5-cache/dev-python/pmw-2.0.0
  241. +3 −3 metadata/md5-cache/dev-python/pry-0.2.1-r1
  242. +3 −3 metadata/md5-cache/dev-python/psycopg-1.1.21-r1
  243. +3 −3 metadata/md5-cache/dev-python/psycopg-2.4.6-r1
  244. +3 −3 metadata/md5-cache/dev-python/pyGPG-9999
  245. +3 −3 metadata/md5-cache/dev-python/pycparser-2.09.1
  246. +3 −3 metadata/md5-cache/dev-python/pycryptopp-0.6.0
  247. +3 −3 metadata/md5-cache/dev-python/pycuda-2012.1
  248. +3 −3 metadata/md5-cache/dev-python/pygit2-0.17.3-r1
  249. +1 −1  metadata/md5-cache/dev-python/pygoocanvas-0.14.1-r1
  250. +3 −3 metadata/md5-cache/dev-python/pyh2o-9999
  251. +3 −3 metadata/md5-cache/dev-python/pyliblzma-0.5.3-r1
  252. +3 −3 metadata/md5-cache/dev-python/pymountboot-0.2.1
  253. +3 −3 metadata/md5-cache/dev-python/pymountboot-0.2.2
  254. +3 −3 metadata/md5-cache/dev-python/pymountboot-9999
  255. +3 −3 metadata/md5-cache/dev-python/pypam-0.5.0-r2
  256. +3 −3 metadata/md5-cache/dev-python/pypax-0.8.1
  257. +3 −3 metadata/md5-cache/dev-python/pysctp-0.6
  258. +3 −3 metadata/md5-cache/dev-python/pysqlite-2.6.3-r1
  259. +3 −3 metadata/md5-cache/dev-python/pytest-cov-1.6
  260. +3 −3 metadata/md5-cache/dev-python/pytest-runner-1.1-r1
  261. +3 −3 metadata/md5-cache/dev-python/python-cinderclient-1.0.2
  262. +1 −1  metadata/md5-cache/dev-python/python-exec-0.1
  263. +1 −1  metadata/md5-cache/dev-python/python-exec-0.1.1
  264. +1 −1  metadata/md5-cache/dev-python/python-exec-0.2
  265. +1 −1  metadata/md5-cache/dev-python/python-exec-9999
  266. +3 −3 metadata/md5-cache/dev-python/python-glanceclient-0.7.0
  267. +3 −3 metadata/md5-cache/dev-python/python-keystoneclient-0.2.1-r1
  268. +3 −3 metadata/md5-cache/dev-python/python-keystoneclient-9999
  269. +3 −3 metadata/md5-cache/dev-python/python-mpd-0.4.6
  270. +3 −3 metadata/md5-cache/dev-python/python-mpd-0.5.0
  271. +3 −3 metadata/md5-cache/dev-python/python-pam-0.1.4
  272. +3 −3 metadata/md5-cache/dev-python/python-quantumclient-2.1
  273. +3 −3 metadata/md5-cache/dev-python/python-swiftclient-1.2.0-r1
  274. +3 −3 metadata/md5-cache/dev-python/pytools-2012.1
  275. +3 −3 metadata/md5-cache/dev-python/pyx-0.12.1-r1
  276. +3 −3 metadata/md5-cache/dev-python/pyxml-0.8.4-r3
  277. +3 −3 metadata/md5-cache/dev-python/robotframework-2.7.6
  278. +3 −3 metadata/md5-cache/dev-python/selenium-2.29.0
  279. +3 −3 metadata/md5-cache/dev-python/setuptools-git-1.0_beta1
  280. +3 −3 metadata/md5-cache/dev-python/sh-1.07
  281. +3 −3 metadata/md5-cache/dev-python/simples3-1.0
  282. +3 −3 metadata/md5-cache/dev-python/skype4py-1.0.32.1-r1
  283. +3 −3 metadata/md5-cache/dev-python/termcolor-1.1.0
  284. +3 −3 metadata/md5-cache/dev-python/warlock-0.7.0
  285. +3 −3 metadata/md5-cache/dev-python/whoosh-2.4.1-r1
  286. +3 −3 metadata/md5-cache/dev-python/yenc-0.4.0-r1
  287. +5 −5 metadata/md5-cache/dev-ruby/aws-sdk-1.7.1
  288. +14 −0 metadata/md5-cache/dev-ruby/aws-sdk-1.8.1.1
  289. +14 −0 metadata/md5-cache/dev-ruby/rack-ssl-1.3.3
  290. +3 −3 metadata/md5-cache/dev-tcltk/snack-2.2.10-r6
  291. +3 −3 metadata/md5-cache/dev-util/a8-0.11-r1
  292. +3 −3 metadata/md5-cache/dev-util/anjuta-3.6.2-r1
  293. +3 −3 metadata/md5-cache/dev-util/cligh-0.1_p20120630
  294. +3 −3 metadata/md5-cache/dev-util/cligh-9999
  295. +3 −3 metadata/md5-cache/dev-util/coccigrep-1.12
  296. +2 −2 metadata/md5-cache/dev-util/cppunit-1.13.1
  297. +3 −3 metadata/md5-cache/dev-util/d-feet-0.1.15
  298. +3 −3 metadata/md5-cache/dev-util/d-feet-0.3.1
  299. +3 −3 metadata/md5-cache/dev-util/d-feet-0.3.3
  300. +3 −3 metadata/md5-cache/dev-util/devhelp-3.6.1-r1
Sorry, we could not display the entire diff because too many files (539) changed.
View
4 app-accessibility/at-spi2-atk/at-spi2-atk-2.6.2.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2013 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-accessibility/at-spi2-atk/at-spi2-atk-2.6.2.ebuild,v 1.5 2013/01/24 14:55:06 jlec Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-accessibility/at-spi2-atk/at-spi2-atk-2.6.2.ebuild,v 1.6 2013/01/30 11:11:07 aballier Exp $
EAPI="4"
GCONF_DEBUG="no"
@@ -13,7 +13,7 @@ HOMEPAGE="http://live.gnome.org/Accessibility"
LICENSE="LGPL-2+"
SLOT="2"
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~amd64-linux ~x86-linux"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~amd64-fbsd ~amd64-linux ~x86-linux"
IUSE=""
COMMON_DEPEND="
View
2  app-benchmarks/bootchart2/Manifest
@@ -1,3 +1 @@
-DIST bootchart2-0.14.2.tar.bz2 775770 SHA256 0a9c9cd4065a1ad4d9e27e36888cf6258bb8c830a719e1a4afbf3b1092e728a4 SHA512 9f15f449c714739344558f875485acc74d8c51d1325143c0fe46fb4d7b97e419ac25e240c5c735302d30066afde15289e3161fe73bb495b2b9d2fa8587ab6c60 WHIRLPOOL be99044746c6336492c3d071e3f8c2ad9bf43803581a4c778298b188416e0318ebf871d823b2b853087695c8146da01ba846074170872d721ad967d658d2c565
-DIST bootchart2-0.14.4.tar.bz2 775936 SHA256 9b2bd785569e0c49fe6082abfb488135f65bc82f7919e04857a4bd94471add7f SHA512 ee666801e59eae750c4b35f460d2092818b2269ce4b59e10b24cd2f79d684e3b363a3773764b1a095a39b903afd4ed0f72cb17947f91842ab3ee5f6acadf04fa WHIRLPOOL 5f06516ba15e909be0510e1dbef84a0d6802ad762a8e85ae151dca4edfa25b263e25f71c03850c0c1c5506701502e7b641ed3821b348a38ca80e0e3ae2ea7902
DIST bootchart2-0.14.5.tar.bz2 776490 SHA256 8a36596dcb67cd24b02feb20805588277680933478597557e96e7e3c744bf68f SHA512 4a0dbc9a5d516be71a5c6af316894584e77a277f6450940f76a422e7b1987ea62e90edba4524ba68f5080f120faaec9a49dc16b78ac0f8e6be5aa48a4b106f6e WHIRLPOOL e4e9a2d28382d1310dd378b7577e20853e807327570e216ee9d5f0c03ae8ca02484366e2d11310830d6a4a4abcc94459704c9bf1bc9579322727d56ac69eb717
View
83 app-benchmarks/bootchart2/bootchart2-0.14.4.ebuild
@@ -1,83 +0,0 @@
-# Copyright 1999-2012 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-benchmarks/bootchart2/bootchart2-0.14.4.ebuild,v 1.1 2012/06/14 06:31:21 jlec Exp $
-
-EAPI=4
-
-PYTHON_DEPEND="2"
-SUPPORT_PYTHON_ABIS="1"
-RESTRICT_PYTHON_ABIS="3.* *-pypy-*"
-
-inherit linux-info python systemd toolchain-funcs
-
-DESCRIPTION="Performance analysis and visualization of the system boot process"
-HOMEPAGE="https://github.com/mmeeks/bootchart/"
-SRC_URI="mirror://github/mmeeks/bootchart/${P}.tar.bz2"
-
-SLOT="0"
-LICENSE="GPL-2"
-KEYWORDS="~amd64 ~x86 ~amd64-linux ~x86-linux"
-IUSE="svg"
-
-RDEPEND="
- !app-benchmarks/bootchart
- dev-python/pycairo[svg?]
- dev-python/pygtk
- sys-apps/lsb-release"
-DEPEND="${RDEPEND}"
-
-CONFIG_CHECK="~PROC_EVENTS ~TASKSTATS ~TASK_DELAY_ACCT ~TMPFS"
-
-src_prepare() {
- tc-export CC
- sed \
- -e "/^install/s:py-install-compile::g" \
- -e "/^SYSTEMD_UNIT_DIR/s:=.*:= $(systemd_get_unitdir):g" \
- -i Makefile || die
- sed \
- -e '/^EXIT_PROC/s:^.*$:EXIT_PROC="agetty mgetty mingetty":g' \
- -i bootchartd.conf bootchartd.in || die
-}
-
-src_test() {
- testing() {
- emake test
- }
- python_execute_function testing
-}
-
-src_install() {
- export NO_PYTHON_COMPILE=0
- export DOCDIR=/usr/share/doc/${PF}
- default
-
- # Note: LIBDIR is hardcoded as /lib in collector/common.h, so we shouldn't
- # just change it. Since no libraries are installed, /lib is fine.
- keepdir /lib/bootchart/tmpfs
-
- installation() {
- emake \
- DESTDIR="${D}" \
- PY_SITEDIR=$(python_get_sitedir) \
- py-install-compile
- }
- python_execute_function installation
-
- # does not like python3 as active interpreter
- python_convert_shebangs 2 "${ED}"/usr/bin/pybootchartgui
-
- newinitd "${FILESDIR}"/${PN}.init ${PN}
-}
-
-pkg_postinst() {
- elog "If you are using an initrd during boot"
- echo
- elog "please add the init script to your default runlevel"
- elog "rc-update add bootchart2 default"
- echo
- python_mod_optimize pybootchartgui
-}
-
-pkg_postrm() {
- python_mod_cleanup pybootchartgui
-}
View
53 ...benchmarks/bootchart2/bootchart2-0.14.2-r3.ebuild → ...benchmarks/bootchart2/bootchart2-0.14.5-r1.ebuild
@@ -1,13 +1,12 @@
-# Copyright 1999-2012 Gentoo Foundation
+# Copyright 1999-2013 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-benchmarks/bootchart2/bootchart2-0.14.2-r3.ebuild,v 1.2 2012/06/14 06:31:21 jlec Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-benchmarks/bootchart2/bootchart2-0.14.5-r1.ebuild,v 1.1 2013/01/30 11:25:18 jlec Exp $
-EAPI=4
+EAPI=5
-PYTHON_DEPEND="2"
-SUPPORT_PYTHON_ABIS="1"
+PYTHON_COMPAT=( python{2_6,2_7,3_1,3_2,3_3} )
-inherit linux-info python systemd toolchain-funcs
+inherit linux-info python-r1 systemd toolchain-funcs
DESCRIPTION="Performance analysis and visualization of the system boot process"
HOMEPAGE="https://github.com/mmeeks/bootchart/"
@@ -15,15 +14,20 @@ SRC_URI="mirror://github/mmeeks/bootchart/${P}.tar.bz2"
SLOT="0"
LICENSE="GPL-2"
-KEYWORDS="~amd64 ~x86 ~amd64-linux ~x86-linux"
-IUSE="svg"
+KEYWORDS="~alpha ~amd64 ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~amd64-linux ~x86-linux"
+IUSE="svg test X"
+
+REQUIRED_USE="test? ( X )"
RDEPEND="
!app-benchmarks/bootchart
- dev-python/pycairo[svg?]
- dev-python/pygtk
+ X? (
+ dev-python/pycairo[svg?,${PYTHON_USEDEP}]
+ dev-python/pygtk
+ ${PYTHON_DEPS}
+ )
sys-apps/lsb-release"
-DEPEND="${RDEPEND}"
+DEPEND="${PYTHON_DEPS}"
CONFIG_CHECK="~PROC_EVENTS ~TASKSTATS ~TASK_DELAY_ACCT ~TMPFS"
@@ -31,7 +35,6 @@ src_prepare() {
tc-export CC
sed \
-e "/^install/s:py-install-compile::g" \
- -e "/^VER/s:0.14.1:0.14.2:g" \
-e "/^SYSTEMD_UNIT_DIR/s:=.*:= $(systemd_get_unitdir):g" \
-i Makefile || die
sed \
@@ -40,14 +43,11 @@ src_prepare() {
}
src_test() {
- testing() {
- emake test
- }
- python_execute_function testing
+ python_foreach_impl emake test
}
src_install() {
- export NO_PYTHON_COMPILE=0
+ export NO_PYTHON_COMPILE=1
export DOCDIR=/usr/share/doc/${PF}
default
@@ -56,15 +56,13 @@ src_install() {
keepdir /lib/bootchart/tmpfs
installation() {
- emake \
- DESTDIR="${D}" \
- PY_SITEDIR=$(python_get_sitedir) \
- py-install-compile
- }
- python_execute_function installation
+ python_domodule pybootchartgui
- # does not like python3 as active interpreter
- python_convert_shebangs 2 "${ED}"/usr/bin/pybootchartgui
+ python_optimize "${ED}"/$(python_get_sitedir)
+ cp pybootchartgui.py "${T}"/pybootchartgui || die
+ python_doscript "${T}"/pybootchartgui
+ }
+ use X && python_foreach_impl installation
newinitd "${FILESDIR}"/${PN}.init ${PN}
}
@@ -75,9 +73,4 @@ pkg_postinst() {
elog "please add the init script to your default runlevel"
elog "rc-update add bootchart2 default"
echo
- python_mod_optimize pybootchartgui
-}
-
-pkg_postrm() {
- python_mod_cleanup pybootchartgui
}
View
6 app-benchmarks/bootchart2/metadata.xml
@@ -1,7 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
- <maintainer>
- <email>jlec@gentoo.org</email>
- </maintainer>
+ <maintainer>
+ <email>jlec@gentoo.org</email>
+ </maintainer>
</pkgmetadata>
View
369 app-emulation/xen-pvgrub/files/xen-4-CVE-2012-4544-XSA-25.patch
@@ -0,0 +1,369 @@
+
+# HG changeset patch
+# User Ian Jackson <Ian.Jackson@eu.citrix.com>
+# Date 1351264255 -3600
+# Node ID 537776f51f79c5789d06f97b363596a197c3e71c
+# Parent 40ccbee890e1fc053de3046bbc3d13b8ff6f5d63
+libxc: builder: limit maximum size of kernel/ramdisk.
+
+Allowing user supplied kernels of arbitrary sizes, especially during
+decompression, can swallow up dom0 memory leading to either virtual
+address space exhaustion in the builder process or allocation
+failures/OOM killing of both toolstack and unrelated processes.
+
+We disable these checks when building in a stub domain for pvgrub
+since this uses the guest's own memory and is isolated.
+
+Decompression of gzip compressed kernels and ramdisks has been safe
+since 14954:58205257517d (Xen 3.1.0 onwards).
+
+This is XSA-25 / CVE-2012-4544.
+
+Also make explicit checks for buffer overflows in various
+decompression routines. These were already ruled out due to other
+properties of the code but check them as a belt-and-braces measure.
+
+Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
+Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
+
+diff -r 40ccbee890e1 -r 537776f51f79 stubdom/grub/kexec.c
+--- stubdom/grub/kexec.c Thu Oct 25 15:36:32 2012 +0200
++++ stubdom/grub/kexec.c Fri Oct 26 16:10:55 2012 +0100
+@@ -137,6 +137,10 @@ void kexec(void *kernel, long kernel_siz
+ dom = xc_dom_allocate(xc_handle, cmdline, features);
+ dom->allocate = kexec_allocate;
+
++ /* We are using guest owned memory, therefore no limits. */
++ xc_dom_kernel_max_size(dom, 0);
++ xc_dom_ramdisk_max_size(dom, 0);
++
+ dom->kernel_blob = kernel;
+ dom->kernel_size = kernel_size;
+
+diff -r 40ccbee890e1 -r 537776f51f79 tools/libxc/xc_dom.h
+--- tools/libxc/xc_dom.h Thu Oct 25 15:36:32 2012 +0200
++++ tools/libxc/xc_dom.h Fri Oct 26 16:10:55 2012 +0100
+@@ -55,6 +55,9 @@ struct xc_dom_image {
+ void *ramdisk_blob;
+ size_t ramdisk_size;
+
++ size_t max_kernel_size;
++ size_t max_ramdisk_size;
++
+ /* arguments and parameters */
+ char *cmdline;
+ uint32_t f_requested[XENFEAT_NR_SUBMAPS];
+@@ -180,6 +183,23 @@ void xc_dom_release_phys(struct xc_dom_i
+ void xc_dom_release(struct xc_dom_image *dom);
+ int xc_dom_mem_init(struct xc_dom_image *dom, unsigned int mem_mb);
+
++/* Set this larger if you have enormous ramdisks/kernels. Note that
++ * you should trust all kernels not to be maliciously large (e.g. to
++ * exhaust all dom0 memory) if you do this (see CVE-2012-4544 /
++ * XSA-25). You can also set the default independently for
++ * ramdisks/kernels in xc_dom_allocate() or call
++ * xc_dom_{kernel,ramdisk}_max_size.
++ */
++#ifndef XC_DOM_DECOMPRESS_MAX
++#define XC_DOM_DECOMPRESS_MAX (1024*1024*1024) /* 1GB */
++#endif
++
++int xc_dom_kernel_check_size(struct xc_dom_image *dom, size_t sz);
++int xc_dom_kernel_max_size(struct xc_dom_image *dom, size_t sz);
++
++int xc_dom_ramdisk_check_size(struct xc_dom_image *dom, size_t sz);
++int xc_dom_ramdisk_max_size(struct xc_dom_image *dom, size_t sz);
++
+ size_t xc_dom_check_gzip(xc_interface *xch,
+ void *blob, size_t ziplen);
+ int xc_dom_do_gunzip(xc_interface *xch,
+@@ -240,7 +260,8 @@ void xc_dom_log_memory_footprint(struct
+ void *xc_dom_malloc(struct xc_dom_image *dom, size_t size);
+ void *xc_dom_malloc_page_aligned(struct xc_dom_image *dom, size_t size);
+ void *xc_dom_malloc_filemap(struct xc_dom_image *dom,
+- const char *filename, size_t * size);
++ const char *filename, size_t * size,
++ const size_t max_size);
+ char *xc_dom_strdup(struct xc_dom_image *dom, const char *str);
+
+ /* --- alloc memory pool ------------------------------------------- */
+diff -r 40ccbee890e1 -r 537776f51f79 tools/libxc/xc_dom_bzimageloader.c
+--- tools/libxc/xc_dom_bzimageloader.c Thu Oct 25 15:36:32 2012 +0200
++++ tools/libxc/xc_dom_bzimageloader.c Fri Oct 26 16:10:55 2012 +0100
+@@ -47,13 +47,19 @@ static int xc_try_bzip2_decode(
+ char *out_buf;
+ char *tmp_buf;
+ int retval = -1;
+- int outsize;
++ unsigned int outsize;
+ uint64_t total;
+
+ stream.bzalloc = NULL;
+ stream.bzfree = NULL;
+ stream.opaque = NULL;
+
++ if ( dom->kernel_size == 0)
++ {
++ DOMPRINTF("BZIP2: Input is 0 size");
++ return -1;
++ }
++
+ ret = BZ2_bzDecompressInit(&stream, 0, 0);
+ if ( ret != BZ_OK )
+ {
+@@ -66,6 +72,17 @@ static int xc_try_bzip2_decode(
+ * the input buffer to start, and we'll realloc as needed.
+ */
+ outsize = dom->kernel_size;
++
++ /*
++ * stream.avail_in and outsize are unsigned int, while kernel_size
++ * is a size_t. Check we aren't overflowing.
++ */
++ if ( outsize != dom->kernel_size )
++ {
++ DOMPRINTF("BZIP2: Input too large");
++ goto bzip2_cleanup;
++ }
++
+ out_buf = malloc(outsize);
+ if ( out_buf == NULL )
+ {
+@@ -98,13 +115,20 @@ static int xc_try_bzip2_decode(
+ if ( stream.avail_out == 0 )
+ {
+ /* Protect against output buffer overflow */
+- if ( outsize > INT_MAX / 2 )
++ if ( outsize > UINT_MAX / 2 )
+ {
+ DOMPRINTF("BZIP2: output buffer overflow");
+ free(out_buf);
+ goto bzip2_cleanup;
+ }
+
++ if ( xc_dom_kernel_check_size(dom, outsize * 2) )
++ {
++ DOMPRINTF("BZIP2: output too large");
++ free(out_buf);
++ goto bzip2_cleanup;
++ }
++
+ tmp_buf = realloc(out_buf, outsize * 2);
+ if ( tmp_buf == NULL )
+ {
+@@ -172,9 +196,15 @@ static int _xc_try_lzma_decode(
+ unsigned char *out_buf;
+ unsigned char *tmp_buf;
+ int retval = -1;
+- int outsize;
++ size_t outsize;
+ const char *msg;
+
++ if ( dom->kernel_size == 0)
++ {
++ DOMPRINTF("%s: Input is 0 size", what);
++ return -1;
++ }
++
+ /* sigh. We don't know up-front how much memory we are going to need
+ * for the output buffer. Allocate the output buffer to be equal
+ * the input buffer to start, and we'll realloc as needed.
+@@ -244,13 +274,20 @@ static int _xc_try_lzma_decode(
+ if ( stream->avail_out == 0 )
+ {
+ /* Protect against output buffer overflow */
+- if ( outsize > INT_MAX / 2 )
++ if ( outsize > SIZE_MAX / 2 )
+ {
+ DOMPRINTF("%s: output buffer overflow", what);
+ free(out_buf);
+ goto lzma_cleanup;
+ }
+
++ if ( xc_dom_kernel_check_size(dom, outsize * 2) )
++ {
++ DOMPRINTF("%s: output too large", what);
++ free(out_buf);
++ goto lzma_cleanup;
++ }
++
+ tmp_buf = realloc(out_buf, outsize * 2);
+ if ( tmp_buf == NULL )
+ {
+@@ -359,6 +396,12 @@ static int xc_try_lzo1x_decode(
+ 0x89, 0x4c, 0x5a, 0x4f, 0x00, 0x0d, 0x0a, 0x1a, 0x0a
+ };
+
++ /*
++ * lzo_uint should match size_t. Check that this is the case to be
++ * sure we won't overflow various lzo_uint fields.
++ */
++ XC_BUILD_BUG_ON(sizeof(lzo_uint) != sizeof(size_t));
++
+ ret = lzo_init();
+ if ( ret != LZO_E_OK )
+ {
+@@ -438,6 +481,14 @@ static int xc_try_lzo1x_decode(
+ if ( src_len <= 0 || src_len > dst_len || src_len > left )
+ break;
+
++ msg = "Output buffer overflow";
++ if ( *size > SIZE_MAX - dst_len )
++ break;
++
++ msg = "Decompressed image too large";
++ if ( xc_dom_kernel_check_size(dom, *size + dst_len) )
++ break;
++
+ msg = "Failed to (re)alloc memory";
+ tmp_buf = realloc(out_buf, *size + dst_len);
+ if ( tmp_buf == NULL )
+diff -r 40ccbee890e1 -r 537776f51f79 tools/libxc/xc_dom_core.c
+--- tools/libxc/xc_dom_core.c Thu Oct 25 15:36:32 2012 +0200
++++ tools/libxc/xc_dom_core.c Fri Oct 26 16:10:55 2012 +0100
+@@ -159,7 +159,8 @@ void *xc_dom_malloc_page_aligned(struct
+ }
+
+ void *xc_dom_malloc_filemap(struct xc_dom_image *dom,
+- const char *filename, size_t * size)
++ const char *filename, size_t * size,
++ const size_t max_size)
+ {
+ struct xc_dom_mem *block = NULL;
+ int fd = -1;
+@@ -171,6 +172,13 @@ void *xc_dom_malloc_filemap(struct xc_do
+ lseek(fd, 0, SEEK_SET);
+ *size = lseek(fd, 0, SEEK_END);
+
++ if ( max_size && *size > max_size )
++ {
++ xc_dom_panic(dom->xch, XC_OUT_OF_MEMORY,
++ "tried to map file which is too large");
++ goto err;
++ }
++
+ block = malloc(sizeof(*block));
+ if ( block == NULL )
+ goto err;
+@@ -222,6 +230,40 @@ char *xc_dom_strdup(struct xc_dom_image
+ }
+
+ /* ------------------------------------------------------------------------ */
++/* decompression buffer sizing */
++int xc_dom_kernel_check_size(struct xc_dom_image *dom, size_t sz)
++{
++ /* No limit */
++ if ( !dom->max_kernel_size )
++ return 0;
++
++ if ( sz > dom->max_kernel_size )
++ {
++ xc_dom_panic(dom->xch, XC_INVALID_KERNEL,
++ "kernel image too large");
++ return 1;
++ }
++
++ return 0;
++}
++
++int xc_dom_ramdisk_check_size(struct xc_dom_image *dom, size_t sz)
++{
++ /* No limit */
++ if ( !dom->max_ramdisk_size )
++ return 0;
++
++ if ( sz > dom->max_ramdisk_size )
++ {
++ xc_dom_panic(dom->xch, XC_INVALID_KERNEL,
++ "ramdisk image too large");
++ return 1;
++ }
++
++ return 0;
++}
++
++/* ------------------------------------------------------------------------ */
+ /* read files, copy memory blocks, with transparent gunzip */
+
+ size_t xc_dom_check_gzip(xc_interface *xch, void *blob, size_t ziplen)
+@@ -235,7 +277,7 @@ size_t xc_dom_check_gzip(xc_interface *x
+
+ gzlen = blob + ziplen - 4;
+ unziplen = gzlen[3] << 24 | gzlen[2] << 16 | gzlen[1] << 8 | gzlen[0];
+- if ( (unziplen < 0) || (unziplen > (1024*1024*1024)) ) /* 1GB limit */
++ if ( (unziplen < 0) || (unziplen > XC_DOM_DECOMPRESS_MAX) )
+ {
+ xc_dom_printf
+ (xch,
+@@ -288,6 +330,9 @@ int xc_dom_try_gunzip(struct xc_dom_imag
+ if ( unziplen == 0 )
+ return 0;
+
++ if ( xc_dom_kernel_check_size(dom, unziplen) )
++ return 0;
++
+ unzip = xc_dom_malloc(dom, unziplen);
+ if ( unzip == NULL )
+ return -1;
+@@ -588,6 +633,9 @@ struct xc_dom_image *xc_dom_allocate(xc_
+ memset(dom, 0, sizeof(*dom));
+ dom->xch = xch;
+
++ dom->max_kernel_size = XC_DOM_DECOMPRESS_MAX;
++ dom->max_ramdisk_size = XC_DOM_DECOMPRESS_MAX;
++
+ if ( cmdline )
+ dom->cmdline = xc_dom_strdup(dom, cmdline);
+ if ( features )
+@@ -608,10 +656,25 @@ struct xc_dom_image *xc_dom_allocate(xc_
+ return NULL;
+ }
+
++int xc_dom_kernel_max_size(struct xc_dom_image *dom, size_t sz)
++{
++ DOMPRINTF("%s: kernel_max_size=%zx", __FUNCTION__, sz);
++ dom->max_kernel_size = sz;
++ return 0;
++}
++
++int xc_dom_ramdisk_max_size(struct xc_dom_image *dom, size_t sz)
++{
++ DOMPRINTF("%s: ramdisk_max_size=%zx", __FUNCTION__, sz);
++ dom->max_ramdisk_size = sz;
++ return 0;
++}
++
+ int xc_dom_kernel_file(struct xc_dom_image *dom, const char *filename)
+ {
+ DOMPRINTF("%s: filename=\"%s\"", __FUNCTION__, filename);
+- dom->kernel_blob = xc_dom_malloc_filemap(dom, filename, &dom->kernel_size);
++ dom->kernel_blob = xc_dom_malloc_filemap(dom, filename, &dom->kernel_size,
++ dom->max_kernel_size);
+ if ( dom->kernel_blob == NULL )
+ return -1;
+ return xc_dom_try_gunzip(dom, &dom->kernel_blob, &dom->kernel_size);
+@@ -621,7 +684,9 @@ int xc_dom_ramdisk_file(struct xc_dom_im
+ {
+ DOMPRINTF("%s: filename=\"%s\"", __FUNCTION__, filename);
+ dom->ramdisk_blob =
+- xc_dom_malloc_filemap(dom, filename, &dom->ramdisk_size);
++ xc_dom_malloc_filemap(dom, filename, &dom->ramdisk_size,
++ dom->max_ramdisk_size);
++
+ if ( dom->ramdisk_blob == NULL )
+ return -1;
+ // return xc_dom_try_gunzip(dom, &dom->ramdisk_blob, &dom->ramdisk_size);
+@@ -781,7 +846,11 @@ int xc_dom_build_image(struct xc_dom_ima
+ void *ramdiskmap;
+
+ unziplen = xc_dom_check_gzip(dom->xch, dom->ramdisk_blob, dom->ramdisk_size);
++ if ( xc_dom_ramdisk_check_size(dom, unziplen) != 0 )
++ unziplen = 0;
++
+ ramdisklen = unziplen ? unziplen : dom->ramdisk_size;
++
+ if ( xc_dom_alloc_segment(dom, &dom->ramdisk_seg, "ramdisk", 0,
+ ramdisklen) != 0 )
+ goto err;
+
+
View
39 app-emulation/xen-pvgrub/files/xen-4-CVE-2012-6075-XSA-41.patch
@@ -0,0 +1,39 @@
+authorMichael Contreras <michael@inetric.com>
+ Mon, 3 Dec 2012 04:11:22 +0000 (20:11 -0800)
+committerAnthony Liguori <aliguori@us.ibm.com>
+ Mon, 3 Dec 2012 14:14:10 +0000 (08:14 -0600)
+
+The e1000_receive function for the e1000 needs to discard packets longer than
+1522 bytes if the SBP and LPE flags are disabled. The linux driver assumes
+this behavior and allocates memory based on this assumption.
+
+Signed-off-by: Michael Contreras <michael@inetric.com>
+Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
+hw/e1000.c
+
+--- tools/qemu-xen/hw/e1000.c
++++ tools/qemu-xen/hw/e1000.c
+@@ -59,6 +59,9 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL);
+ #define PNPMMIO_SIZE 0x20000
+ #define MIN_BUF_SIZE 60 /* Min. octets in an ethernet frame sans FCS */
+
++/* this is the size past which hardware will drop packets when setting LPE=0 */
++#define MAXIMUM_ETHERNET_VLAN_SIZE 1522
++
+ /*
+ * HW models:
+ * E1000_DEV_ID_82540EM works with Windows and Linux
+@@ -805,6 +808,13 @@ e1000_receive(NetClientState *nc, const uint8_t *buf, size_t size)
+ size = sizeof(min_buf);
+ }
+
++ /* Discard oversized packets if !LPE and !SBP. */
++ if (size > MAXIMUM_ETHERNET_VLAN_SIZE
++ && !(s->mac_reg[RCTL] & E1000_RCTL_LPE)
++ && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) {
++ return size;
++ }
++
+ if (!receive_filter(s, buf, size))
+ return size;
+
View
214 app-emulation/xen-pvgrub/files/xen-4-fix_dotconfig-gcc.patch
@@ -7,7 +7,7 @@ diff -ur xen-4.2.0.orig/extras/mini-os/minios.mk xen-4.2.0/extras/mini-os/minios
# Define some default flags.
# NB. '-Wcast-qual' is nasty, so I omitted it.
-DEF_CFLAGS += -fno-builtin -Wall -Werror -Wredundant-decls -Wno-format -Wno-redundant-decls
-+DEF_CFLAGS += -fno-builtin -Wall -Wredundant-decls -Wno-format -Wno-redundant-decls
++DEF_CFLAGS += -fno-builtin -Wall -Wredundant-decls -Wno-format -Wno-redundant-decls
DEF_CFLAGS += $(call cc-option,$(CC),-fno-stack-protector,)
DEF_CFLAGS += $(call cc-option,$(CC),-fgnu89-inline)
DEF_CFLAGS += -Wstrict-prototypes -Wnested-externs -Wpointer-arith -Winline
@@ -19,7 +19,7 @@ diff -ur xen-4.2.0.orig/tools/libxc/Makefile xen-4.2.0/tools/libxc/Makefile
-include $(XEN_TARGET_ARCH)/Makefile
-CFLAGS += -Werror -Wmissing-prototypes
-+CFLAGS += -Wmissing-prototypes
++CFLAGS += -Wmissing-prototypes
CFLAGS += -I. $(CFLAGS_xeninclude)
# Needed for posix_fadvise64() in xc_linux.c
@@ -27,7 +27,7 @@ diff -ur xen-4.2.0.orig/tools/libxc/Makefile xen-4.2.0/tools/libxc/Makefile
diff -ur xen-4.2.0.orig/Config.mk xen-4.2.0/Config.mk
--- Config.mk 2012-09-17 18:23:12.000000000 +0800
+++ Config.mk 2012-12-05 14:01:10.641260261 +0800
-@@ -7,7 +7,6 @@
+@@ -7,7 +7,6 @@ Drop .config
# fallback for older make
realpath = $(wildcard $(foreach file,$(1),$(shell cd -P $(dir $(file)) && echo "$$PWD/$(notdir $(file))")))
@@ -35,3 +35,211 @@ diff -ur xen-4.2.0.orig/Config.mk xen-4.2.0/Config.mk
# A debug build of Xen and tools?
debug ?= n
+@@ -24,7 +24,7 @@
+
+ # Tools to run on system hosting the build
+ HOSTCC = gcc
+-HOSTCFLAGS = -Wall -Werror -Wstrict-prototypes -O2 -fomit-frame-pointer
++HOSTCFLAGS = -Wstrict-prototypes -O2 -fomit-frame-pointer
+ HOSTCFLAGS += -fno-strict-aliasing
+
+ DISTDIR ?= $(XEN_ROOT)/dist
+@@ -156,7 +156,7 @@
+
+ CFLAGS += -std=gnu99
+
+-CFLAGS += -Wall -Wstrict-prototypes
++CFLAGS += -Wstrict-prototypes
+
+ # Clang complains about macros that expand to 'if ( ( foo == bar ) ) ...'
+ # and is over-zealous with the printf format lint
+diff -ur xen-4.2.1.orig/tools/blktap2/drivers/Makefile xen-4.2.1/tools/blktap2/drivers/Makefile
+--- tools/blktap2/drivers/Makefile 2012-12-17 23:00:11.000000000 +0800
++++ tools/blktap2/drivers/Makefile 2013-01-30 12:31:43.539941099 +0800
+@@ -9,7 +9,7 @@
+ LOCK_UTIL = lock-util
+ INST_DIR = $(SBINDIR)
+
+-CFLAGS += -Werror -g
++CFLAGS += -g
+ CFLAGS += -Wno-unused
+ CFLAGS += -fno-strict-aliasing
+ CFLAGS += -I$(BLKTAP_ROOT)/include -I$(BLKTAP_ROOT)/drivers
+diff -ur xen-4.2.1.orig/tools/debugger/gdbsx/Rules.mk xen-4.2.1/tools/debugger/gdbsx/Rules.mk
+--- tools/debugger/gdbsx/Rules.mk 2012-12-17 23:00:22.000000000 +0800
++++ tools/debugger/gdbsx/Rules.mk 2013-01-30 12:31:43.516941098 +0800
+@@ -1,4 +1,4 @@
+ include $(XEN_ROOT)/tools/Rules.mk
+
+-CFLAGS += -Werror -Wmissing-prototypes
++CFLAGS += -Wmissing-prototypes
+ # (gcc 4.3x and later) -Wconversion -Wno-sign-conversion
+diff -ur xen-4.2.1.orig/tools/debugger/xenitp/Makefile xen-4.2.1/tools/debugger/xenitp/Makefile
+--- tools/debugger/xenitp/Makefile 2012-12-17 23:00:22.000000000 +0800
++++ tools/debugger/xenitp/Makefile 2013-01-30 12:31:43.516941098 +0800
+@@ -1,7 +1,7 @@
+ XEN_ROOT=$(CURDIR)/../../..
+ include $(XEN_ROOT)/tools/Rules.mk
+
+-#CFLAGS += -Werror -g -O0
++#CFLAGS += -g -O0
+
+ CFLAGS += $(CFLAGS_libxenctrl)
+
+diff -ur xen-4.2.1.orig/tools/libaio/harness/Makefile xen-4.2.1/tools/libaio/harness/Makefile
+--- tools/libaio/harness/Makefile 2012-12-17 23:00:35.000000000 +0800
++++ tools/libaio/harness/Makefile 2013-01-30 12:31:43.541941099 +0800
+@@ -4,7 +4,7 @@
+ HARNESS_SRCS:=main.c
+ # io_queue.c
+
+-CFLAGS=-Wall -Werror -g -O -laio
++CFLAGS=-Wall -g -O -laio
+ #-lpthread -lrt
+
+ all: $(PROGS)
+diff -ur xen-4.2.1.orig/tools/libfsimage/Rules.mk xen-4.2.1/tools/libfsimage/Rules.mk
+--- tools/libfsimage/Rules.mk 2012-12-17 23:00:36.000000000 +0800
++++ tools/libfsimage/Rules.mk 2013-01-30 12:31:43.515941097 +0800
+@@ -1,7 +1,7 @@
+ include $(XEN_ROOT)/tools/Rules.mk
+
+ CFLAGS += -Wno-unknown-pragmas -I$(XEN_ROOT)/tools/libfsimage/common/ -DFSIMAGE_FSDIR=\"$(FSDIR)\"
+-CFLAGS += -Werror -D_GNU_SOURCE
++CFLAGS += -D_GNU_SOURCE
+ LDFLAGS += -L../common/
+
+ PIC_OBJS := $(patsubst %.c,%.opic,$(LIB_SRCS-y))
+diff -ur xen-4.2.1.orig/tools/libxl/Makefile xen-4.2.1/tools/libxl/Makefile
+--- tools/libxl/Makefile 2012-12-17 23:01:08.000000000 +0800
++++ tools/libxl/Makefile 2013-01-30 12:31:43.541941099 +0800
+@@ -11,7 +11,7 @@
+ XLUMAJOR = 1.0
+ XLUMINOR = 1
+
+-CFLAGS += -Werror -Wno-format-zero-length -Wmissing-declarations \
++CFLAGS += -Wno-format-zero-length -Wmissing-declarations \
+ -Wno-declaration-after-statement -Wformat-nonliteral
+ CFLAGS += -I. -fPIC
+
+diff -ur xen-4.2.1.orig/tools/qemu-xen/pc-bios/optionrom/Makefile xen-4.2.1/tools/qemu-xen/pc-bios/optionrom/Makefile
+--- tools/qemu-xen/pc-bios/optionrom/Makefile 2012-09-11 02:10:52.000000000 +0800
++++ tools/qemu-xen/pc-bios/optionrom/Makefile 2013-01-30 12:31:43.528941098 +0800
+@@ -9,7 +9,7 @@
+
+ .PHONY : all clean build-all
+
+-CFLAGS := -Wall -Wstrict-prototypes -Werror -fomit-frame-pointer -fno-builtin
++CFLAGS := -Wall -Wstrict-prototypes -fomit-frame-pointer -fno-builtin
+ CFLAGS += -I$(SRC_PATH)
+ CFLAGS += $(call cc-option, $(CFLAGS), -fno-stack-protector)
+ QEMU_CFLAGS = $(CFLAGS)
+diff -ur xen-4.2.1.orig/tools/vtpm/Rules.mk xen-4.2.1/tools/vtpm/Rules.mk
+--- tools/vtpm/Rules.mk 2012-12-17 23:01:35.000000000 +0800
++++ tools/vtpm/Rules.mk 2013-01-30 12:31:43.515941097 +0800
+@@ -6,7 +6,7 @@
+ #
+
+ # General compiler flags
+-CFLAGS = -Werror -g3
++CFLAGS = -g3
+
+ # Generic project files
+ HDRS = $(wildcard *.h)
+diff -ur xen-4.2.1.orig/tools/vtpm_manager/Rules.mk xen-4.2.1/tools/vtpm_manager/Rules.mk
+--- tools/vtpm_manager/Rules.mk 2012-12-17 23:01:35.000000000 +0800
++++ tools/vtpm_manager/Rules.mk 2013-01-30 12:31:43.511941097 +0800
+@@ -6,7 +6,7 @@
+ #
+
+ # General compiler flags
+-CFLAGS = -Werror -g3
++CFLAGS = -g3
+
+ # Generic project files
+ HDRS = $(wildcard *.h)
+diff -ur xen-4.2.1.orig/tools/xenstat/xentop/Makefile xen-4.2.1/tools/xenstat/xentop/Makefile
+--- tools/xenstat/xentop/Makefile 2012-12-17 23:01:35.000000000 +0800
++++ tools/xenstat/xentop/Makefile 2013-01-30 12:31:43.535941098 +0800
+@@ -18,7 +18,7 @@
+ all install xentop:
+ else
+
+-CFLAGS += -DGCC_PRINTF -Wall -Werror $(CFLAGS_libxenstat)
++CFLAGS += -DGCC_PRINTF -Wall $(CFLAGS_libxenstat)
+ LDLIBS += $(LDLIBS_libxenstat) $(CURSES_LIBS) $(SOCKET_LIBS)
+ CFLAGS += -DHOST_$(XEN_OS)
+
+diff -ur xen-4.2.1.orig/xen/arch/arm/Rules.mk xen-4.2.1/xen/arch/arm/Rules.mk
+--- xen/arch/arm/Rules.mk 2012-12-17 23:01:37.000000000 +0800
++++ xen/arch/arm/Rules.mk 2013-01-30 12:31:43.498941097 +0800
+@@ -9,7 +9,7 @@
+ HAS_DEVICE_TREE := y
+
+ CFLAGS += -fno-builtin -fno-common -Wredundant-decls
+-CFLAGS += -iwithprefix include -Werror -Wno-pointer-arith -pipe
++CFLAGS += -iwithprefix include -Wno-pointer-arith -pipe
+ CFLAGS += -I$(BASEDIR)/include
+
+ # Prevent floating-point variables from creeping into Xen.
+diff -ur xen-4.2.1.orig/xen/arch/x86/Rules.mk xen-4.2.1/xen/arch/x86/Rules.mk
+--- xen/arch/x86/Rules.mk 2012-12-17 23:01:37.000000000 +0800
++++ xen/arch/x86/Rules.mk 2013-01-30 12:31:43.490941096 +0800
+@@ -24,7 +24,7 @@
+ endif
+
+ CFLAGS += -fno-builtin -fno-common -Wredundant-decls
+-CFLAGS += -iwithprefix include -Werror -Wno-pointer-arith -pipe
++CFLAGS += -iwithprefix include -Wno-pointer-arith -pipe
+ CFLAGS += -I$(BASEDIR)/include
+ CFLAGS += -I$(BASEDIR)/include/asm-x86/mach-generic
+ CFLAGS += -I$(BASEDIR)/include/asm-x86/mach-default
+diff -ur xen-4.2.1.orig/xen/include/Makefile xen-4.2.1/xen/include/Makefile
+--- xen/include/Makefile 2012-12-17 23:01:55.000000000 +0800
++++ xen/include/Makefile 2013-01-30 12:31:43.502941097 +0800
+@@ -78,7 +78,7 @@
+ all: headers.chk
+
+ headers.chk: $(filter-out public/arch-% public/%ctl.h public/xsm/% public/%hvm/save.h, $(wildcard public/*.h public/*/*.h) $(public-y)) Makefile
+- for i in $(filter %.h,$^); do $(CC) -ansi -include stdint.h -Wall -W -Werror -S -o /dev/null -xc $$i || exit 1; echo $$i; done >$@.new
++ for i in $(filter %.h,$^); do $(CC) -ansi -include stdint.h -Wall -W -S -o /dev/null -xc $$i || exit 1; echo $$i; done >$@.new
+ mv $@.new $@
+
+ endif
+diff -ur xen-4.2.1.orig/tools/tests/mce-test/tools/Makefile xen-4.2.1/tools/tests/mce-test/tools/Makefile
+--- tools/tests/mce-test/tools/Makefile 2012-12-17 23:01:35.000000000 +0800
++++ tools/tests/mce-test/tools/Makefile 2013-01-30 13:01:44.890020152 +0800
+@@ -1,7 +1,7 @@
+ XEN_ROOT=$(CURDIR)/../../../..
+ include $(XEN_ROOT)/tools/Rules.mk
+
+-CFLAGS += -Werror
++CFLAGS +=
+ CFLAGS += $(CFLAGS_libxenctrl)
+ CFLAGS += $(CFLAGS_libxenguest)
+ CFLAGS += $(CFLAGS_libxenstore)
+diff -ur xen-4.2.1.orig/tools/tests/mem-sharing/Makefile xen-4.2.1/tools/tests/mem-sharing/Makefile
+--- tools/tests/mem-sharing/Makefile 2012-12-17 23:01:35.000000000 +0800
++++ tools/tests/mem-sharing/Makefile 2013-01-30 13:01:44.890020152 +0800
+@@ -1,7 +1,7 @@
+ XEN_ROOT=$(CURDIR)/../../..
+ include $(XEN_ROOT)/tools/Rules.mk
+
+-CFLAGS += -Werror
++CFLAGS +=
+
+ CFLAGS += $(CFLAGS_libxenctrl)
+ CFLAGS += $(CFLAGS_xeninclude)
+diff -ur xen-4.2.1.orig/tools/tests/xen-access/Makefile xen-4.2.1/tools/tests/xen-access/Makefile
+--- tools/tests/xen-access/Makefile 2012-12-17 23:01:35.000000000 +0800
++++ tools/tests/xen-access/Makefile 2013-01-30 13:01:44.891020152 +0800
+@@ -1,7 +1,7 @@
+ XEN_ROOT=$(CURDIR)/../../..
+ include $(XEN_ROOT)/tools/Rules.mk
+
+-CFLAGS += -Werror
++CFLAGS +=
+
+ CFLAGS += $(CFLAGS_libxenctrl)
+ CFLAGS += $(CFLAGS_libxenguest)
+
View
41 app-emulation/xen-pvgrub/files/xen-4.2.0-externals.patch
@@ -1,5 +1,46 @@
# Patch Makefile to patch insource newlib,
# Prevent internal downloading of external packages
+diff -ur xen-4.2.0.orig/stubdom/Makefile xen-4.2.0/stubdom/Makefile
+--- stubdom/Makefile 2012-09-17 18:21:17.000000000 +0800
++++ stubdom/Makefile 2012-12-05 14:01:10.694260256 +0800
+@@ -8,30 +8,30 @@
+ include $(XEN_ROOT)/Config.mk
+
+ #ZLIB_URL?=http://www.zlib.net
+-ZLIB_URL=$(XEN_EXTFILES_URL)
++ZLIB_URL=/mnt/gen2/TmpDir/portage/app-emulation/xen-pvgrub-4.2.0/distdir
+ ZLIB_VERSION=1.2.3
+
+ #LIBPCI_URL?=http://www.kernel.org/pub/software/utils/pciutils
+-LIBPCI_URL?=$(XEN_EXTFILES_URL)
++LIBPCI_URL?=/mnt/gen2/TmpDir/portage/app-emulation/xen-pvgrub-4.2.0/distdir
+ LIBPCI_VERSION=2.2.9
+
+ #NEWLIB_URL?=ftp://sources.redhat.com/pub/newlib
+-NEWLIB_URL?=$(XEN_EXTFILES_URL)
++NEWLIB_URL?=/mnt/gen2/TmpDir/portage/app-emulation/xen-pvgrub-4.2.0/distdir
+ NEWLIB_VERSION=1.16.0
+
+ #LWIP_URL?=http://download.savannah.gnu.org/releases/lwip
+-LWIP_URL?=$(XEN_EXTFILES_URL)
++LWIP_URL?=/mnt/gen2/TmpDir/portage/app-emulation/xen-pvgrub-4.2.0/distdir
+ LWIP_VERSION=1.3.0
+
+ #GRUB_URL?=http://alpha.gnu.org/gnu/grub
+-GRUB_URL?=$(XEN_EXTFILES_URL)
++GRUB_URL?=/mnt/gen2/TmpDir/portage/app-emulation/xen-pvgrub-4.2.0/distdir
+ GRUB_VERSION=0.97
+
+-#OCAML_URL?=$(XEN_EXTFILES_URL)
++#OCAML_URL?=/mnt/gen2/TmpDir/portage/app-emulation/xen-pvgrub-4.2.0/distdir
+ OCAML_URL?=http://caml.inria.fr/pub/distrib/ocaml-3.11
+ OCAML_VERSION=3.11.0
+
+-WGET=wget -c
++WGET=cp -t .
+
+ GNU_TARGET_ARCH:=$(XEN_TARGET_ARCH)
+ ifeq ($(XEN_TARGET_ARCH),x86_32)
@@ -95,12 +95,13 @@
##############
View
20 app-emulation/xen-pvgrub/files/xen-4.2.0-jserver.patch
@@ -0,0 +1,20 @@
+diff -ur xen-4.2.0.orig/tools/tests/x86_emulator/Makefile xen-4.2.0/tools/tests/x86_emulator/Makefile
+--- tools/tests/x86_emulator/Makefile 2012-09-17 18:21:19.000000000 +0800
++++ tools/tests/x86_emulator/Makefile 2012-11-24 05:06:24.355778737 +0800
+@@ -14,13 +14,13 @@
+ .PHONY: blowfish.h
+ blowfish.h:
+ rm -f blowfish.bin
+- XEN_TARGET_ARCH=x86_32 make -f blowfish.mk all
++ XEN_TARGET_ARCH=x86_32 $(MAKE) -f blowfish.mk all
+ (echo "static unsigned int blowfish32_code[] = {"; \
+ od -v -t x blowfish.bin | sed 's/^[0-9]* /0x/' | sed 's/ /, 0x/g' | sed 's/$$/,/';\
+ echo "};") >$@
+ rm -f blowfish.bin
+ ifeq ($(XEN_COMPILE_ARCH),x86_64)
+- XEN_TARGET_ARCH=x86_64 make -f blowfish.mk all
++ XEN_TARGET_ARCH=x86_64 $(MAKE) -f blowfish.mk all
+ (echo "static unsigned int blowfish64_code[] = {"; \
+ od -v -t x blowfish.bin | sed 's/^[0-9]* /0x/' | sed 's/ /, 0x/g' | sed 's/$$/,/';\
+ echo "};") >>$@
+
View
118 app-emulation/xen-pvgrub/xen-pvgrub-4.2.0-r1.ebuild
@@ -0,0 +1,118 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-pvgrub/xen-pvgrub-4.2.0-r1.ebuild,v 1.1 2013/01/30 14:12:30 idella4 Exp $
+
+EAPI=4
+PYTHON_DEPEND="2:2.6"
+
+inherit flag-o-matic eutils multilib python toolchain-funcs
+
+XEN_EXTFILES_URL="http://xenbits.xensource.com/xen-extfiles"
+LIBPCI_URL=ftp://atrey.karlin.mff.cuni.cz/pub/linux/pci
+GRUB_URL=mirror://gnu-alpha/grub
+SRC_URI="
+ http://bits.xensource.com/oss-xen/release/${PV}/xen-${PV}.tar.gz
+ $GRUB_URL/grub-0.97.tar.gz
+ $XEN_EXTFILES_URL/zlib-1.2.3.tar.gz
+ $LIBPCI_URL/pciutils-2.2.9.tar.bz2
+ $XEN_EXTFILES_URL/lwip-1.3.0.tar.gz
+ $XEN_EXTFILES_URL/newlib/newlib-1.16.0.tar.gz"
+
+S="${WORKDIR}/xen-${PV}"
+
+DESCRIPTION="allows to boot Xen domU kernels from a menu.lst laying inside guest filesystem"
+HOMEPAGE="http://xen.org/"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="custom-cflags"
+
+DEPEND="sys-devel/gettext"
+
+RDEPEND=">=app-emulation/xen-4.2.0"
+
+pkg_setup() {
+ python_set_active_version 2
+ python_pkg_setup
+}
+
+src_prepare() {
+
+ # if the user *really* wants to use their own custom-cflags, let them
+ if use custom-cflags; then
+ einfo "User wants their own CFLAGS - removing defaults"
+ # try and remove all the default custom-cflags
+ find "${S}" -name Makefile -o -name Rules.mk -o -name Config.mk -exec sed \
+ -e 's/CFLAGS\(.*\)=\(.*\)-O3\(.*\)/CFLAGS\1=\2\3/' \
+ -e 's/CFLAGS\(.*\)=\(.*\)-march=i686\(.*\)/CFLAGS\1=\2\3/' \
+ -e 's/CFLAGS\(.*\)=\(.*\)-fomit-frame-pointer\(.*\)/CFLAGS\1=\2\3/' \
+ -e 's/CFLAGS\(.*\)=\(.*\)-g3*\s\(.*\)/CFLAGS\1=\2 \3/' \
+ -e 's/CFLAGS\(.*\)=\(.*\)-O2\(.*\)/CFLAGS\1=\2\3/' \
+ -i {} \;
+ fi
+
+ #Substitute for internal downloading
+ cp $DISTDIR/zlib-1.2.3.tar.gz \
+ $DISTDIR/pciutils-2.2.9.tar.bz2 \
+ $DISTDIR/lwip-1.3.0.tar.gz \
+ $DISTDIR/newlib-1.16.0.tar.gz \
+ $DISTDIR/grub-0.97.tar.gz \
+ ./stubdom/ || die "files not coped to stubdom"
+ # Note: tip to patch grub gentoo style, for review soon. This is around 1/3.
+# cp "${WORKDIR}"/patch/{00[3-6]_all_grub*,010_all_grub*,01[3-9]_all_grub*,0[6-7]0_all_grub*} \
+# "${WORKDIR}"/patch/{110_all_grub*,300_all_grub*} \
+# stubdom/grub.patches/ || die
+ einfo "files copied to stubdom"
+
+ # Patch the unmergeable newlib, fix most of the leftover gcc QA issues
+ cp "${FILESDIR}"/newlib-implicits.patch stubdom || die
+
+ # Patch stubdom/Makefile to patch insource newlib & prevent internal downloading
+ epatch "${FILESDIR}"/${P/-pvgrub/}-externals.patch
+
+ # Drop .config and Fix gcc-4.6
+ epatch "${FILESDIR}"/${PN/-pvgrub/}-4-fix_dotconfig-gcc.patch
+
+ #Sec patch
+ epatch "${FILESDIR}"/${PN/-pvgrub/}-4-CVE-2012-4544-XSA-25.patch
+}
+
+src_compile() {
+ use custom-cflags || unset CFLAGS
+ if test-flag-CC -fno-strict-overflow; then
+ append-flags -fno-strict-overflow
+ fi
+
+ emake CC="$(tc-getCC)" LD="$(tc-getLD)" -C tools/include
+
+ # TODO; fix those -j1
+ if use x86; then
+ emake -j1 CC="$(tc-getCC)" LD="$(tc-getLD)" \
+ XEN_TARGET_ARCH="x86_32" -C stubdom pv-grub
+ elif use amd64; then
+ emake -j1 CC="$(tc-getCC)" LD="$(tc-getLD)" \
+ XEN_TARGET_ARCH="x86_64" -C stubdom pv-grub
+ if use multilib; then
+ multilib_toolchain_setup x86
+ emake -j1 XEN_TARGET_ARCH="x86_32" -C stubdom pv-grub
+ fi
+ fi
+}
+
+src_install() {
+ if use x86; then
+ emake XEN_TARGET_ARCH="x86_32" DESTDIR="${D}" -C stubdom install-grub
+ fi
+ if use amd64; then
+ emake XEN_TARGET_ARCH="x86_64" DESTDIR="${D}" -C stubdom install-grub
+ if use multilib; then
+ emake XEN_TARGET_ARCH="x86_32" DESTDIR="${D}" -C stubdom install-grub
+ fi
+ fi
+}
+
+pkg_postinst() {
+ elog "Official Xen Guide and the unoffical wiki page:"
+ elog " http://www.gentoo.org/doc/en/xen-guide.xml"
+ elog " http://en.gentoo-wiki.com/wiki/Xen/"
+}
View
8 app-emulation/xen-pvgrub/xen-pvgrub-4.2.0.ebuild
@@ -1,8 +1,8 @@
-# Copyright 1999-2012 Gentoo Foundation
+# Copyright 1999-2013 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-pvgrub/xen-pvgrub-4.2.0.ebuild,v 1.1 2012/12/04 16:31:20 idella4 Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-pvgrub/xen-pvgrub-4.2.0.ebuild,v 1.2 2013/01/30 14:12:30 idella4 Exp $
-EAPI="4"
+EAPI=4
inherit flag-o-matic eutils multilib toolchain-funcs
@@ -29,7 +29,7 @@ IUSE="custom-cflags"
DEPEND="sys-devel/gettext
sys-devel/gcc"
-RDEPEND="=app-emulation/xen-${PV}"
+RDEPEND=">=app-emulation/xen-4.2.0"
src_prepare() {
View
120 app-emulation/xen-pvgrub/xen-pvgrub-4.2.1-r1.ebuild
@@ -0,0 +1,120 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-pvgrub/xen-pvgrub-4.2.1-r1.ebuild,v 1.1 2013/01/30 14:12:30 idella4 Exp $
+
+EAPI=4
+PYTHON_DEPEND="2:2.6"
+
+inherit flag-o-matic eutils multilib python toolchain-funcs
+
+XEN_EXTFILES_URL="http://xenbits.xensource.com/xen-extfiles"
+LIBPCI_URL=ftp://atrey.karlin.mff.cuni.cz/pub/linux/pci
+GRUB_URL=mirror://gnu-alpha/grub
+SRC_URI="
+ http://bits.xensource.com/oss-xen/release/${PV}/xen-${PV}.tar.gz
+ $GRUB_URL/grub-0.97.tar.gz
+ $XEN_EXTFILES_URL/zlib-1.2.3.tar.gz
+ $LIBPCI_URL/pciutils-2.2.9.tar.bz2
+ $XEN_EXTFILES_URL/lwip-1.3.0.tar.gz
+ $XEN_EXTFILES_URL/newlib/newlib-1.16.0.tar.gz"
+
+S="${WORKDIR}/xen-${PV}"
+
+DESCRIPTION="allows to boot Xen domU kernels from a menu.lst laying inside guest filesystem"
+HOMEPAGE="http://xen.org/"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="custom-cflags"
+
+DEPEND="sys-devel/gettext"
+
+RDEPEND=">=app-emulation/xen-4.2.1"
+
+pkg_setup() {
+ python_set_active_version 2
+ python_pkg_setup
+}
+
+src_prepare() {
+
+ # if the user *really* wants to use their own custom-cflags, let them
+ if use custom-cflags; then
+ einfo "User wants their own CFLAGS - removing defaults"
+ # try and remove all the default custom-cflags
+ find "${S}" -name Makefile -o -name Rules.mk -o -name Config.mk -exec sed \
+ -e 's/CFLAGS\(.*\)=\(.*\)-O3\(.*\)/CFLAGS\1=\2\3/' \
+ -e 's/CFLAGS\(.*\)=\(.*\)-march=i686\(.*\)/CFLAGS\1=\2\3/' \
+ -e 's/CFLAGS\(.*\)=\(.*\)-fomit-frame-pointer\(.*\)/CFLAGS\1=\2\3/' \
+ -e 's/CFLAGS\(.*\)=\(.*\)-g3*\s\(.*\)/CFLAGS\1=\2 \3/' \
+ -e 's/CFLAGS\(.*\)=\(.*\)-O2\(.*\)/CFLAGS\1=\2\3/' \
+ -i {} \;
+ fi
+
+ #Substitute for internal downloading
+ cp $DISTDIR/zlib-1.2.3.tar.gz \
+ $DISTDIR/pciutils-2.2.9.tar.bz2 \
+ $DISTDIR/lwip-1.3.0.tar.gz \
+ $DISTDIR/newlib-1.16.0.tar.gz \
+ $DISTDIR/grub-0.97.tar.gz \
+ ./stubdom/ || die "files not coped to stubdom"
+ # Note: tip to patch grub gentoo style, for review soon. This is around 1/3.
+# cp "${WORKDIR}"/patch/{00[3-6]_all_grub*,010_all_grub*,01[3-9]_all_grub*,0[6-7]0_all_grub*} \
+# "${WORKDIR}"/patch/{110_all_grub*,300_all_grub*} \
+# stubdom/grub.patches/ || die
+ einfo "files copied to stubdom"
+
+ # Patch the unmergeable newlib, fix most of the leftover gcc QA issues
+ cp "${FILESDIR}"/newlib-implicits.patch stubdom || die
+
+ # Patch stubdom/Makefile to patch insource newlib & prevent internal downloading
+ epatch "${FILESDIR}"/${P/-pvgrub/}-externals.patch
+
+ # Drop .config and Fix gcc-4.6
+ epatch "${FILESDIR}"/${PN/-pvgrub/}-4-fix_dotconfig-gcc.patch
+
+ # fix jobserver in Makefile
+ epatch "${FILESDIR}"/${PN/-pvgrub/}-4.2.0-jserver.patch
+
+ #Sec patch
+ epatch "${FILESDIR}"/${PN/-pvgrub/}-4-CVE-2012-6075-XSA-41.patch
+}
+
+src_compile() {
+ use custom-cflags || unset CFLAGS
+ if test-flag-CC -fno-strict-overflow; then
+ append-flags -fno-strict-overflow
+ fi
+
+ emake CC="$(tc-getCC)" LD="$(tc-getLD)" -C tools/include
+
+ if use x86; then
+ emake CC="$(tc-getCC)" LD="$(tc-getLD)" \
+ XEN_TARGET_ARCH="x86_32" -C stubdom pv-grub
+ elif use amd64; then
+ emake CC="$(tc-getCC)" LD="$(tc-getLD)" \
+ XEN_TARGET_ARCH="x86_64" -C stubdom pv-grub
+ if use multilib; then
+ multilib_toolchain_setup x86
+ emake XEN_TARGET_ARCH="x86_32" -C stubdom pv-grub
+ fi
+ fi
+}
+
+src_install() {
+ if use x86; then
+ emake XEN_TARGET_ARCH="x86_32" DESTDIR="${D}" -C stubdom install-grub
+ fi
+ if use amd64; then
+ emake XEN_TARGET_ARCH="x86_64" DESTDIR="${D}" -C stubdom install-grub
+ if use multilib; then
+ emake XEN_TARGET_ARCH="x86_32" DESTDIR="${D}" -C stubdom install-grub
+ fi
+ fi
+}
+
+pkg_postinst() {
+ elog "Official Xen Guide and the unoffical wiki page:"
+ elog " http://www.gentoo.org/doc/en/xen-guide.xml"
+ elog " http://en.gentoo-wiki.com/wiki/Xen/"
+}
View
13 app-emulation/xen-pvgrub/xen-pvgrub-4.2.1.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2013 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-pvgrub/xen-pvgrub-4.2.1.ebuild,v 1.1 2013/01/28 05:29:05 idella4 Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-pvgrub/xen-pvgrub-4.2.1.ebuild,v 1.2 2013/01/30 14:12:30 idella4 Exp $
EAPI="4"
@@ -29,7 +29,7 @@ IUSE="custom-cflags"
DEPEND="sys-devel/gettext
sys-devel/gcc"
-RDEPEND="=app-emulation/xen-${PV}"
+RDEPEND=">=app-emulation/xen-4.2.1"
src_prepare() {
@@ -67,6 +67,9 @@ src_prepare() {
# Drop .config and Fix gcc-4.6
epatch "${FILESDIR}"/${PN/-pvgrub/}-4-fix_dotconfig-gcc.patch
+
+ # fix jobserver in Makefile
+ epatch "${FILESDIR}"/${PN/-pvgrub/}-4.2.0-jserver.patch
}
src_compile() {
@@ -79,14 +82,14 @@ src_compile() {
# TODO; fix those -j1
if use x86; then
- emake -j1 CC="$(tc-getCC)" LD="$(tc-getLD)" \
+ emake CC="$(tc-getCC)" LD="$(tc-getLD)" \
XEN_TARGET_ARCH="x86_32" -C stubdom pv-grub
elif use amd64; then
- emake -j1 CC="$(tc-getCC)" LD="$(tc-getLD)" \
+ emake CC="$(tc-getCC)" LD="$(tc-getLD)" \
XEN_TARGET_ARCH="x86_64" -C stubdom pv-grub
if use multilib; then
multilib_toolchain_setup x86
- emake -j1 XEN_TARGET_ARCH="x86_32" -C stubdom pv-grub
+ emake XEN_TARGET_ARCH="x86_32" -C stubdom pv-grub
fi
fi
}
View
50 app-emulation/xen/files/xen-4-CVE-2012-4535-XSA-20.patch
@@ -0,0 +1,50 @@
+
+# HG changeset patch
+# User Ian Jackson <Ian.Jackson@eu.citrix.com>
+# Date 1352892795 0
+# Node ID 788af5959f692ca16942937055afb09b760f2166
+# Parent bdb5cde7f79d77f8578bcd8e24d74d09a2c7caa6
+VCPU/timers: Prevent overflow in calculations, leading to DoS vulnerability
+
+The timer action for a vcpu periodic timer is to calculate the next
+expiry time, and to reinsert itself into the timer queue. If the
+deadline ends up in the past, Xen never leaves __do_softirq(). The
+affected PCPU will stay in an infinite loop until Xen is killed by the
+watchdog (if enabled).
+
+This is a security problem, XSA-20 / CVE-2012-4535.
+
+Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
+Acked-by: Ian Campbell <ian.campbell@citrix.com>
+Committed-by: Ian Jackson <ian.jackson@eu.citrix.com>
+
+xen-unstable changeset: 26148:bf58b94b3cef
+Backport-requested-by: security@xen.org
+Committed-by: Ian Jackson <ian.jackson@eu.citrix.com>
+
+diff -r bdb5cde7f79d -r 788af5959f69 xen/common/domain.c
+--- xen/common/domain.c Wed Nov 14 10:40:41 2012 +0100
++++ xen/common/domain.c Wed Nov 14 11:33:15 2012 +0000
+@@ -882,6 +882,9 @@ long do_vcpu_op(int cmd, int vcpuid, XEN
+ if ( set.period_ns < MILLISECS(1) )
+ return -EINVAL;
+
++ if ( set.period_ns > STIME_DELTA_MAX )
++ return -EINVAL;
++
+ v->periodic_period = set.period_ns;
+ vcpu_force_reschedule(v);
+
+diff -r bdb5cde7f79d -r 788af5959f69 xen/include/xen/time.h
+--- xen/include/xen/time.h Wed Nov 14 10:40:41 2012 +0100
++++ xen/include/xen/time.h Wed Nov 14 11:33:15 2012 +0000
+@@ -55,6 +55,8 @@ struct tm gmtime(unsigned long t);
+ #define MILLISECS(_ms) ((s_time_t)((_ms) * 1000000ULL))
+ #define MICROSECS(_us) ((s_time_t)((_us) * 1000ULL))
+ #define STIME_MAX ((s_time_t)((uint64_t)~0ull>>1))
++/* Chosen so (NOW() + delta) wont overflow without an uptime of 200 years */
++#define STIME_DELTA_MAX ((s_time_t)((uint64_t)~0ull>>2))
+
+ extern void update_vcpu_system_time(struct vcpu *v);
+ extern void update_domain_wallclock_time(struct domain *d);
+
View
50 app-emulation/xen/files/xen-4-CVE-2012-4537-XSA-22.patch
@@ -0,0 +1,50 @@
+# HG changeset patch
+# User Ian Jackson <Ian.Jackson@eu.citrix.com>
+# Date 1352893017 0
+# Node ID 4cffe28427e0c7dbeaa7c109ed393dde0fe026ba
+# Parent 788af5959f692ca16942937055afb09b760f2166
+x86/physmap: Prevent incorrect updates of m2p mappings
+
+In certain conditions, such as low memory, set_p2m_entry() can fail.
+Currently, the p2m and m2p tables will get out of sync because we still
+update the m2p table after the p2m update has failed.
+
+If that happens, subsequent guest-invoked memory operations can cause
+BUG()s and ASSERT()s to kill Xen.
+
+This is fixed by only updating the m2p table iff the p2m was
+successfully updated.
+
+This is a security problem, XSA-22 / CVE-2012-4537.
+
+Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
+Acked-by: Ian Campbell <ian.campbell@citrix.com>
+Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
+Committed-by: Ian Jackson <ian.jackson@eu.citrix.com>
+
+xen-unstable changeset: 26149:6b6a4007a609
+Backport-requested-by: security@xen.org
+Committed-by: Ian Jackson <ian.jackson@eu.citrix.com>
+
+diff -r 788af5959f69 -r 4cffe28427e0 xen/arch/x86/mm/p2m.c
+--- xen/arch/x86/mm/p2m.c Wed Nov 14 11:33:15 2012 +0000
++++ xen/arch/x86/mm/p2m.c Wed Nov 14 11:36:57 2012 +0000
+@@ -654,7 +654,10 @@ guest_physmap_add_entry(struct domain *d
+ if ( mfn_valid(_mfn(mfn)) )
+ {
+ if ( !set_p2m_entry(p2m, gfn, _mfn(mfn), page_order, t, p2m->default_access) )
++ {
+ rc = -EINVAL;
++ goto out; /* Failed to update p2m, bail without updating m2p. */
++ }
+ if ( !p2m_is_grant(t) )
+ {
+ for ( i = 0; i < (1UL << page_order); i++ )
+@@ -677,6 +680,7 @@ guest_physmap_add_entry(struct domain *d
+ }
+ }
+
++out:
+ p2m_unlock(p2m);
+
+ return rc;
View
43 app-emulation/xen/files/xen-4-CVE-2012-4538-XSA-23.patch
@@ -0,0 +1,43 @@
+
+# HG changeset patch
+# User Ian Jackson <Ian.Jackson@eu.citrix.com>
+# Date 1352893365 0
+# Node ID 159080b58dda9d19a5d3be42359e667bdb3e61ca
+# Parent 4cffe28427e0c7dbeaa7c109ed393dde0fe026ba
+xen/mm/shadow: check toplevel pagetables are present before unhooking them.
+
+If the guest has not fully populated its top-level PAE entries when it calls
+HVMOP_pagetable_dying, the shadow code could try to unhook entries from
+MFN 0. Add a check to avoid that case.
+
+This issue was introduced by c/s 21239:b9d2db109cf5.
+
+This is a security problem, XSA-23 / CVE-2012-4538.
+
+Signed-off-by: Tim Deegan <tim@xen.org>
+Tested-by: Andrew Cooper <andrew.cooper3@citrix.com>
+Acked-by: Ian Campbell <ian.campbell@citrix.com>
+Committed-by: Ian Jackson <ian.jackson@eu.citrix.com>
+
+xen-unstable changeset: 26150:c7a01b6450e4
+Backport-requested-by: security@xen.org
+Committed-by: Ian Jackson <ian.jackson@eu.citrix.com>
+
+diff -r 4cffe28427e0 -r 159080b58dda xen/arch/x86/mm/shadow/multi.c
+--- xen/arch/x86/mm/shadow/multi.c Wed Nov 14 11:36:57 2012 +0000
++++ xen/arch/x86/mm/shadow/multi.c Wed Nov 14 11:42:45 2012 +0000
+@@ -4734,8 +4734,12 @@ static void sh_pagetable_dying(struct vc
+ unsigned long gfn;
+ mfn_t smfn, gmfn;
+
+- if ( fast_path )
+- smfn = _mfn(pagetable_get_pfn(v->arch.shadow_table[i]));
++ if ( fast_path ) {
++ if ( pagetable_is_null(v->arch.shadow_table[i]) )
++ smfn = _mfn(INVALID_MFN);
++ else
++ smfn = _mfn(pagetable_get_pfn(v->arch.shadow_table[i]));
++ }
+ else
+ {
+ /* retrieving the l2s */
View
36 app-emulation/xen/files/xen-4-CVE-2012-4539-XSA-24.patch
@@ -0,0 +1,36 @@
+# HG changeset patch
+# User Ian Jackson <Ian.Jackson@eu.citrix.com>
+# Date 1352893567 0
+# Node ID 8ca6372315f826881f9de141ac1227ef962100cf
+# Parent 159080b58dda9d19a5d3be42359e667bdb3e61ca
+compat/gnttab: Prevent infinite loop in compat code
+
+c/s 20281:95ea2052b41b, which introduces Grant Table version 2
+hypercalls introduces a vulnerability whereby the compat hypercall
+handler can fall into an infinite loop.
+
+If the watchdog is enabled, Xen will die after the timeout.
+
+This is a security problem, XSA-24 / CVE-2012-4539.
+
+Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
+Acked-by: Jan Beulich <jbeulich@suse.com>
+Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
+Committed-by: Ian Jackson <ian.jackson@eu.citrix.com>
+
+xen-unstable changeset: 26151:b64a7d868f06
+Backport-requested-by: security@xen.org
+Committed-by: Ian Jackson <ian.jackson@eu.citrix.com>
+
+diff -r 159080b58dda -r 8ca6372315f8 xen/common/compat/grant_table.c
+--- xen/common/compat/grant_table.c Wed Nov 14 11:42:45 2012 +0000
++++ xen/common/compat/grant_table.c Wed Nov 14 11:46:07 2012 +0000
+@@ -318,6 +318,8 @@ int compat_grant_table_op(unsigned int c
+ #undef XLAT_gnttab_get_status_frames_HNDL_frame_list
+ if ( unlikely(__copy_to_guest(cmp_uop, &cmp.get_status, 1)) )
+ rc = -EFAULT;
++ else
++ i = 1;
+ }
+ break;
+ }
View
113 app-emulation/xen/files/xen-4-CVE-2012-5510-XSA-26.patch
@@ -0,0 +1,113 @@
+# HG changeset patch
+# User Jan Beulich <jbeulich@suse.com>
+# Date 1354644138 0
+# Node ID dea7d4e5bfc1627133c0c19706fea1fbc9e5a378
+# Parent 9e13427c023020756768c73217dab05295709fb3
+gnttab: fix releasing of memory upon switches between versions
+
+gnttab_unpopulate_status_frames() incompletely freed the pages
+previously used as status frame in that they did not get removed from
+the domain's xenpage_list, thus causing subsequent list corruption
+when those pages did get allocated again for the same or another purpose.
+
+Similarly, grant_table_create() and gnttab_grow_table() both improperly
+clean up in the event of an error - pages already shared with the guest
+can't be freed by just passing them to free_xenheap_page(). Fix this by
+sharing the pages only after all allocations succeeded.
+
+This is CVE-2012-5510 / XSA-26.
+
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Acked-by: Ian Campbell <ian.campbell@citrix.com>
+Committed-by: Ian Jackson <ian.jackson.citrix.com>
+
+diff -r 9e13427c0230 -r dea7d4e5bfc1 xen/common/grant_table.c
+--- xen/common/grant_table.c Thu Nov 29 16:59:43 2012 +0000
++++ xen/common/grant_table.c Tue Dec 04 18:02:18 2012 +0000
+@@ -1173,12 +1173,13 @@ fault:
+ }
+
+ static int
+-gnttab_populate_status_frames(struct domain *d, struct grant_table *gt)
++gnttab_populate_status_frames(struct domain *d, struct grant_table *gt,
++ unsigned int req_nr_frames)
+ {
+ unsigned i;
+ unsigned req_status_frames;
+
+- req_status_frames = grant_to_status_frames(gt->nr_grant_frames);
++ req_status_frames = grant_to_status_frames(req_nr_frames);
+ for ( i = nr_status_frames(gt); i < req_status_frames; i++ )
+ {
+ if ( (gt->status[i] = alloc_xenheap_page()) == NULL )
+@@ -1209,7 +1210,12 @@ gnttab_unpopulate_status_frames(struct d
+
+ for ( i = 0; i < nr_status_frames(gt); i++ )
+ {
+- page_set_owner(virt_to_page(gt->status[i]), dom_xen);
++ struct page_info *pg = virt_to_page(gt->status[i]);
++
++ BUG_ON(page_get_owner(pg) != d);
++ if ( test_and_clear_bit(_PGC_allocated, &pg->count_info) )
++ put_page(pg);
++ BUG_ON(pg->count_info & ~PGC_xen_heap);
+ free_xenheap_page(gt->status[i]);
+ gt->status[i] = NULL;
+ }
+@@ -1247,19 +1253,18 @@ gnttab_grow_table(struct domain *d, unsi
+ clear_page(gt->shared_raw[i]);
+ }
+
++ /* Status pages - version 2 */
++ if (gt->gt_version > 1)
++ {
++ if ( gnttab_populate_status_frames(d, gt, req_nr_frames) )
++ goto shared_alloc_failed;
++ }
++
+ /* Share the new shared frames with the recipient domain */
+ for ( i = nr_grant_frames(gt); i < req_nr_frames; i++ )
+ gnttab_create_shared_page(d, gt, i);
+-
+ gt->nr_grant_frames = req_nr_frames;
+
+- /* Status pages - version 2 */
+- if (gt->gt_version > 1)
+- {
+- if ( gnttab_populate_status_frames(d, gt) )
+- goto shared_alloc_failed;
+- }
+-
+ return 1;
+
+ shared_alloc_failed:
+@@ -2157,7 +2162,7 @@ gnttab_set_version(XEN_GUEST_HANDLE(gntt
+
+ if ( op.version == 2 && gt->gt_version < 2 )
+ {
+- res = gnttab_populate_status_frames(d, gt);
++ res = gnttab_populate_status_frames(d, gt, nr_grant_frames(gt));
+ if ( res < 0)
+ goto out_unlock;
+ }
+@@ -2600,14 +2605,15 @@ grant_table_create(
+ clear_page(t->shared_raw[i]);
+ }
+
+- for ( i = 0; i < INITIAL_NR_GRANT_FRAMES; i++ )
+- gnttab_create_shared_page(d, t, i);
+-
+ /* Status pages for grant table - for version 2 */
+ t->status = xzalloc_array(grant_status_t *,
+ grant_to_status_frames(max_nr_grant_frames));
+ if ( t->status == NULL )
+ goto no_mem_4;
++
++ for ( i = 0; i < INITIAL_NR_GRANT_FRAMES; i++ )
++ gnttab_create_shared_page(d, t, i);
++
+ t->nr_status_frames = 0;
+
+ /* Okay, install the structure. */
+
+
View
56 app-emulation/xen/files/xen-4-CVE-2012-5513-XSA-29.patch
@@ -0,0 +1,56 @@
+
+# HG changeset patch
+# User Jan Beulich <jbeulich@suse.com>
+# Date 1354644164 0
+# Node ID 83ab3cd0f8e44ad588932aba93d3b5f92a888a08
+# Parent 5771c761ff1bb249dc683d7ec019d76a2a03a048
+xen: add missing guest address range checks to XENMEM_exchange handlers
+
+Ever since its existence (3.0.3 iirc) the handler for this has been
+using non address range checking guest memory accessors (i.e.
+the ones prefixed with two underscores) without first range
+checking the accessed space (via guest_handle_okay()), allowing
+a guest to access and overwrite hypervisor memory.
+
+This is XSA-29 / CVE-2012-5513.
+
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Acked-by: Ian Campbell <ian.campbell@citrix.com>
+Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
+Committed-by: Ian Jackson <ian.jackson.citrix.com>
+
+diff -r 5771c761ff1b -r 83ab3cd0f8e4 xen/common/compat/memory.c
+--- a/xen/common/compat/memory.c Tue Dec 04 18:02:38 2012 +0000
++++ b/xen/common/compat/memory.c Tue Dec 04 18:02:44 2012 +0000
+@@ -115,6 +115,12 @@ int compat_memory_op(unsigned int cmd, X
+ (cmp.xchg.out.nr_extents << cmp.xchg.out.extent_order)) )
+ return -EINVAL;
+
++ if ( !compat_handle_okay(cmp.xchg.in.extent_start,
++ cmp.xchg.in.nr_extents) ||
++ !compat_handle_okay(cmp.xchg.out.extent_start,
++ cmp.xchg.out.nr_extents) )
++ return -EFAULT;
++
+ start_extent = cmp.xchg.nr_exchanged;
+ end_extent = (COMPAT_ARG_XLAT_SIZE - sizeof(*nat.xchg)) /
+ (((1U << ABS(order_delta)) + 1) *
+diff -r 5771c761ff1b -r 83ab3cd0f8e4 xen/common/memory.c
+--- a/xen/common/memory.c Tue Dec 04 18:02:38 2012 +0000
++++ b/xen/common/memory.c Tue Dec 04 18:02:44 2012 +0000
+@@ -308,6 +308,13 @@ static long memory_exchange(XEN_GUEST_HA
+ goto fail_early;
+ }
+
++ if ( !guest_handle_okay(exch.in.extent_start, exch.in.nr_extents) ||
++ !guest_handle_okay(exch.out.extent_start, exch.out.nr_extents) )
++ {
++ rc = -EFAULT;
++ goto fail_early;
++ }
++
+ /* Only privileged guests can allocate multi-page contiguous extents. */
+ if ( !multipage_allocation_permitted(current->domain,
+ exch.in.extent_order) ||
+
+
View
56 app-emulation/xen/files/xen-4-CVE-2012-5514-XSA-30.patch
@@ -0,0 +1,56 @@
+xen: fix error handling of guest_physmap_mark_populate_on_demand()
+
+The only user of the "out" label bypasses a necessary unlock, thus
+enabling the caller to lock up Xen.
+
+Also, the function was never meant to be called by a guest for itself,
+so rather than inspecting the code paths in depth for potential other
+problems this might cause, and adjusting e.g. the non-guest printk()
+in the above error path, just disallow the guest access to it.
+
+Finally, the printk() (considering its potential of spamming the log,
+the more that it's not using XENLOG_GUEST), is being converted to
+P2M_DEBUG(), as debugging is what it apparently was added for in the
+first place.
+
+This is XSA-30 / CVE-2012-5514.
+
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Acked-by: Ian Campbell <ian.campbell@citrix.com>
+Acked-by: George Dunlap <george.dunlap@eu.citrix.com>
+Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
+Committed-by: Ian Jackson <ian.jackson.citrix.com>
+
+diff -r 83ab3cd0f8e4 -r 09a48c5da636 xen/arch/x86/mm/p2m-pod.c
+--- xen/arch/x86/mm/p2m-pod.c Tue Dec 04 18:02:44 2012 +0000
++++ xen/arch/x86/mm/p2m-pod.c Tue Dec 04 18:02:48 2012 +0000
+@@ -1117,6 +1117,9 @@ guest_physmap_mark_populate_on_demand(st
+ mfn_t omfn;
+ int rc = 0;
+
++ if ( !IS_PRIV_FOR(current->domain, d) )
++ return -EPERM;
++
+ if ( !paging_mode_translate(d) )
+ return -EINVAL;
+
+@@ -1135,8 +1138,7 @@ guest_physmap_mark_populate_on_demand(st
+ omfn = p2m->get_entry(p2m, gfn + i, &ot, &a, 0, NULL);
+ if ( p2m_is_ram(ot) )
+ {
+- printk("%s: gfn_to_mfn returned type %d!\n",
+- __func__, ot);
++ P2M_DEBUG("gfn_to_mfn returned type %d!\n", ot);
+ rc = -EBUSY;
+ goto out;
+ }
+@@ -1160,9 +1162,9 @@ guest_physmap_mark_populate_on_demand(st
+ pod_unlock(p2m);
+ }
+
++out:
+ gfn_unlock(p2m, gfn, order);
+
+-out:
+ return rc;
+ }
View
58 app-emulation/xen/files/xen-4-CVE-2012-5515-XSA-31.patch
@@ -0,0 +1,58 @@
+
+# HG changeset patch
+# User Jan Beulich <jbeulich@suse.com>
+# Date 1354644172 0
+# Node ID 2c3f00c5189b9269f9840be93d03f058c8994f6e
+# Parent 09a48c5da6368ac61bdba5ee09253c2b20d7b577
+memop: limit guest specified extent order
+
+Allowing unbounded order values here causes almost unbounded loops
+and/or partially incomplete requests, particularly in PoD code.
+
+The added range checks in populate_physmap(), decrease_reservation(),
+and the "in" one in memory_exchange() architecturally all could use
+PADDR_BITS - PAGE_SHIFT, and are being artificially constrained to
+MAX_ORDER.
+
+This is XSA-31 / CVE-2012-5515.
+
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Acked-by: Tim Deegan <tim@xen.org>
+Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
+Committed-by: Ian Jackson <ian.jackson.citrix.com>
+
+diff -r 09a48c5da636 -r 2c3f00c5189b xen/common/memory.c
+--- xen/common/memory.c Tue Dec 04 18:02:48 2012 +0000
++++ xen/common/memory.c Tue Dec 04 18:02:52 2012 +0000
+@@ -115,7 +115,8 @@ static void populate_physmap(struct memo
+
+ if ( a->memflags & MEMF_populate_on_demand )
+ {
+- if ( guest_physmap_mark_populate_on_demand(d, gpfn,
++ if ( a->extent_order > MAX_ORDER ||
++ guest_physmap_mark_populate_on_demand(d, gpfn,
+ a->extent_order) < 0 )
+ goto out;
+ }
+@@ -235,7 +236,8 @@ static void decrease_reservation(struct
+ xen_pfn_t gmfn;
+
+ if ( !guest_handle_subrange_okay(a->extent_list, a->nr_done,
+- a->nr_extents-1) )
++ a->nr_extents-1) ||
++ a->extent_order > MAX_ORDER )
+ return;
+
+ for ( i = a->nr_done; i < a->nr_extents; i++ )
+@@ -297,6 +299,9 @@ static long memory_exchange(XEN_GUEST_HA
+ if ( (exch.nr_exchanged > exch.in.nr_extents) ||
+ /* Input and output domain identifiers match? */
+ (exch.in.domid != exch.out.domid) ||
++ /* Extent orders are sensible? */
++ (exch.in.extent_order > MAX_ORDER) ||
++ (exch.out.extent_order > MAX_ORDER) ||
+ /* Sizes of input and output lists do not overflow a long? */
+ ((~0UL >> exch.in.extent_order) < exch.in.nr_extents) ||
+ ((~0UL >> exch.out.extent_order) < exch.out.nr_extents) ||
+
+
View
23 app-emulation/xen/files/xen-4-CVE-2012-5525-XSA-32.patch
@@ -0,0 +1,23 @@
+x86: get_page_from_gfn() must return NULL for invalid GFNs
+
+... also in the non-translated case.
+
+This is XSA-32 / CVE-2012-xxxx.
+
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Acked-by: Tim Deegan <tim@xen.org>
+
+diff --git a/xen/include/asm-x86/p2m.h b/xen/include/asm-x86/p2m.h
+index 28be4e8..907a817 100644
+--- xen/include/asm-x86/p2m.h
++++ xen/include/asm-x86/p2m.h
+@@ -384,7 +384,7 @@ static inline struct page_info *get_page_from_gfn(
+ if (t)
+ *t = p2m_ram_rw;
+ page = __mfn_to_page(gfn);
+- return get_page(page, d) ? page : NULL;
++ return mfn_valid(gfn) && get_page(page, d) ? page : NULL;
+ }
+
+
+
View
18 app-emulation/xen/files/xen-4-CVE-2012-5634-XSA-33.patch
@@ -0,0 +1,18 @@
+VT-d: fix interrupt remapping source validation for devices behind legacy bridges
+Using SVT_VERIFY_BUS here doesn't make sense;
+
+native Linux also uses SVT_VERIFY_SID_SQ here instead.
+This is XSA-33 / CVE-2012-5634.
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+
+--- xen/drivers/passthrough/vtd/intremap.c
++++ xen/drivers/passthrough/vtd/intremap.c
+@@ -466,7 +466,7 @@ static void set_msi_source_id(struct pci_dev *pdev, struct iremap_entry *ire)
+ set_ire_sid(ire, SVT_VERIFY_BUS, SQ_ALL_16,
+ (bus << 8) | pdev->bus);
+ else if ( pdev_type(seg, bus, devfn) == DEV_TYPE_LEGACY_PCI_BRIDGE )
+- set_ire_sid(ire, SVT_VERIFY_BUS, SQ_ALL_16,
++ set_ire_sid(ire, SVT_VERIFY_SID_SQ, SQ_ALL_16,
+ PCI_BDF2(bus, devfn));
+ }
+ break;
View
211 app-emulation/xen/files/xen-4-CVE-2013-0151-XSA-27_34_35.patch
@@ -0,0 +1,211 @@
+commit 66141b2e068fa39f28bdda6be05882e323663687
+Author: Michael Young
+Date: Tue Jan 22 22:22:10 2013 +0000
+
+ Security fix from nested virtualization CVE-2013-0151,
+ restore status option to xend which is used by libvirt
+#diff --git a/xsa34-4.2.patch b/xsa34-4.2.patch
+#new file mode 100644
+#index 0000000..f5328ef
+#--- /dev/null
+#+++ xsa34-4.2.patch
+#@@ -0,0 +1,30 @@
+#+x86_32: don't allow use of nested HVM
+#+
+#+There are (indirect) uses of map_domain_page() in the nested HVM code
+#+that are unsafe when not just using the 1:1 mapping.
+#+
+#+This is XSA-34 / CVE-2013-0151.
+#+
+#+Signed-off-by: Jan Beulich
+#+
+#diff --git a/xsa35-4.2-with-xsa34.patch b/xsa35-4.2-with-xsa34.patch
+#new file mode 100644
+#index 0000000..28c6171
+#--- /dev/null
+#+++ xsa35-4.2-with-xsa34.patch
+#@@ -0,0 +1,24 @@
+#+xen: Do not allow guests to enable nested HVM on themselves
+#+
+#+There is no reason for this and doing so exposes a memory leak to
+#+guests. Only toolstacks need write access to this HVM param.
+#+
+#+This is XSA-35 / CVE-2013-0152.
+#+
+#+Signed-off-by: Ian Campbell
+#+Acked-by: Jan Beulich
+#+
+--- xen/arch/x86/hvm/hvm.c
++++ xen/arch/x86/hvm/hvm.c
+@@ -3858,6 +3858,11 @@
+ rc = -EINVAL;
+ break;
+ case HVM_PARAM_NESTEDHVM:
++ if ( !IS_PRIV(current->domain) )
++ {
++ rc = -EPERM;
++ break;
++ }
+ if ( a.value > 1 )
+ rc = -EINVAL;
+ if ( !is_hvm_domain(d) )
+@@ -3926,6 +3926,10 @@ long do_hvm_op(unsigned long op, XEN_GUE
+ rc = -EINVAL;
+ break;
+ case HVM_PARAM_NESTEDHVM:
++#ifdef __i386__
++ if ( a.value )
++ rc = -EINVAL;
++#else
+ if ( a.value > 1 )
+ rc = -EINVAL;
+ if ( !is_hvm_domain(d) )
+@@ -3940,6 +3944,7 @@ long do_hvm_op(unsigned long op, XEN_GUE
+ for_each_vcpu(d, v)
+ if ( rc == 0 )
+ rc = nestedhvm_vcpu_initialise(v);
++#endif
+ break;
+ case HVM_PARAM_BUFIOREQ_EVTCHN:
+ rc = -EINVAL;
+# HG changeset patch
+# User Tim Deegan <tim@xen.org>
+# Date 1354644158 0
+# Node ID 5771c761ff1bb249dc683d7ec019d76a2a03a048
+# Parent dea7d4e5bfc1627133c0c19706fea1fbc9e5a378
+#hvm: Limit the size of large HVM op batches
+#
+#Doing large p2m updates for HVMOP_track_dirty_vram without preemption
+#ties up the physical processor. Integrating preemption into the p2m
+#updates is hard so simply limit to 1GB which is sufficient for a 15000
+#* 15000 * 32bpp framebuffer.
+#
+#For HVMOP_modified_memory and HVMOP_set_mem_type preemptible add the
+#necessary machinery to handle preemption.
+#
+#This is CVE-2012-5511 / XSA-27.
+#
+#Signed-off-by: Tim Deegan <tim@xen.org>
+#Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
+#Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
+#Committed-by: Ian Jackson <ian.jackson.citrix.com>
+#
+#v2: Provide definition of GB to fix x86-32 compile.
+#
+#Signed-off-by: Jan Beulich <JBeulich@suse.com>
+#Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
+diff -r dea7d4e5bfc1 -r 5771c761ff1b xen/arch/x86/hvm/hvm.c
+--- xen/arch/x86/hvm/hvm.c Tue Dec 04 18:02:18 2012 +0000
++++ xen/arch/x86/hvm/hvm.c Tue Dec 04 18:02:38 2012 +0000
+@@ -3969,6 +3969,9 @@ long do_hvm_op(unsigned long op, XEN_GUE
+ if ( !is_hvm_domain(d) )
+ goto param_fail2;
+
++ if ( a.nr > GB(1) >> PAGE_SHIFT )
++ goto param_fail2;
++
+ rc = xsm_hvm_param(d, op);
+ if ( rc )
+ goto param_fail2;
+@@ -3995,7 +3998,6 @@ long do_hvm_op(unsigned long op, XEN_GUE
+ {
+ struct xen_hvm_modified_memory a;
+ struct domain *d;
+- unsigned long pfn;
+
+ if ( copy_from_guest(&a, arg, 1) )
+ return -EFAULT;
+@@ -4022,9 +4024,11 @@ long do_hvm_op(unsigned long op, XEN_GUE
+ if ( !paging_mode_log_dirty(d) )
+ goto param_fail3;
+
+- for ( pfn = a.first_pfn; pfn < a.first_pfn + a.nr; pfn++ )
++ while ( a.nr > 0 )
+ {
++ unsigned long pfn = a.first_pfn;
+ struct page_info *page;
++
+ page = get_page_from_gfn(d, pfn, NULL, P2M_UNSHARE);
+ if ( page )
+ {
+@@ -4034,6 +4038,19 @@ long do_hvm_op(unsigned long op, XEN_GUE
+ sh_remove_shadows(d->vcpu[0], _mfn(page_to_mfn(page)), 1, 0);
+ put_page(page);
+ }
++
++ a.first_pfn++;
++ a.nr--;
++
++ /* Check for continuation if it's not the last interation */
++ if ( a.nr > 0 && hypercall_preempt_check() )
++ {
++ if ( copy_to_guest(arg, &a, 1) )
++ rc = -EFAULT;
++ else
++ rc = -EAGAIN;
++ break;
++ }
+ }
+
+ param_fail3:
+@@ -4089,7 +4106,6 @@ long do_hvm_op(unsigned long op, XEN_GUE
+ {
+ struct xen_hvm_set_mem_type a;
+ struct domain *d;
+- unsigned long pfn;
+
+ /* Interface types to internal p2m types */
+ p2m_type_t memtype[] = {
+@@ -4122,8 +4138,9 @@ long do_hvm_op(unsigned long op, XEN_GUE
+ if ( a.hvmmem_type >= ARRAY_SIZE(memtype) )
+ goto param_fail4;
+
+- for ( pfn = a.first_pfn; pfn < a.first_pfn + a.nr; pfn++ )
++ while ( a.nr )
+ {
++ unsigned long pfn = a.first_pfn;
+ p2m_type_t t;
+ p2m_type_t nt;
+ mfn_t mfn;
+@@ -4163,6 +4180,19 @@ long do_hvm_op(unsigned long op, XEN_GUE
+ }
+ }
+ put_gfn(d, pfn);
++
++ a.first_pfn++;
++ a.nr--;
++
++ /* Check for continuation if it's not the last interation */
++ if ( a.nr > 0 && hypercall_preempt_check() )
++ {
++ if ( copy_to_guest(arg, &a, 1) )
++ rc = -EFAULT;
++ else
++ rc = -EAGAIN;
++ goto param_fail4;
++ }
+ }
+
+ rc = 0;
+diff -r dea7d4e5bfc1 -r 5771c761ff1b xen/include/asm-x86/config.h
+--- xen/include/asm-x86/config.h Tue Dec 04 18:02:18 2012 +0000
++++ xen/include/asm-x86/config.h Tue Dec 04 18:02:38 2012 +0000
+@@ -119,6 +119,9 @@ extern char wakeup_start[];
+ extern unsigned int video_mode, video_flags;
+ extern unsigned short boot_edid_caps;
+ extern unsigned char boot_edid_info[128];
++
++#define GB(_gb) (_gb ## UL << 30)
++
+ #endif
+
+ #define asmlinkage
+@@ -134,7 +137,6 @@ extern unsigned char boot_edid_info[128]
+ #define PML4_ADDR(_slot) \
+ ((((_slot ## UL) >> 8) * 0xffff000000000000UL) | \
+ (_slot ## UL << PML4_ENTRY_BITS))
+-#define GB(_gb) (_gb ## UL << 30)
+ #else
+ #define PML4_ENTRY_BYTES (1 << PML4_ENTRY_BITS)
+ #define PML4_ADDR(_slot) \
+
View
70 app-emulation/xen/files/xen-4-CVE-2013-0151-XSA-34_35.patch
@@ -0,0 +1,70 @@
+commit 66141b2e068fa39f28bdda6be05882e323663687
+Author: Michael Young
+Date: Tue Jan 22 22:22:10 2013 +0000
+
+ Security fix from nested virtualization CVE-2013-0151,
+ restore status option to xend which is used by libvirt
+#diff --git a/xsa34-4.2.patch b/xsa34-4.2.patch
+#new file mode 100644
+#index 0000000..f5328ef
+#--- /dev/null
+#+++ xsa34-4.2.patch
+#@@ -0,0 +1,30 @@
+#+x86_32: don't allow use of nested HVM
+#+
+#+There are (indirect) uses of map_domain_page() in the nested HVM code
+#+that are unsafe when not just using the 1:1 mapping.
+#+
+#+This is XSA-34 / CVE-2013-0151.
+#+
+#+Signed-off-by: Jan Beulich
+#+
+#diff --git a/xsa35-4.2-with-xsa34.patch b/xsa35-4.2-with-xsa34.patch
+#new file mode 100644
+#index 0000000..28c6171
+#--- /dev/null
+#+++ xsa35-4.2-with-xsa34.patch
+#@@ -0,0 +1,24 @@
+#+xen: Do not allow guests to enable nested HVM on themselves
+#+
+#+There is no reason for this and doing so exposes a memory leak to
+#+guests. Only toolstacks need write access to this HVM param.
+#+
+#+This is XSA-35 / CVE-2013-0152.
+#+
+#+Signed-off-by: Ian Campbell
+#+Acked-by: Jan Beulich
+#+
+--- xen/arch/x86/hvm/hvm.c
++++ xen/arch/x86/hvm/hvm.c
+@@ -3858,6 +3858,11 @@
+ rc = -EINVAL;
+ break;
+ case HVM_PARAM_NESTEDHVM:
++ if ( !IS_PRIV(current->domain) )
++ {
++ rc = -EPERM;
++ break;
++ }
+ if ( a.value > 1 )
+ rc = -EINVAL;
+ if ( !is_hvm_domain(d) )
+@@ -3926,6 +3926,10 @@ long do_hvm_op(unsigned long op, XEN_GUE
+ rc = -EINVAL;
+ break;
+ case HVM_PARAM_NESTEDHVM:
++#ifdef __i386__
++ if ( a.value )
++ rc = -EINVAL;
++#else
+ if ( a.value > 1 )
+ rc = -EINVAL;
+ if ( !is_hvm_domain(d) )
+@@ -3940,6 +3944,7 @@ long do_hvm_op(unsigned long op, XEN_GUE
+ for_each_vcpu(d, v)