[meta-virtualization] [PATCH 5/5] xen: for 4.10.0: XSA-253 / CVE-2018-5244 patch
christopher.w.clark at gmail.com
christopher.w.clark at gmail.com
Mon Jan 8 23:12:48 PST 2018
From: Christopher Clark <christopher.w.clark at gmail.com>
Fix a memory leak with MSR emulation on x86.
Signed-off-by: Christopher Clark <christopher.clark6 at baesystems.com>
---
This patch is only required for Xen 4.10.0 and not for Xen 4.9.x.
recipes-extended/xen/files/xsa253.patch | 26 ++++++++++++++++++++++++++
recipes-extended/xen/xen_4.10.0.bb | 2 ++
2 files changed, 28 insertions(+)
create mode 100644 recipes-extended/xen/files/xsa253.patch
diff --git a/recipes-extended/xen/files/xsa253.patch b/recipes-extended/xen/files/xsa253.patch
new file mode 100644
index 0000000..19e4269
--- /dev/null
+++ b/recipes-extended/xen/files/xsa253.patch
@@ -0,0 +1,26 @@
+From: Andrew Cooper <andrew.cooper3 at citrix.com>
+Subject: x86/msr: Free msr_vcpu_policy during vcpu destruction
+
+c/s 4187f79dc7 "x86/msr: introduce struct msr_vcpu_policy" introduced a
+per-vcpu memory allocation, but failed to free it in the clean vcpu
+destruction case.
+
+This is XSA-253
+
+Signed-off-by: Andrew Cooper <andrew.cooper3 at citrix.com>
+Reviewed-by: Jan Beulich <jbeulich at suse.com>
+
+diff --git a/xen/arch/x86/domain.c b/xen/arch/x86/domain.c
+index b17468c..0ae715d 100644
+--- a/xen/arch/x86/domain.c
++++ b/xen/arch/x86/domain.c
+@@ -382,6 +382,9 @@ void vcpu_destroy(struct vcpu *v)
+
+ vcpu_destroy_fpu(v);
+
++ xfree(v->arch.msr);
++ v->arch.msr = NULL;
++
+ if ( !is_idle_domain(v->domain) )
+ vpmu_destroy(v);
+
diff --git a/recipes-extended/xen/xen_4.10.0.bb b/recipes-extended/xen/xen_4.10.0.bb
index 1e14c86..d314b9b 100644
--- a/recipes-extended/xen/xen_4.10.0.bb
+++ b/recipes-extended/xen/xen_4.10.0.bb
@@ -1,7 +1,9 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
require xen.inc
SRC_URI = " \
https://downloads.xenproject.org/release/xen/${PV}/xen-${PV}.tar.gz \
+ file://xsa253.patch \
"
SRC_URI[md5sum] = "ab9d320d02cb40f6b40506aed1a38d58"
--
2.7.4
More information about the meta-virtualization
mailing list