summaryrefslogtreecommitdiffstats
path: root/utils/xen/xsa-33.patch
diff options
context:
space:
mode:
Diffstat (limited to 'utils/xen/xsa-33.patch')
-rw-r--r--utils/xen/xsa-33.patch21
1 files changed, 21 insertions, 0 deletions
diff --git a/utils/xen/xsa-33.patch b/utils/xen/xsa-33.patch
new file mode 100644
index 0000000000..d0bdeb44ac
--- /dev/null
+++ b/utils/xen/xsa-33.patch
@@ -0,0 +1,21 @@
+VT-d: fix interrupt remapping source validation for devices behind
+legacy bridges
+
+Using SVT_VERIFY_BUS here doesn't make sense; native Linux also
+uses SVT_VERIFY_SID_SQ here instead.
+
+This is XSA-33 / CVE-2012-5634.
+
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+
+--- a/xen/drivers/passthrough/vtd/intremap.c
++++ b/xen/drivers/passthrough/vtd/intremap.c
+@@ -499,7 +499,7 @@ static void set_msi_source_id(struct pci_dev *pdev, struct iremap_entry *ire)
+ set_ire_sid(ire, SVT_VERIFY_BUS, SQ_ALL_16,
+ (bus << 8) | pdev->bus);
+ else if ( pdev_type(bus, devfn) == DEV_TYPE_LEGACY_PCI_BRIDGE )
+- set_ire_sid(ire, SVT_VERIFY_BUS, SQ_ALL_16,
++ set_ire_sid(ire, SVT_VERIFY_SID_SQ, SQ_ALL_16,
+ PCI_BDF2(bus, devfn));
+ }
+ break;