diff options
author | Nicolás Reynolds <fauno@endefensadelsl.org> | 2014-02-08 03:19:20 +0000 |
---|---|---|
committer | Nicolás Reynolds <fauno@endefensadelsl.org> | 2014-02-08 03:19:20 +0000 |
commit | 6940e21aabd50feb977065b28ecaf9ba5e88c5d4 (patch) | |
tree | d94da5c7ff8b2668816cbb0e39af9010cab59463 /kernels/xen/xsa78.patch | |
parent | b4f09e0a566f01cd9a250e2f44423169c70adc94 (diff) |
Sat Feb 8 03:17:55 UTC 2014
Diffstat (limited to 'kernels/xen/xsa78.patch')
-rw-r--r-- | kernels/xen/xsa78.patch | 23 |
1 files changed, 0 insertions, 23 deletions
diff --git a/kernels/xen/xsa78.patch b/kernels/xen/xsa78.patch deleted file mode 100644 index 180506cdd..000000000 --- a/kernels/xen/xsa78.patch +++ /dev/null @@ -1,23 +0,0 @@ -VT-d: fix TLB flushing in dma_pte_clear_one() - -The third parameter of __intel_iommu_iotlb_flush() is to indicate -whether the to be flushed entry was a present one. A few lines before, -we bailed if !dma_pte_present(*pte), so there's no need to check the -flag here again - we can simply always pass TRUE here. - -This is CVE-2013-6375 / XSA-78. - -Suggested-by: Cheng Yueqiang <yqcheng.2008@phdis.smu.edu.sg> -Signed-off-by: Jan Beulich <jbeulich@suse.com> - ---- a/xen/drivers/passthrough/vtd/iommu.c -+++ b/xen/drivers/passthrough/vtd/iommu.c -@@ -646,7 +646,7 @@ static void dma_pte_clear_one(struct dom - iommu_flush_cache_entry(pte, sizeof(struct dma_pte)); - - if ( !this_cpu(iommu_dont_flush_iotlb) ) -- __intel_iommu_iotlb_flush(domain, addr >> PAGE_SHIFT_4K , 0, 1); -+ __intel_iommu_iotlb_flush(domain, addr >> PAGE_SHIFT_4K, 1, 1); - - unmap_vtd_domain_page(page); - |