|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-users] Reg XSA39
Hi,
I am unable to apply this patch on Xen-4.1.4 and seems the file /drivers/xen/netback/common.h doesn't exists. =========== Patch #39 (xsa39-classic-0001-xen-netback-garbage-ring.patch):
+ patch -p1 -s The text leading up to this was: -------------------------- |netback: shutdown the ring if it contains garbage | |A buggy or malicious frontend should not be able to confuse netback.
|If we spot anything which is not as it should be then shutdown the |device and don't try to continue with the ring in a potentially |hostile state. Well behaved and non-hostile frontends will not be
|penalised. | |As well as making the existing checks for such errors fatal also add a |new check that ensures that there isn't an insane number of requests |on the ring (i.e. more than would fit in the ring). If the ring
|contains garbage then previously is was possible to loop over this |insane number, getting an error each time and therefore not generating |any more pending requests and therefore not exiting the loop in
|xen_netbk_tx_build_gops for an externded period. | |Also turn various netdev_dbg calls which no precipitate a fatal error |into netdev_err, they are rate limited because the device is shutdown
|afterwards. | |This fixes at least one known DoS/softlockup of the backend domain. | |Signed-off-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
|Signed-off-by: Jan Beulich <JBeulich@xxxxxxxx> | |--- a/drivers/xen/netback/common.h |+++ b/drivers/xen/netback/common.h --------------------------
File to patch: ================= Any help that would be great! _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxx http://lists.xen.org/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |