1 |
idella4 13/01/30 14:12:30 |
2 |
|
3 |
Modified: xen-4-fix_dotconfig-gcc.patch |
4 |
xen-4.2.0-externals.patch |
5 |
Added: xen-4-CVE-2012-4544-XSA-25.patch |
6 |
xen-4.2.0-jserver.patch |
7 |
xen-4-CVE-2012-6075-XSA-41.patch |
8 |
Log: |
9 |
revbump; -4.2.0-r1, python eclass added to enable & ensure a py2 build wrt Bug 53930, xen-4-fix_dotconfig-gcc.patch, xen-4.2.0-externals.patch upgraded 1 sec. patch added, -4.2.1-r1 mirrors changes of -4.2.0-r1, -j1 workaround fixed in -jserver.patch also in -4.2.0. |
10 |
|
11 |
(Portage version: 2.1.11.40/cvs/Linux x86_64, signed Manifest commit with key 0xB8072B0D) |
12 |
|
13 |
Revision Changes Path |
14 |
1.2 app-emulation/xen-pvgrub/files/xen-4-fix_dotconfig-gcc.patch |
15 |
|
16 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-pvgrub/files/xen-4-fix_dotconfig-gcc.patch?rev=1.2&view=markup |
17 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-pvgrub/files/xen-4-fix_dotconfig-gcc.patch?rev=1.2&content-type=text/plain |
18 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-pvgrub/files/xen-4-fix_dotconfig-gcc.patch?r1=1.1&r2=1.2 |
19 |
|
20 |
Index: xen-4-fix_dotconfig-gcc.patch |
21 |
=================================================================== |
22 |
RCS file: /var/cvsroot/gentoo-x86/app-emulation/xen-pvgrub/files/xen-4-fix_dotconfig-gcc.patch,v |
23 |
retrieving revision 1.1 |
24 |
retrieving revision 1.2 |
25 |
diff -u -r1.1 -r1.2 |
26 |
--- xen-4-fix_dotconfig-gcc.patch 4 Dec 2012 16:31:20 -0000 1.1 |
27 |
+++ xen-4-fix_dotconfig-gcc.patch 30 Jan 2013 14:12:30 -0000 1.2 |
28 |
@@ -7,7 +7,7 @@ |
29 |
# Define some default flags. |
30 |
# NB. '-Wcast-qual' is nasty, so I omitted it. |
31 |
-DEF_CFLAGS += -fno-builtin -Wall -Werror -Wredundant-decls -Wno-format -Wno-redundant-decls |
32 |
-+DEF_CFLAGS += -fno-builtin -Wall -Wredundant-decls -Wno-format -Wno-redundant-decls |
33 |
++DEF_CFLAGS += -fno-builtin -Wall -Wredundant-decls -Wno-format -Wno-redundant-decls |
34 |
DEF_CFLAGS += $(call cc-option,$(CC),-fno-stack-protector,) |
35 |
DEF_CFLAGS += $(call cc-option,$(CC),-fgnu89-inline) |
36 |
DEF_CFLAGS += -Wstrict-prototypes -Wnested-externs -Wpointer-arith -Winline |
37 |
@@ -19,7 +19,7 @@ |
38 |
-include $(XEN_TARGET_ARCH)/Makefile |
39 |
|
40 |
-CFLAGS += -Werror -Wmissing-prototypes |
41 |
-+CFLAGS += -Wmissing-prototypes |
42 |
++CFLAGS += -Wmissing-prototypes |
43 |
CFLAGS += -I. $(CFLAGS_xeninclude) |
44 |
|
45 |
# Needed for posix_fadvise64() in xc_linux.c |
46 |
@@ -27,7 +27,7 @@ |
47 |
diff -ur xen-4.2.0.orig/Config.mk xen-4.2.0/Config.mk |
48 |
--- Config.mk 2012-09-17 18:23:12.000000000 +0800 |
49 |
+++ Config.mk 2012-12-05 14:01:10.641260261 +0800 |
50 |
-@@ -7,7 +7,6 @@ |
51 |
+@@ -7,7 +7,6 @@ Drop .config |
52 |
# fallback for older make |
53 |
realpath = $(wildcard $(foreach file,$(1),$(shell cd -P $(dir $(file)) && echo "$$PWD/$(notdir $(file))"))) |
54 |
|
55 |
@@ -35,3 +35,211 @@ |
56 |
|
57 |
# A debug build of Xen and tools? |
58 |
debug ?= n |
59 |
+@@ -24,7 +24,7 @@ |
60 |
+ |
61 |
+ # Tools to run on system hosting the build |
62 |
+ HOSTCC = gcc |
63 |
+-HOSTCFLAGS = -Wall -Werror -Wstrict-prototypes -O2 -fomit-frame-pointer |
64 |
++HOSTCFLAGS = -Wstrict-prototypes -O2 -fomit-frame-pointer |
65 |
+ HOSTCFLAGS += -fno-strict-aliasing |
66 |
+ |
67 |
+ DISTDIR ?= $(XEN_ROOT)/dist |
68 |
+@@ -156,7 +156,7 @@ |
69 |
+ |
70 |
+ CFLAGS += -std=gnu99 |
71 |
+ |
72 |
+-CFLAGS += -Wall -Wstrict-prototypes |
73 |
++CFLAGS += -Wstrict-prototypes |
74 |
+ |
75 |
+ # Clang complains about macros that expand to 'if ( ( foo == bar ) ) ...' |
76 |
+ # and is over-zealous with the printf format lint |
77 |
+diff -ur xen-4.2.1.orig/tools/blktap2/drivers/Makefile xen-4.2.1/tools/blktap2/drivers/Makefile |
78 |
+--- tools/blktap2/drivers/Makefile 2012-12-17 23:00:11.000000000 +0800 |
79 |
++++ tools/blktap2/drivers/Makefile 2013-01-30 12:31:43.539941099 +0800 |
80 |
+@@ -9,7 +9,7 @@ |
81 |
+ LOCK_UTIL = lock-util |
82 |
+ INST_DIR = $(SBINDIR) |
83 |
+ |
84 |
+-CFLAGS += -Werror -g |
85 |
++CFLAGS += -g |
86 |
+ CFLAGS += -Wno-unused |
87 |
+ CFLAGS += -fno-strict-aliasing |
88 |
+ CFLAGS += -I$(BLKTAP_ROOT)/include -I$(BLKTAP_ROOT)/drivers |
89 |
+diff -ur xen-4.2.1.orig/tools/debugger/gdbsx/Rules.mk xen-4.2.1/tools/debugger/gdbsx/Rules.mk |
90 |
+--- tools/debugger/gdbsx/Rules.mk 2012-12-17 23:00:22.000000000 +0800 |
91 |
++++ tools/debugger/gdbsx/Rules.mk 2013-01-30 12:31:43.516941098 +0800 |
92 |
+@@ -1,4 +1,4 @@ |
93 |
+ include $(XEN_ROOT)/tools/Rules.mk |
94 |
+ |
95 |
+-CFLAGS += -Werror -Wmissing-prototypes |
96 |
++CFLAGS += -Wmissing-prototypes |
97 |
+ # (gcc 4.3x and later) -Wconversion -Wno-sign-conversion |
98 |
+diff -ur xen-4.2.1.orig/tools/debugger/xenitp/Makefile xen-4.2.1/tools/debugger/xenitp/Makefile |
99 |
+--- tools/debugger/xenitp/Makefile 2012-12-17 23:00:22.000000000 +0800 |
100 |
++++ tools/debugger/xenitp/Makefile 2013-01-30 12:31:43.516941098 +0800 |
101 |
+@@ -1,7 +1,7 @@ |
102 |
+ XEN_ROOT=$(CURDIR)/../../.. |
103 |
+ include $(XEN_ROOT)/tools/Rules.mk |
104 |
+ |
105 |
+-#CFLAGS += -Werror -g -O0 |
106 |
++#CFLAGS += -g -O0 |
107 |
+ |
108 |
+ CFLAGS += $(CFLAGS_libxenctrl) |
109 |
+ |
110 |
+diff -ur xen-4.2.1.orig/tools/libaio/harness/Makefile xen-4.2.1/tools/libaio/harness/Makefile |
111 |
+--- tools/libaio/harness/Makefile 2012-12-17 23:00:35.000000000 +0800 |
112 |
++++ tools/libaio/harness/Makefile 2013-01-30 12:31:43.541941099 +0800 |
113 |
+@@ -4,7 +4,7 @@ |
114 |
+ HARNESS_SRCS:=main.c |
115 |
+ # io_queue.c |
116 |
+ |
117 |
+-CFLAGS=-Wall -Werror -g -O -laio |
118 |
++CFLAGS=-Wall -g -O -laio |
119 |
+ #-lpthread -lrt |
120 |
+ |
121 |
+ all: $(PROGS) |
122 |
+diff -ur xen-4.2.1.orig/tools/libfsimage/Rules.mk xen-4.2.1/tools/libfsimage/Rules.mk |
123 |
+--- tools/libfsimage/Rules.mk 2012-12-17 23:00:36.000000000 +0800 |
124 |
++++ tools/libfsimage/Rules.mk 2013-01-30 12:31:43.515941097 +0800 |
125 |
+@@ -1,7 +1,7 @@ |
126 |
+ include $(XEN_ROOT)/tools/Rules.mk |
127 |
+ |
128 |
+ CFLAGS += -Wno-unknown-pragmas -I$(XEN_ROOT)/tools/libfsimage/common/ -DFSIMAGE_FSDIR=\"$(FSDIR)\" |
129 |
+-CFLAGS += -Werror -D_GNU_SOURCE |
130 |
++CFLAGS += -D_GNU_SOURCE |
131 |
+ LDFLAGS += -L../common/ |
132 |
+ |
133 |
+ PIC_OBJS := $(patsubst %.c,%.opic,$(LIB_SRCS-y)) |
134 |
+diff -ur xen-4.2.1.orig/tools/libxl/Makefile xen-4.2.1/tools/libxl/Makefile |
135 |
+--- tools/libxl/Makefile 2012-12-17 23:01:08.000000000 +0800 |
136 |
++++ tools/libxl/Makefile 2013-01-30 12:31:43.541941099 +0800 |
137 |
+@@ -11,7 +11,7 @@ |
138 |
+ XLUMAJOR = 1.0 |
139 |
+ XLUMINOR = 1 |
140 |
+ |
141 |
+-CFLAGS += -Werror -Wno-format-zero-length -Wmissing-declarations \ |
142 |
++CFLAGS += -Wno-format-zero-length -Wmissing-declarations \ |
143 |
+ -Wno-declaration-after-statement -Wformat-nonliteral |
144 |
+ CFLAGS += -I. -fPIC |
145 |
+ |
146 |
+diff -ur xen-4.2.1.orig/tools/qemu-xen/pc-bios/optionrom/Makefile xen-4.2.1/tools/qemu-xen/pc-bios/optionrom/Makefile |
147 |
+--- tools/qemu-xen/pc-bios/optionrom/Makefile 2012-09-11 02:10:52.000000000 +0800 |
148 |
++++ tools/qemu-xen/pc-bios/optionrom/Makefile 2013-01-30 12:31:43.528941098 +0800 |
149 |
+@@ -9,7 +9,7 @@ |
150 |
+ |
151 |
+ .PHONY : all clean build-all |
152 |
+ |
153 |
+-CFLAGS := -Wall -Wstrict-prototypes -Werror -fomit-frame-pointer -fno-builtin |
154 |
++CFLAGS := -Wall -Wstrict-prototypes -fomit-frame-pointer -fno-builtin |
155 |
+ CFLAGS += -I$(SRC_PATH) |
156 |
+ CFLAGS += $(call cc-option, $(CFLAGS), -fno-stack-protector) |
157 |
+ QEMU_CFLAGS = $(CFLAGS) |
158 |
+diff -ur xen-4.2.1.orig/tools/vtpm/Rules.mk xen-4.2.1/tools/vtpm/Rules.mk |
159 |
+--- tools/vtpm/Rules.mk 2012-12-17 23:01:35.000000000 +0800 |
160 |
++++ tools/vtpm/Rules.mk 2013-01-30 12:31:43.515941097 +0800 |
161 |
+@@ -6,7 +6,7 @@ |
162 |
+ # |
163 |
+ |
164 |
+ # General compiler flags |
165 |
+-CFLAGS = -Werror -g3 |
166 |
++CFLAGS = -g3 |
167 |
+ |
168 |
+ # Generic project files |
169 |
+ HDRS = $(wildcard *.h) |
170 |
+diff -ur xen-4.2.1.orig/tools/vtpm_manager/Rules.mk xen-4.2.1/tools/vtpm_manager/Rules.mk |
171 |
+--- tools/vtpm_manager/Rules.mk 2012-12-17 23:01:35.000000000 +0800 |
172 |
++++ tools/vtpm_manager/Rules.mk 2013-01-30 12:31:43.511941097 +0800 |
173 |
+@@ -6,7 +6,7 @@ |
174 |
+ # |
175 |
+ |
176 |
+ # General compiler flags |
177 |
+-CFLAGS = -Werror -g3 |
178 |
++CFLAGS = -g3 |
179 |
+ |
180 |
+ # Generic project files |
181 |
+ HDRS = $(wildcard *.h) |
182 |
+diff -ur xen-4.2.1.orig/tools/xenstat/xentop/Makefile xen-4.2.1/tools/xenstat/xentop/Makefile |
183 |
+--- tools/xenstat/xentop/Makefile 2012-12-17 23:01:35.000000000 +0800 |
184 |
++++ tools/xenstat/xentop/Makefile 2013-01-30 12:31:43.535941098 +0800 |
185 |
+@@ -18,7 +18,7 @@ |
186 |
+ all install xentop: |
187 |
+ else |
188 |
+ |
189 |
+-CFLAGS += -DGCC_PRINTF -Wall -Werror $(CFLAGS_libxenstat) |
190 |
++CFLAGS += -DGCC_PRINTF -Wall $(CFLAGS_libxenstat) |
191 |
+ LDLIBS += $(LDLIBS_libxenstat) $(CURSES_LIBS) $(SOCKET_LIBS) |
192 |
+ CFLAGS += -DHOST_$(XEN_OS) |
193 |
+ |
194 |
+diff -ur xen-4.2.1.orig/xen/arch/arm/Rules.mk xen-4.2.1/xen/arch/arm/Rules.mk |
195 |
+--- xen/arch/arm/Rules.mk 2012-12-17 23:01:37.000000000 +0800 |
196 |
++++ xen/arch/arm/Rules.mk 2013-01-30 12:31:43.498941097 +0800 |
197 |
+@@ -9,7 +9,7 @@ |
198 |
+ HAS_DEVICE_TREE := y |
199 |
+ |
200 |
+ CFLAGS += -fno-builtin -fno-common -Wredundant-decls |
201 |
+-CFLAGS += -iwithprefix include -Werror -Wno-pointer-arith -pipe |
202 |
++CFLAGS += -iwithprefix include -Wno-pointer-arith -pipe |
203 |
+ CFLAGS += -I$(BASEDIR)/include |
204 |
+ |
205 |
+ # Prevent floating-point variables from creeping into Xen. |
206 |
+diff -ur xen-4.2.1.orig/xen/arch/x86/Rules.mk xen-4.2.1/xen/arch/x86/Rules.mk |
207 |
+--- xen/arch/x86/Rules.mk 2012-12-17 23:01:37.000000000 +0800 |
208 |
++++ xen/arch/x86/Rules.mk 2013-01-30 12:31:43.490941096 +0800 |
209 |
+@@ -24,7 +24,7 @@ |
210 |
+ endif |
211 |
+ |
212 |
+ CFLAGS += -fno-builtin -fno-common -Wredundant-decls |
213 |
+-CFLAGS += -iwithprefix include -Werror -Wno-pointer-arith -pipe |
214 |
++CFLAGS += -iwithprefix include -Wno-pointer-arith -pipe |
215 |
+ CFLAGS += -I$(BASEDIR)/include |
216 |
+ CFLAGS += -I$(BASEDIR)/include/asm-x86/mach-generic |
217 |
+ CFLAGS += -I$(BASEDIR)/include/asm-x86/mach-default |
218 |
+diff -ur xen-4.2.1.orig/xen/include/Makefile xen-4.2.1/xen/include/Makefile |
219 |
+--- xen/include/Makefile 2012-12-17 23:01:55.000000000 +0800 |
220 |
++++ xen/include/Makefile 2013-01-30 12:31:43.502941097 +0800 |
221 |
+@@ -78,7 +78,7 @@ |
222 |
+ all: headers.chk |
223 |
+ |
224 |
+ headers.chk: $(filter-out public/arch-% public/%ctl.h public/xsm/% public/%hvm/save.h, $(wildcard public/*.h public/*/*.h) $(public-y)) Makefile |
225 |
+- for i in $(filter %.h,$^); do $(CC) -ansi -include stdint.h -Wall -W -Werror -S -o /dev/null -xc $$i || exit 1; echo $$i; done >$@.new |
226 |
++ for i in $(filter %.h,$^); do $(CC) -ansi -include stdint.h -Wall -W -S -o /dev/null -xc $$i || exit 1; echo $$i; done >$@.new |
227 |
+ mv $@.new $@ |
228 |
+ |
229 |
+ endif |
230 |
+diff -ur xen-4.2.1.orig/tools/tests/mce-test/tools/Makefile xen-4.2.1/tools/tests/mce-test/tools/Makefile |
231 |
+--- tools/tests/mce-test/tools/Makefile 2012-12-17 23:01:35.000000000 +0800 |
232 |
++++ tools/tests/mce-test/tools/Makefile 2013-01-30 13:01:44.890020152 +0800 |
233 |
+@@ -1,7 +1,7 @@ |
234 |
+ XEN_ROOT=$(CURDIR)/../../../.. |
235 |
+ include $(XEN_ROOT)/tools/Rules.mk |
236 |
+ |
237 |
+-CFLAGS += -Werror |
238 |
++CFLAGS += |
239 |
+ CFLAGS += $(CFLAGS_libxenctrl) |
240 |
+ CFLAGS += $(CFLAGS_libxenguest) |
241 |
+ CFLAGS += $(CFLAGS_libxenstore) |
242 |
+diff -ur xen-4.2.1.orig/tools/tests/mem-sharing/Makefile xen-4.2.1/tools/tests/mem-sharing/Makefile |
243 |
+--- tools/tests/mem-sharing/Makefile 2012-12-17 23:01:35.000000000 +0800 |
244 |
++++ tools/tests/mem-sharing/Makefile 2013-01-30 13:01:44.890020152 +0800 |
245 |
+@@ -1,7 +1,7 @@ |
246 |
+ XEN_ROOT=$(CURDIR)/../../.. |
247 |
+ include $(XEN_ROOT)/tools/Rules.mk |
248 |
+ |
249 |
+-CFLAGS += -Werror |
250 |
++CFLAGS += |
251 |
+ |
252 |
+ CFLAGS += $(CFLAGS_libxenctrl) |
253 |
+ CFLAGS += $(CFLAGS_xeninclude) |
254 |
+diff -ur xen-4.2.1.orig/tools/tests/xen-access/Makefile xen-4.2.1/tools/tests/xen-access/Makefile |
255 |
+--- tools/tests/xen-access/Makefile 2012-12-17 23:01:35.000000000 +0800 |
256 |
++++ tools/tests/xen-access/Makefile 2013-01-30 13:01:44.891020152 +0800 |
257 |
+@@ -1,7 +1,7 @@ |
258 |
+ XEN_ROOT=$(CURDIR)/../../.. |
259 |
+ include $(XEN_ROOT)/tools/Rules.mk |
260 |
+ |
261 |
+-CFLAGS += -Werror |
262 |
++CFLAGS += |
263 |
+ |
264 |
+ CFLAGS += $(CFLAGS_libxenctrl) |
265 |
+ CFLAGS += $(CFLAGS_libxenguest) |
266 |
+ |
267 |
|
268 |
|
269 |
|
270 |
1.3 app-emulation/xen-pvgrub/files/xen-4.2.0-externals.patch |
271 |
|
272 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-pvgrub/files/xen-4.2.0-externals.patch?rev=1.3&view=markup |
273 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-pvgrub/files/xen-4.2.0-externals.patch?rev=1.3&content-type=text/plain |
274 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-pvgrub/files/xen-4.2.0-externals.patch?r1=1.2&r2=1.3 |
275 |
|
276 |
Index: xen-4.2.0-externals.patch |
277 |
=================================================================== |
278 |
RCS file: /var/cvsroot/gentoo-x86/app-emulation/xen-pvgrub/files/xen-4.2.0-externals.patch,v |
279 |
retrieving revision 1.2 |
280 |
retrieving revision 1.3 |
281 |
diff -u -r1.2 -r1.3 |
282 |
--- xen-4.2.0-externals.patch 28 Jan 2013 05:29:05 -0000 1.2 |
283 |
+++ xen-4.2.0-externals.patch 30 Jan 2013 14:12:30 -0000 1.3 |
284 |
@@ -1,5 +1,46 @@ |
285 |
# Patch Makefile to patch insource newlib, |
286 |
# Prevent internal downloading of external packages |
287 |
+diff -ur xen-4.2.0.orig/stubdom/Makefile xen-4.2.0/stubdom/Makefile |
288 |
+--- stubdom/Makefile 2012-09-17 18:21:17.000000000 +0800 |
289 |
++++ stubdom/Makefile 2012-12-05 14:01:10.694260256 +0800 |
290 |
+@@ -8,30 +8,30 @@ |
291 |
+ include $(XEN_ROOT)/Config.mk |
292 |
+ |
293 |
+ #ZLIB_URL?=http://www.zlib.net |
294 |
+-ZLIB_URL=$(XEN_EXTFILES_URL) |
295 |
++ZLIB_URL=/mnt/gen2/TmpDir/portage/app-emulation/xen-pvgrub-4.2.0/distdir |
296 |
+ ZLIB_VERSION=1.2.3 |
297 |
+ |
298 |
+ #LIBPCI_URL?=http://www.kernel.org/pub/software/utils/pciutils |
299 |
+-LIBPCI_URL?=$(XEN_EXTFILES_URL) |
300 |
++LIBPCI_URL?=/mnt/gen2/TmpDir/portage/app-emulation/xen-pvgrub-4.2.0/distdir |
301 |
+ LIBPCI_VERSION=2.2.9 |
302 |
+ |
303 |
+ #NEWLIB_URL?=ftp://sources.redhat.com/pub/newlib |
304 |
+-NEWLIB_URL?=$(XEN_EXTFILES_URL) |
305 |
++NEWLIB_URL?=/mnt/gen2/TmpDir/portage/app-emulation/xen-pvgrub-4.2.0/distdir |
306 |
+ NEWLIB_VERSION=1.16.0 |
307 |
+ |
308 |
+ #LWIP_URL?=http://download.savannah.gnu.org/releases/lwip |
309 |
+-LWIP_URL?=$(XEN_EXTFILES_URL) |
310 |
++LWIP_URL?=/mnt/gen2/TmpDir/portage/app-emulation/xen-pvgrub-4.2.0/distdir |
311 |
+ LWIP_VERSION=1.3.0 |
312 |
+ |
313 |
+ #GRUB_URL?=http://alpha.gnu.org/gnu/grub |
314 |
+-GRUB_URL?=$(XEN_EXTFILES_URL) |
315 |
++GRUB_URL?=/mnt/gen2/TmpDir/portage/app-emulation/xen-pvgrub-4.2.0/distdir |
316 |
+ GRUB_VERSION=0.97 |
317 |
+ |
318 |
+-#OCAML_URL?=$(XEN_EXTFILES_URL) |
319 |
++#OCAML_URL?=/mnt/gen2/TmpDir/portage/app-emulation/xen-pvgrub-4.2.0/distdir |
320 |
+ OCAML_URL?=http://caml.inria.fr/pub/distrib/ocaml-3.11 |
321 |
+ OCAML_VERSION=3.11.0 |
322 |
+ |
323 |
+-WGET=wget -c |
324 |
++WGET=cp -t . |
325 |
+ |
326 |
+ GNU_TARGET_ARCH:=$(XEN_TARGET_ARCH) |
327 |
+ ifeq ($(XEN_TARGET_ARCH),x86_32) |
328 |
@@ -95,12 +95,13 @@ |
329 |
############## |
330 |
|
331 |
|
332 |
|
333 |
|
334 |
1.1 app-emulation/xen-pvgrub/files/xen-4-CVE-2012-4544-XSA-25.patch |
335 |
|
336 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-pvgrub/files/xen-4-CVE-2012-4544-XSA-25.patch?rev=1.1&view=markup |
337 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-pvgrub/files/xen-4-CVE-2012-4544-XSA-25.patch?rev=1.1&content-type=text/plain |
338 |
|
339 |
Index: xen-4-CVE-2012-4544-XSA-25.patch |
340 |
=================================================================== |
341 |
|
342 |
# HG changeset patch |
343 |
# User Ian Jackson <Ian.Jackson@×××××××××.com> |
344 |
# Date 1351264255 -3600 |
345 |
# Node ID 537776f51f79c5789d06f97b363596a197c3e71c |
346 |
# Parent 40ccbee890e1fc053de3046bbc3d13b8ff6f5d63 |
347 |
libxc: builder: limit maximum size of kernel/ramdisk. |
348 |
|
349 |
Allowing user supplied kernels of arbitrary sizes, especially during |
350 |
decompression, can swallow up dom0 memory leading to either virtual |
351 |
address space exhaustion in the builder process or allocation |
352 |
failures/OOM killing of both toolstack and unrelated processes. |
353 |
|
354 |
We disable these checks when building in a stub domain for pvgrub |
355 |
since this uses the guest's own memory and is isolated. |
356 |
|
357 |
Decompression of gzip compressed kernels and ramdisks has been safe |
358 |
since 14954:58205257517d (Xen 3.1.0 onwards). |
359 |
|
360 |
This is XSA-25 / CVE-2012-4544. |
361 |
|
362 |
Also make explicit checks for buffer overflows in various |
363 |
decompression routines. These were already ruled out due to other |
364 |
properties of the code but check them as a belt-and-braces measure. |
365 |
|
366 |
Signed-off-by: Ian Campbell <ian.campbell@××××××.com> |
367 |
Acked-by: Ian Jackson <ian.jackson@×××××××××.com> |
368 |
|
369 |
diff -r 40ccbee890e1 -r 537776f51f79 stubdom/grub/kexec.c |
370 |
--- stubdom/grub/kexec.c Thu Oct 25 15:36:32 2012 +0200 |
371 |
+++ stubdom/grub/kexec.c Fri Oct 26 16:10:55 2012 +0100 |
372 |
@@ -137,6 +137,10 @@ void kexec(void *kernel, long kernel_siz |
373 |
dom = xc_dom_allocate(xc_handle, cmdline, features); |
374 |
dom->allocate = kexec_allocate; |
375 |
|
376 |
+ /* We are using guest owned memory, therefore no limits. */ |
377 |
+ xc_dom_kernel_max_size(dom, 0); |
378 |
+ xc_dom_ramdisk_max_size(dom, 0); |
379 |
+ |
380 |
dom->kernel_blob = kernel; |
381 |
dom->kernel_size = kernel_size; |
382 |
|
383 |
diff -r 40ccbee890e1 -r 537776f51f79 tools/libxc/xc_dom.h |
384 |
--- tools/libxc/xc_dom.h Thu Oct 25 15:36:32 2012 +0200 |
385 |
+++ tools/libxc/xc_dom.h Fri Oct 26 16:10:55 2012 +0100 |
386 |
@@ -55,6 +55,9 @@ struct xc_dom_image { |
387 |
void *ramdisk_blob; |
388 |
size_t ramdisk_size; |
389 |
|
390 |
+ size_t max_kernel_size; |
391 |
+ size_t max_ramdisk_size; |
392 |
+ |
393 |
/* arguments and parameters */ |
394 |
char *cmdline; |
395 |
uint32_t f_requested[XENFEAT_NR_SUBMAPS]; |
396 |
@@ -180,6 +183,23 @@ void xc_dom_release_phys(struct xc_dom_i |
397 |
void xc_dom_release(struct xc_dom_image *dom); |
398 |
int xc_dom_mem_init(struct xc_dom_image *dom, unsigned int mem_mb); |
399 |
|
400 |
+/* Set this larger if you have enormous ramdisks/kernels. Note that |
401 |
+ * you should trust all kernels not to be maliciously large (e.g. to |
402 |
+ * exhaust all dom0 memory) if you do this (see CVE-2012-4544 / |
403 |
+ * XSA-25). You can also set the default independently for |
404 |
+ * ramdisks/kernels in xc_dom_allocate() or call |
405 |
+ * xc_dom_{kernel,ramdisk}_max_size. |
406 |
+ */ |
407 |
+#ifndef XC_DOM_DECOMPRESS_MAX |
408 |
+#define XC_DOM_DECOMPRESS_MAX (1024*1024*1024) /* 1GB */ |
409 |
+#endif |
410 |
+ |
411 |
+int xc_dom_kernel_check_size(struct xc_dom_image *dom, size_t sz); |
412 |
+int xc_dom_kernel_max_size(struct xc_dom_image *dom, size_t sz); |
413 |
+ |
414 |
+int xc_dom_ramdisk_check_size(struct xc_dom_image *dom, size_t sz); |
415 |
+int xc_dom_ramdisk_max_size(struct xc_dom_image *dom, size_t sz); |
416 |
+ |
417 |
size_t xc_dom_check_gzip(xc_interface *xch, |
418 |
void *blob, size_t ziplen); |
419 |
int xc_dom_do_gunzip(xc_interface *xch, |
420 |
@@ -240,7 +260,8 @@ void xc_dom_log_memory_footprint(struct |
421 |
void *xc_dom_malloc(struct xc_dom_image *dom, size_t size); |
422 |
void *xc_dom_malloc_page_aligned(struct xc_dom_image *dom, size_t size); |
423 |
void *xc_dom_malloc_filemap(struct xc_dom_image *dom, |
424 |
- const char *filename, size_t * size); |
425 |
+ const char *filename, size_t * size, |
426 |
+ const size_t max_size); |
427 |
char *xc_dom_strdup(struct xc_dom_image *dom, const char *str); |
428 |
|
429 |
/* --- alloc memory pool ------------------------------------------- */ |
430 |
diff -r 40ccbee890e1 -r 537776f51f79 tools/libxc/xc_dom_bzimageloader.c |
431 |
--- tools/libxc/xc_dom_bzimageloader.c Thu Oct 25 15:36:32 2012 +0200 |
432 |
+++ tools/libxc/xc_dom_bzimageloader.c Fri Oct 26 16:10:55 2012 +0100 |
433 |
@@ -47,13 +47,19 @@ static int xc_try_bzip2_decode( |
434 |
char *out_buf; |
435 |
char *tmp_buf; |
436 |
int retval = -1; |
437 |
- int outsize; |
438 |
+ unsigned int outsize; |
439 |
uint64_t total; |
440 |
|
441 |
stream.bzalloc = NULL; |
442 |
stream.bzfree = NULL; |
443 |
stream.opaque = NULL; |
444 |
|
445 |
+ if ( dom->kernel_size == 0) |
446 |
+ { |
447 |
+ DOMPRINTF("BZIP2: Input is 0 size"); |
448 |
+ return -1; |
449 |
+ } |
450 |
+ |
451 |
ret = BZ2_bzDecompressInit(&stream, 0, 0); |
452 |
if ( ret != BZ_OK ) |
453 |
{ |
454 |
@@ -66,6 +72,17 @@ static int xc_try_bzip2_decode( |
455 |
* the input buffer to start, and we'll realloc as needed. |
456 |
*/ |
457 |
outsize = dom->kernel_size; |
458 |
+ |
459 |
+ /* |
460 |
+ * stream.avail_in and outsize are unsigned int, while kernel_size |
461 |
+ * is a size_t. Check we aren't overflowing. |
462 |
+ */ |
463 |
+ if ( outsize != dom->kernel_size ) |
464 |
+ { |
465 |
+ DOMPRINTF("BZIP2: Input too large"); |
466 |
+ goto bzip2_cleanup; |
467 |
+ } |
468 |
+ |
469 |
out_buf = malloc(outsize); |
470 |
if ( out_buf == NULL ) |
471 |
{ |
472 |
@@ -98,13 +115,20 @@ static int xc_try_bzip2_decode( |
473 |
if ( stream.avail_out == 0 ) |
474 |
{ |
475 |
/* Protect against output buffer overflow */ |
476 |
- if ( outsize > INT_MAX / 2 ) |
477 |
+ if ( outsize > UINT_MAX / 2 ) |
478 |
{ |
479 |
DOMPRINTF("BZIP2: output buffer overflow"); |
480 |
free(out_buf); |
481 |
goto bzip2_cleanup; |
482 |
} |
483 |
|
484 |
+ if ( xc_dom_kernel_check_size(dom, outsize * 2) ) |
485 |
+ { |
486 |
+ DOMPRINTF("BZIP2: output too large"); |
487 |
+ free(out_buf); |
488 |
+ goto bzip2_cleanup; |
489 |
+ } |
490 |
+ |
491 |
tmp_buf = realloc(out_buf, outsize * 2); |
492 |
if ( tmp_buf == NULL ) |
493 |
{ |
494 |
@@ -172,9 +196,15 @@ static int _xc_try_lzma_decode( |
495 |
unsigned char *out_buf; |
496 |
unsigned char *tmp_buf; |
497 |
int retval = -1; |
498 |
- int outsize; |
499 |
+ size_t outsize; |
500 |
const char *msg; |
501 |
|
502 |
+ if ( dom->kernel_size == 0) |
503 |
+ { |
504 |
+ DOMPRINTF("%s: Input is 0 size", what); |
505 |
+ return -1; |
506 |
+ } |
507 |
+ |
508 |
/* sigh. We don't know up-front how much memory we are going to need |
509 |
* for the output buffer. Allocate the output buffer to be equal |
510 |
* the input buffer to start, and we'll realloc as needed. |
511 |
@@ -244,13 +274,20 @@ static int _xc_try_lzma_decode( |
512 |
if ( stream->avail_out == 0 ) |
513 |
{ |
514 |
/* Protect against output buffer overflow */ |
515 |
- if ( outsize > INT_MAX / 2 ) |
516 |
+ if ( outsize > SIZE_MAX / 2 ) |
517 |
{ |
518 |
DOMPRINTF("%s: output buffer overflow", what); |
519 |
free(out_buf); |
520 |
goto lzma_cleanup; |
521 |
} |
522 |
|
523 |
+ if ( xc_dom_kernel_check_size(dom, outsize * 2) ) |
524 |
+ { |
525 |
+ DOMPRINTF("%s: output too large", what); |
526 |
+ free(out_buf); |
527 |
+ goto lzma_cleanup; |
528 |
+ } |
529 |
+ |
530 |
tmp_buf = realloc(out_buf, outsize * 2); |
531 |
if ( tmp_buf == NULL ) |
532 |
{ |
533 |
@@ -359,6 +396,12 @@ static int xc_try_lzo1x_decode( |
534 |
0x89, 0x4c, 0x5a, 0x4f, 0x00, 0x0d, 0x0a, 0x1a, 0x0a |
535 |
}; |
536 |
|
537 |
+ /* |
538 |
+ * lzo_uint should match size_t. Check that this is the case to be |
539 |
+ * sure we won't overflow various lzo_uint fields. |
540 |
+ */ |
541 |
+ XC_BUILD_BUG_ON(sizeof(lzo_uint) != sizeof(size_t)); |
542 |
+ |
543 |
ret = lzo_init(); |
544 |
if ( ret != LZO_E_OK ) |
545 |
{ |
546 |
@@ -438,6 +481,14 @@ static int xc_try_lzo1x_decode( |
547 |
if ( src_len <= 0 || src_len > dst_len || src_len > left ) |
548 |
break; |
549 |
|
550 |
+ msg = "Output buffer overflow"; |
551 |
+ if ( *size > SIZE_MAX - dst_len ) |
552 |
+ break; |
553 |
+ |
554 |
+ msg = "Decompressed image too large"; |
555 |
+ if ( xc_dom_kernel_check_size(dom, *size + dst_len) ) |
556 |
+ break; |
557 |
+ |
558 |
msg = "Failed to (re)alloc memory"; |
559 |
tmp_buf = realloc(out_buf, *size + dst_len); |
560 |
if ( tmp_buf == NULL ) |
561 |
diff -r 40ccbee890e1 -r 537776f51f79 tools/libxc/xc_dom_core.c |
562 |
--- tools/libxc/xc_dom_core.c Thu Oct 25 15:36:32 2012 +0200 |
563 |
+++ tools/libxc/xc_dom_core.c Fri Oct 26 16:10:55 2012 +0100 |
564 |
@@ -159,7 +159,8 @@ void *xc_dom_malloc_page_aligned(struct |
565 |
} |
566 |
|
567 |
void *xc_dom_malloc_filemap(struct xc_dom_image *dom, |
568 |
- const char *filename, size_t * size) |
569 |
+ const char *filename, size_t * size, |
570 |
+ const size_t max_size) |
571 |
{ |
572 |
struct xc_dom_mem *block = NULL; |
573 |
int fd = -1; |
574 |
@@ -171,6 +172,13 @@ void *xc_dom_malloc_filemap(struct xc_do |
575 |
lseek(fd, 0, SEEK_SET); |
576 |
*size = lseek(fd, 0, SEEK_END); |
577 |
|
578 |
+ if ( max_size && *size > max_size ) |
579 |
+ { |
580 |
+ xc_dom_panic(dom->xch, XC_OUT_OF_MEMORY, |
581 |
+ "tried to map file which is too large"); |
582 |
+ goto err; |
583 |
+ } |
584 |
+ |
585 |
block = malloc(sizeof(*block)); |
586 |
if ( block == NULL ) |
587 |
goto err; |
588 |
@@ -222,6 +230,40 @@ char *xc_dom_strdup(struct xc_dom_image |
589 |
} |
590 |
|
591 |
/* ------------------------------------------------------------------------ */ |
592 |
+/* decompression buffer sizing */ |
593 |
+int xc_dom_kernel_check_size(struct xc_dom_image *dom, size_t sz) |
594 |
+{ |
595 |
+ /* No limit */ |
596 |
+ if ( !dom->max_kernel_size ) |
597 |
+ return 0; |
598 |
+ |
599 |
+ if ( sz > dom->max_kernel_size ) |
600 |
+ { |
601 |
+ xc_dom_panic(dom->xch, XC_INVALID_KERNEL, |
602 |
+ "kernel image too large"); |
603 |
+ return 1; |
604 |
+ } |
605 |
+ |
606 |
+ return 0; |
607 |
+} |
608 |
+ |
609 |
+int xc_dom_ramdisk_check_size(struct xc_dom_image *dom, size_t sz) |
610 |
+{ |
611 |
+ /* No limit */ |
612 |
+ if ( !dom->max_ramdisk_size ) |
613 |
+ return 0; |
614 |
+ |
615 |
+ if ( sz > dom->max_ramdisk_size ) |
616 |
+ { |
617 |
+ xc_dom_panic(dom->xch, XC_INVALID_KERNEL, |
618 |
+ "ramdisk image too large"); |
619 |
+ return 1; |
620 |
+ } |
621 |
+ |
622 |
+ return 0; |
623 |
+} |
624 |
+ |
625 |
+/* ------------------------------------------------------------------------ */ |
626 |
/* read files, copy memory blocks, with transparent gunzip */ |
627 |
|
628 |
size_t xc_dom_check_gzip(xc_interface *xch, void *blob, size_t ziplen) |
629 |
@@ -235,7 +277,7 @@ size_t xc_dom_check_gzip(xc_interface *x |
630 |
|
631 |
gzlen = blob + ziplen - 4; |
632 |
unziplen = gzlen[3] << 24 | gzlen[2] << 16 | gzlen[1] << 8 | gzlen[0]; |
633 |
- if ( (unziplen < 0) || (unziplen > (1024*1024*1024)) ) /* 1GB limit */ |
634 |
+ if ( (unziplen < 0) || (unziplen > XC_DOM_DECOMPRESS_MAX) ) |
635 |
{ |
636 |
xc_dom_printf |
637 |
(xch, |
638 |
@@ -288,6 +330,9 @@ int xc_dom_try_gunzip(struct xc_dom_imag |
639 |
if ( unziplen == 0 ) |
640 |
return 0; |
641 |
|
642 |
+ if ( xc_dom_kernel_check_size(dom, unziplen) ) |
643 |
+ return 0; |
644 |
+ |
645 |
unzip = xc_dom_malloc(dom, unziplen); |
646 |
if ( unzip == NULL ) |
647 |
return -1; |
648 |
@@ -588,6 +633,9 @@ struct xc_dom_image *xc_dom_allocate(xc_ |
649 |
memset(dom, 0, sizeof(*dom)); |
650 |
dom->xch = xch; |
651 |
|
652 |
+ dom->max_kernel_size = XC_DOM_DECOMPRESS_MAX; |
653 |
+ dom->max_ramdisk_size = XC_DOM_DECOMPRESS_MAX; |
654 |
+ |
655 |
if ( cmdline ) |
656 |
dom->cmdline = xc_dom_strdup(dom, cmdline); |
657 |
if ( features ) |
658 |
@@ -608,10 +656,25 @@ struct xc_dom_image *xc_dom_allocate(xc_ |
659 |
return NULL; |
660 |
} |
661 |
|
662 |
+int xc_dom_kernel_max_size(struct xc_dom_image *dom, size_t sz) |
663 |
+{ |
664 |
+ DOMPRINTF("%s: kernel_max_size=%zx", __FUNCTION__, sz); |
665 |
+ dom->max_kernel_size = sz; |
666 |
+ return 0; |
667 |
+} |
668 |
+ |
669 |
+int xc_dom_ramdisk_max_size(struct xc_dom_image *dom, size_t sz) |
670 |
+{ |
671 |
+ DOMPRINTF("%s: ramdisk_max_size=%zx", __FUNCTION__, sz); |
672 |
+ dom->max_ramdisk_size = sz; |
673 |
+ return 0; |
674 |
+} |
675 |
+ |
676 |
int xc_dom_kernel_file(struct xc_dom_image *dom, const char *filename) |
677 |
{ |
678 |
DOMPRINTF("%s: filename=\"%s\"", __FUNCTION__, filename); |
679 |
- dom->kernel_blob = xc_dom_malloc_filemap(dom, filename, &dom->kernel_size); |
680 |
+ dom->kernel_blob = xc_dom_malloc_filemap(dom, filename, &dom->kernel_size, |
681 |
+ dom->max_kernel_size); |
682 |
if ( dom->kernel_blob == NULL ) |
683 |
return -1; |
684 |
return xc_dom_try_gunzip(dom, &dom->kernel_blob, &dom->kernel_size); |
685 |
@@ -621,7 +684,9 @@ int xc_dom_ramdisk_file(struct xc_dom_im |
686 |
{ |
687 |
DOMPRINTF("%s: filename=\"%s\"", __FUNCTION__, filename); |
688 |
dom->ramdisk_blob = |
689 |
- xc_dom_malloc_filemap(dom, filename, &dom->ramdisk_size); |
690 |
+ xc_dom_malloc_filemap(dom, filename, &dom->ramdisk_size, |
691 |
+ dom->max_ramdisk_size); |
692 |
+ |
693 |
if ( dom->ramdisk_blob == NULL ) |
694 |
return -1; |
695 |
// return xc_dom_try_gunzip(dom, &dom->ramdisk_blob, &dom->ramdisk_size); |
696 |
@@ -781,7 +846,11 @@ int xc_dom_build_image(struct xc_dom_ima |
697 |
void *ramdiskmap; |
698 |
|
699 |
unziplen = xc_dom_check_gzip(dom->xch, dom->ramdisk_blob, dom->ramdisk_size); |
700 |
+ if ( xc_dom_ramdisk_check_size(dom, unziplen) != 0 ) |
701 |
+ unziplen = 0; |
702 |
+ |
703 |
ramdisklen = unziplen ? unziplen : dom->ramdisk_size; |
704 |
+ |
705 |
if ( xc_dom_alloc_segment(dom, &dom->ramdisk_seg, "ramdisk", 0, |
706 |
ramdisklen) != 0 ) |
707 |
goto err; |
708 |
|
709 |
|
710 |
|
711 |
|
712 |
|
713 |
1.1 app-emulation/xen-pvgrub/files/xen-4.2.0-jserver.patch |
714 |
|
715 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-pvgrub/files/xen-4.2.0-jserver.patch?rev=1.1&view=markup |
716 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-pvgrub/files/xen-4.2.0-jserver.patch?rev=1.1&content-type=text/plain |
717 |
|
718 |
Index: xen-4.2.0-jserver.patch |
719 |
=================================================================== |
720 |
diff -ur xen-4.2.0.orig/tools/tests/x86_emulator/Makefile xen-4.2.0/tools/tests/x86_emulator/Makefile |
721 |
--- tools/tests/x86_emulator/Makefile 2012-09-17 18:21:19.000000000 +0800 |
722 |
+++ tools/tests/x86_emulator/Makefile 2012-11-24 05:06:24.355778737 +0800 |
723 |
@@ -14,13 +14,13 @@ |
724 |
.PHONY: blowfish.h |
725 |
blowfish.h: |
726 |
rm -f blowfish.bin |
727 |
- XEN_TARGET_ARCH=x86_32 make -f blowfish.mk all |
728 |
+ XEN_TARGET_ARCH=x86_32 $(MAKE) -f blowfish.mk all |
729 |
(echo "static unsigned int blowfish32_code[] = {"; \ |
730 |
od -v -t x blowfish.bin | sed 's/^[0-9]* /0x/' | sed 's/ /, 0x/g' | sed 's/$$/,/';\ |
731 |
echo "};") >$@ |
732 |
rm -f blowfish.bin |
733 |
ifeq ($(XEN_COMPILE_ARCH),x86_64) |
734 |
- XEN_TARGET_ARCH=x86_64 make -f blowfish.mk all |
735 |
+ XEN_TARGET_ARCH=x86_64 $(MAKE) -f blowfish.mk all |
736 |
(echo "static unsigned int blowfish64_code[] = {"; \ |
737 |
od -v -t x blowfish.bin | sed 's/^[0-9]* /0x/' | sed 's/ /, 0x/g' | sed 's/$$/,/';\ |
738 |
echo "};") >>$@ |
739 |
|
740 |
|
741 |
|
742 |
|
743 |
1.1 app-emulation/xen-pvgrub/files/xen-4-CVE-2012-6075-XSA-41.patch |
744 |
|
745 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-pvgrub/files/xen-4-CVE-2012-6075-XSA-41.patch?rev=1.1&view=markup |
746 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-pvgrub/files/xen-4-CVE-2012-6075-XSA-41.patch?rev=1.1&content-type=text/plain |
747 |
|
748 |
Index: xen-4-CVE-2012-6075-XSA-41.patch |
749 |
=================================================================== |
750 |
authorMichael Contreras <michael@×××××××.com> |
751 |
Mon, 3 Dec 2012 04:11:22 +0000 (20:11 -0800) |
752 |
committerAnthony Liguori <aliguori@××××××.com> |
753 |
Mon, 3 Dec 2012 14:14:10 +0000 (08:14 -0600) |
754 |
|
755 |
The e1000_receive function for the e1000 needs to discard packets longer than |
756 |
1522 bytes if the SBP and LPE flags are disabled. The linux driver assumes |
757 |
this behavior and allocates memory based on this assumption. |
758 |
|
759 |
Signed-off-by: Michael Contreras <michael@×××××××.com> |
760 |
Signed-off-by: Anthony Liguori <aliguori@××××××.com> |
761 |
hw/e1000.c |
762 |
|
763 |
--- tools/qemu-xen/hw/e1000.c |
764 |
+++ tools/qemu-xen/hw/e1000.c |
765 |
@@ -59,6 +59,9 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL); |
766 |
#define PNPMMIO_SIZE 0x20000 |
767 |
#define MIN_BUF_SIZE 60 /* Min. octets in an ethernet frame sans FCS */ |
768 |
|
769 |
+/* this is the size past which hardware will drop packets when setting LPE=0 */ |
770 |
+#define MAXIMUM_ETHERNET_VLAN_SIZE 1522 |
771 |
+ |
772 |
/* |
773 |
* HW models: |
774 |
* E1000_DEV_ID_82540EM works with Windows and Linux |
775 |
@@ -805,6 +808,13 @@ e1000_receive(NetClientState *nc, const uint8_t *buf, size_t size) |
776 |
size = sizeof(min_buf); |
777 |
} |
778 |
|
779 |
+ /* Discard oversized packets if !LPE and !SBP. */ |
780 |
+ if (size > MAXIMUM_ETHERNET_VLAN_SIZE |
781 |
+ && !(s->mac_reg[RCTL] & E1000_RCTL_LPE) |
782 |
+ && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { |
783 |
+ return size; |
784 |
+ } |
785 |
+ |
786 |
if (!receive_filter(s, buf, size)) |
787 |
return size; |