| Message ID | 1309450848-24316-1-git-send-email-stefan.bader@canonical.com |
|---|---|
| State | New |
| Headers | show |
On Thu, Jun 30, 2011 at 05:20:48PM +0100, Stefan Bader wrote: > The blkback driver is only used in a dom0, which leaves only Hardy to > be affected. > The Redhat patch consisted of two patches of which the first one was > reverting a change we did not have. > > From cf01fce28f7007bf90723f32efd8cfa3852ef082 Mon Sep 17 00:00:00 2001 > From: Andrew Jones <drjones@redhat.com> > Date: Thu, 30 Jun 2011 16:40:02 +0100 > Subject: [PATCH] xen: don't allow blkback virtual CDROM device > > Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=635638 > Signed-off-by: Jarod Wilson <jarod@redhat.com> > > BugLink: https://bugs.launchpad.net/bugs/803931 > CVE-2010-4238 > > Signed-off-by: Stefan Bader <stefan.bader@canonical.com> > --- > ...-don-t-allow-blkback-virtual-CDROM-device.patch | 42 ++++++++++++++++++++ > 1 files changed, 42 insertions(+), 0 deletions(-) > create mode 100644 debian/binary-custom.d/xen/patchset/026-xen-don-t-allow-blkback-virtual-CDROM-device.patch > > diff --git a/debian/binary-custom.d/xen/patchset/026-xen-don-t-allow-blkback-virtual-CDROM-device.patch b/debian/binary-custom.d/xen/patchset/026-xen-don-t-allow-blkback-virtual-CDROM-device.patch > new file mode 100644 > index 0000000..8aaf63a > --- /dev/null > +++ b/debian/binary-custom.d/xen/patchset/026-xen-don-t-allow-blkback-virtual-CDROM-device.patch > @@ -0,0 +1,42 @@ > +From 4f8bf5ec3db0719abd46454959f5954eb5151ec1 Mon Sep 17 00:00:00 2001 > +From: Andrew Jones <drjones@redhat.com> > +Date: Thu, 2 Dec 2010 17:34:12 -0500 > +Subject: [PATCH] xen: don't allow blkback virtual CDROM device > + > +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=635638 > +Signed-off-by: Jarod Wilson <jarod@redhat.com> > + > +BugLink: https://bugs.launchpad.net/bugs/803931 > +CVE-2010-4238 > + > +Signed-off-by: Stefan Bader <stefan.bader@canonical.com> > +--- > + drivers/xen/blkback/vbd.c | 6 +++--- > + 1 files changed, 3 insertions(+), 3 deletions(-) > + > +diff --git a/drivers/xen/blkback/vbd.c b/drivers/xen/blkback/vbd.c > +index fe10ec8..f6044e0 100644 > +--- a/drivers/xen/blkback/vbd.c > ++++ b/drivers/xen/blkback/vbd.c > +@@ -74,15 +74,15 @@ int vbd_create(blkif_t *blkif, blkif_vdev_t handle, unsigned major, > + > + vbd->bdev = bdev; > + > +- if (vbd->bdev->bd_disk == NULL) { > ++ /* CD-ROMs are not supported by xen blkback */ > ++ if (vbd->bdev->bd_disk == NULL || > ++ vbd->bdev->bd_disk->flags & GENHD_FL_CD) { > + DPRINTK("vbd_creat: device %08x doesn't exist.\n", > + vbd->pdevice); > + vbd_free(vbd); > + return -ENOENT; > + } > + > +- if (vbd->bdev->bd_disk->flags & GENHD_FL_CD) > +- vbd->type |= VDISK_CDROM; > + if (vbd->bdev->bd_disk->flags & GENHD_FL_REMOVABLE) > + vbd->type |= VDISK_REMOVABLE; > + > +-- > +1.7.4.1 > + > -- Ok the CVE does imply that CD ROM support does not work. The patch above appears to correctly convert any attempt to open them to ENOENT. As we also do not expect to be using this as the primary interface to disks in Hardy this should be low risk to existing configurations. Therefore: Acked-by: Andy Whitcroft <apw@canonical.com> -apw
On 06/30/2011 10:20 AM, Stefan Bader wrote: > The blkback driver is only used in a dom0, which leaves only Hardy to > be affected. > The Redhat patch consisted of two patches of which the first one was > reverting a change we did not have. > > From cf01fce28f7007bf90723f32efd8cfa3852ef082 Mon Sep 17 00:00:00 2001 > From: Andrew Jones<drjones@redhat.com> > Date: Thu, 30 Jun 2011 16:40:02 +0100 > Subject: [PATCH] xen: don't allow blkback virtual CDROM device > > Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=635638 > Signed-off-by: Jarod Wilson<jarod@redhat.com> > > BugLink: https://bugs.launchpad.net/bugs/803931 > CVE-2010-4238 > > Signed-off-by: Stefan Bader<stefan.bader@canonical.com> > --- > ...-don-t-allow-blkback-virtual-CDROM-device.patch | 42 ++++++++++++++++++++ > 1 files changed, 42 insertions(+), 0 deletions(-) > create mode 100644 debian/binary-custom.d/xen/patchset/026-xen-don-t-allow-blkback-virtual-CDROM-device.patch > > diff --git a/debian/binary-custom.d/xen/patchset/026-xen-don-t-allow-blkback-virtual-CDROM-device.patch b/debian/binary-custom.d/xen/patchset/026-xen-don-t-allow-blkback-virtual-CDROM-device.patch > new file mode 100644 > index 0000000..8aaf63a > --- /dev/null > +++ b/debian/binary-custom.d/xen/patchset/026-xen-don-t-allow-blkback-virtual-CDROM-device.patch > @@ -0,0 +1,42 @@ > +From 4f8bf5ec3db0719abd46454959f5954eb5151ec1 Mon Sep 17 00:00:00 2001 > +From: Andrew Jones<drjones@redhat.com> > +Date: Thu, 2 Dec 2010 17:34:12 -0500 > +Subject: [PATCH] xen: don't allow blkback virtual CDROM device > + > +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=635638 > +Signed-off-by: Jarod Wilson<jarod@redhat.com> > + > +BugLink: https://bugs.launchpad.net/bugs/803931 > +CVE-2010-4238 > + > +Signed-off-by: Stefan Bader<stefan.bader@canonical.com> > +--- > + drivers/xen/blkback/vbd.c | 6 +++--- > + 1 files changed, 3 insertions(+), 3 deletions(-) > + > +diff --git a/drivers/xen/blkback/vbd.c b/drivers/xen/blkback/vbd.c > +index fe10ec8..f6044e0 100644 > +--- a/drivers/xen/blkback/vbd.c > ++++ b/drivers/xen/blkback/vbd.c > +@@ -74,15 +74,15 @@ int vbd_create(blkif_t *blkif, blkif_vdev_t handle, unsigned major, > + > + vbd->bdev = bdev; > + > +- if (vbd->bdev->bd_disk == NULL) { > ++ /* CD-ROMs are not supported by xen blkback */ > ++ if (vbd->bdev->bd_disk == NULL || > ++ vbd->bdev->bd_disk->flags& GENHD_FL_CD) { > + DPRINTK("vbd_creat: device %08x doesn't exist.\n", > + vbd->pdevice); > + vbd_free(vbd); > + return -ENOENT; > + } > + > +- if (vbd->bdev->bd_disk->flags& GENHD_FL_CD) > +- vbd->type |= VDISK_CDROM; > + if (vbd->bdev->bd_disk->flags& GENHD_FL_REMOVABLE) > + vbd->type |= VDISK_REMOVABLE; > + > +-- > +1.7.4.1 > +
diff --git a/debian/binary-custom.d/xen/patchset/026-xen-don-t-allow-blkback-virtual-CDROM-device.patch b/debian/binary-custom.d/xen/patchset/026-xen-don-t-allow-blkback-virtual-CDROM-device.patch new file mode 100644 index 0000000..8aaf63a --- /dev/null +++ b/debian/binary-custom.d/xen/patchset/026-xen-don-t-allow-blkback-virtual-CDROM-device.patch @@ -0,0 +1,42 @@ +From 4f8bf5ec3db0719abd46454959f5954eb5151ec1 Mon Sep 17 00:00:00 2001 +From: Andrew Jones <drjones@redhat.com> +Date: Thu, 2 Dec 2010 17:34:12 -0500 +Subject: [PATCH] xen: don't allow blkback virtual CDROM device + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=635638 +Signed-off-by: Jarod Wilson <jarod@redhat.com> + +BugLink: https://bugs.launchpad.net/bugs/803931 +CVE-2010-4238 + +Signed-off-by: Stefan Bader <stefan.bader@canonical.com> +--- + drivers/xen/blkback/vbd.c | 6 +++--- + 1 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/drivers/xen/blkback/vbd.c b/drivers/xen/blkback/vbd.c +index fe10ec8..f6044e0 100644 +--- a/drivers/xen/blkback/vbd.c ++++ b/drivers/xen/blkback/vbd.c +@@ -74,15 +74,15 @@ int vbd_create(blkif_t *blkif, blkif_vdev_t handle, unsigned major, + + vbd->bdev = bdev; + +- if (vbd->bdev->bd_disk == NULL) { ++ /* CD-ROMs are not supported by xen blkback */ ++ if (vbd->bdev->bd_disk == NULL || ++ vbd->bdev->bd_disk->flags & GENHD_FL_CD) { + DPRINTK("vbd_creat: device %08x doesn't exist.\n", + vbd->pdevice); + vbd_free(vbd); + return -ENOENT; + } + +- if (vbd->bdev->bd_disk->flags & GENHD_FL_CD) +- vbd->type |= VDISK_CDROM; + if (vbd->bdev->bd_disk->flags & GENHD_FL_REMOVABLE) + vbd->type |= VDISK_REMOVABLE; + +-- +1.7.4.1 +