Re: preparations for 4.8.2

[Lars Kurth <lars.kurth@citrix.com>]

[-- Attachment #1: Type: text/plain, Size: 3166 bytes --]

Hi all,

@Jan: you may want to check the note on XSA-218 and XSA-224

I removed Text::Diff module, which should fix the dependency problem.

I also fixed the script such that it will fetch patches from
http://xenbits.xenproject.org/xsa if the xsa.git has not been checked out
in the location in 

The script still depends on: Getopt, Cwd, File packages, which I hope are
standard.

Crude check
===========
I first ran the scripts using

./match-xsa --version 4 --major 8 --since 1 --xsa xsa-213-225 --getlogs
--html > xsamatch.html

Which checks name signatures only.
Note that 
https://xenproject.org/downloads/xen-archives/xen-project-48-series/xen-481
.html tells us that XSA 212 was applied last.

The output shows that XSA-215 has not been applied. Not a problem, because
XSA-215 applies to 64-bit Xen versions of 4.6 and earlier only.

All the other ones have patches with matching names that have been applied.

Detailed check
==============
I then ran using


./match-xsa --version 4 --major 8 --since 1 --xsa xsa-213-225 --html
--smart > xsamatchsmart.html


which requires that xsa.git is checked out, which has restricted access
(security team members only).

The output shows some problems, for which I used

./match-xsa --version 4 --major 8 --since 1 --xsa xsa-213-225 --html
--smart --debug > xsamatchsmartdebug.html


This then tells me that there are a few real differences between 4.8.2 and
the XSA database

XSA-218: line 32 in the log shows a real difference: see XSA-218-32.png
XSA-224: line 72 in the log shows a real difference: see XSA-224-72a.png &
XSA-224-72b.png


XSA-222: line 51 in the log shows a real difference: this is a known bug
in the tool where the diff file chunks are in a different order

Script Improvements
===================
I can't use --xsadir https://xenbits.xenproject.org/xsa as I can't read
files from a website. I can, fetch the file from
https://xenbits.xenproject.org/xsa via the LWP:Simple package, which I
don't think is installed on Linux distros by default. Alternatively I
could use wget, which may be better.


I will play with this and see whether I can add it.

Cheers
Lars


On 18/07/2017, 14:53, "Wei Liu" <wei.liu2@citrix.com> wrote:

>On Tue, Jul 18, 2017 at 12:21:42PM +0100, Lars Kurth wrote:
>> Wei,
>> I attached the list output from xsa-list-send starting from 206
>> If you look at 
>> 
>>https://xenproject.org/downloads/xen-archives/xen-project-48-series/xen-4
>>81
>> .html, you may want to start using from 213+
>
>[$]> ./match-xsa --version 4 --major 8 --since 2 --getlogs --xsa xsa-225
>Can't locate Text/Diff.pm in @INC (you may need to install the
>Text::Diff module) (@INC contains: /etc/perl
>/usr/local/lib/x86_64-linux-gnu/perl/5.24.1 /usr/local/share/perl/5.24.1
>/usr/lib/x86_64-linux-gnu/perl5/5.24 /usr/share/perl5
>/usr/lib/x86_64-linux-gnu/perl/5.24 /usr/share/perl/5.24
>/usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base) at
>./match-xsa line 14.
>BEGIN failed--compilation aborted at ./match-xsa line 14.
>
>Would be useful to give a list of perl modules required.


[-- Attachment #2: xsa-213-225 --]
[-- Type: application/octet-stream, Size: 7377 bytes --]

213	xsa213.patch		multicall: deal with early exit conditions
213	xsa213-4.5.patch		multicall: deal with early exit conditions
213	xsa213-4.6.patch		multicall: deal with early exit conditions
213	xsa213-4.7.patch		multicall: deal with early exit conditions
213	xsa213-4.8.patch		multicall: deal with early exit conditions
214	xsa214.patch		x86: discard type information when stealing pages
215	xsa215.patch		x86: correct create_bounce_frame
216	xsa216-linux-2.6.18-xen.patch		blkback/blktap: don't leak stack data via response ring
216	xsa216-linux-4.4.patch		xen-blkback: don't leak stack data via response ring
216	xsa216-linux-4.11.patch		xen-blkback: don't leak stack data via response ring
216	xsa216-qemuu.patch		xen/disk: don't leak stack data via response ring
216	xsa216-qemuu-4.5.patch		xen/disk: don't leak stack data via response ring
216	xsa216-qemuu-4.7.patch		xen/disk: don't leak stack data via response ring
217	xsa217.patch		x86/mm: disallow page stealing from HVM domains
217	xsa217-4.5.patch		x86/mm: disallow page stealing from HVM domains
218	xsa218-unstable/0001-gnttab-fix-unmap-pin-accounting-race.patch		gnttab: fix unmap pin accounting race
218	xsa218-unstable/0002-gnttab-Avoid-potential-double-put-of-maptrack-entry.patch		gnttab: Avoid potential double-put of maptrack entry
218	xsa218-unstable/0003-gnttab-correct-maptrack-table-accesses.patch		gnttab: correct maptrack table accesses
218	xsa218-4.5/0001-IOMMU-handle-IOMMU-mapping-and-unmapping-failures.patch		IOMMU: handle IOMMU mapping and unmapping failures
218	xsa218-4.5/0002-gnttab-fix-unmap-pin-accounting-race.patch		gnttab: fix unmap pin accounting race
218	xsa218-4.5/0003-gnttab-Avoid-potential-double-put-of-maptrack-entry.patch		gnttab: Avoid potential double-put of maptrack entry
218	xsa218-4.5/0004-gnttab-correct-maptrack-table-accesses.patch		gnttab: correct maptrack table accesses
218	xsa218-4.6/0001-IOMMU-handle-IOMMU-mapping-and-unmapping-failures.patch		IOMMU: handle IOMMU mapping and unmapping failures
218	xsa218-4.6/0002-gnttab-fix-unmap-pin-accounting-race.patch		gnttab: fix unmap pin accounting race
218	xsa218-4.6/0003-gnttab-Avoid-potential-double-put-of-maptrack-entry.patch		gnttab: Avoid potential double-put of maptrack entry
218	xsa218-4.6/0004-gnttab-correct-maptrack-table-accesses.patch		gnttab: correct maptrack table accesses
218	xsa218-4.7/0001-IOMMU-handle-IOMMU-mapping-and-unmapping-failures.patch		IOMMU: handle IOMMU mapping and unmapping failures
218	xsa218-4.7/0002-gnttab-fix-unmap-pin-accounting-race.patch		gnttab: fix unmap pin accounting race
218	xsa218-4.7/0003-gnttab-Avoid-potential-double-put-of-maptrack-entry.patch		gnttab: Avoid potential double-put of maptrack entry
218	xsa218-4.7/0004-gnttab-correct-maptrack-table-accesses.patch		gnttab: correct maptrack table accesses
218	xsa218-4.8/0001-gnttab-fix-unmap-pin-accounting-race.patch		gnttab: fix unmap pin accounting race
218	xsa218-4.8/0002-gnttab-Avoid-potential-double-put-of-maptrack-entry.patch		gnttab: Avoid potential double-put of maptrack entry
218	xsa218-4.8/0003-gnttab-correct-maptrack-table-accesses.patch		gnttab: correct maptrack table accesses
219	xsa219.patch		x86/shadow: Hold references for the duration of emulated writes
219	xsa219-4.5.patch		x86/shadow: Hold references for the duration of emulated writes
219	xsa219-4.6.patch		x86/shadow: Hold references for the duration of emulated writes
219	xsa219-4.8.patch		x86/shadow: Hold references for the duration of emulated writes
220	xsa220.patch		x86: avoid leaking PKRU and BND* between vCPU-s
220	xsa220-4.5.patch		x86: avoid leaking BND* between vCPU-s
220	xsa220-4.6.patch		x86: avoid leaking BND* between vCPU-s
220	xsa220-4.7.patch		x86: avoid leaking PKRU and BND* between vCPU-s
220	xsa220-4.8.patch		x86: avoid leaking PKRU and BND* between vCPU-s
221	xsa221.patch		evtchn: avoid NULL derefs
222	xsa222-1.patch		xen/memory: Fix return value handing of guest_remove_page()
222	xsa222-1-4.6.patch		xen/memory: Fix return value handing of guest_remove_page()
222	xsa222-1-4.7.patch		xen/memory: Fix return value handing of guest_remove_page()
222	xsa222-2.patch		guest_physmap_remove_page() needs its return value checked
222	xsa222-2-4.5.patch		guest_physmap_remove_page() needs its return value checked
222	xsa222-2-4.6.patch		guest_physmap_remove_page() needs its return value checked
222	xsa222-2-4.7.patch		guest_physmap_remove_page() needs its return value checked
222	xsa222-2-4.8.patch		guest_physmap_remove_page() needs its return value checked
223	xsa223.patch		arm: vgic: Don't update the LR when the IRQ is not enabled
224	xsa224-unstable/0001-gnttab-Fix-handling-of-dev_bus_addr-during-unmap.patch		gnttab: Fix handling of dev_bus_addr during unmap
224	xsa224-unstable/0002-gnttab-never-create-host-mapping-unless-asked-to.patch		gnttab: never create host mapping unless asked to
224	xsa224-unstable/0003-gnttab-correct-logic-to-get-page-references-during-m.patch		gnttab: correct logic to get page references during map requests
224	xsa224-unstable/0004-gnttab-__gnttab_unmap_common_complete-is-all-or-noth.patch		gnttab: __gnttab_unmap_common_complete() is all-or-nothing
224	xsa224-4.5/0001-gnttab-Fix-handling-of-dev_bus_addr-during-unmap.patch		gnttab: Fix handling of dev_bus_addr during unmap
224	xsa224-4.5/0002-gnttab-never-create-host-mapping-unless-asked-to.patch		gnttab: never create host mapping unless asked to
224	xsa224-4.5/0003-gnttab-correct-logic-to-get-page-references-during-m.patch		gnttab: correct logic to get page references during map requests
224	xsa224-4.5/0004-gnttab-__gnttab_unmap_common_complete-is-all-or-noth.patch		gnttab: __gnttab_unmap_common_complete() is all-or-nothing
224	xsa224-4.6/0001-gnttab-Fix-handling-of-dev_bus_addr-during-unmap.patch		gnttab: Fix handling of dev_bus_addr during unmap
224	xsa224-4.6/0002-gnttab-never-create-host-mapping-unless-asked-to.patch		gnttab: never create host mapping unless asked to
224	xsa224-4.6/0003-gnttab-correct-logic-to-get-page-references-during-m.patch		gnttab: correct logic to get page references during map requests
224	xsa224-4.6/0004-gnttab-__gnttab_unmap_common_complete-is-all-or-noth.patch		gnttab: __gnttab_unmap_common_complete() is all-or-nothing
224	xsa224-4.7/0001-gnttab-Fix-handling-of-dev_bus_addr-during-unmap.patch		gnttab: Fix handling of dev_bus_addr during unmap
224	xsa224-4.7/0002-gnttab-never-create-host-mapping-unless-asked-to.patch		gnttab: never create host mapping unless asked to
224	xsa224-4.7/0003-gnttab-correct-logic-to-get-page-references-during-m.patch		gnttab: correct logic to get page references during map requests
224	xsa224-4.7/0004-gnttab-__gnttab_unmap_common_complete-is-all-or-noth.patch		gnttab: __gnttab_unmap_common_complete() is all-or-nothing
224	xsa224-4.8/0001-gnttab-Fix-handling-of-dev_bus_addr-during-unmap.patch		gnttab: Fix handling of dev_bus_addr during unmap
224	xsa224-4.8/0002-gnttab-never-create-host-mapping-unless-asked-to.patch		gnttab: never create host mapping unless asked to
224	xsa224-4.8/0003-gnttab-correct-logic-to-get-page-references-during-m.patch		gnttab: correct logic to get page references during map requests
224	xsa224-4.8/0004-gnttab-__gnttab_unmap_common_complete-is-all-or-noth.patch		gnttab: __gnttab_unmap_common_complete() is all-or-nothing
225	xsa225.patch		xen/arm: vgic: Sanitize target mask used to send SGI

[-- Attachment #3: xsamatch.html --]
[-- Type: text/html, Size: 22344 bytes --]

[-- Attachment #4: xsamatchsmart.html --]
[-- Type: text/html, Size: 22364 bytes --]

[-- Attachment #5: XSA-218-32.png --]
[-- Type: image/png, Size: 395173 bytes --]

[-- Attachment #6: XSA-224-72a.png --]
[-- Type: image/png, Size: 372529 bytes --]

[-- Attachment #7: XSA-224-72b.png --]
[-- Type: image/png, Size: 251588 bytes --]

[-- Attachment #8: Type: text/plain, Size: 127 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel