hi,
I guess this needs to be patched into kernel-xen instead of xen hypervisior
right?
On Wed, Feb 6, 2013 at 2:56 AM, Linux Hack <linuxhack2012@gmail.com>
wrote:
> Hi,
>
> I am unable to apply this patch on Xen-4.1.4 and seems the
> file /drivers/xen/netback/common.h doesn''t exists.
>
> ==========> Patch #39
(xsa39-classic-0001-xen-netback-garbage-ring.patch):
> + patch -p1 -s
> The text leading up to this was:
> --------------------------
> |netback: shutdown the ring if it contains garbage
> |
> |A buggy or malicious frontend should not be able to confuse netback.
> |If we spot anything which is not as it should be then shutdown the
> |device and don''t try to continue with the ring in a potentially
> |hostile state. Well behaved and non-hostile frontends will not be
> |penalised.
> |
> |As well as making the existing checks for such errors fatal also add a
> |new check that ensures that there isn''t an insane number of
requests
> |on the ring (i.e. more than would fit in the ring). If the ring
> |contains garbage then previously is was possible to loop over this
> |insane number, getting an error each time and therefore not generating
> |any more pending requests and therefore not exiting the loop in
> |xen_netbk_tx_build_gops for an externded period.
> |
> |Also turn various netdev_dbg calls which no precipitate a fatal error
> |into netdev_err, they are rate limited because the device is shutdown
> |afterwards.
> |
> |This fixes at least one known DoS/softlockup of the backend domain.
> |
> |Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
> |Signed-off-by: Jan Beulich <JBeulich@suse.com>
> |
> |--- a/drivers/xen/netback/common.h
> |+++ b/drivers/xen/netback/common.h
> --------------------------
> File to patch:
> ================>
> Any help that would be great!
>
>
_______________________________________________
Xen-users mailing list
Xen-users@lists.xen.org
http://lists.xen.org/xen-users