FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Kernel Team

 
 
LinkBack Thread Tools
 
Old 06-30-2011, 04:20 PM
Stefan Bader
 
Default SRU: xen: don't allow blkback virtual CDROM device, CVE-2010-4238

The blkback driver is only used in a dom0, which leaves only Hardy to
be affected.
The Redhat patch consisted of two patches of which the first one was
reverting a change we did not have.
 
Old 07-05-2011, 02:41 PM
Andy Whitcroft
 
Default SRU: xen: don't allow blkback virtual CDROM device, CVE-2010-4238

On Thu, Jun 30, 2011 at 05:20:48PM +0100, Stefan Bader wrote:
> The blkback driver is only used in a dom0, which leaves only Hardy to
> be affected.
> The Redhat patch consisted of two patches of which the first one was
> reverting a change we did not have.
>
> From cf01fce28f7007bf90723f32efd8cfa3852ef082 Mon Sep 17 00:00:00 2001
> From: Andrew Jones <drjones@redhat.com>
> Date: Thu, 30 Jun 2011 16:40:02 +0100
> Subject: [PATCH] xen: don't allow blkback virtual CDROM device
>
> Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=635638
> Signed-off-by: Jarod Wilson <jarod@redhat.com>
>
> BugLink: https://bugs.launchpad.net/bugs/803931
> CVE-2010-4238
>
> Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
> ---
> ...-don-t-allow-blkback-virtual-CDROM-device.patch | 42 ++++++++++++++++++++
> 1 files changed, 42 insertions(+), 0 deletions(-)
> create mode 100644 debian/binary-custom.d/xen/patchset/026-xen-don-t-allow-blkback-virtual-CDROM-device.patch
>
> diff --git a/debian/binary-custom.d/xen/patchset/026-xen-don-t-allow-blkback-virtual-CDROM-device.patch b/debian/binary-custom.d/xen/patchset/026-xen-don-t-allow-blkback-virtual-CDROM-device.patch
> new file mode 100644
> index 0000000..8aaf63a
> --- /dev/null
> +++ b/debian/binary-custom.d/xen/patchset/026-xen-don-t-allow-blkback-virtual-CDROM-device.patch
> @@ -0,0 +1,42 @@
> +From 4f8bf5ec3db0719abd46454959f5954eb5151ec1 Mon Sep 17 00:00:00 2001
> +From: Andrew Jones <drjones@redhat.com>
> +Date: Thu, 2 Dec 2010 17:34:12 -0500
> +Subject: [PATCH] xen: don't allow blkback virtual CDROM device
> +
> +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=635638
> +Signed-off-by: Jarod Wilson <jarod@redhat.com>
> +
> +BugLink: https://bugs.launchpad.net/bugs/803931
> +CVE-2010-4238
> +
> +Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
> +---
> + drivers/xen/blkback/vbd.c | 6 +++---
> + 1 files changed, 3 insertions(+), 3 deletions(-)
> +
> +diff --git a/drivers/xen/blkback/vbd.c b/drivers/xen/blkback/vbd.c
> +index fe10ec8..f6044e0 100644
> +--- a/drivers/xen/blkback/vbd.c
> ++++ b/drivers/xen/blkback/vbd.c
> +@@ -74,15 +74,15 @@ int vbd_create(blkif_t *blkif, blkif_vdev_t handle, unsigned major,
> +
> + vbd->bdev = bdev;
> +
> +- if (vbd->bdev->bd_disk == NULL) {
> ++ /* CD-ROMs are not supported by xen blkback */
> ++ if (vbd->bdev->bd_disk == NULL ||
> ++ vbd->bdev->bd_disk->flags & GENHD_FL_CD) {
> + DPRINTK("vbd_creat: device %08x doesn't exist.
",
> + vbd->pdevice);
> + vbd_free(vbd);
> + return -ENOENT;
> + }
> +
> +- if (vbd->bdev->bd_disk->flags & GENHD_FL_CD)
> +- vbd->type |= VDISK_CDROM;
> + if (vbd->bdev->bd_disk->flags & GENHD_FL_REMOVABLE)
> + vbd->type |= VDISK_REMOVABLE;
> +
> +--
> +1.7.4.1
> +
> --

Ok the CVE does imply that CD ROM support does not work. The patch
above appears to correctly convert any attempt to open them to ENOENT.
As we also do not expect to be using this as the primary interface to
disks in Hardy this should be low risk to existing configurations.
Therefore:

Acked-by: Andy Whitcroft <apw@canonical.com>

-apw

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 

Thread Tools




All times are GMT. The time now is 01:12 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org