NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
bff6b61adf
kumquat-buildroot/package/xen/xen.mk
Peter Korsgaard 059d655f5c xen: security bump to version 4.10.2 
Drop 0003-memfd-fix-configure-test.patch applied upstream.

The 4.10.2 version brings a large number of fixes:

https://xenproject.org/downloads/xen-archives/xen-project-410-series/xen-4102.html

Including a number of security fixes:

XSA-260: x86: mishandling of debug exceptions (CVE-2018-8897)
XSA-261: x86 vHPET interrupt injection errors (CVE-2018-10982)
XSA-262: qemu may drive Xen into unbounded loop (CVE-2018-10981)
XSA-263: Speculative Store Bypass (CVE-2018-3639)
XSA-264: preemption checks bypassed in x86 PV MM handling (CVE-2018-12891)
XSA-265: x86: #DB exception safety check can be triggered by a guest
         (CVE-2018-12893)
XSA-266: libxl fails to honour readonly flag on HVM emulated SCSI disks
         (CVE-2018-12892)
XSA-267: Speculative register leakage from lazy FPU context switching
         (CVE-2018-3665)
XSA-268: Use of v2 grant tables may cause crash on ARM (CVE-2018-15469)
XSA-269: x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS
         (CVE-2018-15468)
XSA-272: oxenstored does not apply quota-maxentity (CVE-2018-15470)
XSA-273: L1 Terminal Fault speculative side channel (CVE-2018-3620,
         CVE-2018-3646)

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-01 14:31:35 +02:00

61 lines
1.6 KiB
Makefile
Raw Blame History

################################################################################
#
# Xen
#
################################################################################
XEN_VERSION = 4.10.2
XEN_SITE = https://downloads.xenproject.org/release/xen/$(XEN_VERSION)
XEN_LICENSE = GPL-2.0
XEN_LICENSE_FILES = COPYING
XEN_DEPENDENCIES = host-acpica host-python
# Calculate XEN_ARCH
ifeq ($(ARCH),aarch64)
XEN_ARCH = arm64
else ifeq ($(ARCH),arm)
XEN_ARCH = arm32
endif
XEN_CONF_OPTS = \
--disable-ocamltools \
--with-initddir=/etc/init.d
XEN_CONF_ENV = PYTHON=$(HOST_DIR)/bin/python2
XEN_MAKE_ENV = \
XEN_TARGET_ARCH=$(XEN_ARCH) \
CROSS_COMPILE=$(TARGET_CROSS) \
HOST_EXTRACFLAGS="-Wno-error" \
$(TARGET_CONFIGURE_OPTS)
ifeq ($(BR2_PACKAGE_XEN_HYPERVISOR),y)
XEN_MAKE_OPTS += dist-xen
XEN_INSTALL_IMAGES = YES
define XEN_INSTALL_IMAGES_CMDS
cp $(@D)/xen/xen $(BINARIES_DIR)
endef
else
XEN_CONF_OPTS += --disable-xen
endif
ifeq ($(BR2_PACKAGE_XEN_TOOLS),y)
XEN_DEPENDENCIES += dtc libaio libglib2 ncurses openssl pixman util-linux yajl
ifeq ($(BR2_PACKAGE_ARGP_STANDALONE),y)
XEN_DEPENDENCIES += argp-standalone
endif
XEN_INSTALL_TARGET_OPTS += DESTDIR=$(TARGET_DIR) install-tools
XEN_MAKE_OPTS += dist-tools
XEN_CONF_OPTS += --with-extra-qemuu-configure-args="--disable-sdl --disable-opengl"
define XEN_INSTALL_INIT_SYSV
mv $(TARGET_DIR)/etc/init.d/xencommons $(TARGET_DIR)/etc/init.d/S50xencommons
mv $(TARGET_DIR)/etc/init.d/xen-watchdog $(TARGET_DIR)/etc/init.d/S50xen-watchdog
mv $(TARGET_DIR)/etc/init.d/xendomains $(TARGET_DIR)/etc/init.d/S60xendomains
endef
else
XEN_INSTALL_TARGET = NO
XEN_CONF_OPTS += --disable-tools
endif
$(eval $(autotools-package))
Reference in New Issue View Git Blame Copy Permalink