This arranges that if the new pointer reference error checking tripped, we actually get a message about it. In this patch these messages do not change the actual return values from the various functions: so pointer reference errors do not prevent loading. This is for fear that some existing kernels might cause the code to make these wild references, which would then break, which is not a good thing in a security patch.
In xen/arch/x86/domain_build.c we have to introduce an "out" label and change all of the "return rc" beyond the relevant point into "goto out".
This is part of the fix to a security issue, XSA-55.
c84481f libelf: Make all callers call elf_check_broken
tools/libxc/xc_dom_elfloader.c | 25 +++++++++++++++++++++----
tools/libxc/xc_hvm_build_x86.c | 3 +++
tools/xcutils/readnotes.c | 3 +++
xen/arch/arm/kernel.c | 10 ++++++++++
xen/arch/x86/domain_build.c | 28 +++++++++++++++++++++-------
5 files changed, 58 insertions(+), 11 deletions(-)
Upstream: xenbits.xen.org