From e6e24d73697dd127a31554c88d3d66bda5c89ee6 Mon Sep 17 00:00:00 2001
From: Ian Campbell <ian.campbell@citrix.com>
Date: Thu, 29 Oct 2015 14:05:25 +0100
Subject: [PATCH] arm: rate-limit logging from unimplemented PHYSDEVOP and
 HVMOP.

These are guest accessible and should therefore be rate-limited.
Moreover, include them only in debug builds.

This is CVE-2015-7813 / XSA-146.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
master commit: 1c0e59ff15764e7b0c59282365974f5b8924ce83
master date: 2015-10-29 13:33:38 +0100
---
 xen/arch/arm/hvm.c     | 2 +-
 xen/arch/arm/physdev.c | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/xen/arch/arm/hvm.c b/xen/arch/arm/hvm.c
index 471c4cd9dd..5fd0753b45 100644
--- a/xen/arch/arm/hvm.c
+++ b/xen/arch/arm/hvm.c
@@ -57,7 +57,7 @@ long do_hvm_op(unsigned long op, XEN_GUEST_HANDLE_PARAM(void) arg)
 
     default:
     {
-        printk("%s: Bad HVM op %ld.\n", __func__, op);
+        gdprintk(XENLOG_DEBUG, "HVMOP op=%lu: not implemented\n", op);
         rc = -ENOSYS;
         break;
     }
diff --git a/xen/arch/arm/physdev.c b/xen/arch/arm/physdev.c
index 61b4a184ad..27bbbda831 100644
--- a/xen/arch/arm/physdev.c
+++ b/xen/arch/arm/physdev.c
@@ -8,12 +8,13 @@
 #include <xen/types.h>
 #include <xen/lib.h>
 #include <xen/errno.h>
+#include <xen/sched.h>
 #include <asm/hypercall.h>
 
 
 int do_physdev_op(int cmd, XEN_GUEST_HANDLE_PARAM(void) arg)
 {
-    printk("%s %d cmd=%d: not implemented yet\n", __func__, __LINE__, cmd);
+    gdprintk(XENLOG_DEBUG, "PHYSDEVOP cmd=%d: not implemented\n", cmd);
     return -ENOSYS;
 }
 
-- 
2.39.5