File CVE-2016-10155-qemuu-watchdog-memory-leakage-in-virtual-hardware-watchdog-wdt_i6300esb.patch of Package xen.5015

References: bsc#1024183 CVE-2016-10155
Notes:
All traditional qemu versions don't have an 'exit' field in their PCI Device structure
The upstream qemu (SLE11SP3 SLE12SP1) has a PCI struct with an 'exit' field and the exit function i6300esb_exit already exists
SLE12SP2 uses KVM/qemu.


Subject: watchdog: 6300esb: add exit function
From: Li Qiang liqiang6-s@360.cn Mon Nov 28 17:49:04 2016 -0800
Date: Thu Dec 22 16:00:23 2016 +0100:
Git: eb7a20a3616085d46aa6b4b4224e15587ec67e6e

When the Intel 6300ESB watchdog is hot unplug. The timer allocated
in realize isn't freed thus leaking memory leak. This patch avoid
this through adding the exit function.

Signed-off-by: Li Qiang <liqiang6-s@360.cn>
Message-Id: <583cde9c.3223ed0a.7f0c2.886e@mx.google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

Index: xen-4.4.4-testing/tools/qemu-xen-dir-remote/hw/watchdog/wdt_i6300esb.c
===================================================================
--- xen-4.4.4-testing.orig/tools/qemu-xen-dir-remote/hw/watchdog/wdt_i6300esb.c
+++ xen-4.4.4-testing/tools/qemu-xen-dir-remote/hw/watchdog/wdt_i6300esb.c
@@ -429,6 +429,9 @@ static void i6300esb_exit(PCIDevice *dev
 {
     I6300State *d = DO_UPCAST(I6300State, dev, dev);
 
+    qemu_del_timer(d->timer);
+    qemu_free_timer(d->timer);
+
     memory_region_destroy(&d->io_mem);
 }