summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Jan Beulich [Thu, 29 Oct 2015 12:52:02 +0000 (13:52 +0100)]
x86: rate-limit logging in do_xen{oprof,pmu}_op()
Some of the sub-ops are acessible to all guests, and hence should be
rate-limited. In the xenoprof case, just like for XSA-146, include them
only in debug builds. Since the vPMU code is rather new, allow them to
be always present, but downgrade them to (rate limited) guest messages.
This is CVE-2015-7971 / XSA-152.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Ian Campbell <ian.campbell@citrix.com>
master commit:
95e7415843b94c346e5ba8682665f508f220e04b
master date: 2015-10-29 13:37:19 +0100
(cherry picked from commit
bdc9fdf9d468cb94ca0fbed1b969c20bf173dc9b)
Patch-Name: CVE-2015-7971.diff
Gbp-Pq: Name CVE-2015-7971.diff
Jan Beulich [Thu, 29 Oct 2015 12:51:24 +0000 (13:51 +0100)]
xenoprof: free domain's vcpu array
This was overlooked in
fb442e2171 ("x86_64: allow more vCPU-s per
guest").
This is CVE-2015-7969 / XSA-151.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Ian Campbell <ian.campbell@citrix.com>
master commit:
6e97c4b37386c2d09e09e9b5d5d232e37728b960
master date: 2015-10-29 13:36:52 +0100
(cherry picked from commit
429f0cd270851462783fc6d56d6bae9cbb40bdca)
Patch-Name: CVE-2015-7969.1.diff
Gbp-Pq: Name CVE-2015-7969.1.diff
Andrew Cooper [Thu, 29 Oct 2015 12:50:59 +0000 (13:50 +0100)]
x86/PoD: Eager sweep for zeroed pages
Based on the contents of a guests physical address space,
p2m_pod_emergency_sweep() could degrade into a linear memcmp() from 0 to
max_gfn, which runs non-preemptibly.
As p2m_pod_emergency_sweep() runs behind the scenes in a number of contexts,
making it preemptible is not feasible.
Instead, a different approach is taken. Recently-populated pages are eagerly
checked for reclaimation, which amortises the p2m_pod_emergency_sweep()
operation across each p2m_pod_demand_populate() operation.
Note that in the case that a 2M superpage can't be reclaimed as a superpage,
it is shattered if 4K pages of zeros can be reclaimed. This is unfortunate
but matches the previous behaviour, and is required to avoid regressions
(domain crash from PoD exhaustion) with VMs configured close to the limit.
This is CVE-2015-7970 / XSA-150.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: George Dunlap <george.dunlap@citrix.com>
master commit:
101ce53266866144e724ed593173bc4098b300b9
master date: 2015-10-29 13:36:25 +0100
(cherry picked from commit
4a32fbd95af6503ea1314ff2aa9a0b0a473d46c0)
Patch-Name: CVE-2015-7970.diff
Gbp-Pq: Name CVE-2015-7970.diff
Jan Beulich [Thu, 29 Oct 2015 12:49:56 +0000 (13:49 +0100)]
free domain's vcpu array
This was overlooked in
fb442e2171 ("x86_64: allow more vCPU-s per
guest").
This is CVE-2015-7969 / XSA-149.
Reported-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Ian Campbell <ian.campbell@citrix.com>
master commit:
d46896ebbb23f3a9fef2eb6066ae614fd1acfd96
master date: 2015-10-29 13:35:40 +0100
(cherry picked from commit
2c57108c36eaa10885b7d0daad534348717e4f9d)
Patch-Name: CVE-2015-7969.diff
Gbp-Pq: Name CVE-2015-7969.diff
Jan Beulich [Thu, 29 Oct 2015 12:48:09 +0000 (13:48 +0100)]
x86: guard against undue super page PTE creation
When optional super page support got added (commit
bd1cd81d64 "x86: PV
support for hugepages"), two adjustments were missed: mod_l2_entry()
needs to consider the PSE and RW bits when deciding whether to use the
fast path, and the PSE bit must not be removed from L2_DISALLOW_MASK
unconditionally.
This is CVE-2015-7835 / XSA-148.
Reported-by: "栾尚聪(好风)" <shangcong.lsc@alibaba-inc.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Tim Deegan <tim@xen.org>
master commit:
fe360c90ea13f309ef78810f1a2b92f2ae3b30b8
master date: 2015-10-29 13:35:07 +0100
(cherry picked from commit
2d094bd87072e26ac29b07917d31fcbf13892288)
Patch-Name: CVE-2015-7835.diff
Gbp-Pq: Name CVE-2015-7835.diff
Ian Campbell [Thu, 29 Oct 2015 12:47:38 +0000 (13:47 +0100)]
arm: handle races between relinquish_memory and free_domheap_pages
Primarily this means XENMEM_decrease_reservation from a toolstack
domain.
Unlike x86 we have no requirement right now to queue such pages onto
a separate list, if we hit this race then the other code has already
fully accepted responsibility for freeing this page and therefore
there is no more for relinquish_memory to do.
This is CVE-2015-7814 / XSA-147.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Reviewed-by: Julien Grall <julien.grall@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
master commit:
1ef01396fdff88b1c3331a09ca5c69619b90f4ea
master date: 2015-10-29 13:34:17 +0100
(cherry picked from commit
df6fa370865717ee51530c0102d1e983a70d37c3)
Patch-Name: CVE-2015-7814.diff
Gbp-Pq: Name CVE-2015-7814.diff
Ian Campbell [Thu, 29 Oct 2015 12:47:10 +0000 (13:47 +0100)]
arm: rate-limit logging from unimplemented PHYSDEVOP and HVMOP.
These are guest accessible and should therefore be rate-limited.
Moreover, include them only in debug builds.
This is CVE-2015-7813 / XSA-146.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
master commit:
1c0e59ff15764e7b0c59282365974f5b8924ce83
master date: 2015-10-29 13:33:38 +0100
(cherry picked from commit
b18d995ca341d07a38fec04aa137e9ef85ee4dd0)
Patch-Name: CVE-2015-7813.diff
Gbp-Pq: Name CVE-2015-7813.diff
Julien Grall [Thu, 29 Oct 2015 12:46:45 +0000 (13:46 +0100)]
arm: Support hypercall_create_continuation for multicall
Multicall for ARM has been supported since commit
f0dbdc6 "xen: arm: fully
implement multicall interface.". Although, if an hypercall in multicall
requires preemption, it will crash the host:
(XEN) Xen BUG at domain.c:347
(XEN) ----[ Xen-4.7-unstable arm64 debug=y Tainted: C ]----
[...]
(XEN) Xen call trace:
(XEN) [<
00000000002420cc>] hypercall_create_continuation+0x64/0x380 (PC)
(XEN) [<
0000000000217274>] do_memory_op+0x1b00/0x2334 (LR)
(XEN) [<
0000000000250d2c>] do_multicall_call+0x114/0x124
(XEN) [<
0000000000217ff0>] do_multicall+0x17c/0x23c
(XEN) [<
000000000024f97c>] do_trap_hypercall+0x90/0x12c
(XEN) [<
0000000000251ca8>] do_trap_hypervisor+0xd2c/0x1ba4
(XEN) [<
00000000002582cc>] guest_sync+0x88/0xb8
(XEN)
(XEN)
(XEN) ****************************************
(XEN) Panic on CPU 5:
(XEN) Xen BUG at domain.c:347
(XEN) ****************************************
(XEN)
(XEN) Manual reset required ('noreboot' specified)
Looking to the code, the support of multicall looks valid to me, as we only
need to fill call.args[...]. So drop the BUG();
This is CVE-2015-7812 / XSA-145.
Signed-off-by: Julien Grall <julien.grall@citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
master commit:
29bcf64ce8bc0b1b7aacd00c8668f255c4f0686c
master date: 2015-10-29 13:31:10 +0100
(cherry picked from commit
ea95ecb8bf30f83b52a079cdfc824a3ba6ffd4ef)
Patch-Name: CVE-2015-7812.diff
Gbp-Pq: Name CVE-2015-7812.diff
Bastian Blank [Sat, 5 Jul 2014 09:47:36 +0000 (11:47 +0200)]
tools-xenstore-compatibility.diff
Patch-Name: tools-xenstore-compatibility.diff
Gbp-Pq: Name tools-xenstore-compatibility.diff
Bastian Blank [Sat, 5 Jul 2014 09:47:31 +0000 (11:47 +0200)]
tools-xenmon-install.diff
Patch-Name: tools-xenmon-install.diff
Gbp-Pq: Name tools-xenmon-install.diff
Bastian Blank [Sat, 5 Jul 2014 09:47:30 +0000 (11:47 +0200)]
tools-include-install.diff
Patch-Name: tools-include-install.diff
Gbp-Pq: Name tools-include-install.diff
Bastian Blank [Sat, 5 Jul 2014 09:47:29 +0000 (11:47 +0200)]
Remove static solaris support from pygrub
Patch-Name: tools-pygrub-remove-static-solaris-support
Gbp-Pq: Name tools-pygrub-remove-static-solaris-support
Bastian Blank [Sat, 5 Jul 2014 09:47:14 +0000 (11:47 +0200)]
tools-xentrace-prefix.diff
Patch-Name: tools-xentrace-prefix.diff
Gbp-Pq: Name tools-xentrace-prefix.diff
Bastian Blank [Sat, 5 Jul 2014 09:47:12 +0000 (11:47 +0200)]
tools-xenstore-prefix.diff
Patch-Name: tools-xenstore-prefix.diff
Gbp-Pq: Name tools-xenstore-prefix.diff
Bastian Blank [Sat, 5 Jul 2014 09:47:09 +0000 (11:47 +0200)]
tools-xenstat-prefix.diff
Patch-Name: tools-xenstat-prefix.diff
Gbp-Pq: Name tools-xenstat-prefix.diff
Bastian Blank [Sat, 13 Dec 2014 18:37:02 +0000 (19:37 +0100)]
tools-xenpmd-prefix.diff
Patch-Name: tools-xenpmd-prefix.diff
Gbp-Pq: Name tools-xenpmd-prefix.diff
Bastian Blank [Sat, 5 Jul 2014 09:47:08 +0000 (11:47 +0200)]
tools-xenpaging-prefix.diff
Patch-Name: tools-xenpaging-prefix.diff
Gbp-Pq: Name tools-xenpaging-prefix.diff
Bastian Blank [Sat, 5 Jul 2014 09:47:06 +0000 (11:47 +0200)]
tools-xenmon-prefix.diff
Patch-Name: tools-xenmon-prefix.diff
Gbp-Pq: Name tools-xenmon-prefix.diff
Bastian Blank [Sat, 5 Jul 2014 09:47:05 +0000 (11:47 +0200)]
tools-xcutils-rpath.diff
Patch-Name: tools-xcutils-rpath.diff
Gbp-Pq: Name tools-xcutils-rpath.diff
Bastian Blank [Sat, 5 Jul 2014 09:47:02 +0000 (11:47 +0200)]
tools-python-prefix.diff
Patch-Name: tools-python-prefix.diff
Gbp-Pq: Name tools-python-prefix.diff
Bastian Blank [Sat, 5 Jul 2014 09:47:01 +0000 (11:47 +0200)]
tools-pygrub-prefix.diff
Patch-Name: tools-pygrub-prefix.diff
Gbp-Pq: Name tools-pygrub-prefix.diff
Bastian Blank [Sat, 5 Jul 2014 09:46:59 +0000 (11:46 +0200)]
tools-misc-prefix.diff
Patch-Name: tools-misc-prefix.diff
Gbp-Pq: Name tools-misc-prefix.diff
Bastian Blank [Sat, 5 Jul 2014 09:46:57 +0000 (11:46 +0200)]
tools-libxl-prefix.diff
Patch-Name: tools-libxl-prefix.diff
Gbp-Pq: Name tools-libxl-prefix.diff
Bastian Blank [Sat, 5 Jul 2014 09:46:55 +0000 (11:46 +0200)]
tools-libfsimage-prefix.diff
Patch-Name: tools-libfsimage-prefix.diff
Gbp-Pq: Name tools-libfsimage-prefix.diff
Bastian Blank [Sat, 5 Jul 2014 09:46:54 +0000 (11:46 +0200)]
tools-console-prefix.diff
Patch-Name: tools-console-prefix.diff
Gbp-Pq: Name tools-console-prefix.diff
Bastian Blank [Sat, 5 Jul 2014 09:46:53 +0000 (11:46 +0200)]
tools-blktap2-prefix.diff
Patch-Name: tools-blktap2-prefix.diff
Gbp-Pq: Name tools-blktap2-prefix.diff
Bastian Blank [Sat, 5 Jul 2014 09:46:51 +0000 (11:46 +0200)]
tools-rpath.diff
Patch-Name: tools-rpath.diff
Gbp-Pq: Name tools-rpath.diff
Bastian Blank [Sat, 5 Jul 2014 09:46:50 +0000 (11:46 +0200)]
tools-xenstat-abiname.diff
Patch-Name: tools-xenstat-abiname.diff
Gbp-Pq: Name tools-xenstat-abiname.diff
Bastian Blank [Sat, 5 Jul 2014 09:46:49 +0000 (11:46 +0200)]
tools-libxl-abiname.diff
Patch-Name: tools-libxl-abiname.diff
Gbp-Pq: Name tools-libxl-abiname.diff
Bastian Blank [Sat, 5 Jul 2014 09:46:48 +0000 (11:46 +0200)]
tools-libxc-abiname.diff
Patch-Name: tools-libxc-abiname.diff
Gbp-Pq: Name tools-libxc-abiname.diff
Bastian Blank [Sat, 5 Jul 2014 09:46:47 +0000 (11:46 +0200)]
tools-libfsimage-abiname.diff
Patch-Name: tools-libfsimage-abiname.diff
Gbp-Pq: Name tools-libfsimage-abiname.diff
Bastian Blank [Sat, 5 Jul 2014 09:46:45 +0000 (11:46 +0200)]
config-prefix.diff
Patch-Name: config-prefix.diff
Gbp-Pq: Name config-prefix.diff
Ian Campbell [Wed, 16 Dec 2015 15:06:35 +0000 (15:06 +0000)]
tools: allow configure time choice of libexec subdirectory.
Currently we hardcode various paths such as $libexec/xen/{bin,boot},
however some downstreams (notably Debian) would like instead to
install things into $libexec/xen-X.Y/{bin,boot} as part of allowing
multiple versions of the tools packages to be installed.
Since this currently involves patching configure its a bit fiddly,
provide a configure option for the leaf dir instead, name it
--with-libexec-leaf-dir similar to the existing
--with-sysconfig-leaf-dir.
Rather than have the determination of the full path in both configure
and config/Paths.mk.in move it into configure only. Also for
consistency move the other LIBEXEC_* to configure, even though they
are only substituted into Paths.mk.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Reviewed-by: Doug Goldstein <cardoe@cardoe.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
Cc: 805508@bugs.debian.org
[ ijc -- removed stray ` ]
(cherry picked from commit
de858271c16851d662b2613699401df6ecec8ef8)
Patch-Name: tools-allow-configure-time-choice-of-libexec-subdire.patch
Gbp-Pq: Name tools-allow-configure-time-choice-of-libexec-subdire.patch
Bastian Blank [Sat, 5 Jul 2014 09:46:43 +0000 (11:46 +0200)]
version
Patch-Name: version.diff
Gbp-Pq: Name version.diff
Ian Campbell [Tue, 9 Feb 2016 16:41:16 +0000 (16:41 +0000)]
xen (4.6.0-1+nmu2) unstable; urgency=medium
* Ensure debian/control.md5sum is correctly updated. Fixes FTBFS of
4.6.0-1+nmu1 on buildds where linux-support-4.2.0-1 is not expected to be
installed.
[dgit import unpatched xen 4.6.0-1+nmu2]
Ian Campbell [Tue, 9 Feb 2016 16:41:16 +0000 (16:41 +0000)]
Import xen_4.6.0-1+nmu2.debian.tar.xz
[dgit import tarball xen 4.6.0-1+nmu2 xen_4.6.0-1+nmu2.debian.tar.xz]
Bastian Blank [Sun, 1 Nov 2015 20:49:07 +0000 (20:49 +0000)]
Import xen_4.6.0.orig.tar.xz
[dgit import orig xen_4.6.0.orig.tar.xz]
projects / xen.git / log