[Pkg-xen-changes] r1114 - in trunk/xen: . debian

Bastian Blank waldi at alioth.debian.org
Tue Sep 18 11:45:17 UTC 2012 

Author: waldi
Date: Tue Sep 18 11:45:17 2012
New Revision: 1114

Log:
Merge /branches/wheezy/xen.

Modified:
   trunk/xen/   (props changed)
   trunk/xen/debian/changelog
   trunk/xen/debian/xen-utils-common.xendomains.init

Modified: trunk/xen/debian/changelog
==============================================================================
--- trunk/xen/debian/changelog	Tue Sep 18 11:44:05 2012	(r1113)
+++ trunk/xen/debian/changelog	Tue Sep 18 11:45:17 2012	(r1114)
@@ -20,9 +20,39 @@
 
  -- Bastian Blank <waldi at debian.org>  Sun, 13 May 2012 12:21:10 +0000
 
-xen (4.1.3-1) UNRELEASED; urgency=low
+xen (4.1.3-3) unstable; urgency=low
+
+  * Xen domain init script:
+    - Make sure Open vSwitch is started before any domain.
+    - Properly handle and show output of failed migration and save.
+    - Ask all domains to shut down before checking them.
+
+ -- Bastian Blank <waldi at debian.org>  Tue, 18 Sep 2012 13:26:32 +0200
+
+xen (4.1.3-2) unstable; urgency=medium
+
+  * Don't allow writing reserved bits in debug register.
+    CVE-2012-3494
+  * Fix error handling in interrupt assignment.
+    CVE-2012-3495
+  * Don't trigger bug messages on invalid flags.
+    CVE-2012-3496
+  * Check array bounds in interrupt assignment.
+    CVE-2012-3498
+  * Properly check bounds while setting the cursor in qemu.
+    CVE-2012-3515
+  * Disable monitor in qemu by default.
+    CVE-2012-4411
+
+ -- Bastian Blank <waldi at debian.org>  Fri, 07 Sep 2012 19:41:46 +0200
+
+xen (4.1.3-1) unstable; urgency=medium
 
   * New upstream release: (closes: #683286)
+    - Don't leave the x86 emulation in a bad state. (closes: #683279)
+      CVE-2012-3432
+    - Only check for shared pages while any exist on teardown.
+      CVE-2012-3433
     - Fix error handling for unexpected conditions.
     - Update CPUID masking to latest Intel spec.
     - Allow large ACPI ids.
@@ -30,13 +60,11 @@
     - Disallow access to some sensitive IO-ports.
     - Fix wrong address in IOTLB.
     - Fix deadlock on CPUs without working cpufreq driver.
-  * Fixup broken patches.
-  * Don't leave the x86 emulation in a bad state. (closes: #683279)
-    CVE-2012-3432
-  * Only check for shared pages while any exist on teardown.
-    CVE-2012-3433
+    - Use uncached disk access in qemu.
+    - Fix buffer size on emulated e1000 device in qemu.
+  * Fixup broken and remove applied patches.
 
- -- Bastian Blank <waldi at debian.org>  Mon, 30 Jul 2012 21:06:34 +0200
+ -- Bastian Blank <waldi at debian.org>  Fri, 17 Aug 2012 11:25:02 +0200
 
 xen (4.1.3~rc1+hg-20120614.a9c0a89c08f2-5) unstable; urgency=low
 

Modified: trunk/xen/debian/xen-utils-common.xendomains.init
==============================================================================
--- trunk/xen/debian/xen-utils-common.xendomains.init	Tue Sep 18 11:44:05 2012	(r1113)
+++ trunk/xen/debian/xen-utils-common.xendomains.init	Tue Sep 18 11:45:17 2012	(r1114)
@@ -3,8 +3,8 @@
 # Provides:          xendomains
 # Required-Start:    $syslog $remote_fs xen
 # Required-Stop:     $syslog $remote_fs xen
-# Should-Start:      drbd iscsi
-# Should-Stop:       drbd iscsi
+# Should-Start:      drbd iscsi openvswitch-switch
+# Should-Stop:       drbd iscsi openvswitch-switch
 # X-Start-Before:    corosync heartbeat
 # X-Stop-After:      corosync heartbeat
 # Default-Start:     2 3 4 5
@@ -53,15 +53,28 @@
 
 timeout_coproc()
 {
-  TIMEOUT="$1"
+  local TIMEOUT=$1
+  shift
+
+  coproc "$@" 2>&1 1>/dev/null
+
+  local COPROC_OUT
+  exec {COPROC_OUT}<&"${COPROC[0]}"
+  local PID="$COPROC_PID"
+
   for no in $(seq 0 $TIMEOUT); do
-    if [ -z "$COPROC_PID" ]; then return 0; fi
+    if [ -z "$COPROC_PID" ]; then break; fi
     sleep 1
     log_action_cont_msg
   done
+
   kill -INT "$COPROC_PID" >/dev/null 2>&1
-  wait $COPROC_PID
-  return 1
+  wait $PID
+  local rc=$?
+  log_action_end_msg $rc
+
+  [ $rc -gt 0 ] && cat <&$COPROC_OUT
+  exec <&$COPROC_OUT-
 }
 
 timeout_domain()
@@ -151,9 +164,7 @@
 
   while read id name rest; do
     log_action_begin_msg "Migrating Xen domain $name ($id)"
-    coproc xen migrate $id $XENDOMAINS_MIGRATE 2>&1 1>/dev/null
-    timeout_coproc "$XENDOMAINS_STOP_MAXWAIT"
-    log_action_end_msg $?
+    (timeout_coproc "$XENDOMAINS_STOP_MAXWAIT" xen migrate $id $XENDOMAINS_MIGRATE)
   done < <(/usr/lib/xen-common/bin/xen-init-list)
 }
 
@@ -164,9 +175,7 @@
 
   while read id name rest; do
     log_action_begin_msg "Saving Xen domain $name ($id)"
-    coproc xen save $id $XENDOMAINS_SAVE/$name 2>&1 1>/dev/null
-    timeout_coproc "$XENDOMAINS_STOP_MAXWAIT"
-    log_action_end_msg $?
+    (timeout_coproc "$XENDOMAINS_STOP_MAXWAIT" xen save $id $XENDOMAINS_SAVE/$name)
   done < <(/usr/lib/xen-common/bin/xen-init-list)
 }
 
@@ -175,6 +184,10 @@
   while read id name rest; do
     log_action_begin_msg "Shutting down Xen domain $name ($id)"
     xen shutdown $id 2>&1 1>/dev/null
+    log_action_end_msg $?
+  done < <(/usr/lib/xen-common/bin/xen-init-list)
+  while read id name rest; do
+    log_action_begin_msg "Waiting for Xen domain $name ($id) to shut down"
     timeout_domain "$name" "$XENDOMAINS_STOP_MAXWAIT"
     log_action_end_msg $?
   done < <(/usr/lib/xen-common/bin/xen-init-list)

More information about the Pkg-xen-changes mailing list