[Pkg-xen-changes] [xen] 07/10: merge patched-develop into develop
Bastian Blank
waldi at moszumanska.debian.org
Fri Oct 17 13:35:11 UTC 2014
This is an automated email from the git hooks/post-receive script.
waldi pushed a commit to branch develop
in repository xen.
commit de42d295b1b8878128ce98cabb52bcc944920bc4
Merge: a787a50 a90ace8
Author: Bastian Blank <waldi at debian.org>
Date: Fri Oct 17 11:20:42 2014 +0200
merge patched-develop into develop
debian/.git-dpm | 4 +-
...k-control-block-exists-when-using-FIFO-ba.patch | 175 +++++++++++++++++++++
...fix-race-condition-sampling-the-dirty-vra.patch | 57 +++++++
...-check-cpl-for-all-privileged-instruction.patch | 47 ++++++
...y-emulate-software-interrupt-injection-fo.patch | 33 ++++
...7-x86-HVM-properly-bound-x2APIC-MSR-range.patch | 46 ++++++
...ss-UR-signaling-for-further-desktop-chips.patch | 42 +++++
debian/patches/series | 6 +
xen/arch/x86/hvm/hvm.c | 4 +-
xen/arch/x86/mm/shadow/common.c | 4 +-
xen/arch/x86/x86_emulate/x86_emulate.c | 4 +
xen/common/event_fifo.c | 82 +++++++---
xen/drivers/passthrough/vtd/quirks.c | 10 +-
xen/include/asm-x86/hvm/domain.h | 2 +-
14 files changed, 482 insertions(+), 34 deletions(-)
diff --cc debian/.git-dpm
index 57ffd32,0000000..a0324c0
mode 100644,000000..100644
--- a/debian/.git-dpm
+++ b/debian/.git-dpm
@@@ -1,8 -1,0 +1,8 @@@
+# see git-dpm(1) from git-dpm package
- 2dec9f02a44a006887469c80a7649c31bb518899
- 2dec9f02a44a006887469c80a7649c31bb518899
++a90ace8403cf00b7eacd5cf2df1d588e15fb5610
++a90ace8403cf00b7eacd5cf2df1d588e15fb5610
+3387be132d526263f246c24d3bbc94767a4eba76
+3387be132d526263f246c24d3bbc94767a4eba76
+xen_4.4.1.orig.tar.xz
+900ed093d14caf511fa1a22f48bbf0499bb2ee11
+3778516
diff --cc debian/patches/0033-evtchn-check-control-block-exists-when-using-FIFO-ba.patch
index 0000000,0000000..944ccee
new file mode 100644
--- /dev/null
+++ b/debian/patches/0033-evtchn-check-control-block-exists-when-using-FIFO-ba.patch
@@@ -1,0 -1,0 +1,175 @@@
++From d8a7da2812c0a7e71e756a416153d0182e658a3d Mon Sep 17 00:00:00 2001
++From: David Vrabel <david.vrabel at citrix.com>
++Date: Tue, 9 Sep 2014 15:31:37 +0200
++Subject: evtchn: check control block exists when using FIFO-based events
++
++When using the FIFO-based event channels, there are no checks for the
++existance of a control block when binding an event or moving it to a
++different VCPU. This is because events may be bound when the ABI is
++in 2-level mode (e.g., by the toolstack before the domain is started).
++
++The guest may trigger a Xen crash in evtchn_fifo_set_pending() if:
++
++ a) the event is bound to a VCPU without a control block; or
++ b) VCPU 0 does not have a control block.
++
++In case (a), Xen will crash when looking up the current queue. In
++(b), Xen will crash when looking up the old queue (which defaults to a
++queue on VCPU 0).
++
++By allocating all the per-VCPU structures when enabling the FIFO ABI,
++we can be sure that v->evtchn_fifo is always valid.
++
++EVTCHNOP_init_control_block for all the other CPUs need only map the
++shared control block.
++
++A single check in evtchn_fifo_set_pending() before accessing the
++control block fixes all cases where the guest has not initialized some
++control blocks.
++
++This is XSA-107.
++
++Reported-by: Vitaly Kuznetsov <vkuznets at redhat.com>
++Signed-off-by: David Vrabel <david.vrabel at citrix.com>
++Reviewed-by: Jan Beulich <jbeulich at suse.com>
++master commit: a4e0cea6fced50e251453dfe52e1b9dde77a84f5
++master date: 2014-09-09 15:25:58 +0200
++---
++ xen/common/event_fifo.c | 82 ++++++++++++++++++++++++++++++++++---------------
++ 1 file changed, 58 insertions(+), 24 deletions(-)
++
++diff --git a/xen/common/event_fifo.c b/xen/common/event_fifo.c
++index 1fce3f1..e9c1fbe 100644
++--- a/xen/common/event_fifo.c
+++++ b/xen/common/event_fifo.c
++@@ -178,6 +178,19 @@ static void evtchn_fifo_set_pending(struct vcpu *v, struct evtchn *evtchn)
++ bool_t linked = 0;
++
++ /*
+++ * Control block not mapped. The guest must not unmask an
+++ * event until the control block is initialized, so we can
+++ * just drop the event.
+++ */
+++ if ( unlikely(!v->evtchn_fifo->control_block) )
+++ {
+++ printk(XENLOG_G_WARNING
+++ "d%dv%d has no FIFO event channel control block\n",
+++ d->domain_id, v->vcpu_id);
+++ goto done;
+++ }
+++
+++ /*
++ * No locking around getting the queue. This may race with
++ * changing the priority but we are allowed to signal the
++ * event once on the old priority.
++@@ -385,36 +398,42 @@ static void init_queue(struct vcpu *v, struct evtchn_fifo_queue *q,
++ {
++ spin_lock_init(&q->lock);
++ q->priority = i;
++- q->head = &v->evtchn_fifo->control_block->head[i];
++ }
++
++-static int setup_control_block(struct vcpu *v, uint64_t gfn, uint32_t offset)
+++static int setup_control_block(struct vcpu *v)
++ {
++- struct domain *d = v->domain;
++ struct evtchn_fifo_vcpu *efv;
++- void *virt;
++ unsigned int i;
++- int rc;
++-
++- if ( v->evtchn_fifo )
++- return -EINVAL;
++
++ efv = xzalloc(struct evtchn_fifo_vcpu);
++ if ( !efv )
++ return -ENOMEM;
++
++- rc = map_guest_page(d, gfn, &virt);
+++ for ( i = 0; i <= EVTCHN_FIFO_PRIORITY_MIN; i++ )
+++ init_queue(v, &efv->queue[i], i);
+++
+++ v->evtchn_fifo = efv;
+++
+++ return 0;
+++}
+++
+++static int map_control_block(struct vcpu *v, uint64_t gfn, uint32_t offset)
+++{
+++ void *virt;
+++ unsigned int i;
+++ int rc;
+++
+++ if ( v->evtchn_fifo->control_block )
+++ return -EINVAL;
+++
+++ rc = map_guest_page(v->domain, gfn, &virt);
++ if ( rc < 0 )
++- {
++- xfree(efv);
++ return rc;
++- }
++
++- v->evtchn_fifo = efv;
++ v->evtchn_fifo->control_block = virt + offset;
++
++ for ( i = 0; i <= EVTCHN_FIFO_PRIORITY_MIN; i++ )
++- init_queue(v, &v->evtchn_fifo->queue[i], i);
+++ v->evtchn_fifo->queue[i].head = &v->evtchn_fifo->control_block->head[i];
++
++ return 0;
++ }
++@@ -508,28 +527,43 @@ int evtchn_fifo_init_control(struct evtchn_init_control *init_control)
++
++ spin_lock(&d->event_lock);
++
++- rc = setup_control_block(v, gfn, offset);
++-
++ /*
++ * If this is the first control block, setup an empty event array
++ * and switch to the fifo port ops.
++ */
++- if ( rc == 0 && !d->evtchn_fifo )
+++ if ( !d->evtchn_fifo )
++ {
+++ struct vcpu *vcb;
+++
+++ for_each_vcpu ( d, vcb ) {
+++ rc = setup_control_block(vcb);
+++ if ( rc < 0 )
+++ goto error;
+++ }
+++
++ rc = setup_event_array(d);
++ if ( rc < 0 )
++- cleanup_control_block(v);
++- else
++- {
++- d->evtchn_port_ops = &evtchn_port_ops_fifo;
++- d->max_evtchns = EVTCHN_FIFO_NR_CHANNELS;
++- setup_ports(d);
++- }
+++ goto error;
+++
+++ rc = map_control_block(v, gfn, offset);
+++ if ( rc < 0 )
+++ goto error;
+++
+++ d->evtchn_port_ops = &evtchn_port_ops_fifo;
+++ d->max_evtchns = EVTCHN_FIFO_NR_CHANNELS;
+++ setup_ports(d);
++ }
+++ else
+++ rc = map_control_block(v, gfn, offset);
++
++ spin_unlock(&d->event_lock);
++
++ return rc;
+++
+++ error:
+++ evtchn_fifo_destroy(d);
+++ spin_unlock(&d->event_lock);
+++ return rc;
++ }
++
++ static int add_page_to_event_array(struct domain *d, unsigned long gfn)
diff --cc debian/patches/0034-x86-shadow-fix-race-condition-sampling-the-dirty-vra.patch
index 0000000,0000000..2dee3ba
new file mode 100644
--- /dev/null
+++ b/debian/patches/0034-x86-shadow-fix-race-condition-sampling-the-dirty-vra.patch
@@@ -1,0 -1,0 +1,57 @@@
++From e4aa132e656197ccd65e612f1e1dc49b1d46f8b9 Mon Sep 17 00:00:00 2001
++From: Andrew Cooper <andrew.cooper3 at citrix.com>
++Date: Tue, 23 Sep 2014 14:39:05 +0200
++Subject: x86/shadow: fix race condition sampling the dirty vram state
++
++d->arch.hvm_domain.dirty_vram must be read with the domain's paging lock held.
++
++If not, two concurrent hypercalls could both end up attempting to free
++dirty_vram (the second of which will free a wild pointer), or both end up
++allocating a new dirty_vram structure (the first of which will be leaked).
++
++This is XSA-104.
++
++Signed-off-by: Andrew Cooper <andrew.cooper3 at citrix.com>
++Reviewed-by: Tim Deegan <tim at xen.org>
++master commit: 46a49b91f1026f64430b84dd83e845a33f06415e
++master date: 2014-09-23 14:31:47 +0200
++---
++ xen/arch/x86/mm/shadow/common.c | 4 +++-
++ xen/include/asm-x86/hvm/domain.h | 2 +-
++ 2 files changed, 4 insertions(+), 2 deletions(-)
++
++diff --git a/xen/arch/x86/mm/shadow/common.c b/xen/arch/x86/mm/shadow/common.c
++index be095f6..3ed48c4 100644
++--- a/xen/arch/x86/mm/shadow/common.c
+++++ b/xen/arch/x86/mm/shadow/common.c
++@@ -3486,7 +3486,7 @@ int shadow_track_dirty_vram(struct domain *d,
++ int flush_tlb = 0;
++ unsigned long i;
++ p2m_type_t t;
++- struct sh_dirty_vram *dirty_vram = d->arch.hvm_domain.dirty_vram;
+++ struct sh_dirty_vram *dirty_vram;
++ struct p2m_domain *p2m = p2m_get_hostp2m(d);
++
++ if ( end_pfn < begin_pfn || end_pfn > p2m->max_mapped_pfn + 1 )
++@@ -3496,6 +3496,8 @@ int shadow_track_dirty_vram(struct domain *d,
++ p2m_lock(p2m_get_hostp2m(d));
++ paging_lock(d);
++
+++ dirty_vram = d->arch.hvm_domain.dirty_vram;
+++
++ if ( dirty_vram && (!nr ||
++ ( begin_pfn != dirty_vram->begin_pfn
++ || end_pfn != dirty_vram->end_pfn )) )
++diff --git a/xen/include/asm-x86/hvm/domain.h b/xen/include/asm-x86/hvm/domain.h
++index b1e3187..99c5e44 100644
++--- a/xen/include/asm-x86/hvm/domain.h
+++++ b/xen/include/asm-x86/hvm/domain.h
++@@ -67,7 +67,7 @@ struct hvm_domain {
++ /* Memory ranges with pinned cache attributes. */
++ struct list_head pinned_cacheattr_ranges;
++
++- /* VRAM dirty support. */
+++ /* VRAM dirty support. Protect with the domain paging lock. */
++ struct sh_dirty_vram *dirty_vram;
++
++ /* If one of vcpus of this domain is in no_fill_mode or
diff --cc debian/patches/0035-x86-emulate-check-cpl-for-all-privileged-instruction.patch
index 0000000,0000000..8b7dbd4
new file mode 100644
--- /dev/null
+++ b/debian/patches/0035-x86-emulate-check-cpl-for-all-privileged-instruction.patch
@@@ -1,0 -1,0 +1,47 @@@
++From 65f95b5c8bb858165c90155a95788fd66f447e1c Mon Sep 17 00:00:00 2001
++From: Andrew Cooper <andrew.cooper3 at citrix.com>
++Date: Tue, 23 Sep 2014 14:40:12 +0200
++Subject: x86/emulate: check cpl for all privileged instructions
++
++Without this, it is possible for userspace to load its own IDT or GDT.
++
++This is XSA-105.
++
++Reported-by: Andrei LUTAS <vlutas at bitdefender.com>
++Signed-off-by: Andrew Cooper <andrew.cooper3 at citrix.com>
++Tested-by: Andrei LUTAS <vlutas at bitdefender.com>
++Reviewed-by: Jan Beulich <jbeulich at suse.com>
++master commit: 0e442727ceccfa32a7276cccd205b4722e68fdc1
++master date: 2014-09-23 14:33:06 +0200
++---
++ xen/arch/x86/x86_emulate/x86_emulate.c | 3 +++
++ 1 file changed, 3 insertions(+)
++
++diff --git a/xen/arch/x86/x86_emulate/x86_emulate.c b/xen/arch/x86/x86_emulate/x86_emulate.c
++index 50d8965..4810e68 100644
++--- a/xen/arch/x86/x86_emulate/x86_emulate.c
+++++ b/xen/arch/x86/x86_emulate/x86_emulate.c
++@@ -3314,6 +3314,7 @@ x86_emulate(
++ goto swint;
++
++ case 0xf4: /* hlt */
+++ generate_exception_if(!mode_ring0(), EXC_GP, 0);
++ ctxt->retire.flags.hlt = 1;
++ break;
++
++@@ -3710,6 +3711,7 @@ x86_emulate(
++ break;
++ case 2: /* lgdt */
++ case 3: /* lidt */
+++ generate_exception_if(!mode_ring0(), EXC_GP, 0);
++ generate_exception_if(ea.type != OP_MEM, EXC_UD, -1);
++ fail_if(ops->write_segment == NULL);
++ memset(®, 0, sizeof(reg));
++@@ -3738,6 +3740,7 @@ x86_emulate(
++ case 6: /* lmsw */
++ fail_if(ops->read_cr == NULL);
++ fail_if(ops->write_cr == NULL);
+++ generate_exception_if(!mode_ring0(), EXC_GP, 0);
++ if ( (rc = ops->read_cr(0, &cr0, ctxt)) )
++ goto done;
++ if ( ea.type == OP_REG )
diff --cc debian/patches/0036-x86emul-only-emulate-software-interrupt-injection-fo.patch
index 0000000,0000000..6317de2
new file mode 100644
--- /dev/null
+++ b/debian/patches/0036-x86emul-only-emulate-software-interrupt-injection-fo.patch
@@@ -1,0 -1,0 +1,33 @@@
++From a22de27132bab557dcee6e5726d0145364cafcc9 Mon Sep 17 00:00:00 2001
++From: Jan Beulich <jbeulich at suse.com>
++Date: Tue, 23 Sep 2014 14:40:51 +0200
++Subject: x86emul: only emulate software interrupt injection for real mode
++
++Protected mode emulation currently lacks proper privilege checking of
++the referenced IDT entry, and there's currently no legitimate way for
++any of the respective instructions to reach the emulator when the guest
++is in protected mode.
++
++This is XSA-106.
++
++Reported-by: Andrei LUTAS <vlutas at bitdefender.com>
++Signed-off-by: Jan Beulich <jbeulich at suse.com>
++Acked-by: Keir Fraser <keir at xen.org>
++master commit: 346d4545569928b652c40c7815c1732676f8587c
++master date: 2014-09-23 14:33:50 +0200
++---
++ xen/arch/x86/x86_emulate/x86_emulate.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/xen/arch/x86/x86_emulate/x86_emulate.c b/xen/arch/x86/x86_emulate/x86_emulate.c
++index 4810e68..5fbe024 100644
++--- a/xen/arch/x86/x86_emulate/x86_emulate.c
+++++ b/xen/arch/x86/x86_emulate/x86_emulate.c
++@@ -2634,6 +2634,7 @@ x86_emulate(
++ case 0xcd: /* int imm8 */
++ src.val = insn_fetch_type(uint8_t);
++ swint:
+++ fail_if(!in_realmode(ctxt, ops)); /* XSA-106 */
++ fail_if(ops->inject_sw_interrupt == NULL);
++ rc = ops->inject_sw_interrupt(src.val, _regs.eip - ctxt->regs->eip,
++ ctxt) ? : X86EMUL_EXCEPTION;
diff --cc debian/patches/0037-x86-HVM-properly-bound-x2APIC-MSR-range.patch
index 0000000,0000000..42f8e85
new file mode 100644
--- /dev/null
+++ b/debian/patches/0037-x86-HVM-properly-bound-x2APIC-MSR-range.patch
@@@ -1,0 -1,0 +1,46 @@@
++From 1dd58bd5087cd48a4f5bd6dde2e6116ba95ee677 Mon Sep 17 00:00:00 2001
++From: Jan Beulich <jbeulich at suse.com>
++Date: Wed, 1 Oct 2014 14:59:00 +0200
++Subject: x86/HVM: properly bound x2APIC MSR range
++
++While the write path change appears to be purely cosmetic (but still
++gets done here for consistency), the read side mistake permitted
++accesses beyond the virtual APIC page.
++
++Note that while this isn't fully in line with the specification
++(digesting MSRs 0x800-0xBFF for the x2APIC), this is the minimal
++possible fix addressing the security issue and getting x2APIC related
++code into a consistent shape (elsewhere a 256 rather than 1024 wide
++window is being used too). This will be dealt with subsequently.
++
++This is CVE-2014-7188 / XSA-108.
++
++Signed-off-by: Jan Beulich <jbeulich at suse.com>
++master commit: 61fdda7acf3de11f3d50d50e5b4f4ecfac7e0d04
++master date: 2014-10-01 14:54:47 +0200
++---
++ xen/arch/x86/hvm/hvm.c | 4 ++--
++ 1 file changed, 2 insertions(+), 2 deletions(-)
++
++diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
++index be1a2d3..3289604 100644
++--- a/xen/arch/x86/hvm/hvm.c
+++++ b/xen/arch/x86/hvm/hvm.c
++@@ -3022,7 +3022,7 @@ int hvm_msr_read_intercept(unsigned int msr, uint64_t *msr_content)
++ *msr_content = vcpu_vlapic(v)->hw.apic_base_msr;
++ break;
++
++- case MSR_IA32_APICBASE_MSR ... MSR_IA32_APICBASE_MSR + 0x3ff:
+++ case MSR_IA32_APICBASE_MSR ... MSR_IA32_APICBASE_MSR + 0xff:
++ if ( hvm_x2apic_msr_read(v, msr, msr_content) )
++ goto gp_fault;
++ break;
++@@ -3148,7 +3148,7 @@ int hvm_msr_write_intercept(unsigned int msr, uint64_t msr_content)
++ vlapic_tdt_msr_set(vcpu_vlapic(v), msr_content);
++ break;
++
++- case MSR_IA32_APICBASE_MSR ... MSR_IA32_APICBASE_MSR + 0x3ff:
+++ case MSR_IA32_APICBASE_MSR ... MSR_IA32_APICBASE_MSR + 0xff:
++ if ( hvm_x2apic_msr_write(v, msr, msr_content) )
++ goto gp_fault;
++ break;
diff --cc debian/patches/0038-VT-d-suppress-UR-signaling-for-further-desktop-chips.patch
index 0000000,0000000..e501ee8
new file mode 100644
--- /dev/null
+++ b/debian/patches/0038-VT-d-suppress-UR-signaling-for-further-desktop-chips.patch
@@@ -1,0 -1,0 +1,42 @@@
++From a90ace8403cf00b7eacd5cf2df1d588e15fb5610 Mon Sep 17 00:00:00 2001
++From: Jan Beulich <jbeulich at suse.com>
++Date: Wed, 1 Oct 2014 15:06:39 +0200
++Subject: VT-d: suppress UR signaling for further desktop chipsets
++
++This extends commit d6cb14b34f ("VT-d: suppress UR signaling for
++desktop chipsets") as per the finally obtained list of affected
++chipsets from Intel.
++
++Also pad the IDs we had listed there before to full 4 hex digits.
++
++This is CVE-2013-3495 / XSA-59.
++
++Signed-off-by: Jan Beulich <jbeulich at suse.com>
++Acked-by: Yang Zhang <yang.z.zhang at intel.com>
++master commit: 3e2331d271cc0882e4013c8f20398c46c35f90a1
++master date: 2014-09-18 15:03:22 +0200
++---
++ xen/drivers/passthrough/vtd/quirks.c | 10 ++++++----
++ 1 file changed, 6 insertions(+), 4 deletions(-)
++
++diff --git a/xen/drivers/passthrough/vtd/quirks.c b/xen/drivers/passthrough/vtd/quirks.c
++index 647723d..2fac35d 100644
++--- a/xen/drivers/passthrough/vtd/quirks.c
+++++ b/xen/drivers/passthrough/vtd/quirks.c
++@@ -474,10 +474,12 @@ void pci_vtd_quirk(const struct pci_dev *pdev)
++ action, seg, bus, dev, func);
++ break;
++
++- case 0x100: case 0x104: case 0x108: /* Sandybridge */
++- case 0x150: case 0x154: case 0x158: /* Ivybridge */
++- case 0xa04: /* Haswell ULT */
++- case 0xc00: case 0xc04: case 0xc08: /* Haswell */
+++ case 0x0040: case 0x0044: case 0x0048: /* Nehalem/Westmere */
+++ case 0x0100: case 0x0104: case 0x0108: /* Sandybridge */
+++ case 0x0150: case 0x0154: case 0x0158: /* Ivybridge */
+++ case 0x0a04: /* Haswell ULT */
+++ case 0x0c00: case 0x0c04: case 0x0c08: /* Haswell */
+++ case 0x1600: case 0x1604: case 0x1608: /* Broadwell */
++ bar = pci_conf_read32(seg, bus, dev, func, 0x6c);
++ bar = (bar << 32) | pci_conf_read32(seg, bus, dev, func, 0x68);
++ pa = bar & 0x7ffffff000UL; /* bits 12...38 */
diff --cc debian/patches/series
index 01adedf,0000000..874c871
mode 100644,000000..100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@@ -1,32 -1,0 +1,38 @@@
+0001-version.patch
+0002-config-prefix.diff.patch
+0003-tools-libfsimage-abiname.diff.patch
+0004-tools-libxc-abiname.diff.patch
+0005-tools-libxl-abiname.diff.patch
+0006-tools-xenstat-abiname.diff.patch
+0007-tools-rpath.diff.patch
+0008-tools-blktap2-prefix.diff.patch
+0009-tools-console-prefix.diff.patch
+0010-tools-libfsimage-prefix.diff.patch
+0011-tools-libxl-prefix.diff.patch
+0012-tools-misc-prefix.diff.patch
+0013-tools-pygrub-prefix.diff.patch
+0014-tools-python-prefix.diff.patch
+0015-tools-xcutils-rpath.diff.patch
+0016-tools-xenmon-prefix.diff.patch
+0017-tools-xenpaging-prefix.diff.patch
+0018-tools-xenstat-prefix.diff.patch
+0019-tools-xenstore-prefix.diff.patch
+0020-tools-xentrace-prefix.diff.patch
+0021-tools-python-xen-relative-path.diff.patch
+0022-tools-misc-xend-startup.diff.patch
+0023-tools-disable.diff.patch
+0024-tools-examples-xend-disable-network.diff.patch
+0025-tools-examples-xend-disable-relocation.diff.patch
+0026-tools-pygrub-remove-static-solaris-support.patch
+0027-tools-include-install.diff.patch
+0028-tools-xenmon-install.diff.patch
+0029-tools-hotplug-udevrules.diff.patch
+0030-tools-python-shebang.diff.patch
+0031-tools-xenstore-compatibility.diff.patch
+0032-send-xl-coredumps-var-lib-xen-dump-NAME.patch
++0033-evtchn-check-control-block-exists-when-using-FIFO-ba.patch
++0034-x86-shadow-fix-race-condition-sampling-the-dirty-vra.patch
++0035-x86-emulate-check-cpl-for-all-privileged-instruction.patch
++0036-x86emul-only-emulate-software-interrupt-injection-fo.patch
++0037-x86-HVM-properly-bound-x2APIC-MSR-range.patch
++0038-VT-d-suppress-UR-signaling-for-further-desktop-chips.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-xen/xen.git
More information about the Pkg-xen-changes
mailing list